Merge branch 'ennorehling-feature/apache-md5'

This commit is contained in:
Enno Rehling 2016-02-06 15:24:04 +01:00
commit 9d1020b73b
3 changed files with 20 additions and 16 deletions

View file

@ -12,17 +12,13 @@
#define MAXSALTLEN 32 // maximum length in characters of any salt
#define SALTLEN 8 // length of salts we generate
/* Table with characters for base64 transformation. */
static const char b64t[65] =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
#define b64_from_24bit(B2, B1, B0, N) \
do { \
unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0); \
int n = (N); \
while (n-- > 0 && buflen > 0) \
{ \
*cp++ = b64t[w & 0x3f]; \
*cp++ = itoa64[w & 0x3f]; \
--buflen; \
w >>= 6; \
} \
@ -50,9 +46,12 @@ static const char * password_hash_i(const char * passwd, const char *salt, int a
_snprintf(result, len, "$0$%s$%s", salt, passwd);
}
else if (algo == PASSWORD_MD5) {
char * result = md5_crypt(passwd, salt);
return md5_crypt_r(passwd, salt, result, len);
}
else if (algo == PASSWORD_APACHE_MD5) {
apr_md5_encode(passwd, salt, result, len);
return result;
}
}
else {
return NULL;
}
@ -66,7 +65,7 @@ const char * password_hash(const char * passwd, const char * salt, int algo) {
}
static bool password_is_implemented(int algo) {
return algo==PASSWORD_PLAIN || algo==PASSWORD_MD5;
return algo==PASSWORD_PLAIN || algo==PASSWORD_MD5 || algo==PASSWORD_APACHE_MD5;
}
int password_verify(const char * pwhash, const char * passwd) {
@ -79,7 +78,7 @@ int password_verify(const char * pwhash, const char * passwd) {
assert(passwd);
assert(pwhash);
assert(pwhash[0] == '$');
algo = pwhash[1] - '0';
algo = pwhash[1];
pos = strchr(pwhash+2, '$');
assert(pos && pos[0] == '$');
++pos;

View file

@ -1,12 +1,12 @@
#pragma once
#define PASSWORD_PLAIN 0
#define PASSWORD_MD5 1
#define PASSWORD_BCRYPT 2 // not implemented
#define PASSWORD_SHA256 5 // not implemented
#define PASSWORD_SHA512 6 // not implemented
#define PASSWORD_DEFAULT PASSWORD_MD5
#define PASSWORD_PLAIN '0'
#define PASSWORD_MD5 '1'
#define PASSWORD_BCRYPT '2' // not implemented
#define PASSWORD_APACHE_MD5 'a'
#define PASSWORD_SHA256 '5' // not implemented
#define PASSWORD_SHA512 '6' // not implemented
#define PASSWORD_DEFAULT PASSWORD_APACHE_MD5
#define VERIFY_OK 0 // password matches hash
#define VERIFY_FAIL 1 // password is wrong

View file

@ -5,6 +5,11 @@
static void test_passwords(CuTest *tc) {
const char *hash;
hash = password_hash("Hodor", "FqQLkl8g", PASSWORD_APACHE_MD5);
CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, "$apr1$FqQLkl8g$.icQqaDJpim4BVy.Ho5660", hash);
CuAssertIntEquals(tc, VERIFY_OK, password_verify(hash, "Hodor"));
hash = password_hash("jollygood", "ZouUn04i", PASSWORD_MD5);
CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, "$1$ZouUn04i$yNnT1Oy8azJ5V.UM9ppP5/", hash);