Back to index

openldap  2.4.31
Defines | Functions | Variables
apr1.c File Reference
#include <lber.h>
#include <lber_pvt.h>
#include "lutil.h"
#include "lutil_md5.h"
#include <ac/string.h>
#include <assert.h>

Go to the source code of this file.

Defines

#define APR_SALT_SIZE   8

Functions

static void do_phk_hash (const struct berval *passwd, const struct berval *salt, const struct berval *magic, unsigned char *digest)
static int chk_phk (const struct berval *magic, const struct berval *passwd, const struct berval *cred, const char **text)
static int chk_apr1 (const struct berval *scheme, const struct berval *passwd, const struct berval *cred, const char **text)
static int chk_bsdmd5 (const struct berval *scheme, const struct berval *passwd, const struct berval *cred, const char **text)
static int hash_phk (const struct berval *scheme, const struct berval *magic, const struct berval *passwd, struct berval *hash, const char **text)
static int hash_apr1 (const struct berval *scheme, const struct berval *passwd, struct berval *hash, const char **text)
static int hash_bsdmd5 (const struct berval *scheme, const struct berval *passwd, struct berval *hash, const char **text)
int init_module (int argc, char *argv[])

Variables

static LUTIL_PASSWD_CHK_FUNC chk_apr1
static LUTIL_PASSWD_HASH_FUNC hash_apr1
static struct berval = BER_BVC("{APR1}")
static LUTIL_PASSWD_CHK_FUNC chk_bsdmd5
static LUTIL_PASSWD_HASH_FUNC hash_bsdmd5
static const unsigned char apr64 [] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"

Define Documentation

#define APR_SALT_SIZE   8

Definition at line 43 of file apr1.c.


Function Documentation

static int chk_apr1 ( const struct berval scheme,
const struct berval passwd,
const struct berval cred,
const char **  text 
) [static]

Definition at line 157 of file apr1.c.

{
       return chk_phk(&magic_apr1, passwd, cred, text);
}

Here is the call graph for this function:

static int chk_bsdmd5 ( const struct berval scheme,
const struct berval passwd,
const struct berval cred,
const char **  text 
) [static]

Definition at line 166 of file apr1.c.

{
       return chk_phk(&magic_bsdmd5, passwd, cred, text);
}

Here is the call graph for this function:

static int chk_phk ( const struct berval magic,
const struct berval passwd,
const struct berval cred,
const char **  text 
) [static]

Definition at line 114 of file apr1.c.

{
       unsigned char digest[LUTIL_MD5_BYTES];
       unsigned char *orig_pass;
       int rc, n;
       struct berval salt;

       /* safety check */
       n = LUTIL_BASE64_DECODE_LEN(passwd->bv_len);
       if (n <= sizeof(digest))
              return LUTIL_PASSWD_ERR;

       /* base64 un-encode password hash */
       orig_pass = (unsigned char *) ber_memalloc((size_t) (n + 1));

       if (orig_pass == NULL)
              return LUTIL_PASSWD_ERR;

       rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);

       if (rc <= (int) sizeof(digest)) {
              ber_memfree(orig_pass);
              return LUTIL_PASSWD_ERR;
       }

       salt.bv_val = (char *) &orig_pass[sizeof(digest)];
       salt.bv_len = rc - sizeof(digest);

       do_phk_hash(cred, magic, &salt, digest);

       if (text)
              *text = NULL;

       /* compare */
       rc = memcmp((char *) orig_pass, (char *) digest, sizeof(digest));
       ber_memfree(orig_pass);
       return rc ?  LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void do_phk_hash ( const struct berval passwd,
const struct berval salt,
const struct berval magic,
unsigned char *  digest 
) [static]

Definition at line 54 of file apr1.c.

{
       lutil_MD5_CTX ctx, ctx1;
       int n;

       /* Start hashing */
       lutil_MD5Init(&ctx);
       lutil_MD5Update(&ctx, (const unsigned char *) passwd->bv_val, passwd->bv_len);
       lutil_MD5Update(&ctx, (const unsigned char *) magic->bv_val, magic->bv_len);
       lutil_MD5Update(&ctx, (const unsigned char *) salt->bv_val, salt->bv_len);
       /* Inner hash */
       lutil_MD5Init(&ctx1);
       lutil_MD5Update(&ctx1, (const unsigned char *) passwd->bv_val, passwd->bv_len);
       lutil_MD5Update(&ctx1, (const unsigned char *) salt->bv_val, salt->bv_len);
       lutil_MD5Update(&ctx1, (const unsigned char *) passwd->bv_val, passwd->bv_len);
       lutil_MD5Final(digest, &ctx1);
       /* Nom start mixing things up */
       for (n = passwd->bv_len; n > 0; n -= LUTIL_MD5_BYTES)
              lutil_MD5Update(&ctx, digest,
                            (n > LUTIL_MD5_BYTES ? LUTIL_MD5_BYTES : n));
       memset(digest, 0, LUTIL_MD5_BYTES);
       /* Curiouser and curiouser... */
       for (n = passwd->bv_len; n; n >>= 1)
              if (n & 1)
                     lutil_MD5Update(&ctx, digest, 1);
              else
                     lutil_MD5Update(&ctx, (const unsigned char *) passwd->bv_val, 1);
       lutil_MD5Final(digest, &ctx);
       /*
        * Repeatedly hash things into the final value. This was originally
        * intended to slow the algorithm down.
        */
       for (n = 0; n < 1000; n++) {
              lutil_MD5Init(&ctx1);
              if (n & 1)
                     lutil_MD5Update(&ctx1,
                            (const unsigned char *) passwd->bv_val, passwd->bv_len);
              else
                     lutil_MD5Update(&ctx1, digest, LUTIL_MD5_BYTES);

              if (n % 3)
                     lutil_MD5Update(&ctx1,
                            (const unsigned char *) salt->bv_val, salt->bv_len);
              if (n % 7)
                     lutil_MD5Update(&ctx1,
                            (const unsigned char *) passwd->bv_val, passwd->bv_len);

              if (n & 1)
                     lutil_MD5Update(&ctx1, digest, LUTIL_MD5_BYTES);
              else
                     lutil_MD5Update(&ctx1,
                            (const unsigned char *) passwd->bv_val, passwd->bv_len);
              lutil_MD5Final(digest, &ctx1);
       }
}

Here is the call graph for this function:

Here is the caller graph for this function:

static int hash_apr1 ( const struct berval scheme,
const struct berval passwd,
struct berval hash,
const char **  text 
) [static]

Definition at line 208 of file apr1.c.

{
       return hash_phk(scheme, &magic_apr1, passwd, hash, text);
}

Here is the call graph for this function:

static int hash_bsdmd5 ( const struct berval scheme,
const struct berval passwd,
struct berval hash,
const char **  text 
) [static]

Definition at line 217 of file apr1.c.

{
       return hash_phk(scheme, &magic_bsdmd5, passwd, hash, text);
}

Here is the call graph for this function:

static int hash_phk ( const struct berval scheme,
const struct berval magic,
const struct berval passwd,
struct berval hash,
const char **  text 
) [static]

Definition at line 175 of file apr1.c.

{
       unsigned char digest_buf[LUTIL_MD5_BYTES];
       char salt_buf[APR_SALT_SIZE];
       struct berval digest;
       struct berval salt;
       int n;

       digest.bv_val = (char *) digest_buf;
       digest.bv_len = sizeof(digest_buf);
       salt.bv_val = salt_buf;
       salt.bv_len = APR_SALT_SIZE;

       /* generate random salt */
       if (lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0)
              return LUTIL_PASSWD_ERR; 
       /* limit it to characters in the 64-char set */
       for (n = 0; n < salt.bv_len; n++)
              salt.bv_val[n] = apr64[salt.bv_val[n] % (sizeof(apr64) - 1)];

       do_phk_hash(passwd, magic, &salt, digest_buf);

       if (text)
              *text = NULL;

       return lutil_passwd_string64(scheme, &digest, hash, &salt);
}

Here is the call graph for this function:

Here is the caller graph for this function:

int init_module ( int  argc,
char *  argv[] 
)

Definition at line 226 of file apr1.c.

                                        {
       int rc;
       rc = lutil_passwd_add((struct berval *) &scheme_apr1, chk_apr1, hash_apr1);
       if ( !rc )
              rc = lutil_passwd_add((struct berval *) &scheme_bsdmd5,
                     chk_bsdmd5, hash_bsdmd5);
       return rc;
}

Here is the call graph for this function:


Variable Documentation

const unsigned char apr64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" [static]

Definition at line 40 of file apr1.c.

static struct berval = BER_BVC("{APR1}") [static]

Definition at line 32 of file apr1.c.

Definition at line 30 of file apr1.c.

Definition at line 35 of file apr1.c.

Definition at line 31 of file apr1.c.

Definition at line 36 of file apr1.c.