Merge branch 'ennorehling-feature/apache-md5'

This commit is contained in:
Enno Rehling 2016-02-06 15:24:04 +01:00
commit 9d1020b73b
3 changed files with 20 additions and 16 deletions

View File

@ -12,17 +12,13 @@
#define MAXSALTLEN 32 // maximum length in characters of any salt #define MAXSALTLEN 32 // maximum length in characters of any salt
#define SALTLEN 8 // length of salts we generate #define SALTLEN 8 // length of salts we generate
/* Table with characters for base64 transformation. */
static const char b64t[65] =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
#define b64_from_24bit(B2, B1, B0, N) \ #define b64_from_24bit(B2, B1, B0, N) \
do { \ do { \
unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0); \ unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0); \
int n = (N); \ int n = (N); \
while (n-- > 0 && buflen > 0) \ while (n-- > 0 && buflen > 0) \
{ \ { \
*cp++ = b64t[w & 0x3f]; \ *cp++ = itoa64[w & 0x3f]; \
--buflen; \ --buflen; \
w >>= 6; \ w >>= 6; \
} \ } \
@ -50,9 +46,12 @@ static const char * password_hash_i(const char * passwd, const char *salt, int a
_snprintf(result, len, "$0$%s$%s", salt, passwd); _snprintf(result, len, "$0$%s$%s", salt, passwd);
} }
else if (algo == PASSWORD_MD5) { else if (algo == PASSWORD_MD5) {
char * result = md5_crypt(passwd, salt); return md5_crypt_r(passwd, salt, result, len);
}
else if (algo == PASSWORD_APACHE_MD5) {
apr_md5_encode(passwd, salt, result, len);
return result; return result;
} }
else { else {
return NULL; return NULL;
} }
@ -66,7 +65,7 @@ const char * password_hash(const char * passwd, const char * salt, int algo) {
} }
static bool password_is_implemented(int algo) { static bool password_is_implemented(int algo) {
return algo==PASSWORD_PLAIN || algo==PASSWORD_MD5; return algo==PASSWORD_PLAIN || algo==PASSWORD_MD5 || algo==PASSWORD_APACHE_MD5;
} }
int password_verify(const char * pwhash, const char * passwd) { int password_verify(const char * pwhash, const char * passwd) {
@ -79,7 +78,7 @@ int password_verify(const char * pwhash, const char * passwd) {
assert(passwd); assert(passwd);
assert(pwhash); assert(pwhash);
assert(pwhash[0] == '$'); assert(pwhash[0] == '$');
algo = pwhash[1] - '0'; algo = pwhash[1];
pos = strchr(pwhash+2, '$'); pos = strchr(pwhash+2, '$');
assert(pos && pos[0] == '$'); assert(pos && pos[0] == '$');
++pos; ++pos;

View File

@ -1,12 +1,12 @@
#pragma once #pragma once
#define PASSWORD_PLAIN 0 #define PASSWORD_PLAIN '0'
#define PASSWORD_MD5 1 #define PASSWORD_MD5 '1'
#define PASSWORD_BCRYPT 2 // not implemented #define PASSWORD_BCRYPT '2' // not implemented
#define PASSWORD_SHA256 5 // not implemented #define PASSWORD_APACHE_MD5 'a'
#define PASSWORD_SHA512 6 // not implemented #define PASSWORD_SHA256 '5' // not implemented
#define PASSWORD_DEFAULT PASSWORD_MD5 #define PASSWORD_SHA512 '6' // not implemented
#define PASSWORD_DEFAULT PASSWORD_APACHE_MD5
#define VERIFY_OK 0 // password matches hash #define VERIFY_OK 0 // password matches hash
#define VERIFY_FAIL 1 // password is wrong #define VERIFY_FAIL 1 // password is wrong

View File

@ -5,6 +5,11 @@
static void test_passwords(CuTest *tc) { static void test_passwords(CuTest *tc) {
const char *hash; const char *hash;
hash = password_hash("Hodor", "FqQLkl8g", PASSWORD_APACHE_MD5);
CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, "$apr1$FqQLkl8g$.icQqaDJpim4BVy.Ho5660", hash);
CuAssertIntEquals(tc, VERIFY_OK, password_verify(hash, "Hodor"));
hash = password_hash("jollygood", "ZouUn04i", PASSWORD_MD5); hash = password_hash("jollygood", "ZouUn04i", PASSWORD_MD5);
CuAssertPtrNotNull(tc, hash); CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, "$1$ZouUn04i$yNnT1Oy8azJ5V.UM9ppP5/", hash); CuAssertStrEquals(tc, "$1$ZouUn04i$yNnT1Oy8azJ5V.UM9ppP5/", hash);