Asterisk - The Open Source Telephony Project GIT-master-f36a736
Macros | Functions | Variables
crypt.c File Reference

Asterisk wrapper for crypt(3) More...

#include "asterisk.h"
#include <unistd.h>
#include <crypt.h>
#include "asterisk/utils.h"
Include dependency graph for crypt.c:

Go to the source code of this file.

Macros

#define MAX_SALT_LEN   21
 Max length of a salt string. More...
 

Functions

char * ast_crypt (const char *key, const char *salt)
 Asterisk wrapper around crypt(3). More...
 
char * ast_crypt_encrypt (const char *key)
 Asterisk wrapper around crypt(3) for encrypting passwords. More...
 
int ast_crypt_validate (const char *key, const char *expected)
 Asterisk wrapper around crypt(3) for validating passwords. More...
 
static int gen_salt (char *current_salt, size_t maxlen)
 Generates a salt to try with crypt. More...
 
static char gen_salt_char (void)
 

Variables

static char salt_chars []
 

Detailed Description

Asterisk wrapper for crypt(3)

Author
David M. Lee, II dlee@.nosp@m.digi.nosp@m.um.co.nosp@m.m

Definition in file crypt.c.

Macro Definition Documentation

◆ MAX_SALT_LEN

#define MAX_SALT_LEN   21

Max length of a salt string.

$[1,5,6]$[a–zA–Z0–9./]{1,16}$, plus null terminator

Definition at line 43 of file crypt.c.

Function Documentation

◆ ast_crypt()

char * ast_crypt ( const char *  key,
const char *  salt 
)

Asterisk wrapper around crypt(3).

The interpretation of the salt (which determines the password hashing algorithm) is system specific. Application code should prefer to use ast_crypt_encrypt() or ast_crypt_validate().

The returned string is heap allocated, and should be freed with ast_free().

Parameters
keyUser's password to crypt.
saltSalt to crypt with.
Returns
Crypted password.
Return values
NULLon error.

Definition at line 121 of file crypt.c.

122{
123 struct crypt_data data = {};
124 const char *crypted = crypt_r(key, salt, &data);
125
126 /* Crypt may return success even if it doesn't recognize the salt. But
127 * in those cases it always mangles the salt in some way.
128 */
129 if (!crypted || !ast_begins_with(crypted, salt)) {
130 return NULL;
131 }
132
133 return ast_strdup(crypted);
134}
#define ast_strdup(str)
A wrapper for strdup()
Definition: astmm.h:241
#define NULL
Definition: resample.c:96
static int force_inline attribute_pure ast_begins_with(const char *str, const char *prefix)
Checks whether a string begins with another.
Definition: strings.h:97

References ast_begins_with(), ast_strdup, and NULL.

Referenced by ast_crypt_encrypt().

◆ ast_crypt_encrypt()

char * ast_crypt_encrypt ( const char *  key)

Asterisk wrapper around crypt(3) for encrypting passwords.

This function will generate a random salt and encrypt the given password.

The returned string is heap allocated, and should be freed with ast_free().

Parameters
keyUser's password to crypt.
Returns
Crypted password.
Return values
NULLon error.

Definition at line 190 of file crypt.c.

191{
192 char salt[MAX_SALT_LEN] = {};
193 while (gen_salt(salt, sizeof(salt)) == 0) {
194 char *crypted = ast_crypt(key, salt);
195 if (crypted) {
196 return crypted;
197 }
198 }
199 return NULL;
200}
static int gen_salt(char *current_salt, size_t maxlen)
Generates a salt to try with crypt.
Definition: crypt.c:72
#define MAX_SALT_LEN
Max length of a salt string.
Definition: crypt.c:43
char * ast_crypt(const char *key, const char *salt)
Asterisk wrapper around crypt(3).
Definition: crypt.c:121

References ast_crypt(), gen_salt(), MAX_SALT_LEN, and NULL.

Referenced by ari_mkpasswd(), and AST_TEST_DEFINE().

◆ ast_crypt_validate()

int ast_crypt_validate ( const char *  key,
const char *  expected 
)

Asterisk wrapper around crypt(3) for validating passwords.

Parameters
keyUser's password to validate.
expectedExpected result from crypt.
Return values
True(non-zero) if key matches expected.
False(zero) if key doesn't match.

Definition at line 136 of file crypt.c.

137{
138 struct crypt_data data = {};
139 return strcmp(expected, crypt_r(key, expected, &data)) == 0;
140}

Referenced by ast_ari_config_validate_user(), and AST_TEST_DEFINE().

◆ gen_salt()

static int gen_salt ( char *  current_salt,
size_t  maxlen 
)
static

Generates a salt to try with crypt.

If given an empty string, will generate a salt for the most secure algorithm to try with crypt(). If given a previously generated salt, the algorithm will be lowered by one level of security.

Parameters
[out]current_saltOutput string in which to generate the salt. This can be an empty string, or the results of a prior gen_salt call.
maxlenLength of current_salt.
Returns
0 on success.
Non-zero on error.

Definition at line 72 of file crypt.c.

73{
74 int i;
75
76 if (maxlen < MAX_SALT_LEN || current_salt == NULL) {
77 return -1;
78 }
79
80 switch (current_salt[0]) {
81 case '\0':
82 /* Initial generation; $6$ = SHA-512 */
83 *current_salt++ = '$';
84 *current_salt++ = '6';
85 *current_salt++ = '$';
86 for (i = 0; i < 16; ++i) {
87 *current_salt++ = gen_salt_char();
88 }
89 *current_salt++ = '$';
90 *current_salt++ = '\0';
91 return 0;
92 case '$':
93 switch (current_salt[1]) {
94 case '6':
95 /* Downgrade to SHA-256 */
96 current_salt[1] = '5';
97 return 0;
98 case '5':
99 /* Downgrade to MD5 */
100 current_salt[1] = '1';
101 return 0;
102 case '1':
103 /* Downgrade to traditional crypt */
104 *current_salt++ = gen_salt_char();
105 *current_salt++ = gen_salt_char();
106 *current_salt++ = '\0';
107 return 0;
108 default:
109 /* Unrecognized algorithm */
110 return -1;
111 }
112 default:
113 /* Was already as insecure as it gets */
114 return -1;
115 }
116
117}
static char gen_salt_char(void)
Definition: crypt.c:52

References gen_salt_char(), MAX_SALT_LEN, and NULL.

Referenced by ast_crypt_encrypt().

◆ gen_salt_char()

static char gen_salt_char ( void  )
static

Randomly select a character for a salt string

Definition at line 52 of file crypt.c.

53{
54 int which = ast_random_double() * 64;
55 return salt_chars[which];
56}
static char salt_chars[]
Definition: crypt.c:45
#define ast_random_double()
Returns a random number between 0.0 and 1.0, inclusive.
Definition: utils.h:624

References ast_random_double, and salt_chars.

Referenced by gen_salt().

Variable Documentation

◆ salt_chars

char salt_chars[]
static
Initial value:
=
"abcdefghijklmnopqrstuvwxyz"
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"0123456789"
"./"

Definition at line 45 of file crypt.c.

Referenced by gen_salt_char().