2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 2009-2012 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in the file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
16 * This work was initially developed by Jeff Turner for inclusion
17 * in OpenLDAP Software.
19 * Hash methods for passwords generation added by Cédric Delfosse.
21 * SSHA256 / SSHA384 / SSHA512 support added, and chk_sha*() replaced
22 * with libraries/liblutil/passwd.c:chk_sha1() implementation to
23 * fix a race by SATOH Fumiyasu @ OSS Technology, Inc.
28 #include <ac/string.h>
34 #ifdef SLAPD_SHA2_DEBUG
38 #define SHA2_SALT_SIZE 8
40 static int hash_ssha256(
41 const struct berval *scheme,
42 const struct berval *passwd,
47 unsigned char hash256[SHA256_DIGEST_LENGTH];
48 char saltdata[SHA2_SALT_SIZE];
52 digest.bv_val = (char *) hash256;
53 digest.bv_len = sizeof(hash256);
54 salt.bv_val = saltdata;
55 salt.bv_len = sizeof(saltdata);
57 if (lutil_entropy((unsigned char *)salt.bv_val, salt.bv_len) < 0) {
58 return LUTIL_PASSWD_ERR;
62 SHA256_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
63 SHA256_Update(&ct, (const uint8_t*)salt.bv_val, salt.bv_len);
64 SHA256_Final(hash256, &ct);
66 return lutil_passwd_string64(scheme, &digest, hash, &salt);
69 static int hash_sha256(
70 const struct berval *scheme,
71 const struct berval *passwd,
76 unsigned char hash256[SHA256_DIGEST_LENGTH];
78 digest.bv_val = (char *) hash256;
79 digest.bv_len = sizeof(hash256);
82 SHA256_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
83 SHA256_Final(hash256, &ct);
85 return lutil_passwd_string64(scheme, &digest, hash, NULL);
88 static int hash_ssha384(
89 const struct berval *scheme,
90 const struct berval *passwd,
95 unsigned char hash384[SHA384_DIGEST_LENGTH];
96 char saltdata[SHA2_SALT_SIZE];
100 digest.bv_val = (char *) hash384;
101 digest.bv_len = sizeof(hash384);
102 salt.bv_val = saltdata;
103 salt.bv_len = sizeof(saltdata);
105 if (lutil_entropy((unsigned char *)salt.bv_val, salt.bv_len) < 0) {
106 return LUTIL_PASSWD_ERR;
110 SHA384_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
111 SHA384_Update(&ct, (const uint8_t*)salt.bv_val, salt.bv_len);
112 SHA384_Final(hash384, &ct);
114 return lutil_passwd_string64(scheme, &digest, hash, &salt);
117 static int hash_sha384(
118 const struct berval *scheme,
119 const struct berval *passwd,
124 unsigned char hash384[SHA384_DIGEST_LENGTH];
125 struct berval digest;
126 digest.bv_val = (char *) hash384;
127 digest.bv_len = sizeof(hash384);
130 SHA384_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
131 SHA384_Final(hash384, &ct);
133 return lutil_passwd_string64(scheme, &digest, hash, NULL);
136 static int hash_ssha512(
137 const struct berval *scheme,
138 const struct berval *passwd,
143 unsigned char hash512[SHA512_DIGEST_LENGTH];
144 char saltdata[SHA2_SALT_SIZE];
145 struct berval digest;
148 digest.bv_val = (char *) hash512;
149 digest.bv_len = sizeof(hash512);
150 salt.bv_val = saltdata;
151 salt.bv_len = sizeof(saltdata);
153 if (lutil_entropy((unsigned char *)salt.bv_val, salt.bv_len) < 0) {
154 return LUTIL_PASSWD_ERR;
158 SHA512_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
159 SHA512_Update(&ct, (const uint8_t*)salt.bv_val, salt.bv_len);
160 SHA512_Final(hash512, &ct);
162 return lutil_passwd_string64(scheme, &digest, hash, &salt);
165 static int hash_sha512(
166 const struct berval *scheme,
167 const struct berval *passwd,
172 unsigned char hash512[SHA512_DIGEST_LENGTH];
173 struct berval digest;
174 digest.bv_val = (char *) hash512;
175 digest.bv_len = sizeof(hash512);
178 SHA512_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
179 SHA512_Final(hash512, &ct);
181 return lutil_passwd_string64(scheme, &digest, hash, NULL);
184 #ifdef SLAPD_SHA2_DEBUG
185 static void chk_sha_debug(
186 const struct berval *scheme,
187 const struct berval *passwd,
188 const struct berval *cred,
189 const char *cred_hash,
194 struct berval cred_b64;
196 cred_b64.bv_len = LUTIL_BASE64_ENCODE_LEN(cred_len) + 1;
197 cred_b64.bv_val = ber_memalloc(cred_b64.bv_len + 1);
199 if( cred_b64.bv_val == NULL ) {
204 (unsigned char *) cred_hash, cred_len,
205 cred_b64.bv_val, cred_b64.bv_len );
208 ber_memfree(cred_b64.bv_val);
212 fprintf(stderr, "Validating password\n");
213 fprintf(stderr, " Hash scheme:\t\t%s\n", scheme->bv_val);
214 fprintf(stderr, " Password to validate: %s\n", cred->bv_val);
215 fprintf(stderr, " Password hash:\t%s\n", cred_b64.bv_val);
216 fprintf(stderr, " Stored password hash:\t%s\n", passwd->bv_val);
217 fprintf(stderr, " Result:\t\t%s\n", cmp_rc ? "do not match" : "match");
219 ber_memfree(cred_b64.bv_val);
223 static int chk_ssha256(
224 const struct berval *scheme, /* Scheme of hashed reference password */
225 const struct berval *passwd, /* Hashed reference password to check against */
226 const struct berval *cred, /* user-supplied password to check */
229 SHA256_CTX SHAcontext;
230 unsigned char SHAdigest[SHA256_DIGEST_LENGTH];
232 unsigned char *orig_pass = NULL;
235 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) {
236 return LUTIL_PASSWD_ERR;
239 /* base64 un-encode password */
240 orig_pass = (unsigned char *) ber_memalloc( (size_t) (
241 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
243 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
245 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
247 if( rc <= sizeof(SHAdigest) ) {
248 ber_memfree(orig_pass);
249 return LUTIL_PASSWD_ERR;
252 /* hash credentials with salt */
253 SHA256_Init(&SHAcontext);
254 SHA256_Update(&SHAcontext,
255 (const unsigned char *) cred->bv_val, cred->bv_len);
256 SHA256_Update(&SHAcontext,
257 (const unsigned char *) &orig_pass[sizeof(SHAdigest)],
258 rc - sizeof(SHAdigest));
259 SHA256_Final(SHAdigest, &SHAcontext);
262 rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
263 ber_memfree(orig_pass);
264 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
267 static int chk_sha256(
268 const struct berval *scheme, /* Scheme of hashed reference password */
269 const struct berval *passwd, /* Hashed reference password to check against */
270 const struct berval *cred, /* user-supplied password to check */
273 SHA256_CTX SHAcontext;
274 unsigned char SHAdigest[SHA256_DIGEST_LENGTH];
276 unsigned char *orig_pass = NULL;
279 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) {
280 return LUTIL_PASSWD_ERR;
283 /* base64 un-encode password */
284 orig_pass = (unsigned char *) ber_memalloc( (size_t) (
285 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
287 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
289 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
291 if( rc != sizeof(SHAdigest) ) {
292 ber_memfree(orig_pass);
293 return LUTIL_PASSWD_ERR;
296 /* hash credentials with salt */
297 SHA256_Init(&SHAcontext);
298 SHA256_Update(&SHAcontext,
299 (const unsigned char *) cred->bv_val, cred->bv_len);
300 SHA256_Final(SHAdigest, &SHAcontext);
303 rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
304 #ifdef SLAPD_SHA2_DEBUG
305 chk_sha_debug(scheme, passwd, cred, (char *)SHAdigest, sizeof(SHAdigest), rc);
307 ber_memfree(orig_pass);
308 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
311 static int chk_ssha384(
312 const struct berval *scheme, /* Scheme of hashed reference password */
313 const struct berval *passwd, /* Hashed reference password to check against */
314 const struct berval *cred, /* user-supplied password to check */
317 SHA384_CTX SHAcontext;
318 unsigned char SHAdigest[SHA384_DIGEST_LENGTH];
320 unsigned char *orig_pass = NULL;
323 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) {
324 return LUTIL_PASSWD_ERR;
327 /* base64 un-encode password */
328 orig_pass = (unsigned char *) ber_memalloc( (size_t) (
329 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
331 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
333 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
335 if( rc <= sizeof(SHAdigest) ) {
336 ber_memfree(orig_pass);
337 return LUTIL_PASSWD_ERR;
340 /* hash credentials with salt */
341 SHA384_Init(&SHAcontext);
342 SHA384_Update(&SHAcontext,
343 (const unsigned char *) cred->bv_val, cred->bv_len);
344 SHA384_Update(&SHAcontext,
345 (const unsigned char *) &orig_pass[sizeof(SHAdigest)],
346 rc - sizeof(SHAdigest));
347 SHA384_Final(SHAdigest, &SHAcontext);
350 rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
351 ber_memfree(orig_pass);
352 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
355 static int chk_sha384(
356 const struct berval *scheme, /* Scheme of hashed reference password */
357 const struct berval *passwd, /* Hashed reference password to check against */
358 const struct berval *cred, /* user-supplied password to check */
361 SHA384_CTX SHAcontext;
362 unsigned char SHAdigest[SHA384_DIGEST_LENGTH];
364 unsigned char *orig_pass = NULL;
367 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) {
368 return LUTIL_PASSWD_ERR;
371 /* base64 un-encode password */
372 orig_pass = (unsigned char *) ber_memalloc( (size_t) (
373 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
375 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
377 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
379 if( rc != sizeof(SHAdigest) ) {
380 ber_memfree(orig_pass);
381 return LUTIL_PASSWD_ERR;
384 /* hash credentials with salt */
385 SHA384_Init(&SHAcontext);
386 SHA384_Update(&SHAcontext,
387 (const unsigned char *) cred->bv_val, cred->bv_len);
388 SHA384_Final(SHAdigest, &SHAcontext);
391 rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
392 #ifdef SLAPD_SHA2_DEBUG
393 chk_sha_debug(scheme, passwd, cred, (char *)SHAdigest, sizeof(SHAdigest), rc);
395 ber_memfree(orig_pass);
396 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
399 static int chk_ssha512(
400 const struct berval *scheme, /* Scheme of hashed reference password */
401 const struct berval *passwd, /* Hashed reference password to check against */
402 const struct berval *cred, /* user-supplied password to check */
405 SHA512_CTX SHAcontext;
406 unsigned char SHAdigest[SHA512_DIGEST_LENGTH];
408 unsigned char *orig_pass = NULL;
411 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) {
412 return LUTIL_PASSWD_ERR;
415 /* base64 un-encode password */
416 orig_pass = (unsigned char *) ber_memalloc( (size_t) (
417 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
419 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
421 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
423 if( rc <= sizeof(SHAdigest) ) {
424 ber_memfree(orig_pass);
425 return LUTIL_PASSWD_ERR;
428 /* hash credentials with salt */
429 SHA512_Init(&SHAcontext);
430 SHA512_Update(&SHAcontext,
431 (const unsigned char *) cred->bv_val, cred->bv_len);
432 SHA512_Update(&SHAcontext,
433 (const unsigned char *) &orig_pass[sizeof(SHAdigest)],
434 rc - sizeof(SHAdigest));
435 SHA512_Final(SHAdigest, &SHAcontext);
438 rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
439 ber_memfree(orig_pass);
440 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
443 static int chk_sha512(
444 const struct berval *scheme, /* Scheme of hashed reference password */
445 const struct berval *passwd, /* Hashed reference password to check against */
446 const struct berval *cred, /* user-supplied password to check */
449 SHA512_CTX SHAcontext;
450 unsigned char SHAdigest[SHA512_DIGEST_LENGTH];
452 unsigned char *orig_pass = NULL;
455 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) {
456 return LUTIL_PASSWD_ERR;
459 /* base64 un-encode password */
460 orig_pass = (unsigned char *) ber_memalloc( (size_t) (
461 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) );
463 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR;
465 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len);
467 if( rc != sizeof(SHAdigest) ) {
468 ber_memfree(orig_pass);
469 return LUTIL_PASSWD_ERR;
472 /* hash credentials with salt */
473 SHA512_Init(&SHAcontext);
474 SHA512_Update(&SHAcontext,
475 (const unsigned char *) cred->bv_val, cred->bv_len);
476 SHA512_Final(SHAdigest, &SHAcontext);
479 rc = memcmp((char *)orig_pass, (char *)SHAdigest, sizeof(SHAdigest));
480 #ifdef SLAPD_SHA2_DEBUG
481 chk_sha_debug(scheme, passwd, cred, (char *)SHAdigest, sizeof(SHAdigest), rc);
483 ber_memfree(orig_pass);
484 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
487 const struct berval ssha256scheme = BER_BVC("{SSHA256}");
488 const struct berval sha256scheme = BER_BVC("{SHA256}");
489 const struct berval ssha384scheme = BER_BVC("{SSHA384}");
490 const struct berval sha384scheme = BER_BVC("{SHA384}");
491 const struct berval ssha512scheme = BER_BVC("{SSHA512}");
492 const struct berval sha512scheme = BER_BVC("{SHA512}");
494 int init_module(int argc, char *argv[]) {
496 result = lutil_passwd_add( (struct berval *)&ssha256scheme, chk_ssha256, hash_ssha256 );
497 if (result != 0) return result;
498 result = lutil_passwd_add( (struct berval *)&sha256scheme, chk_sha256, hash_sha256 );
499 if (result != 0) return result;
500 result = lutil_passwd_add( (struct berval *)&ssha384scheme, chk_ssha384, hash_ssha384 );
501 if (result != 0) return result;
502 result = lutil_passwd_add( (struct berval *)&sha384scheme, chk_sha384, hash_sha384 );
503 if (result != 0) return result;
504 result = lutil_passwd_add( (struct berval *)&ssha512scheme, chk_ssha512, hash_ssha512 );
505 if (result != 0) return result;
506 result = lutil_passwd_add( (struct berval *)&sha512scheme, chk_sha512, hash_sha512 );