Bugtraq mailing list archives
Re: passwd hashing algorithm
From: jfh () rpp386 cactus org (John F. Haugh II)
Date: Sun, 23 Apr 95 7:37:11 CDT
Unfortunately, I've lost my re-discovery of the OSF/1 bigcrypt() algorithm. DEC are *very* reticent about letting details out and its documentation is virtually non-existent. However, examination of the contents of /tcb/files/auth/p/pcl as I changed my password, together with a few astute guesses, was all that were required. If I find the bigcrypt() code again, I'll post it.
Is this it? The code inside of SW_CRYPT was sent to me some time back
with the claim that it re-implemented the SecureWare crypt() function
as in OSF/1.
--
/*
* Copyright 1990, 1993, John F. Haugh II
* All rights reserved.
*
* Permission is granted to copy and create derivative works for any
* non-commercial purpose, provided this copyright notice is preserved
* in all copies of source code, or included in human readable form
* and conspicuously displayed on all copies of object code or
* distribution media.
*
* This software is provided on an AS-IS basis and the author makes
* no warrantee of any kind.
*/
#include <string.h>
#include "config.h"
#ifndef lint
static char sccsid[] = "@(#)encrypt.c 3.5 07:45:28 22 Apr 1993";
#endif
extern char *crypt();
char *
pw_encrypt (clear, salt)
char *clear;
char *salt;
{
#ifdef SW_CRYPT
static char cipher[128];
#else
static char cipher[32];
#endif
static int count;
char newsalt[2];
char *cp;
long now;
/*
* See if a new salt is needed and get a few random
* bits of information. The amount of randomness is
* probably not all that crucial since the salt only
* serves to thwart a dictionary attack.
*/
if (salt == (char *) 0) {
now = time ((long *) 0) + count++;
now ^= clock ();
now ^= getpid ();
now = ((now >> 12) ^ (now)) & 07777;
newsalt[0] = i64c ((now >> 6) & 077);
newsalt[1] = i64c (now & 077);
salt = newsalt;
}
#ifdef SW_CRYPT
/*
* Copy over the salt. It is always the first two
* characters of the string.
*/
cipher[0] = salt[0];
cipher[1] = salt[1];
cipher[2] = '\0';
/*
* Loop up to ten times on the cleartext password.
* This is because the input limit for passwords is
* 80 characters.
*
* The initial salt is that provided by the user, or the
* one generated above. The subsequent salts are gotten
* from the first two characters of the previous encrypted
* block of characters.
*/
for (count = 0;count < 10;count++) {
cp = crypt (clear, salt);
strcat (cipher, cp + 2);
salt = cipher + 11 * count + 2;
if (strlen (clear) > 8)
clear += 8;
else
break;
}
#else
cp = crypt (clear, salt);
strcpy (cipher, cp);
#ifdef DOUBLESIZE
if (strlen (clear) > 8) {
cp = crypt (clear + 8, salt);
strcat (cipher, cp + 2);
}
#endif /* DOUBLESIZE */
#endif /* SW_CRYPT */
return cipher;
}
--
John F. Haugh II [ NRA-ILA ] [ Kill Barney ] !'s: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 251-2151 [GOP][DoF #17][PADI][ENTJ] @'s: jfh () rpp386 cactus org
Current thread:
- RE: virus, (continued)
- RE: virus Erich W. Gunther (Apr 23)
- Re: passwd hashing algorithm David Miller (Apr 19)
- Re: passwd hashing algorithm David A. Wagner (Apr 19)
- Re: passwd hashing algorithm John F. Haugh II (Apr 21)
- AntiFlash talkd Richard Allen (Apr 19)
- Re: AntiFlash talkd James M. Golovich (Apr 19)
- Password Storage as Environment Variable Bill Bradley (Apr 19)
- Re: passwd hashing algorithm John F. Haugh II (Apr 23)
- Re: passwd hashing algorithm Marek Michalkiewicz (Apr 24)