imapext-2007

annotate src/c-client/auth_md5.c @ 4:d741b3ecc917

find changesets by author, revision, files, or words in the commit message
imapext-2007f
author HIROSE Yuuji <yuuji@gentei.org>
date Thu, 30 Oct 2014 00:03:05 +0900
parents 2366b362676d
children
rev   line source
yuuji@0 1 /* ========================================================================
yuuji@0 2 * Copyright 1988-2007 University of Washington
yuuji@0 3 *
yuuji@0 4 * Licensed under the Apache License, Version 2.0 (the "License");
yuuji@0 5 * you may not use this file except in compliance with the License.
yuuji@0 6 * You may obtain a copy of the License at
yuuji@0 7 *
yuuji@0 8 * http://www.apache.org/licenses/LICENSE-2.0
yuuji@0 9 *
yuuji@0 10 *
yuuji@0 11 * ========================================================================
yuuji@0 12 */
yuuji@0 13
yuuji@0 14 /*
yuuji@0 15 * Program: CRAM-MD5 authenticator
yuuji@0 16 *
yuuji@0 17 * Author: Mark Crispin
yuuji@0 18 * Networks and Distributed Computing
yuuji@0 19 * Computing & Communications
yuuji@0 20 * University of Washington
yuuji@0 21 * Administration Building, AG-44
yuuji@0 22 * Seattle, WA 98195
yuuji@0 23 * Internet: MRC@CAC.Washington.EDU
yuuji@0 24 *
yuuji@0 25 * Date: 21 October 1998
yuuji@0 26 * Last Edited: 30 January 2007
yuuji@0 27 */
yuuji@0 28
yuuji@0 29 /* MD5 context */
yuuji@0 30
yuuji@0 31 #define MD5BLKLEN 64 /* MD5 block length */
yuuji@0 32 #define MD5DIGLEN 16 /* MD5 digest length */
yuuji@0 33
yuuji@0 34 typedef struct {
yuuji@0 35 unsigned long chigh; /* high 32bits of byte count */
yuuji@0 36 unsigned long clow; /* low 32bits of byte count */
yuuji@0 37 unsigned long state[4]; /* state (ABCD) */
yuuji@0 38 unsigned char buf[MD5BLKLEN]; /* input buffer */
yuuji@0 39 unsigned char *ptr; /* buffer position */
yuuji@0 40 } MD5CONTEXT;
yuuji@0 41
yuuji@0 42
yuuji@0 43 /* Prototypes */
yuuji@0 44
yuuji@0 45 long auth_md5_valid (void);
yuuji@0 46 long auth_md5_client (authchallenge_t challenger,authrespond_t responder,
yuuji@0 47 char *service,NETMBX *mb,void *stream,
yuuji@0 48 unsigned long *trial,char *user);
yuuji@0 49 char *auth_md5_server (authresponse_t responder,int argc,char *argv[]);
yuuji@0 50 char *auth_md5_pwd (char *user);
yuuji@0 51 char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[]);
yuuji@0 52 char *hmac_md5 (char *text,unsigned long tl,char *key,unsigned long kl);
yuuji@0 53 void md5_init (MD5CONTEXT *ctx);
yuuji@0 54 void md5_update (MD5CONTEXT *ctx,unsigned char *data,unsigned long len);
yuuji@0 55 void md5_final (unsigned char *digest,MD5CONTEXT *ctx);
yuuji@0 56 static void md5_transform (unsigned long *state,unsigned char *block);
yuuji@0 57 static void md5_encode (unsigned char *dst,unsigned long *src,int len);
yuuji@0 58 static void md5_decode (unsigned long *dst,unsigned char *src,int len);
yuuji@0 59
yuuji@0 60
yuuji@0 61 /* Authenticator linkage */
yuuji@0 62
yuuji@0 63 AUTHENTICATOR auth_md5 = {
yuuji@0 64 AU_SECURE, /* secure authenticator */
yuuji@0 65 "CRAM-MD5", /* authenticator name */
yuuji@0 66 auth_md5_valid, /* check if valid */
yuuji@0 67 auth_md5_client, /* client method */
yuuji@0 68 auth_md5_server, /* server method */
yuuji@0 69 NIL /* next authenticator */
yuuji@0 70 };
yuuji@0 71
yuuji@0 72 /* Check if CRAM-MD5 valid on this system
yuuji@0 73 * Returns: T, always
yuuji@0 74 */
yuuji@0 75
yuuji@0 76 long auth_md5_valid (void)
yuuji@0 77 {
yuuji@4 78 #ifndef QMAIL /* qmail extension can always handle MD5 */
yuuji@0 79 struct stat sbuf;
yuuji@0 80 /* server forbids MD5 if no MD5 enable file */
yuuji@0 81 if (stat (MD5ENABLE,&sbuf)) auth_md5.server = NIL;
yuuji@4 82 #endif
yuuji@0 83 return T; /* MD5 is otherwise valid */
yuuji@0 84 }
yuuji@0 85
yuuji@0 86
yuuji@0 87 /* Client authenticator
yuuji@0 88 * Accepts: challenger function
yuuji@0 89 * responder function
yuuji@0 90 * SASL service name
yuuji@0 91 * parsed network mailbox structure
yuuji@0 92 * stream argument for functions
yuuji@0 93 * pointer to current trial count
yuuji@0 94 * returned user name
yuuji@0 95 * Returns: T if success, NIL otherwise, number of trials incremented if retry
yuuji@0 96 */
yuuji@0 97
yuuji@0 98 long auth_md5_client (authchallenge_t challenger,authrespond_t responder,
yuuji@0 99 char *service,NETMBX *mb,void *stream,
yuuji@0 100 unsigned long *trial,char *user)
yuuji@0 101 {
yuuji@0 102 char pwd[MAILTMPLEN];
yuuji@0 103 void *challenge;
yuuji@0 104 unsigned long clen;
yuuji@0 105 long ret = NIL;
yuuji@0 106 /* get challenge */
yuuji@0 107 if (challenge = (*challenger) (stream,&clen)) {
yuuji@0 108 pwd[0] = NIL; /* prompt user */
yuuji@0 109 mm_login (mb,user,pwd,*trial);
yuuji@0 110 if (!pwd[0]) { /* user requested abort */
yuuji@0 111 fs_give ((void **) &challenge);
yuuji@0 112 (*responder) (stream,NIL,0);
yuuji@0 113 *trial = 0; /* cancel subsequent attempts */
yuuji@0 114 ret = LONGT; /* will get a BAD response back */
yuuji@0 115 }
yuuji@0 116 else { /* got password, build response */
yuuji@0 117 sprintf (pwd,"%.65s %.33s",user,hmac_md5 (challenge,clen,
yuuji@0 118 pwd,strlen (pwd)));
yuuji@0 119 fs_give ((void **) &challenge);
yuuji@0 120 /* send credentials, allow retry if OK */
yuuji@0 121 if ((*responder) (stream,pwd,strlen (pwd))) {
yuuji@0 122 if (challenge = (*challenger) (stream,&clen))
yuuji@0 123 fs_give ((void **) &challenge);
yuuji@0 124 else {
yuuji@0 125 ++*trial; /* can try again if necessary */
yuuji@0 126 ret = LONGT; /* check the authentication */
yuuji@0 127 }
yuuji@0 128 }
yuuji@0 129 }
yuuji@0 130 }
yuuji@0 131 memset (pwd,0,MAILTMPLEN); /* erase password in case not overwritten */
yuuji@0 132 if (!ret) *trial = 65535; /* don't retry if bad protocol */
yuuji@0 133 return ret;
yuuji@0 134 }
yuuji@0 135
yuuji@0 136 /* Server authenticator
yuuji@0 137 * Accepts: responder function
yuuji@0 138 * argument count
yuuji@0 139 * argument vector
yuuji@0 140 * Returns: authenticated user name or NIL
yuuji@0 141 *
yuuji@0 142 * This is much hairier than it needs to be due to the necessary of zapping
yuuji@0 143 * the password data.
yuuji@0 144 */
yuuji@0 145
yuuji@0 146 static int md5try = MAXLOGINTRIALS;
yuuji@0 147
yuuji@0 148 char *auth_md5_server (authresponse_t responder,int argc,char *argv[])
yuuji@0 149 {
yuuji@0 150 char *ret = NIL;
yuuji@0 151 char *p,*u,*user,*authuser,*hash,chal[MAILTMPLEN];
yuuji@0 152 unsigned long cl,pl;
yuuji@0 153 /* generate challenge */
yuuji@0 154 sprintf (chal,"<%lu.%lu@%s>",(unsigned long) getpid (),
yuuji@0 155 (unsigned long) time (0),mylocalhost ());
yuuji@0 156 /* send challenge, get user and hash */
yuuji@0 157 if (user = (*responder) (chal,cl = strlen (chal),NIL)) {
yuuji@0 158 /* got user, locate hash */
yuuji@0 159 if (hash = strrchr (user,' ')) {
yuuji@0 160 *hash++ = '\0'; /* tie off user */
yuuji@0 161 /* see if authentication user */
yuuji@0 162 if (authuser = strchr (user,'*')) *authuser++ = '\0';
yuuji@0 163 /* get password */
yuuji@0 164 if (p = auth_md5_pwd ((authuser && *authuser) ? authuser : user)) {
yuuji@0 165 pl = strlen (p);
yuuji@0 166 u = (md5try && !strcmp (hash,hmac_md5 (chal,cl,p,pl))) ? user : NIL;
yuuji@0 167 memset (p,0,pl); /* erase sensitive information */
yuuji@0 168 fs_give ((void **) &p); /* flush erased password */
yuuji@0 169 /* now log in for real */
yuuji@0 170 if (u && authserver_login (u,authuser,argc,argv)) ret = myusername ();
yuuji@0 171 else if (md5try) --md5try;
yuuji@0 172 }
yuuji@0 173 }
yuuji@0 174 fs_give ((void **) &user);
yuuji@0 175 }
yuuji@0 176 if (!ret) sleep (3); /* slow down possible cracker */
yuuji@0 177 return ret;
yuuji@0 178 }
yuuji@0 179
yuuji@0 180 /* Return MD5 password for user
yuuji@0 181 * Accepts: user name
yuuji@0 182 * Returns: plaintext password if success, else NIL
yuuji@0 183 *
yuuji@0 184 * This is much hairier than it needs to be due to the necessary of zapping
yuuji@0 185 * the password data. That's why we don't use stdio here.
yuuji@0 186 */
yuuji@0 187
yuuji@0 188 char *auth_md5_pwd (char *user)
yuuji@0 189 {
yuuji@0 190 struct stat sbuf;
yuuji@4 191 #ifndef QMAIL
yuuji@0 192 int fd = open (MD5ENABLE,O_RDONLY,NIL);
yuuji@0 193 unsigned char *s,*t,*buf,*lusr,*lret;
yuuji@0 194 char *r;
yuuji@0 195 char *ret = NIL;
yuuji@0 196 if (fd >= 0) { /* found the file? */
yuuji@0 197 fstat (fd,&sbuf); /* yes, slurp it into memory */
yuuji@0 198 read (fd,buf = (char *) fs_get (sbuf.st_size + 1),sbuf.st_size);
yuuji@0 199 /* see if any uppercase characters in user */
yuuji@0 200 for (s = user; *s && ((*s < 'A') || (*s > 'Z')); s++);
yuuji@0 201 /* yes, make lowercase copy */
yuuji@0 202 lusr = *s ? lcase (cpystr (user)) : NIL;
yuuji@0 203 for (s = strtok_r ((char *) buf,"\015\012",&r),lret = NIL; s;
yuuji@0 204 s = ret ? NIL : strtok_r (NIL,"\015\012",&r))
yuuji@0 205 /* must be valid entry line */
yuuji@0 206 if (*s && (*s != '#') && (t = strchr (s,'\t')) && t[1]) {
yuuji@0 207 *t++ = '\0'; /* found tab, tie off user, point to pwd */
yuuji@0 208 if (!strcmp (s,user)) ret = cpystr (t);
yuuji@0 209 else if (lusr && !lret) if (!strcmp (s,lusr)) lret = t;
yuuji@0 210 }
yuuji@0 211 /* accept case-independent name */
yuuji@0 212 if (!ret && lret) ret = cpystr (lret);
yuuji@0 213 /* don't need lowercase copy any more */
yuuji@0 214 if (lusr) fs_give ((void **) &lusr);
yuuji@0 215 /* erase sensitive information from buffer */
yuuji@0 216 memset (buf,0,sbuf.st_size + 1);
yuuji@0 217 fs_give ((void **) &buf); /* flush the buffer */
yuuji@0 218 close (fd); /* don't need file any longer */
yuuji@0 219 }
yuuji@4 220 #else
yuuji@4 221 # ifndef USERAPOPFILE
yuuji@4 222 # define USERAPOPFILE ".apop"
yuuji@4 223 # endif
yuuji@4 224 # ifndef XADDR_DELIM
yuuji@4 225 # ifdef POSTFIX /* Same if-condition is in maildir.c.. sorry */
yuuji@4 226 # define XADDR_DELIM "+"
yuuji@4 227 # else
yuuji@4 228 # define XADDR_DELIM "-"
yuuji@4 229 # endif
yuuji@4 230 # endif
yuuji@4 231 extern char *myMailSuffix;
yuuji@4 232 char mycrypt[BUFSIZ+1];
yuuji@4 233 char *ret = NIL, *tmp=NIL;
yuuji@4 234 FILE *apopfile = NIL;
yuuji@4 235 struct passwd *pw = getpwnam(user);
yuuji@4 236 if (!pw) pw = getpwnam(lcase(tmp=cpystr(user)));
yuuji@4 237 if (!pw && strstr(user, XADDR_DELIM)) { /* Check qmail alias */
yuuji@4 238 char tmp[BUFSIZ];
yuuji@4 239 char *s = user;
yuuji@4 240 memset(tmp, 0, BUFSIZ);
yuuji@4 241 while (*s && s && !pw) {
yuuji@4 242 s = strstr(s, XADDR_DELIM);
yuuji@4 243 if (!s) break;
yuuji@4 244 strncpy(tmp, user, s-user);
yuuji@4 245 s++;
yuuji@4 246 pw = getpwnam(tmp);
yuuji@4 247 }
yuuji@4 248 if (pw) {
yuuji@4 249 myMailSuffix = lcase(cpystr(s-1));
yuuji@4 250 user[strlen(tmp)] = '\0'; /* zap suffix */
yuuji@4 251 }
yuuji@4 252 }
yuuji@4 253 if (pw) {
yuuji@4 254 snprintf(mycrypt, BUFSIZ, "%s/%s", pw->pw_dir, USERAPOPFILE);
yuuji@4 255 if (NIL != myMailSuffix) strcat(mycrypt, myMailSuffix);
yuuji@4 256 if (stat(mycrypt, &sbuf) < 0) {
yuuji@4 257 /* printf("Cannot stat [%s]\015\n", mycrypt); */
yuuji@4 258 return ret;
yuuji@4 259 }
yuuji@4 260 if (sbuf.st_mode & ~(S_IFREG | S_IREAD | S_IWRITE)) {
yuuji@4 261 /* printf("Your apoppassword file is readable by others. Do chmod 600 %s%c\n", mycrypt, 015); */
yuuji@4 262 return ret;
yuuji@4 263 }
yuuji@4 264 #ifdef APOPOPEN
yuuji@4 265 if (stat(APOPOPEN, &sbuf) >= 0) { /* if APPOPEN exists */
yuuji@4 266 /* read apop password via APOPOPEN program */
yuuji@4 267 int bytes = 3+strlen(APOPOPEN)+strlen(mycrypt);
yuuji@4 268 char *aproc = (char*) fs_get(bytes);
yuuji@4 269 snprintf(aproc, bytes, "%s %s%c", APOPOPEN, mycrypt, '\0');
yuuji@4 270 apopfile = popen(aproc, "r");
yuuji@4 271 memset(aproc, 0, bytes);
yuuji@4 272 fs_give((void**)&aproc);
yuuji@4 273 }
yuuji@4 274 #endif /* APOPOPEN */
yuuji@4 275 if ((NIL!=apopfile) || (apopfile = fopen( mycrypt, "r" ))) {
yuuji@4 276 fgets(mycrypt, sizeof(mycrypt) - 1, apopfile);
yuuji@4 277 fclose(apopfile);
yuuji@4 278 if (mycrypt[0]) {
yuuji@4 279 char p = strlen(mycrypt);
yuuji@4 280 while (p > 0 && (mycrypt[p-1] == '\n' || mycrypt[p-1] == '\r')) {
yuuji@4 281 mycrypt[--p] = '\0'; /* zap trailing newlines */
yuuji@4 282 }
yuuji@4 283 }
yuuji@4 284 } else {
yuuji@4 285 return ret;
yuuji@4 286 }
yuuji@4 287 ret = cpystr(mycrypt);
yuuji@4 288 memset(mycrypt, 0, sizeof(mycrypt));
yuuji@4 289 }
yuuji@4 290 #endif /* if QMAIL */
yuuji@0 291 return ret; /* return password */
yuuji@0 292 }
yuuji@0 293
yuuji@0 294 /* APOP server login
yuuji@0 295 * Accepts: challenge
yuuji@0 296 * desired user name
yuuji@0 297 * purported MD5
yuuji@0 298 * argument count
yuuji@0 299 * argument vector
yuuji@0 300 * Returns: authenticated user name or NIL
yuuji@0 301 */
yuuji@0 302
yuuji@0 303 char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[])
yuuji@0 304 {
yuuji@0 305 int i,j;
yuuji@0 306 char *ret = NIL;
yuuji@0 307 char *s,*authuser,tmp[MAILTMPLEN];
yuuji@4 308 #ifdef QMAIL
yuuji@4 309 char *userback = cpystr(user);
yuuji@4 310 #endif
yuuji@0 311 unsigned char digest[MD5DIGLEN];
yuuji@0 312 MD5CONTEXT ctx;
yuuji@0 313 char *hex = "0123456789abcdef";
yuuji@0 314 /* see if authentication user */
yuuji@0 315 if (authuser = strchr (user,'*')) *authuser++ = '\0';
yuuji@0 316 /* get password */
yuuji@0 317 if (s = auth_md5_pwd ((authuser && *authuser) ? authuser : user)) {
yuuji@0 318 md5_init (&ctx); /* initialize MD5 context */
yuuji@0 319 /* build string to get MD5 digest */
yuuji@0 320 sprintf (tmp,"%.128s%.128s",chal,s);
yuuji@0 321 memset (s,0,strlen (s)); /* erase sensitive information */
yuuji@0 322 fs_give ((void **) &s); /* flush erased password */
yuuji@0 323 md5_update (&ctx,(unsigned char *) tmp,strlen (tmp));
yuuji@0 324 memset (tmp,0,MAILTMPLEN); /* erase sensitive information */
yuuji@0 325 md5_final (digest,&ctx);
yuuji@0 326 /* convert to printable hex */
yuuji@0 327 for (i = 0, s = tmp; i < MD5DIGLEN; i++) {
yuuji@0 328 *s++ = hex[(j = digest[i]) >> 4];
yuuji@0 329 *s++ = hex[j & 0xf];
yuuji@0 330 }
yuuji@0 331 *s = '\0'; /* tie off hash text */
yuuji@0 332 memset (digest,0,MD5DIGLEN);/* erase sensitive information */
yuuji@0 333 if (md5try && !strcmp (md5,tmp) &&
yuuji@0 334 authserver_login (user,authuser,argc,argv))
yuuji@0 335 ret = cpystr (myusername ());
yuuji@0 336 else if (md5try) --md5try;
yuuji@0 337 memset (tmp,0,MAILTMPLEN); /* erase sensitive information */
yuuji@0 338 }
yuuji@0 339 if (!ret) sleep (3); /* slow down possible cracker */
yuuji@4 340 else {
yuuji@4 341 extern void permitsmtp();
yuuji@4 342 /* permitsmtp();*/
yuuji@4 343 }
yuuji@4 344 #ifdef QMAIL
yuuji@4 345 return (ret) ? userback : ret;
yuuji@4 346 #else
yuuji@0 347 return ret;
yuuji@4 348 #endif
yuuji@0 349 }
yuuji@0 350
yuuji@0 351 /*
yuuji@0 352 * RFC 2104 HMAC hashing
yuuji@0 353 * Accepts: text to hash
yuuji@0 354 * text length
yuuji@0 355 * key
yuuji@0 356 * key length
yuuji@0 357 * Returns: hash as text, always
yuuji@0 358 */
yuuji@0 359
yuuji@0 360 char *hmac_md5 (char *text,unsigned long tl,char *key,unsigned long kl)
yuuji@0 361 {
yuuji@0 362 int i,j;
yuuji@0 363 static char hshbuf[2*MD5DIGLEN + 1];
yuuji@0 364 char *s;
yuuji@0 365 MD5CONTEXT ctx;
yuuji@0 366 char *hex = "0123456789abcdef";
yuuji@0 367 unsigned char digest[MD5DIGLEN],k_ipad[MD5BLKLEN+1],k_opad[MD5BLKLEN+1];
yuuji@0 368 if (kl > MD5BLKLEN) { /* key longer than pad length? */
yuuji@0 369 md5_init (&ctx); /* yes, set key as MD5(key) */
yuuji@0 370 md5_update (&ctx,(unsigned char *) key,kl);
yuuji@0 371 md5_final (digest,&ctx);
yuuji@0 372 key = (char *) digest;
yuuji@0 373 kl = MD5DIGLEN;
yuuji@0 374 }
yuuji@0 375 memcpy (k_ipad,key,kl); /* store key in pads */
yuuji@0 376 memset (k_ipad+kl,0,(MD5BLKLEN+1)-kl);
yuuji@0 377 memcpy (k_opad,k_ipad,MD5BLKLEN+1);
yuuji@0 378 /* XOR key with ipad and opad values */
yuuji@0 379 for (i = 0; i < MD5BLKLEN; i++) {
yuuji@0 380 k_ipad[i] ^= 0x36;
yuuji@0 381 k_opad[i] ^= 0x5c;
yuuji@0 382 }
yuuji@0 383 md5_init (&ctx); /* inner MD5: hash ipad and text */
yuuji@0 384 md5_update (&ctx,k_ipad,MD5BLKLEN);
yuuji@0 385 md5_update (&ctx,(unsigned char *) text,tl);
yuuji@0 386 md5_final (digest,&ctx);
yuuji@0 387 md5_init (&ctx); /* outer MD5: hash opad and inner results */
yuuji@0 388 md5_update (&ctx,k_opad,MD5BLKLEN);
yuuji@0 389 md5_update (&ctx,digest,MD5DIGLEN);
yuuji@0 390 md5_final (digest,&ctx);
yuuji@0 391 /* convert to printable hex */
yuuji@0 392 for (i = 0, s = hshbuf; i < MD5DIGLEN; i++) {
yuuji@0 393 *s++ = hex[(j = digest[i]) >> 4];
yuuji@0 394 *s++ = hex[j & 0xf];
yuuji@0 395 }
yuuji@0 396 *s = '\0'; /* tie off hash text */
yuuji@0 397 return hshbuf;
yuuji@0 398 }
yuuji@0 399
yuuji@0 400 /* Everything after this point is derived from the RSA Data Security, Inc.
yuuji@0 401 * MD5 Message-Digest Algorithm
yuuji@0 402 */
yuuji@0 403
yuuji@0 404 /* You may wonder why these strange "a &= 0xffffffff;" statements are here.
yuuji@0 405 * This is to ensure correct results on machines with a unsigned long size of
yuuji@0 406 * larger than 32 bits.
yuuji@0 407 */
yuuji@0 408
yuuji@0 409 #define RND1(a,b,c,d,x,s,ac) \
yuuji@0 410 a += ((b & c) | (d & ~b)) + x + (unsigned long) ac; \
yuuji@0 411 a &= 0xffffffff; \
yuuji@0 412 a = b + ((a << s) | (a >> (32 - s)));
yuuji@0 413
yuuji@0 414 #define RND2(a,b,c,d,x,s,ac) \
yuuji@0 415 a += ((b & d) | (c & ~d)) + x + (unsigned long) ac; \
yuuji@0 416 a &= 0xffffffff; \
yuuji@0 417 a = b + ((a << s) | (a >> (32 - s)));
yuuji@0 418
yuuji@0 419 #define RND3(a,b,c,d,x,s,ac) \
yuuji@0 420 a += (b ^ c ^ d) + x + (unsigned long) ac; \
yuuji@0 421 a &= 0xffffffff; \
yuuji@0 422 a = b + ((a << s) | (a >> (32 - s)));
yuuji@0 423
yuuji@0 424 #define RND4(a,b,c,d,x,s,ac) \
yuuji@0 425 a += (c ^ (b | ~d)) + x + (unsigned long) ac; \
yuuji@0 426 a &= 0xffffffff; \
yuuji@0 427 a = b + ((a << s) | (a >> (32 - s)));
yuuji@0 428
yuuji@0 429 /* Initialize MD5 context
yuuji@0 430 * Accepts: context to initialize
yuuji@0 431 */
yuuji@0 432
yuuji@0 433 void md5_init (MD5CONTEXT *ctx)
yuuji@0 434 {
yuuji@0 435 ctx->clow = ctx->chigh = 0; /* initialize byte count to zero */
yuuji@0 436 /* initialization constants */
yuuji@0 437 ctx->state[0] = 0x67452301; ctx->state[1] = 0xefcdab89;
yuuji@0 438 ctx->state[2] = 0x98badcfe; ctx->state[3] = 0x10325476;
yuuji@0 439 ctx->ptr = ctx->buf; /* reset buffer pointer */
yuuji@0 440 }
yuuji@0 441
yuuji@0 442
yuuji@0 443 /* MD5 add data to context
yuuji@0 444 * Accepts: context
yuuji@0 445 * input data
yuuji@0 446 * length of data
yuuji@0 447 */
yuuji@0 448
yuuji@0 449 void md5_update (MD5CONTEXT *ctx,unsigned char *data,unsigned long len)
yuuji@0 450 {
yuuji@0 451 unsigned long i = (ctx->buf + MD5BLKLEN) - ctx->ptr;
yuuji@0 452 /* update double precision number of bytes */
yuuji@0 453 if ((ctx->clow += len) < len) ctx->chigh++;
yuuji@0 454 while (i <= len) { /* copy/transform data, 64 bytes at a time */
yuuji@0 455 memcpy (ctx->ptr,data,i); /* fill up 64 byte chunk */
yuuji@0 456 md5_transform (ctx->state,ctx->ptr = ctx->buf);
yuuji@0 457 data += i,len -= i,i = MD5BLKLEN;
yuuji@0 458 }
yuuji@0 459 memcpy (ctx->ptr,data,len); /* copy final bit of data in buffer */
yuuji@0 460 ctx->ptr += len; /* update buffer pointer */
yuuji@0 461 }
yuuji@0 462
yuuji@0 463 /* MD5 Finalization
yuuji@0 464 * Accepts: destination digest
yuuji@0 465 * context
yuuji@0 466 */
yuuji@0 467
yuuji@0 468 void md5_final (unsigned char *digest,MD5CONTEXT *ctx)
yuuji@0 469 {
yuuji@0 470 unsigned long i,bits[2];
yuuji@0 471 bits[0] = ctx->clow << 3; /* calculate length in bits (before padding) */
yuuji@0 472 bits[1] = (ctx->chigh << 3) + (ctx->clow >> 29);
yuuji@0 473 *ctx->ptr++ = 0x80; /* padding byte */
yuuji@0 474 if ((i = (ctx->buf + MD5BLKLEN) - ctx->ptr) < 8) {
yuuji@0 475 memset (ctx->ptr,0,i); /* pad out buffer with zeros */
yuuji@0 476 md5_transform (ctx->state,ctx->buf);
yuuji@0 477 /* pad out with zeros, leaving 8 bytes */
yuuji@0 478 memset (ctx->buf,0,MD5BLKLEN - 8);
yuuji@0 479 ctx->ptr = ctx->buf + MD5BLKLEN - 8;
yuuji@0 480 }
yuuji@0 481 else if (i -= 8) { /* need to pad this buffer? */
yuuji@0 482 memset (ctx->ptr,0,i); /* yes, pad out with zeros, leaving 8 bytes */
yuuji@0 483 ctx->ptr += i;
yuuji@0 484 }
yuuji@0 485 md5_encode (ctx->ptr,bits,2); /* make LSB-first length */
yuuji@0 486 md5_transform (ctx->state,ctx->buf);
yuuji@0 487 /* store state in digest */
yuuji@0 488 md5_encode (digest,ctx->state,4);
yuuji@0 489 /* erase context */
yuuji@0 490 memset (ctx,0,sizeof (MD5CONTEXT));
yuuji@0 491 }
yuuji@0 492
yuuji@0 493 /* MD5 basic transformation
yuuji@0 494 * Accepts: state vector
yuuji@0 495 * current 64-byte block
yuuji@0 496 */
yuuji@0 497
yuuji@0 498 static void md5_transform (unsigned long *state,unsigned char *block)
yuuji@0 499 {
yuuji@0 500 unsigned long a = state[0],b = state[1],c = state[2],d = state[3],x[16];
yuuji@0 501 md5_decode (x,block,16); /* decode into 16 longs */
yuuji@0 502 /* round 1 */
yuuji@0 503 RND1 (a,b,c,d,x[ 0], 7,0xd76aa478); RND1 (d,a,b,c,x[ 1],12,0xe8c7b756);
yuuji@0 504 RND1 (c,d,a,b,x[ 2],17,0x242070db); RND1 (b,c,d,a,x[ 3],22,0xc1bdceee);
yuuji@0 505 RND1 (a,b,c,d,x[ 4], 7,0xf57c0faf); RND1 (d,a,b,c,x[ 5],12,0x4787c62a);
yuuji@0 506 RND1 (c,d,a,b,x[ 6],17,0xa8304613); RND1 (b,c,d,a,x[ 7],22,0xfd469501);
yuuji@0 507 RND1 (a,b,c,d,x[ 8], 7,0x698098d8); RND1 (d,a,b,c,x[ 9],12,0x8b44f7af);
yuuji@0 508 RND1 (c,d,a,b,x[10],17,0xffff5bb1); RND1 (b,c,d,a,x[11],22,0x895cd7be);
yuuji@0 509 RND1 (a,b,c,d,x[12], 7,0x6b901122); RND1 (d,a,b,c,x[13],12,0xfd987193);
yuuji@0 510 RND1 (c,d,a,b,x[14],17,0xa679438e); RND1 (b,c,d,a,x[15],22,0x49b40821);
yuuji@0 511 /* round 2 */
yuuji@0 512 RND2 (a,b,c,d,x[ 1], 5,0xf61e2562); RND2 (d,a,b,c,x[ 6], 9,0xc040b340);
yuuji@0 513 RND2 (c,d,a,b,x[11],14,0x265e5a51); RND2 (b,c,d,a,x[ 0],20,0xe9b6c7aa);
yuuji@0 514 RND2 (a,b,c,d,x[ 5], 5,0xd62f105d); RND2 (d,a,b,c,x[10], 9, 0x2441453);
yuuji@0 515 RND2 (c,d,a,b,x[15],14,0xd8a1e681); RND2 (b,c,d,a,x[ 4],20,0xe7d3fbc8);
yuuji@0 516 RND2 (a,b,c,d,x[ 9], 5,0x21e1cde6); RND2 (d,a,b,c,x[14], 9,0xc33707d6);
yuuji@0 517 RND2 (c,d,a,b,x[ 3],14,0xf4d50d87); RND2 (b,c,d,a,x[ 8],20,0x455a14ed);
yuuji@0 518 RND2 (a,b,c,d,x[13], 5,0xa9e3e905); RND2 (d,a,b,c,x[ 2], 9,0xfcefa3f8);
yuuji@0 519 RND2 (c,d,a,b,x[ 7],14,0x676f02d9); RND2 (b,c,d,a,x[12],20,0x8d2a4c8a);
yuuji@0 520 /* round 3 */
yuuji@0 521 RND3 (a,b,c,d,x[ 5], 4,0xfffa3942); RND3 (d,a,b,c,x[ 8],11,0x8771f681);
yuuji@0 522 RND3 (c,d,a,b,x[11],16,0x6d9d6122); RND3 (b,c,d,a,x[14],23,0xfde5380c);
yuuji@0 523 RND3 (a,b,c,d,x[ 1], 4,0xa4beea44); RND3 (d,a,b,c,x[ 4],11,0x4bdecfa9);
yuuji@0 524 RND3 (c,d,a,b,x[ 7],16,0xf6bb4b60); RND3 (b,c,d,a,x[10],23,0xbebfbc70);
yuuji@0 525 RND3 (a,b,c,d,x[13], 4,0x289b7ec6); RND3 (d,a,b,c,x[ 0],11,0xeaa127fa);
yuuji@0 526 RND3 (c,d,a,b,x[ 3],16,0xd4ef3085); RND3 (b,c,d,a,x[ 6],23, 0x4881d05);
yuuji@0 527 RND3 (a,b,c,d,x[ 9], 4,0xd9d4d039); RND3 (d,a,b,c,x[12],11,0xe6db99e5);
yuuji@0 528 RND3 (c,d,a,b,x[15],16,0x1fa27cf8); RND3 (b,c,d,a,x[ 2],23,0xc4ac5665);
yuuji@0 529 /* round 4 */
yuuji@0 530 RND4 (a,b,c,d,x[ 0], 6,0xf4292244); RND4 (d,a,b,c,x[ 7],10,0x432aff97);
yuuji@0 531 RND4 (c,d,a,b,x[14],15,0xab9423a7); RND4 (b,c,d,a,x[ 5],21,0xfc93a039);
yuuji@0 532 RND4 (a,b,c,d,x[12], 6,0x655b59c3); RND4 (d,a,b,c,x[ 3],10,0x8f0ccc92);
yuuji@0 533 RND4 (c,d,a,b,x[10],15,0xffeff47d); RND4 (b,c,d,a,x[ 1],21,0x85845dd1);
yuuji@0 534 RND4 (a,b,c,d,x[ 8], 6,0x6fa87e4f); RND4 (d,a,b,c,x[15],10,0xfe2ce6e0);
yuuji@0 535 RND4 (c,d,a,b,x[ 6],15,0xa3014314); RND4 (b,c,d,a,x[13],21,0x4e0811a1);
yuuji@0 536 RND4 (a,b,c,d,x[ 4], 6,0xf7537e82); RND4 (d,a,b,c,x[11],10,0xbd3af235);
yuuji@0 537 RND4 (c,d,a,b,x[ 2],15,0x2ad7d2bb); RND4 (b,c,d,a,x[ 9],21,0xeb86d391);
yuuji@0 538 /* update state */
yuuji@0 539 state[0] += a; state[1] += b; state[2] += c; state[3] += d;
yuuji@0 540 memset (x,0,sizeof (x)); /* erase sensitive data */
yuuji@0 541 }
yuuji@0 542
yuuji@0 543 /* You may wonder why these strange "& 0xff" maskings are here. This is to
yuuji@0 544 * ensure correct results on machines with a char size of larger than 8 bits.
yuuji@0 545 * For example, the KCC compiler on the PDP-10 uses 9-bit chars.
yuuji@0 546 */
yuuji@0 547
yuuji@0 548 /* MD5 encode unsigned long into LSB-first bytes
yuuji@0 549 * Accepts: destination pointer
yuuji@0 550 * source
yuuji@0 551 * length of source
yuuji@0 552 */
yuuji@0 553
yuuji@0 554 static void md5_encode (unsigned char *dst,unsigned long *src,int len)
yuuji@0 555 {
yuuji@0 556 int i;
yuuji@0 557 for (i = 0; i < len; i++) {
yuuji@0 558 *dst++ = (unsigned char) (src[i] & 0xff);
yuuji@0 559 *dst++ = (unsigned char) ((src[i] >> 8) & 0xff);
yuuji@0 560 *dst++ = (unsigned char) ((src[i] >> 16) & 0xff);
yuuji@0 561 *dst++ = (unsigned char) ((src[i] >> 24) & 0xff);
yuuji@0 562 }
yuuji@0 563 }
yuuji@0 564
yuuji@0 565
yuuji@0 566 /* MD5 decode LSB-first bytes into unsigned long
yuuji@0 567 * Accepts: destination pointer
yuuji@0 568 * source
yuuji@0 569 * length of destination
yuuji@0 570 */
yuuji@0 571
yuuji@0 572 static void md5_decode (unsigned long *dst,unsigned char *src,int len)
yuuji@0 573 {
yuuji@0 574 int i, j;
yuuji@0 575 for (i = 0, j = 0; i < len; i++, j += 4)
yuuji@0 576 dst[i] = ((unsigned long) (src[j] & 0xff)) |
yuuji@0 577 (((unsigned long) (src[j+1] & 0xff)) << 8) |
yuuji@0 578 (((unsigned long) (src[j+2] & 0xff)) << 16) |
yuuji@0 579 (((unsigned long) (src[j+3] & 0xff)) << 24);
yuuji@0 580 }

UW-IMAP'd extensions by yuuji