/Users/deen/code/yugabyte-db/src/yb/util/crypt.cc
Line | Count | Source (jump to first uncovered line) |
1 | | // Copyright (c) YugaByte, Inc. |
2 | | // |
3 | | // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except |
4 | | // in compliance with the License. You may obtain a copy of the License at |
5 | | // |
6 | | // http://www.apache.org/licenses/LICENSE-2.0 |
7 | | // |
8 | | // Unless required by applicable law or agreed to in writing, software distributed under the License |
9 | | // is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express |
10 | | // or implied. See the License for the specific language governing permissions and limitations |
11 | | // under the License. |
12 | | // |
13 | | |
14 | | #include "yb/util/crypt.h" |
15 | | |
16 | | #include <string.h> |
17 | | #include <fcntl.h> |
18 | | #include <unistd.h> |
19 | | #include <errno.h> |
20 | | |
21 | | #include "crypt_blowfish/cpp-ow-crypt.h" |
22 | | |
23 | | namespace yb { |
24 | | namespace util { |
25 | | |
26 | | static constexpr uint16_t kBcryptRandomSize = 16; |
27 | | static constexpr uint16_t kBcryptDefaultWorkFactor = 12; |
28 | | |
29 | 3.05k | static int try_close(int fd) { |
30 | 3.05k | int ret; |
31 | 3.05k | do { |
32 | 3.05k | ret = close(fd); |
33 | 3.05k | } while (ret == -1 && errno == EINTR0 ); |
34 | 3.05k | return ret; |
35 | 3.05k | } |
36 | | |
37 | 3.05k | static int try_read(int fd, char* out, size_t count) { |
38 | 3.05k | size_t total = 0; |
39 | 3.05k | ssize_t partial = 0; |
40 | | |
41 | 6.10k | while (total < count) { |
42 | 3.05k | do { |
43 | 3.05k | partial = read(fd, out + total, count - total); |
44 | 3.05k | } while (partial == -1 && errno == EINTR0 ); |
45 | | |
46 | 3.05k | if (partial < 1) { |
47 | 0 | return -1; |
48 | 0 | } |
49 | | |
50 | 3.05k | total += partial; |
51 | 3.05k | } |
52 | | |
53 | 3.05k | return 0; |
54 | 3.05k | } |
55 | | |
56 | 3.05k | int bcrypt_gensalt(int workfactor, char salt[kBcryptHashSize]) { |
57 | 3.05k | int fd; |
58 | 3.05k | char input[kBcryptRandomSize]; |
59 | 3.05k | int workf; |
60 | 3.05k | char* aux; |
61 | | |
62 | 3.05k | fd = open("/dev/urandom", O_RDONLY); |
63 | 3.05k | if (fd == -1) { |
64 | 4 | return -1; |
65 | 4 | } |
66 | | |
67 | 3.05k | if (try_read(fd, input, kBcryptRandomSize) != 0) { |
68 | 0 | try_close(fd); |
69 | 0 | return -1; |
70 | 0 | } |
71 | | |
72 | 3.05k | if (try_close(fd) != 0) { |
73 | 0 | return -1; |
74 | 0 | } |
75 | | |
76 | 3.05k | workf = (workfactor < 4 || workfactor > 31) ? 120 : workfactor; |
77 | 3.05k | aux = crypt_gensalt_rn("$2a$", workf, input, kBcryptRandomSize, salt, kBcryptHashSize); |
78 | 3.05k | return (aux == NULL) ? -10 : 0; |
79 | 3.05k | } |
80 | | |
81 | | int bcrypt_hashpw( |
82 | 9.10k | const char* passwd, const char salt[kBcryptHashSize], char hash[kBcryptHashSize]) { |
83 | 9.10k | char* aux; |
84 | 9.10k | aux = crypt_rn(passwd, salt, hash, kBcryptHashSize); |
85 | 9.10k | return (aux == NULL) ? -10 : 0; |
86 | 9.10k | } |
87 | | |
88 | 3.05k | int bcrypt_hashpw(const char* passwd, char hash[kBcryptHashSize]) { |
89 | 3.05k | char salt[kBcryptHashSize]; |
90 | 3.05k | int ret = bcrypt_gensalt(kBcryptDefaultWorkFactor, salt); |
91 | 3.05k | if (ret != 0) { |
92 | 4 | return ret; |
93 | 4 | } |
94 | 3.05k | return bcrypt_hashpw(passwd, salt, hash); |
95 | 3.05k | } |
96 | | |
97 | 6.04k | int bcrypt_checkpw(const char* passwd, const char hash[kBcryptHashSize]) { |
98 | 6.04k | int ret; |
99 | 6.04k | char outhash[kBcryptHashSize]; |
100 | | |
101 | 6.04k | ret = bcrypt_hashpw(passwd, hash, outhash); |
102 | 6.04k | if (ret != 0) { |
103 | 0 | return ret; |
104 | 0 | } |
105 | | |
106 | 6.04k | return strcmp(hash, outhash); |
107 | 6.04k | } |
108 | | |
109 | | } // namespace util |
110 | | } // namespace yb |