static int hash_ssha384(
const struct berval *scheme,
const struct berval *passwd,
struct berval *hash,
const char **text )
{
SHA384_CTX ct;
unsigned char hash384[SHA384_DIGEST_LENGTH];
char saltdata[SHA2_SALT_SIZE];
struct berval digest;
struct berval salt;
digest.bv_val = (char *) hash384;
digest.bv_len = sizeof(hash384);
salt.bv_val = saltdata;
salt.bv_len = sizeof(saltdata);
if (lutil_entropy((unsigned char *)salt.bv_val, salt.bv_len) < 0) {
return LUTIL_PASSWD_ERR;
}
SHA384_Init(&ct);
SHA384_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
SHA384_Update(&ct, (const uint8_t*)salt.bv_val, salt.bv_len);
SHA384_Final(hash384, &ct);
return lutil_passwd_string64(scheme, &digest, hash, &salt);
}
static int hash_phk(
const struct berval *scheme,
const struct berval *magic,
const struct berval *passwd,
struct berval *hash,
const char **text)
{
unsigned char digest_buf[LUTIL_MD5_BYTES];
char salt_buf[APR_SALT_SIZE];
struct berval digest;
struct berval salt;
int n;
digest.bv_val = (char *) digest_buf;
digest.bv_len = sizeof(digest_buf);
salt.bv_val = salt_buf;
salt.bv_len = APR_SALT_SIZE;
/* generate random salt */
if (lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0)
return LUTIL_PASSWD_ERR;
/* limit it to characters in the 64-char set */
for (n = 0; n < salt.bv_len; n++)
salt.bv_val[n] = apr64[salt.bv_val[n] % (sizeof(apr64) - 1)];
do_phk_hash(passwd, magic, &salt, digest_buf);
if (text)
*text = NULL;
return lutil_passwd_string64(scheme, &digest, hash, &salt);
}
static int hash_sha256(
const struct berval *scheme,
const struct berval *passwd,
struct berval *hash,
const char **text )
{
SHA256_CTX ct;
unsigned char hash256[SHA256_DIGEST_LENGTH];
struct berval digest;
digest.bv_val = (char *) hash256;
digest.bv_len = sizeof(hash256);
SHA256_Init(&ct);
SHA256_Update(&ct, (const uint8_t*)passwd->bv_val, passwd->bv_len);
SHA256_Final(hash256, &ct);
return lutil_passwd_string64(scheme, &digest, hash, NULL);
}