/* One way encryption based on SHA256 sum.
- Copyright (C) 2007, 2009, 2012 Free Software Foundation, Inc.
+ Copyright (C) 2007-2019 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Ulrich Drepper <drepper@redhat.com>, 2007.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
- <http://www.gnu.org/licenses/>. */
+ <https://www.gnu.org/licenses/>. */
#include <assert.h>
#include <errno.h>
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>
+#include <stdint.h>
#include <sys/param.h>
#include "sha256.h"
+#include "crypt-private.h"
#ifdef USE_NSS
/* Maximum number of rounds. */
#define ROUNDS_MAX 999999999
-/* Table with characters for base64 transformation. */
-static const char b64t[64] =
-"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
/* Prototypes for local functions. */
extern char *__sha256_crypt_r (const char *key, const char *salt,
char *
-__sha256_crypt_r (key, salt, buffer, buflen)
- const char *key;
- const char *salt;
- char *buffer;
- int buflen;
+__sha256_crypt_r (const char *key, const char *salt, char *buffer, int buflen)
{
unsigned char alt_result[32]
__attribute__ ((__aligned__ (__alignof__ (uint32_t))));
if (rounds_custom)
{
- int n = snprintf (cp, MAX (0, buflen), "%s%zu$",
- sha256_rounds_prefix, rounds);
+ int n = __snprintf (cp, MAX (0, buflen), "%s%zu$",
+ sha256_rounds_prefix, rounds);
cp += n;
buflen -= n;
}
--buflen;
}
- void b64_from_24bit (unsigned int b2, unsigned int b1, unsigned int b0,
- int n)
- {
- unsigned int w = (b2 << 16) | (b1 << 8) | b0;
- while (n-- > 0 && buflen > 0)
- {
- *cp++ = b64t[w & 0x3f];
- --buflen;
- w >>= 6;
- }
- }
-
- b64_from_24bit (alt_result[0], alt_result[10], alt_result[20], 4);
- b64_from_24bit (alt_result[21], alt_result[1], alt_result[11], 4);
- b64_from_24bit (alt_result[12], alt_result[22], alt_result[2], 4);
- b64_from_24bit (alt_result[3], alt_result[13], alt_result[23], 4);
- b64_from_24bit (alt_result[24], alt_result[4], alt_result[14], 4);
- b64_from_24bit (alt_result[15], alt_result[25], alt_result[5], 4);
- b64_from_24bit (alt_result[6], alt_result[16], alt_result[26], 4);
- b64_from_24bit (alt_result[27], alt_result[7], alt_result[17], 4);
- b64_from_24bit (alt_result[18], alt_result[28], alt_result[8], 4);
- b64_from_24bit (alt_result[9], alt_result[19], alt_result[29], 4);
- b64_from_24bit (0, alt_result[31], alt_result[30], 3);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[0], alt_result[10], alt_result[20], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[21], alt_result[1], alt_result[11], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[12], alt_result[22], alt_result[2], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[3], alt_result[13], alt_result[23], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[24], alt_result[4], alt_result[14], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[15], alt_result[25], alt_result[5], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[6], alt_result[16], alt_result[26], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[27], alt_result[7], alt_result[17], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[18], alt_result[28], alt_result[8], 4);
+ __b64_from_24bit (&cp, &buflen,
+ alt_result[9], alt_result[19], alt_result[29], 4);
+ __b64_from_24bit (&cp, &buflen,
+ 0, alt_result[31], alt_result[30], 3);
if (buflen <= 0)
{
__set_errno (ERANGE);
#ifndef USE_NSS
__sha256_init_ctx (&ctx);
__sha256_finish_ctx (&ctx, alt_result);
- memset (&ctx, '\0', sizeof (ctx));
- memset (&alt_ctx, '\0', sizeof (alt_ctx));
+ explicit_bzero (&ctx, sizeof (ctx));
+ explicit_bzero (&alt_ctx, sizeof (alt_ctx));
#endif
- memset (temp_result, '\0', sizeof (temp_result));
- memset (p_bytes, '\0', key_len);
- memset (s_bytes, '\0', salt_len);
+ explicit_bzero (temp_result, sizeof (temp_result));
+ explicit_bzero (p_bytes, key_len);
+ explicit_bzero (s_bytes, salt_len);
if (copied_key != NULL)
- memset (copied_key, '\0', key_len);
+ explicit_bzero (copied_key, key_len);
if (copied_salt != NULL)
- memset (copied_salt, '\0', salt_len);
+ explicit_bzero (copied_salt, salt_len);
free (free_key);
free (free_pbytes);