Rewrite of crypt library to be more modular, and addition of the

Secure Hashing Algorithm - 1 (SHA-1), along with the further refinement of what $x$salt$hash means. With this new crypt the following are all acceptable: $1$ $MD5$ $SHA1$ Note: $2$ is used by OpenBSD's Blowfish, which I considered adding as $BF$, but there is no actual need for it with SHA-1. However, somebody wishing to add OpenBSD password support could easilly add it in now. There is also a malloc_crypt() available in the library now, which behaves exactly the same as crypt(), but it uses a malloced buffer instead of a static buffer. However, this is not standard so will likely not be used much (at all). Also, for those interested I did a brief speed test Pentium 166/MMX, which shows the DES crypt to do approximately 2640 crypts a CPU second, MD5 to do about 62 crypts a CPU second and SHA1 to do about 18 crypts a CPU second. Reviewed by: Mark Murray
author: brandon <brandon@FreeBSD.org> 1999-01-21 13:50:09 +0000
committer: brandon <brandon@FreeBSD.org> 1999-01-21 13:50:09 +0000
commit: 0cb1c5b095f3ccb2b3a2228a67aec0569258f62a (patch)
tree: f472b9120e94610b782de47336d68514b9406545 /lib/libcrypt/crypt.h
parent: 2c287cb830224d12f662854e87214efd9b8d8f70 (diff)
download: FreeBSD-src-0cb1c5b095f3ccb2b3a2228a67aec0569258f62a.zip
FreeBSD-src-0cb1c5b095f3ccb2b3a2228a67aec0569258f62a.tar.gz
1 files changed, 122 insertions, 0 deletions
diff --git a/lib/libcrypt/crypt.h b/lib/libcrypt/crypt.h
new file mode 100644
index 0000000..3b43407
--- /dev/null
+++ b/lib/libcrypt/crypt.h
@@ -0,0 +1,122 @@
+/*
+ * Copyright (C) 1996
+ *	Brandon Gillespie.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY Brandon Gillespie AND CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL Brandon Gillespie OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/*
+// --------------------------------------------------------------------------
+// to add a new algorithm, have it export the function 'crypt_<algo>'
+// (where <algo> is whichever algorithm, such as 'des' or 'md5), with
+// the arguments ordered as follows, and the return value 'char *':
+//
+//    register const unsigned char *  -- word to encrypt
+//    const unsigned int              -- length of word to encrypt
+//    register const unsigned char *  -- salt to encrypt with
+//    const unsigned int              -- salt length
+//    char *                          -- output buffer, _CRYPT_OUTPUT_SIZE max
+//    char *                          -- identifier token
+//
+// such as:
+//
+//    char *
+//    crypt_des(register const unsigned char *pw,
+//              const unsigned int pl,
+//              register const unsigned char *sp,
+//              const unsigned int sl,
+//              char * passwd,
+//              char * token);
+//
+// Prototype the function below, include libraries here.
+// You can use the macro CRYPT_HOOK() to make it easy.
+*/
+
+#include <md5.h>
+#include <pwd.h>
+#include "shs.h"
+
+#define _DES_CRYPT		0
+#define _MD5_CRYPT		1
+#define _MD5_CRYPT_OLD		3
+#define _BF_CRYPT		2
+#define _BF_CRYPT_OpenBSD	4
+#define _SHS_CRYPT		5
+
+/*
+// --------------------------------------------------------------------------
+// Prototypes
+*/
+
+#define _CRYPT_HOOK(_type_) \
+    char * crypt_ ## _type_ ( \
+          register const unsigned char * pw, \
+          const unsigned int pl, \
+          register const unsigned char * sw, \
+          const unsigned int sp, \
+          char * passwd, \
+          char * token)
+
+#ifdef DES_CRYPT
+_CRYPT_HOOK(des);
+#endif
+
+_CRYPT_HOOK(md5);
+_CRYPT_HOOK(shs);
+
+#undef _CRYPT_HOOK
+
+/*
+// --------------------------------------------------------------------------
+// What is the default?
+*/
+#ifdef _CRYPT_DEFAULT_DES
+
+/* use the 'best' encryption */
+/* currently SHA-1 */
+#define _CRYPT_DEFAULT_VERSION _SHS_CRYPT
+
+#else
+
+/* else use DES encryption */
+#define _CRYPT_DEFAULT_VERSION _DES_CRYPT
+
+#endif
+
+/*
+// --------------------------------------------------------------------------
+// other unimportant magic, enlarge as algorithms warrant, do not reduce.
+*/
+
+/* largest size of encrypted password */
+#define _CRYPT_OUTPUT_SIZE _PASSWORD_LEN
+#define _CRYPT_MAX_SALT_LEN 24 /* token=5 salt=16 extra=4 */
+
+/* magic sizes not defined elsewhere, cleaner through defs */
+#define _MD5_SIZE 16
+#define _SHS_SIZE 20
+
+#ifndef _CRYPT_C_
+extern void to64(char * s, unsigned long v, int n);
+#endif
+
author	brandon <brandon@FreeBSD.org>	1999-01-21 13:50:09 +0000
committer	brandon <brandon@FreeBSD.org>	1999-01-21 13:50:09 +0000
commit	0cb1c5b095f3ccb2b3a2228a67aec0569258f62a (patch)
tree	f472b9120e94610b782de47336d68514b9406545 /lib/libcrypt/crypt.h
parent	2c287cb830224d12f662854e87214efd9b8d8f70 (diff)
download	FreeBSD-src-0cb1c5b095f3ccb2b3a2228a67aec0569258f62a.zip FreeBSD-src-0cb1c5b095f3ccb2b3a2228a67aec0569258f62a.tar.gz