summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSebastian Huber <sebastian.huber@embedded-brains.de>2014-11-13 15:13:24 +0100
committerSebastian Huber <sebastian.huber@embedded-brains.de>2014-11-20 10:30:21 +0100
commit446632197c7f093ed6d0f4d48dcb03e6254828fe (patch)
tree8ff0aa2762bd85492c1926dc74e9ab2dad95b196
parent1bcd037810cf1c3405d80ab5b9f47efd947f551e (diff)
downloadrtems-446632197c7f093ed6d0f4d48dcb03e6254828fe.tar.bz2
Add crypt_r(), etc.
Add crypt_add_format(), crypt_r(), crypt_md5_r(), crypt_sha256_r() and crypt_sha512_r().
-rw-r--r--cpukit/Makefile.am2
-rw-r--r--cpukit/configure.ac1
-rw-r--r--cpukit/include/crypt.h74
-rw-r--r--cpukit/libcrypt/Makefile.am17
-rw-r--r--cpukit/libcrypt/crypt-md5.c157
-rw-r--r--cpukit/libcrypt/crypt-sha256.c272
-rw-r--r--cpukit/libcrypt/crypt-sha512.c284
-rw-r--r--cpukit/libcrypt/crypt.c71
-rw-r--r--cpukit/libcrypt/misc.c63
-rw-r--r--cpukit/libcrypt/preinstall.am15
-rw-r--r--cpukit/preinstall.am4
-rw-r--r--cpukit/wrapup/Makefile.am1
-rw-r--r--testsuites/libtests/Makefile.am1
-rw-r--r--testsuites/libtests/configure.ac1
-rw-r--r--testsuites/libtests/crypt01/Makefile.am19
-rw-r--r--testsuites/libtests/crypt01/crypt01.doc15
-rw-r--r--testsuites/libtests/crypt01/crypt01.scn78
-rw-r--r--testsuites/libtests/crypt01/init.c260
18 files changed, 1335 insertions, 0 deletions
diff --git a/cpukit/Makefile.am b/cpukit/Makefile.am
index 51cec696ec..38525fe3b8 100644
--- a/cpukit/Makefile.am
+++ b/cpukit/Makefile.am
@@ -6,6 +6,7 @@ include $(top_srcdir)/automake/multilib.am
# librtemscpu
SUBDIRS = . score rtems sapi posix
SUBDIRS += dev
+SUBDIRS += libcrypt
SUBDIRS += libcsupport libblock libfs
SUBDIRS += libnetworking librpc
SUBDIRS += libi2c
@@ -46,6 +47,7 @@ include_utf8proc_HEADERS = libmisc/utf8proc/utf8proc.h
include_sysdir = $(includedir)/sys
include_sys_HEADERS =
+include_HEADERS += include/crypt.h
include_HEADERS += include/memory.h
include_sys_HEADERS += libcsupport/include/sys/ioccom.h
diff --git a/cpukit/configure.ac b/cpukit/configure.ac
index a42989df69..9d80b3d222 100644
--- a/cpukit/configure.ac
+++ b/cpukit/configure.ac
@@ -420,6 +420,7 @@ libblock/Makefile
libfs/Makefile
libfs/src/nfsclient/Makefile
libgnat/Makefile
+libcrypt/Makefile
libcsupport/Makefile
libnetworking/Makefile
librpc/Makefile
diff --git a/cpukit/include/crypt.h b/cpukit/include/crypt.h
new file mode 100644
index 0000000000..7696aa36ea
--- /dev/null
+++ b/cpukit/include/crypt.h
@@ -0,0 +1,74 @@
+/* LINTLIBRARY */
+/*
+ * Copyright (c) 1999
+ * Mark Murray. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL MARK MURRAY OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ *
+ */
+
+#ifndef _CRYPT_H
+#define _CRYPT_H
+
+#include <sys/types.h>
+#include <sys/queue.h>
+
+__BEGIN_DECLS
+
+struct crypt_data {
+ char buffer[256];
+};
+
+struct crypt_format {
+ SLIST_ENTRY(crypt_format) link;
+ char *(*func)(const char *, const char *, struct crypt_data *);
+ const char *magic;
+};
+
+#define CRYPT_FORMAT_INITIALIZER(func, magic) { { NULL }, (func), (magic) }
+
+extern struct crypt_format crypt_md5_format;
+
+extern struct crypt_format crypt_sha256_format;
+
+extern struct crypt_format crypt_sha512_format;
+
+void crypt_add_format(struct crypt_format *);
+
+char *crypt_r(const char *, const char *, struct crypt_data *);
+
+char *crypt_md5_r(const char *, const char *, struct crypt_data *);
+
+char *crypt_sha256_r(const char *, const char *, struct crypt_data *);
+
+char *crypt_sha512_r(const char *, const char *, struct crypt_data *);
+
+void _crypt_to64(char *s, u_long v, int n);
+
+#define b64_from_24bit _crypt_b64_from_24bit
+void _crypt_b64_from_24bit(uint8_t, uint8_t, uint8_t, int, int *, char **);
+
+__END_DECLS
+
+#endif /* _CRYPT_H */
diff --git a/cpukit/libcrypt/Makefile.am b/cpukit/libcrypt/Makefile.am
new file mode 100644
index 0000000000..fe174d4e9d
--- /dev/null
+++ b/cpukit/libcrypt/Makefile.am
@@ -0,0 +1,17 @@
+include $(top_srcdir)/automake/compile.am
+
+include_HEADERS =
+
+noinst_LIBRARIES = libcrypt.a
+
+libcrypt_a_CPPFLAGS = $(AM_CPPFLAGS)
+
+libcrypt_a_SOURCES =
+libcrypt_a_SOURCES += crypt.c
+libcrypt_a_SOURCES += crypt-md5.c
+libcrypt_a_SOURCES += crypt-sha256.c
+libcrypt_a_SOURCES += crypt-sha512.c
+libcrypt_a_SOURCES += misc.c
+
+include $(srcdir)/preinstall.am
+include $(top_srcdir)/automake/local.am
diff --git a/cpukit/libcrypt/crypt-md5.c b/cpukit/libcrypt/crypt-md5.c
new file mode 100644
index 0000000000..c60dcf8973
--- /dev/null
+++ b/cpukit/libcrypt/crypt-md5.c
@@ -0,0 +1,157 @@
+/*-
+ * Copyright (c) 2003 Poul-Henning Kamp
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/types.h>
+
+#include <md5.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <crypt.h>
+
+#define MD5_SIZE 16
+
+/*
+ * UNIX password
+ */
+
+char *
+crypt_md5_r(const char *pw, const char *salt, struct crypt_data *data)
+{
+ MD5_CTX ctx,ctx1;
+ unsigned long l;
+ int sl, pl;
+ u_int i;
+ u_char final[MD5_SIZE];
+ const char *sp, *ep;
+ char *passwd = &data->buffer[0], *p;
+ static const char magic[] = "$1$";
+
+ /* Refine the Salt first */
+ sp = salt;
+
+ /* If it starts with the magic string, then skip that */
+ if(!strncmp(sp, magic, strlen(magic)))
+ sp += strlen(magic);
+
+ /* It stops at the first '$', max 8 chars */
+ for(ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++)
+ continue;
+
+ /* get the length of the true salt */
+ sl = ep - sp;
+
+ MD5Init(&ctx);
+
+ /* The password first, since that is what is most unknown */
+ MD5Update(&ctx, (const u_char *)pw, strlen(pw));
+
+ /* Then our magic string */
+ MD5Update(&ctx, (const u_char *)magic, strlen(magic));
+
+ /* Then the raw salt */
+ MD5Update(&ctx, (const u_char *)sp, (u_int)sl);
+
+ /* Then just as many characters of the MD5(pw,salt,pw) */
+ MD5Init(&ctx1);
+ MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
+ MD5Update(&ctx1, (const u_char *)sp, (u_int)sl);
+ MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
+ MD5Final(final, &ctx1);
+ for(pl = (int)strlen(pw); pl > 0; pl -= MD5_SIZE)
+ MD5Update(&ctx, (const u_char *)final,
+ (u_int)(pl > MD5_SIZE ? MD5_SIZE : pl));
+
+ /* Don't leave anything around in vm they could use. */
+ memset(final, 0, sizeof(final));
+
+ /* Then something really weird... */
+ for (i = strlen(pw); i; i >>= 1)
+ if(i & 1)
+ MD5Update(&ctx, (const u_char *)final, 1);
+ else
+ MD5Update(&ctx, (const u_char *)pw, 1);
+
+ /* Now make the output string */
+ strcpy(passwd, magic);
+ strncat(passwd, sp, (u_int)sl);
+ strcat(passwd, "$");
+
+ MD5Final(final, &ctx);
+
+ /*
+ * and now, just to make sure things don't run too fast
+ * On a 60 Mhz Pentium this takes 34 msec, so you would
+ * need 30 seconds to build a 1000 entry dictionary...
+ */
+ for(i = 0; i < 1000; i++) {
+ MD5Init(&ctx1);
+ if(i & 1)
+ MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
+ else
+ MD5Update(&ctx1, (const u_char *)final, MD5_SIZE);
+
+ if(i % 3)
+ MD5Update(&ctx1, (const u_char *)sp, (u_int)sl);
+
+ if(i % 7)
+ MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
+
+ if(i & 1)
+ MD5Update(&ctx1, (const u_char *)final, MD5_SIZE);
+ else
+ MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
+ MD5Final(final, &ctx1);
+ }
+
+ p = passwd + strlen(passwd);
+
+ l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];
+ _crypt_to64(p, l, 4); p += 4;
+ l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];
+ _crypt_to64(p, l, 4); p += 4;
+ l = (final[ 2]<<16) | (final[ 8]<<8) | final[14];
+ _crypt_to64(p, l, 4); p += 4;
+ l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];
+ _crypt_to64(p, l, 4); p += 4;
+ l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];
+ _crypt_to64(p, l, 4); p += 4;
+ l = final[11];
+ _crypt_to64(p, l, 2); p += 2;
+ *p = '\0';
+
+ /* Don't leave anything around in vm they could use. */
+ memset(final, 0, sizeof(final));
+
+ return (passwd);
+}
+
+struct crypt_format crypt_md5_format =
+ CRYPT_FORMAT_INITIALIZER(crypt_md5_r, "$1$");
diff --git a/cpukit/libcrypt/crypt-sha256.c b/cpukit/libcrypt/crypt-sha256.c
new file mode 100644
index 0000000000..7a677284b5
--- /dev/null
+++ b/cpukit/libcrypt/crypt-sha256.c
@@ -0,0 +1,272 @@
+/*
+ * Copyright (c) 2011 The FreeBSD Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* Based on:
+ * SHA256-based Unix crypt implementation. Released into the Public Domain by
+ * Ulrich Drepper <drepper@redhat.com>. */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/endian.h>
+#include <sys/param.h>
+
+#include <errno.h>
+#include <limits.h>
+#include <sha256.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <crypt.h>
+
+/* Define our magic string to mark salt for SHA256 "encryption" replacement. */
+static const char sha256_salt_prefix[] = "$5$";
+
+/* Prefix for optional rounds specification. */
+static const char sha256_rounds_prefix[] = "rounds=";
+
+/* Maximum salt string length. */
+#define SALT_LEN_MAX 16
+/* Default number of rounds if not explicitly specified. */
+#define ROUNDS_DEFAULT 5000
+/* Minimum number of rounds. */
+#define ROUNDS_MIN 1000
+/* Maximum number of rounds. */
+#define ROUNDS_MAX 999999999
+
+char *
+crypt_sha256_r(const char *key, const char *salt, struct crypt_data *data)
+{
+ u_long srounds;
+ int n;
+ uint8_t alt_result[32], temp_result[32];
+ SHA256_CTX ctx, alt_ctx;
+ size_t salt_len, key_len, cnt, rounds;
+ char *cp, *copied_key, *copied_salt, *p_bytes, *s_bytes, *endp;
+ const char *num;
+ bool rounds_custom;
+ char *buffer = &data->buffer[0];
+ int buflen = (int)sizeof(data->buffer);
+
+ copied_key = NULL;
+ copied_salt = NULL;
+
+ /* Default number of rounds. */
+ rounds = ROUNDS_DEFAULT;
+ rounds_custom = false;
+
+ /* Find beginning of salt string. The prefix should normally always
+ * be present. Just in case it is not. */
+ if (strncmp(sha256_salt_prefix, salt, sizeof(sha256_salt_prefix) - 1) == 0)
+ /* Skip salt prefix. */
+ salt += sizeof(sha256_salt_prefix) - 1;
+
+ if (strncmp(salt, sha256_rounds_prefix, sizeof(sha256_rounds_prefix) - 1)
+ == 0) {
+ num = salt + sizeof(sha256_rounds_prefix) - 1;
+ srounds = strtoul(num, &endp, 10);
+
+ if (*endp == '$') {
+ salt = endp + 1;
+ rounds = MAX(ROUNDS_MIN, MIN(srounds, ROUNDS_MAX));
+ rounds_custom = true;
+ }
+ }
+
+ salt_len = MIN(strcspn(salt, "$"), SALT_LEN_MAX);
+ key_len = strlen(key);
+
+ /* Prepare for the real work. */
+ SHA256_Init(&ctx);
+
+ /* Add the key string. */
+ SHA256_Update(&ctx, key, key_len);
+
+ /* The last part is the salt string. This must be at most 8
+ * characters and it ends at the first `$' character (for
+ * compatibility with existing implementations). */
+ SHA256_Update(&ctx, salt, salt_len);
+
+ /* Compute alternate SHA256 sum with input KEY, SALT, and KEY. The
+ * final result will be added to the first context. */
+ SHA256_Init(&alt_ctx);
+
+ /* Add key. */
+ SHA256_Update(&alt_ctx, key, key_len);
+
+ /* Add salt. */
+ SHA256_Update(&alt_ctx, salt, salt_len);
+
+ /* Add key again. */
+ SHA256_Update(&alt_ctx, key, key_len);
+
+ /* Now get result of this (32 bytes) and add it to the other context. */
+ SHA256_Final(alt_result, &alt_ctx);
+
+ /* Add for any character in the key one byte of the alternate sum. */
+ for (cnt = key_len; cnt > 32; cnt -= 32)
+ SHA256_Update(&ctx, alt_result, 32);
+ SHA256_Update(&ctx, alt_result, cnt);
+
+ /* Take the binary representation of the length of the key and for
+ * every 1 add the alternate sum, for every 0 the key. */
+ for (cnt = key_len; cnt > 0; cnt >>= 1)
+ if ((cnt & 1) != 0)
+ SHA256_Update(&ctx, alt_result, 32);
+ else
+ SHA256_Update(&ctx, key, key_len);
+
+ /* Create intermediate result. */
+ SHA256_Final(alt_result, &ctx);
+
+ /* Start computation of P byte sequence. */
+ SHA256_Init(&alt_ctx);
+
+ /* For every character in the password add the entire password. */
+ for (cnt = 0; cnt < key_len; ++cnt)
+ SHA256_Update(&alt_ctx, key, key_len);
+
+ /* Finish the digest. */
+ SHA256_Final(temp_result, &alt_ctx);
+
+ /* Create byte sequence P. */
+ cp = p_bytes = alloca(key_len);
+ for (cnt = key_len; cnt >= 32; cnt -= 32) {
+ memcpy(cp, temp_result, 32);
+ cp += 32;
+ }
+ memcpy(cp, temp_result, cnt);
+
+ /* Start computation of S byte sequence. */
+ SHA256_Init(&alt_ctx);
+
+ /* For every character in the password add the entire password. */
+ for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt)
+ SHA256_Update(&alt_ctx, salt, salt_len);
+
+ /* Finish the digest. */
+ SHA256_Final(temp_result, &alt_ctx);
+
+ /* Create byte sequence S. */
+ cp = s_bytes = alloca(salt_len);
+ for (cnt = salt_len; cnt >= 32; cnt -= 32) {
+ memcpy(cp, temp_result, 32);
+ cp += 32;
+ }
+ memcpy(cp, temp_result, cnt);
+
+ /* Repeatedly run the collected hash value through SHA256 to burn CPU
+ * cycles. */
+ for (cnt = 0; cnt < rounds; ++cnt) {
+ /* New context. */
+ SHA256_Init(&ctx);
+
+ /* Add key or last result. */
+ if ((cnt & 1) != 0)
+ SHA256_Update(&ctx, p_bytes, key_len);
+ else
+ SHA256_Update(&ctx, alt_result, 32);
+
+ /* Add salt for numbers not divisible by 3. */
+ if (cnt % 3 != 0)
+ SHA256_Update(&ctx, s_bytes, salt_len);
+
+ /* Add key for numbers not divisible by 7. */
+ if (cnt % 7 != 0)
+ SHA256_Update(&ctx, p_bytes, key_len);
+
+ /* Add key or last result. */
+ if ((cnt & 1) != 0)
+ SHA256_Update(&ctx, alt_result, 32);
+ else
+ SHA256_Update(&ctx, p_bytes, key_len);
+
+ /* Create intermediate result. */
+ SHA256_Final(alt_result, &ctx);
+ }
+
+ /* Now we can construct the result string. It consists of three
+ * parts. */
+ cp = stpncpy(buffer, sha256_salt_prefix, MAX(0, buflen));
+ buflen -= sizeof(sha256_salt_prefix) - 1;
+
+ if (rounds_custom) {
+ n = snprintf(cp, MAX(0, buflen), "%s%zu$",
+ sha256_rounds_prefix, rounds);
+
+ cp += n;
+ buflen -= n;
+ }
+
+ cp = stpncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len));
+ buflen -= MIN((size_t)MAX(0, buflen), salt_len);
+
+ if (buflen > 0) {
+ *cp++ = '$';
+ --buflen;
+ }
+
+ b64_from_24bit(alt_result[0], alt_result[10], alt_result[20], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[21], alt_result[1], alt_result[11], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[12], alt_result[22], alt_result[2], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[3], alt_result[13], alt_result[23], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[24], alt_result[4], alt_result[14], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[15], alt_result[25], alt_result[5], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[6], alt_result[16], alt_result[26], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[27], alt_result[7], alt_result[17], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[18], alt_result[28], alt_result[8], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[9], alt_result[19], alt_result[29], 4, &buflen, &cp);
+ b64_from_24bit(0, alt_result[31], alt_result[30], 3, &buflen, &cp);
+ if (buflen <= 0) {
+ errno = ERANGE;
+ buffer = NULL;
+ }
+ else
+ *cp = '\0'; /* Terminate the string. */
+
+ /* Clear the buffer for the intermediate result so that people
+ * attaching to processes or reading core dumps cannot get any
+ * information. We do it in this way to clear correct_words[] inside
+ * the SHA256 implementation as well. */
+ SHA256_Init(&ctx);
+ SHA256_Final(alt_result, &ctx);
+ memset(temp_result, '\0', sizeof(temp_result));
+ memset(p_bytes, '\0', key_len);
+ memset(s_bytes, '\0', salt_len);
+ memset(&ctx, '\0', sizeof(ctx));
+ memset(&alt_ctx, '\0', sizeof(alt_ctx));
+ if (copied_key != NULL)
+ memset(copied_key, '\0', key_len);
+ if (copied_salt != NULL)
+ memset(copied_salt, '\0', salt_len);
+
+ return buffer;
+}
+
+struct crypt_format crypt_sha256_format =
+ CRYPT_FORMAT_INITIALIZER(crypt_sha256_r, "$5$");
diff --git a/cpukit/libcrypt/crypt-sha512.c b/cpukit/libcrypt/crypt-sha512.c
new file mode 100644
index 0000000000..d418b8946a
--- /dev/null
+++ b/cpukit/libcrypt/crypt-sha512.c
@@ -0,0 +1,284 @@
+/*
+ * Copyright (c) 2011 The FreeBSD Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* Based on:
+ * SHA512-based Unix crypt implementation. Released into the Public Domain by
+ * Ulrich Drepper <drepper@redhat.com>. */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/endian.h>
+#include <sys/param.h>
+
+#include <errno.h>
+#include <limits.h>
+#include <sha512.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <crypt.h>
+
+/* Define our magic string to mark salt for SHA512 "encryption" replacement. */
+static const char sha512_salt_prefix[] = "$6$";
+
+/* Prefix for optional rounds specification. */
+static const char sha512_rounds_prefix[] = "rounds=";
+
+/* Maximum salt string length. */
+#define SALT_LEN_MAX 16
+/* Default number of rounds if not explicitly specified. */
+#define ROUNDS_DEFAULT 5000
+/* Minimum number of rounds. */
+#define ROUNDS_MIN 1000
+/* Maximum number of rounds. */
+#define ROUNDS_MAX 999999999
+
+char *
+crypt_sha512_r(const char *key, const char *salt, struct crypt_data *data)
+{
+ u_long srounds;
+ int n;
+ uint8_t alt_result[64], temp_result[64];
+ SHA512_CTX ctx, alt_ctx;
+ size_t salt_len, key_len, cnt, rounds;
+ char *cp, *copied_key, *copied_salt, *p_bytes, *s_bytes, *endp;
+ const char *num;
+ bool rounds_custom;
+ char *buffer = &data->buffer[0];
+ int buflen = (int)sizeof(data->buffer);
+
+ copied_key = NULL;
+ copied_salt = NULL;
+
+ /* Default number of rounds. */
+ rounds = ROUNDS_DEFAULT;
+ rounds_custom = false;
+
+ /* Find beginning of salt string. The prefix should normally always
+ * be present. Just in case it is not. */
+ if (strncmp(sha512_salt_prefix, salt, sizeof(sha512_salt_prefix) - 1) == 0)
+ /* Skip salt prefix. */
+ salt += sizeof(sha512_salt_prefix) - 1;
+
+ if (strncmp(salt, sha512_rounds_prefix, sizeof(sha512_rounds_prefix) - 1)
+ == 0) {
+ num = salt + sizeof(sha512_rounds_prefix) - 1;
+ srounds = strtoul(num, &endp, 10);
+
+ if (*endp == '$') {
+ salt = endp + 1;
+ rounds = MAX(ROUNDS_MIN, MIN(srounds, ROUNDS_MAX));
+ rounds_custom = true;
+ }
+ }
+
+ salt_len = MIN(strcspn(salt, "$"), SALT_LEN_MAX);
+ key_len = strlen(key);
+
+ /* Prepare for the real work. */
+ SHA512_Init(&ctx);
+
+ /* Add the key string. */
+ SHA512_Update(&ctx, key, key_len);
+
+ /* The last part is the salt string. This must be at most 8
+ * characters and it ends at the first `$' character (for
+ * compatibility with existing implementations). */
+ SHA512_Update(&ctx, salt, salt_len);
+
+ /* Compute alternate SHA512 sum with input KEY, SALT, and KEY. The
+ * final result will be added to the first context. */
+ SHA512_Init(&alt_ctx);
+
+ /* Add key. */
+ SHA512_Update(&alt_ctx, key, key_len);
+
+ /* Add salt. */
+ SHA512_Update(&alt_ctx, salt, salt_len);
+
+ /* Add key again. */
+ SHA512_Update(&alt_ctx, key, key_len);
+
+ /* Now get result of this (64 bytes) and add it to the other context. */
+ SHA512_Final(alt_result, &alt_ctx);
+
+ /* Add for any character in the key one byte of the alternate sum. */
+ for (cnt = key_len; cnt > 64; cnt -= 64)
+ SHA512_Update(&ctx, alt_result, 64);
+ SHA512_Update(&ctx, alt_result, cnt);
+
+ /* Take the binary representation of the length of the key and for
+ * every 1 add the alternate sum, for every 0 the key. */
+ for (cnt = key_len; cnt > 0; cnt >>= 1)
+ if ((cnt & 1) != 0)
+ SHA512_Update(&ctx, alt_result, 64);
+ else
+ SHA512_Update(&ctx, key, key_len);
+
+ /* Create intermediate result. */
+ SHA512_Final(alt_result, &ctx);
+
+ /* Start computation of P byte sequence. */
+ SHA512_Init(&alt_ctx);
+
+ /* For every character in the password add the entire password. */
+ for (cnt = 0; cnt < key_len; ++cnt)
+ SHA512_Update(&alt_ctx, key, key_len);
+
+ /* Finish the digest. */
+ SHA512_Final(temp_result, &alt_ctx);
+
+ /* Create byte sequence P. */
+ cp = p_bytes = alloca(key_len);
+ for (cnt = key_len; cnt >= 64; cnt -= 64) {
+ memcpy(cp, temp_result, 64);
+ cp += 64;
+ }
+ memcpy(cp, temp_result, cnt);
+
+ /* Start computation of S byte sequence. */
+ SHA512_Init(&alt_ctx);
+
+ /* For every character in the password add the entire password. */
+ for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt)
+ SHA512_Update(&alt_ctx, salt, salt_len);
+
+ /* Finish the digest. */
+ SHA512_Final(temp_result, &alt_ctx);
+
+ /* Create byte sequence S. */
+ cp = s_bytes = alloca(salt_len);
+ for (cnt = salt_len; cnt >= 64; cnt -= 64) {
+ memcpy(cp, temp_result, 64);
+ cp += 64;
+ }
+ memcpy(cp, temp_result, cnt);
+
+ /* Repeatedly run the collected hash value through SHA512 to burn CPU
+ * cycles. */
+ for (cnt = 0; cnt < rounds; ++cnt) {
+ /* New context. */
+ SHA512_Init(&ctx);
+
+ /* Add key or last result. */
+ if ((cnt & 1) != 0)
+ SHA512_Update(&ctx, p_bytes, key_len);
+ else
+ SHA512_Update(&ctx, alt_result, 64);
+
+ /* Add salt for numbers not divisible by 3. */
+ if (cnt % 3 != 0)
+ SHA512_Update(&ctx, s_bytes, salt_len);
+
+ /* Add key for numbers not divisible by 7. */
+ if (cnt % 7 != 0)
+ SHA512_Update(&ctx, p_bytes, key_len);
+
+ /* Add key or last result. */
+ if ((cnt & 1) != 0)
+ SHA512_Update(&ctx, alt_result, 64);
+ else
+ SHA512_Update(&ctx, p_bytes, key_len);
+
+ /* Create intermediate result. */
+ SHA512_Final(alt_result, &ctx);
+ }
+
+ /* Now we can construct the result string. It consists of three
+ * parts. */
+ cp = stpncpy(buffer, sha512_salt_prefix, MAX(0, buflen));
+ buflen -= sizeof(sha512_salt_prefix) - 1;
+
+ if (rounds_custom) {
+ n = snprintf(cp, MAX(0, buflen), "%s%zu$",
+ sha512_rounds_prefix, rounds);
+
+ cp += n;
+ buflen -= n;
+ }
+
+ cp = stpncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len));
+ buflen -= MIN((size_t)MAX(0, buflen), salt_len);
+
+ if (buflen > 0) {
+ *cp++ = '$';
+ --buflen;
+ }
+
+ b64_from_24bit(alt_result[0], alt_result[21], alt_result[42], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[22], alt_result[43], alt_result[1], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[44], alt_result[2], alt_result[23], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[3], alt_result[24], alt_result[45], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[25], alt_result[46], alt_result[4], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[47], alt_result[5], alt_result[26], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[6], alt_result[27], alt_result[48], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[28], alt_result[49], alt_result[7], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[50], alt_result[8], alt_result[29], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[9], alt_result[30], alt_result[51], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[31], alt_result[52], alt_result[10], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[53], alt_result[11], alt_result[32], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[12], alt_result[33], alt_result[54], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[34], alt_result[55], alt_result[13], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[56], alt_result[14], alt_result[35], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[15], alt_result[36], alt_result[57], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[37], alt_result[58], alt_result[16], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[59], alt_result[17], alt_result[38], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[18], alt_result[39], alt_result[60], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[40], alt_result[61], alt_result[19], 4, &buflen, &cp);
+ b64_from_24bit(alt_result[62], alt_result[20], alt_result[41], 4, &buflen, &cp);
+ b64_from_24bit(0, 0, alt_result[63], 2, &buflen, &cp);
+
+ if (buflen <= 0) {
+ errno = ERANGE;
+ buffer = NULL;
+ }
+ else
+ *cp = '\0'; /* Terminate the string. */
+
+ /* Clear the buffer for the intermediate result so that people
+ * attaching to processes or reading core dumps cannot get any
+ * information. We do it in this way to clear correct_words[] inside
+ * the SHA512 implementation as well. */
+ SHA512_Init(&ctx);
+ SHA512_Final(alt_result, &ctx);
+ memset(temp_result, '\0', sizeof(temp_result));
+ memset(p_bytes, '\0', key_len);
+ memset(s_bytes, '\0', salt_len);
+ memset(&ctx, '\0', sizeof(ctx));
+ memset(&alt_ctx, '\0', sizeof(alt_ctx));
+ if (copied_key != NULL)
+ memset(copied_key, '\0', key_len);
+ if (copied_salt != NULL)
+ memset(copied_salt, '\0', salt_len);
+
+ return buffer;
+}
+
+struct crypt_format crypt_sha512_format =
+ CRYPT_FORMAT_INITIALIZER(crypt_sha512_r, "$6$");
diff --git a/cpukit/libcrypt/crypt.c b/cpukit/libcrypt/crypt.c
new file mode 100644
index 0000000000..b6acb97335
--- /dev/null
+++ b/cpukit/libcrypt/crypt.c
@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) 2014 embedded brains GmbH. All rights reserved.
+ *
+ * embedded brains GmbH
+ * Dornierstr. 4
+ * 82178 Puchheim
+ * Germany
+ * <info@embedded-brains.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <crypt.h>
+#include <string.h>
+
+static char *
+cf_default_func(const char *pw, const char *salt, struct crypt_data *data)
+{
+ (void)salt;
+
+ strncpy(&data->buffer[0], pw, sizeof(data->buffer) - 1);
+ data->buffer[sizeof(data->buffer) - 1] = '\0';
+
+ return (&data->buffer[0]);
+}
+
+static struct crypt_format cf_default =
+ CRYPT_FORMAT_INITIALIZER(cf_default_func, NULL);
+
+static SLIST_HEAD(, crypt_format) cf_head = {
+ &cf_default
+};
+
+void crypt_add_format(struct crypt_format *cf)
+{
+ if (cf->link.sle_next == NULL)
+ SLIST_INSERT_HEAD(&cf_head, cf, link);
+}
+
+char *
+crypt_r(const char *passwd, const char *salt, struct crypt_data *data)
+{
+ const struct crypt_format *cf;
+
+ SLIST_FOREACH(cf, &cf_head, link)
+ if (cf->magic != NULL && strstr(salt, cf->magic) == salt)
+ return (cf->func(passwd, salt, data));
+
+ cf = SLIST_FIRST(&cf_head);
+
+ return (cf->func(passwd, salt, data));
+}
diff --git a/cpukit/libcrypt/misc.c b/cpukit/libcrypt/misc.c
new file mode 100644
index 0000000000..9f2c13e8c7
--- /dev/null
+++ b/cpukit/libcrypt/misc.c
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 1999
+ * University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY CONTRIBUTORS ``AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+ * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/types.h>
+
+#include <crypt.h>
+
+static const char itoa64[] = /* 0 ... 63 => ascii - 64 */
+ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+void
+_crypt_to64(char *s, u_long v, int n)
+{
+ while (--n >= 0) {
+ *s++ = itoa64[v&0x3f];
+ v >>= 6;
+ }
+}
+
+void
+b64_from_24bit(uint8_t B2, uint8_t B1, uint8_t B0, int n, int *buflen, char **cp)
+{
+ uint32_t w;
+ int i;
+
+ w = (B2 << 16) | (B1 << 8) | B0;
+ for (i = 0; i < n; i++) {
+ **cp = itoa64[w&0x3f];
+ (*cp)++;
+ if ((*buflen)-- < 0)
+ break;
+ w >>= 6;
+ }
+}
diff --git a/cpukit/libcrypt/preinstall.am b/cpukit/libcrypt/preinstall.am
new file mode 100644
index 0000000000..feb5d1d4e3
--- /dev/null
+++ b/cpukit/libcrypt/preinstall.am
@@ -0,0 +1,15 @@
+## Automatically generated by ampolish3 - Do not edit
+
+if AMPOLISH3
+$(srcdir)/preinstall.am: Makefile.am
+ $(AMPOLISH3) $(srcdir)/Makefile.am > $(srcdir)/preinstall.am
+endif
+
+PREINSTALL_DIRS =
+DISTCLEANFILES = $(PREINSTALL_DIRS)
+
+$(PROJECT_INCLUDE)/$(dirstamp):
+ @$(MKDIR_P) $(PROJECT_INCLUDE)
+ @: > $(PROJECT_INCLUDE)/$(dirstamp)
+PREINSTALL_DIRS += $(PROJECT_INCLUDE)/$(dirstamp)
+
diff --git a/cpukit/preinstall.am b/cpukit/preinstall.am
index 6d7e3ae28b..67add27346 100644
--- a/cpukit/preinstall.am
+++ b/cpukit/preinstall.am
@@ -51,6 +51,10 @@ $(PROJECT_INCLUDE)/sys/$(dirstamp):
@: > $(PROJECT_INCLUDE)/sys/$(dirstamp)
PREINSTALL_DIRS += $(PROJECT_INCLUDE)/sys/$(dirstamp)
+$(PROJECT_INCLUDE)/crypt.h: include/crypt.h $(PROJECT_INCLUDE)/$(dirstamp)
+ $(INSTALL_DATA) $< $(PROJECT_INCLUDE)/crypt.h
+PREINSTALL_FILES += $(PROJECT_INCLUDE)/crypt.h
+
$(PROJECT_INCLUDE)/memory.h: include/memory.h $(PROJECT_INCLUDE)/$(dirstamp)
$(INSTALL_DATA) $< $(PROJECT_INCLUDE)/memory.h
PREINSTALL_FILES += $(PROJECT_INCLUDE)/memory.h
diff --git a/cpukit/wrapup/Makefile.am b/cpukit/wrapup/Makefile.am
index 58f17aced7..6fbddb06ba 100644
--- a/cpukit/wrapup/Makefile.am
+++ b/cpukit/wrapup/Makefile.am
@@ -19,6 +19,7 @@ if LIBGNAT
TMP_LIBS += ../libgnat/libgnat.a
endif
+TMP_LIBS += ../libcrypt/libcrypt.a
TMP_LIBS += ../libcsupport/libcsupport.a
TMP_LIBS += ../libblock/libblock.a
if LIBDOSFS
diff --git a/testsuites/libtests/Makefile.am b/testsuites/libtests/Makefile.am
index fd10769fd6..278b2320a1 100644
--- a/testsuites/libtests/Makefile.am
+++ b/testsuites/libtests/Makefile.am
@@ -1,6 +1,7 @@
ACLOCAL_AMFLAGS = -I ../aclocal
_SUBDIRS = POSIX
+_SUBDIRS += crypt01
_SUBDIRS += sha
_SUBDIRS += i2c01
_SUBDIRS += newlib01
diff --git a/testsuites/libtests/configure.ac b/testsuites/libtests/configure.ac
index a6ea4aca0d..437b760814 100644
--- a/testsuites/libtests/configure.ac
+++ b/testsuites/libtests/configure.ac
@@ -66,6 +66,7 @@ AS_IF([test x"$HAVE_LIBDL" = x"yes"],[
# Explicitly list all Makefiles here
AC_CONFIG_FILES([Makefile
+crypt01/Makefile
sha/Makefile
i2c01/Makefile
newlib01/Makefile
diff --git a/testsuites/libtests/crypt01/Makefile.am b/testsuites/libtests/crypt01/Makefile.am
new file mode 100644
index 0000000000..973f274ca5
--- /dev/null
+++ b/testsuites/libtests/crypt01/Makefile.am
@@ -0,0 +1,19 @@
+rtems_tests_PROGRAMS = crypt01
+crypt01_SOURCES = init.c
+
+dist_rtems_tests_DATA = crypt01.scn crypt01.doc
+
+include $(RTEMS_ROOT)/make/custom/@RTEMS_BSP@.cfg
+include $(top_srcdir)/../automake/compile.am
+include $(top_srcdir)/../automake/leaf.am
+
+AM_CPPFLAGS += -I$(top_srcdir)/../support/include
+
+LINK_OBJS = $(crypt01_OBJECTS)
+LINK_LIBS = $(crypt01_LDLIBS)
+
+crypt01$(EXEEXT): $(crypt01_OBJECTS) $(crypt01_DEPENDENCIES)
+ @rm -f crypt01$(EXEEXT)
+ $(make-exe)
+
+include $(top_srcdir)/../automake/local.am
diff --git a/testsuites/libtests/crypt01/crypt01.doc b/testsuites/libtests/crypt01/crypt01.doc
new file mode 100644
index 0000000000..8b63d3ca31
--- /dev/null
+++ b/testsuites/libtests/crypt01/crypt01.doc
@@ -0,0 +1,15 @@
+This file describes the directives and concepts tested by this test set.
+
+test set name: crypt01
+
+directives:
+
+ - crypt_set_format
+ - crypt_get_format
+ - crypt_md5_r
+ - crypt_sha256_r
+ - crypt_sha512_r
+
+concepts:
+
+ - Ensure that the crypt family functions work for some test cases.
diff --git a/testsuites/libtests/crypt01/crypt01.scn b/testsuites/libtests/crypt01/crypt01.scn
new file mode 100644
index 0000000000..a6e071cbbe
--- /dev/null
+++ b/testsuites/libtests/crypt01/crypt01.scn
@@ -0,0 +1,78 @@
+*** BEGIN OF TEST CRYPT 1 ***
+test crypt_md5_r()
+test crypt_sha256_r()
+input: Hello world!
+salt: $5$saltstring
+expected: $5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5
+actual: $5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5
+input: Hello world!
+salt: $5$rounds=10000$saltstringsaltstring
+expected: $5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2.opqey6IcA
+actual: $5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2.opqey6IcA
+input: This is just a test
+salt: $5$rounds=5000$toolongsaltstring
+expected: $5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8mGRcvxa5
+actual: $5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8mGRcvxa5
+input: a very much longer text to encrypt. This one even stretches over morethan one line.
+salt: $5$rounds=1400$anotherlongsaltstring
+expected: $5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12oP84Bnq1
+actual: $5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12oP84Bnq1
+input: we have a short salt string but not a short password
+salt: $5$rounds=77777$short
+expected: $5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/
+actual: $5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/
+input: a short string
+salt: $5$rounds=123456$asaltof16chars..
+expected: $5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/cZKmF/wJvD
+actual: $5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/cZKmF/wJvD
+input: the minimum number is still observed
+salt: $5$rounds=10$roundstoolow
+expected: $5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL972bIC
+actual: $5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL972bIC
+test crypt_sha512_r()
+input: Hello world!
+salt: $6$saltstring
+expected: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1
+actual: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1
+input: Hello world!
+salt: $6$rounds=10000$saltstringsaltstring
+expected: $6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v.
+actual: $6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v.
+input: This is just a test
+salt: $6$rounds=5000$toolongsaltstring
+expected: $6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQzQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0
+actual: $6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQzQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0
+input: a very much longer text to encrypt. This one even stretches over morethan one line.
+salt: $6$rounds=1400$anotherlongsaltstring
+expected: $6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wPvMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1
+actual: $6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wPvMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1
+input: we have a short salt string but not a short password
+salt: $6$rounds=77777$short
+expected: $6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0gge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0
+actual: $6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0gge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0
+input: a short string
+salt: $6$rounds=123456$asaltof16chars..
+expected: $6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwcelCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1
+actual: $6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwcelCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1
+input: the minimum number is still observed
+salt: $6$rounds=10$roundstoolow
+expected: $6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX.
+actual: $6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX.
+test crypt_r()
+input: Hello world!
+salt: saltstring
+expected: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1
+actual: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1
+input: 0.s0.l33t
+salt: $1$deadbeef
+expected: $1$deadbeef$0Huu6KHrKLVWfqa4WljDE0
+actual: $1$deadbeef$0Huu6KHrKLVWfqa4WljDE0
+input: Hello world!
+salt: $5$saltstring
+expected: $5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5
+actual: $5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5
+input: Hello world!
+salt: $6$saltstring
+expected: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1
+actual: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1
+*** END OF TEST CRYPT 1 ***
diff --git a/testsuites/libtests/crypt01/init.c b/testsuites/libtests/crypt01/init.c
new file mode 100644
index 0000000000..487aa2c19f
--- /dev/null
+++ b/testsuites/libtests/crypt01/init.c
@@ -0,0 +1,260 @@
+/*
+ * Copyright (c) 2011 The FreeBSD Project. All rights reserved.
+ *
+ * Copyright (c) 2014 embedded brains GmbH. All rights reserved.
+ *
+ * embedded brains GmbH
+ * Dornierstr. 4
+ * 82178 Puchheim
+ * Germany
+ * <rtems@embedded-brains.de>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* Based on:
+ * SHA256-based Unix crypt implementation. Released into the Public Domain by
+ * Ulrich Drepper <drepper@redhat.com>. */
+
+#ifdef HAVE_CONFIG_H
+ #include "config.h"
+#endif
+
+#include <crypt.h>
+#include <string.h>
+
+#include "tmacros.h"
+
+const char rtems_test_name[] = "CRYPT 1";
+
+typedef struct {
+ const char *salt;
+ const char *input;
+ const char *expected;
+} test_case;
+
+static void test_formats(void)
+{
+ struct crypt_data data;
+ char *s;
+
+ s = crypt_r("abc", "def", &data);
+ rtems_test_assert(strcmp(s, "abc") == 0);
+
+ crypt_add_format(&crypt_md5_format);
+ crypt_add_format(&crypt_sha256_format);
+ crypt_add_format(&crypt_sha512_format);
+}
+
+static void test_md5(void)
+{
+ const char key[] = "0.s0.l33t";
+ const char salt_0[] = "$1$deadbeef$0Huu6KHrKLVWfqa4WljDE0";
+ const char salt_1[] = "$1$cafebabe$0Huu6KHrKLVWfqa4WljDE0";
+ struct crypt_data data;
+ char *s;
+
+ printf("test crypt_md5_r()\n");
+
+ s = crypt_md5_r(&key[0], &salt_0[0], &data);
+ rtems_test_assert(strcmp(s, &salt_0[0]) == 0);
+
+ s = crypt_md5_r(&key[0], &salt_1[0], &data);
+ rtems_test_assert(strcmp(s, &salt_1[0]) != 0);
+}
+
+static const test_case test_cases_sha256[] = {
+ {
+ "$5$saltstring", "Hello world!",
+ "$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5"
+ }, {
+ "$5$rounds=10000$saltstringsaltstring", "Hello world!",
+ "$5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2."
+ "opqey6IcA"
+ }, {
+ "$5$rounds=5000$toolongsaltstring", "This is just a test",
+ "$5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8"
+ "mGRcvxa5"
+ }, {
+ "$5$rounds=1400$anotherlongsaltstring",
+ "a very much longer text to encrypt. This one even stretches over more"
+ "than one line.",
+ "$5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12"
+ "oP84Bnq1"
+ }, {
+ "$5$rounds=77777$short",
+ "we have a short salt string but not a short password",
+ "$5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/"
+ }, {
+ "$5$rounds=123456$asaltof16chars..", "a short string",
+ "$5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/"
+ "cZKmF/wJvD"
+ }, {
+ "$5$rounds=10$roundstoolow", "the minimum number is still observed",
+ "$5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL97"
+ "2bIC"
+ }
+};
+
+static void print_test_case(const test_case *c, const char *s)
+{
+ printf(
+ "input: %s\nsalt: %s\nexpected: %s\nactual: %s\n",
+ c->input,
+ c->salt,
+ c->expected,
+ s
+ );
+}
+
+static void test_sha256(void)
+{
+ size_t i;
+
+ printf("test crypt_sha256_r()\n");
+
+ for (i = 0; i < RTEMS_ARRAY_SIZE(test_cases_sha256); ++i) {
+ const test_case *c = &test_cases_sha256[i];
+ struct crypt_data data;
+ char *s;
+
+ s = crypt_sha256_r(c->input, c->salt, &data);
+ print_test_case(c, s);
+ rtems_test_assert(strcmp(s, c->expected) == 0);
+ }
+}
+
+static const test_case test_cases_sha512[] = {
+ {
+ "$6$saltstring", "Hello world!",
+ "$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJu"
+ "esI68u4OTLiBFdcbYEdFCoEOfaS35inz1"
+ }, {
+ "$6$rounds=10000$saltstringsaltstring", "Hello world!",
+ "$6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sb"
+ "HbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v."
+ }, {
+ "$6$rounds=5000$toolongsaltstring", "This is just a test",
+ "$6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQ"
+ "zQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0"
+ }, {
+ "$6$rounds=1400$anotherlongsaltstring",
+ "a very much longer text to encrypt. This one even stretches over more"
+ "than one line.",
+ "$6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wP"
+ "vMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1"
+ }, {
+ "$6$rounds=77777$short",
+ "we have a short salt string but not a short password",
+ "$6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0g"
+ "ge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0"
+ }, {
+ "$6$rounds=123456$asaltof16chars..", "a short string",
+ "$6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwc"
+ "elCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1"
+ }, {
+ "$6$rounds=10$roundstoolow", "the minimum number is still observed",
+ "$6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1x"
+ "hLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX."
+ }
+};
+
+static void test_sha512(void)
+{
+ size_t i;
+
+ printf("test crypt_sha512_r()\n");
+
+ for (i = 0; i < RTEMS_ARRAY_SIZE(test_cases_sha512); ++i) {
+ const test_case *c = &test_cases_sha512[i];
+ struct crypt_data data;
+ char *s;
+
+ s = crypt_sha512_r(c->input, c->salt, &data);
+ print_test_case(c, s);
+ rtems_test_assert(strcmp(s, c->expected) == 0);
+ }
+}
+
+static const test_case test_cases_generic[] = {
+ {
+ "saltstring", "Hello world!",
+ "$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJu"
+ "esI68u4OTLiBFdcbYEdFCoEOfaS35inz1"
+ }, {
+ "$1$deadbeef", "0.s0.l33t",
+ "$1$deadbeef$0Huu6KHrKLVWfqa4WljDE0"
+ }, {
+ "$5$saltstring", "Hello world!",
+ "$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5"
+ }, {
+ "$6$saltstring", "Hello world!",
+ "$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJu"
+ "esI68u4OTLiBFdcbYEdFCoEOfaS35inz1"
+ }
+};
+
+static void test_generic(void)
+{
+ size_t i;
+
+ printf("test crypt_r()\n");
+
+ for (i = 0; i < RTEMS_ARRAY_SIZE(test_cases_generic); ++i) {
+ const test_case *c = &test_cases_generic[i];
+ struct crypt_data data;
+ char *s;
+
+ s = crypt_r(c->input, c->salt, &data);
+ print_test_case(c, s);
+ rtems_test_assert(strcmp(s, c->expected) == 0);
+ }
+}
+
+static void Init(rtems_task_argument arg)
+{
+ TEST_BEGIN();
+
+ test_formats();
+ test_md5();
+ test_sha256();
+ test_sha512();
+ test_generic();
+
+ TEST_END();
+ rtems_test_exit(0);
+}
+
+#define CONFIGURE_APPLICATION_DOES_NOT_NEED_CLOCK_DRIVER
+#define CONFIGURE_APPLICATION_NEEDS_CONSOLE_DRIVER
+
+#define CONFIGURE_USE_IMFS_AS_BASE_FILESYSTEM
+
+#define CONFIGURE_MAXIMUM_TASKS 1
+
+#define CONFIGURE_INITIAL_EXTENSIONS RTEMS_TEST_INITIAL_EXTENSION
+
+#define CONFIGURE_RTEMS_INIT_TASKS_TABLE
+
+#define CONFIGURE_INIT
+
+#include <rtems/confdefs.h>