[dragonfly.git] / lib / libcrypt / deprecated-crypt-sha512.c

/*
 * Copyright (c) 2010
 * 	The DragonFly Project.  All rights reserved.
 *
 * This code is derived from software contributed to The DragonFly Project
 * by Nolan Lum <nol888@gmail.com>
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 * 3. Neither the name of The DragonFly Project nor the names of its
 *    contributors may be used to endorse or promote products derived
 *    from this software without specific, prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include <sys/types.h>
#include <string.h>
#include <sha512.h>
#include "crypt.h"

/*
 * New password crypt.
 */

#define SHA512_SIZE 64
 
char*
crypt_deprecated_sha512(const char *pw, const char *salt)
{
	/*
	 * Magic constant (prefix) used to run over the password data.
	 *
	 * XXX:
	 *
	 * A bug below (sizeof instead of strlen) mandates the extra data after
	 * the closing $. This data is what just happened to be (consistently
	 * miraculously) on the stack following magic on 64-bit.
	 */
	static const char *magic = "$4$\0/etc";

	static char         passwd[120], *p;
	static const char *sp, *ep;
	unsigned char final[SHA512_SIZE];
	int sl, i;
	SHA512_CTX ctx;
	unsigned long l;

	/* Refine the salt. */
	sp = salt;

	/* If it starts with the magic string, then skip that. */
	if (!strncmp(sp, magic, strlen(magic)))
		sp += strlen(magic);

	/* Stop at the first '$', max 8 chars. */
	for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++)
		continue;

	/* Get the actual salt length. */
	sl = ep - sp;
	
	SHA512_Init(&ctx);
	
	/* Hash in the password first. */
	SHA512_Update(&ctx, pw, strlen(pw));
	
	/*
	 * Then the magic string
	 *
	 * XXX: sizeof instead of strlen, must retain
	 */
	SHA512_Update(&ctx, magic, sizeof(magic));
	
	/* Then the raw salt. */
	SHA512_Update(&ctx, sp, sl);
	
	/* Finish and create the output string. */
	SHA512_Final(final, &ctx);
	strcpy(passwd, magic);
	strncat(passwd, sp, sl);
	strcat(passwd, "$");
	
	p = passwd + strlen(passwd);
	
	/*
	 * For-loop form of the algorithm in sha256.c;
	 * breaks the final output up into 3cols and then base64's each row.
	 */
	for (i = 0; i < 20; i++) {
		l = (final[i] << 16) | (final[i + 21] << 8) | final[i + 42];
		_crypt_to64(p, l, 4); p += 4;
	}
	l = (final[20] << 16) | (final[41] << 8);
	_crypt_to64(p, l, 4); p += 4;
	*p = '\0';
	
	/* Clear memory. */
	memset(final, 0, sizeof(final));
	
	return (passwd);
}
Commit	Line	Data
d8ee3b5d SG	1	/*
	2	* Copyright (c) 2010
	3	* The DragonFly Project. All rights reserved.
	4	*
	5	* This code is derived from software contributed to The DragonFly Project
	6	* by Nolan Lum <nol888@gmail.com>
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
	13	* notice, this list of conditions and the following disclaimer.
	14	* 2. Redistributions in binary form must reproduce the above copyright
	15	* notice, this list of conditions and the following disclaimer in
	16	* the documentation and/or other materials provided with the
	17	* distribution.
	18	* 3. Neither the name of The DragonFly Project nor the names of its
	19	* contributors may be used to endorse or promote products derived
	20	* from this software without specific, prior written permission.
	21	*
	22	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	23	* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	24	* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
	25	* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
	26	* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
	27	* INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
	28	* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	29	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
	30	* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
	31	* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
	32	* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	33	* SUCH DAMAGE.
	34	*/
	35
	36	#include <sys/types.h>
	37	#include <string.h>
	38	#include <sha512.h>
	39	#include "crypt.h"
	40
	41	/*
	42	* New password crypt.
	43	*/
	44
	45	#define SHA512_SIZE 64
	46
	47	char*
	48	crypt_deprecated_sha512(const char pw, const char salt)
	49	{
5108d56f SG	50	/*
	51	* Magic constant (prefix) used to run over the password data.
	52	*
	53	* XXX:
	54	*
	55	* A bug below (sizeof instead of strlen) mandates the extra data after
	56	* the closing $. This data is what just happened to be (consistently
	57	* miraculously) on the stack following magic on 64-bit.
	58	*/
	59	static const char *magic = "$4$\0/etc";
	60
d8ee3b5d SG	61	static char passwd[120], *p;
	62	static const char sp, ep;
	63	unsigned char final[SHA512_SIZE];
	64	int sl, i;
	65	SHA512_CTX ctx;
	66	unsigned long l;
	67
	68	/* Refine the salt. */
	69	sp = salt;
	70
	71	/* If it starts with the magic string, then skip that. */
	72	if (!strncmp(sp, magic, strlen(magic)))
	73	sp += strlen(magic);
	74
	75	/* Stop at the first '$', max 8 chars. */
	76	for (ep = sp; ep && ep != '$' && ep < (sp + 8); ep++)
	77	continue;
	78
	79	/* Get the actual salt length. */
	80	sl = ep - sp;
	81
	82	SHA512_Init(&ctx);
	83
	84	/* Hash in the password first. */
	85	SHA512_Update(&ctx, pw, strlen(pw));
	86
5108d56f SG	87	/*
	88	* Then the magic string
	89	*
	90	* XXX: sizeof instead of strlen, must retain
	91	*/
d8ee3b5d SG	92	SHA512_Update(&ctx, magic, sizeof(magic));
	93
	94	/* Then the raw salt. */
	95	SHA512_Update(&ctx, sp, sl);
	96
	97	/* Finish and create the output string. */
	98	SHA512_Final(final, &ctx);
	99	strcpy(passwd, magic);
	100	strncat(passwd, sp, sl);
	101	strcat(passwd, "$");
	102
	103	p = passwd + strlen(passwd);
	104
	105	/*
	106	* For-loop form of the algorithm in sha256.c;
	107	* breaks the final output up into 3cols and then base64's each row.
	108	*/
	109	for (i = 0; i < 20; i++) {
	110	l = (final[i] << 16) \| (final[i + 21] << 8) \| final[i + 42];
	111	_crypt_to64(p, l, 4); p += 4;
	112	}
	113	l = (final[20] << 16) \| (final[41] << 8);
	114	_crypt_to64(p, l, 4); p += 4;
	115	*p = '\0';
	116
	117	/* Clear memory. */
	118	memset(final, 0, sizeof(final));
	119
	120	return (passwd);
	121	}