From 1115280b39148ceb8732e59bf10dd6eaef97f58d Mon Sep 17 00:00:00 2001
From: Andi Shyti <andi@etezian.org>
Date: Wed, 5 Sep 2012 18:17:48 +0200
Subject: crypt_sha256: some sparse fixes

Signed-off-by: Andi Shyti <andi@etezian.org>
---
 src/crypt_sha256.c | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/src/crypt_sha256.c b/src/crypt_sha256.c
index 6484ea4..9410990 100644
--- a/src/crypt_sha256.c
+++ b/src/crypt_sha256.c
@@ -6,16 +6,15 @@
 #include <openssl/evp.h>
 
 #define RAND_FILE		"/dev/random"
-#define SHA_STR			"{SHA256}"
+#define SHA_STR			"{SSHA256}"
 
 /* string length */
 #define LEN_PASSWD_MIN		8
 #define LEN_PASSWD_MAX		64
-#define LEN_RAND_STR            16
-#define LEN_BUFFER		LEN_PASSWD_MAX + LEN_RAND_STR + \
-						SHA256_DIGEST_LENGTH
+#define LEN_SALT		16
+#define LEN_BUFFER		LEN_SALT + SHA256_DIGEST_LENGTH
 #define LEN_ENC64		64
-#define	LEN_SHA_STR		8
+#define	LEN_SHA_STR		9
 #define LEN_FINAL_PASSWD	LEN_ENC64 + LEN_SHA_STR
 
 
@@ -29,40 +28,40 @@ char* get_crypt_sha256(const char *p)
 	int rand_fd;
 	ssize_t size;
 	size_t len = strlen(p);
-	unsigned char rand_str[LEN_RAND_STR];
+	unsigned char *salt;
 	unsigned char passwd_buff[LEN_BUFFER];
 	unsigned char sha_pwd[SHA256_DIGEST_LENGTH];
 	unsigned char enc64_pwd[LEN_ENC64];
 	char *final_pwd;
 
+	salt = (unsigned char*) malloc(len + LEN_SALT);
 	rand_fd = open(RAND_FILE, O_RDONLY);
 	if (rand_fd < 0) {
 		fprintf(stderr, "impossible to open " RAND_FILE "\n");
 		exit(EXIT_FAILURE);
 	}
 
-	size = read(rand_fd, rand_str, LEN_RAND_STR);
+	size = read(rand_fd, salt+len, LEN_SALT);
 	close(rand_fd);
-	if (size != LEN_RAND_STR) {
+	if (size != LEN_SALT) {
 		fprintf(stderr, "failed to read from " RAND_FILE "\n");
 		exit(EXIT_FAILURE);
 	}
 
-	memcpy(passwd_buff + SHA256_DIGEST_LENGTH, p, len);
-	memcpy(passwd_buff + SHA256_DIGEST_LENGTH + len,
-						rand_str, LEN_RAND_STR);
+	memcpy(salt, p, len);
 
-	SHA256(passwd_buff + SHA256_DIGEST_LENGTH, len + LEN_RAND_STR, sha_pwd);
+	SHA256(salt, len + LEN_SALT, sha_pwd);
 
 	memcpy(passwd_buff, sha_pwd, SHA256_DIGEST_LENGTH);
+	memcpy(passwd_buff + SHA256_DIGEST_LENGTH, salt, LEN_SALT);
 
-	EVP_EncodeBlock(enc64_pwd, sha_pwd,
-				SHA256_DIGEST_LENGTH + len + LEN_RAND_STR);
+	EVP_EncodeBlock(enc64_pwd, passwd_buff,
+				SHA256_DIGEST_LENGTH + LEN_SALT);
 
 
 	final_pwd = (char*) malloc (LEN_FINAL_PASSWD + 1);
 	memcpy(final_pwd, SHA_STR, LEN_SHA_STR);
-	memcpy(final_pwd+8, enc64_pwd, LEN_ENC64);
+	memcpy(final_pwd+LEN_SHA_STR, enc64_pwd, LEN_ENC64);
 	final_pwd[LEN_FINAL_PASSWD] = '\0';
 
 	return final_pwd;
-- 
cgit v1.2.3