1 /* 2 * Copyright (c) 2010 3 * The DragonFly Project. All rights reserved. 4 * 5 * This code is derived from software contributed to The DragonFly Project 6 * by Nolan Lum <nol888@gmail.com> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the 17 * distribution. 18 * 3. Neither the name of The DragonFly Project nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific, prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 25 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 26 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 27 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 28 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 29 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 30 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 31 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 32 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/types.h> 37 #include <string.h> 38 39 #include "crypt.h" 40 #include "local.h" 41 42 /* 43 * New password crypt. 44 */ 45 46 #define SHA256_SIZE 32 47 48 char* 49 crypt_deprecated_sha256(const char *pw, const char *salt) 50 { 51 /* 52 * Magic constant (prefix) used to run over the password data. 53 * 54 * XXX: 55 * 56 * A bug below (sizeof instead of strlen) mandates the extra data after 57 * the closing $. This data is what just happened to be (consistently 58 * miraculously) on the stack following magic on 64-bit. 59 */ 60 static const char *magic = "$3$\0sha5"; 61 62 static char passwd[120], *p; 63 static const char *sp, *ep; 64 unsigned char final[SHA256_SIZE]; 65 int sl; 66 struct sha256_ctx ctx; 67 unsigned long l; 68 69 /* Refine the salt. */ 70 sp = salt; 71 72 /* If it starts with the magic string, then skip that. */ 73 if (!strncmp(sp, magic, strlen(magic))) 74 sp += strlen(magic); 75 76 /* Stop at the first '$', max 8 chars. */ 77 for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++) 78 continue; 79 80 /* Get the actual salt length. */ 81 sl = ep - sp; 82 83 __crypt__sha256_init_ctx(&ctx); 84 85 /* Hash in the password first. */ 86 __crypt__sha256_process_bytes(pw, strlen(pw), &ctx); 87 88 /* 89 * Then the magic string 90 * 91 * XXX: sizeof instead of strlen, must retain 92 */ 93 __crypt__sha256_process_bytes(magic, sizeof(magic), &ctx); 94 95 /* Then the raw salt. */ 96 __crypt__sha256_process_bytes(sp, sl, &ctx); 97 98 /* Finish and create the output string. */ 99 __crypt__sha256_finish_ctx(&ctx, final); 100 strcpy(passwd, magic); 101 strncat(passwd, sp, sl); 102 strcat(passwd, "$"); 103 104 p = passwd + strlen(passwd); 105 106 l = (final[ 0] << 16) | (final[11] << 8) | final[21]; 107 _crypt_to64(p, l, 4); p += 4; 108 l = (final[ 1] << 16) | (final[12] << 8) | final[22]; 109 _crypt_to64(p, l, 4); p += 4; 110 l = (final[ 2] << 16) | (final[13] << 8) | final[23]; 111 _crypt_to64(p, l, 4); p += 4; 112 l = (final[ 3] << 16) | (final[14] << 8) | final[24]; 113 _crypt_to64(p, l, 4); p += 4; 114 l = (final[ 4] << 16) | (final[15] << 8) | final[25]; 115 _crypt_to64(p, l, 4); p += 4; 116 l = (final[ 5] << 16) | (final[16] << 8) | final[26]; 117 _crypt_to64(p, l, 4); p += 4; 118 l = (final[ 6] << 16) | (final[17] << 8) | final[27]; 119 _crypt_to64(p, l, 4); p += 4; 120 l = (final[ 7] << 16) | (final[18] << 8) | final[28]; 121 _crypt_to64(p, l, 4); p += 4; 122 l = (final[ 8] << 16) | (final[19] << 8) | final[29]; 123 _crypt_to64(p, l, 4); p += 4; 124 l = (final[ 9] << 16) | (final[20] << 8) | final[30]; 125 _crypt_to64(p, l, 4); p += 4; 126 l = (final[10] << 16) | (final[31] << 8); 127 _crypt_to64(p, l, 4); p += 4; 128 *p = '\0'; 129 130 /* Clear memory. */ 131 memset(final, 0, sizeof(final)); 132 133 return (passwd); 134 } 135