xref: /freebsd/lib/libcrypt/crypt.c (revision fcb560670601b2a4d87bb31d7531c8dcc37ee71b)
1 /*-
2  * Copyright (c) 1999 Mark Murray
3  * Copyright (c) 2014 Dag-Erling Smørgrav
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED.  IN NO EVENT SHALL MARK MURRAY OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  */
27 
28 #include <sys/cdefs.h>
29 __FBSDID("$FreeBSD$");
30 
31 #include <sys/types.h>
32 
33 #include <libutil.h>
34 #include <string.h>
35 #include <unistd.h>
36 
37 #include "crypt.h"
38 
39 /*
40  * List of supported crypt(3) formats.
41  *
42  * The default algorithm is the last entry in the list (second-to-last
43  * array element since the last is a sentinel).  The reason for placing
44  * the default last rather than first is that DES needs to be at the
45  * bottom for the algorithm guessing logic in crypt(3) to work correctly,
46  * and it needs to be the default for backward compatibility.
47  */
48 static const struct crypt_format {
49 	const char *const name;
50 	char *(*const func)(const char *, const char *);
51 	const char *const magic;
52 } crypt_formats[] = {
53 	{ "md5",	crypt_md5,		"$1$"	},
54 #ifdef HAS_BLOWFISH
55 	{ "blf",	crypt_blowfish,		"$2"	},
56 #endif
57 	{ "nth",	crypt_nthash,		"$3$"	},
58 	{ "sha256",	crypt_sha256,		"$5$"	},
59 	{ "sha512",	crypt_sha512,		"$6$"	},
60 #ifdef HAS_DES
61 	{ "des",	crypt_des,		"_"	},
62 #endif
63 
64 	/* sentinel */
65 	{ NULL,		NULL,			NULL	}
66 };
67 
68 static const struct crypt_format *crypt_format =
69     &crypt_formats[(sizeof crypt_formats / sizeof *crypt_formats) - 2];
70 
71 #define DES_SALT_ALPHABET \
72 	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
73 
74 /*
75  * Returns the name of the currently selected format.
76  */
77 const char *
78 crypt_get_format(void)
79 {
80 
81 	return (crypt_format->name);
82 }
83 
84 /*
85  * Selects the format to use for subsequent crypt(3) invocations.
86  */
87 int
88 crypt_set_format(const char *format)
89 {
90 	const struct crypt_format *cf;
91 
92 	for (cf = crypt_formats; cf->name != NULL; ++cf) {
93 		if (strcasecmp(cf->name, format) == 0) {
94 			crypt_format = cf;
95 			return (1);
96 		}
97 	}
98 	return (0);
99 }
100 
101 /*
102  * Hash the given password with the given salt.  If the salt begins with a
103  * magic string (e.g. "$6$" for sha512), the corresponding format is used;
104  * otherwise, the currently selected format is used.
105  */
106 char *
107 crypt(const char *passwd, const char *salt)
108 {
109 	const struct crypt_format *cf;
110 #ifdef HAS_DES
111 	int len;
112 #endif
113 
114 	for (cf = crypt_formats; cf->name != NULL; ++cf)
115 		if (cf->magic != NULL && strstr(salt, cf->magic) == salt)
116 			return (cf->func(passwd, salt));
117 #ifdef HAS_DES
118 	len = strlen(salt);
119 	if ((len == 13 || len == 2) && strspn(salt, DES_SALT_ALPHABET) == len)
120 		return (crypt_des(passwd, salt));
121 #endif
122 	return (crypt_format->func(passwd, salt));
123 }
124