1 /* $OpenLDAP$ */
2 /*
3 * This file is derived from OpenLDAP Software. All of the modifications to
4 * OpenLDAP Software represented in the following file were developed by
5 * Devin J. Pohly <djpohly@gmail.com>. I have not assigned rights and/or
6 * interest in this work to any party.
7 *
8 * The extensions to OpenLDAP Software herein are subject to the following
9 * notice:
10 *
11 * Copyright 2011 Devin J. Pohly
12 * Portions Copyright 2011 Howard Chu
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted only as authorized by the OpenLDAP Public
15 * License.
16 *
17 * A portion of this code is used in accordance with the Beer-ware License,
18 * revision 42, as noted.
19 *
20 */
21
22 #include "portable.h"
23
24 #include <lber.h>
25 #include <lber_pvt.h>
26 #include "lutil.h"
27 #include "lutil_md5.h"
28 #include <ac/string.h>
29
30 #include <assert.h>
31
32 /* the only difference between this and straight PHK is the magic */
33 static LUTIL_PASSWD_CHK_FUNC chk_apr1;
34 static LUTIL_PASSWD_HASH_FUNC hash_apr1;
35 static const struct berval scheme_apr1 = BER_BVC("{APR1}");
36 static const struct berval magic_apr1 = BER_BVC("$apr1$");
37
38 static LUTIL_PASSWD_CHK_FUNC chk_bsdmd5;
39 static LUTIL_PASSWD_HASH_FUNC hash_bsdmd5;
40 static const struct berval scheme_bsdmd5 = BER_BVC("{BSDMD5}");
41 static const struct berval magic_bsdmd5 = BER_BVC("$1$");
42
43 static const unsigned char apr64[] =
44 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
45
46 #define APR_SALT_SIZE 8
47
48 /* The algorithm implemented in this function was created by Poul-Henning
49 * Kamp and released under the following license:
50 * ----------------------------------------------------------------------------
51 * "THE BEER-WARE LICENSE" (Revision 42):
52 * <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you
53 * can do whatever you want with this stuff. If we meet some day, and you think
54 * this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp
55 * ----------------------------------------------------------------------------
56 */
do_phk_hash(const struct berval * passwd,const struct berval * salt,const struct berval * magic,unsigned char * digest)57 static void do_phk_hash(
58 const struct berval *passwd,
59 const struct berval *salt,
60 const struct berval *magic,
61 unsigned char *digest)
62 {
63 lutil_MD5_CTX ctx, ctx1;
64 int n;
65
66 /* Start hashing */
67 lutil_MD5Init(&ctx);
68 lutil_MD5Update(&ctx, (const unsigned char *) passwd->bv_val, passwd->bv_len);
69 lutil_MD5Update(&ctx, (const unsigned char *) magic->bv_val, magic->bv_len);
70 lutil_MD5Update(&ctx, (const unsigned char *) salt->bv_val, salt->bv_len);
71 /* Inner hash */
72 lutil_MD5Init(&ctx1);
73 lutil_MD5Update(&ctx1, (const unsigned char *) passwd->bv_val, passwd->bv_len);
74 lutil_MD5Update(&ctx1, (const unsigned char *) salt->bv_val, salt->bv_len);
75 lutil_MD5Update(&ctx1, (const unsigned char *) passwd->bv_val, passwd->bv_len);
76 lutil_MD5Final(digest, &ctx1);
77 /* Nom start mixing things up */
78 for (n = passwd->bv_len; n > 0; n -= LUTIL_MD5_BYTES)
79 lutil_MD5Update(&ctx, digest,
80 (n > LUTIL_MD5_BYTES ? LUTIL_MD5_BYTES : n));
81 memset(digest, 0, LUTIL_MD5_BYTES);
82 /* Curiouser and curiouser... */
83 for (n = passwd->bv_len; n; n >>= 1)
84 if (n & 1)
85 lutil_MD5Update(&ctx, digest, 1);
86 else
87 lutil_MD5Update(&ctx, (const unsigned char *) passwd->bv_val, 1);
88 lutil_MD5Final(digest, &ctx);
89 /*
90 * Repeatedly hash things into the final value. This was originally
91 * intended to slow the algorithm down.
92 */
93 for (n = 0; n < 1000; n++) {
94 lutil_MD5Init(&ctx1);
95 if (n & 1)
96 lutil_MD5Update(&ctx1,
97 (const unsigned char *) passwd->bv_val, passwd->bv_len);
98 else
99 lutil_MD5Update(&ctx1, digest, LUTIL_MD5_BYTES);
100
101 if (n % 3)
102 lutil_MD5Update(&ctx1,
103 (const unsigned char *) salt->bv_val, salt->bv_len);
104 if (n % 7)
105 lutil_MD5Update(&ctx1,
106 (const unsigned char *) passwd->bv_val, passwd->bv_len);
107
108 if (n & 1)
109 lutil_MD5Update(&ctx1, digest, LUTIL_MD5_BYTES);
110 else
111 lutil_MD5Update(&ctx1,
112 (const unsigned char *) passwd->bv_val, passwd->bv_len);
113 lutil_MD5Final(digest, &ctx1);
114 }
115 }
116
chk_phk(const struct berval * magic,const struct berval * passwd,const struct berval * cred,const char ** text)117 static int chk_phk(
118 const struct berval *magic,
119 const struct berval *passwd,
120 const struct berval *cred,
121 const char **text)
122 {
123 unsigned char digest[LUTIL_MD5_BYTES];
124 unsigned char *orig_pass;
125 int rc;
126 struct berval salt;
127 size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len);
128
129 /* safety check */
130 if (decode_len <= sizeof(digest))
131 return LUTIL_PASSWD_ERR;
132
133 /* base64 un-encode password hash */
134 orig_pass = (unsigned char *) ber_memalloc(decode_len + 1);
135
136 if (orig_pass == NULL)
137 return LUTIL_PASSWD_ERR;
138
139 rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len);
140
141 if (rc <= (int) sizeof(digest)) {
142 ber_memfree(orig_pass);
143 return LUTIL_PASSWD_ERR;
144 }
145
146 salt.bv_val = (char *) &orig_pass[sizeof(digest)];
147 salt.bv_len = rc - sizeof(digest);
148
149 do_phk_hash(cred, &salt, magic, digest);
150
151 if (text)
152 *text = NULL;
153
154 /* compare */
155 rc = memcmp((char *) orig_pass, (char *) digest, sizeof(digest));
156 ber_memfree(orig_pass);
157 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
158 }
159
chk_apr1(const struct berval * scheme,const struct berval * passwd,const struct berval * cred,const char ** text)160 static int chk_apr1(
161 const struct berval *scheme,
162 const struct berval *passwd,
163 const struct berval *cred,
164 const char **text)
165 {
166 return chk_phk(&magic_apr1, passwd, cred, text);
167 }
168
chk_bsdmd5(const struct berval * scheme,const struct berval * passwd,const struct berval * cred,const char ** text)169 static int chk_bsdmd5(
170 const struct berval *scheme,
171 const struct berval *passwd,
172 const struct berval *cred,
173 const char **text)
174 {
175 return chk_phk(&magic_bsdmd5, passwd, cred, text);
176 }
177
hash_phk(const struct berval * scheme,const struct berval * magic,const struct berval * passwd,struct berval * hash,const char ** text)178 static int hash_phk(
179 const struct berval *scheme,
180 const struct berval *magic,
181 const struct berval *passwd,
182 struct berval *hash,
183 const char **text)
184 {
185 unsigned char digest_buf[LUTIL_MD5_BYTES];
186 char salt_buf[APR_SALT_SIZE];
187 struct berval digest;
188 struct berval salt;
189 int n;
190
191 digest.bv_val = (char *) digest_buf;
192 digest.bv_len = sizeof(digest_buf);
193 salt.bv_val = salt_buf;
194 salt.bv_len = APR_SALT_SIZE;
195
196 /* generate random salt */
197 if (lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0)
198 return LUTIL_PASSWD_ERR;
199 /* limit it to characters in the 64-char set */
200 for (n = 0; n < salt.bv_len; n++)
201 salt.bv_val[n] = apr64[salt.bv_val[n] % (sizeof(apr64) - 1)];
202
203 do_phk_hash(passwd, &salt, magic, digest_buf);
204
205 if (text)
206 *text = NULL;
207
208 return lutil_passwd_string64(scheme, &digest, hash, &salt);
209 }
210
hash_apr1(const struct berval * scheme,const struct berval * passwd,struct berval * hash,const char ** text)211 static int hash_apr1(
212 const struct berval *scheme,
213 const struct berval *passwd,
214 struct berval *hash,
215 const char **text)
216 {
217 return hash_phk(scheme, &magic_apr1, passwd, hash, text);
218 }
219
hash_bsdmd5(const struct berval * scheme,const struct berval * passwd,struct berval * hash,const char ** text)220 static int hash_bsdmd5(
221 const struct berval *scheme,
222 const struct berval *passwd,
223 struct berval *hash,
224 const char **text)
225 {
226 return hash_phk(scheme, &magic_bsdmd5, passwd, hash, text);
227 }
228
init_module(int argc,char * argv[])229 int init_module(int argc, char *argv[]) {
230 int rc;
231 rc = lutil_passwd_add((struct berval *) &scheme_apr1, chk_apr1, hash_apr1);
232 if ( !rc )
233 rc = lutil_passwd_add((struct berval *) &scheme_bsdmd5,
234 chk_bsdmd5, hash_bsdmd5);
235 return rc;
236 }
237