TLA Line data Source code
1 : /*
2 : * Written by Solar Designer and placed in the public domain.
3 : * See crypt_blowfish.c for more information.
4 : *
5 : * contrib/pgcrypto/crypt-gensalt.c
6 : *
7 : * This file contains salt generation functions for the traditional and
8 : * other common crypt(3) algorithms, except for bcrypt which is defined
9 : * entirely in crypt_blowfish.c.
10 : *
11 : * Put bcrypt generator also here as crypt-blowfish.c
12 : * may not be compiled always. -- marko
13 : */
14 :
15 : #include "postgres.h"
16 :
17 : #include "px-crypt.h"
18 :
19 : typedef unsigned int BF_word;
20 :
21 : static unsigned char _crypt_itoa64[64 + 1] =
22 : "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
23 :
24 : char *
25 CBC 1 : _crypt_gensalt_traditional_rn(unsigned long count,
26 : const char *input, int size, char *output, int output_size)
27 : {
28 1 : if (size < 2 || output_size < 2 + 1 || (count && count != 25))
29 : {
30 UBC 0 : if (output_size > 0)
31 0 : output[0] = '\0';
32 0 : return NULL;
33 : }
34 :
35 CBC 1 : output[0] = _crypt_itoa64[(unsigned int) input[0] & 0x3f];
36 1 : output[1] = _crypt_itoa64[(unsigned int) input[1] & 0x3f];
37 1 : output[2] = '\0';
38 :
39 1 : return output;
40 : }
41 :
42 : char *
43 1 : _crypt_gensalt_extended_rn(unsigned long count,
44 : const char *input, int size, char *output, int output_size)
45 : {
46 : unsigned long value;
47 :
48 : /* Even iteration counts make it easier to detect weak DES keys from a look
49 : * at the hash, so they should be avoided */
50 1 : if (size < 3 || output_size < 1 + 4 + 4 + 1 ||
51 1 : (count && (count > 0xffffff || !(count & 1))))
52 : {
53 UBC 0 : if (output_size > 0)
54 0 : output[0] = '\0';
55 0 : return NULL;
56 : }
57 :
58 CBC 1 : if (!count)
59 UBC 0 : count = 725;
60 :
61 CBC 1 : output[0] = '_';
62 1 : output[1] = _crypt_itoa64[count & 0x3f];
63 1 : output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
64 1 : output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
65 1 : output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
66 1 : value = (unsigned long) (unsigned char) input[0] |
67 1 : ((unsigned long) (unsigned char) input[1] << 8) |
68 1 : ((unsigned long) (unsigned char) input[2] << 16);
69 1 : output[5] = _crypt_itoa64[value & 0x3f];
70 1 : output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
71 1 : output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
72 1 : output[8] = _crypt_itoa64[(value >> 18) & 0x3f];
73 1 : output[9] = '\0';
74 :
75 1 : return output;
76 : }
77 :
78 : char *
79 1 : _crypt_gensalt_md5_rn(unsigned long count,
80 : const char *input, int size, char *output, int output_size)
81 : {
82 : unsigned long value;
83 :
84 1 : if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000))
85 : {
86 UBC 0 : if (output_size > 0)
87 0 : output[0] = '\0';
88 0 : return NULL;
89 : }
90 :
91 CBC 1 : output[0] = '$';
92 1 : output[1] = '1';
93 1 : output[2] = '$';
94 1 : value = (unsigned long) (unsigned char) input[0] |
95 1 : ((unsigned long) (unsigned char) input[1] << 8) |
96 1 : ((unsigned long) (unsigned char) input[2] << 16);
97 1 : output[3] = _crypt_itoa64[value & 0x3f];
98 1 : output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
99 1 : output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
100 1 : output[6] = _crypt_itoa64[(value >> 18) & 0x3f];
101 1 : output[7] = '\0';
102 :
103 1 : if (size >= 6 && output_size >= 3 + 4 + 4 + 1)
104 : {
105 1 : value = (unsigned long) (unsigned char) input[3] |
106 1 : ((unsigned long) (unsigned char) input[4] << 8) |
107 1 : ((unsigned long) (unsigned char) input[5] << 16);
108 1 : output[7] = _crypt_itoa64[value & 0x3f];
109 1 : output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
110 1 : output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
111 1 : output[10] = _crypt_itoa64[(value >> 18) & 0x3f];
112 1 : output[11] = '\0';
113 : }
114 :
115 1 : return output;
116 : }
117 :
118 :
119 :
120 : static unsigned char BF_itoa64[64 + 1] =
121 : "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
122 :
123 : static void
124 1 : BF_encode(char *dst, const BF_word *src, int size)
125 : {
126 1 : const unsigned char *sptr = (const unsigned char *) src;
127 1 : const unsigned char *end = sptr + size;
128 1 : unsigned char *dptr = (unsigned char *) dst;
129 : unsigned int c1,
130 : c2;
131 :
132 : do
133 : {
134 6 : c1 = *sptr++;
135 6 : *dptr++ = BF_itoa64[c1 >> 2];
136 6 : c1 = (c1 & 0x03) << 4;
137 6 : if (sptr >= end)
138 : {
139 1 : *dptr++ = BF_itoa64[c1];
140 1 : break;
141 : }
142 :
143 5 : c2 = *sptr++;
144 5 : c1 |= c2 >> 4;
145 5 : *dptr++ = BF_itoa64[c1];
146 5 : c1 = (c2 & 0x0f) << 2;
147 5 : if (sptr >= end)
148 : {
149 UBC 0 : *dptr++ = BF_itoa64[c1];
150 0 : break;
151 : }
152 :
153 CBC 5 : c2 = *sptr++;
154 5 : c1 |= c2 >> 6;
155 5 : *dptr++ = BF_itoa64[c1];
156 5 : *dptr++ = BF_itoa64[c2 & 0x3f];
157 5 : } while (sptr < end);
158 1 : }
159 :
160 : char *
161 1 : _crypt_gensalt_blowfish_rn(unsigned long count,
162 : const char *input, int size, char *output, int output_size)
163 : {
164 1 : if (size < 16 || output_size < 7 + 22 + 1 ||
165 1 : (count && (count < 4 || count > 31)))
166 : {
167 UBC 0 : if (output_size > 0)
168 0 : output[0] = '\0';
169 0 : return NULL;
170 : }
171 :
172 CBC 1 : if (!count)
173 UBC 0 : count = 5;
174 :
175 CBC 1 : output[0] = '$';
176 1 : output[1] = '2';
177 1 : output[2] = 'a';
178 1 : output[3] = '$';
179 1 : output[4] = '0' + count / 10;
180 1 : output[5] = '0' + count % 10;
181 1 : output[6] = '$';
182 :
183 1 : BF_encode(&output[7], (const BF_word *) input, 16);
184 1 : output[7 + 22] = '\0';
185 :
186 1 : return output;
187 : }
|