Fincer
/
openntpd-openbsd
mirror of https://github.com/Fincer/openntpd-openbsd
1
0
Fork 0
Code Issues 0 Projects 0 Releases 61 Wiki Activity
Browse Source

add new function crypt_newhash to simplify creating new hashes. 

does most of the work pwd_gensalt did, but also creates the hash.
(unused yet)
OPENBSD_5_7
tedu 10 years ago
parent
0e91bfff1b
commit
572a59f1f0
2 changed files with 46 additions and 3 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +17
    -2
      src/lib/libc/crypt/crypt.3
  2. +29
    -1
      src/lib/libc/crypt/cryptutil.c

+ 17
- 2
src/lib/libc/crypt/crypt.3 View File

@ -1,4 +1,4 @@
.\" $OpenBSD: crypt.3,v 1.38 2014/05/16 22:11:00 jmc Exp $
.\" $OpenBSD: crypt.3,v 1.39 2014/11/17 16:47:28 tedu Exp $
.\" .\"
.\" FreeSec: libcrypt .\" FreeSec: libcrypt
.\" .\"
@ -31,7 +31,7 @@
.\" .\"
.\" Manual page, using -mandoc macros .\" Manual page, using -mandoc macros
.\" .\"
.Dd $Mdocdate: May 16 2014 $
.Dd $Mdocdate: November 17 2014 $
.Dt CRYPT 3 .Dt CRYPT 3
.Os .Os
.Sh NAME .Sh NAME
@ -55,6 +55,8 @@
.Ft int .Ft int
.Fn crypt_checkpass "const char *password" "const char *hash" .Fn crypt_checkpass "const char *password" "const char *hash"
.Ft int .Ft int
.Fn crypt_newhash "const char *password" "login_cap_t *lc" "char *hash" "size_t hashsize"
.Ft int
.Fn encrypt "char *block" "int flag" .Fn encrypt "char *block" "int flag"
.Ft int .Ft int
.Fn des_setkey "const char *key" .Fn des_setkey "const char *key"
@ -102,6 +104,19 @@ If the hash is NULL, authentication will always fail, but a default
amount of work is performed to simulate the hashing operation. amount of work is performed to simulate the hashing operation.
A successful match will return 0. A successful match will return 0.
A failure will return \-1 and set errno. A failure will return \-1 and set errno.
.Pp
The
.Fn crypt_newhash
function is provided to simplify the creation of new password hashes.
The provided
.Fa password
is randomly salted and hashed and stored in
.Fa hash .
The login class argument
.Fa lc
is used to identify the preferred hashing algorithm and parameters.
Refer to
.Xr login.conf 5 .
.Ss Extended crypt .Ss Extended crypt
The The
.Ar key .Ar key


+ 29
- 1
src/lib/libc/crypt/cryptutil.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: cryptutil.c,v 1.1 2014/05/12 19:13:14 tedu Exp $ */
/* $OpenBSD: cryptutil.c,v 1.2 2014/11/17 16:47:28 tedu Exp $ */
/* /*
* Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
* *
@ -18,6 +18,7 @@
#include <unistd.h> #include <unistd.h>
#include <string.h> #include <string.h>
#include <pwd.h> #include <pwd.h>
#include <login_cap.h>
#include <errno.h> #include <errno.h>
int int
@ -52,3 +53,30 @@ fail:
errno = EACCES; errno = EACCES;
return -1; return -1;
} }
int
crypt_newhash(const char *pass, login_cap_t *lc, char *hash, size_t hashlen)
{
int rv = -1;
char *pref;
char *defaultpref = "blowfish,8";
const char *errstr;
int rounds;
if (lc == NULL ||
(pref = login_getcapstr(lc, "localcipher", NULL, NULL)) == NULL)
pref = defaultpref;
if (strncmp(pref, "blowfish,", 9) != 0) {
errno = EINVAL;
goto err;
}
rounds = strtonum(pref + 9, 4, 31, &errstr);
if (errstr)
goto err;
rv = bcrypt_newhash(pass, rounds, hash, hashlen);
err:
if (pref != defaultpref)
free(pref);
return rv;
}

Write Preview
Loading…
Cancel
Save