2 * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
5 * "Digital Equipment Corporation authorizes the reproduction,
6 * distribution and modification of this software subject to the following
9 * 1. Any partial or whole copy of this software, or any modification
10 * thereof, must include this copyright notice in its entirety.
12 * 2. This software is supplied "as is" with no warranty of any kind,
13 * expressed or implied, for any purpose, including any warranty of fitness
14 * or merchantibility. DIGITAL assumes no responsibility for the use or
15 * reliability of this software, nor promises to provide any form of
16 * support for it on any basis.
18 * 3. Distribution of this software is authorized only if no profit or
19 * remuneration of any kind is received in exchange for such distribution.
21 * 4. This software produces public key authentication certificates
22 * bearing an expiration date established by DIGITAL and RSA Data
23 * Security, Inc. It may cease to generate certificates after the expiration
24 * date. Any modification of this software that changes or defeats
25 * the expiration date or its effect is unauthorized.
27 * 5. Software that will renew or extend the expiration date of
28 * authentication certificates produced by this software may be obtained
29 * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
30 * 94065, (415)595-8782, or from DIGITAL"
37 int MIN_PASSWORD_LENGTH = 6 ;
40 #define TEMP_BUFSIZ 256
42 static unsigned char scramble_key [8] = { 0x01, 0x23, 0x45, 0x67,
43 0x89, 0xab, 0xcd, 0xef };
49 * Password hashing routine number 1. This is stored with the encrypted
50 * private key in the LEAF database. Result is an 8 byte quantity.
53 int H1(username, pw, hash)
54 char *username, *pw, *hash ;
56 char temp[TEMP_BUFSIZ];
61 if (2 + (username?strlen(username):0) + strlen(pw) > sizeof(temp)) return(0);
63 if (username) strcat(temp,username);
66 RSA_MD2 (temp, strlen(temp), md2_hash);
67 memcpy(hash, md2_hash, 8);
69 memset(temp,0,sizeof(temp));
70 memset(md2_hash,0,sizeof(md2_hash));
78 * Password hashing routine number 2. This is the key used to encrypt
82 int H2(username, pw, hash)
83 char *username, *pw, *hash ;
85 char temp[TEMP_BUFSIZ];
87 if (2 + (username?strlen(username):0) + strlen(pw) > sizeof(temp)) return(0);
90 if (username) strcat(temp,username);
93 DES_X9_MAC (scramble_key, temp, strlen(temp), hash);
95 memset(temp,0,sizeof(temp));
102 * Read password. Returns a DES key.
105 int DES_read_password(k,prompt,verify)
107 int verify; /* non-zero means prompt twice for password */
109 char *pw = getpassword(prompt);
113 if ((verify) && (strlen(pw) < MIN_PASSWORD_LENGTH)) {
114 printf("Length error, (must be at least %d char) please re-enter: ", MIN_PASSWORD_LENGTH);
116 pw = getpassword("");
117 if (strlen(pw) < MIN_PASSWORD_LENGTH) {
118 printf("Password length error. \n");
126 printf("Verifying, please re-enter: ");
128 pw = getpassword("");
129 if (verify = strcmp(pwcpy,pw)) {
130 printf("\nVerification Error\n");
131 memset(pwcpy,0,strlen(pwcpy));
134 memset(pwcpy,0,strlen(pwcpy));
141 memset(pw,0,strlen(pw));
146 int DES_read_password_hash(H2hash,H1hash,username,prompt,verify)
147 char *prompt, *H2hash, *username, *H1hash;
148 int verify; /* non-zero means prompt twice for password */
151 char *pw = getpassword(prompt);
155 if ((verify) && (strlen(pw) < MIN_PASSWORD_LENGTH)) {
156 printf("Length error, (must be at least %d char) please re-enter: ", MIN_PASSWORD_LENGTH);
158 pw = getpassword("");
159 if (strlen(pw) < MIN_PASSWORD_LENGTH) {
160 printf("Password length error. \n");
168 printf("Verifying, please re-enter: ");
170 pw = getpassword("");
171 if (verify = strcmp(pwcpy,pw)) {
172 printf("\nVerification Error\n");
173 memset(pwcpy,0,strlen(pwcpy));
176 memset(pwcpy,0,strlen(pwcpy));
180 H1(username,pw,H1hash);
185 memset(pw,0,strlen(pw));