From 446632197c7f093ed6d0f4d48dcb03e6254828fe Mon Sep 17 00:00:00 2001 From: Sebastian Huber Date: Thu, 13 Nov 2014 15:13:24 +0100 Subject: Add crypt_r(), etc. Add crypt_add_format(), crypt_r(), crypt_md5_r(), crypt_sha256_r() and crypt_sha512_r(). --- cpukit/Makefile.am | 2 + cpukit/configure.ac | 1 + cpukit/include/crypt.h | 74 +++++++++ cpukit/libcrypt/Makefile.am | 17 ++ cpukit/libcrypt/crypt-md5.c | 157 ++++++++++++++++++ cpukit/libcrypt/crypt-sha256.c | 272 ++++++++++++++++++++++++++++++ cpukit/libcrypt/crypt-sha512.c | 284 ++++++++++++++++++++++++++++++++ cpukit/libcrypt/crypt.c | 71 ++++++++ cpukit/libcrypt/misc.c | 63 +++++++ cpukit/libcrypt/preinstall.am | 15 ++ cpukit/preinstall.am | 4 + cpukit/wrapup/Makefile.am | 1 + testsuites/libtests/Makefile.am | 1 + testsuites/libtests/configure.ac | 1 + testsuites/libtests/crypt01/Makefile.am | 19 +++ testsuites/libtests/crypt01/crypt01.doc | 15 ++ testsuites/libtests/crypt01/crypt01.scn | 78 +++++++++ testsuites/libtests/crypt01/init.c | 260 +++++++++++++++++++++++++++++ 18 files changed, 1335 insertions(+) create mode 100644 cpukit/include/crypt.h create mode 100644 cpukit/libcrypt/Makefile.am create mode 100644 cpukit/libcrypt/crypt-md5.c create mode 100644 cpukit/libcrypt/crypt-sha256.c create mode 100644 cpukit/libcrypt/crypt-sha512.c create mode 100644 cpukit/libcrypt/crypt.c create mode 100644 cpukit/libcrypt/misc.c create mode 100644 cpukit/libcrypt/preinstall.am create mode 100644 testsuites/libtests/crypt01/Makefile.am create mode 100644 testsuites/libtests/crypt01/crypt01.doc create mode 100644 testsuites/libtests/crypt01/crypt01.scn create mode 100644 testsuites/libtests/crypt01/init.c diff --git a/cpukit/Makefile.am b/cpukit/Makefile.am index 51cec696ec..38525fe3b8 100644 --- a/cpukit/Makefile.am +++ b/cpukit/Makefile.am @@ -6,6 +6,7 @@ include $(top_srcdir)/automake/multilib.am # librtemscpu SUBDIRS = . score rtems sapi posix SUBDIRS += dev +SUBDIRS += libcrypt SUBDIRS += libcsupport libblock libfs SUBDIRS += libnetworking librpc SUBDIRS += libi2c @@ -46,6 +47,7 @@ include_utf8proc_HEADERS = libmisc/utf8proc/utf8proc.h include_sysdir = $(includedir)/sys include_sys_HEADERS = +include_HEADERS += include/crypt.h include_HEADERS += include/memory.h include_sys_HEADERS += libcsupport/include/sys/ioccom.h diff --git a/cpukit/configure.ac b/cpukit/configure.ac index a42989df69..9d80b3d222 100644 --- a/cpukit/configure.ac +++ b/cpukit/configure.ac @@ -420,6 +420,7 @@ libblock/Makefile libfs/Makefile libfs/src/nfsclient/Makefile libgnat/Makefile +libcrypt/Makefile libcsupport/Makefile libnetworking/Makefile librpc/Makefile diff --git a/cpukit/include/crypt.h b/cpukit/include/crypt.h new file mode 100644 index 0000000000..7696aa36ea --- /dev/null +++ b/cpukit/include/crypt.h @@ -0,0 +1,74 @@ +/* LINTLIBRARY */ +/* + * Copyright (c) 1999 + * Mark Murray. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL MARK MURRAY OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + * + */ + +#ifndef _CRYPT_H +#define _CRYPT_H + +#include +#include + +__BEGIN_DECLS + +struct crypt_data { + char buffer[256]; +}; + +struct crypt_format { + SLIST_ENTRY(crypt_format) link; + char *(*func)(const char *, const char *, struct crypt_data *); + const char *magic; +}; + +#define CRYPT_FORMAT_INITIALIZER(func, magic) { { NULL }, (func), (magic) } + +extern struct crypt_format crypt_md5_format; + +extern struct crypt_format crypt_sha256_format; + +extern struct crypt_format crypt_sha512_format; + +void crypt_add_format(struct crypt_format *); + +char *crypt_r(const char *, const char *, struct crypt_data *); + +char *crypt_md5_r(const char *, const char *, struct crypt_data *); + +char *crypt_sha256_r(const char *, const char *, struct crypt_data *); + +char *crypt_sha512_r(const char *, const char *, struct crypt_data *); + +void _crypt_to64(char *s, u_long v, int n); + +#define b64_from_24bit _crypt_b64_from_24bit +void _crypt_b64_from_24bit(uint8_t, uint8_t, uint8_t, int, int *, char **); + +__END_DECLS + +#endif /* _CRYPT_H */ diff --git a/cpukit/libcrypt/Makefile.am b/cpukit/libcrypt/Makefile.am new file mode 100644 index 0000000000..fe174d4e9d --- /dev/null +++ b/cpukit/libcrypt/Makefile.am @@ -0,0 +1,17 @@ +include $(top_srcdir)/automake/compile.am + +include_HEADERS = + +noinst_LIBRARIES = libcrypt.a + +libcrypt_a_CPPFLAGS = $(AM_CPPFLAGS) + +libcrypt_a_SOURCES = +libcrypt_a_SOURCES += crypt.c +libcrypt_a_SOURCES += crypt-md5.c +libcrypt_a_SOURCES += crypt-sha256.c +libcrypt_a_SOURCES += crypt-sha512.c +libcrypt_a_SOURCES += misc.c + +include $(srcdir)/preinstall.am +include $(top_srcdir)/automake/local.am diff --git a/cpukit/libcrypt/crypt-md5.c b/cpukit/libcrypt/crypt-md5.c new file mode 100644 index 0000000000..c60dcf8973 --- /dev/null +++ b/cpukit/libcrypt/crypt-md5.c @@ -0,0 +1,157 @@ +/*- + * Copyright (c) 2003 Poul-Henning Kamp + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include + +#include +#include +#include +#include + +#include + +#define MD5_SIZE 16 + +/* + * UNIX password + */ + +char * +crypt_md5_r(const char *pw, const char *salt, struct crypt_data *data) +{ + MD5_CTX ctx,ctx1; + unsigned long l; + int sl, pl; + u_int i; + u_char final[MD5_SIZE]; + const char *sp, *ep; + char *passwd = &data->buffer[0], *p; + static const char magic[] = "$1$"; + + /* Refine the Salt first */ + sp = salt; + + /* If it starts with the magic string, then skip that */ + if(!strncmp(sp, magic, strlen(magic))) + sp += strlen(magic); + + /* It stops at the first '$', max 8 chars */ + for(ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++) + continue; + + /* get the length of the true salt */ + sl = ep - sp; + + MD5Init(&ctx); + + /* The password first, since that is what is most unknown */ + MD5Update(&ctx, (const u_char *)pw, strlen(pw)); + + /* Then our magic string */ + MD5Update(&ctx, (const u_char *)magic, strlen(magic)); + + /* Then the raw salt */ + MD5Update(&ctx, (const u_char *)sp, (u_int)sl); + + /* Then just as many characters of the MD5(pw,salt,pw) */ + MD5Init(&ctx1); + MD5Update(&ctx1, (const u_char *)pw, strlen(pw)); + MD5Update(&ctx1, (const u_char *)sp, (u_int)sl); + MD5Update(&ctx1, (const u_char *)pw, strlen(pw)); + MD5Final(final, &ctx1); + for(pl = (int)strlen(pw); pl > 0; pl -= MD5_SIZE) + MD5Update(&ctx, (const u_char *)final, + (u_int)(pl > MD5_SIZE ? MD5_SIZE : pl)); + + /* Don't leave anything around in vm they could use. */ + memset(final, 0, sizeof(final)); + + /* Then something really weird... */ + for (i = strlen(pw); i; i >>= 1) + if(i & 1) + MD5Update(&ctx, (const u_char *)final, 1); + else + MD5Update(&ctx, (const u_char *)pw, 1); + + /* Now make the output string */ + strcpy(passwd, magic); + strncat(passwd, sp, (u_int)sl); + strcat(passwd, "$"); + + MD5Final(final, &ctx); + + /* + * and now, just to make sure things don't run too fast + * On a 60 Mhz Pentium this takes 34 msec, so you would + * need 30 seconds to build a 1000 entry dictionary... + */ + for(i = 0; i < 1000; i++) { + MD5Init(&ctx1); + if(i & 1) + MD5Update(&ctx1, (const u_char *)pw, strlen(pw)); + else + MD5Update(&ctx1, (const u_char *)final, MD5_SIZE); + + if(i % 3) + MD5Update(&ctx1, (const u_char *)sp, (u_int)sl); + + if(i % 7) + MD5Update(&ctx1, (const u_char *)pw, strlen(pw)); + + if(i & 1) + MD5Update(&ctx1, (const u_char *)final, MD5_SIZE); + else + MD5Update(&ctx1, (const u_char *)pw, strlen(pw)); + MD5Final(final, &ctx1); + } + + p = passwd + strlen(passwd); + + l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; + _crypt_to64(p, l, 4); p += 4; + l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; + _crypt_to64(p, l, 4); p += 4; + l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; + _crypt_to64(p, l, 4); p += 4; + l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; + _crypt_to64(p, l, 4); p += 4; + l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; + _crypt_to64(p, l, 4); p += 4; + l = final[11]; + _crypt_to64(p, l, 2); p += 2; + *p = '\0'; + + /* Don't leave anything around in vm they could use. */ + memset(final, 0, sizeof(final)); + + return (passwd); +} + +struct crypt_format crypt_md5_format = + CRYPT_FORMAT_INITIALIZER(crypt_md5_r, "$1$"); diff --git a/cpukit/libcrypt/crypt-sha256.c b/cpukit/libcrypt/crypt-sha256.c new file mode 100644 index 0000000000..7a677284b5 --- /dev/null +++ b/cpukit/libcrypt/crypt-sha256.c @@ -0,0 +1,272 @@ +/* + * Copyright (c) 2011 The FreeBSD Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Based on: + * SHA256-based Unix crypt implementation. Released into the Public Domain by + * Ulrich Drepper . */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +/* Define our magic string to mark salt for SHA256 "encryption" replacement. */ +static const char sha256_salt_prefix[] = "$5$"; + +/* Prefix for optional rounds specification. */ +static const char sha256_rounds_prefix[] = "rounds="; + +/* Maximum salt string length. */ +#define SALT_LEN_MAX 16 +/* Default number of rounds if not explicitly specified. */ +#define ROUNDS_DEFAULT 5000 +/* Minimum number of rounds. */ +#define ROUNDS_MIN 1000 +/* Maximum number of rounds. */ +#define ROUNDS_MAX 999999999 + +char * +crypt_sha256_r(const char *key, const char *salt, struct crypt_data *data) +{ + u_long srounds; + int n; + uint8_t alt_result[32], temp_result[32]; + SHA256_CTX ctx, alt_ctx; + size_t salt_len, key_len, cnt, rounds; + char *cp, *copied_key, *copied_salt, *p_bytes, *s_bytes, *endp; + const char *num; + bool rounds_custom; + char *buffer = &data->buffer[0]; + int buflen = (int)sizeof(data->buffer); + + copied_key = NULL; + copied_salt = NULL; + + /* Default number of rounds. */ + rounds = ROUNDS_DEFAULT; + rounds_custom = false; + + /* Find beginning of salt string. The prefix should normally always + * be present. Just in case it is not. */ + if (strncmp(sha256_salt_prefix, salt, sizeof(sha256_salt_prefix) - 1) == 0) + /* Skip salt prefix. */ + salt += sizeof(sha256_salt_prefix) - 1; + + if (strncmp(salt, sha256_rounds_prefix, sizeof(sha256_rounds_prefix) - 1) + == 0) { + num = salt + sizeof(sha256_rounds_prefix) - 1; + srounds = strtoul(num, &endp, 10); + + if (*endp == '$') { + salt = endp + 1; + rounds = MAX(ROUNDS_MIN, MIN(srounds, ROUNDS_MAX)); + rounds_custom = true; + } + } + + salt_len = MIN(strcspn(salt, "$"), SALT_LEN_MAX); + key_len = strlen(key); + + /* Prepare for the real work. */ + SHA256_Init(&ctx); + + /* Add the key string. */ + SHA256_Update(&ctx, key, key_len); + + /* The last part is the salt string. This must be at most 8 + * characters and it ends at the first `$' character (for + * compatibility with existing implementations). */ + SHA256_Update(&ctx, salt, salt_len); + + /* Compute alternate SHA256 sum with input KEY, SALT, and KEY. The + * final result will be added to the first context. */ + SHA256_Init(&alt_ctx); + + /* Add key. */ + SHA256_Update(&alt_ctx, key, key_len); + + /* Add salt. */ + SHA256_Update(&alt_ctx, salt, salt_len); + + /* Add key again. */ + SHA256_Update(&alt_ctx, key, key_len); + + /* Now get result of this (32 bytes) and add it to the other context. */ + SHA256_Final(alt_result, &alt_ctx); + + /* Add for any character in the key one byte of the alternate sum. */ + for (cnt = key_len; cnt > 32; cnt -= 32) + SHA256_Update(&ctx, alt_result, 32); + SHA256_Update(&ctx, alt_result, cnt); + + /* Take the binary representation of the length of the key and for + * every 1 add the alternate sum, for every 0 the key. */ + for (cnt = key_len; cnt > 0; cnt >>= 1) + if ((cnt & 1) != 0) + SHA256_Update(&ctx, alt_result, 32); + else + SHA256_Update(&ctx, key, key_len); + + /* Create intermediate result. */ + SHA256_Final(alt_result, &ctx); + + /* Start computation of P byte sequence. */ + SHA256_Init(&alt_ctx); + + /* For every character in the password add the entire password. */ + for (cnt = 0; cnt < key_len; ++cnt) + SHA256_Update(&alt_ctx, key, key_len); + + /* Finish the digest. */ + SHA256_Final(temp_result, &alt_ctx); + + /* Create byte sequence P. */ + cp = p_bytes = alloca(key_len); + for (cnt = key_len; cnt >= 32; cnt -= 32) { + memcpy(cp, temp_result, 32); + cp += 32; + } + memcpy(cp, temp_result, cnt); + + /* Start computation of S byte sequence. */ + SHA256_Init(&alt_ctx); + + /* For every character in the password add the entire password. */ + for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt) + SHA256_Update(&alt_ctx, salt, salt_len); + + /* Finish the digest. */ + SHA256_Final(temp_result, &alt_ctx); + + /* Create byte sequence S. */ + cp = s_bytes = alloca(salt_len); + for (cnt = salt_len; cnt >= 32; cnt -= 32) { + memcpy(cp, temp_result, 32); + cp += 32; + } + memcpy(cp, temp_result, cnt); + + /* Repeatedly run the collected hash value through SHA256 to burn CPU + * cycles. */ + for (cnt = 0; cnt < rounds; ++cnt) { + /* New context. */ + SHA256_Init(&ctx); + + /* Add key or last result. */ + if ((cnt & 1) != 0) + SHA256_Update(&ctx, p_bytes, key_len); + else + SHA256_Update(&ctx, alt_result, 32); + + /* Add salt for numbers not divisible by 3. */ + if (cnt % 3 != 0) + SHA256_Update(&ctx, s_bytes, salt_len); + + /* Add key for numbers not divisible by 7. */ + if (cnt % 7 != 0) + SHA256_Update(&ctx, p_bytes, key_len); + + /* Add key or last result. */ + if ((cnt & 1) != 0) + SHA256_Update(&ctx, alt_result, 32); + else + SHA256_Update(&ctx, p_bytes, key_len); + + /* Create intermediate result. */ + SHA256_Final(alt_result, &ctx); + } + + /* Now we can construct the result string. It consists of three + * parts. */ + cp = stpncpy(buffer, sha256_salt_prefix, MAX(0, buflen)); + buflen -= sizeof(sha256_salt_prefix) - 1; + + if (rounds_custom) { + n = snprintf(cp, MAX(0, buflen), "%s%zu$", + sha256_rounds_prefix, rounds); + + cp += n; + buflen -= n; + } + + cp = stpncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len)); + buflen -= MIN((size_t)MAX(0, buflen), salt_len); + + if (buflen > 0) { + *cp++ = '$'; + --buflen; + } + + b64_from_24bit(alt_result[0], alt_result[10], alt_result[20], 4, &buflen, &cp); + b64_from_24bit(alt_result[21], alt_result[1], alt_result[11], 4, &buflen, &cp); + b64_from_24bit(alt_result[12], alt_result[22], alt_result[2], 4, &buflen, &cp); + b64_from_24bit(alt_result[3], alt_result[13], alt_result[23], 4, &buflen, &cp); + b64_from_24bit(alt_result[24], alt_result[4], alt_result[14], 4, &buflen, &cp); + b64_from_24bit(alt_result[15], alt_result[25], alt_result[5], 4, &buflen, &cp); + b64_from_24bit(alt_result[6], alt_result[16], alt_result[26], 4, &buflen, &cp); + b64_from_24bit(alt_result[27], alt_result[7], alt_result[17], 4, &buflen, &cp); + b64_from_24bit(alt_result[18], alt_result[28], alt_result[8], 4, &buflen, &cp); + b64_from_24bit(alt_result[9], alt_result[19], alt_result[29], 4, &buflen, &cp); + b64_from_24bit(0, alt_result[31], alt_result[30], 3, &buflen, &cp); + if (buflen <= 0) { + errno = ERANGE; + buffer = NULL; + } + else + *cp = '\0'; /* Terminate the string. */ + + /* Clear the buffer for the intermediate result so that people + * attaching to processes or reading core dumps cannot get any + * information. We do it in this way to clear correct_words[] inside + * the SHA256 implementation as well. */ + SHA256_Init(&ctx); + SHA256_Final(alt_result, &ctx); + memset(temp_result, '\0', sizeof(temp_result)); + memset(p_bytes, '\0', key_len); + memset(s_bytes, '\0', salt_len); + memset(&ctx, '\0', sizeof(ctx)); + memset(&alt_ctx, '\0', sizeof(alt_ctx)); + if (copied_key != NULL) + memset(copied_key, '\0', key_len); + if (copied_salt != NULL) + memset(copied_salt, '\0', salt_len); + + return buffer; +} + +struct crypt_format crypt_sha256_format = + CRYPT_FORMAT_INITIALIZER(crypt_sha256_r, "$5$"); diff --git a/cpukit/libcrypt/crypt-sha512.c b/cpukit/libcrypt/crypt-sha512.c new file mode 100644 index 0000000000..d418b8946a --- /dev/null +++ b/cpukit/libcrypt/crypt-sha512.c @@ -0,0 +1,284 @@ +/* + * Copyright (c) 2011 The FreeBSD Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Based on: + * SHA512-based Unix crypt implementation. Released into the Public Domain by + * Ulrich Drepper . */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +/* Define our magic string to mark salt for SHA512 "encryption" replacement. */ +static const char sha512_salt_prefix[] = "$6$"; + +/* Prefix for optional rounds specification. */ +static const char sha512_rounds_prefix[] = "rounds="; + +/* Maximum salt string length. */ +#define SALT_LEN_MAX 16 +/* Default number of rounds if not explicitly specified. */ +#define ROUNDS_DEFAULT 5000 +/* Minimum number of rounds. */ +#define ROUNDS_MIN 1000 +/* Maximum number of rounds. */ +#define ROUNDS_MAX 999999999 + +char * +crypt_sha512_r(const char *key, const char *salt, struct crypt_data *data) +{ + u_long srounds; + int n; + uint8_t alt_result[64], temp_result[64]; + SHA512_CTX ctx, alt_ctx; + size_t salt_len, key_len, cnt, rounds; + char *cp, *copied_key, *copied_salt, *p_bytes, *s_bytes, *endp; + const char *num; + bool rounds_custom; + char *buffer = &data->buffer[0]; + int buflen = (int)sizeof(data->buffer); + + copied_key = NULL; + copied_salt = NULL; + + /* Default number of rounds. */ + rounds = ROUNDS_DEFAULT; + rounds_custom = false; + + /* Find beginning of salt string. The prefix should normally always + * be present. Just in case it is not. */ + if (strncmp(sha512_salt_prefix, salt, sizeof(sha512_salt_prefix) - 1) == 0) + /* Skip salt prefix. */ + salt += sizeof(sha512_salt_prefix) - 1; + + if (strncmp(salt, sha512_rounds_prefix, sizeof(sha512_rounds_prefix) - 1) + == 0) { + num = salt + sizeof(sha512_rounds_prefix) - 1; + srounds = strtoul(num, &endp, 10); + + if (*endp == '$') { + salt = endp + 1; + rounds = MAX(ROUNDS_MIN, MIN(srounds, ROUNDS_MAX)); + rounds_custom = true; + } + } + + salt_len = MIN(strcspn(salt, "$"), SALT_LEN_MAX); + key_len = strlen(key); + + /* Prepare for the real work. */ + SHA512_Init(&ctx); + + /* Add the key string. */ + SHA512_Update(&ctx, key, key_len); + + /* The last part is the salt string. This must be at most 8 + * characters and it ends at the first `$' character (for + * compatibility with existing implementations). */ + SHA512_Update(&ctx, salt, salt_len); + + /* Compute alternate SHA512 sum with input KEY, SALT, and KEY. The + * final result will be added to the first context. */ + SHA512_Init(&alt_ctx); + + /* Add key. */ + SHA512_Update(&alt_ctx, key, key_len); + + /* Add salt. */ + SHA512_Update(&alt_ctx, salt, salt_len); + + /* Add key again. */ + SHA512_Update(&alt_ctx, key, key_len); + + /* Now get result of this (64 bytes) and add it to the other context. */ + SHA512_Final(alt_result, &alt_ctx); + + /* Add for any character in the key one byte of the alternate sum. */ + for (cnt = key_len; cnt > 64; cnt -= 64) + SHA512_Update(&ctx, alt_result, 64); + SHA512_Update(&ctx, alt_result, cnt); + + /* Take the binary representation of the length of the key and for + * every 1 add the alternate sum, for every 0 the key. */ + for (cnt = key_len; cnt > 0; cnt >>= 1) + if ((cnt & 1) != 0) + SHA512_Update(&ctx, alt_result, 64); + else + SHA512_Update(&ctx, key, key_len); + + /* Create intermediate result. */ + SHA512_Final(alt_result, &ctx); + + /* Start computation of P byte sequence. */ + SHA512_Init(&alt_ctx); + + /* For every character in the password add the entire password. */ + for (cnt = 0; cnt < key_len; ++cnt) + SHA512_Update(&alt_ctx, key, key_len); + + /* Finish the digest. */ + SHA512_Final(temp_result, &alt_ctx); + + /* Create byte sequence P. */ + cp = p_bytes = alloca(key_len); + for (cnt = key_len; cnt >= 64; cnt -= 64) { + memcpy(cp, temp_result, 64); + cp += 64; + } + memcpy(cp, temp_result, cnt); + + /* Start computation of S byte sequence. */ + SHA512_Init(&alt_ctx); + + /* For every character in the password add the entire password. */ + for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt) + SHA512_Update(&alt_ctx, salt, salt_len); + + /* Finish the digest. */ + SHA512_Final(temp_result, &alt_ctx); + + /* Create byte sequence S. */ + cp = s_bytes = alloca(salt_len); + for (cnt = salt_len; cnt >= 64; cnt -= 64) { + memcpy(cp, temp_result, 64); + cp += 64; + } + memcpy(cp, temp_result, cnt); + + /* Repeatedly run the collected hash value through SHA512 to burn CPU + * cycles. */ + for (cnt = 0; cnt < rounds; ++cnt) { + /* New context. */ + SHA512_Init(&ctx); + + /* Add key or last result. */ + if ((cnt & 1) != 0) + SHA512_Update(&ctx, p_bytes, key_len); + else + SHA512_Update(&ctx, alt_result, 64); + + /* Add salt for numbers not divisible by 3. */ + if (cnt % 3 != 0) + SHA512_Update(&ctx, s_bytes, salt_len); + + /* Add key for numbers not divisible by 7. */ + if (cnt % 7 != 0) + SHA512_Update(&ctx, p_bytes, key_len); + + /* Add key or last result. */ + if ((cnt & 1) != 0) + SHA512_Update(&ctx, alt_result, 64); + else + SHA512_Update(&ctx, p_bytes, key_len); + + /* Create intermediate result. */ + SHA512_Final(alt_result, &ctx); + } + + /* Now we can construct the result string. It consists of three + * parts. */ + cp = stpncpy(buffer, sha512_salt_prefix, MAX(0, buflen)); + buflen -= sizeof(sha512_salt_prefix) - 1; + + if (rounds_custom) { + n = snprintf(cp, MAX(0, buflen), "%s%zu$", + sha512_rounds_prefix, rounds); + + cp += n; + buflen -= n; + } + + cp = stpncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len)); + buflen -= MIN((size_t)MAX(0, buflen), salt_len); + + if (buflen > 0) { + *cp++ = '$'; + --buflen; + } + + b64_from_24bit(alt_result[0], alt_result[21], alt_result[42], 4, &buflen, &cp); + b64_from_24bit(alt_result[22], alt_result[43], alt_result[1], 4, &buflen, &cp); + b64_from_24bit(alt_result[44], alt_result[2], alt_result[23], 4, &buflen, &cp); + b64_from_24bit(alt_result[3], alt_result[24], alt_result[45], 4, &buflen, &cp); + b64_from_24bit(alt_result[25], alt_result[46], alt_result[4], 4, &buflen, &cp); + b64_from_24bit(alt_result[47], alt_result[5], alt_result[26], 4, &buflen, &cp); + b64_from_24bit(alt_result[6], alt_result[27], alt_result[48], 4, &buflen, &cp); + b64_from_24bit(alt_result[28], alt_result[49], alt_result[7], 4, &buflen, &cp); + b64_from_24bit(alt_result[50], alt_result[8], alt_result[29], 4, &buflen, &cp); + b64_from_24bit(alt_result[9], alt_result[30], alt_result[51], 4, &buflen, &cp); + b64_from_24bit(alt_result[31], alt_result[52], alt_result[10], 4, &buflen, &cp); + b64_from_24bit(alt_result[53], alt_result[11], alt_result[32], 4, &buflen, &cp); + b64_from_24bit(alt_result[12], alt_result[33], alt_result[54], 4, &buflen, &cp); + b64_from_24bit(alt_result[34], alt_result[55], alt_result[13], 4, &buflen, &cp); + b64_from_24bit(alt_result[56], alt_result[14], alt_result[35], 4, &buflen, &cp); + b64_from_24bit(alt_result[15], alt_result[36], alt_result[57], 4, &buflen, &cp); + b64_from_24bit(alt_result[37], alt_result[58], alt_result[16], 4, &buflen, &cp); + b64_from_24bit(alt_result[59], alt_result[17], alt_result[38], 4, &buflen, &cp); + b64_from_24bit(alt_result[18], alt_result[39], alt_result[60], 4, &buflen, &cp); + b64_from_24bit(alt_result[40], alt_result[61], alt_result[19], 4, &buflen, &cp); + b64_from_24bit(alt_result[62], alt_result[20], alt_result[41], 4, &buflen, &cp); + b64_from_24bit(0, 0, alt_result[63], 2, &buflen, &cp); + + if (buflen <= 0) { + errno = ERANGE; + buffer = NULL; + } + else + *cp = '\0'; /* Terminate the string. */ + + /* Clear the buffer for the intermediate result so that people + * attaching to processes or reading core dumps cannot get any + * information. We do it in this way to clear correct_words[] inside + * the SHA512 implementation as well. */ + SHA512_Init(&ctx); + SHA512_Final(alt_result, &ctx); + memset(temp_result, '\0', sizeof(temp_result)); + memset(p_bytes, '\0', key_len); + memset(s_bytes, '\0', salt_len); + memset(&ctx, '\0', sizeof(ctx)); + memset(&alt_ctx, '\0', sizeof(alt_ctx)); + if (copied_key != NULL) + memset(copied_key, '\0', key_len); + if (copied_salt != NULL) + memset(copied_salt, '\0', salt_len); + + return buffer; +} + +struct crypt_format crypt_sha512_format = + CRYPT_FORMAT_INITIALIZER(crypt_sha512_r, "$6$"); diff --git a/cpukit/libcrypt/crypt.c b/cpukit/libcrypt/crypt.c new file mode 100644 index 0000000000..b6acb97335 --- /dev/null +++ b/cpukit/libcrypt/crypt.c @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2014 embedded brains GmbH. All rights reserved. + * + * embedded brains GmbH + * Dornierstr. 4 + * 82178 Puchheim + * Germany + * + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include + +static char * +cf_default_func(const char *pw, const char *salt, struct crypt_data *data) +{ + (void)salt; + + strncpy(&data->buffer[0], pw, sizeof(data->buffer) - 1); + data->buffer[sizeof(data->buffer) - 1] = '\0'; + + return (&data->buffer[0]); +} + +static struct crypt_format cf_default = + CRYPT_FORMAT_INITIALIZER(cf_default_func, NULL); + +static SLIST_HEAD(, crypt_format) cf_head = { + &cf_default +}; + +void crypt_add_format(struct crypt_format *cf) +{ + if (cf->link.sle_next == NULL) + SLIST_INSERT_HEAD(&cf_head, cf, link); +} + +char * +crypt_r(const char *passwd, const char *salt, struct crypt_data *data) +{ + const struct crypt_format *cf; + + SLIST_FOREACH(cf, &cf_head, link) + if (cf->magic != NULL && strstr(salt, cf->magic) == salt) + return (cf->func(passwd, salt, data)); + + cf = SLIST_FIRST(&cf_head); + + return (cf->func(passwd, salt, data)); +} diff --git a/cpukit/libcrypt/misc.c b/cpukit/libcrypt/misc.c new file mode 100644 index 0000000000..9f2c13e8c7 --- /dev/null +++ b/cpukit/libcrypt/misc.c @@ -0,0 +1,63 @@ +/* + * Copyright (c) 1999 + * University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY CONTRIBUTORS ``AS IS'' AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include + +#include + +static const char itoa64[] = /* 0 ... 63 => ascii - 64 */ + "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; + +void +_crypt_to64(char *s, u_long v, int n) +{ + while (--n >= 0) { + *s++ = itoa64[v&0x3f]; + v >>= 6; + } +} + +void +b64_from_24bit(uint8_t B2, uint8_t B1, uint8_t B0, int n, int *buflen, char **cp) +{ + uint32_t w; + int i; + + w = (B2 << 16) | (B1 << 8) | B0; + for (i = 0; i < n; i++) { + **cp = itoa64[w&0x3f]; + (*cp)++; + if ((*buflen)-- < 0) + break; + w >>= 6; + } +} diff --git a/cpukit/libcrypt/preinstall.am b/cpukit/libcrypt/preinstall.am new file mode 100644 index 0000000000..feb5d1d4e3 --- /dev/null +++ b/cpukit/libcrypt/preinstall.am @@ -0,0 +1,15 @@ +## Automatically generated by ampolish3 - Do not edit + +if AMPOLISH3 +$(srcdir)/preinstall.am: Makefile.am + $(AMPOLISH3) $(srcdir)/Makefile.am > $(srcdir)/preinstall.am +endif + +PREINSTALL_DIRS = +DISTCLEANFILES = $(PREINSTALL_DIRS) + +$(PROJECT_INCLUDE)/$(dirstamp): + @$(MKDIR_P) $(PROJECT_INCLUDE) + @: > $(PROJECT_INCLUDE)/$(dirstamp) +PREINSTALL_DIRS += $(PROJECT_INCLUDE)/$(dirstamp) + diff --git a/cpukit/preinstall.am b/cpukit/preinstall.am index 6d7e3ae28b..67add27346 100644 --- a/cpukit/preinstall.am +++ b/cpukit/preinstall.am @@ -51,6 +51,10 @@ $(PROJECT_INCLUDE)/sys/$(dirstamp): @: > $(PROJECT_INCLUDE)/sys/$(dirstamp) PREINSTALL_DIRS += $(PROJECT_INCLUDE)/sys/$(dirstamp) +$(PROJECT_INCLUDE)/crypt.h: include/crypt.h $(PROJECT_INCLUDE)/$(dirstamp) + $(INSTALL_DATA) $< $(PROJECT_INCLUDE)/crypt.h +PREINSTALL_FILES += $(PROJECT_INCLUDE)/crypt.h + $(PROJECT_INCLUDE)/memory.h: include/memory.h $(PROJECT_INCLUDE)/$(dirstamp) $(INSTALL_DATA) $< $(PROJECT_INCLUDE)/memory.h PREINSTALL_FILES += $(PROJECT_INCLUDE)/memory.h diff --git a/cpukit/wrapup/Makefile.am b/cpukit/wrapup/Makefile.am index 58f17aced7..6fbddb06ba 100644 --- a/cpukit/wrapup/Makefile.am +++ b/cpukit/wrapup/Makefile.am @@ -19,6 +19,7 @@ if LIBGNAT TMP_LIBS += ../libgnat/libgnat.a endif +TMP_LIBS += ../libcrypt/libcrypt.a TMP_LIBS += ../libcsupport/libcsupport.a TMP_LIBS += ../libblock/libblock.a if LIBDOSFS diff --git a/testsuites/libtests/Makefile.am b/testsuites/libtests/Makefile.am index fd10769fd6..278b2320a1 100644 --- a/testsuites/libtests/Makefile.am +++ b/testsuites/libtests/Makefile.am @@ -1,6 +1,7 @@ ACLOCAL_AMFLAGS = -I ../aclocal _SUBDIRS = POSIX +_SUBDIRS += crypt01 _SUBDIRS += sha _SUBDIRS += i2c01 _SUBDIRS += newlib01 diff --git a/testsuites/libtests/configure.ac b/testsuites/libtests/configure.ac index a6ea4aca0d..437b760814 100644 --- a/testsuites/libtests/configure.ac +++ b/testsuites/libtests/configure.ac @@ -66,6 +66,7 @@ AS_IF([test x"$HAVE_LIBDL" = x"yes"],[ # Explicitly list all Makefiles here AC_CONFIG_FILES([Makefile +crypt01/Makefile sha/Makefile i2c01/Makefile newlib01/Makefile diff --git a/testsuites/libtests/crypt01/Makefile.am b/testsuites/libtests/crypt01/Makefile.am new file mode 100644 index 0000000000..973f274ca5 --- /dev/null +++ b/testsuites/libtests/crypt01/Makefile.am @@ -0,0 +1,19 @@ +rtems_tests_PROGRAMS = crypt01 +crypt01_SOURCES = init.c + +dist_rtems_tests_DATA = crypt01.scn crypt01.doc + +include $(RTEMS_ROOT)/make/custom/@RTEMS_BSP@.cfg +include $(top_srcdir)/../automake/compile.am +include $(top_srcdir)/../automake/leaf.am + +AM_CPPFLAGS += -I$(top_srcdir)/../support/include + +LINK_OBJS = $(crypt01_OBJECTS) +LINK_LIBS = $(crypt01_LDLIBS) + +crypt01$(EXEEXT): $(crypt01_OBJECTS) $(crypt01_DEPENDENCIES) + @rm -f crypt01$(EXEEXT) + $(make-exe) + +include $(top_srcdir)/../automake/local.am diff --git a/testsuites/libtests/crypt01/crypt01.doc b/testsuites/libtests/crypt01/crypt01.doc new file mode 100644 index 0000000000..8b63d3ca31 --- /dev/null +++ b/testsuites/libtests/crypt01/crypt01.doc @@ -0,0 +1,15 @@ +This file describes the directives and concepts tested by this test set. + +test set name: crypt01 + +directives: + + - crypt_set_format + - crypt_get_format + - crypt_md5_r + - crypt_sha256_r + - crypt_sha512_r + +concepts: + + - Ensure that the crypt family functions work for some test cases. diff --git a/testsuites/libtests/crypt01/crypt01.scn b/testsuites/libtests/crypt01/crypt01.scn new file mode 100644 index 0000000000..a6e071cbbe --- /dev/null +++ b/testsuites/libtests/crypt01/crypt01.scn @@ -0,0 +1,78 @@ +*** BEGIN OF TEST CRYPT 1 *** +test crypt_md5_r() +test crypt_sha256_r() +input: Hello world! +salt: $5$saltstring +expected: $5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5 +actual: $5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5 +input: Hello world! +salt: $5$rounds=10000$saltstringsaltstring +expected: $5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2.opqey6IcA +actual: $5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2.opqey6IcA +input: This is just a test +salt: $5$rounds=5000$toolongsaltstring +expected: $5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8mGRcvxa5 +actual: $5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8mGRcvxa5 +input: a very much longer text to encrypt. This one even stretches over morethan one line. +salt: $5$rounds=1400$anotherlongsaltstring +expected: $5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12oP84Bnq1 +actual: $5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12oP84Bnq1 +input: we have a short salt string but not a short password +salt: $5$rounds=77777$short +expected: $5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/ +actual: $5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/ +input: a short string +salt: $5$rounds=123456$asaltof16chars.. +expected: $5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/cZKmF/wJvD +actual: $5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/cZKmF/wJvD +input: the minimum number is still observed +salt: $5$rounds=10$roundstoolow +expected: $5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL972bIC +actual: $5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL972bIC +test crypt_sha512_r() +input: Hello world! +salt: $6$saltstring +expected: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1 +actual: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1 +input: Hello world! +salt: $6$rounds=10000$saltstringsaltstring +expected: $6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v. +actual: $6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v. +input: This is just a test +salt: $6$rounds=5000$toolongsaltstring +expected: $6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQzQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0 +actual: $6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQzQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0 +input: a very much longer text to encrypt. This one even stretches over morethan one line. +salt: $6$rounds=1400$anotherlongsaltstring +expected: $6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wPvMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1 +actual: $6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wPvMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1 +input: we have a short salt string but not a short password +salt: $6$rounds=77777$short +expected: $6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0gge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0 +actual: $6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0gge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0 +input: a short string +salt: $6$rounds=123456$asaltof16chars.. +expected: $6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwcelCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1 +actual: $6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwcelCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1 +input: the minimum number is still observed +salt: $6$rounds=10$roundstoolow +expected: $6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX. +actual: $6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX. +test crypt_r() +input: Hello world! +salt: saltstring +expected: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1 +actual: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1 +input: 0.s0.l33t +salt: $1$deadbeef +expected: $1$deadbeef$0Huu6KHrKLVWfqa4WljDE0 +actual: $1$deadbeef$0Huu6KHrKLVWfqa4WljDE0 +input: Hello world! +salt: $5$saltstring +expected: $5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5 +actual: $5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5 +input: Hello world! +salt: $6$saltstring +expected: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1 +actual: $6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1 +*** END OF TEST CRYPT 1 *** diff --git a/testsuites/libtests/crypt01/init.c b/testsuites/libtests/crypt01/init.c new file mode 100644 index 0000000000..487aa2c19f --- /dev/null +++ b/testsuites/libtests/crypt01/init.c @@ -0,0 +1,260 @@ +/* + * Copyright (c) 2011 The FreeBSD Project. All rights reserved. + * + * Copyright (c) 2014 embedded brains GmbH. All rights reserved. + * + * embedded brains GmbH + * Dornierstr. 4 + * 82178 Puchheim + * Germany + * + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Based on: + * SHA256-based Unix crypt implementation. Released into the Public Domain by + * Ulrich Drepper . */ + +#ifdef HAVE_CONFIG_H + #include "config.h" +#endif + +#include +#include + +#include "tmacros.h" + +const char rtems_test_name[] = "CRYPT 1"; + +typedef struct { + const char *salt; + const char *input; + const char *expected; +} test_case; + +static void test_formats(void) +{ + struct crypt_data data; + char *s; + + s = crypt_r("abc", "def", &data); + rtems_test_assert(strcmp(s, "abc") == 0); + + crypt_add_format(&crypt_md5_format); + crypt_add_format(&crypt_sha256_format); + crypt_add_format(&crypt_sha512_format); +} + +static void test_md5(void) +{ + const char key[] = "0.s0.l33t"; + const char salt_0[] = "$1$deadbeef$0Huu6KHrKLVWfqa4WljDE0"; + const char salt_1[] = "$1$cafebabe$0Huu6KHrKLVWfqa4WljDE0"; + struct crypt_data data; + char *s; + + printf("test crypt_md5_r()\n"); + + s = crypt_md5_r(&key[0], &salt_0[0], &data); + rtems_test_assert(strcmp(s, &salt_0[0]) == 0); + + s = crypt_md5_r(&key[0], &salt_1[0], &data); + rtems_test_assert(strcmp(s, &salt_1[0]) != 0); +} + +static const test_case test_cases_sha256[] = { + { + "$5$saltstring", "Hello world!", + "$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5" + }, { + "$5$rounds=10000$saltstringsaltstring", "Hello world!", + "$5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2." + "opqey6IcA" + }, { + "$5$rounds=5000$toolongsaltstring", "This is just a test", + "$5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8" + "mGRcvxa5" + }, { + "$5$rounds=1400$anotherlongsaltstring", + "a very much longer text to encrypt. This one even stretches over more" + "than one line.", + "$5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12" + "oP84Bnq1" + }, { + "$5$rounds=77777$short", + "we have a short salt string but not a short password", + "$5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/" + }, { + "$5$rounds=123456$asaltof16chars..", "a short string", + "$5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/" + "cZKmF/wJvD" + }, { + "$5$rounds=10$roundstoolow", "the minimum number is still observed", + "$5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL97" + "2bIC" + } +}; + +static void print_test_case(const test_case *c, const char *s) +{ + printf( + "input: %s\nsalt: %s\nexpected: %s\nactual: %s\n", + c->input, + c->salt, + c->expected, + s + ); +} + +static void test_sha256(void) +{ + size_t i; + + printf("test crypt_sha256_r()\n"); + + for (i = 0; i < RTEMS_ARRAY_SIZE(test_cases_sha256); ++i) { + const test_case *c = &test_cases_sha256[i]; + struct crypt_data data; + char *s; + + s = crypt_sha256_r(c->input, c->salt, &data); + print_test_case(c, s); + rtems_test_assert(strcmp(s, c->expected) == 0); + } +} + +static const test_case test_cases_sha512[] = { + { + "$6$saltstring", "Hello world!", + "$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJu" + "esI68u4OTLiBFdcbYEdFCoEOfaS35inz1" + }, { + "$6$rounds=10000$saltstringsaltstring", "Hello world!", + "$6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sb" + "HbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v." + }, { + "$6$rounds=5000$toolongsaltstring", "This is just a test", + "$6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQ" + "zQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0" + }, { + "$6$rounds=1400$anotherlongsaltstring", + "a very much longer text to encrypt. This one even stretches over more" + "than one line.", + "$6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wP" + "vMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1" + }, { + "$6$rounds=77777$short", + "we have a short salt string but not a short password", + "$6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0g" + "ge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0" + }, { + "$6$rounds=123456$asaltof16chars..", "a short string", + "$6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwc" + "elCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1" + }, { + "$6$rounds=10$roundstoolow", "the minimum number is still observed", + "$6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1x" + "hLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX." + } +}; + +static void test_sha512(void) +{ + size_t i; + + printf("test crypt_sha512_r()\n"); + + for (i = 0; i < RTEMS_ARRAY_SIZE(test_cases_sha512); ++i) { + const test_case *c = &test_cases_sha512[i]; + struct crypt_data data; + char *s; + + s = crypt_sha512_r(c->input, c->salt, &data); + print_test_case(c, s); + rtems_test_assert(strcmp(s, c->expected) == 0); + } +} + +static const test_case test_cases_generic[] = { + { + "saltstring", "Hello world!", + "$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJu" + "esI68u4OTLiBFdcbYEdFCoEOfaS35inz1" + }, { + "$1$deadbeef", "0.s0.l33t", + "$1$deadbeef$0Huu6KHrKLVWfqa4WljDE0" + }, { + "$5$saltstring", "Hello world!", + "$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5" + }, { + "$6$saltstring", "Hello world!", + "$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJu" + "esI68u4OTLiBFdcbYEdFCoEOfaS35inz1" + } +}; + +static void test_generic(void) +{ + size_t i; + + printf("test crypt_r()\n"); + + for (i = 0; i < RTEMS_ARRAY_SIZE(test_cases_generic); ++i) { + const test_case *c = &test_cases_generic[i]; + struct crypt_data data; + char *s; + + s = crypt_r(c->input, c->salt, &data); + print_test_case(c, s); + rtems_test_assert(strcmp(s, c->expected) == 0); + } +} + +static void Init(rtems_task_argument arg) +{ + TEST_BEGIN(); + + test_formats(); + test_md5(); + test_sha256(); + test_sha512(); + test_generic(); + + TEST_END(); + rtems_test_exit(0); +} + +#define CONFIGURE_APPLICATION_DOES_NOT_NEED_CLOCK_DRIVER +#define CONFIGURE_APPLICATION_NEEDS_CONSOLE_DRIVER + +#define CONFIGURE_USE_IMFS_AS_BASE_FILESYSTEM + +#define CONFIGURE_MAXIMUM_TASKS 1 + +#define CONFIGURE_INITIAL_EXTENSIONS RTEMS_TEST_INITIAL_EXTENSION + +#define CONFIGURE_RTEMS_INIT_TASKS_TABLE + +#define CONFIGURE_INIT + +#include -- cgit v1.2.3