summaryrefslogtreecommitdiff
path: root/lib/libc
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libc')
-rw-r--r--lib/libc/crypt/bcrypt.c41
1 files changed, 26 insertions, 15 deletions
diff --git a/lib/libc/crypt/bcrypt.c b/lib/libc/crypt/bcrypt.c
index 7760ac7c0cb..d7af344b972 100644
--- a/lib/libc/crypt/bcrypt.c
+++ b/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bcrypt.c,v 1.36 2014/03/24 00:00:29 tedu Exp $ */
+/* $OpenBSD: bcrypt.c,v 1.37 2014/04/08 20:14:25 tedu Exp $ */
/*
* Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
@@ -52,8 +52,8 @@
char *bcrypt_gensalt(u_int8_t);
-static void encode_base64(u_int8_t *, u_int8_t *, u_int16_t);
-static void decode_base64(u_int8_t *, u_int16_t, u_int8_t *);
+static int encode_base64(char *, const u_int8_t *, size_t);
+static int decode_base64(u_int8_t *, size_t, const char *);
/*
* Generates a salt for this version of crypt.
@@ -74,7 +74,7 @@ bcrypt_initsalt(int log_rounds, uint8_t *salt, size_t saltbuflen)
log_rounds = 31;
snprintf(salt, saltbuflen, "$2a$%2.2u$", log_rounds);
- encode_base64((uint8_t *)salt + 7, csalt, sizeof(csalt));
+ encode_base64(salt + 7, csalt, sizeof(csalt));
return 0;
}
@@ -141,7 +141,7 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted,
return -1;
/* We dont want the base64 salt but the raw data */
- decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt);
+ decode_base64(csalt, BCRYPT_MAXSALT, salt);
salt_len = BCRYPT_MAXSALT;
if (minor <= 'a')
key_len = (u_int8_t)(strlen(key) + (minor >= 'a' ? 1 : 0));
@@ -194,8 +194,8 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted,
snprintf(encrypted + i, 4, "%2.2u$", logr);
- encode_base64((u_int8_t *) encrypted + i + 3, csalt, BCRYPT_MAXSALT);
- encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext,
+ encode_base64(encrypted + i + 3, csalt, BCRYPT_MAXSALT);
+ encode_base64(encrypted + strlen(encrypted), ciphertext,
4 * BCRYPT_BLOCKS - 1);
memset(&state, 0, sizeof(state));
memset(ciphertext, 0, sizeof(ciphertext));
@@ -260,19 +260,23 @@ const static u_int8_t index_64[128] = {
};
#define CHAR64(c) ( (c) > 127 ? 255 : index_64[(c)])
-static void
-decode_base64(u_int8_t *buffer, u_int16_t len, u_int8_t *data)
+/*
+ * read buflen (after decoding) bytes of data from b64data
+ */
+static int
+decode_base64(u_int8_t *buffer, size_t len, const char *b64data)
{
u_int8_t *bp = buffer;
- u_int8_t *p = data;
+ const u_int8_t *p = b64data;
u_int8_t c1, c2, c3, c4;
+
while (bp < buffer + len) {
c1 = CHAR64(*p);
c2 = CHAR64(*(p + 1));
/* Invalid data */
if (c1 == 255 || c2 == 255)
- break;
+ return -1;
*bp++ = (c1 << 2) | ((c2 & 0x30) >> 4);
if (bp >= buffer + len)
@@ -293,14 +297,20 @@ decode_base64(u_int8_t *buffer, u_int16_t len, u_int8_t *data)
p += 4;
}
+ return 0;
}
-static void
-encode_base64(u_int8_t *buffer, u_int8_t *data, u_int16_t len)
+/*
+ * Turn len bytes of data into base64 encoded data.
+ * This works without = padding.
+ */
+static int
+encode_base64(char *b64buffer, const u_int8_t *data, size_t len)
{
- u_int8_t *bp = buffer;
- u_int8_t *p = data;
+ u_int8_t *bp = b64buffer;
+ const u_int8_t *p = data;
u_int8_t c1, c2;
+
while (p < data + len) {
c1 = *p++;
*bp++ = Base64Code[(c1 >> 2)];
@@ -323,6 +333,7 @@ encode_base64(u_int8_t *buffer, u_int8_t *data, u_int16_t len)
*bp++ = Base64Code[c2 & 0x3f];
}
*bp = '\0';
+ return 0;
}
/*