X-Git-Url: https://www.flypig.org.uk/git/?a=blobdiff_plain;f=salted.c;h=8383380377b6dbf23b438e5d6d8e9dec0eae4bbe;hb=HEAD;hp=0d1dab0576dfe336bff59527a9f829913cd1d975;hpb=fc0498ebf9d2479e9d620e96286dd7502ec781e5;p=pwdhash.git

diff --git a/salted.c b/salted.c
index 0d1dab0..8383380 100644
--- a/salted.c
+++ b/salted.c
@@ -143,6 +143,180 @@ u32x mangle_hmac (u32x w0[4], u32x w1[4], const u32x in_len)
         return (out_len);
 }
 
+bool containsnonalphanumeric (u8 * data, u32 length)
+{
+	bool nonalphanumeric;
+	u32 pos;
+	char check;
+	u32 startingSize;
+
+	nonalphanumeric = false;
+	for (pos = 0; (pos < length) && !nonalphanumeric; pos++) {
+		check = data[pos];
+		if (!((check >= 'a') && (check <= 'z'))
+			&& !((check >= 'A') && (check <= 'Z'))
+			&& !((check >= '0') && (check <= '9'))
+			&& !(check == '_')) {
+			nonalphanumeric = true;
+		}
+	}
+	
+	return nonalphanumeric;
+}
+
+bool contains(u8 const * password, u32 length, u8 start, u8 end) {
+	bool doescontain = false;
+	u32 pos;
+
+	for (pos = 0; (pos < length) && (doescontain == false); pos++) {
+		if ((password[pos] >= start) && (password[pos] <= end)) {
+			doescontain = true;
+		}
+	}
+	
+	return doescontain;
+}
+
+void rotate_string(u8 * torotate, u32 length, u32 steps) {
+	u8 scratch[RESULT_MAX];
+	u32 pos;
+	
+	for (pos = 0; pos < length; pos++) {
+		scratch[pos] = torotate[(pos + steps) % length];
+	}
+
+	for (pos = 0; pos < length; pos++) {
+		torotate[pos] = scratch[pos];
+	}
+}
+
+u32x mangle_pwdhash (u32x w0[4], u32x w1[4], const u32x in_len)
+{
+        u32x out_len = in_len;
+
+		u32 digest[4];
+		u32 data[8];
+		u32 hash[8];
+		u32 i;
+		u32 size;
+		u32 extrasize;
+		u32 startingsize;
+		bool nonalphanumeric;
+		u32 extrapos;
+		u8 next;
+
+		hash[0] = w0[0];
+		hash[1] = w0[1];
+		hash[2] = w0[2];
+		hash[3] = w0[3];
+		hash[4] = w1[0];
+		hash[5] = w1[1];
+		hash[6] = w1[2];
+		hash[7] = w1[3];
+
+		md5hmac_domain((u8 *)hash, in_len, (u8 *)digest);
+		nonalphanumeric = containsnonalphanumeric ((u8 *)hash, in_len);
+
+		w0[0] = digest[0];
+		w0[1] = digest[1];
+		w0[2] = digest[2];
+		w0[3] = digest[3];
+		w1[0] = 0;
+		w1[1] = 0;
+		w1[2] = 0;
+		w1[3] = 0;
+
+        out_len = b64_encode ((u8 *)hash, 16, (u8 *)w0);
+        out_len = 22; // b64 encoding will produce 24 bytes output, but last two will be "=="
+        extrasize = 22;
+        size = in_len + 2;
+
+        printf("Hash: %s\n", (u8 *)hash);
+
+//		for (i = out_len; i < 32; i++) {
+//			((u8 *)hash)[i] = 0;
+//		}
+
+		startingsize = size - 4;
+		startingsize = (startingsize < extrasize) ? startingsize : extrasize;
+
+		for (i = 0; i < startingsize; i++) {
+			((u8 *)data)[i] = ((u8 *)hash)[i];
+		}
+		for (i = startingsize; i < 32; i++) {
+			((u8 *)data)[i] = 0;
+		}
+
+		extrapos = startingsize;
+
+		// Add the extras
+		// Capital letter
+		next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+		extrapos++;
+		if (!contains((u8 *)data, startingsize, 'A', 'Z')) {
+			next = 'A' + (next % ('Z' - 'A' + 1));
+		}
+		((u8 *)data)[startingsize] = next;
+		startingsize++;
+
+		// Lower case letter
+		next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+		extrapos++;
+		if (!contains((u8 *)data, startingsize, 'a', 'z')) {
+			next = 'a' + (next % ('z' - 'a' + 1));
+		}
+		((u8 *)data)[startingsize] = next;
+		startingsize++;
+
+		// Number
+		next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+		extrapos++;
+		if (!contains((u8 *)data, startingsize, '0', '9')) {
+			next = '0' + (next % ('9' - '0' + 1));
+		}
+		((u8 *)data)[startingsize] = next;
+		startingsize++;
+
+		// Non alphanumeric
+		if (containsnonalphanumeric((u8 *)data, startingsize) && nonalphanumeric) {
+			next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+			extrapos++;
+		}
+		else {
+			next = '+';
+		}
+		((u8 *)data)[startingsize] = next;
+		startingsize++;
+
+		if (!nonalphanumeric) {
+			for (i = 0; i < startingsize; i++) {
+				if (containsnonalphanumeric(((u8 *)data) + i, 1)) {
+					next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+					extrapos++;
+					next = 'A' + (next % ('Z' - 'A' + 1));
+					((u8 *)data)[i] = next;
+				}
+			}
+		}
+
+		next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+		rotate_string((u8 *)data, startingsize, next);
+		((u8 *)data)[startingsize] = 0;
+
+		out_len = startingsize;
+      
+		w0[0] = data[0];
+		w0[1] = data[1];
+		w0[2] = data[2];
+		w0[3] = data[3];
+		w1[0] = data[4];
+		w1[1] = data[5];
+		w1[2] = data[6];
+		w1[3] = data[7];
+
+        return (out_len);
+}
+
 void writeHexByte(unsigned char byte, unsigned char * hex) {
 	static char number[] = "0123456789abcdef";
 	
@@ -183,7 +357,7 @@ int main(int argc, char * argv[]) {
 
 	//mangle(password);
 
-	size = mangle_hmac ((u32x *)password, (u32x *)(password + 16), strlen(password));
+	size = mangle_pwdhash ((u32x *)password, (u32x *)(password + 16), strlen(password));
 
 	//md5hmac(salt, password, digest);