*/
/* Prefix for optional rounds specification. */
-static const char str_rounds[] = "rounds=%u$";
+static const char str_rounds[] ALIGN1 = "rounds=%u$";
/* Maximum salt string length. */
#define SALT_LEN_MAX 16
sha_crypt(/*const*/ char *key_data, /*const*/ char *salt_data)
{
void (*sha_begin)(void *ctx) FAST_FUNC;
- void (*sha_hash)(const void *buffer, size_t len, void *ctx) FAST_FUNC;
- void* (*sha_end)(void *resbuf, void *ctx) FAST_FUNC;
+ void (*sha_hash)(void *ctx, const void *buffer, size_t len) FAST_FUNC;
+ void (*sha_end)(void *ctx, void *resbuf) FAST_FUNC;
int _32or64;
char *result, *resptr;
/* btw, sha256 needs [32] and uint32_t only */
- unsigned char alt_result[64] __attribute__((__aligned__(__alignof__(uint64_t))));
- unsigned char temp_result[64] __attribute__((__aligned__(__alignof__(uint64_t))));
- union {
- sha256_ctx_t x;
- sha512_ctx_t y;
- } ctx;
- union {
- sha256_ctx_t x;
- sha512_ctx_t y;
- } alt_ctx;
+ struct {
+ unsigned char alt_result[64];
+ unsigned char temp_result[64];
+ union {
+ sha256_ctx_t x;
+ sha512_ctx_t y;
+ } ctx;
+ union {
+ sha256_ctx_t x;
+ sha512_ctx_t y;
+ } alt_ctx;
+ } L __attribute__((__aligned__(__alignof__(uint64_t))));
+#define alt_result (L.alt_result )
+#define temp_result (L.temp_result)
+#define ctx (L.ctx )
+#define alt_ctx (L.alt_ctx )
unsigned salt_len;
unsigned key_len;
unsigned cnt;
if (strncmp(salt_data, str_rounds, 7) == 0) {
/* 7 == strlen("rounds=") */
char *endp;
- unsigned srounds = bb_strtou(salt_data + 7, &endp, 10);
+ cnt = bb_strtou(salt_data + 7, &endp, 10);
if (*endp == '$') {
salt_data = endp + 1;
- rounds = srounds;
+ rounds = cnt;
if (rounds < ROUNDS_MIN)
rounds = ROUNDS_MIN;
if (rounds > ROUNDS_MAX)
rounds = ROUNDS_MAX;
+ /* add "rounds=NNNNN$" to result */
+ resptr += sprintf(resptr, str_rounds, rounds);
}
}
salt_len = strchrnul(salt_data, '$') - salt_data;
/* xstrdup assures suitable alignment; also we will use it
as a scratch space later. */
salt_data = xstrndup(salt_data, salt_len);
- if (rounds != ROUNDS_DEFAULT) /* add "rounds=NNNNN$" */
- resptr += sprintf(resptr, str_rounds, rounds);
+ /* add "salt$" to result */
strcpy(resptr, salt_data);
resptr += salt_len;
*resptr++ = '$';
/* Add KEY, SALT. */
sha_begin(&ctx);
- sha_hash(key_data, key_len, &ctx);
- sha_hash(salt_data, salt_len, &ctx);
+ sha_hash(&ctx, key_data, key_len);
+ sha_hash(&ctx, salt_data, salt_len);
/* Compute alternate SHA sum with input KEY, SALT, and KEY.
The final result will be added to the first context. */
sha_begin(&alt_ctx);
- sha_hash(key_data, key_len, &alt_ctx);
- sha_hash(salt_data, salt_len, &alt_ctx);
- sha_hash(key_data, key_len, &alt_ctx);
- sha_end(alt_result, &alt_ctx);
+ sha_hash(&alt_ctx, key_data, key_len);
+ sha_hash(&alt_ctx, salt_data, salt_len);
+ sha_hash(&alt_ctx, key_data, key_len);
+ sha_end(&alt_ctx, alt_result);
/* Add result of this to the other context. */
/* Add for any character in the key one byte of the alternate sum. */
for (cnt = key_len; cnt > _32or64; cnt -= _32or64)
- sha_hash(alt_result, _32or64, &ctx);
- sha_hash(alt_result, cnt, &ctx);
+ sha_hash(&ctx, alt_result, _32or64);
+ sha_hash(&ctx, alt_result, cnt);
/* Take the binary representation of the length of the key and for every
1 add the alternate sum, for every 0 the key. */
for (cnt = key_len; cnt != 0; cnt >>= 1)
if ((cnt & 1) != 0)
- sha_hash(alt_result, _32or64, &ctx);
+ sha_hash(&ctx, alt_result, _32or64);
else
- sha_hash(key_data, key_len, &ctx);
+ sha_hash(&ctx, key_data, key_len);
/* Create intermediate result. */
- sha_end(alt_result, &ctx);
+ sha_end(&ctx, alt_result);
/* Start computation of P byte sequence. */
/* For every character in the password add the entire password. */
sha_begin(&alt_ctx);
for (cnt = 0; cnt < key_len; ++cnt)
- sha_hash(key_data, key_len, &alt_ctx);
- sha_end(temp_result, &alt_ctx);
+ sha_hash(&alt_ctx, key_data, key_len);
+ sha_end(&alt_ctx, temp_result);
/* NB: past this point, raw key_data is not used anymore */
/* For every character in the password add the entire password. */
sha_begin(&alt_ctx);
for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt)
- sha_hash(salt_data, salt_len, &alt_ctx);
- sha_end(temp_result, &alt_ctx);
+ sha_hash(&alt_ctx, salt_data, salt_len);
+ sha_end(&alt_ctx, temp_result);
/* NB: past this point, raw salt_data is not used anymore */
/* Add key or last result. */
if ((cnt & 1) != 0)
- sha_hash(p_bytes, key_len, &ctx);
+ sha_hash(&ctx, p_bytes, key_len);
else
- sha_hash(alt_result, _32or64, &ctx);
+ sha_hash(&ctx, alt_result, _32or64);
/* Add salt for numbers not divisible by 3. */
if (cnt % 3 != 0)
- sha_hash(s_bytes, salt_len, &ctx);
+ sha_hash(&ctx, s_bytes, salt_len);
/* Add key for numbers not divisible by 7. */
if (cnt % 7 != 0)
- sha_hash(p_bytes, key_len, &ctx);
+ sha_hash(&ctx, p_bytes, key_len);
/* Add key or last result. */
if ((cnt & 1) != 0)
- sha_hash(alt_result, _32or64, &ctx);
+ sha_hash(&ctx, alt_result, _32or64);
else
- sha_hash(p_bytes, key_len, &ctx);
+ sha_hash(&ctx, p_bytes, key_len);
- sha_end(alt_result, &ctx);
+ sha_end(&ctx, alt_result);
}
-
/* Append encrypted password to result buffer */
//TODO: replace with something like
// bb_uuencode(cp, src, length, bb_uuenc_tbl_XXXbase64);
#define b64_from_24bit(B2, B1, B0, N) \
-do { \
- unsigned w = ((B2) << 16) | ((B1) << 8) | (B0); \
- resptr = to64(resptr, w, N); \
+do { \
+ unsigned w = ((B2) << 16) | ((B1) << 8) | (B0); \
+ resptr = to64(resptr, w, N); \
} while (0)
if (is_sha512 == '5') {
+ unsigned i = 0;
+ while (1) {
+ unsigned j = i + 10;
+ unsigned k = i + 20;
+ if (j >= 30) j -= 30;
+ if (k >= 30) k -= 30;
+ b64_from_24bit(alt_result[i], alt_result[j], alt_result[k], 4);
+ if (k == 29)
+ break;
+ i = k + 1;
+ }
+ b64_from_24bit(0, alt_result[31], alt_result[30], 3);
+ /* was:
b64_from_24bit(alt_result[0], alt_result[10], alt_result[20], 4);
b64_from_24bit(alt_result[21], alt_result[1], alt_result[11], 4);
b64_from_24bit(alt_result[12], alt_result[22], alt_result[2], 4);
b64_from_24bit(alt_result[18], alt_result[28], alt_result[8], 4);
b64_from_24bit(alt_result[9], alt_result[19], alt_result[29], 4);
b64_from_24bit(0, alt_result[31], alt_result[30], 3);
+ */
} else {
+ unsigned i = 0;
+ while (1) {
+ unsigned j = i + 21;
+ unsigned k = i + 42;
+ if (j >= 63) j -= 63;
+ if (k >= 63) k -= 63;
+ b64_from_24bit(alt_result[i], alt_result[j], alt_result[k], 4);
+ if (j == 20)
+ break;
+ i = j + 1;
+ }
+ b64_from_24bit(0, 0, alt_result[63], 2);
+ /* was:
b64_from_24bit(alt_result[0], alt_result[21], alt_result[42], 4);
b64_from_24bit(alt_result[22], alt_result[43], alt_result[1], 4);
b64_from_24bit(alt_result[44], alt_result[2], alt_result[23], 4);
b64_from_24bit(alt_result[40], alt_result[61], alt_result[19], 4);
b64_from_24bit(alt_result[62], alt_result[20], alt_result[41], 4);
b64_from_24bit(0, 0, alt_result[63], 2);
+ */
}
/* *resptr = '\0'; - xzalloc did it */
#undef b64_from_24bit
/* Clear the buffer for the intermediate result so that people
attaching to processes or reading core dumps cannot get any
information. */
- memset(temp_result, 0, sizeof(temp_result));
- memset(alt_result, 0, sizeof(alt_result));
- memset(&ctx, 0, sizeof(ctx));
- memset(&alt_ctx, 0, sizeof(alt_ctx));
+ memset(&L, 0, sizeof(L)); /* [alt]_ctx and XXX_result buffers */
memset(key_data, 0, key_len); /* also p_bytes */
memset(salt_data, 0, salt_len); /* also s_bytes */
free(key_data);
#undef s_bytes
return result;
+#undef alt_result
+#undef temp_result
+#undef ctx
+#undef alt_ctx
}
projects / oweals / busybox.git / blobdiff