Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / platform / external / u-boot / cbdc4c974fbd884c40b7923d9f5f9d0d165d4268 / . / lib / crypt / crypt.c
blob: 247c34b2a9c3b8890e0a174885e2fcd6614d8f04 [file] [log] [blame]
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0+
2/* Copyright (C) 2020 Steffen Jaeckel <jaeckel-floss@eyet-services.de> */
3
4#include <common.h>
5#include <crypt.h>
6#include "crypt-port.h"
7
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]8typedef int (*crypt_fn)(const char *, size_t, const char *, size_t, uint8_t *,
9 size_t, void *, size_t);
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]10
11const unsigned char ascii64[65] =
12 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
13
14static void equals_constant_time(const void *a_, const void *b_, size_t len,
15 int *equal)
16{
17 u8 ret = 0;
18 const u8 *a = a_, *b = b_;
19 int i;
20
21 for (i = 0; i < len; i++)
22 ret |= a[i] ^ b[i];
23
24 ret |= ret >> 4;
25 ret |= ret >> 2;
26 ret |= ret >> 1;
27 ret &= 1;
28
29 *equal = ret ^ 1;
30}
31
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]32int crypt_compare(const char *should, const char *passphrase, int *equal)
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]33{
34 u8 output[CRYPT_OUTPUT_SIZE], scratch[ALG_SPECIFIC_SIZE];
35 size_t n;
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]36 int err;
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]37 struct {
38 const char *prefix;
39 crypt_fn crypt;
40 } crypt_algos[] = {
41#if defined(CONFIG_CRYPT_PW_SHA256)
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]42 { "$5$", crypt_sha256crypt_rn_wrapped },
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]43#endif
44#if defined(CONFIG_CRYPT_PW_SHA512)
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]45 { "$6$", crypt_sha512crypt_rn_wrapped },
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]46#endif
47 { NULL, NULL }
48 };
49
50 *equal = 0;
51
52 for (n = 0; n < ARRAY_SIZE(crypt_algos); ++n) {
53 if (!crypt_algos[n].prefix)
54 continue;
55 if (strncmp(should, crypt_algos[n].prefix, 3) == 0)
56 break;
57 }
58
59 if (n >= ARRAY_SIZE(crypt_algos))
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]60 return -EINVAL;
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]61
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]62 err = crypt_algos[n].crypt(passphrase, strlen(passphrase), should, 0,
63 output, sizeof(output), scratch,
64 sizeof(scratch));
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]65 /* early return on error, nothing really happened inside the crypt() function */
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]66 if (err)
67 return err;
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]68
69 equals_constant_time(should, output, strlen((const char *)output),
70 equal);
71
72 memset(scratch, 0, sizeof(scratch));
73 memset(output, 0, sizeof(output));
Steffen Jaeckel29bbe712021-07-08 15:57:34 +0200[diff] [blame]74
75 return 0;
Steffen Jaeckel26dd9932021-07-08 15:57:33 +0200[diff] [blame]76}