LCOV - code coverage report
Current view: top level - contrib/pgcrypto - crypt-gensalt.c (source / functions) Hit Total Coverage
Test: PostgreSQL 17devel Lines: 82 98 83.7 %
Date: 2024-05-09 10:11:15 Functions: 5 5 100.0 %
Legend: Lines: hit not hit 

          Line data    Source code
       1             : /*
       2             :  * Written by Solar Designer and placed in the public domain.
       3             :  * See crypt_blowfish.c for more information.
       4             :  *
       5             :  * contrib/pgcrypto/crypt-gensalt.c
       6             :  *
       7             :  * This file contains salt generation functions for the traditional and
       8             :  * other common crypt(3) algorithms, except for bcrypt which is defined
       9             :  * entirely in crypt_blowfish.c.
      10             :  *
      11             :  * Put bcrypt generator also here as crypt-blowfish.c
      12             :  * may not be compiled always.        -- marko
      13             :  */
      14             : 
      15             : #include "postgres.h"
      16             : 
      17             : #include "px-crypt.h"
      18             : 
      19             : typedef unsigned int BF_word;
      20             : 
      21             : static unsigned char _crypt_itoa64[64 + 1] =
      22             : "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
      23             : 
      24             : char *
      25           2 : _crypt_gensalt_traditional_rn(unsigned long count,
      26             :                               const char *input, int size, char *output, int output_size)
      27             : {
      28           2 :     if (size < 2 || output_size < 2 + 1 || (count && count != 25))
      29             :     {
      30           0 :         if (output_size > 0)
      31           0 :             output[0] = '\0';
      32           0 :         return NULL;
      33             :     }
      34             : 
      35           2 :     output[0] = _crypt_itoa64[(unsigned int) input[0] & 0x3f];
      36           2 :     output[1] = _crypt_itoa64[(unsigned int) input[1] & 0x3f];
      37           2 :     output[2] = '\0';
      38             : 
      39           2 :     return output;
      40             : }
      41             : 
      42             : char *
      43           2 : _crypt_gensalt_extended_rn(unsigned long count,
      44             :                            const char *input, int size, char *output, int output_size)
      45             : {
      46             :     unsigned long value;
      47             : 
      48             : /* Even iteration counts make it easier to detect weak DES keys from a look
      49             :  * at the hash, so they should be avoided */
      50           2 :     if (size < 3 || output_size < 1 + 4 + 4 + 1 ||
      51           2 :         (count && (count > 0xffffff || !(count & 1))))
      52             :     {
      53           0 :         if (output_size > 0)
      54           0 :             output[0] = '\0';
      55           0 :         return NULL;
      56             :     }
      57             : 
      58           2 :     if (!count)
      59           0 :         count = 725;
      60             : 
      61           2 :     output[0] = '_';
      62           2 :     output[1] = _crypt_itoa64[count & 0x3f];
      63           2 :     output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
      64           2 :     output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
      65           2 :     output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
      66           2 :     value = (unsigned long) (unsigned char) input[0] |
      67           2 :         ((unsigned long) (unsigned char) input[1] << 8) |
      68           2 :         ((unsigned long) (unsigned char) input[2] << 16);
      69           2 :     output[5] = _crypt_itoa64[value & 0x3f];
      70           2 :     output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
      71           2 :     output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
      72           2 :     output[8] = _crypt_itoa64[(value >> 18) & 0x3f];
      73           2 :     output[9] = '\0';
      74             : 
      75           2 :     return output;
      76             : }
      77             : 
      78             : char *
      79           2 : _crypt_gensalt_md5_rn(unsigned long count,
      80             :                       const char *input, int size, char *output, int output_size)
      81             : {
      82             :     unsigned long value;
      83             : 
      84           2 :     if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000))
      85             :     {
      86           0 :         if (output_size > 0)
      87           0 :             output[0] = '\0';
      88           0 :         return NULL;
      89             :     }
      90             : 
      91           2 :     output[0] = '$';
      92           2 :     output[1] = '1';
      93           2 :     output[2] = '$';
      94           2 :     value = (unsigned long) (unsigned char) input[0] |
      95           2 :         ((unsigned long) (unsigned char) input[1] << 8) |
      96           2 :         ((unsigned long) (unsigned char) input[2] << 16);
      97           2 :     output[3] = _crypt_itoa64[value & 0x3f];
      98           2 :     output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
      99           2 :     output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
     100           2 :     output[6] = _crypt_itoa64[(value >> 18) & 0x3f];
     101           2 :     output[7] = '\0';
     102             : 
     103           2 :     if (size >= 6 && output_size >= 3 + 4 + 4 + 1)
     104             :     {
     105           2 :         value = (unsigned long) (unsigned char) input[3] |
     106           2 :             ((unsigned long) (unsigned char) input[4] << 8) |
     107           2 :             ((unsigned long) (unsigned char) input[5] << 16);
     108           2 :         output[7] = _crypt_itoa64[value & 0x3f];
     109           2 :         output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
     110           2 :         output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
     111           2 :         output[10] = _crypt_itoa64[(value >> 18) & 0x3f];
     112           2 :         output[11] = '\0';
     113             :     }
     114             : 
     115           2 :     return output;
     116             : }
     117             : 
     118             : 
     119             : 
     120             : static unsigned char BF_itoa64[64 + 1] =
     121             : "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
     122             : 
     123             : static void
     124           2 : BF_encode(char *dst, const BF_word *src, int size)
     125             : {
     126           2 :     const unsigned char *sptr = (const unsigned char *) src;
     127           2 :     const unsigned char *end = sptr + size;
     128           2 :     unsigned char *dptr = (unsigned char *) dst;
     129             :     unsigned int c1,
     130             :                 c2;
     131             : 
     132             :     do
     133             :     {
     134          12 :         c1 = *sptr++;
     135          12 :         *dptr++ = BF_itoa64[c1 >> 2];
     136          12 :         c1 = (c1 & 0x03) << 4;
     137          12 :         if (sptr >= end)
     138             :         {
     139           2 :             *dptr++ = BF_itoa64[c1];
     140           2 :             break;
     141             :         }
     142             : 
     143          10 :         c2 = *sptr++;
     144          10 :         c1 |= c2 >> 4;
     145          10 :         *dptr++ = BF_itoa64[c1];
     146          10 :         c1 = (c2 & 0x0f) << 2;
     147          10 :         if (sptr >= end)
     148             :         {
     149           0 :             *dptr++ = BF_itoa64[c1];
     150           0 :             break;
     151             :         }
     152             : 
     153          10 :         c2 = *sptr++;
     154          10 :         c1 |= c2 >> 6;
     155          10 :         *dptr++ = BF_itoa64[c1];
     156          10 :         *dptr++ = BF_itoa64[c2 & 0x3f];
     157          10 :     } while (sptr < end);
     158           2 : }
     159             : 
     160             : char *
     161           2 : _crypt_gensalt_blowfish_rn(unsigned long count,
     162             :                            const char *input, int size, char *output, int output_size)
     163             : {
     164           2 :     if (size < 16 || output_size < 7 + 22 + 1 ||
     165           2 :         (count && (count < 4 || count > 31)))
     166             :     {
     167           0 :         if (output_size > 0)
     168           0 :             output[0] = '\0';
     169           0 :         return NULL;
     170             :     }
     171             : 
     172           2 :     if (!count)
     173           0 :         count = 5;
     174             : 
     175           2 :     output[0] = '$';
     176           2 :     output[1] = '2';
     177           2 :     output[2] = 'a';
     178           2 :     output[3] = '$';
     179           2 :     output[4] = '0' + count / 10;
     180           2 :     output[5] = '0' + count % 10;
     181           2 :     output[6] = '$';
     182             : 
     183           2 :     BF_encode(&output[7], (const BF_word *) input, 16);
     184           2 :     output[7 + 22] = '\0';
     185             : 
     186           2 :     return output;
     187             : }

Generated by: LCOV version 1.14