[thirdparty/glibc.git] / crypt / crypt-entry.c

/*
 * UFC-crypt: ultra fast crypt(3) implementation
 *
 * Copyright (C) 1991-2018 Free Software Foundation, Inc.
 *
 * The GNU C Library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * The GNU C Library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with the GNU C Library; if not, see
 * <http://www.gnu.org/licenses/>.
 *
 * crypt entry points
 *
 * @(#)crypt-entry.c	1.2 12/20/96
 *
 */

#ifdef DEBUG
#include <stdio.h>
#endif
#include <string.h>
#include <errno.h>
#include <fips-private.h>

#ifndef STATIC
#define STATIC static
#endif

#include "crypt-private.h"

/* Prototypes for local functions.  */
#ifndef __GNU_LIBRARY__
void _ufc_clearmem (char *start, int cnt);
#else
#define _ufc_clearmem(start, cnt)   memset(start, 0, cnt)
#endif
extern char *__md5_crypt_r (const char *key, const char *salt, char *buffer,
			    int buflen);
extern char *__md5_crypt (const char *key, const char *salt);
extern char *__sha256_crypt_r (const char *key, const char *salt,
			       char *buffer, int buflen);
extern char *__sha256_crypt (const char *key, const char *salt);
extern char *__sha512_crypt_r (const char *key, const char *salt,
			       char *buffer, int buflen);
extern char *__sha512_crypt (const char *key, const char *salt);

/* Define our magic string to mark salt for MD5 encryption
   replacement.  This is meant to be the same as for other MD5 based
   encryption implementations.  */
static const char md5_salt_prefix[] = "$1$";

/* Magic string for SHA256 encryption.  */
static const char sha256_salt_prefix[] = "$5$";

/* Magic string for SHA512 encryption.  */
static const char sha512_salt_prefix[] = "$6$";

/* For use by the old, non-reentrant routines (crypt/encrypt/setkey)  */
extern struct crypt_data _ufc_foobar;

/*
 * UNIX crypt function
 */

char *
__crypt_r (const char *key, const char *salt,
	   struct crypt_data * __restrict data)
{
  ufc_long res[4];
  char ktab[9];
  ufc_long xx = 25; /* to cope with GCC long long compiler bugs */

#ifdef _LIBC
  /* Try to find out whether we have to use MD5 encryption replacement.  */
  if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0)
    {
      /* FIPS rules out MD5 password encryption.  */
      if (fips_enabled_p ())
	{
	  __set_errno (EPERM);
	  return NULL;
	}
      return __md5_crypt_r (key, salt, (char *) data,
			    sizeof (struct crypt_data));
    }

  /* Try to find out whether we have to use SHA256 encryption replacement.  */
  if (strncmp (sha256_salt_prefix, salt, sizeof (sha256_salt_prefix) - 1) == 0)
    return __sha256_crypt_r (key, salt, (char *) data,
			     sizeof (struct crypt_data));

  /* Try to find out whether we have to use SHA512 encryption replacement.  */
  if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
    return __sha512_crypt_r (key, salt, (char *) data,
			     sizeof (struct crypt_data));
#endif

  /*
   * Hack DES tables according to salt
   */
  if (!_ufc_setup_salt_r (salt, data))
    {
      __set_errno (EINVAL);
      return NULL;
    }

  /* FIPS rules out DES password encryption.  */
  if (fips_enabled_p ())
    {
      __set_errno (EPERM);
      return NULL;
    }

  /*
   * Setup key schedule
   */
  _ufc_clearmem (ktab, (int) sizeof (ktab));
  (void) strncpy (ktab, key, 8);
  _ufc_mk_keytab_r (ktab, data);

  /*
   * Go for the 25 DES encryptions
   */
  _ufc_clearmem ((char*) res, (int) sizeof (res));
  _ufc_doit_r (xx,  data, &res[0]);

  /*
   * Do final permutations
   */
  _ufc_dofinalperm_r (res, data);

  /*
   * And convert back to 6 bit ASCII
   */
  _ufc_output_conversion_r (res[0], res[1], salt, data);

  /*
   * Erase key-dependent intermediate data.  Data dependent only on
   * the salt is not considered sensitive.
   */
  explicit_bzero (ktab, sizeof (ktab));
  explicit_bzero (data->keysched, sizeof (data->keysched));
  explicit_bzero (res, sizeof (res));

  return data->crypt_3_buf;
}
weak_alias (__crypt_r, crypt_r)

char *
crypt (const char *key, const char *salt)
{
#ifdef _LIBC
  /* Try to find out whether we have to use MD5 encryption replacement.  */
  if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0
      /* Let __crypt_r deal with the error code if FIPS is enabled.  */
      && !fips_enabled_p ())
    return __md5_crypt (key, salt);

  /* Try to find out whether we have to use SHA256 encryption replacement.  */
  if (strncmp (sha256_salt_prefix, salt, sizeof (sha256_salt_prefix) - 1) == 0)
    return __sha256_crypt (key, salt);

  /* Try to find out whether we have to use SHA512 encryption replacement.  */
  if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
    return __sha512_crypt (key, salt);
#endif

  return __crypt_r (key, salt, &_ufc_foobar);
}


/*
 * To make fcrypt users happy.
 * They don't need to call init_des.
 */
#ifdef _LIBC
weak_alias (crypt, fcrypt)
#else
char *
__fcrypt (const char *key, const char *salt)
{
  return crypt (key, salt);
}
#endif
Commit	Line	Data
63f791d3 GK	1	/*
	2	* UFC-crypt: ultra fast crypt(3) implementation
	3	*
688903eb	4	* Copyright (C) 1991-2018 Free Software Foundation, Inc.
63f791d3	5	*
a1b36134 AJ	6	* The GNU C Library is free software; you can redistribute it and/or
a1b36134 AJ	7	* modify it under the terms of the GNU Lesser General Public
63f791d3	8	* License as published by the Free Software Foundation; either
a1b36134	9	* version 2.1 of the License, or (at your option) any later version.
63f791d3	10	*
a1b36134	11	* The GNU C Library is distributed in the hope that it will be useful,
63f791d3 GK	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
63f791d3 GK	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
a1b36134	14	* Lesser General Public License for more details.
63f791d3	15	*
a1b36134	16	* You should have received a copy of the GNU Lesser General Public
59ba27a6 PE	17	* License along with the GNU C Library; if not, see
59ba27a6 PE	18	* <http://www.gnu.org/licenses/>.
63f791d3 GK	19	*
	20	* crypt entry points
	21	*
	22	* @(#)crypt-entry.c 1.2 12/20/96
	23	*
	24	*/
	25
	26	#ifdef DEBUG
	27	#include <stdio.h>
	28	#endif
	29	#include <string.h>
4ba74a35	30	#include <errno.h>
e7451425	31	#include <fips-private.h>
63f791d3 GK	32
	33	#ifndef STATIC
	34	#define STATIC static
	35	#endif
	36
63f791d3 GK	37	#include "crypt-private.h"
	38
	39	/* Prototypes for local functions. */
63f791d3 GK	40	#ifndef __GNU_LIBRARY__
	41	void _ufc_clearmem (char *start, int cnt);
	42	#else
	43	#define _ufc_clearmem(start, cnt) memset(start, 0, cnt)
	44	#endif
	45	extern char __md5_crypt_r (const char key, const char salt, char buffer,
	46	int buflen);
	47	extern char __md5_crypt (const char key, const char *salt);
c3266dc0 UD	48	extern char __sha256_crypt_r (const char key, const char *salt,
	49	char *buffer, int buflen);
	50	extern char __sha256_crypt (const char key, const char *salt);
	51	extern char __sha512_crypt_r (const char key, const char *salt,
	52	char *buffer, int buflen);
	53	extern char __sha512_crypt (const char key, const char *salt);
63f791d3 GK	54
	55	/* Define our magic string to mark salt for MD5 encryption
	56	replacement. This is meant to be the same as for other MD5 based
	57	encryption implementations. */
	58	static const char md5_salt_prefix[] = "$1$";
	59
c3266dc0 UD	60	/* Magic string for SHA256 encryption. */
	61	static const char sha256_salt_prefix[] = "$5$";
	62
	63	/* Magic string for SHA512 encryption. */
	64	static const char sha512_salt_prefix[] = "$6$";
	65
63f791d3 GK	66	/* For use by the old, non-reentrant routines (crypt/encrypt/setkey) */
	67	extern struct crypt_data _ufc_foobar;
	68
	69	/*
	70	* UNIX crypt function
	71	*/
	72
	73	char *
f63f2bfd JM	74	__crypt_r (const char key, const char salt,
f63f2bfd JM	75	struct crypt_data * __restrict data)
63f791d3 GK	76	{
	77	ufc_long res[4];
	78	char ktab[9];
	79	ufc_long xx = 25; /* to cope with GCC long long compiler bugs */
	80
	81	#ifdef _LIBC
	82	/* Try to find out whether we have to use MD5 encryption replacement. */
	83	if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0)
e7451425 AO	84	{
	85	/* FIPS rules out MD5 password encryption. */
	86	if (fips_enabled_p ())
	87	{
	88	__set_errno (EPERM);
	89	return NULL;
	90	}
	91	return __md5_crypt_r (key, salt, (char *) data,
	92	sizeof (struct crypt_data));
	93	}
c3266dc0 UD	94
	95	/* Try to find out whether we have to use SHA256 encryption replacement. */
	96	if (strncmp (sha256_salt_prefix, salt, sizeof (sha256_salt_prefix) - 1) == 0)
	97	return __sha256_crypt_r (key, salt, (char *) data,
	98	sizeof (struct crypt_data));
	99
	100	/* Try to find out whether we have to use SHA512 encryption replacement. */
	101	if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
	102	return __sha512_crypt_r (key, salt, (char *) data,
	103	sizeof (struct crypt_data));
63f791d3 GK	104	#endif
	105
	106	/*
	107	* Hack DES tables according to salt
	108	*/
4ba74a35 AO	109	if (!_ufc_setup_salt_r (salt, data))
	110	{
	111	__set_errno (EINVAL);
	112	return NULL;
	113	}
63f791d3	114
e7451425 AO	115	/* FIPS rules out DES password encryption. */
	116	if (fips_enabled_p ())
	117	{
	118	__set_errno (EPERM);
	119	return NULL;
	120	}
	121
63f791d3 GK	122	/*
	123	* Setup key schedule
	124	*/
	125	_ufc_clearmem (ktab, (int) sizeof (ktab));
	126	(void) strncpy (ktab, key, 8);
	127	_ufc_mk_keytab_r (ktab, data);
	128
	129	/*
	130	* Go for the 25 DES encryptions
	131	*/
	132	_ufc_clearmem ((char*) res, (int) sizeof (res));
	133	_ufc_doit_r (xx, data, &res[0]);
	134
	135	/*
	136	* Do final permutations
	137	*/
	138	_ufc_dofinalperm_r (res, data);
	139
	140	/*
	141	* And convert back to 6 bit ASCII
	142	*/
	143	_ufc_output_conversion_r (res[0], res[1], salt, data);
ea1bd74d ZW	144
	145	/*
	146	* Erase key-dependent intermediate data. Data dependent only on
	147	* the salt is not considered sensitive.
	148	*/
	149	explicit_bzero (ktab, sizeof (ktab));
	150	explicit_bzero (data->keysched, sizeof (data->keysched));
	151	explicit_bzero (res, sizeof (res));
	152
63f791d3 GK	153	return data->crypt_3_buf;
	154	}
	155	weak_alias (__crypt_r, crypt_r)
	156
	157	char *
9d46370c	158	crypt (const char key, const char salt)
63f791d3 GK	159	{
	160	#ifdef _LIBC
	161	/* Try to find out whether we have to use MD5 encryption replacement. */
e7451425 AO	162	if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0
	163	/* Let __crypt_r deal with the error code if FIPS is enabled. */
	164	&& !fips_enabled_p ())
63f791d3	165	return __md5_crypt (key, salt);
c3266dc0 UD	166
	167	/* Try to find out whether we have to use SHA256 encryption replacement. */
	168	if (strncmp (sha256_salt_prefix, salt, sizeof (sha256_salt_prefix) - 1) == 0)
	169	return __sha256_crypt (key, salt);
	170
	171	/* Try to find out whether we have to use SHA512 encryption replacement. */
	172	if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
	173	return __sha512_crypt (key, salt);
63f791d3 GK	174	#endif
	175
	176	return __crypt_r (key, salt, &_ufc_foobar);
	177	}
	178
	179
	180	/*
	181	* To make fcrypt users happy.
	182	* They don't need to call init_des.
	183	*/
	184	#ifdef _LIBC
	185	weak_alias (crypt, fcrypt)
	186	#else
	187	char *
9d46370c	188	__fcrypt (const char key, const char salt)
63f791d3 GK	189	{
	190	return crypt (key, salt);
	191	}
	192	#endif