2 * UFC-crypt: ultra fast crypt(3) implementation
4 * Copyright (C) 1991-2014 Free Software Foundation, Inc.
6 * The GNU C Library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * The GNU C Library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with the GNU C Library; if not, see
18 * <http://www.gnu.org/licenses/>.
22 * @(#)crypt-entry.c 1.2 12/20/96
31 #include <fips-private.h>
37 #include "crypt-private.h"
39 /* Prototypes for local functions. */
40 #ifndef __GNU_LIBRARY__
41 void _ufc_clearmem (char *start
, int cnt
);
43 #define _ufc_clearmem(start, cnt) memset(start, 0, cnt)
45 extern char *__md5_crypt_r (const char *key
, const char *salt
, char *buffer
,
47 extern char *__md5_crypt (const char *key
, const char *salt
);
48 extern char *__sha256_crypt_r (const char *key
, const char *salt
,
49 char *buffer
, int buflen
);
50 extern char *__sha256_crypt (const char *key
, const char *salt
);
51 extern char *__sha512_crypt_r (const char *key
, const char *salt
,
52 char *buffer
, int buflen
);
53 extern char *__sha512_crypt (const char *key
, const char *salt
);
55 /* Define our magic string to mark salt for MD5 encryption
56 replacement. This is meant to be the same as for other MD5 based
57 encryption implementations. */
58 static const char md5_salt_prefix
[] = "$1$";
60 /* Magic string for SHA256 encryption. */
61 static const char sha256_salt_prefix
[] = "$5$";
63 /* Magic string for SHA512 encryption. */
64 static const char sha512_salt_prefix
[] = "$6$";
66 /* For use by the old, non-reentrant routines (crypt/encrypt/setkey) */
67 extern struct crypt_data _ufc_foobar
;
74 __crypt_r (key
, salt
, data
)
77 struct crypt_data
* __restrict data
;
81 ufc_long xx
= 25; /* to cope with GCC long long compiler bugs */
84 /* Try to find out whether we have to use MD5 encryption replacement. */
85 if (strncmp (md5_salt_prefix
, salt
, sizeof (md5_salt_prefix
) - 1) == 0)
87 /* FIPS rules out MD5 password encryption. */
88 if (fips_enabled_p ())
93 return __md5_crypt_r (key
, salt
, (char *) data
,
94 sizeof (struct crypt_data
));
97 /* Try to find out whether we have to use SHA256 encryption replacement. */
98 if (strncmp (sha256_salt_prefix
, salt
, sizeof (sha256_salt_prefix
) - 1) == 0)
99 return __sha256_crypt_r (key
, salt
, (char *) data
,
100 sizeof (struct crypt_data
));
102 /* Try to find out whether we have to use SHA512 encryption replacement. */
103 if (strncmp (sha512_salt_prefix
, salt
, sizeof (sha512_salt_prefix
) - 1) == 0)
104 return __sha512_crypt_r (key
, salt
, (char *) data
,
105 sizeof (struct crypt_data
));
109 * Hack DES tables according to salt
111 if (!_ufc_setup_salt_r (salt
, data
))
113 __set_errno (EINVAL
);
117 /* FIPS rules out DES password encryption. */
118 if (fips_enabled_p ())
127 _ufc_clearmem (ktab
, (int) sizeof (ktab
));
128 (void) strncpy (ktab
, key
, 8);
129 _ufc_mk_keytab_r (ktab
, data
);
132 * Go for the 25 DES encryptions
134 _ufc_clearmem ((char*) res
, (int) sizeof (res
));
135 _ufc_doit_r (xx
, data
, &res
[0]);
138 * Do final permutations
140 _ufc_dofinalperm_r (res
, data
);
143 * And convert back to 6 bit ASCII
145 _ufc_output_conversion_r (res
[0], res
[1], salt
, data
);
146 return data
->crypt_3_buf
;
148 weak_alias (__crypt_r
, crypt_r
)
156 /* Try to find out whether we have to use MD5 encryption replacement. */
157 if (strncmp (md5_salt_prefix
, salt
, sizeof (md5_salt_prefix
) - 1) == 0
158 /* Let __crypt_r deal with the error code if FIPS is enabled. */
159 && !fips_enabled_p ())
160 return __md5_crypt (key
, salt
);
162 /* Try to find out whether we have to use SHA256 encryption replacement. */
163 if (strncmp (sha256_salt_prefix
, salt
, sizeof (sha256_salt_prefix
) - 1) == 0)
164 return __sha256_crypt (key
, salt
);
166 /* Try to find out whether we have to use SHA512 encryption replacement. */
167 if (strncmp (sha512_salt_prefix
, salt
, sizeof (sha512_salt_prefix
) - 1) == 0)
168 return __sha512_crypt (key
, salt
);
171 return __crypt_r (key
, salt
, &_ufc_foobar
);
176 * To make fcrypt users happy.
177 * They don't need to call init_des.
180 weak_alias (crypt
, fcrypt
)
187 return crypt (key
, salt
);