[821] | 1 | /* vi: set sw=4 ts=4: */
|
---|
| 2 | /*
|
---|
[2725] | 3 | * Utility routines.
|
---|
[821] | 4 | *
|
---|
| 5 | * Copyright (C) 1999-2004 by Erik Andersen <andersen@codepoet.org>
|
---|
| 6 | *
|
---|
[2725] | 7 | * Licensed under GPLv2 or later, see file LICENSE in this source tree.
|
---|
[821] | 8 | */
|
---|
| 9 |
|
---|
| 10 | #include "libbb.h"
|
---|
| 11 |
|
---|
[2725] | 12 | /* static const uint8_t ascii64[] =
|
---|
| 13 | * "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
|
---|
| 14 | */
|
---|
| 15 |
|
---|
| 16 | static int i64c(int i)
|
---|
[821] | 17 | {
|
---|
[2725] | 18 | i &= 0x3f;
|
---|
| 19 | if (i == 0)
|
---|
| 20 | return '.';
|
---|
| 21 | if (i == 1)
|
---|
| 22 | return '/';
|
---|
| 23 | if (i < 12)
|
---|
| 24 | return ('0' - 2 + i);
|
---|
| 25 | if (i < 38)
|
---|
| 26 | return ('A' - 12 + i);
|
---|
| 27 | return ('a' - 38 + i);
|
---|
| 28 | }
|
---|
[821] | 29 |
|
---|
[3232] | 30 | int FAST_FUNC crypt_make_salt(char *p, int cnt /*, int x */)
|
---|
[2725] | 31 | {
|
---|
[3232] | 32 | /* was: x += ... */
|
---|
| 33 | int x = getpid() + monotonic_us();
|
---|
[2725] | 34 | do {
|
---|
| 35 | /* x = (x*1664525 + 1013904223) % 2^32 generator is lame
|
---|
| 36 | * (low-order bit is not "random", etc...),
|
---|
| 37 | * but for our purposes it is good enough */
|
---|
| 38 | x = x*1664525 + 1013904223;
|
---|
| 39 | /* BTW, Park and Miller's "minimal standard generator" is
|
---|
| 40 | * x = x*16807 % ((2^31)-1)
|
---|
| 41 | * It has no problem with visibly alternating lowest bit
|
---|
| 42 | * but is also weak in cryptographic sense + needs div,
|
---|
| 43 | * which needs more code (and slower) on many CPUs */
|
---|
| 44 | *p++ = i64c(x >> 16);
|
---|
| 45 | *p++ = i64c(x >> 22);
|
---|
| 46 | } while (--cnt);
|
---|
| 47 | *p = '\0';
|
---|
| 48 | return x;
|
---|
| 49 | }
|
---|
| 50 |
|
---|
[3232] | 51 | char* FAST_FUNC crypt_make_pw_salt(char salt[MAX_PW_SALT_LEN], const char *algo)
|
---|
| 52 | {
|
---|
| 53 | int len = 2/2;
|
---|
| 54 | char *salt_ptr = salt;
|
---|
| 55 | if (algo[0] != 'd') { /* not des */
|
---|
| 56 | len = 8/2; /* so far assuming md5 */
|
---|
| 57 | *salt_ptr++ = '$';
|
---|
| 58 | *salt_ptr++ = '1';
|
---|
| 59 | *salt_ptr++ = '$';
|
---|
| 60 | #if !ENABLE_USE_BB_CRYPT || ENABLE_USE_BB_CRYPT_SHA
|
---|
| 61 | if (algo[0] == 's') { /* sha */
|
---|
| 62 | salt[1] = '5' + (strcmp(algo, "sha512") == 0);
|
---|
| 63 | len = 16/2;
|
---|
| 64 | }
|
---|
| 65 | #endif
|
---|
| 66 | }
|
---|
| 67 | crypt_make_salt(salt_ptr, len);
|
---|
| 68 | return salt_ptr;
|
---|
| 69 | }
|
---|
| 70 |
|
---|
[2725] | 71 | #if ENABLE_USE_BB_CRYPT
|
---|
| 72 |
|
---|
| 73 | static char*
|
---|
| 74 | to64(char *s, unsigned v, int n)
|
---|
| 75 | {
|
---|
| 76 | while (--n >= 0) {
|
---|
| 77 | /* *s++ = ascii64[v & 0x3f]; */
|
---|
| 78 | *s++ = i64c(v);
|
---|
| 79 | v >>= 6;
|
---|
[821] | 80 | }
|
---|
[2725] | 81 | return s;
|
---|
| 82 | }
|
---|
| 83 |
|
---|
| 84 | /*
|
---|
| 85 | * DES and MD5 crypt implementations are taken from uclibc.
|
---|
| 86 | * They were modified to not use static buffers.
|
---|
| 87 | */
|
---|
| 88 |
|
---|
| 89 | #include "pw_encrypt_des.c"
|
---|
| 90 | #include "pw_encrypt_md5.c"
|
---|
| 91 | #if ENABLE_USE_BB_CRYPT_SHA
|
---|
| 92 | #include "pw_encrypt_sha.c"
|
---|
[821] | 93 | #endif
|
---|
[1765] | 94 |
|
---|
[2725] | 95 | /* Other advanced crypt ids (TODO?): */
|
---|
| 96 | /* $2$ or $2a$: Blowfish */
|
---|
| 97 |
|
---|
| 98 | static struct const_des_ctx *des_cctx;
|
---|
| 99 | static struct des_ctx *des_ctx;
|
---|
| 100 |
|
---|
| 101 | /* my_crypt returns malloc'ed data */
|
---|
| 102 | static char *my_crypt(const char *key, const char *salt)
|
---|
| 103 | {
|
---|
| 104 | /* MD5 or SHA? */
|
---|
| 105 | if (salt[0] == '$' && salt[1] && salt[2] == '$') {
|
---|
| 106 | if (salt[1] == '1')
|
---|
| 107 | return md5_crypt(xzalloc(MD5_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt);
|
---|
| 108 | #if ENABLE_USE_BB_CRYPT_SHA
|
---|
| 109 | if (salt[1] == '5' || salt[1] == '6')
|
---|
| 110 | return sha_crypt((char*)key, (char*)salt);
|
---|
| 111 | #endif
|
---|
| 112 | }
|
---|
| 113 |
|
---|
| 114 | if (!des_cctx)
|
---|
| 115 | des_cctx = const_des_init();
|
---|
| 116 | des_ctx = des_init(des_ctx, des_cctx);
|
---|
| 117 | return des_crypt(des_ctx, xzalloc(DES_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt);
|
---|
[821] | 118 | }
|
---|
[2725] | 119 |
|
---|
| 120 | /* So far nobody wants to have it public */
|
---|
| 121 | static void my_crypt_cleanup(void)
|
---|
| 122 | {
|
---|
| 123 | free(des_cctx);
|
---|
| 124 | free(des_ctx);
|
---|
| 125 | des_cctx = NULL;
|
---|
| 126 | des_ctx = NULL;
|
---|
| 127 | }
|
---|
| 128 |
|
---|
| 129 | char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup)
|
---|
| 130 | {
|
---|
| 131 | char *encrypted;
|
---|
| 132 |
|
---|
| 133 | encrypted = my_crypt(clear, salt);
|
---|
| 134 |
|
---|
| 135 | if (cleanup)
|
---|
| 136 | my_crypt_cleanup();
|
---|
| 137 |
|
---|
| 138 | return encrypted;
|
---|
| 139 | }
|
---|
| 140 |
|
---|
| 141 | #else /* if !ENABLE_USE_BB_CRYPT */
|
---|
| 142 |
|
---|
| 143 | char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup)
|
---|
| 144 | {
|
---|
| 145 | return xstrdup(crypt(clear, salt));
|
---|
| 146 | }
|
---|
| 147 |
|
---|
| 148 | #endif
|
---|