mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-28 10:20:45 +02:00
Code Issues Releases Wiki Activity

Get CHAP login working again. Plus a bit of tidying up.

Browse Source
This commit is contained in:
SteveD
2012-12-20 22:51:38 +00:00
parent 94c9f41071
commit 4e6924e3a5
3 changed files with 429 additions and 419 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
e107_admin/prefs.php
View File

@@ -1467,8 +1467,8 @@ $text .= "
$text .= " $text .= "
<td>".PRFLAN_178."</td> <td>".PRFLAN_178."</td>
<td>".$frm->selectbox('password_CHAP',$CHAP_list,$pref['password_CHAP'] )." <td>".$frm->selectbox('password_CHAP',$CHAP_list,$pref['password_CHAP'] );
".$frm->select_open('password_CHAP'); //." ".$frm->select_open('password_CHAP');
//TODO - user tracking session name - visible only if Cookie is enabled (JS) //TODO - user tracking session name - visible only if Cookie is enabled (JS)

29
e107_handlers/login.php
View File

@@ -78,7 +78,7 @@ class userlogin
$username = trim($username); $username = trim($username);
$userpass = trim($userpass); $userpass = trim($userpass);
if($_E107['cli'] && ($username == "")) if($_E107['cli'] && ($username == ''))
{ {
return FALSE; return FALSE;
} }
@@ -111,7 +111,7 @@ class userlogin
{ {
if ($this->lookupUser($username, $forceLogin)) if ($this->lookupUser($username, $forceLogin))
{ {
if ($this->checkUserPassword($userpass, $response, $forceLogin) === TRUE) if ($this->checkUserPassword($username, $userpass, $response, $forceLogin) === TRUE)
{ {
$authorized = true; $authorized = true;
$result = LOGIN_CONTINUE; // Valid User exists in local DB $result = LOGIN_CONTINUE; // Valid User exists in local DB
@@ -131,7 +131,7 @@ class userlogin
{ {
if ($method != 'none') if ($method != 'none')
{ {
$auth_file = e_PLUGIN."alt_auth/".$method."_auth.php"; $auth_file = e_PLUGIN.'alt_auth/'.$method.'_auth.php';
if (file_exists($auth_file)) if (file_exists($auth_file))
{ {
require_once(e_PLUGIN.'alt_auth/alt_auth_login_class.php'); require_once(e_PLUGIN.'alt_auth/alt_auth_login_class.php');
@@ -165,7 +165,7 @@ class userlogin
$username = preg_replace("/\sOR\s|\=|\#/", "", $username); $username = preg_replace("/\sOR\s|\=|\#/", "", $username);
// Check secure image // Check secure image
if (!$forceLogin && $pref['logcode'] && extension_loaded("gd")) if (!$forceLogin && $pref['logcode'] && extension_loaded('gd'))
{ {
require_once(e_HANDLER."secure_img_handler.php"); require_once(e_HANDLER."secure_img_handler.php");
$sec_img = new secure_image; $sec_img = new secure_image;
@@ -183,7 +183,7 @@ class userlogin
} }
} }
if ($authorized !== true && $this->checkUserPassword($userpass, $response, $forceLogin) !== true) if ($authorized !== true && $this->checkUserPassword($username, $userpass, $response, $forceLogin) !== true)
{ {
return $this->invalidLogin($username,LOGIN_BAD_PW); return $this->invalidLogin($username,LOGIN_BAD_PW);
} }
@@ -359,6 +359,11 @@ class userlogin
return TRUE; return TRUE;
} }
/**
* Generate a DB query to look up a user, dependent on the various login options supported.
*/
public function getLookupQuery($username, $forceLogin, $dbAlias = '') public function getLookupQuery($username, $forceLogin, $dbAlias = '')
{ {
$pref = e107::getPref(); $pref = e107::getPref();
@@ -384,13 +389,15 @@ class userlogin
/** /**
* Checks user password againt preferences set etc * Checks user password againt preferences set etc
* Assumes that $this->userData array already set up * Assumes that $this->userData array already set up
*
* @param string $username - the user name string as entered (might not relate to the intended user at this stage)
* @param string $userpass - as entered * @param string $userpass - as entered
* @param string $response - received string if CHAP used * @param string $response - received string if CHAP used
* @param boolean $forceLogin - TRUE if login is being forced from clicking signup link; normally FALSE * @param boolean $forceLogin - TRUE if login is being forced from clicking signup link; normally FALSE
* @return TRUE if valid password * @return TRUE if valid password
* otherwise FALSE * otherwise FALSE
*/ */
protected function checkUserPassword($userpass, $response, $forceLogin) protected function checkUserPassword($username, $userpass, $response, $forceLogin)
{ {
$pref = e107::getPref(); $pref = e107::getPref();
@@ -408,7 +415,7 @@ class userlogin
} }
// FIXME - [SecretR] $username is not set and I really can't get the idea. // FIXME - [SecretR] $username is not set and I really can't get the idea.
$username = $this->userData['user_loginname']; // TODO for Steve - temporary fix, where $username comes from? //$username = $this->userData['user_loginname']; // TODO for Steve - temporary fix, where $username comes from?
// Now check password // Now check password
if ($forceLogin) if ($forceLogin)
@@ -421,9 +428,11 @@ class userlogin
else else
{ {
$session = e107::getSession(); $session = e107::getSession();
if ((($pref['password_CHAP'] > 0) && ($response && $session->is('challenge')) && ($response != $session->get('challenge'))) || ($pref['password_CHAP'] == 2)) $gotChallenge = $session->is('challenge');
//$aLogVal = "U: {$username}, P: ******, C: ".$session->get('challenge')." R:{$response} S: {$this->userData['user_password']} Prf: {$pref['password_CHAP']}/{$gotChallenge}";
if ((($pref['password_CHAP'] > 0) && ($response && $gotChallenge) && ($response != $session->get('challenge'))) || ($pref['password_CHAP'] == 2))
{ // Verify using CHAP { // Verify using CHAP
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","CHAP login","U: {$username}, P: {$userpass}, C: ".$session->get('challenge')." R:{$response} S: {$this->userData['user_password']}",FALSE,LOG_TO_ROLLING); //$this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","CHAP login",$aLogVal, FALSE, LOG_TO_ROLLING);
if (($pass_result = $this->userMethods->CheckCHAP($session->get('challenge'), $response, $username, $requiredPassword)) === PASSWORD_INVALID) if (($pass_result = $this->userMethods->CheckCHAP($session->get('challenge'), $response, $username, $requiredPassword)) === PASSWORD_INVALID)
{ {
return $this->invalidLogin($username,LOGIN_CHAP_FAIL); return $this->invalidLogin($username,LOGIN_CHAP_FAIL);
@@ -432,7 +441,7 @@ class userlogin
else else
{ {
// Plaintext password // Plaintext password
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Plaintext login","U: {$username}, P: {$userpass}, C: ".$session->get('challenge')." R:{$response} S: {$this->userData['user_password']}",FALSE,LOG_TO_ROLLING); //$this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Plaintext login",$aLogVal, FALSE,LOG_TO_ROLLING);
if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID) if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID)
{ {
return $this->invalidLogin($username,LOGIN_BAD_PW); return $this->invalidLogin($username,LOGIN_BAD_PW);

815
e107_web/js/chap_script.js
View File

@@ -1,408 +1,409 @@
<!-- <!--
/* /*
JS for logon. JS for logon.
*/ */
var challenge; var challenge;
function getChallenge() function getChallenge()
{ {
temp = document.getElementById('hashchallenge'); temp = document.getElementById('hashchallenge');
if (temp) if (temp)
{ {
challenge = temp.value; challenge = temp.value;
temp.value = ''; temp.value = '';
} }
} }
// Called on form submit entered into password field // Called on form submit entered into password field
// Passed current form // Passed current form
function hashLoginPassword(doForm) function hashLoginPassword(doForm)
{ {
if (typeof(hex_md5) == "undefined") return; getChallenge();
if (typeof(challenge) == "undefined") return; if (typeof(hex_md5) == "undefined") return;
if (typeof(challenge) == "undefined") return;
doForm.hashchallenge.value = hex_md5(hex_md5(hex_md5(doForm.userpass.value) + doForm.username.value) + challenge);
doForm.userpass.value = ""; // Don't send plaintext password back doForm.hashchallenge.value = hex_md5(hex_md5(hex_md5(doForm.userpass.value) + doForm.username.value) + challenge);
return true; doForm.userpass.value = ""; // Don't send plaintext password back
} return true;
}
/*
* A JavaScript implementation of the RSA Data Security, Inc. MD5 Message /*
* Digest Algorithm, as defined in RFC 1321. * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
* Version 2.2-alpha Copyright (C) Paul Johnston 1999 - 2005 * Digest Algorithm, as defined in RFC 1321.
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet * Version 2.2-alpha Copyright (C) Paul Johnston 1999 - 2005
* Distributed under the BSD License * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
* See http://pajhome.org.uk/crypt/md5 for more info. * Distributed under the BSD License
*/ * See http://pajhome.org.uk/crypt/md5 for more info.
*/
/*
* Configurable variables. You may need to tweak these to be compatible with /*
* the server-side, but the defaults work in most cases. * Configurable variables. You may need to tweak these to be compatible with
*/ * the server-side, but the defaults work in most cases.
var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ */
var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */ var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */
/*
* These are the functions you'll usually want to call /*
* They take string arguments and return either hex or base-64 encoded strings * These are the functions you'll usually want to call
*/ * They take string arguments and return either hex or base-64 encoded strings
function hex_md5(s) { return rstr2hex(rstr_md5(str2rstr_utf8(s))); } */
function b64_md5(s) { return rstr2b64(rstr_md5(str2rstr_utf8(s))); } function hex_md5(s) { return rstr2hex(rstr_md5(str2rstr_utf8(s))); }
function any_md5(s, e) { return rstr2any(rstr_md5(str2rstr_utf8(s)), e); } function b64_md5(s) { return rstr2b64(rstr_md5(str2rstr_utf8(s))); }
function hex_hmac_md5(k, d) function any_md5(s, e) { return rstr2any(rstr_md5(str2rstr_utf8(s)), e); }
{ return rstr2hex(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d))); } function hex_hmac_md5(k, d)
function b64_hmac_md5(k, d) { return rstr2hex(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d))); }
{ return rstr2b64(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d))); } function b64_hmac_md5(k, d)
function any_hmac_md5(k, d, e) { return rstr2b64(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d))); }
{ return rstr2any(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d)), e); } function any_hmac_md5(k, d, e)
{ return rstr2any(rstr_hmac_md5(str2rstr_utf8(k), str2rstr_utf8(d)), e); }
/*
* Perform a simple self-test to see if the VM is working /*
*/ * Perform a simple self-test to see if the VM is working
function md5_vm_test() */
{ function md5_vm_test()
return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72"; {
} return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72";
}
/*
* Calculate the MD5 of a raw string /*
*/ * Calculate the MD5 of a raw string
function rstr_md5(s) */
{ function rstr_md5(s)
return binl2rstr(binl_md5(rstr2binl(s), s.length * 8)); {
} return binl2rstr(binl_md5(rstr2binl(s), s.length * 8));
}
/*
* Calculate the HMAC-MD5, of a key and some data (raw strings) /*
*/ * Calculate the HMAC-MD5, of a key and some data (raw strings)
function rstr_hmac_md5(key, data) */
{ function rstr_hmac_md5(key, data)
var bkey = rstr2binl(key); {
if(bkey.length > 16) bkey = binl_md5(bkey, key.length * 8); var bkey = rstr2binl(key);
if(bkey.length > 16) bkey = binl_md5(bkey, key.length * 8);
var ipad = Array(16), opad = Array(16);
for(var i = 0; i < 16; i++) var ipad = Array(16), opad = Array(16);
{ for(var i = 0; i < 16; i++)
ipad[i] = bkey[i] ^ 0x36363636; {
opad[i] = bkey[i] ^ 0x5C5C5C5C; ipad[i] = bkey[i] ^ 0x36363636;
} opad[i] = bkey[i] ^ 0x5C5C5C5C;
}
var hash = binl_md5(ipad.concat(rstr2binl(data)), 512 + data.length * 8);
return binl2rstr(binl_md5(opad.concat(hash), 512 + 128)); var hash = binl_md5(ipad.concat(rstr2binl(data)), 512 + data.length * 8);
} return binl2rstr(binl_md5(opad.concat(hash), 512 + 128));
}
/*
* Convert a raw string to a hex string /*
*/ * Convert a raw string to a hex string
function rstr2hex(input) */
{ function rstr2hex(input)
var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; {
var output = ""; var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
var x; var output = "";
for(var i = 0; i < input.length; i++) var x;
{ for(var i = 0; i < input.length; i++)
x = input.charCodeAt(i); {
output += hex_tab.charAt((x >>> 4) & 0x0F) x = input.charCodeAt(i);
+ hex_tab.charAt( x & 0x0F); output += hex_tab.charAt((x >>> 4) & 0x0F)
} + hex_tab.charAt( x & 0x0F);
return output; }
} return output;
}
/*
* Convert a raw string to a base-64 string /*
*/ * Convert a raw string to a base-64 string
function rstr2b64(input) */
{ function rstr2b64(input)
var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; {
var output = ""; var tab = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
var len = input.length; var output = "";
for(var i = 0; i < len; i += 3) var len = input.length;
{ for(var i = 0; i < len; i += 3)
var triplet = (input.charCodeAt(i) << 16) {
| (i + 1 < len ? input.charCodeAt(i+1) << 8 : 0) var triplet = (input.charCodeAt(i) << 16)
| (i + 2 < len ? input.charCodeAt(i+2) : 0); | (i + 1 < len ? input.charCodeAt(i+1) << 8 : 0)
for(var j = 0; j < 4; j++) | (i + 2 < len ? input.charCodeAt(i+2) : 0);
{ for(var j = 0; j < 4; j++)
if(i * 8 + j * 6 > input.length * 8) output += b64pad; {
else output += tab.charAt((triplet >>> 6*(3-j)) & 0x3F); if(i * 8 + j * 6 > input.length * 8) output += b64pad;
} else output += tab.charAt((triplet >>> 6*(3-j)) & 0x3F);
} }
return output; }
} return output;
}
/*
* Convert a raw string to an arbitrary string encoding /*
*/ * Convert a raw string to an arbitrary string encoding
function rstr2any(input, encoding) */
{ function rstr2any(input, encoding)
var divisor = encoding.length; {
var i, j, q, x, quotient; var divisor = encoding.length;
var i, j, q, x, quotient;
/* Convert to an array of 16-bit big-endian values, forming the dividend */
var dividend = Array(Math.ceil(input.length / 2)); /* Convert to an array of 16-bit big-endian values, forming the dividend */
for(i = 0; i < dividend.length; i++) var dividend = Array(Math.ceil(input.length / 2));
{ for(i = 0; i < dividend.length; i++)
dividend[i] = (input.charCodeAt(i * 2) << 8) | input.charCodeAt(i * 2 + 1); {
} dividend[i] = (input.charCodeAt(i * 2) << 8) | input.charCodeAt(i * 2 + 1);
}
/*
* Repeatedly perform a long division. The binary array forms the dividend, /*
* the length of the encoding is the divisor. Once computed, the quotient * Repeatedly perform a long division. The binary array forms the dividend,
* forms the dividend for the next step. All remainders are stored for later * the length of the encoding is the divisor. Once computed, the quotient
* use. * forms the dividend for the next step. All remainders are stored for later
*/ * use.
var full_length = Math.ceil(input.length * 8 / */
(Math.log(encoding.length) / Math.log(2))); var full_length = Math.ceil(input.length * 8 /
var remainders = Array(full_length); (Math.log(encoding.length) / Math.log(2)));
for(j = 0; j < full_length; j++) var remainders = Array(full_length);
{ for(j = 0; j < full_length; j++)
quotient = Array(); {
x = 0; quotient = Array();
for(i = 0; i < dividend.length; i++) x = 0;
{ for(i = 0; i < dividend.length; i++)
x = (x << 16) + dividend[i]; {
q = Math.floor(x / divisor); x = (x << 16) + dividend[i];
x -= q * divisor; q = Math.floor(x / divisor);
if(quotient.length > 0 || q > 0) x -= q * divisor;
quotient[quotient.length] = q; if(quotient.length > 0 || q > 0)
} quotient[quotient.length] = q;
remainders[j] = x; }
dividend = quotient; remainders[j] = x;
} dividend = quotient;
}
/* Convert the remainders to the output string */
var output = ""; /* Convert the remainders to the output string */
for(i = remainders.length - 1; i >= 0; i--) var output = "";
output += encoding.charAt(remainders[i]); for(i = remainders.length - 1; i >= 0; i--)
output += encoding.charAt(remainders[i]);
return output;
} return output;
}
/*
* Encode a string as utf-8. /*
* For efficiency, this assumes the input is valid utf-16. * Encode a string as utf-8.
*/ * For efficiency, this assumes the input is valid utf-16.
function str2rstr_utf8(input) */
{ function str2rstr_utf8(input)
var output = ""; {
var i = -1; var output = "";
var x, y; var i = -1;
var x, y;
while(++i < input.length)
{ while(++i < input.length)
/* Decode utf-16 surrogate pairs */ {
x = input.charCodeAt(i); /* Decode utf-16 surrogate pairs */
y = i + 1 < input.length ? input.charCodeAt(i + 1) : 0; x = input.charCodeAt(i);
if(0xD800 <= x && x <= 0xDBFF && 0xDC00 <= y && y <= 0xDFFF) y = i + 1 < input.length ? input.charCodeAt(i + 1) : 0;
{ if(0xD800 <= x && x <= 0xDBFF && 0xDC00 <= y && y <= 0xDFFF)
x = 0x10000 + ((x & 0x03FF) << 10) + (y & 0x03FF); {
i++; x = 0x10000 + ((x & 0x03FF) << 10) + (y & 0x03FF);
} i++;
}
/* Encode output as utf-8 */
if(x <= 0x7F) /* Encode output as utf-8 */
output += String.fromCharCode(x); if(x <= 0x7F)
else if(x <= 0x7FF) output += String.fromCharCode(x);
output += String.fromCharCode(0xC0 | ((x >>> 6 ) & 0x1F), else if(x <= 0x7FF)
0x80 | ( x & 0x3F)); output += String.fromCharCode(0xC0 | ((x >>> 6 ) & 0x1F),
else if(x <= 0xFFFF) 0x80 | ( x & 0x3F));
output += String.fromCharCode(0xE0 | ((x >>> 12) & 0x0F), else if(x <= 0xFFFF)
0x80 | ((x >>> 6 ) & 0x3F), output += String.fromCharCode(0xE0 | ((x >>> 12) & 0x0F),
0x80 | ( x & 0x3F)); 0x80 | ((x >>> 6 ) & 0x3F),
else if(x <= 0x1FFFFF) 0x80 | ( x & 0x3F));
output += String.fromCharCode(0xF0 | ((x >>> 18) & 0x07), else if(x <= 0x1FFFFF)
0x80 | ((x >>> 12) & 0x3F), output += String.fromCharCode(0xF0 | ((x >>> 18) & 0x07),
0x80 | ((x >>> 6 ) & 0x3F), 0x80 | ((x >>> 12) & 0x3F),
0x80 | ( x & 0x3F)); 0x80 | ((x >>> 6 ) & 0x3F),
} 0x80 | ( x & 0x3F));
return output; }
} return output;
}
/*
* Encode a string as utf-16 /*
*/ * Encode a string as utf-16
function str2rstr_utf16le(input) */
{ function str2rstr_utf16le(input)
var output = ""; {
for(var i = 0; i < input.length; i++) var output = "";
output += String.fromCharCode( input.charCodeAt(i) & 0xFF, for(var i = 0; i < input.length; i++)
(input.charCodeAt(i) >>> 8) & 0xFF); output += String.fromCharCode( input.charCodeAt(i) & 0xFF,
return output; (input.charCodeAt(i) >>> 8) & 0xFF);
} return output;
}
function str2rstr_utf16be(input)
{ function str2rstr_utf16be(input)
var output = ""; {
for(var i = 0; i < input.length; i++) var output = "";
output += String.fromCharCode((input.charCodeAt(i) >>> 8) & 0xFF, for(var i = 0; i < input.length; i++)
input.charCodeAt(i) & 0xFF); output += String.fromCharCode((input.charCodeAt(i) >>> 8) & 0xFF,
return output; input.charCodeAt(i) & 0xFF);
} return output;
}
/*
* Convert a raw string to an array of little-endian words /*
* Characters >255 have their high-byte silently ignored. * Convert a raw string to an array of little-endian words
*/ * Characters >255 have their high-byte silently ignored.
function rstr2binl(input) */
{ function rstr2binl(input)
var output = Array(input.length >> 2); {
for(var i = 0; i < output.length; i++) var output = Array(input.length >> 2);
output[i] = 0; for(var i = 0; i < output.length; i++)
for(var i = 0; i < input.length * 8; i += 8) output[i] = 0;
output[i>>5] |= (input.charCodeAt(i / 8) & 0xFF) << (i%32); for(var i = 0; i < input.length * 8; i += 8)
return output; output[i>>5] |= (input.charCodeAt(i / 8) & 0xFF) << (i%32);
} return output;
}
/*
* Convert an array of little-endian words to a string /*
*/ * Convert an array of little-endian words to a string
function binl2rstr(input) */
{ function binl2rstr(input)
var output = ""; {
for(var i = 0; i < input.length * 32; i += 8) var output = "";
output += String.fromCharCode((input[i>>5] >>> (i % 32)) & 0xFF); for(var i = 0; i < input.length * 32; i += 8)
return output; output += String.fromCharCode((input[i>>5] >>> (i % 32)) & 0xFF);
} return output;
}
/*
* Calculate the MD5 of an array of little-endian words, and a bit length. /*
*/ * Calculate the MD5 of an array of little-endian words, and a bit length.
function binl_md5(x, len) */
{ function binl_md5(x, len)
/* append padding */ {
x[len >> 5] |= 0x80 << ((len) % 32); /* append padding */
x[(((len + 64) >>> 9) << 4) + 14] = len; x[len >> 5] |= 0x80 << ((len) % 32);
x[(((len + 64) >>> 9) << 4) + 14] = len;
var a = 1732584193;
var b = -271733879; var a = 1732584193;
var c = -1732584194; var b = -271733879;
var d = 271733878; var c = -1732584194;
var d = 271733878;
for(var i = 0; i < x.length; i += 16)
{ for(var i = 0; i < x.length; i += 16)
var olda = a; {
var oldb = b; var olda = a;
var oldc = c; var oldb = b;
var oldd = d; var oldc = c;
var oldd = d;
a = md5_ff(a, b, c, d, x[i+ 0], 7 , -680876936);
d = md5_ff(d, a, b, c, x[i+ 1], 12, -389564586); a = md5_ff(a, b, c, d, x[i+ 0], 7 , -680876936);
c = md5_ff(c, d, a, b, x[i+ 2], 17, 606105819); d = md5_ff(d, a, b, c, x[i+ 1], 12, -389564586);
b = md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330); c = md5_ff(c, d, a, b, x[i+ 2], 17, 606105819);
a = md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897); b = md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330);
d = md5_ff(d, a, b, c, x[i+ 5], 12, 1200080426); a = md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897);
c = md5_ff(c, d, a, b, x[i+ 6], 17, -1473231341); d = md5_ff(d, a, b, c, x[i+ 5], 12, 1200080426);
b = md5_ff(b, c, d, a, x[i+ 7], 22, -45705983); c = md5_ff(c, d, a, b, x[i+ 6], 17, -1473231341);
a = md5_ff(a, b, c, d, x[i+ 8], 7 , 1770035416); b = md5_ff(b, c, d, a, x[i+ 7], 22, -45705983);
d = md5_ff(d, a, b, c, x[i+ 9], 12, -1958414417); a = md5_ff(a, b, c, d, x[i+ 8], 7 , 1770035416);
c = md5_ff(c, d, a, b, x[i+10], 17, -42063); d = md5_ff(d, a, b, c, x[i+ 9], 12, -1958414417);
b = md5_ff(b, c, d, a, x[i+11], 22, -1990404162); c = md5_ff(c, d, a, b, x[i+10], 17, -42063);
a = md5_ff(a, b, c, d, x[i+12], 7 , 1804603682); b = md5_ff(b, c, d, a, x[i+11], 22, -1990404162);
d = md5_ff(d, a, b, c, x[i+13], 12, -40341101); a = md5_ff(a, b, c, d, x[i+12], 7 , 1804603682);
c = md5_ff(c, d, a, b, x[i+14], 17, -1502002290); d = md5_ff(d, a, b, c, x[i+13], 12, -40341101);
b = md5_ff(b, c, d, a, x[i+15], 22, 1236535329); c = md5_ff(c, d, a, b, x[i+14], 17, -1502002290);
b = md5_ff(b, c, d, a, x[i+15], 22, 1236535329);
a = md5_gg(a, b, c, d, x[i+ 1], 5 , -165796510);
d = md5_gg(d, a, b, c, x[i+ 6], 9 , -1069501632); a = md5_gg(a, b, c, d, x[i+ 1], 5 , -165796510);
c = md5_gg(c, d, a, b, x[i+11], 14, 643717713); d = md5_gg(d, a, b, c, x[i+ 6], 9 , -1069501632);
b = md5_gg(b, c, d, a, x[i+ 0], 20, -373897302); c = md5_gg(c, d, a, b, x[i+11], 14, 643717713);
a = md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691); b = md5_gg(b, c, d, a, x[i+ 0], 20, -373897302);
d = md5_gg(d, a, b, c, x[i+10], 9 , 38016083); a = md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691);
c = md5_gg(c, d, a, b, x[i+15], 14, -660478335); d = md5_gg(d, a, b, c, x[i+10], 9 , 38016083);
b = md5_gg(b, c, d, a, x[i+ 4], 20, -405537848); c = md5_gg(c, d, a, b, x[i+15], 14, -660478335);
a = md5_gg(a, b, c, d, x[i+ 9], 5 , 568446438); b = md5_gg(b, c, d, a, x[i+ 4], 20, -405537848);
d = md5_gg(d, a, b, c, x[i+14], 9 , -1019803690); a = md5_gg(a, b, c, d, x[i+ 9], 5 , 568446438);
c = md5_gg(c, d, a, b, x[i+ 3], 14, -187363961); d = md5_gg(d, a, b, c, x[i+14], 9 , -1019803690);
b = md5_gg(b, c, d, a, x[i+ 8], 20, 1163531501); c = md5_gg(c, d, a, b, x[i+ 3], 14, -187363961);
a = md5_gg(a, b, c, d, x[i+13], 5 , -1444681467); b = md5_gg(b, c, d, a, x[i+ 8], 20, 1163531501);
d = md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784); a = md5_gg(a, b, c, d, x[i+13], 5 , -1444681467);
c = md5_gg(c, d, a, b, x[i+ 7], 14, 1735328473); d = md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784);
b = md5_gg(b, c, d, a, x[i+12], 20, -1926607734); c = md5_gg(c, d, a, b, x[i+ 7], 14, 1735328473);
b = md5_gg(b, c, d, a, x[i+12], 20, -1926607734);
a = md5_hh(a, b, c, d, x[i+ 5], 4 , -378558);
d = md5_hh(d, a, b, c, x[i+ 8], 11, -2022574463); a = md5_hh(a, b, c, d, x[i+ 5], 4 , -378558);
c = md5_hh(c, d, a, b, x[i+11], 16, 1839030562); d = md5_hh(d, a, b, c, x[i+ 8], 11, -2022574463);
b = md5_hh(b, c, d, a, x[i+14], 23, -35309556); c = md5_hh(c, d, a, b, x[i+11], 16, 1839030562);
a = md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060); b = md5_hh(b, c, d, a, x[i+14], 23, -35309556);
d = md5_hh(d, a, b, c, x[i+ 4], 11, 1272893353); a = md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060);
c = md5_hh(c, d, a, b, x[i+ 7], 16, -155497632); d = md5_hh(d, a, b, c, x[i+ 4], 11, 1272893353);
b = md5_hh(b, c, d, a, x[i+10], 23, -1094730640); c = md5_hh(c, d, a, b, x[i+ 7], 16, -155497632);
a = md5_hh(a, b, c, d, x[i+13], 4 , 681279174); b = md5_hh(b, c, d, a, x[i+10], 23, -1094730640);
d = md5_hh(d, a, b, c, x[i+ 0], 11, -358537222); a = md5_hh(a, b, c, d, x[i+13], 4 , 681279174);
c = md5_hh(c, d, a, b, x[i+ 3], 16, -722521979); d = md5_hh(d, a, b, c, x[i+ 0], 11, -358537222);
b = md5_hh(b, c, d, a, x[i+ 6], 23, 76029189); c = md5_hh(c, d, a, b, x[i+ 3], 16, -722521979);
a = md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487); b = md5_hh(b, c, d, a, x[i+ 6], 23, 76029189);
d = md5_hh(d, a, b, c, x[i+12], 11, -421815835); a = md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487);
c = md5_hh(c, d, a, b, x[i+15], 16, 530742520); d = md5_hh(d, a, b, c, x[i+12], 11, -421815835);
b = md5_hh(b, c, d, a, x[i+ 2], 23, -995338651); c = md5_hh(c, d, a, b, x[i+15], 16, 530742520);
b = md5_hh(b, c, d, a, x[i+ 2], 23, -995338651);
a = md5_ii(a, b, c, d, x[i+ 0], 6 , -198630844);
d = md5_ii(d, a, b, c, x[i+ 7], 10, 1126891415); a = md5_ii(a, b, c, d, x[i+ 0], 6 , -198630844);
c = md5_ii(c, d, a, b, x[i+14], 15, -1416354905); d = md5_ii(d, a, b, c, x[i+ 7], 10, 1126891415);
b = md5_ii(b, c, d, a, x[i+ 5], 21, -57434055); c = md5_ii(c, d, a, b, x[i+14], 15, -1416354905);
a = md5_ii(a, b, c, d, x[i+12], 6 , 1700485571); b = md5_ii(b, c, d, a, x[i+ 5], 21, -57434055);
d = md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606); a = md5_ii(a, b, c, d, x[i+12], 6 , 1700485571);
c = md5_ii(c, d, a, b, x[i+10], 15, -1051523); d = md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606);
b = md5_ii(b, c, d, a, x[i+ 1], 21, -2054922799); c = md5_ii(c, d, a, b, x[i+10], 15, -1051523);
a = md5_ii(a, b, c, d, x[i+ 8], 6 , 1873313359); b = md5_ii(b, c, d, a, x[i+ 1], 21, -2054922799);
d = md5_ii(d, a, b, c, x[i+15], 10, -30611744); a = md5_ii(a, b, c, d, x[i+ 8], 6 , 1873313359);
c = md5_ii(c, d, a, b, x[i+ 6], 15, -1560198380); d = md5_ii(d, a, b, c, x[i+15], 10, -30611744);
b = md5_ii(b, c, d, a, x[i+13], 21, 1309151649); c = md5_ii(c, d, a, b, x[i+ 6], 15, -1560198380);
a = md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070); b = md5_ii(b, c, d, a, x[i+13], 21, 1309151649);
d = md5_ii(d, a, b, c, x[i+11], 10, -1120210379); a = md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070);
c = md5_ii(c, d, a, b, x[i+ 2], 15, 718787259); d = md5_ii(d, a, b, c, x[i+11], 10, -1120210379);
b = md5_ii(b, c, d, a, x[i+ 9], 21, -343485551); c = md5_ii(c, d, a, b, x[i+ 2], 15, 718787259);
b = md5_ii(b, c, d, a, x[i+ 9], 21, -343485551);
a = safe_add(a, olda);
b = safe_add(b, oldb); a = safe_add(a, olda);
c = safe_add(c, oldc); b = safe_add(b, oldb);
d = safe_add(d, oldd); c = safe_add(c, oldc);
} d = safe_add(d, oldd);
return Array(a, b, c, d); }
} return Array(a, b, c, d);
}
/*
* These functions implement the four basic operations the algorithm uses. /*
*/ * These functions implement the four basic operations the algorithm uses.
function md5_cmn(q, a, b, x, s, t) */
{ function md5_cmn(q, a, b, x, s, t)
return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s),b); {
} return safe_add(bit_rol(safe_add(safe_add(a, q), safe_add(x, t)), s),b);
function md5_ff(a, b, c, d, x, s, t) }
{ function md5_ff(a, b, c, d, x, s, t)
return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t); {
} return md5_cmn((b & c) | ((~b) & d), a, b, x, s, t);
function md5_gg(a, b, c, d, x, s, t) }
{ function md5_gg(a, b, c, d, x, s, t)
return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t); {
} return md5_cmn((b & d) | (c & (~d)), a, b, x, s, t);
function md5_hh(a, b, c, d, x, s, t) }
{ function md5_hh(a, b, c, d, x, s, t)
return md5_cmn(b ^ c ^ d, a, b, x, s, t); {
} return md5_cmn(b ^ c ^ d, a, b, x, s, t);
function md5_ii(a, b, c, d, x, s, t) }
{ function md5_ii(a, b, c, d, x, s, t)
return md5_cmn(c ^ (b | (~d)), a, b, x, s, t); {
} return md5_cmn(c ^ (b | (~d)), a, b, x, s, t);
}
/*
* Add integers, wrapping at 2^32. This uses 16-bit operations internally /*
* to work around bugs in some JS interpreters. * Add integers, wrapping at 2^32. This uses 16-bit operations internally
*/ * to work around bugs in some JS interpreters.
function safe_add(x, y) */
{ function safe_add(x, y)
var lsw = (x & 0xFFFF) + (y & 0xFFFF); {
var msw = (x >> 16) + (y >> 16) + (lsw >> 16); var lsw = (x & 0xFFFF) + (y & 0xFFFF);
return (msw << 16) | (lsw & 0xFFFF); var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
} return (msw << 16) | (lsw & 0xFFFF);
}
/*
* Bitwise rotate a 32-bit number to the left. /*
*/ * Bitwise rotate a 32-bit number to the left.
function bit_rol(num, cnt) */
{ function bit_rol(num, cnt)
return (num << cnt) | (num >>> (32 - cnt)); {
} return (num << cnt) | (num >>> (32 - cnt));
}
//--> //-->