3 * The DragonFly Project. All rights reserved.
5 * This code is derived from software contributed to The DragonFly Project
6 * by Nolan Lum <nol888@gmail.com>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
18 * 3. Neither the name of The DragonFly Project nor the names of its
19 * contributors may be used to endorse or promote products derived
20 * from this software without specific, prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
25 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
27 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
28 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
29 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
30 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
31 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
32 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 #include <sys/types.h>
46 crypt_sha256(const char *pw, const char *salt)
48 static const char *magic = "$3$"; /* Magic string for this
49 * algorithm. Easier to change
50 * when factored as constant.
52 static char passwd[120], *p;
53 static const char *sp, *ep;
54 unsigned char final[SHA256_SIZE];
59 /* Refine the salt. */
62 /* If it starts with the magic string, then skip that. */
63 if (!strncmp(sp, magic, strlen(magic)))
66 /* Stop at the first '$', max 8 chars. */
67 for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++)
70 /* Get the actual salt length. */
75 /* Hash in the password first. */
76 SHA256_Update(&ctx, pw, strlen(pw));
78 /* Then the magic string */
79 SHA256_Update(&ctx, magic, sizeof(magic));
81 /* Then the raw salt. */
82 SHA256_Update(&ctx, sp, sl);
84 /* Finish and create the output string. */
85 SHA256_Final(final, &ctx);
86 strcpy(passwd, magic);
87 strncat(passwd, sp, sl);
90 p = passwd + strlen(passwd);
92 l = (final[ 0] << 16) | (final[11] << 8) | final[21];
93 _crypt_to64(p, l, 4); p += 4;
94 l = (final[ 1] << 16) | (final[12] << 8) | final[22];
95 _crypt_to64(p, l, 4); p += 4;
96 l = (final[ 2] << 16) | (final[13] << 8) | final[23];
97 _crypt_to64(p, l, 4); p += 4;
98 l = (final[ 3] << 16) | (final[14] << 8) | final[24];
99 _crypt_to64(p, l, 4); p += 4;
100 l = (final[ 4] << 16) | (final[15] << 8) | final[25];
101 _crypt_to64(p, l, 4); p += 4;
102 l = (final[ 5] << 16) | (final[16] << 8) | final[26];
103 _crypt_to64(p, l, 4); p += 4;
104 l = (final[ 6] << 16) | (final[17] << 8) | final[27];
105 _crypt_to64(p, l, 4); p += 4;
106 l = (final[ 7] << 16) | (final[18] << 8) | final[28];
107 _crypt_to64(p, l, 4); p += 4;
108 l = (final[ 8] << 16) | (final[19] << 8) | final[29];
109 _crypt_to64(p, l, 4); p += 4;
110 l = (final[ 9] << 16) | (final[20] << 8) | final[30];
111 _crypt_to64(p, l, 4); p += 4;
112 l = (final[10] << 16) | (final[31] << 8);
113 _crypt_to64(p, l, 4); p += 4;
117 memset(final, 0, sizeof(final));