#include #include #include #include #include #include #define RAND_FILE "/dev/random" #define SHA_STR "{SSHA256}" /* string length */ #define LEN_PASSWD_MIN 8 #define LEN_PASSWD_MAX 64 #define LEN_SALT 16 #define LEN_BUFFER LEN_SALT + SHA256_DIGEST_LENGTH #define LEN_ENC64 64 #define LEN_SHA_STR 9 #define LEN_FINAL_PASSWD LEN_ENC64 + LEN_SHA_STR char* get_crypt_sha256(char *p) { int rand_fd; ssize_t size; size_t len = strlen(p); unsigned char *salt; unsigned char passwd_buff[LEN_BUFFER]; unsigned char sha_pwd[SHA256_DIGEST_LENGTH]; unsigned char enc64_pwd[LEN_ENC64]; char *final_pwd; salt = (unsigned char*) malloc(len + LEN_SALT); rand_fd = open(RAND_FILE, O_RDONLY); if (rand_fd < 0) { fprintf(stderr, "impossible to open " RAND_FILE "\n"); memset(p, 0, len); exit(EXIT_FAILURE); } size = read(rand_fd, salt+len, LEN_SALT); close(rand_fd); if (size != LEN_SALT) { fprintf(stderr, "failed to read from " RAND_FILE "\n"); memset(p, 0, len); exit(EXIT_FAILURE); } memcpy(salt, p, len); SHA256(salt, len + LEN_SALT, sha_pwd); memcpy(passwd_buff, sha_pwd, SHA256_DIGEST_LENGTH); memcpy(passwd_buff + SHA256_DIGEST_LENGTH, salt+len, LEN_SALT); /* clear plaintext passwd copy */ memset(salt, 0, len + LEN_SALT); free(salt); EVP_EncodeBlock(enc64_pwd, passwd_buff, SHA256_DIGEST_LENGTH + LEN_SALT); final_pwd = (char*) malloc (LEN_FINAL_PASSWD + 1); memcpy(final_pwd, SHA_STR, LEN_SHA_STR); memcpy(final_pwd+LEN_SHA_STR, enc64_pwd, LEN_ENC64); final_pwd[LEN_FINAL_PASSWD] = '\0'; return final_pwd; }