diff -Nu checkpassword-0.90-sql/Makefile checkpassword-0.90-new/Makefile --- checkpassword-0.90-sql/Makefile Tue Oct 28 19:50:47 2003 +++ checkpassword-0.90-new/Makefile Tue Oct 28 23:35:29 2003 @@ -160,6 +160,10 @@ compile hier.c auto_home.h ./compile hier.c +hmac_md5.o: \ +compile hmac_md5.c hmac_md5.h + ./compile hmac_md5.c + install: \ load install.o hier.o auto_home.o unix.a byte.a ./load install hier.o auto_home.o unix.a byte.a @@ -207,6 +211,14 @@ ) > makelib chmod 755 makelib +md5asc.o: \ +compile md5asc.c md5asc.h + ./compile md5asc.c + +md5c.o: \ +compile md5c.c md5.h + ./compile md5c.c + open_read.o: \ compile open_read.c open.h ./compile open_read.c @@ -309,13 +321,15 @@ buffer_get.o buffer_put.o env.o error.o error_str.o open_read.o \ open_trunc.o pathexec_env.o pathexec_run.o prot.o stralloc_cat.o \ stralloc_catb.o stralloc_cats.o stralloc_eady.o stralloc_opyb.o \ -stralloc_opys.o stralloc_pend.o strerr_die.o strerr_sys.o +stralloc_opys.o stralloc_pend.o strerr_die.o strerr_sys.o md5c.o \ +md5asc.o hmac_md5.o ./makelib unix.a alloc.o alloc_re.o buffer.o buffer_2.o \ buffer_copy.o buffer_get.o buffer_put.o env.o error.o \ error_str.o open_read.o open_trunc.o pathexec_env.o \ pathexec_run.o prot.o stralloc_cat.o stralloc_catb.o \ stralloc_cats.o stralloc_eady.o stralloc_opyb.o \ - stralloc_opys.o stralloc_pend.o strerr_die.o strerr_sys.o + stralloc_opys.o stralloc_pend.o strerr_die.o strerr_sys.o \ + md5c.o md5asc.o hmac_md5.o # Copied from Qmail 1.03 haswaitp.h: \ diff -Nu checkpassword-0.90-sql/README_SQL checkpassword-0.90-new/README_SQL --- checkpassword-0.90-sql/README_SQL Wed Dec 31 19:00:00 1969 +++ checkpassword-0.90-new/README_SQL Wed Oct 29 03:15:26 2003 @@ -0,0 +1,45 @@ +There are two distinct modes of operation: encrypted and plaintext. +Encrypted mode requires passwords in the database to be encrypted, +and plaintext mode requires passwords in the database to be plain +text. The distinction is important because certain authentication +mechanisms (like CRAM-MD5 and APOP) require plaintext passwords. The +options you choose will determine which mode you get. If conflicting +options are specified, compilation will abort with an error. + +Encrypted mode supports two types of authentication: CRYPT and +MD5_PLAIN. CRYPT mode expects the passwords in your database to be +hashed with the standard crypt() function. This alone is the default, +backwards compatible mode. To enable CRYPT authentication, specify +-DCRYPT in conf-cc. + +Encrypted mode also supports MD5_PLAIN authentication. This mode +expects the passwords in your database to be hashed with the MD5 +algorithm. To enable MD5_PLAIN authentication, specify -DMD5_PLAIN. + +If you would like the special combination mode which allows the use +of both CRYPT and MD5_PLAIN at the same time, specify both -DCRYPT +and -DMD5_PLAIN. You may mix and match CRYPT and MD5_PLAIN passwords +in the database, and checkpassword will automatically detect the +type and utilize the appropriate method. + +Plaintext mode supports three types of authentication: PLAIN, APOP, +and CRAM-MD5. With PLAIN mode, specified by -DPLAIN, authentication +is performed by a straight string comparison against the stored +password. If you would like to enable APOP authentication, specify +-DAPOP. If you would like to enable CRAM-MD5 authentication, specify +-DCRAM_MD5. Any combination of the three plaintext types is allowed. +If PLAIN is selected in combination with APOP and/or CRAM-MD5, then +APOP and/or CRAM-MD5 will be tried first, and failing that, a PLAIN +check will be made. + +Other defines available: + +-DSHOW_FAIL + Show bad passwords in log when authentication fails. + +-DLOG_EMPTY + Generate a log entry when an empty password is encountered. + +-DDEBUG + Show extra authentication information in the log. This includes + passwords, so use with care! diff -Nu checkpassword-0.90-sql/TARGETS checkpassword-0.90-new/TARGETS --- checkpassword-0.90-sql/TARGETS Tue Oct 28 19:50:47 2003 +++ checkpassword-0.90-new/TARGETS Wed Oct 29 03:10:07 2003 @@ -63,3 +63,6 @@ wait_pid.o checksmtpauth.o checksmtpauth +md5c.o +md5asc.o +hmac_md5.o diff -Nu checkpassword-0.90-sql/checkpassword.c checkpassword-0.90-new/checkpassword.c --- checkpassword-0.90-sql/checkpassword.c Tue Oct 28 19:50:47 2003 +++ checkpassword-0.90-new/checkpassword.c Wed Oct 29 03:06:57 2003 @@ -4,7 +4,59 @@ #include "prot.h" #include +#ifdef CRYPT +#define ENCRYPTED +#endif /* CRYPT */ + +#ifdef MD5_PLAIN +#define ENCRYPTED +#define REQUIRES_MD5 +#endif /* MD5_PLAIN */ + +#ifdef PLAIN +#define PLAINTEXT +#endif /* PLAIN */ + +#ifdef CRAM_MD5 +#define PLAINTEXT +#define REQUIRES_MD5 +#define REQUIRES_HMAC +#define REQUIRES_RESPONSE +#endif /* CRAM_MD5 */ + +#ifdef APOP +#define PLAINTEXT +#define REQUIRES_MD5 +#define REQUIRES_RESPONSE +#endif /* APOP */ + +#ifdef ENCRYPTED +#ifdef PLAINTEXT +#ERROR__CONFLICTING_DEFINES_SEE_README_SQL +#endif /* PLAINTEXT */ +#endif /* ENCRYPTED */ + +#ifndef ENCRYPTED +#ifndef PLAINTEXT +#ERROR__MISSING_REQUIRED_DEFINES_SEE_README_SQL +#endif /* PLAINTEXT */ +#endif /* ENCRYPTED */ + +#ifdef CRYPT extern char *crypt(); +#endif /* CRYPT */ + +#ifdef REQUIRES_MD5 +#include +#include "global.h" +#include "md5.h" +#include "md5asc.h" +#endif /* REQUIRES_MD5 */ + +#ifdef REQUIRES_HMAC +#include "hmac_md5.h" +#endif /* REQUIRES_HMAC */ + #include static struct passwd *pw; @@ -31,8 +83,15 @@ main(int argc,char **argv) { char *login; - char *password; - char *encrypted; + char *chalpass; +#ifdef REQUIRES_RESPONSE + char *response; +#endif /* REQUIRES_RESPONSE */ +#ifdef REQUIRES_MD5 + MD5_CTX context; + unsigned char md5_bin[16]; + char md5_asc[33]; +#endif /* REQUIRES_MD5 */ char *stored; int r; int i; @@ -60,9 +119,12 @@ if (i >= uplen) _exit(2); login = up + i; while (up[i++]) if (i >= uplen) _exit(2); - password = up + i; + chalpass = up + i; if (i >= uplen) _exit(2); while (up[i++]) if (i >= uplen) _exit(2); +#ifdef REQUIRES_RESPONSE + response = up + i; +#endif /* REQUIRES_RESPONSE */ really_use_db=sql_get_config(&sqlconfig); virtual_host=login; @@ -124,14 +186,163 @@ } } if (!stored) _exit(1); - - encrypted = crypt(password,stored); - - if (!*stored || strcmp(encrypted,stored)) { - syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password"); - _exit(1); + + if (!*stored) { +#ifdef LOG_EMPTY + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: empty password"); +#endif /* LOG_EMPTY */ + _exit(1); } +#ifdef DEBUG + syslog (LOG_NOTICE | LOG_MAIL, "DEBUG login = %s", login); + syslog (LOG_NOTICE | LOG_MAIL, "DEBUG challenge/password = %s", chalpass); +#ifdef REQUIRES_RESPONSE + syslog (LOG_NOTICE | LOG_MAIL, "DEBUG response/timestamp = %s", response); +#endif /* REQUIRES_RESPONSE */ +#endif /* DEBUG */ + +#ifdef CRAM_MD5 + if (*chalpass == '<' && *response != '<' && strlen(response) == 32) { + hmac_md5(chalpass, strlen(chalpass), stored, strlen(stored), md5_bin); + md5asc(md5_bin, md5_asc); + if (strcmp(md5_asc, response)) { +#ifdef SHOW_FAIL + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (CRAM-MD5) [%s]", response); +#else /* SHOW_FAIL */ + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (CRAM-MD5)"); +#endif /* SHOW_FAIL */ + _exit(1); + } + } +#endif /* CRAM_MD5 */ + +#ifdef CRAM_MD5 +#ifdef APOP + else { +#endif /* APOP */ +#ifdef PLAIN +#ifndef APOP + else { +#endif /* APOP */ +#endif /* PLAIN */ +#endif /* CRAM_MD5 */ + +#ifdef APOP + if (*chalpass != '<' && *response == '<' && strlen(chalpass) == 32) { + MD5Init(&context); + MD5Update(&context, response, strlen(response)); + MD5Update(&context, stored, strlen(stored)); + MD5Final(md5_bin, &context); + md5asc(md5_bin, md5_asc); + if (strcmp(md5_asc, chalpass)) { +#ifdef SHOW_FAIL + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (APOP) [%s]", chalpass); +#else /* SHOW_FAIL */ + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (APOP)"); +#endif /* SHOW_FAIL */ + _exit(1); + } + } +#endif /* APOP */ + +#ifdef APOP +#ifdef PLAIN + else { +#endif /* PLAIN */ +#endif /* APOP */ + +#ifdef PLAIN + if (strcmp(chalpass, stored)) { +#ifdef SHOW_FAIL + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (PLAIN) [%s]", chalpass); +#else /* SHOW_FAIL */ + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (PLAIN)"); +#endif /* SHOW_FAIL */ + _exit(1); + } +#endif /* PLAIN */ + +#ifdef PLAINTEXT +#ifndef PLAIN + else { +#ifdef SHOW_FAIL + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: unsupported password format [%s]", chalpass); +#else /* SHOW_FAIL */ + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: unsupported password format"); +#endif /* SHOW_FAIL */ + _exit(1); + } +#endif /* PLAIN */ +#endif /* PLAINTEXT */ + +#ifdef APOP +#ifdef PLAIN + } +#endif /* PLAIN */ +#endif /* APOP */ + +#ifdef CRAM_MD5 +#ifdef APOP + } +#endif /* APOP */ +#ifdef PLAIN +#ifndef APOP + } +#endif /* APOP */ +#endif /* PLAIN */ +#endif /* CRAM_MD5 */ + +#ifdef CRYPT + if (strlen(stored) == 13) { + if (strcmp((char *)crypt(chalpass,stored), stored)) { +#ifdef SHOW_FAIL + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (CRYPT) [%s]", chalpass); +#else /* SHOW_FAIL */ + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (CRYPT)"); +#endif /* SHOW_FAIL */ + _exit(1); + } + } +#ifdef MD5_PLAIN + else { +#endif /* MD5_PLAIN */ +#endif /* CRYPT */ + +#ifdef MD5_PLAIN + if (strlen(stored) == 32) { + MD5Init(&context); + MD5Update(&context, chalpass, strlen(chalpass)); + MD5Final(md5_bin, &context); + md5asc(md5_bin, md5_asc); + if (strcmp(md5_asc, stored)) { +#ifdef SHOW_FAIL + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (MD5) [%s]", chalpass); +#else + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: bad password (MD5)"); +#endif + _exit(1); + } + } +#endif /* MD5_PLAIN */ + +#ifdef ENCRYPTED + else { +#ifdef SHOW_FAIL + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: unsupported password format [%s]", chalpass); +#else + syslog (LOG_NOTICE | LOG_MAIL, "Authentication failed: unsupported password format"); +#endif + _exit(1); + } +#endif /* ENCRYPTED */ + +#ifdef CRYPT +#ifdef MD5_PLAIN + } +#endif /* MD5_PLAIN */ +#endif /* CRYPT */ + #ifndef SMTP_AUTH if(stat(pw->pw_dir,&st) != 0 && sqlconfig.autohomedir && stat(sqlconfig.autohomedir,&st) == 0) { diff -Nu checkpassword-0.90-sql/conf-cc checkpassword-0.90-new/conf-cc --- checkpassword-0.90-sql/conf-cc Sat Dec 23 01:40:46 2000 +++ checkpassword-0.90-new/conf-cc Wed Oct 29 03:10:27 2003 @@ -1,3 +1,3 @@ -gcc -O2 +gcc -O2 -DLOG_EMPTY -DCRYPT This will be used to compile .c files. diff -Nu checkpassword-0.90-sql/global.h checkpassword-0.90-new/global.h --- checkpassword-0.90-sql/global.h Wed Dec 31 19:00:00 1969 +++ checkpassword-0.90-new/global.h Mon Oct 27 23:53:32 2003 @@ -0,0 +1,48 @@ +/* GLOBAL.H - RSAREF types and constants */ + +#include + +/* Copyright (C) RSA Laboratories, a division of RSA Data Security, + Inc., created 1991. All rights reserved. + */ + +#ifndef _GLOBAL_H_ +#define _GLOBAL_H_ 1 + +/* PROTOTYPES should be set to one if and only if the compiler supports + function argument prototyping. + The following makes PROTOTYPES default to 1 if it has not already been + defined as 0 with C compiler flags. + */ +#ifndef PROTOTYPES +#define PROTOTYPES 1 +#endif + +/* POINTER defines a generic pointer type */ +typedef unsigned char *POINTER; + +/* UINT2 defines a two byte word */ +typedef unsigned short int UINT2; + +/* UINT4 defines a four byte word */ +typedef unsigned long int UINT4; + +#ifndef NULL_PTR +#define NULL_PTR ((POINTER)0) +#endif + +#ifndef UNUSED_ARG +#define UNUSED_ARG(x) x = *(&x); +#endif + +/* PROTO_LIST is defined depending on how PROTOTYPES is defined above. + If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it + returns an empty list. + */ +#if PROTOTYPES +#define PROTO_LIST(list) list +#else +#define PROTO_LIST(list) () +#endif + +#endif /* end _GLOBAL_H_ */ diff -Nu checkpassword-0.90-sql/hmac_md5.c checkpassword-0.90-new/hmac_md5.c --- checkpassword-0.90-sql/hmac_md5.c Wed Dec 31 19:00:00 1969 +++ checkpassword-0.90-new/hmac_md5.c Mon Oct 27 23:53:32 2003 @@ -0,0 +1,42 @@ +#include "global.h" +#include "md5.h" + +/* See RFC2104 */ + +void hmac_md5 (unsigned char *text, int text_len, unsigned char *key, int key_len, unsigned char *digest) +{ + MD5_CTX context; + unsigned char k_ipad[65]; + unsigned char k_opad[65]; + unsigned char tk[16]; + int i; + + if (key_len > 64) { + MD5_CTX tctx; + MD5Init(&tctx); + MD5Update(&tctx, key, key_len); + MD5Final(tk, &tctx); + key = tk; + key_len = 16; + } + + bzero(k_ipad, sizeof k_ipad); + bzero(k_opad, sizeof k_opad); + bcopy(key, k_ipad, key_len); + bcopy(key, k_opad, key_len); + + for (i = 0; i < 64; i++) { + k_ipad[i] ^= 0x36; + k_opad[i] ^= 0x5c; + } + + MD5Init(&context); + MD5Update(&context, k_ipad, 64); + MD5Update(&context, text, text_len); + MD5Final(digest, &context); + + MD5Init(&context); + MD5Update(&context, k_opad, 64); + MD5Update(&context, digest, 16); + MD5Final(digest, &context); +} diff -Nu checkpassword-0.90-sql/hmac_md5.h checkpassword-0.90-new/hmac_md5.h --- checkpassword-0.90-sql/hmac_md5.h Wed Dec 31 19:00:00 1969 +++ checkpassword-0.90-new/hmac_md5.h Tue Oct 28 20:53:30 2003 @@ -0,0 +1 @@ +void hmac_md5(unsigned char* text, int text_len, unsigned char* key, int key_len, unsigned char* digest); diff -Nu checkpassword-0.90-sql/md5.h checkpassword-0.90-new/md5.h --- checkpassword-0.90-sql/md5.h Wed Dec 31 19:00:00 1969 +++ checkpassword-0.90-new/md5.h Mon Oct 27 23:53:32 2003 @@ -0,0 +1,49 @@ +/* MD5.H - header file for MD5C.C + */ + +/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All + rights reserved. + + License to copy and use this software is granted provided that it + is identified as the "RSA Data Security, Inc. MD5 Message-Digest + Algorithm" in all material mentioning or referencing this software + or this function. + + License is also granted to make and use derivative works provided + that such works are identified as "derived from the RSA Data + Security, Inc. MD5 Message-Digest Algorithm" in all material + mentioning or referencing the derived work. + + RSA Data Security, Inc. makes no representations concerning either + the merchantability of this software or the suitability of this + software for any particular purpose. It is provided "as is" + without express or implied warranty of any kind. + + These notices must be retained in any copies of any part of this + documentation and/or software. + */ + +#ifndef _MD5_H_ +#define _MD5_H_ 1 + +#ifdef __cplusplus +extern "C" { +#endif + +/* MD5 context. */ +typedef struct { + UINT4 state[4]; /* state (ABCD) */ + UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */ + unsigned char buffer[64]; /* input buffer */ +} MD5_CTX; + +void MD5Init PROTO_LIST ((MD5_CTX *)); +void MD5Update PROTO_LIST + ((MD5_CTX *, unsigned char *, unsigned int)); +void MD5Final PROTO_LIST ((unsigned char [16], MD5_CTX *)); + +#ifdef __cplusplus +} +#endif + +#endif diff -Nu checkpassword-0.90-sql/md5asc.c checkpassword-0.90-new/md5asc.c --- checkpassword-0.90-sql/md5asc.c Wed Dec 31 19:00:00 1969 +++ checkpassword-0.90-new/md5asc.c Tue Oct 28 23:53:33 2003 @@ -0,0 +1,11 @@ +#include "md5asc.h" + +void md5asc (unsigned char *bin, char *asc) +{ + int i; + for (i = 0; i < 16; i++) { + asc[i << 1] = hexmap[bin[i] >> 4]; + asc[(i << 1) + 1] = hexmap[bin[i] & 0x0f]; + } + asc[32] = '\0'; +} diff -Nu checkpassword-0.90-sql/md5asc.h checkpassword-0.90-new/md5asc.h --- checkpassword-0.90-sql/md5asc.h Wed Dec 31 19:00:00 1969 +++ checkpassword-0.90-new/md5asc.h Tue Oct 28 23:23:19 2003 @@ -0,0 +1,8 @@ +#ifndef MD5ASC_H +#define MD5ASC_H + +static char hexmap[] = "0123456789abcdef"; + +void md5asc (unsigned char *bin, char *asc); + +#endif /* MD5ASC_H */ diff -Nu checkpassword-0.90-sql/md5c.c checkpassword-0.90-new/md5c.c --- checkpassword-0.90-sql/md5c.c Wed Dec 31 19:00:00 1969 +++ checkpassword-0.90-new/md5c.c Mon Oct 27 23:53:32 2003 @@ -0,0 +1,334 @@ +/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm + */ + +/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All + rights reserved. + + License to copy and use this software is granted provided that it + is identified as the "RSA Data Security, Inc. MD5 Message-Digest + Algorithm" in all material mentioning or referencing this software + or this function. + + License is also granted to make and use derivative works provided + that such works are identified as "derived from the RSA Data + Security, Inc. MD5 Message-Digest Algorithm" in all material + mentioning or referencing the derived work. + + RSA Data Security, Inc. makes no representations concerning either + the merchantability of this software or the suitability of this + software for any particular purpose. It is provided "as is" + without express or implied warranty of any kind. + + These notices must be retained in any copies of any part of this + documentation and/or software. + */ + +#include "global.h" +#include "md5.h" + +/* Constants for MD5Transform routine. + */ +#define S11 7 +#define S12 12 +#define S13 17 +#define S14 22 +#define S21 5 +#define S22 9 +#define S23 14 +#define S24 20 +#define S31 4 +#define S32 11 +#define S33 16 +#define S34 23 +#define S41 6 +#define S42 10 +#define S43 15 +#define S44 21 + +static void MD5Transform PROTO_LIST ((UINT4 [4], unsigned char [64])); +static void Encode PROTO_LIST + ((unsigned char *, UINT4 *, unsigned int)); +static void Decode PROTO_LIST + ((UINT4 *, unsigned char *, unsigned int)); +static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int)); +static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int)); + +static unsigned char PADDING[64] = { + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* F, G, H and I are basic MD5 functions. + */ +#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) +#define G(x, y, z) (((x) & (z)) | ((y) & (~z))) +#define H(x, y, z) ((x) ^ (y) ^ (z)) +#define I(x, y, z) ((y) ^ ((x) | (~z))) + +/* ROTATE_LEFT rotates x left n bits. + */ +#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) + +/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. + Rotation is separate from addition to prevent recomputation. + */ +#define FF(a, b, c, d, x, s, ac) { \ + (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + } +#define GG(a, b, c, d, x, s, ac) { \ + (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + } +#define HH(a, b, c, d, x, s, ac) { \ + (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + } +#define II(a, b, c, d, x, s, ac) { \ + (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + } + +/* MD5 initialization. Begins an MD5 operation, writing a new context. + */ +void MD5Init (context) +MD5_CTX *context; /* context */ +{ + context->count[0] = context->count[1] = 0; + + /* Load magic initialization constants. + */ + context->state[0] = 0x67452301; + context->state[1] = 0xefcdab89; + context->state[2] = 0x98badcfe; + context->state[3] = 0x10325476; +} + +/* MD5 block update operation. Continues an MD5 message-digest + operation, processing another message block, and updating the + context. + */ +void MD5Update (context, input, inputLen) +MD5_CTX *context; /* context */ +unsigned char *input; /* input block */ +unsigned int inputLen; /* length of input block */ +{ + unsigned int i, index, partLen; + + /* Compute number of bytes mod 64 */ + index = (unsigned int)((context->count[0] >> 3) & 0x3F); + + /* Update number of bits */ + if ((context->count[0] += ((UINT4)inputLen << 3)) + < ((UINT4)inputLen << 3)) + context->count[1]++; + context->count[1] += ((UINT4)inputLen >> 29); + + partLen = 64 - index; + + /* Transform as many times as possible. + */ + if (inputLen >= partLen) { + MD5_memcpy + ((POINTER)&context->buffer[index], (POINTER)input, partLen); + MD5Transform (context->state, context->buffer); + + for (i = partLen; i + 63 < inputLen; i += 64) + MD5Transform (context->state, &input[i]); + + index = 0; + } + else + i = 0; + + /* Buffer remaining input */ + MD5_memcpy + ((POINTER)&context->buffer[index], (POINTER)&input[i], + inputLen-i); +} + +/* MD5 finalization. Ends an MD5 message-digest operation, writing the + the message digest and zeroizing the context. + */ +void MD5Final (digest, context) +unsigned char digest[16]; /* message digest */ +MD5_CTX *context; /* context */ +{ + unsigned char bits[8]; + unsigned int index, padLen; + + /* Save number of bits */ + Encode (bits, context->count, 8); + + /* Pad out to 56 mod 64. + */ + index = (unsigned int)((context->count[0] >> 3) & 0x3f); + padLen = (index < 56) ? (56 - index) : (120 - index); + MD5Update (context, PADDING, padLen); + + /* Append length (before padding) */ + MD5Update (context, bits, 8); + + /* Store state in digest */ + Encode (digest, context->state, 16); + + /* Zeroize sensitive information. + */ + MD5_memset ((POINTER)context, 0, sizeof (*context)); +} + +/* MD5 basic transformation. Transforms state based on block. + */ +static void MD5Transform (state, block) +UINT4 state[4]; +unsigned char block[64]; +{ + UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; + + Decode (x, block, 64); + + /* Round 1 */ + FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ + FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ + FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ + FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ + FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ + FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ + FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ + FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ + FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ + FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ + FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ + FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ + FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ + FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ + FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ + FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ + + /* Round 2 */ + GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ + GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ + GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ + GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ + GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ + GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ + GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ + GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ + GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ + GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ + GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ + GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ + GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ + GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ + GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ + GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ + + /* Round 3 */ + HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ + HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ + HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ + HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ + HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ + HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ + HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ + HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ + HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ + HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ + HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ + HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ + HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ + HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ + HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ + HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ + + /* Round 4 */ + II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ + II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ + II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ + II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ + II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ + II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ + II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ + II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ + II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ + II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ + II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ + II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ + II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ + II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ + II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ + II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ + + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + + /* Zeroize sensitive information. + */ + MD5_memset ((POINTER)x, 0, sizeof (x)); +} + +/* Encodes input (UINT4) into output (unsigned char). Assumes len is + a multiple of 4. + */ +static void Encode (output, input, len) +unsigned char *output; +UINT4 *input; +unsigned int len; +{ + unsigned int i, j; + + for (i = 0, j = 0; j < len; i++, j += 4) { + output[j] = (unsigned char)(input[i] & 0xff); + output[j+1] = (unsigned char)((input[i] >> 8) & 0xff); + output[j+2] = (unsigned char)((input[i] >> 16) & 0xff); + output[j+3] = (unsigned char)((input[i] >> 24) & 0xff); + } +} + +/* Decodes input (unsigned char) into output (UINT4). Assumes len is + a multiple of 4. + */ +static void Decode (output, input, len) +UINT4 *output; +unsigned char *input; +unsigned int len; +{ + unsigned int i, j; + + for (i = 0, j = 0; j < len; i++, j += 4) + output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | + (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24); +} + +/* Note: Replace "for loop" with standard memcpy if possible. + */ +static void MD5_memcpy (output, input, len) +POINTER output; +POINTER input; +unsigned int len; +{ + unsigned int i; + + for (i = 0; i < len; i++) + output[i] = input[i]; +} + +/* Note: Replace "for loop" with standard memset if possible. + */ +static void MD5_memset (output, value, len) +POINTER output; +int value; +unsigned int len; +{ + unsigned int i; + + for (i = 0; i < len; i++) + ((char *)output)[i] = (char)value; +}