extraPos = startingSize;
// Add the extras
+ // Capital letter
next = (extraPos < extraSize) ? hash[extraPos] : 0;
extraPos++;
if (!contains(result, startingSize, 'A', 'Z')) {
result[startingSize] = next;
startingSize++;
+ // Lower case letter
next = (extraPos < extraSize) ? hash[extraPos] : 0;
extraPos++;
if (!contains(result, startingSize, 'a', 'z')) {
result[startingSize] = next;
startingSize++;
+ // Number
next = (extraPos < extraSize) ? hash[extraPos] : 0;
extraPos++;
if (!contains(result, startingSize, '0', '9')) {
result[startingSize] = next;
startingSize++;
+ // Non alphanumeric
if (containsnonalphanumeric(result, startingSize) && nonalphanumeric) {
next = (extraPos < extraSize) ? hash[extraPos] : 0;
extraPos++;
}
}
-void md5hmac_domain(u8 const * const inData, const u32x pw_len, u8 outDigest[16])
+void md5hmac_domain(u8 const * const in_key, const u32x key_len, u8 out_digest[16])
{
u32 pos;
u32x data_buf[16];
- for (pos = 0; pos < pw_len; pos++) {
- ((u8 *)data_buf)[pos] = inData[pos];
+ for (pos = 0; pos < domain_len; pos++) {
+ ((u8 *)data_buf)[pos] = domain[pos];
}
- for (pos = pw_len; pos < 64; pos++) {
+ for (pos = domain_len; pos < 64; pos++) {
((u8 *)data_buf)[pos] = 0;
}
u32x key_buf[16];
- for (pos = 0; pos < domain_len; pos++) {
- ((u8 *)key_buf)[pos] = domain[pos];
+ for (pos = 0; pos < key_len; pos++) {
+ ((u8 *)key_buf)[pos] = in_key[pos];
}
- for (pos = domain_len; pos < 64; pos++) {
+ for (pos = key_len; pos < 64; pos++) {
((u8 *)key_buf)[pos] = 0;
}
// loop
- append_0x80_2x4_VV (data_buf, data_buf + 4, pw_len);
+ append_0x80_2x4_VV (data_buf, data_buf + 4, domain_len);
- data_buf[14] = (64 + pw_len) * 8;
+ data_buf[14] = (64 + domain_len) * 8;
- hmac_md5_run_cl (data_buf, data_buf + 4, data_buf + 8, data_buf + 12, ipad, opad, (u32x *)outDigest);
+ hmac_md5_run_cl (data_buf, data_buf + 4, data_buf + 8, data_buf + 12, ipad, opad, (u32x *)out_digest);
}
void md5hmac_cl(u8 * inKey, u32 key_len, u8 * inData, u32 pw_len, u8 outDigest[DIGEST_SIZE])
return (out_len);
}
+bool containsnonalphanumeric (u8 * data, u32 length)
+{
+ bool nonalphanumeric;
+ u32 pos;
+ char check;
+ u32 startingSize;
+
+ nonalphanumeric = false;
+ for (pos = 0; (pos < length) && !nonalphanumeric; pos++) {
+ check = data[pos];
+ if (!((check >= 'a') && (check <= 'z'))
+ && !((check >= 'A') && (check <= 'Z'))
+ && !((check >= '0') && (check <= '9'))
+ && !(check == '_')) {
+ nonalphanumeric = true;
+ }
+ }
+
+ return nonalphanumeric;
+}
+
+bool contains(u8 const * password, u32 length, u8 start, u8 end) {
+ bool doescontain = false;
+ u32 pos;
+
+ for (pos = 0; (pos < length) && (doescontain == false); pos++) {
+ if ((password[pos] >= start) && (password[pos] <= end)) {
+ doescontain = true;
+ }
+ }
+
+ return doescontain;
+}
+
+void rotate_string(u8 * torotate, u32 length, u32 steps) {
+ u8 scratch[RESULT_MAX];
+ u32 pos;
+
+ for (pos = 0; pos < length; pos++) {
+ scratch[pos] = torotate[(pos + steps) % length];
+ }
+
+ for (pos = 0; pos < length; pos++) {
+ torotate[pos] = scratch[pos];
+ }
+}
+
+u32x mangle_pwdhash (u32x w0[4], u32x w1[4], const u32x in_len)
+{
+ u32x out_len = in_len;
+
+ u32 digest[4];
+ u32 data[8];
+ u32 hash[8];
+ u32 i;
+ u32 size;
+ u32 extrasize;
+ u32 startingsize;
+ bool nonalphanumeric;
+ u32 extrapos;
+ u8 next;
+
+ hash[0] = w0[0];
+ hash[1] = w0[1];
+ hash[2] = w0[2];
+ hash[3] = w0[3];
+ hash[4] = w1[0];
+ hash[5] = w1[1];
+ hash[6] = w1[2];
+ hash[7] = w1[3];
+
+ md5hmac_domain((u8 *)hash, in_len, (u8 *)digest);
+ nonalphanumeric = containsnonalphanumeric ((u8 *)hash, in_len);
+
+ w0[0] = digest[0];
+ w0[1] = digest[1];
+ w0[2] = digest[2];
+ w0[3] = digest[3];
+ w1[0] = 0;
+ w1[1] = 0;
+ w1[2] = 0;
+ w1[3] = 0;
+
+ out_len = b64_encode ((u8 *)hash, 16, (u8 *)w0);
+ out_len = 22; // b64 encoding will produce 24 bytes output, but last two will be "=="
+ extrasize = 22;
+ size = in_len + 2;
+
+ printf("Hash: %s\n", (u8 *)hash);
+
+// for (i = out_len; i < 32; i++) {
+// ((u8 *)hash)[i] = 0;
+// }
+
+ startingsize = size - 4;
+ startingsize = (startingsize < extrasize) ? startingsize : extrasize;
+
+ for (i = 0; i < startingsize; i++) {
+ ((u8 *)data)[i] = ((u8 *)hash)[i];
+ }
+ for (i = startingsize; i < 32; i++) {
+ ((u8 *)data)[i] = 0;
+ }
+
+ extrapos = startingsize;
+
+ // Add the extras
+ // Capital letter
+ next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+ extrapos++;
+ if (!contains((u8 *)data, startingsize, 'A', 'Z')) {
+ next = 'A' + (next % ('Z' - 'A' + 1));
+ }
+ ((u8 *)data)[startingsize] = next;
+ startingsize++;
+
+ // Lower case letter
+ next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+ extrapos++;
+ if (!contains((u8 *)data, startingsize, 'a', 'z')) {
+ next = 'a' + (next % ('z' - 'a' + 1));
+ }
+ ((u8 *)data)[startingsize] = next;
+ startingsize++;
+
+ // Number
+ next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+ extrapos++;
+ if (!contains((u8 *)data, startingsize, '0', '9')) {
+ next = '0' + (next % ('9' - '0' + 1));
+ }
+ ((u8 *)data)[startingsize] = next;
+ startingsize++;
+
+ // Non alphanumeric
+ if (containsnonalphanumeric((u8 *)data, startingsize) && nonalphanumeric) {
+ next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+ extrapos++;
+ }
+ else {
+ next = '+';
+ }
+ ((u8 *)data)[startingsize] = next;
+ startingsize++;
+
+ if (!nonalphanumeric) {
+ for (i = 0; i < startingsize; i++) {
+ if (containsnonalphanumeric(((u8 *)data) + i, 1)) {
+ next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+ extrapos++;
+ next = 'A' + (next % ('Z' - 'A' + 1));
+ ((u8 *)data)[i] = next;
+ }
+ }
+ }
+
+ next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+ rotate_string((u8 *)data, startingsize, next);
+ ((u8 *)data)[startingsize] = 0;
+
+ out_len = startingsize;
+
+ w0[0] = data[0];
+ w0[1] = data[1];
+ w0[2] = data[2];
+ w0[3] = data[3];
+ w1[0] = data[4];
+ w1[1] = data[5];
+ w1[2] = data[6];
+ w1[3] = data[7];
+
+ return (out_len);
+}
+
void writeHexByte(unsigned char byte, unsigned char * hex) {
static char number[] = "0123456789abcdef";
//mangle(password);
- size = mangle_hmac ((u32x *)password, (u32x *)(password + 16), strlen(password));
+ size = mangle_pwdhash ((u32x *)password, (u32x *)(password + 16), strlen(password));
//md5hmac(salt, password, digest);