[PATCH] pw_encrypt: Add option to enable bcrypt support

Scott Court Thu, 07 May 2020 12:02:27 -0700

Adds an option to the Login/Password Management Utilities menu to enable bcrypt
support in passwd and chpasswd.


Add support bcrypt to BusyBox chpasswd & passwd.

--- busybox/include/libbb.h
+++ busybox-bcrypt/include/libbb.h
@@ -1633,8 +1633,8 @@
  * (otherwise we risk having same salt generated)
  */
 extern int crypt_make_salt(char *p, int cnt /*, int rnd*/) FAST_FUNC;
-/* "$N$" + sha_salt_16_bytes + NUL */
-#define MAX_PW_SALT_LEN (3 + 16 + 1)
+/* "$Na$10$" + bcrypt_salt_24_bytes + NUL */
+#define MAX_PW_SALT_LEN (7 + 24 + 1)
 extern char* crypt_make_pw_salt(char p[MAX_PW_SALT_LEN], const char *algo) 
FAST_FUNC;
 
 
--- busybox/libbb/pw_encrypt.c
+++ busybox-bcrypt/libbb/pw_encrypt.c
@@ -67,6 +67,17 @@
                        len = 16/2;
                }
 #endif
+#if ENABLE_USE_BCRYPT 
+               if ((algo[0]|0x20) == 'b') { /* bcrypt */
+                       salt[1] = '2';
+                       salt[2] = 'a';
+                       *salt_ptr++ = '$';
+                       *salt_ptr++ = '1';
+                       *salt_ptr++ = '0';
+                       *salt_ptr++ = '$';
+                       len = 24/2;
+               }
+#endif
        }
        crypt_make_salt(salt_ptr, len);
        return salt_ptr;
--- busybox/loginutils/Config.src
+++ busybox-bcrypt/loginutils/Config.src
@@ -93,4 +93,14 @@
 
 INSERT
 
+config USE_BCRYPT
+       bool "Enable the bcrypt crypt function"
+       default n
+       depends on !USE_BB_CRYPT
+       help
+       Enable this if you have passwords starting with $2a$ in your
+       /etc/passwd or /etc/shadow files. These passwords are hashed
+       using the bcrypt algorithm. Requires the use of a C library
+       that supports bcrypt.
+
 endmenu

Add support bcrypt to BusyBox chpasswd & passwd.

--- busybox/include/libbb.h
+++ busybox-bcrypt/include/libbb.h
@@ -1633,8 +1633,8 @@
  * (otherwise we risk having same salt generated)
  */
 extern int crypt_make_salt(char *p, int cnt /*, int rnd*/) FAST_FUNC;
-/* "$N$" + sha_salt_16_bytes + NUL */
-#define MAX_PW_SALT_LEN (3 + 16 + 1)
+/* "$Na$10$" + bcrypt_salt_24_bytes + NUL */
+#define MAX_PW_SALT_LEN (7 + 24 + 1)
 extern char* crypt_make_pw_salt(char p[MAX_PW_SALT_LEN], const char *algo) FAST_FUNC;
 
 
--- busybox/libbb/pw_encrypt.c
+++ busybox-bcrypt/libbb/pw_encrypt.c
@@ -67,6 +67,17 @@
 			len = 16/2;
 		}
 #endif
+#if ENABLE_USE_BCRYPT 
+		if ((algo[0]|0x20) == 'b') { /* bcrypt */
+			salt[1] = '2';
+			salt[2] = 'a';
+			*salt_ptr++ = '$';
+			*salt_ptr++ = '1';
+			*salt_ptr++ = '0';
+			*salt_ptr++ = '$';
+			len = 24/2;
+		}
+#endif
 	}
 	crypt_make_salt(salt_ptr, len);
 	return salt_ptr;
--- busybox/loginutils/Config.src
+++ busybox-bcrypt/loginutils/Config.src
@@ -93,4 +93,14 @@
 
 INSERT
 
+config USE_BCRYPT
+	bool "Enable the bcrypt crypt function"
+	default n
+	depends on !USE_BB_CRYPT
+	help
+	Enable this if you have passwords starting with $2a$ in your
+	/etc/passwd or /etc/shadow files. These passwords are hashed
+	using the bcrypt algorithm. Requires the use of a C library
+	that supports bcrypt.
+
 endmenu

signature.asc
Description: OpenPGP digital signature

_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox

[PATCH] pw_encrypt: Add option to enable bcrypt support

Reply via email to