1 // Copyright (C) 1999,2000 Bruce Guenter <bruceg@em.ca>

     2 //

     3 // This program is free software; you can redistribute it and/or modify

     4 // it under the terms of the GNU General Public License as published by

     5 // the Free Software Foundation; either version 2 of the License, or

     6 // (at your option) any later version.

     7 //

     8 // This program is distributed in the hope that it will be useful,

     9 // but WITHOUT ANY WARRANTY; without even the implied warranty of

    10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

    11 // GNU General Public License for more details.

    12 //

    13 // You should have received a copy of the GNU General Public License

    14 // along with this program; if not, write to the Free Software

    15 // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

    16 

    17 #include <config.h>

    18 #include <unistd.h>

    19 #include <stdlib.h>

    20 #ifdef HAVE_CRYPT_H

    21 #include <crypt.h>

    22 #endif

    23 #include "pwcrypt.h"

    24 

    25 #ifndef HAVE_CRYPT

    26 char *crypt(const char *key, const char *salt);

    27 #endif

    28 

    29 #ifndef HAVE_RANDOM

    30 long int random(void);

    31 #endif

    32 

    33 #ifdef USE_CRYPT

    34 

    35 static const char passwd_table[65] =

    36 "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";

    37 

    38 bool crypt_cmp(const mystring& pass, const mystring& stored)

    39 {

    40   if(!stored || !pass)

    41     return false;

    42   const char* encrypted = crypt(pass.c_str(), stored.c_str());

    43   return stored == encrypted;

    44 }

    45 

    46 const char* pwcrypt(const mystring& pass)

    47 {

    48   char salt[2] = {

    49     passwd_table[random() % 64],

    50     passwd_table[random() % 64]

    51   };

    52   return crypt(pass.c_str(), salt);

    53 }

    54 

    55 #else // USE_CRYPT

    56 

    57 static const char passwd_table[65] =

    58 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";

    59 

    60 extern "C"

    61 {

    62 #include "md5.h"

    63 };

    64 

    65 static const char bin2hex_table[17] = "0123456789abcdef";

    66 

    67 #define OLD_MD5_CODE '3'

    68 

    69 static const char* encrypt_old_md5(const mystring& pass)

    70 {

    71   md5_ctx ctx;

    72   md5_init_ctx(&ctx);

    73   md5_process_bytes(pass.c_str(), pass.length(), &ctx);

    74   unsigned char md5[16];

    75   md5_finish_ctx(&ctx, md5);

    76   static char out[34];

    77   out[0] = OLD_MD5_CODE;

    78   for(unsigned i = 0; i < 16; i++) {

    79     out[i*2+1] = bin2hex_table[md5[i]>>4];

    80     out[i*2+2] = bin2hex_table[md5[i]&0xf];

    81   }

    82   out[33] = 0;

    83   return out;

    84 }

    85 

    86 extern "C" char *md5_crypt __P ((const char *key, const char *salt));

    87 

    88 bool crypt_cmp(const mystring& pass, const mystring& stored)

    89 {

    90   if(!stored || !pass)

    91     return false;

    92   const char* encrypted;

    93   if(stored.length() == 33 && stored[0] == OLD_MD5_CODE)

    94     encrypted = encrypt_old_md5(pass.c_str());

    95   else if(stored[0] == '$' && stored[1] == '1' && stored[2] == '$')

    96     encrypted = md5_crypt(pass.c_str(), stored.c_str());

    97   else

    98     encrypted = crypt(pass.c_str(), stored.c_str());

    99   return stored == encrypted;

   100 }

   101 

   102 const char* pwcrypt(const mystring& pass)

   103 {

   104   char salt[14] = "$1$";

   105   for(unsigned i = 3; i < 11; i++)

   106     salt[i] = passwd_table[random() % 64];

   107   salt[12] = 0;

   108   return md5_crypt(pass.c_str(), salt);

   109 }

   110 

   111 #endif // USE_MD5