1 #########################################################
4 # 0423.2000 by michal wallace http://www.sabren.com/
5 # based on perl's Crypt::PasswdMD5 by Luis Munoz (lem@cantv.net)
6 # based on /usr/src/libcrypt/crypt.c from FreeBSD 2.2.5-RELEASE
10 # Carey Evans - http://home.clear.net.nz/pages/c.evans/
11 # Dennis Marti - http://users.starpower.net/marti1/
13 # For the patches that got this thing working!
15 #########################################################
16 """md5crypt.py - Provides interoperable MD5-based crypt() function
22 cryptedpassword = md5crypt.md5crypt(password, salt);
26 unix_md5_crypt() provides a crypt()-compatible interface to the
27 rather new MD5-based crypt() function found in modern operating systems.
28 It's based on the implementation found on FreeBSD 2.2.[56]-RELEASE and
29 contains the following license in it:
31 "THE BEER-WARE LICENSE" (Revision 42):
32 <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
33 can do whatever you want with this stuff. If we meet some day, and you think
34 this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
36 apache_md5_crypt() provides a function compatible with Apache's
37 .htpasswd files. This was contributed by Bryan Hart <bryan@eai.com>.
41 MAGIC = '$1$' # Magic string
42 ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
50 ret = ret + ITOA64[v & 0x3f]
55 def apache_md5_crypt (pw, salt):
56 # change the Magic string to match the one used by Apache
57 return unix_md5_crypt(pw, salt, '$apr1$')
60 def unix_md5_crypt(pw, salt, magic=None):
65 # Take care of the magic string if present
66 if salt[:len(magic)] == magic:
67 salt = salt[len(magic):]
70 # salt can have up to 8 characters:
72 salt = string.split(salt, '$', 1)[0]
75 ctx = pw + magic + salt
77 final = md5.md5(pw + salt + pw).digest()
79 for pl in range(len(pw),0,-16):
81 ctx = ctx + final[:16]
83 ctx = ctx + final[:pl]
86 # Now the 'weird' xform (??)
91 ctx = ctx + chr(0) #if ($i & 1) { $ctx->add(pack("C", 0)); }
96 final = md5.md5(ctx).digest()
98 # The following is supposed to make
101 # my question: WTF???
103 for i in range(1000):
108 ctx1 = ctx1 + final[:16]
117 ctx1 = ctx1 + final[:16]
122 final = md5.md5(ctx1).digest()
129 passwd = passwd + to64((int(ord(final[0])) << 16)
130 |(int(ord(final[6])) << 8)
131 |(int(ord(final[12]))),4)
133 passwd = passwd + to64((int(ord(final[1])) << 16)
134 |(int(ord(final[7])) << 8)
135 |(int(ord(final[13]))), 4)
137 passwd = passwd + to64((int(ord(final[2])) << 16)
138 |(int(ord(final[8])) << 8)
139 |(int(ord(final[14]))), 4)
141 passwd = passwd + to64((int(ord(final[3])) << 16)
142 |(int(ord(final[9])) << 8)
143 |(int(ord(final[15]))), 4)
145 passwd = passwd + to64((int(ord(final[4])) << 16)
146 |(int(ord(final[10])) << 8)
147 |(int(ord(final[5]))), 4)
149 passwd = passwd + to64((int(ord(final[11]))), 2)
152 return magic + salt + '$' + passwd
155 ## assign a wrapper function:
156 md5crypt = unix_md5_crypt
158 if __name__ == "__main__":
159 print unix_md5_crypt("cat", "hat")