Beispiel #1
0
void 
scramble(char *to, const char *message, const char *password)
{
    SHA1_CONTEXT sha1_context;

    uint8 hash_stage1[SHA1_HASH_SIZE];
    uint8 hash_stage2[SHA1_HASH_SIZE];

    mysql_sha1_reset(&sha1_context);

    /* Stage 1: hash password */
    mysql_sha1_input(&sha1_context, (uint8 *)password,
            (uint)strlen(password));
    mysql_sha1_result(&sha1_context, hash_stage1);

    /* 
     * Stage 2: 
     * hash stage 1; 
     * Note that hash_stage2 is stored in the database 
     */
    mysql_sha1_reset(&sha1_context);
    mysql_sha1_input(&sha1_context, hash_stage1, SHA1_HASH_SIZE);
    mysql_sha1_result(&sha1_context, hash_stage2);

    /* Create crypt string as sha1(message, hash_stage2) */;
    mysql_sha1_reset(&sha1_context);
    mysql_sha1_input(&sha1_context, (const uint8 *) message, 
            SCRAMBLE_LENGTH);
    mysql_sha1_input(&sha1_context, hash_stage2, SHA1_HASH_SIZE);

    /* Xor allows 'from' and 'to' overlap: lets take advantage of it */
    mysql_sha1_result(&sha1_context, (uint8 *) to);
    my_crypt(to, (const uchar *) to, hash_stage1, SCRAMBLE_LENGTH);
}
Beispiel #2
0
void
get_hash_stage1 (const char *scramble_arg, const char *message,
                 const uint8 * hash_stage2, uint8 * hash_stage1)
{
    SHA1_CONTEXT sha1_context;

    mysql_sha1_reset (&sha1_context);
    /* create key to encrypt scramble */
    mysql_sha1_input (&sha1_context, (const uint8 *) message, SCRAMBLE_LENGTH);
    mysql_sha1_input (&sha1_context, hash_stage2, SHA1_HASH_SIZE);
    mysql_sha1_result (&sha1_context, hash_stage1);
    /* encrypt scramble */
    my_crypt ((char *) hash_stage1, hash_stage1, (const uchar *) scramble_arg,
              SCRAMBLE_LENGTH);
}
Beispiel #3
0
void
make_scrambled_password(char *to, const char *password)
{
  SHA1_CONTEXT sha1_context;
  uint8 hash_stage2[SHA1_HASH_SIZE];

  mysql_sha1_reset(&sha1_context);
  /* stage 1: hash password */
  mysql_sha1_input(&sha1_context, (uint8 *) password, (uint) strlen(password));
  mysql_sha1_result(&sha1_context, (uint8 *) to);
  /* stage 2: hash stage1 output */
  mysql_sha1_reset(&sha1_context);
  mysql_sha1_input(&sha1_context, (uint8 *) to, SHA1_HASH_SIZE);
  /* separate buffer is used to pass 'to' in octet2hex */
  mysql_sha1_result(&sha1_context, hash_stage2);
  /* convert hash_stage2 to hex string */
  *to++= PVERSION41_CHAR;
  octet2hex(to, (char*) hash_stage2, SHA1_HASH_SIZE);
}
Beispiel #4
0
void
scramble_with_hash_stage1 (char *to, const char *message,
                           const unsigned char *hash_stage1)
{
    SHA1_CONTEXT sha1_context;
    uint8 hash_stage2[SHA1_HASH_SIZE];

    /* stage 2: hash stage 1; note that hash_stage2 is stored in the database */
    mysql_sha1_reset (&sha1_context);
    mysql_sha1_input (&sha1_context, hash_stage1, SHA1_HASH_SIZE);
    mysql_sha1_result (&sha1_context, hash_stage2);
    /* create crypt string as sha1(message, hash_stage2) */ ;
    mysql_sha1_reset (&sha1_context);
    mysql_sha1_input (&sha1_context, (const uint8 *) message, SCRAMBLE_LENGTH);
    mysql_sha1_input (&sha1_context, hash_stage2, SHA1_HASH_SIZE);
    /* xor allows 'from' and 'to' overlap: lets take advantage of it */
    mysql_sha1_result (&sha1_context, (uint8 *) to);
    my_crypt (to, (const uchar *) to, hash_stage1, SCRAMBLE_LENGTH);
}
Beispiel #5
0
my_bool
check_scramble(const char *scramble_arg, const char *message,
               const uint8 *hash_stage2)
{
  SHA1_CONTEXT sha1_context;
  uint8 buf[SHA1_HASH_SIZE];
  uint8 hash_stage2_reassured[SHA1_HASH_SIZE];

  mysql_sha1_reset(&sha1_context);
  /* create key to encrypt scramble */
  mysql_sha1_input(&sha1_context, (const uint8 *) message, SCRAMBLE_LENGTH);
  mysql_sha1_input(&sha1_context, hash_stage2, SHA1_HASH_SIZE);
  mysql_sha1_result(&sha1_context, buf);
  /* encrypt scramble */
    my_crypt((char *) buf, buf, (const uchar *) scramble_arg, SCRAMBLE_LENGTH);
  /* now buf supposedly contains hash_stage1: so we can get hash_stage2 */
  mysql_sha1_reset(&sha1_context);
  mysql_sha1_input(&sha1_context, buf, SHA1_HASH_SIZE);
  mysql_sha1_result(&sha1_context, hash_stage2_reassured);
  return memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE);
}