283 lines
6.2 KiB
Perl
283 lines
6.2 KiB
Perl
package Crypt::PasswdMD5;
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use Digest::MD5;
|
|
|
|
use Exporter 'import';
|
|
|
|
our @EXPORT = qw/unix_md5_crypt apache_md5_crypt/;
|
|
our @EXPORT_OK = (@EXPORT, 'random_md5_salt');
|
|
our $VERSION ='1.40';
|
|
|
|
# ------------------------------------------------
|
|
|
|
my($itoa64) = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
|
|
our($Magic) = q/$1$/; # Magic strings. Need 'our' because of local just below.
|
|
my($max_salt_length) = 8;
|
|
|
|
# ------------------------------------------------
|
|
|
|
sub apache_md5_crypt
|
|
{
|
|
# Change the Magic string to match the one used by Apache.
|
|
|
|
local $Magic = q/$apr1$/;
|
|
|
|
return unix_md5_crypt(@_);
|
|
|
|
} # End of apache_md5_crypt.
|
|
|
|
# ------------------------------------------------
|
|
|
|
sub random_md5_salt
|
|
{
|
|
my($len) = shift || $max_salt_length;
|
|
my($salt) = '';
|
|
|
|
# Sanity check.
|
|
|
|
$len = $max_salt_length unless ( ($len >= 1) and ($len <= $max_salt_length) );
|
|
$salt .= substr($itoa64,int(rand(64)),1) for (1..$len);
|
|
|
|
return $salt;
|
|
|
|
} # End of random_md5_salt.
|
|
|
|
# ------------------------------------------------
|
|
|
|
sub to64
|
|
{
|
|
my($v, $n) = @_;
|
|
my($ret) = '';
|
|
|
|
while (--$n >= 0)
|
|
{
|
|
$ret .= substr($itoa64, $v & 0x3f, 1);
|
|
|
|
$v >>= 6;
|
|
}
|
|
|
|
return $ret;
|
|
|
|
} # End of to64.
|
|
|
|
# ------------------------------------------------
|
|
|
|
sub unix_md5_crypt
|
|
{
|
|
my($pw, $salt) = @_;
|
|
|
|
my($passwd);
|
|
|
|
if (defined $salt)
|
|
{
|
|
$salt =~ s/^\Q$Magic//; # Take care of the magic string if present.
|
|
$salt =~ s/^(.*)\$.*$/$1/; # Salt can have up to 8 chars...
|
|
$salt = substr($salt, 0, 8);
|
|
}
|
|
else
|
|
{
|
|
$salt = random_md5_salt(); # In case no salt was proffered.
|
|
}
|
|
|
|
my($ctx) = Digest::MD5 -> new; # Here we start the calculation.
|
|
|
|
$ctx -> add($pw); # Original password...
|
|
$ctx -> add($Magic); # ...our magic string...
|
|
$ctx -> add($salt); # ...the salt...
|
|
|
|
my($final) = Digest::MD5 -> new;
|
|
|
|
$final -> add($pw);
|
|
$final -> add($salt);
|
|
$final -> add($pw);
|
|
|
|
$final = $final -> digest;
|
|
|
|
for (my $pl = length($pw); $pl > 0; $pl -= 16)
|
|
{
|
|
$ctx -> add(substr($final, 0, $pl > 16 ? 16 : $pl) );
|
|
}
|
|
|
|
# Now the 'weird' xform.
|
|
|
|
for (my $i = length($pw); $i; $i >>= 1)
|
|
{
|
|
if ($i & 1)
|
|
{
|
|
$ctx -> add(pack('C', 0) );
|
|
}
|
|
|
|
# This comes from the original version, where a
|
|
# memset() is done to $final before this loop.
|
|
|
|
else
|
|
{
|
|
$ctx -> add(substr($pw, 0, 1) );
|
|
}
|
|
}
|
|
|
|
$final = $ctx -> digest;
|
|
|
|
# The following is supposed to make things run slower.
|
|
# In perl, perhaps it'll be *really* slow!
|
|
|
|
for (my $i = 0; $i < 1000; $i++)
|
|
{
|
|
my($ctx1) = Digest::MD5 -> new;
|
|
|
|
if ($i & 1)
|
|
{
|
|
$ctx1 -> add($pw);
|
|
}
|
|
else
|
|
{
|
|
$ctx1 -> add(substr($final, 0, 16) );
|
|
}
|
|
|
|
if ($i % 3)
|
|
{
|
|
$ctx1 -> add($salt);
|
|
}
|
|
|
|
if ($i % 7)
|
|
{
|
|
$ctx1 -> add($pw);
|
|
}
|
|
|
|
if ($i & 1)
|
|
{
|
|
$ctx1 -> add(substr($final, 0, 16) );
|
|
}
|
|
else
|
|
{
|
|
$ctx1 -> add($pw);
|
|
}
|
|
|
|
$final = $ctx1 -> digest;
|
|
}
|
|
|
|
# Final xform
|
|
|
|
$passwd = '';
|
|
$passwd .= to64(int(unpack('C', (substr($final, 0, 1) ) ) << 16)
|
|
| int(unpack('C', (substr($final, 6, 1) ) ) << 8)
|
|
| int(unpack('C', (substr($final, 12, 1) ) ) ), 4);
|
|
$passwd .= to64(int(unpack('C', (substr($final, 1, 1) ) ) << 16)
|
|
| int(unpack('C', (substr($final, 7, 1) ) ) << 8)
|
|
| int(unpack('C', (substr($final, 13, 1) ) ) ), 4);
|
|
$passwd .= to64(int(unpack('C', (substr($final, 2, 1) ) ) << 16)
|
|
| int(unpack('C', (substr($final, 8, 1) ) ) << 8)
|
|
| int(unpack('C', (substr($final, 14, 1) ) ) ), 4);
|
|
$passwd .= to64(int(unpack('C', (substr($final, 3, 1) ) ) << 16)
|
|
| int(unpack('C', (substr($final, 9, 1) ) ) << 8)
|
|
| int(unpack('C', (substr($final, 15, 1) ) ) ), 4);
|
|
$passwd .= to64(int(unpack('C', (substr($final, 4, 1) ) ) << 16)
|
|
| int(unpack('C', (substr($final, 10, 1) ) ) << 8)
|
|
| int(unpack('C', (substr($final, 5, 1) ) ) ), 4);
|
|
$passwd .= to64(int(unpack('C', substr($final, 11, 1) ) ), 2);
|
|
|
|
return $Magic . $salt . q/$/ . $passwd;
|
|
|
|
} # End of unix_md5_crypt.
|
|
|
|
# ------------------------------------------------
|
|
|
|
1;
|
|
|
|
=pod
|
|
|
|
=encoding utf-8
|
|
|
|
=head1 NAME
|
|
|
|
Crypt::PasswdMD5 - Provide interoperable MD5-based crypt() functions
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use Crypt::PasswdMD5;
|
|
|
|
my($password) = 'seekrit';
|
|
my($salt) = 'pepperoni';
|
|
my($unix_crypted) = unix_md5_crypt($password, $salt);
|
|
my($apache_crypted) = apache_md5_crypt($password, $salt);
|
|
|
|
Or:
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use Crypt::PasswdMD5 'random_md5_salt';
|
|
|
|
my($length) = 7;
|
|
my($salt_1) = random_md5_salt($length);
|
|
my($salt_2) = random_md5_salt(); # Default to $length == 8.
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
C<apache_md5_crypt()> provides a function compatible with Apache's C<.htpasswd> files.
|
|
This was contributed by Bryan Hart <bryan@eai.com>.
|
|
This function is exported by default.
|
|
|
|
The C<unix_md5_crypt()> provides a crypt()-compatible interface to the rather new MD5-based crypt() function
|
|
found in modern operating systems. It's based on the implementation found on FreeBSD 2.2.[56]-RELEASE.
|
|
This function is also exported by default.
|
|
|
|
For both functions, if a salt value is not supplied, a random salt will be
|
|
generated, using the function random_md5_salt().
|
|
This function is not exported by default.
|
|
|
|
=head1 LICENSE AND WARRANTY
|
|
|
|
This code and all accompanying software comes with NO WARRANTY. You
|
|
use it at your own risk.
|
|
|
|
This code and all accompanying software can be used freely under the
|
|
same terms as Perl itself.
|
|
|
|
=head1 METHODS
|
|
|
|
=head2 apache_md5_crypt($password, $salt)
|
|
|
|
This sets a magic variable, and then passes all the calling parameters to L</unix_md5_crypt($password, $salt)>.
|
|
|
|
Returns an encrypted version of the given password.
|
|
|
|
Basically, it's a very poor choice for anything other than password authentication.
|
|
|
|
=head2 random_md5_salt([$length])
|
|
|
|
Here, [] indicate an optional parameter.
|
|
|
|
Returns a random salt of the given length.
|
|
|
|
The maximum length is 8.
|
|
|
|
If C<$length> is omitted, it defaults to 8.
|
|
|
|
=head2 unix_md5_crypt($password, $salt)
|
|
|
|
Returns an encrypted version of the given password.
|
|
|
|
Basically, it's a very poor choice for anything other than password authentication.
|
|
|
|
=head1 SUPPORT
|
|
|
|
Bugs should be reported via the CPAN bug tracker at
|
|
|
|
L<http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Crypt-PasswdMD5>
|
|
|
|
=head1 AUTHOR
|
|
|
|
Luis E. Muñoz <luismunoz@cpan.org>.
|
|
|
|
Maintenance by Ron Savage <rsavage@cpan.org> as of V 1.40.
|
|
|
|
=cut
|