pw_encrypt.c 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168
  1. /* vi: set sw=4 ts=4: */
  2. /*
  3. * Utility routines.
  4. *
  5. * Copyright (C) 1999-2004 by Erik Andersen <andersen@codepoet.org>
  6. *
  7. * Licensed under GPLv2 or later, see file LICENSE in this source tree.
  8. */
  9. #if !ENABLE_USE_BB_CRYPT
  10. # if !defined(__FreeBSD__)
  11. # include <crypt.h>
  12. # endif
  13. #endif
  14. #include "libbb.h"
  15. /* static const uint8_t ascii64[] ALIGN1 =
  16. * "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
  17. */
  18. static int i64c(int i)
  19. {
  20. i &= 0x3f;
  21. if (i == 0)
  22. return '.';
  23. if (i == 1)
  24. return '/';
  25. if (i < 12)
  26. return ('0' - 2 + i);
  27. if (i < 38)
  28. return ('A' - 12 + i);
  29. return ('a' - 38 + i);
  30. }
  31. int FAST_FUNC crypt_make_salt(char *p, int cnt /*, int x */)
  32. {
  33. /* was: x += ... */
  34. unsigned x = getpid() + monotonic_us();
  35. do {
  36. /* x = (x*1664525 + 1013904223) % 2^32 generator is lame
  37. * (low-order bit is not "random", etc...),
  38. * but for our purposes it is good enough */
  39. x = x*1664525 + 1013904223;
  40. /* BTW, Park and Miller's "minimal standard generator" is
  41. * x = x*16807 % ((2^31)-1)
  42. * It has no problem with visibly alternating lowest bit
  43. * but is also weak in cryptographic sense + needs div,
  44. * which needs more code (and slower) on many CPUs */
  45. *p++ = i64c(x >> 16);
  46. *p++ = i64c(x >> 22);
  47. } while (--cnt);
  48. *p = '\0';
  49. return x;
  50. }
  51. char* FAST_FUNC crypt_make_pw_salt(char salt[MAX_PW_SALT_LEN], const char *algo)
  52. {
  53. int len = 2/2;
  54. char *salt_ptr = salt;
  55. /* Standard chpasswd uses uppercase algos ("MD5", not "md5").
  56. * Need to be case-insensitive in the code below.
  57. */
  58. if ((algo[0]|0x20) != 'd') { /* not des */
  59. len = 8/2; /* so far assuming md5 */
  60. *salt_ptr++ = '$';
  61. *salt_ptr++ = '1';
  62. *salt_ptr++ = '$';
  63. #if !ENABLE_USE_BB_CRYPT || ENABLE_USE_BB_CRYPT_SHA
  64. if ((algo[0]|0x20) == 's') { /* sha */
  65. salt[1] = '5' + (strcasecmp(algo, "sha512") == 0);
  66. len = 16/2;
  67. }
  68. #endif
  69. }
  70. crypt_make_salt(salt_ptr, len);
  71. return salt_ptr;
  72. }
  73. #if ENABLE_USE_BB_CRYPT
  74. static char*
  75. to64(char *s, unsigned v, int n)
  76. {
  77. while (--n >= 0) {
  78. /* *s++ = ascii64[v & 0x3f]; */
  79. *s++ = i64c(v);
  80. v >>= 6;
  81. }
  82. return s;
  83. }
  84. /*
  85. * DES and MD5 crypt implementations are taken from uclibc.
  86. * They were modified to not use static buffers.
  87. */
  88. #include "pw_encrypt_des.c"
  89. #include "pw_encrypt_md5.c"
  90. #if ENABLE_USE_BB_CRYPT_SHA
  91. #include "pw_encrypt_sha.c"
  92. #endif
  93. /* Other advanced crypt ids (TODO?): */
  94. /* $2$ or $2a$: Blowfish */
  95. static struct const_des_ctx *des_cctx;
  96. static struct des_ctx *des_ctx;
  97. /* my_crypt returns malloc'ed data */
  98. static char *my_crypt(const char *key, const char *salt)
  99. {
  100. /* MD5 or SHA? */
  101. if (salt[0] == '$' && salt[1] && salt[2] == '$') {
  102. if (salt[1] == '1')
  103. return md5_crypt(xzalloc(MD5_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt);
  104. #if ENABLE_USE_BB_CRYPT_SHA
  105. if (salt[1] == '5' || salt[1] == '6')
  106. return sha_crypt((char*)key, (char*)salt);
  107. #endif
  108. }
  109. if (!des_cctx)
  110. des_cctx = const_des_init();
  111. des_ctx = des_init(des_ctx, des_cctx);
  112. /* Can return NULL if salt is bad ("" or "<one_char>") */
  113. return des_crypt(des_ctx, xzalloc(DES_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt);
  114. }
  115. /* So far nobody wants to have it public */
  116. static void my_crypt_cleanup(void)
  117. {
  118. free(des_cctx);
  119. free(des_ctx);
  120. des_cctx = NULL;
  121. des_ctx = NULL;
  122. }
  123. char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup)
  124. {
  125. char *encrypted;
  126. encrypted = my_crypt(clear, salt);
  127. if (!encrypted)
  128. bb_simple_error_msg_and_die("bad salt");
  129. if (cleanup)
  130. my_crypt_cleanup();
  131. return encrypted;
  132. }
  133. #else /* if !ENABLE_USE_BB_CRYPT */
  134. char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup)
  135. {
  136. char *encrypted;
  137. encrypted = crypt(clear, salt);
  138. /*
  139. * glibc used to return "" on malformed salts (for example, ""),
  140. * but since 2.17 it returns NULL.
  141. */
  142. if (!encrypted || !encrypted[0])
  143. bb_simple_error_msg_and_die("bad salt");
  144. return xstrdup(encrypted);
  145. }
  146. #endif