source-git / glibc

Clone
Source Code
GIT

Blame crypt/crypt-entry.c

c8 c8s master
  1.   dc0d8c39fa401f0931fcd3d8d74c8f81fa28dd3c
  2.   crypt
  3.   crypt-entry.c
Blob History Raw
Packit Service 82fcde 
/*
Packit Service 82fcde 
 * UFC-crypt: ultra fast crypt(3) implementation
Packit Service 82fcde 
 *
Packit Service 82fcde 
 * Copyright (C) 1991-2018 Free Software Foundation, Inc.
Packit Service 82fcde 
 *
Packit Service 82fcde 
 * The GNU C Library is free software; you can redistribute it and/or
Packit Service 82fcde 
 * modify it under the terms of the GNU Lesser General Public
Packit Service 82fcde 
 * License as published by the Free Software Foundation; either
Packit Service 82fcde 
 * version 2.1 of the License, or (at your option) any later version.
Packit Service 82fcde 
 *
Packit Service 82fcde 
 * The GNU C Library is distributed in the hope that it will be useful,
Packit Service 82fcde 
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 82fcde 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 82fcde 
 * Lesser General Public License for more details.
Packit Service 82fcde 
 *
Packit Service 82fcde 
 * You should have received a copy of the GNU Lesser General Public
Packit Service 82fcde 
 * License along with the GNU C Library; if not, see
Packit Service 82fcde 
 * <http://www.gnu.org/licenses/>.
Packit Service 82fcde 
 *
Packit Service 82fcde 
 * crypt entry points
Packit Service 82fcde 
 *
Packit Service 82fcde 
 * @(#)crypt-entry.c	1.2 12/20/96
Packit Service 82fcde 
 *
Packit Service 82fcde 
 */
Packit Service 82fcde
Packit Service 82fcde 
#ifdef DEBUG
Packit Service 82fcde 
#include <stdio.h>
Packit Service 82fcde 
#endif
Packit Service 82fcde 
#include <string.h>
Packit Service 82fcde 
#include <errno.h>
Packit Service 82fcde 
#include <fips-private.h>
Packit Service 82fcde
Packit Service 82fcde 
#ifndef STATIC
Packit Service 82fcde 
#define STATIC static
Packit Service 82fcde 
#endif
Packit Service 82fcde
Packit Service 82fcde 
#include "crypt-private.h"
Packit Service 82fcde 
#include <shlib-compat.h>
Packit Service 82fcde
Packit Service 82fcde 
/* Prototypes for local functions.  */
Packit Service 82fcde 
#ifndef __GNU_LIBRARY__
Packit Service 82fcde 
void _ufc_clearmem (char *start, int cnt);
Packit Service 82fcde 
#else
Packit Service 82fcde 
#define _ufc_clearmem(start, cnt)   memset(start, 0, cnt)
Packit Service 82fcde 
#endif
Packit Service 82fcde 
extern char *__md5_crypt_r (const char *key, const char *salt, char *buffer,
Packit Service 82fcde 
			    int buflen);
Packit Service 82fcde 
extern char *__md5_crypt (const char *key, const char *salt);
Packit Service 82fcde 
extern char *__sha256_crypt_r (const char *key, const char *salt,
Packit Service 82fcde 
			       char *buffer, int buflen);
Packit Service 82fcde 
extern char *__sha256_crypt (const char *key, const char *salt);
Packit Service 82fcde 
extern char *__sha512_crypt_r (const char *key, const char *salt,
Packit Service 82fcde 
			       char *buffer, int buflen);
Packit Service 82fcde 
extern char *__sha512_crypt (const char *key, const char *salt);
Packit Service 82fcde
Packit Service 82fcde 
/* Define our magic string to mark salt for MD5 encryption
Packit Service 82fcde 
   replacement.  This is meant to be the same as for other MD5 based
Packit Service 82fcde 
   encryption implementations.  */
Packit Service 82fcde 
static const char md5_salt_prefix[] = "$1$";
Packit Service 82fcde
Packit Service 82fcde 
/* Magic string for SHA256 encryption.  */
Packit Service 82fcde 
static const char sha256_salt_prefix[] = "$5$";
Packit Service 82fcde
Packit Service 82fcde 
/* Magic string for SHA512 encryption.  */
Packit Service 82fcde 
static const char sha512_salt_prefix[] = "$6$";
Packit Service 82fcde
Packit Service 82fcde 
/* For use by the old, non-reentrant routines (crypt/encrypt/setkey)  */
Packit Service 82fcde 
extern struct crypt_data _ufc_foobar;
Packit Service 82fcde
Packit Service 82fcde 
/*
Packit Service 82fcde 
 * UNIX crypt function
Packit Service 82fcde 
 */
Packit Service 82fcde
Packit Service 82fcde 
char *
Packit Service 82fcde 
__crypt_r (const char *key, const char *salt,
Packit Service 82fcde 
	   struct crypt_data * __restrict data)
Packit Service 82fcde 
{
Packit Service 82fcde 
  ufc_long res[4];
Packit Service 82fcde 
  char ktab[9];
Packit Service 82fcde 
  ufc_long xx = 25; /* to cope with GCC long long compiler bugs */
Packit Service 82fcde
Packit Service 82fcde 
#ifdef _LIBC
Packit Service 82fcde 
  /* Try to find out whether we have to use MD5 encryption replacement.  */
Packit Service 82fcde 
  if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0)
Packit Service 82fcde 
    {
Packit Service 82fcde 
      /* FIPS rules out MD5 password encryption.  */
Packit Service 82fcde 
      if (fips_enabled_p ())
Packit Service 82fcde 
	{
Packit Service 82fcde 
	  __set_errno (EPERM);
Packit Service 82fcde 
	  return NULL;
Packit Service 82fcde 
	}
Packit Service 82fcde 
      return __md5_crypt_r (key, salt, (char *) data,
Packit Service 82fcde 
			    sizeof (struct crypt_data));
Packit Service 82fcde 
    }
Packit Service 82fcde
Packit Service 82fcde 
  /* Try to find out whether we have to use SHA256 encryption replacement.  */
Packit Service 82fcde 
  if (strncmp (sha256_salt_prefix, salt, sizeof (sha256_salt_prefix) - 1) == 0)
Packit Service 82fcde 
    return __sha256_crypt_r (key, salt, (char *) data,
Packit Service 82fcde 
			     sizeof (struct crypt_data));
Packit Service 82fcde
Packit Service 82fcde 
  /* Try to find out whether we have to use SHA512 encryption replacement.  */
Packit Service 82fcde 
  if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
Packit Service 82fcde 
    return __sha512_crypt_r (key, salt, (char *) data,
Packit Service 82fcde 
			     sizeof (struct crypt_data));
Packit Service 82fcde 
#endif
Packit Service 82fcde
Packit Service 82fcde 
  /*
Packit Service 82fcde 
   * Hack DES tables according to salt
Packit Service 82fcde 
   */
Packit Service 82fcde 
  if (!_ufc_setup_salt_r (salt, data))
Packit Service 82fcde 
    {
Packit Service 82fcde 
      __set_errno (EINVAL);
Packit Service 82fcde 
      return NULL;
Packit Service 82fcde 
    }
Packit Service 82fcde
Packit Service 82fcde 
  /* FIPS rules out DES password encryption.  */
Packit Service 82fcde 
  if (fips_enabled_p ())
Packit Service 82fcde 
    {
Packit Service 82fcde 
      __set_errno (EPERM);
Packit Service 82fcde 
      return NULL;
Packit Service 82fcde 
    }
Packit Service 82fcde
Packit Service 82fcde 
  /*
Packit Service 82fcde 
   * Setup key schedule
Packit Service 82fcde 
   */
Packit Service 82fcde 
  _ufc_clearmem (ktab, (int) sizeof (ktab));
Packit Service 82fcde 
  (void) strncpy (ktab, key, 8);
Packit Service 82fcde 
  _ufc_mk_keytab_r (ktab, data);
Packit Service 82fcde
Packit Service 82fcde 
  /*
Packit Service 82fcde 
   * Go for the 25 DES encryptions
Packit Service 82fcde 
   */
Packit Service 82fcde 
  _ufc_clearmem ((char*) res, (int) sizeof (res));
Packit Service 82fcde 
  _ufc_doit_r (xx,  data, &res[0]);
Packit Service 82fcde
Packit Service 82fcde 
  /*
Packit Service 82fcde 
   * Do final permutations
Packit Service 82fcde 
   */
Packit Service 82fcde 
  _ufc_dofinalperm_r (res, data);
Packit Service 82fcde
Packit Service 82fcde 
  /*
Packit Service 82fcde 
   * And convert back to 6 bit ASCII
Packit Service 82fcde 
   */
Packit Service 82fcde 
  _ufc_output_conversion_r (res[0], res[1], salt, data);
Packit Service 82fcde
Packit Service 82fcde 
  /*
Packit Service 82fcde 
   * Erase key-dependent intermediate data.  Data dependent only on
Packit Service 82fcde 
   * the salt is not considered sensitive.
Packit Service 82fcde 
   */
Packit Service 82fcde 
  explicit_bzero (ktab, sizeof (ktab));
Packit Service 82fcde 
  explicit_bzero (data->keysched, sizeof (data->keysched));
Packit Service 82fcde 
  explicit_bzero (res, sizeof (res));
Packit Service 82fcde
Packit Service 82fcde 
  return data->crypt_3_buf;
Packit Service 82fcde 
}
Packit Service 82fcde 
weak_alias (__crypt_r, crypt_r)
Packit Service 82fcde
Packit Service 82fcde 
char *
Packit Service 82fcde 
crypt (const char *key, const char *salt)
Packit Service 82fcde 
{
Packit Service 82fcde 
#ifdef _LIBC
Packit Service 82fcde 
  /* Try to find out whether we have to use MD5 encryption replacement.  */
Packit Service 82fcde 
  if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0
Packit Service 82fcde 
      /* Let __crypt_r deal with the error code if FIPS is enabled.  */
Packit Service 82fcde 
      && !fips_enabled_p ())
Packit Service 82fcde 
    return __md5_crypt (key, salt);
Packit Service 82fcde
Packit Service 82fcde 
  /* Try to find out whether we have to use SHA256 encryption replacement.  */
Packit Service 82fcde 
  if (strncmp (sha256_salt_prefix, salt, sizeof (sha256_salt_prefix) - 1) == 0)
Packit Service 82fcde 
    return __sha256_crypt (key, salt);
Packit Service 82fcde
Packit Service 82fcde 
  /* Try to find out whether we have to use SHA512 encryption replacement.  */
Packit Service 82fcde 
  if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
Packit Service 82fcde 
    return __sha512_crypt (key, salt);
Packit Service 82fcde 
#endif
Packit Service 82fcde
Packit Service 82fcde 
  return __crypt_r (key, salt, &_ufc_foobar);
Packit Service 82fcde 
}
Packit Service 82fcde
Packit Service 82fcde 
#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
Packit Service 82fcde 
weak_alias (crypt, fcrypt)
Packit Service 82fcde 
compat_symbol (libcrypt, fcrypt, fcrypt, GLIBC_2_0);
Packit Service 82fcde 
#endif

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation