8 |
*/ |
*/ |
9 |
|
|
10 |
#include "libbb.h" |
#include "libbb.h" |
|
#include <crypt.h> |
|
11 |
|
|
12 |
char *pw_encrypt(const char *clear, const char *salt) |
#if ENABLE_USE_BB_CRYPT |
13 |
|
|
14 |
|
/* |
15 |
|
* DES and MD5 crypt implementations are taken from uclibc. |
16 |
|
* They were modified to not use static buffers. |
17 |
|
*/ |
18 |
|
/* Common for them */ |
19 |
|
static const uint8_t ascii64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
20 |
|
#include "pw_encrypt_des.c" |
21 |
|
#include "pw_encrypt_md5.c" |
22 |
|
|
23 |
|
/* Other advanced crypt ids: */ |
24 |
|
/* $2$ or $2a$: Blowfish */ |
25 |
|
/* $5$: SHA-256 */ |
26 |
|
/* $6$: SHA-512 */ |
27 |
|
/* TODO: implement SHA - http://people.redhat.com/drepper/SHA-crypt.txt */ |
28 |
|
|
29 |
|
static struct const_des_ctx *des_cctx; |
30 |
|
static struct des_ctx *des_ctx; |
31 |
|
|
32 |
|
/* my_crypt returns malloc'ed data */ |
33 |
|
static char *my_crypt(const char *key, const char *salt) |
34 |
{ |
{ |
35 |
static char cipher[128]; |
/* First, check if we are supposed to be using the MD5 replacement |
36 |
char *cp; |
* instead of DES... */ |
37 |
|
if (salt[0] == '$' && salt[1] == '1' && salt[2] == '$') { |
38 |
|
return md5_crypt(xzalloc(MD5_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt); |
39 |
|
} |
40 |
|
|
41 |
#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */ |
{ |
42 |
if (strncmp(salt, "$2$", 3) == 0) { |
if (!des_cctx) |
43 |
return sha1_crypt(clear); |
des_cctx = const_des_init(); |
44 |
|
des_ctx = des_init(des_ctx, des_cctx); |
45 |
|
return des_crypt(des_ctx, xzalloc(DES_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt); |
46 |
} |
} |
|
#endif |
|
|
cp = (char *) crypt(clear, salt); |
|
|
/* if crypt (a nonstandard crypt) returns a string too large, |
|
|
truncate it so we don't overrun buffers and hope there is |
|
|
enough security in what's left */ |
|
|
safe_strncpy(cipher, cp, sizeof(cipher)); |
|
|
return cipher; |
|
47 |
} |
} |
48 |
|
|
49 |
|
/* So far nobody wants to have it public */ |
50 |
|
static void my_crypt_cleanup(void) |
51 |
|
{ |
52 |
|
free(des_cctx); |
53 |
|
free(des_ctx); |
54 |
|
des_cctx = NULL; |
55 |
|
des_ctx = NULL; |
56 |
|
} |
57 |
|
|
58 |
|
char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup) |
59 |
|
{ |
60 |
|
char *encrypted; |
61 |
|
|
62 |
|
encrypted = my_crypt(clear, salt); |
63 |
|
|
64 |
|
if (cleanup) |
65 |
|
my_crypt_cleanup(); |
66 |
|
|
67 |
|
return encrypted; |
68 |
|
} |
69 |
|
|
70 |
|
#else /* if !ENABLE_USE_BB_CRYPT */ |
71 |
|
|
72 |
|
char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup) |
73 |
|
{ |
74 |
|
return xstrdup(crypt(clear, salt)); |
75 |
|
} |
76 |
|
|
77 |
|
#endif |