ChangeLog update from my last commit

[thirdparty/glibc.git] / crypt / sha256-crypt.c

diff --git a/crypt/sha256-crypt.c b/crypt/sha256-crypt.c
index 440933ac015ab2f6b92b242f8d64f80eeeb7ea41..78fa8432cfd517c7ff3530ffd854d77b3562bc44 100644 (file)
--- a/crypt/sha256-crypt.c
+++ b/crypt/sha256-crypt.c
@@ -1,5 +1,5 @@
 /* One way encryption based on SHA256 sum.
-   Copyright (C) 2007, 2009, 2012 Free Software Foundation, Inc.
+   Copyright (C) 2007-2019 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@redhat.com>, 2007.
 
@@ -15,16 +15,18 @@
 
    You should have received a copy of the GNU Lesser General Public
    License along with the GNU C Library; if not, see
-   <http://www.gnu.org/licenses/>.  */
+   <https://www.gnu.org/licenses/>.  */
 
 #include <assert.h>
 #include <errno.h>
 #include <stdbool.h>
 #include <stdlib.h>
 #include <string.h>
+#include <stdint.h>
 #include <sys/param.h>
 
 #include "sha256.h"
+#include "crypt-private.h"
 
 
 #ifdef USE_NSS
@@ -89,10 +91,6 @@ static const char sha256_rounds_prefix[] = "rounds=";
 /* Maximum number of rounds.  */
 #define ROUNDS_MAX 999999999
 
-/* Table with characters for base64 transformation.  */
-static const char b64t[64] =
-"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
 
 /* Prototypes for local functions.  */
 extern char *__sha256_crypt_r (const char *key, const char *salt,
@@ -101,11 +99,7 @@ extern char *__sha256_crypt (const char *key, const char *salt);
 
 
 char *
-__sha256_crypt_r (key, salt, buffer, buflen)
-     const char *key;
-     const char *salt;
-     char *buffer;
-     int buflen;
+__sha256_crypt_r (const char *key, const char *salt, char *buffer, int buflen)
 {
   unsigned char alt_result[32]
     __attribute__ ((__aligned__ (__alignof__ (uint32_t))));
@@ -325,8 +319,8 @@ __sha256_crypt_r (key, salt, buffer, buflen)
 
   if (rounds_custom)
     {
-      int n = snprintf (cp, MAX (0, buflen), "%s%zu$",
-                       sha256_rounds_prefix, rounds);
+      int n = __snprintf (cp, MAX (0, buflen), "%s%zu$",
+                         sha256_rounds_prefix, rounds);
       cp += n;
       buflen -= n;
     }
@@ -340,29 +334,28 @@ __sha256_crypt_r (key, salt, buffer, buflen)
       --buflen;
     }
 
-  void b64_from_24bit (unsigned int b2, unsigned int b1, unsigned int b0,
-                      int n)
-  {
-    unsigned int w = (b2 << 16) | (b1 << 8) | b0;
-    while (n-- > 0 && buflen > 0)
-      {
-       *cp++ = b64t[w & 0x3f];
-       --buflen;
-       w >>= 6;
-      }
-  }
-
-  b64_from_24bit (alt_result[0], alt_result[10], alt_result[20], 4);
-  b64_from_24bit (alt_result[21], alt_result[1], alt_result[11], 4);
-  b64_from_24bit (alt_result[12], alt_result[22], alt_result[2], 4);
-  b64_from_24bit (alt_result[3], alt_result[13], alt_result[23], 4);
-  b64_from_24bit (alt_result[24], alt_result[4], alt_result[14], 4);
-  b64_from_24bit (alt_result[15], alt_result[25], alt_result[5], 4);
-  b64_from_24bit (alt_result[6], alt_result[16], alt_result[26], 4);
-  b64_from_24bit (alt_result[27], alt_result[7], alt_result[17], 4);
-  b64_from_24bit (alt_result[18], alt_result[28], alt_result[8], 4);
-  b64_from_24bit (alt_result[9], alt_result[19], alt_result[29], 4);
-  b64_from_24bit (0, alt_result[31], alt_result[30], 3);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[0], alt_result[10], alt_result[20], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[21], alt_result[1], alt_result[11], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[12], alt_result[22], alt_result[2], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[3], alt_result[13], alt_result[23], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[24], alt_result[4], alt_result[14], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[15], alt_result[25], alt_result[5], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[6], alt_result[16], alt_result[26], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[27], alt_result[7], alt_result[17], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[18], alt_result[28], alt_result[8], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   alt_result[9], alt_result[19], alt_result[29], 4);
+  __b64_from_24bit (&cp, &buflen,
+                   0, alt_result[31], alt_result[30], 3);
   if (buflen <= 0)
     {
       __set_errno (ERANGE);
@@ -378,16 +371,16 @@ __sha256_crypt_r (key, salt, buffer, buflen)
 #ifndef USE_NSS
   __sha256_init_ctx (&ctx);
   __sha256_finish_ctx (&ctx, alt_result);
-  memset (&ctx, '\0', sizeof (ctx));
-  memset (&alt_ctx, '\0', sizeof (alt_ctx));
+  explicit_bzero (&ctx, sizeof (ctx));
+  explicit_bzero (&alt_ctx, sizeof (alt_ctx));
 #endif
-  memset (temp_result, '\0', sizeof (temp_result));
-  memset (p_bytes, '\0', key_len);
-  memset (s_bytes, '\0', salt_len);
+  explicit_bzero (temp_result, sizeof (temp_result));
+  explicit_bzero (p_bytes, key_len);
+  explicit_bzero (s_bytes, salt_len);
   if (copied_key != NULL)
-    memset (copied_key, '\0', key_len);
+    explicit_bzero (copied_key, key_len);
   if (copied_salt != NULL)
-    memset (copied_salt, '\0', salt_len);
+    explicit_bzero (copied_salt, salt_len);
 
   free (free_key);
   free (free_pbytes);