php_crypt_r.c

/*
 +----------------------------------------------------------------------+
 | Copyright (c) The PHP Group |
 +----------------------------------------------------------------------+
 | This source file is subject to version 3.01 of the PHP license, |
 | that is bundled with this package in the file LICENSE, and is |
 | available through the world-wide-web at the following url: |
 | https://www.php.net/license/3_01.txt |
 | If you did not receive a copy of the PHP license and are unable to |
 | obtain it through the world-wide-web, please send a note to |
 | license@php.net so we can mail you a copy immediately. |
 +----------------------------------------------------------------------+
 | Authors: Pierre Alain Joye <pajoye@php.net |
 +----------------------------------------------------------------------+
 */

/*
 * License for the Unix md5crypt implementation (md5_crypt):
 *
 * ----------------------------------------------------------------------------
 * "THE BEER-WARE LICENSE" (Revision 42):
 * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
 * can do whatever you want with this stuff. If we meet some day, and you think
 * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
 * ----------------------------------------------------------------------------
 *
 * from FreeBSD: crypt.c,v 1.5 1996/10/14 08:34:02 phk Exp
 * via OpenBSD: md5crypt.c,v 1.9 1997/07/23 20:58:27 kstailey Exp
 * via NetBSD: md5crypt.c,v 1.4.2.1 2002/01/22 19:31:59 he Exp
 *
 */

#include"php.h"

#include<string.h>

#ifdefPHP_WIN32
# include<windows.h>
# include<Wincrypt.h>
#endif

#include"php_crypt_r.h"
#include"crypt_freesec.h"
#include"ext/standard/md5.h"

#ifdefZTS
MUTEX_Tphp_crypt_extended_init_lock;
#endif

voidphp_init_crypt_r(void)
{
#ifdefZTS
php_crypt_extended_init_lock=tsrm_mutex_alloc();
#endif
}

voidphp_shutdown_crypt_r(void)
{
#ifdefZTS
tsrm_mutex_free(php_crypt_extended_init_lock);
#endif
}

void_crypt_extended_init_r(void)
{
staticintinitialized=0;

#ifdefZTS
tsrm_mutex_lock(php_crypt_extended_init_lock);
#endif

if (!initialized) {
initialized=1;
_crypt_extended_init();
 }

#ifdefZTS
tsrm_mutex_unlock(php_crypt_extended_init_lock);
#endif
}

/* MD5 crypt implementation using the windows CryptoApi */
#defineMD5_MAGIC "$1$"
#defineMD5_MAGIC_LEN 3

staticconstunsigned charitoa64[] =/* 0 ... 63 => ascii - 64 */
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";

/* Convert a 16/32 bit integer to Base64 string representation */
staticvoidto64(char*s, int32_tv, intn)
{
while (--n >= 0) {
*s++=itoa64[v&0x3f];
v >>= 6;
 }
}

/*
 * MD5 password encryption.
 */
char*php_md5_crypt_r(constchar*pw, constchar*salt, char*out)
{
ZEND_TLScharpasswd[MD5_HASH_MAX_LEN], *p;
constchar*sp, *ep;
unsigned charfinal[16];
unsigned inti, sl, pwl;
PHP_MD5_CTXctx, ctx1;
uint32_tl;
intpl;

pwl=strlen(pw);

/* Refine the salt first */
sp=salt;

/* If it starts with the magic string, then skip that */
if (strncmp(sp, MD5_MAGIC, MD5_MAGIC_LEN) ==0)
sp+=MD5_MAGIC_LEN;

/* It stops at the first '$', max 8 chars */
for (ep=sp; *ep!='\0'&&*ep!='$'&&ep< (sp+8); ep++);

/* get the length of the true salt */
sl=ep-sp;

PHP_MD5Init(&ctx);

/* The password first, since that is what is most unknown */
PHP_MD5Update(&ctx, (constunsigned char*)pw, pwl);

/* Then our magic string */
PHP_MD5Update(&ctx, (constunsigned char*)MD5_MAGIC, MD5_MAGIC_LEN);

/* Then the raw salt */
PHP_MD5Update(&ctx, (constunsigned char*)sp, sl);

/* Then just as many characters of the MD5(pw,salt,pw) */
PHP_MD5Init(&ctx1);
PHP_MD5Update(&ctx1, (constunsigned char*)pw, pwl);
PHP_MD5Update(&ctx1, (constunsigned char*)sp, sl);
PHP_MD5Update(&ctx1, (constunsigned char*)pw, pwl);
PHP_MD5Final(final, &ctx1);

for (pl=pwl; pl>0; pl-=16)
PHP_MD5Update(&ctx, final, (unsigned int)(pl>16 ? 16 : pl));

/* Don't leave anything around in vm they could use. */
ZEND_SECURE_ZERO(final, sizeof(final));

/* Then something really weird... */
for (i=pwl; i!=0; i >>= 1)
if ((i&1) !=0)
PHP_MD5Update(&ctx, final, 1);
else
PHP_MD5Update(&ctx, (constunsigned char*)pw, 1);

/* Now make the output string */
memcpy(passwd, MD5_MAGIC, MD5_MAGIC_LEN);
strlcpy(passwd+MD5_MAGIC_LEN, sp, sl+1);
strcat(passwd, "$");

PHP_MD5Final(final, &ctx);

/*
 * And now, just to make sure things don't run too fast. On a 60 MHz
 * Pentium this takes 34 msec, so you would need 30 seconds to build
 * a 1000 entry dictionary...
 */
for (i=0; i<1000; i++) {
PHP_MD5Init(&ctx1);

if ((i&1) !=0)
PHP_MD5Update(&ctx1, (constunsigned char*)pw, pwl);
else
PHP_MD5Update(&ctx1, final, 16);

if ((i % 3) !=0)
PHP_MD5Update(&ctx1, (constunsigned char*)sp, sl);

if ((i % 7) !=0)
PHP_MD5Update(&ctx1, (constunsigned char*)pw, pwl);

if ((i&1) !=0)
PHP_MD5Update(&ctx1, final, 16);
else
PHP_MD5Update(&ctx1, (constunsigned char*)pw, pwl);

PHP_MD5Final(final, &ctx1);
 }

p=passwd+sl+MD5_MAGIC_LEN+1;

l= (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p+=4;
l= (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p+=4;
l= (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p+=4;
l= (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p+=4;
l= (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p+=4;
l=final[11] ; to64(p,l,2); p+=2;
*p='\0';

/* Don't leave anything around in vm they could use. */
ZEND_SECURE_ZERO(final, sizeof(final));
return (passwd);
}