diff options
| author | provos <> | 1997-07-01 20:12:43 +0000 |
|---|---|---|
| committer | provos <> | 1997-07-01 20:12:43 +0000 |
| commit | 0bf58fe735efbe7f2f089eca10449eeaabac24c6 (patch) | |
| tree | 743fd6b42bf4a4ab20042662963ed7fdd06e5085 /src/lib/libc | |
| parent | 0386451a8fc5f9f7a605645495c245e380734867 (diff) | |
| download | openbsd-0bf58fe735efbe7f2f089eca10449eeaabac24c6.tar.gz openbsd-0bf58fe735efbe7f2f089eca10449eeaabac24c6.tar.bz2 openbsd-0bf58fe735efbe7f2f089eca10449eeaabac24c6.zip | |
fix that repeating passwords yield same hash + increment minor
Diffstat (limited to 'src/lib/libc')
| -rw-r--r-- | src/lib/libc/crypt/bcrypt.c | 44 |
1 files changed, 32 insertions, 12 deletions
diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c index f626c2f453..0a0cca14a1 100644 --- a/src/lib/libc/crypt/bcrypt.c +++ b/src/lib/libc/crypt/bcrypt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bcrypt.c,v 1.5 1997/04/30 05:57:04 tholo Exp $ */ | 1 | /* $OpenBSD: bcrypt.c,v 1.6 1997/07/01 20:12:43 provos Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> | 3 | * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> |
| 4 | * All rights reserved. | 4 | * All rights reserved. |
| @@ -152,11 +152,12 @@ encode_salt(salt, csalt, clen, logr) | |||
| 152 | { | 152 | { |
| 153 | salt[0] = '$'; | 153 | salt[0] = '$'; |
| 154 | salt[1] = BCRYPT_VERSION; | 154 | salt[1] = BCRYPT_VERSION; |
| 155 | salt[2] = '$'; | 155 | salt[2] = 'a'; |
| 156 | salt[3] = '$'; | ||
| 156 | 157 | ||
| 157 | snprintf(salt + 3, 4, "%2.2u$", logr); | 158 | snprintf(salt + 4, 4, "%2.2u$", logr); |
| 158 | 159 | ||
| 159 | encode_base64((u_int8_t *) salt + 6, csalt, clen); | 160 | encode_base64((u_int8_t *) salt + 7, csalt, clen); |
| 160 | } | 161 | } |
| 161 | /* Generates a salt for this version of crypt. | 162 | /* Generates a salt for this version of crypt. |
| 162 | Since versions may change. Keeping this here | 163 | Since versions may change. Keeping this here |
| @@ -200,10 +201,11 @@ bcrypt(key, salt) | |||
| 200 | blf_ctx state; | 201 | blf_ctx state; |
| 201 | u_int32_t rounds, i, k; | 202 | u_int32_t rounds, i, k; |
| 202 | u_int16_t j; | 203 | u_int16_t j; |
| 203 | u_int8_t key_len, salt_len, logr; | 204 | u_int8_t key_len, salt_len, logr, minor; |
| 204 | u_int8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt"; | 205 | u_int8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt"; |
| 205 | u_int8_t csalt[BCRYPT_MAXSALT]; | 206 | u_int8_t csalt[BCRYPT_MAXSALT]; |
| 206 | u_int32_t cdata[BCRYPT_BLOCKS]; | 207 | u_int32_t cdata[BCRYPT_BLOCKS]; |
| 208 | |||
| 207 | /* Discard "$" identifier */ | 209 | /* Discard "$" identifier */ |
| 208 | salt++; | 210 | salt++; |
| 209 | 211 | ||
| @@ -211,10 +213,25 @@ bcrypt(key, salt) | |||
| 211 | /* How do I handle errors ? Return ':' */ | 213 | /* How do I handle errors ? Return ':' */ |
| 212 | return error; | 214 | return error; |
| 213 | } | 215 | } |
| 216 | |||
| 217 | /* Check for minor versions */ | ||
| 218 | if (salt[1] != '$') { | ||
| 219 | switch(salt[1]) { | ||
| 220 | case 'a': | ||
| 221 | /* 'ab' should not yield the same as 'abab' */ | ||
| 222 | minor = salt[1]; | ||
| 223 | salt++; | ||
| 224 | break; | ||
| 225 | default: | ||
| 226 | return error; | ||
| 227 | } | ||
| 228 | } else | ||
| 229 | minor = 0; | ||
| 230 | |||
| 214 | /* Discard version + "$" identifier */ | 231 | /* Discard version + "$" identifier */ |
| 215 | salt += 2; | 232 | salt += 2; |
| 216 | 233 | ||
| 217 | if (*(salt + 2) != '$') | 234 | if (salt[2] != '$') |
| 218 | /* Out of sync with passwd entry */ | 235 | /* Out of sync with passwd entry */ |
| 219 | return error; | 236 | return error; |
| 220 | 237 | ||
| @@ -228,7 +245,7 @@ bcrypt(key, salt) | |||
| 228 | /* We dont want the base64 salt but the raw data */ | 245 | /* We dont want the base64 salt but the raw data */ |
| 229 | decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt); | 246 | decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt); |
| 230 | salt_len = BCRYPT_MAXSALT; | 247 | salt_len = BCRYPT_MAXSALT; |
| 231 | key_len = strlen(key); | 248 | key_len = strlen(key) + (minor >= 'a' ? 1 : 0); |
| 232 | 249 | ||
| 233 | /* Setting up S-Boxes and Subkeys */ | 250 | /* Setting up S-Boxes and Subkeys */ |
| 234 | Blowfish_initstate(&state); | 251 | Blowfish_initstate(&state); |
| @@ -259,13 +276,16 @@ bcrypt(key, salt) | |||
| 259 | } | 276 | } |
| 260 | 277 | ||
| 261 | 278 | ||
| 262 | encrypted[0] = '$'; | 279 | i = 0; |
| 263 | encrypted[1] = BCRYPT_VERSION; | 280 | encrypted[i++] = '$'; |
| 264 | encrypted[2] = '$'; | 281 | encrypted[i++] = BCRYPT_VERSION; |
| 282 | if (minor) | ||
| 283 | encrypted[i++] = minor; | ||
| 284 | encrypted[i++] = '$'; | ||
| 265 | 285 | ||
| 266 | snprintf(encrypted + 3, 4, "%2.2u$", logr); | 286 | snprintf(encrypted + i, 4, "%2.2u$", logr); |
| 267 | 287 | ||
| 268 | encode_base64((u_int8_t *) encrypted + 6, csalt, BCRYPT_MAXSALT); | 288 | encode_base64((u_int8_t *) encrypted + i + 3, csalt, BCRYPT_MAXSALT); |
| 269 | encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext, | 289 | encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext, |
| 270 | 4 * BCRYPT_BLOCKS); | 290 | 4 * BCRYPT_BLOCKS); |
| 271 | return encrypted; | 291 | return encrypted; |