2016-01-20 02:19:04 +01:00
|
|
|
/****************************************************************************
|
|
|
|
* apps/fsutils/passwd/passwd_encrypt.c
|
|
|
|
*
|
2021-06-08 10:39:04 +02:00
|
|
|
* Licensed to the Apache Software Foundation (ASF) under one or more
|
|
|
|
* contributor license agreements. See the NOTICE file distributed with
|
|
|
|
* this work for additional information regarding copyright ownership. The
|
|
|
|
* ASF licenses this file to you under the Apache License, Version 2.0 (the
|
|
|
|
* "License"); you may not use this file except in compliance with the
|
|
|
|
* License. You may obtain a copy of the License at
|
2016-01-20 02:19:04 +01:00
|
|
|
*
|
2021-06-08 10:39:04 +02:00
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
2016-01-20 02:19:04 +01:00
|
|
|
*
|
2021-06-08 10:39:04 +02:00
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
|
|
* License for the specific language governing permissions and limitations
|
|
|
|
* under the License.
|
2016-01-20 02:19:04 +01:00
|
|
|
*
|
|
|
|
****************************************************************************/
|
|
|
|
|
|
|
|
/****************************************************************************
|
|
|
|
* Included Files
|
|
|
|
****************************************************************************/
|
|
|
|
|
|
|
|
#include <nuttx/config.h>
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <errno.h>
|
|
|
|
|
|
|
|
#include <nuttx/crypto/tea.h>
|
|
|
|
|
|
|
|
#include "passwd.h"
|
|
|
|
|
|
|
|
/****************************************************************************
|
|
|
|
* Private Data
|
|
|
|
****************************************************************************/
|
2019-08-03 18:37:27 +02:00
|
|
|
|
2016-01-20 02:19:04 +01:00
|
|
|
/* This should be better protected */
|
|
|
|
|
|
|
|
static uint32_t g_tea_key[4] =
|
|
|
|
{
|
|
|
|
CONFIG_FSUTILS_PASSWD_KEY1,
|
|
|
|
CONFIG_FSUTILS_PASSWD_KEY2,
|
|
|
|
CONFIG_FSUTILS_PASSWD_KEY3,
|
|
|
|
CONFIG_FSUTILS_PASSWD_KEY4
|
|
|
|
};
|
|
|
|
|
2016-01-21 23:26:44 +01:00
|
|
|
/****************************************************************************
|
|
|
|
* Private Functions
|
|
|
|
****************************************************************************/
|
|
|
|
|
|
|
|
/****************************************************************************
|
|
|
|
* Name: passwd_base64
|
|
|
|
*
|
|
|
|
* Description:
|
|
|
|
* Encode a 5 bit value as a base64 character.
|
|
|
|
*
|
|
|
|
* Input Parameters:
|
|
|
|
* binary - 5 bit value
|
|
|
|
*
|
|
|
|
* Returned Value:
|
2019-08-03 18:37:27 +02:00
|
|
|
* The ASCII base64 character. Must not return the field delimiter ':'
|
2016-01-21 23:26:44 +01:00
|
|
|
*
|
|
|
|
****************************************************************************/
|
|
|
|
|
|
|
|
static char passwd_base64(uint8_t binary)
|
|
|
|
{
|
|
|
|
/* 0-26 -> 'A'-'Z' */
|
|
|
|
|
|
|
|
binary &= 63;
|
|
|
|
if (binary < 26)
|
|
|
|
{
|
|
|
|
return 'A' + binary;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* 26-51 -> 'a'-'z' */
|
|
|
|
|
|
|
|
binary -= 26;
|
|
|
|
if (binary < 26)
|
|
|
|
{
|
|
|
|
return 'a' + binary;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* 52->61 -> '0'-'9' */
|
|
|
|
|
|
|
|
binary -= 26;
|
|
|
|
if (binary < 10)
|
|
|
|
{
|
|
|
|
return '0' + binary;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* 62 -> '+' */
|
|
|
|
|
|
|
|
binary -= 10;
|
|
|
|
if (binary == 0)
|
|
|
|
{
|
|
|
|
return '+';
|
|
|
|
}
|
|
|
|
|
|
|
|
/* 63 -> '/' */
|
|
|
|
|
|
|
|
return '/';
|
|
|
|
}
|
|
|
|
|
2016-01-20 02:19:04 +01:00
|
|
|
/****************************************************************************
|
|
|
|
* Public Functions
|
|
|
|
****************************************************************************/
|
|
|
|
|
|
|
|
/****************************************************************************
|
|
|
|
* Name: passwd_encrypt
|
|
|
|
*
|
2016-01-20 02:22:45 +01:00
|
|
|
* Description:
|
2016-01-20 02:19:04 +01:00
|
|
|
* Encrypt a password. Currently uses the Tiny Encryption Algorithm.
|
|
|
|
*
|
|
|
|
* Input Parameters:
|
|
|
|
* password -- The password string to be encrypted
|
|
|
|
*
|
|
|
|
* Returned Value:
|
|
|
|
* Zero (OK) is returned on success; a negated errno value is returned on
|
|
|
|
* failure.
|
|
|
|
*
|
|
|
|
****************************************************************************/
|
|
|
|
|
|
|
|
int passwd_encrypt(FAR const char *password, char encrypted[MAX_ENCRYPTED + 1])
|
|
|
|
{
|
|
|
|
union
|
|
|
|
{
|
|
|
|
char b[8];
|
2016-01-21 23:26:44 +01:00
|
|
|
uint16_t h[4];
|
2016-01-20 02:19:04 +01:00
|
|
|
uint32_t l[2];
|
|
|
|
} value;
|
|
|
|
|
|
|
|
FAR const char *src;
|
2016-01-21 23:26:44 +01:00
|
|
|
FAR char *bptr;
|
2016-01-20 02:19:04 +01:00
|
|
|
FAR char *dest;
|
2016-01-21 23:26:44 +01:00
|
|
|
uint32_t tmp;
|
|
|
|
uint8_t remainder;
|
2016-01-20 02:19:04 +01:00
|
|
|
int remaining;
|
|
|
|
int converted;
|
|
|
|
int gulpsize;
|
2016-01-21 23:26:44 +01:00
|
|
|
int nbits;
|
2016-01-20 02:19:04 +01:00
|
|
|
int i;
|
|
|
|
|
|
|
|
/* How long is the password? */
|
|
|
|
|
|
|
|
remaining = strlen(password);
|
|
|
|
if (remaining > MAX_PASSWORD)
|
|
|
|
{
|
|
|
|
return -E2BIG;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Convert the password in 8-byte TEA cycles */
|
|
|
|
|
2016-01-21 23:26:44 +01:00
|
|
|
src = password;
|
|
|
|
dest = encrypted;
|
|
|
|
*dest = '\0';
|
|
|
|
|
|
|
|
remainder = 0;
|
|
|
|
nbits = 0;
|
2016-01-20 02:19:04 +01:00
|
|
|
|
|
|
|
for (converted = 0; converted < remaining; converted += 8)
|
|
|
|
{
|
|
|
|
/* Copy bytes */
|
|
|
|
|
|
|
|
gulpsize = 8;
|
|
|
|
if (gulpsize > remaining)
|
|
|
|
{
|
|
|
|
gulpsize = remaining;
|
|
|
|
}
|
|
|
|
|
2016-01-21 23:26:44 +01:00
|
|
|
bptr = value.b;
|
2016-01-20 02:19:04 +01:00
|
|
|
for (i = 0; i < gulpsize; i++)
|
|
|
|
{
|
2016-01-21 23:26:44 +01:00
|
|
|
*bptr++ = *src++;
|
2016-01-20 02:19:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Pad with spaces if necessary */
|
|
|
|
|
|
|
|
for (; i < 8; i++)
|
|
|
|
{
|
2016-01-21 23:26:44 +01:00
|
|
|
*bptr++ = ' ';
|
2016-01-20 02:19:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Perform the conversion for this cycle */
|
|
|
|
|
|
|
|
tea_encrypt(value.l, g_tea_key);
|
|
|
|
|
2016-01-21 23:26:44 +01:00
|
|
|
/* Generate the base64 output string from this cycle */
|
|
|
|
|
|
|
|
tmp = remainder;
|
|
|
|
|
|
|
|
for (i = 0; i < 4; i++)
|
|
|
|
{
|
|
|
|
tmp = (uint32_t)value.h[i] << nbits | tmp;
|
|
|
|
nbits += 16;
|
|
|
|
|
|
|
|
while (nbits >= 6)
|
|
|
|
{
|
|
|
|
*dest++ = passwd_base64((uint8_t)(tmp & 0x3f));
|
|
|
|
tmp >>= 6;
|
|
|
|
nbits -= 6;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
remainder = (uint8_t)tmp;
|
|
|
|
*dest = '\0';
|
|
|
|
}
|
2016-01-20 02:19:04 +01:00
|
|
|
|
2016-01-21 23:26:44 +01:00
|
|
|
/* Handle any remainder */
|
|
|
|
|
|
|
|
if (nbits > 0)
|
|
|
|
{
|
|
|
|
*dest++ = passwd_base64(remainder);
|
|
|
|
*dest = '\0';
|
2016-01-20 02:19:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return OK;
|
|
|
|
}
|