michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-02-08 08:19:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
330d975763105c2f529d57d57b74ce11874894de
webmin/useradmin/md5-lib.pl
Jamie Cameron fc1c1b243f Initial checkin of Webmin
2007-04-12 20:24:50 +00:00

127 lines
2.7 KiB
Perl
Raw Blame History

# Functions for MD5 and SHA1 password encryption
# check_md5()
# Returns a perl module name if the needed perl module(s) for MD5 encryption
# are not installed, or undef if they are
sub check_md5
{
eval "use MD5";
if (!$@) {
eval "use Digest::MD5";
if ($@) {
return "Digest::MD5";
}
}
return undef;
}
# encrypt_md5(string, [salt])
# Returns a string encrypted in MD5 format
sub encrypt_md5
{
local $passwd = $_[0];
local $magic = '$1$';
local $salt = $_[1] || substr(time(), -8);
if ($salt =~ /^\$1\$(.{8})/) {
# Extract actual salt from already encrypted password
$salt = $1;
}
# Add the password, magic and salt
local $cls = "MD5";
eval "use MD5";
if ($@) {
$cls = "Digest::MD5";
eval "use Digest::MD5";
if ($@) {
&error("Missing MD5 or Digest::MD5 perl modules");
}
}
local $ctx = eval "new $cls";
$ctx->add($passwd);
$ctx->add($magic);
$ctx->add($salt);
# Add some more stuff from the hash of the password and salt
local $ctx1 = eval "new $cls";
$ctx1->add($passwd);
$ctx1->add($salt);
$ctx1->add($passwd);
local $final = $ctx1->digest();
for($pl=length($passwd); $pl>0; $pl-=16) {
$ctx->add($pl > 16 ? $final : substr($final, 0, $pl));
}
# This piece of code seems rather pointless, but it's in the C code that
# does MD5 in PAM so it has to go in!
local $j = 0;
local ($i, $l);
for($i=length($passwd); $i; $i >>= 1) {
if ($i & 1) {
$ctx->add("\0");
}
else {
$ctx->add(substr($passwd, $j, 1));
}
}
$final = $ctx->digest();
# This loop exists only to waste time
for($i=0; $i<1000; $i++) {
$ctx1 = eval "new $cls";
$ctx1->add($i & 1 ? $passwd : $final);
$ctx1->add($salt) if ($i % 3);
$ctx1->add($passwd) if ($i % 7);
$ctx1->add($i & 1 ? $final : $passwd);
$final = $ctx1->digest();
}
# Convert the 16-byte final string into a readable form
local $rv = $magic.$salt.'$';
local @final = map { ord($_) } split(//, $final);
$l = ($final[ 0]<<16) + ($final[ 6]<<8) + $final[12];
$rv .= &to64($l, 4);
$l = ($final[ 1]<<16) + ($final[ 7]<<8) + $final[13];
$rv .= &to64($l, 4);
$l = ($final[ 2]<<16) + ($final[ 8]<<8) + $final[14];
$rv .= &to64($l, 4);
$l = ($final[ 3]<<16) + ($final[ 9]<<8) + $final[15];
$rv .= &to64($l, 4);
$l = ($final[ 4]<<16) + ($final[10]<<8) + $final[ 5];
$rv .= &to64($l, 4);
$l = $final[11];
$rv .= &to64($l, 2);
return $rv;
}
@itoa64 = split(//, "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
sub to64
{
local ($v, $n) = @_;
local $r;
while(--$n >= 0) {
$r .= $itoa64[$v & 0x3f];
$v >>= 6;
}
return $r;
}
sub check_sha1
{
eval "use Digest::SHA1";
return $@ ? "Digest::SHA1" : undef;
}
# encrypt_sha1(password)
# Encrypts a password in SHA1 format
sub encrypt_sha1
{
local $pass = $_[0];
local $sh = eval "use Digest::SHA1 qw(sha1_base64);return sha1_base64(\$pass);";
return "{SHA}$sh=";
}
1;
Reference in New Issue View Git Blame Copy Permalink