libbb: add yescrypt password hashing support

It seems to work, but not at all optimized for size.
The extra copy of sha256 code need to be removed.

The yescrypt code in libbb/yescrypt/* is adapted from libxcrypt-4.4.38
with minimal edits, hopefully making it easier to track
backports by resetting the tree to this commit,
then comparing changes in upstream libxcrypt to the tree.

function                                             old     new   delta
blockmix_xor_save                                      -    7050   +7050
static.blockmix_xor                                    -    6475   +6475
blockmix                                               -    3390   +3390
SHA256_Transform                                       -    3083   +3083
yescrypt_kdf_body                                      -    1724   +1724
PBKDF2_SHA256                                          -    1003   +1003
smix1                                                  -     960    +960
yescrypt_r                                             -     890    +890
salsa20                                                -     804    +804
smix                                                   -     790    +790
smix2                                                  -     659    +659
blockmix_salsa8_xor                                    -     601    +601
yescrypt_kdf                                           -     479    +479
blockmix_salsa8                                        -     415    +415
Krnd                                                   -     256    +256
_HMAC_SHA256_Init                                      -     213    +213
_SHA256_Update                                         -     198    +198
_SHA256_Final                                          -     195    +195
decode64_uint32                                        -     166    +166
encode64                                               -     153    +153
decode64                                               -     136    +136
libcperciva_HMAC_SHA256_Buf                            -     132    +132
SHA256_Pad_Almost                                      -     131    +131
salsa20_simd_unshuffle                                 -     101    +101
salsa20_simd_shuffle                                   -     101    +101
yes_crypt                                              -      90     +90
libcperciva_SHA256_Buf                                 -      86     +86
crypt_make_rand64encoded                               -      85     +85
static.atoi64_partial                                  -      77     +77
alloc_region                                           -      72     +72
ascii64                                                -      65     +65
PAD                                                    -      64     +64
_HMAC_SHA256_Final                                     -      55     +55
static.cpu_to_be32_vect                                -      51     +51
free_region                                            -      47     +47
libcperciva_SHA256_Init                                -      37     +37
yescrypt_init_local                                    -      34     +34
crypt_make_pw_salt                                    92     125     +33
initial_state                                          -      32     +32
.rodata                                           105771  105803     +32
atoi64                                                 -      25     +25
explicit_bzero                                         -      22     +22
pw_encrypt                                           920     941     +21
yescrypt_free_local                                    -       9      +9
crypt_make_salt                                       85       -     -85
------------------------------------------------------------------------------
(add/remove: 43/1 grow/shrink: 3/0 up/down: 31042/-85)      Total: 30957 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

1 files changed, 14 insertions, 8 deletions

diff --git a/include/libbb.h b/include/libbb.h
index e765e18eb..9a0a2f916 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -1806,18 +1806,24 @@ extern char *pw_encrypt(const char *clear, const char *salt, int cleanup) FAST_F
 extern int obscure(const char *old, const char *newval, const struct passwd *pwdp) FAST_FUNC;
 /*
  * rnd is additional random input. New one is returned.
- * Useful if you call crypt_make_salt many times in a row:
- * rnd = crypt_make_salt(buf1, 4, 0);
- * rnd = crypt_make_salt(buf2, 4, rnd);
- * rnd = crypt_make_salt(buf3, 4, rnd);
+ * Useful if you call crypt_make_rand64encoded many times in a row:
+ * rnd = crypt_make_rand64encoded(buf1, 4, 0);
+ * rnd = crypt_make_rand64encoded(buf2, 4, rnd);
+ * rnd = crypt_make_rand64encoded(buf3, 4, rnd);
  * (otherwise we risk having same salt generated)
  */
-extern int crypt_make_salt(char *p, int cnt /*, int rnd*/) FAST_FUNC;
-/* "$N$" + sha_salt_16_bytes + NUL */
-#define MAX_PW_SALT_LEN (3 + 16 + 1)
+extern int crypt_make_rand64encoded(char *p, int cnt /*, int rnd*/) FAST_FUNC;
+/* Size of char salt[] to hold randomly-generated salt string
+ * sha256/512:
+ * "$5$<sha_salt_16_chars><NUL>"
+ * "$6$<sha_salt_16_chars><NUL>"
+ * #define MAX_PW_SALT_LEN (3 + 16 + 1)
+ * yescrypt:
+ * "$y$j9T$<yescrypt_salt_24_chars><NUL>"
+ */
+#define MAX_PW_SALT_LEN (7 + 24 + 1)
 extern char* crypt_make_pw_salt(char p[MAX_PW_SALT_LEN], const char *algo) FAST_FUNC;
 
-
 /* Returns number of lines changed, or -1 on error */
 #if !(ENABLE_FEATURE_ADDUSER_TO_GROUP || ENABLE_FEATURE_DEL_USER_FROM_GROUP)
 #define update_passwd(filename, username, data, member) \