Changeset 2725 in MondoRescue for branches/2.2.9/mindi-busybox/libbb/pw_encrypt.c

Timestamp:

Feb 25, 2011, 9:26:54 PM (13 years ago)

Author:

Bruno Cornec

Message:

• Update mindi-busybox to 1.18.3 to avoid problems with the tar command which is now failing on recent versions with busybox 1.7.3

File:

• branches/2.2.9/mindi-busybox/libbb/pw_encrypt.c (modified) (1 diff)

branches/2.2.9/mindi-busybox/libbb/pw_encrypt.c

@@ -1 +1 @@
 /* vi: set sw=4 ts=4: */
 /*
- * Utility routine.
+ * Utility routines.
  *
  * Copyright (C) 1999-2004 by Erik Andersen <andersen@codepoet.org>
  *
- * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ * Licensed under GPLv2 or later, see file LICENSE in this source tree.
  */
 
 #include "libbb.h"
-#include <crypt.h>
 
-char *pw_encrypt(const char *clear, const char *salt)
+/* static const uint8_t ascii64[] =
+ * "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+ */
+
+static int i64c(int i)
 {
-    /* Was static char[BIGNUM]. Malloced thing works as well */
-    static char *cipher;
+    i &= 0x3f;
+    if (i == 0)
+        return '.';
+    if (i == 1)
+        return '/';
+    if (i < 12)
+        return ('0' - 2 + i);
+    if (i < 38)
+        return ('A' - 12 + i);
+    return ('a' - 38 + i);
+}
 
-#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */
-    if (strncmp(salt, "$2$", 3) == 0) {
-        return sha1_crypt(clear);
+int FAST_FUNC crypt_make_salt(char *p, int cnt, int x)
+{
+    x += getpid() + time(NULL);
+    do {
+        /* x = (x*1664525 + 1013904223) % 2^32 generator is lame
+         * (low-order bit is not "random", etc...),
+         * but for our purposes it is good enough */
+        x = x*1664525 + 1013904223;
+        /* BTW, Park and Miller's "minimal standard generator" is
+         * x = x*16807 % ((2^31)-1)
+         * It has no problem with visibly alternating lowest bit
+         * but is also weak in cryptographic sense + needs div,
+         * which needs more code (and slower) on many CPUs */
+        *p++ = i64c(x >> 16);
+        *p++ = i64c(x >> 22);
+    } while (--cnt);
+    *p = '\0';
+    return x;
+}
+
+#if ENABLE_USE_BB_CRYPT
+
+static char*
+to64(char *s, unsigned v, int n)
+{
+    while (--n >= 0) {
+        /* *s++ = ascii64[v & 0x3f]; */
+        *s++ = i64c(v);
+        v >>= 6;
     }
+    return s;
+}
+
+/*
+ * DES and MD5 crypt implementations are taken from uclibc.
+ * They were modified to not use static buffers.
+ */
+
+#include "pw_encrypt_des.c"
+#include "pw_encrypt_md5.c"
+#if ENABLE_USE_BB_CRYPT_SHA
+#include "pw_encrypt_sha.c"
 #endif
 
-    free(cipher);
-    cipher = xstrdup(crypt(clear, salt));
-    return cipher;
+/* Other advanced crypt ids (TODO?): */
+/* $2$ or $2a$: Blowfish */
+
+static struct const_des_ctx *des_cctx;
+static struct des_ctx *des_ctx;
+
+/* my_crypt returns malloc'ed data */
+static char *my_crypt(const char *key, const char *salt)
+{
+    /* MD5 or SHA? */
+    if (salt[0] == '$' && salt[1] && salt[2] == '$') {
+        if (salt[1] == '1')
+            return md5_crypt(xzalloc(MD5_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt);
+#if ENABLE_USE_BB_CRYPT_SHA
+        if (salt[1] == '5' || salt[1] == '6')
+            return sha_crypt((char*)key, (char*)salt);
+#endif
+    }
+
+    if (!des_cctx)
+        des_cctx = const_des_init();
+    des_ctx = des_init(des_ctx, des_cctx);
+    return des_crypt(des_ctx, xzalloc(DES_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt);
 }
+
+/* So far nobody wants to have it public */
+static void my_crypt_cleanup(void)
+{
+    free(des_cctx);
+    free(des_ctx);
+    des_cctx = NULL;
+    des_ctx = NULL;
+}
+
+char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup)
+{
+    char *encrypted;
+
+    encrypted = my_crypt(clear, salt);
+
+    if (cleanup)
+        my_crypt_cleanup();
+
+    return encrypted;
+}
+
+#else /* if !ENABLE_USE_BB_CRYPT */
+
+char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup)
+{
+    return xstrdup(crypt(clear, salt));
+}
+
+#endif