Package com.adito.unixauth

Source Code of com.adito.unixauth.MD5Crypt

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
/*

Based on the work of Jonathan Abbey
Adopted for Director by Thomas Aeby, 2004

MD5Crypt.java

Created: 3 November 1999

Java Code By: Jonathan Abbey, jonabbey@arlut.utexas.edu
Original C Version:
----------------------------------------------------------------------------
"THE BEER-WARE LICENSE" (Revision 42):
<phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
can do whatever you want with this stuff. If we meet some day, and you think
this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
----------------------------------------------------------------------------

-----------------------------------------------------------------------
Ganymede Directory Management System

Copyright (C) 1996, 1997, 1998, 1999  The University of Texas at Austin.

Contact information

Author Email: ganymede_author@arlut.utexas.edu
Email mailing list: ganymede@arlut.utexas.edu

US Mail:

Computer Science Division
Applied Research Laboratories
The University of Texas at Austin
PO Box 8029, Austin TX 78713-8029

Telephone: (512) 835-3200

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

*/

package com.adito.unixauth;

import com.maverick.crypto.digests.MD5Digest;


/*------------------------------------------------------------------------------
class
MD5Crypt

------------------------------------------------------------------------------*/

/**
* <p>
* This class defines a method,
* {@link MD5Crypt#crypt(java.lang.String, java.lang.String) crypt()}, which
* takes a password and a salt string and generates an
* OpenBSD/FreeBSD/Linux-compatible md5-encoded password entry.
* </p>
*
* <p>
* Created: 3 November 1999
* </p>
* <p>
* Release: $Name: ADITO_1_0_0_BRANCH $
* </p>
* <p>
* Java Code By: Jonathan Abbey, jonabbey@arlut.utexas.edu
* </p>
* <p>
* Original C Version:
*
* <pre>
*
*  ----------------------------------------------------------------------------
*  &quot;THE BEER-WARE LICENSE&quot; (Revision 42):
*  &lt;phk@login.dknet.dk&gt; wrote this file.  As long as you retain this notice you
*  can do whatever you want with this stuff. If we meet some day, and you think
*  this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
*  ----------------------------------------------------------------------------
* </pre>
*
* </p>
*/

public final class MD5Crypt {

    /**
     *
     * Command line test rig.
     * 
     */

    static public void main(String argv[]) {
        if ((argv.length < 1) || (argv.length > 2)) {
            System.err.println("Usage: MD5Crypt password salt");
            System.exit(1);
        }

        if (argv.length == 2) {
            System.err.println(MD5Crypt.crypt(argv[0], argv[1]));
        } else {
            System.err.println(MD5Crypt.crypt(argv[0]));
        }

        System.exit(0);
    }

    static private final String SALTCHARS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";

    static private final String itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";

    static private final String to64(long v, int size) {
        StringBuffer result = new StringBuffer();

        while (--size >= 0) {
            result.append(itoa64.charAt((int) (v & 0x3f)));
            v >>>= 6;
        }

        return result.toString();
    }

    static private final void clearbits(byte bits[]) {
        for (int i = 0; i < bits.length; i++) {
            bits[i] = 0;
        }
    }

    /**
     * convert an encoded unsigned byte value into a int with the unsigned
     * value.
     */

    static private final int bytes2u(byte inp) {
        return (int) inp & 0xff;
    }

    /**
     * <p>
     * This method actually generates a OpenBSD/FreeBSD/Linux PAM compatible
     * md5-encoded password hash from a plaintext password and a salt.
     * </p>
     *
     * <p>
     * The resulting string will be in the form '$1$&lt;salt&gt;$&lt;hashed
     * mess&gt;
     * </p>
     *
     * @param password
     *            Plaintext password
     *
     * @return An OpenBSD/FreeBSD/Linux-compatible md5-hashed password field.
     */

    static public final String crypt(String password) {
        StringBuffer salt = new StringBuffer();
        java.util.Random randgen = new java.util.Random();

        /* -- */

        while (salt.length() < 8) {
            int index = (int) (randgen.nextFloat() * SALTCHARS.length());
            salt.append(SALTCHARS.substring(index, index + 1));
        }

        return MD5Crypt.crypt(password, salt.toString());
    }

    /**
     * <p>
     * This method actually generates a OpenBSD/FreeBSD/Linux PAM compatible
     * md5-encoded password hash from a plaintext password and a salt.
     * </p>
     *
     * <p>
     * The resulting string will be in the form '$1$&lt;salt&gt;$&lt;hashed
     * mess&gt;
     * </p>
     *
     * @param password
     *            Plaintext password
     * @param salt
     *            A short string to use to randomize md5. May start with $1$,
     *            which will be ignored. It is explicitly permitted to pass a
     *            pre-existing MD5Crypt'ed password entry as the salt. crypt()
     *            will strip the salt chars out properly.
     *
     * @return An OpenBSD/FreeBSD/Linux-compatible md5-hashed password field.
     */

    static public final String crypt(String password, String salt) {
        /*
         * This string is magic for this algorithm. Having it this way, we can
         * get get better later on
         */

        String magic = "$1$";
        byte finalState[];
        MD5Digest ctx, ctx1;
        long l;

        /* -- */

        /* Refine the Salt first */

        /* If it starts with the magic string, then skip that */

        if (salt.startsWith(magic)) {
            salt = salt.substring(magic.length());
        }

        /* It stops at the first '$', max 8 chars */

        if (salt.indexOf('$') != -1) {
            salt = salt.substring(0, salt.indexOf('$'));
        }

        if (salt.length() > 8) {
            salt = salt.substring(0, 8);
        }

        ctx = new MD5Digest();

        write(ctx, password.getBytes()); // The password first, since that is
                                         // what is most unknown
        write(ctx, magic.getBytes()); // Then our magic string
        write(ctx, salt.getBytes()); // Then the raw salt

        /* Then just as many characters of the MD5(pw,salt,pw) */

        ctx1 = new MD5Digest();
        write(ctx1, password.getBytes());
        write(ctx1, salt.getBytes());
        write(ctx1, password.getBytes());


        finalState = new byte[ctx1.getDigestSize()];
        ctx1.doFinal(finalState, 0);

        for (int pl = password.length(); pl > 0; pl -= 16) {
            for (int i = 0; i < (pl > 16 ? 16 : pl); i++)
                ctx.update(finalState[i]);
        }

        /*
         * the original code claimed that finalState was being cleared to keep
         * dangerous bits out of memory, but doing this is also required in
         * order to get the right output.
         */

        clearbits(finalState);

        /* Then something really weird... */

        for (int i = password.length(); i != 0; i >>>= 1) {
            if ((i & 1) != 0) {
                ctx.update(finalState[0]);
            } else {
                ctx.update(password.getBytes()[0]);
            }
        }

        finalState = new byte[ctx.getDigestSize()];
        ctx.doFinal(finalState, 0);

        /*
         * and now, just to make sure things don't run too fast On a 60 Mhz
         * Pentium this takes 34 msec, so you would need 30 seconds to build a
         * 1000 entry dictionary...
         *
         * (The above timings from the C version)
         */

        for (int i = 0; i < 1000; i++) {
            ctx1 = new MD5Digest();

            if ((i & 1) != 0) {
                write(ctx1, password.getBytes());
            } else {
                for (int c = 0; c < 16; c++)
                    ctx1.update(finalState[c]);
            }

            if ((i % 3) != 0) {
                write(ctx1, salt.getBytes());
            }

            if ((i % 7) != 0) {
                write(ctx1, password.getBytes());
            }

            if ((i & 1) != 0) {
                for (int c = 0; c < 16; c++)
                    ctx1.update(finalState[c]);
            } else {
                write(ctx1, password.getBytes());
            }


            finalState = new byte[ctx.getDigestSize()];
            ctx1.doFinal(finalState, 0);
        }

        /* Now make the output string */

        StringBuffer result = new StringBuffer();

        result.append(magic);
        result.append(salt);
        result.append("$");

        l = (bytes2u(finalState[0]) << 16) | (bytes2u(finalState[6]) << 8) | bytes2u(finalState[12]);
        result.append(to64(l, 4));

        l = (bytes2u(finalState[1]) << 16) | (bytes2u(finalState[7]) << 8) | bytes2u(finalState[13]);
        result.append(to64(l, 4));

        l = (bytes2u(finalState[2]) << 16) | (bytes2u(finalState[8]) << 8) | bytes2u(finalState[14]);
        result.append(to64(l, 4));

        l = (bytes2u(finalState[3]) << 16) | (bytes2u(finalState[9]) << 8) | bytes2u(finalState[15]);
        result.append(to64(l, 4));

        l = (bytes2u(finalState[4]) << 16) | (bytes2u(finalState[10]) << 8) | bytes2u(finalState[5]);
        result.append(to64(l, 4));

        l = bytes2u(finalState[11]);
        result.append(to64(l, 2));

        /* Don't leave anything around in vm they could use. */
        clearbits(finalState);

        return result.toString();
    }
   
    static void write(MD5Digest digest, byte[] arr) {
        digest.update(arr, 0, arr.length);
    }
}
TOP

Related Classes of com.adito.unixauth.MD5Crypt

  • com.maverick.crypto.digests.MD5Digest
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.