| blob | bdfae83634c96b520a8f43637b512f5c7f9da6f7 |
1 /*
2 * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by Niels Provos.
16 * 4. The name of the author may not be used to endorse or promote products
17 * derived from this software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 *
30 * $FreeBSD: src/secure/lib/libcrypt/crypt-blowfish.c,v 1.1.2.1 2001/05/24 12:20:03 markm Exp $
31 */
33 /* This password hashing algorithm was designed by David Mazieres
34 * <dm@lcs.mit.edu> and works as follows:
35 *
36 * 1. state := InitState ()
37 * 2. state := ExpandKey (state, salt, password) 3.
38 * REPEAT rounds:
39 * state := ExpandKey (state, 0, salt)
40 * state := ExpandKey(state, 0, password)
41 * 4. ctext := "OrpheanBeholderScryDoubt"
42 * 5. REPEAT 64:
43 * ctext := Encrypt_ECB (state, ctext);
44 * 6. RETURN Concatenate (salt, ctext);
45 *
46 */
48 /*
49 * FreeBSD implementation by Paul Herman <pherman@frenchfries.net>
50 */
52 #if 0
53 #include <stdio.h>
54 #endif
56 #include <stdio.h>
57 #include <stdlib.h>
58 #include <sys/types.h>
59 #include <string.h>
60 #include <pwd.h>
64 /* This implementation is adaptable to current computing power.
65 * You can have up to 2^31 rounds which should be enough for some
66 * time to come.
67 */
87 {
101 };
102 #define CHAR64(c) ( (c) > 127 ? 255 : index_64[(c)])
104 static void
106 {
114 /* Invalid data */
136 }
137 }
139 static void
141 {
150 }
151 /* Generates a salt for this version of crypt.
152 Since versions may change. Keeping this here
153 seems sensible.
154 */
158 {
160 u_int16_t i;
168 }
175 }
176 /* We handle $Vers$log2(NumRounds)$salt+passwd$
177 i.e. $2$04$iwouldntknowwhattosayetKdJ6iFtacBqJdKe6aW7ou */
181 {
182 blf_ctx state;
184 u_int16_t j;
191 /* Defaults */
196 /* If it starts with the magic string, then skip that */
199 }
202 /* Discard "$" identifier */
203 salt++;
206 /* How do I handle errors ? Return NULL according to
207 crypt(3) */
209 }
211 /* Check for minor versions */
215 /* 'ab' should not yield the same as 'abab' */
217 salt++;
221 }
225 /* Discard version + "$" identifier */
229 /* Out of sync with passwd entry */
232 /* Computer power doesnt increase linear, 2^x should be fine */
236 /* Discard num rounds + "$" identifier */
238 }
241 /* We dont want the base64 salt but the raw data */
246 /* Setting up S-Boxes and Subkeys */
253 }
255 /* This can be precomputed later */
260 /* Now do the encryption */
272 }
288 }
290 static void
292 {
303 }
311 }
316 }
318 }
319 #if 0
320 void
322 {
347 }
348 #endif