summaryrefslogtreecommitdiff
path: root/Userland/Libraries/LibCrypt/crypt.cpp
blob: 258f2909f161898466d74f546380c4d6e7b0bcb9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
/*
 * Copyright (c) 2020, Peter Elliott <pelliott@serenityos.org>
 *
 * SPDX-License-Identifier: BSD-2-Clause
 */

#include <AK/Base64.h>
#include <AK/Types.h>
#include <LibCrypto/Hash/SHA2.h>
#include <crypt.h>
#include <errno.h>
#include <string.h>

extern "C" {

static struct crypt_data crypt_data;

char* crypt(char const* key, char const* salt)
{
    crypt_data.initialized = true;
    return crypt_r(key, salt, &crypt_data);
}

static constexpr size_t crypt_salt_max = 16;

char* crypt_r(char const* key, char const* salt, struct crypt_data* data)
{
    if (!data->initialized) {
        errno = EINVAL;
        return nullptr;
    }

    // We only support SHA-256 at the moment
    if (salt[0] != '$' || salt[1] != '5') {
        errno = EINVAL;
        return nullptr;
    }

    char const* salt_value = salt + 3;
    size_t salt_len = min(strcspn(salt_value, "$"), crypt_salt_max);
    size_t header_len = salt_len + 3;

    bool fits = DeprecatedString(salt, header_len).copy_characters_to_buffer(data->result, sizeof(data->result));
    if (!fits) {
        errno = EINVAL;
        return nullptr;
    }
    data->result[header_len] = '$';

    Crypto::Hash::SHA256 sha;
    sha.update(StringView { key, strlen(key) });
    sha.update(reinterpret_cast<u8 const*>(salt_value), salt_len);

    auto digest = sha.digest();
    auto string = encode_base64(ReadonlyBytes(digest.immutable_data(), digest.data_length()));

    fits = string.copy_characters_to_buffer(data->result + header_len + 1, sizeof(data->result) - header_len - 1);
    if (!fits) {
        errno = EINVAL;
        return nullptr;
    }

    return data->result;
}
}