1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
/*
* Copyright (c) 2020, Peter Elliott <pelliott@serenityos.org>
*
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <AK/Base64.h>
#include <AK/Types.h>
#include <LibCrypto/Hash/SHA2.h>
#include <crypt.h>
#include <errno.h>
#include <string.h>
extern "C" {
static struct crypt_data crypt_data;
char* crypt(char const* key, char const* salt)
{
crypt_data.initialized = true;
return crypt_r(key, salt, &crypt_data);
}
static constexpr size_t crypt_salt_max = 16;
char* crypt_r(char const* key, char const* salt, struct crypt_data* data)
{
if (!data->initialized) {
errno = EINVAL;
return nullptr;
}
// We only support SHA-256 at the moment
if (salt[0] != '$' || salt[1] != '5') {
errno = EINVAL;
return nullptr;
}
char const* salt_value = salt + 3;
size_t salt_len = min(strcspn(salt_value, "$"), crypt_salt_max);
size_t header_len = salt_len + 3;
bool fits = DeprecatedString(salt, header_len).copy_characters_to_buffer(data->result, sizeof(data->result));
if (!fits) {
errno = EINVAL;
return nullptr;
}
data->result[header_len] = '$';
Crypto::Hash::SHA256 sha;
sha.update(StringView { key, strlen(key) });
sha.update(reinterpret_cast<u8 const*>(salt_value), salt_len);
auto digest = sha.digest();
auto string = encode_base64(ReadonlyBytes(digest.immutable_data(), digest.data_length()));
fits = string.copy_characters_to_buffer(data->result + header_len + 1, sizeof(data->result) - header_len - 1);
if (!fits) {
errno = EINVAL;
return nullptr;
}
return data->result;
}
}
|