cryptpw: support "rounds=NNNNNNN$" thing in salts
authorDenys Vlasenko <vda.linux@googlemail.com>
Sun, 15 Jan 2017 20:48:31 +0000 (21:48 +0100)
committerDenys Vlasenko <vda.linux@googlemail.com>
Sun, 15 Jan 2017 20:48:31 +0000 (21:48 +0100)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
loginutils/cryptpw.c
testsuite/cryptpw.tests [new file with mode: 0755]

index 9f5f406860357c672c52713ed200e51b5ae6cb8b..d630231c6ba8d9d3aa4b11d5088ce41f48dcc85a 100644 (file)
@@ -35,7 +35,7 @@
 //usage:       "[OPTIONS] [PASSWORD] [SALT]"
 /* We do support -s, we just don't mention it */
 //usage:#define cryptpw_full_usage "\n\n"
-//usage:       "Crypt PASSWORD using crypt(3)\n"
+//usage:       "Print crypt(3) hashed PASSWORD\n"
 //usage:       IF_LONG_OPTS(
 //usage:     "\n       -P,--password-fd=N      Read password from fd N"
 /* //usage:  "\n       -s,--stdin              Use stdin; like -P0" */
@@ -92,7 +92,8 @@ to cryptpw. -a option (alias for -m) came from cryptpw.
 int cryptpw_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int cryptpw_main(int argc UNUSED_PARAM, char **argv)
 {
-       char salt[MAX_PW_SALT_LEN];
+       /* Supports: cryptpw -m sha256 PASS 'rounds=999999999$SALT' */
+       char salt[MAX_PW_SALT_LEN + sizeof("rounds=999999999$")];
        char *salt_ptr;
        char *password;
        const char *opt_m, *opt_S;
@@ -122,6 +123,7 @@ int cryptpw_main(int argc UNUSED_PARAM, char **argv)
 
        salt_ptr = crypt_make_pw_salt(salt, opt_m);
        if (opt_S)
+               /* put user's data after the "$N$" prefix */
                safe_strncpy(salt_ptr, opt_S, sizeof(salt) - (sizeof("$N$")-1));
 
        xmove_fd(fd, STDIN_FILENO);
diff --git a/testsuite/cryptpw.tests b/testsuite/cryptpw.tests
new file mode 100755 (executable)
index 0000000..8ec476c
--- /dev/null
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+# Copyright 2017 by Denys Vlasenko <vda.linux@googlemail.com>
+# Licensed under GPLv2, see file LICENSE in this source tree.
+
+. ./testing.sh
+
+# testing "description" "command" "result" "infile" "stdin"
+
+optional USE_BB_CRYPT_SHA
+testing "cryptpw sha256" \
+       "cryptpw -m sha256 QWErty '123456789012345678901234567890'" \
+       '$5$1234567890123456$5DxfOCmU4vRhtzfsbdK.6wSGMwwVbac7ZkWwusb8Si7\n' "" ""
+
+testing "cryptpw sha256 rounds=99999" \
+       "cryptpw -m sha256 QWErty 'rounds=99999\$123456789012345678901234567890'" \
+       '$5$rounds=99999$1234567890123456$aYellycJGZM6AKyVzaQsSrDBdTixubtMnM6J.MN0xM8\n' "" ""
+
+testing "cryptpw sha512" \
+       "cryptpw -m sha512 QWErty '123456789012345678901234567890'" \
+       '$6$1234567890123456$KB7QqxFyqmJSWyQYcCuGeFukgz1bPQoipWZf7.9L7z3k8UNTXa6UikbKcUGDc2ANn7DOGmDaroxDgpK16w/RE0\n' "" ""
+
+testing "cryptpw sha512 rounds=99999" \
+       "cryptpw -m sha512 QWErty 'rounds=99999\$123456789012345678901234567890'" \
+       '$6$rounds=99999$1234567890123456$BfF6gD6ZjUmwawH5QaAglYAxtU./yvsz0fcQ464l49aMI2DZW3j5ri28CrxK7riPWNpLuUpfaIdY751SBYKUH.\n' "" ""
+SKIP=
+
+exit $FAILCOUNT