crypt.c revision 331722
1163953Srrs/*- 2163953Srrs * Copyright (c) 1999 Mark Murray 3163953Srrs * Copyright (c) 2014 Dag-Erling Sm��rgrav 4163953Srrs * All rights reserved. 5163953Srrs * 6163953Srrs * Redistribution and use in source and binary forms, with or without 7163953Srrs * modification, are permitted provided that the following conditions 8163953Srrs * are met: 9163953Srrs * 1. Redistributions of source code must retain the above copyright 10163953Srrs * notice, this list of conditions and the following disclaimer. 11163953Srrs * 2. Redistributions in binary form must reproduce the above copyright 12163953Srrs * notice, this list of conditions and the following disclaimer in the 13163953Srrs * documentation and/or other materials provided with the distribution. 14163953Srrs * 15163953Srrs * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND 16163953Srrs * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17163953Srrs * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18163953Srrs * ARE DISCLAIMED. IN NO EVENT SHALL MARK MURRAY OR CONTRIBUTORS BE LIABLE 19163953Srrs * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20163953Srrs * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21163953Srrs * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22163953Srrs * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23163953Srrs * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24163953Srrs * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25163953Srrs * SUCH DAMAGE. 26163953Srrs */ 27163953Srrs 28163953Srrs#include <sys/cdefs.h> 29163953Srrs__FBSDID("$FreeBSD: stable/11/lib/libcrypt/crypt.c 331722 2018-03-29 02:50:57Z eadler $"); 30163953Srrs 31163953Srrs#include <sys/types.h> 32163953Srrs 33163953Srrs#include <libutil.h> 34163953Srrs#include <string.h> 35163953Srrs#include <unistd.h> 36163953Srrs 37163953Srrs#include "crypt.h" 38163953Srrs 39163953Srrs/* 40163953Srrs * List of supported crypt(3) formats. 41163953Srrs * 42163953Srrs * The default algorithm is the last entry in the list (second-to-last 43163953Srrs * array element since the last is a sentinel). The reason for placing 44163953Srrs * the default last rather than first is that DES needs to be at the 45163953Srrs * bottom for the algorithm guessing logic in crypt(3) to work correctly, 46163953Srrs * and it needs to be the default for backward compatibility. 47163953Srrs */ 48163953Srrsstatic const struct crypt_format { 49163953Srrs const char *const name; 50163953Srrs char *(*const func)(const char *, const char *); 51163953Srrs const char *const magic; 52163953Srrs} crypt_formats[] = { 53163953Srrs { "md5", crypt_md5, "$1$" }, 54163953Srrs#ifdef HAS_BLOWFISH 55163953Srrs { "blf", crypt_blowfish, "$2" }, 56163953Srrs#endif 57163953Srrs { "nth", crypt_nthash, "$3$" }, 58163953Srrs { "sha256", crypt_sha256, "$5$" }, 59163953Srrs { "sha512", crypt_sha512, "$6$" }, 60163953Srrs#ifdef HAS_DES 61163953Srrs { "des", crypt_des, "_" }, 62163953Srrs#endif 63163953Srrs 64163953Srrs /* sentinel */ 65163953Srrs { NULL, NULL, NULL } 66163953Srrs}; 67163953Srrs 68163953Srrsstatic const struct crypt_format *crypt_format = 69163953Srrs &crypt_formats[(sizeof crypt_formats / sizeof *crypt_formats) - 2]; 70163953Srrs 71163953Srrs#define DES_SALT_ALPHABET \ 72163953Srrs "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" 73163953Srrs 74163953Srrs/* 75163953Srrs * Returns the name of the currently selected format. 76163953Srrs */ 77163953Srrsconst char * 78163953Srrscrypt_get_format(void) 79163953Srrs{ 80163953Srrs 81163953Srrs return (crypt_format->name); 82163953Srrs} 83163953Srrs 84163953Srrs/* 85163953Srrs * Selects the format to use for subsequent crypt(3) invocations. 86163953Srrs */ 87163953Srrsint 88163953Srrscrypt_set_format(const char *format) 89163953Srrs{ 90163953Srrs const struct crypt_format *cf; 91163953Srrs 92163953Srrs for (cf = crypt_formats; cf->name != NULL; ++cf) { 93163953Srrs if (strcasecmp(cf->name, format) == 0) { 94163953Srrs crypt_format = cf; 95163953Srrs return (1); 96163953Srrs } 97163953Srrs } 98163953Srrs return (0); 99163953Srrs} 100163953Srrs 101163953Srrs/* 102163953Srrs * Hash the given password with the given salt. If the salt begins with a 103163953Srrs * magic string (e.g. "$6$" for sha512), the corresponding format is used; 104163953Srrs * otherwise, the currently selected format is used. 105163953Srrs */ 106163953Srrschar * 107163953Srrscrypt(const char *passwd, const char *salt) 108163953Srrs{ 109163953Srrs const struct crypt_format *cf; 110163953Srrs#ifdef HAS_DES 111163953Srrs int len; 112163953Srrs#endif 113163953Srrs 114163953Srrs for (cf = crypt_formats; cf->name != NULL; ++cf) 115163953Srrs if (cf->magic != NULL && strstr(salt, cf->magic) == salt) 116163953Srrs return (cf->func(passwd, salt)); 117163953Srrs#ifdef HAS_DES 118163953Srrs len = strlen(salt); 119163953Srrs if ((len == 13 || len == 2) && strspn(salt, DES_SALT_ALPHABET) == len) 120163953Srrs return (crypt_des(passwd, salt)); 121163953Srrs#endif 122163953Srrs return (crypt_format->func(passwd, salt)); 123163953Srrs} 124163953Srrs