1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
|
// SPDX-License-Identifier: BSD-2-Clause
#include "config.h"
#include <errno.h>
#include <assert.h>
#include <crypt.h>
#include <syslog.h>
#include "basics.h"
#include "files.h"
int
create_hash(const char *password, const char *prefix,
unsigned long count, char **hash, char **error)
{
/* Strings returned by crypt_gensalt_rn will be no longer than this. */
char salt[CRYPT_GENSALT_OUTPUT_SIZE];
_cleanup_free_ struct crypt_data *cdata = NULL;
char *sp;
assert(password);
assert(hash);
sp = crypt_gensalt_rn(prefix, count, NULL, 0, salt, sizeof(salt));
if (sp == NULL)
return -errno;
cdata = calloc(1, sizeof(*cdata));
if (cdata == NULL)
return -ENOMEM;
sp = crypt_r(password, salt, cdata);
if (sp == NULL)
return -errno;
if (!strneq(sp, prefix, strlen(prefix)))
{
/* crypt doesn't know the algorithm, error out */
int r = -ENOSYS;
if (error)
{
if (asprintf (error, "Algorithm with prefix '%s' is not supported by the crypto backend.", prefix) < 0)
{
*error = NULL;
r = -ENOMEM;
}
}
explicit_bzero(cdata, sizeof(struct crypt_data));
return r;
}
*hash = strdup(sp);
explicit_bzero(cdata, sizeof(struct crypt_data));
if (*hash == NULL)
return -ENOMEM;
return 0;
}
|