[src/netbsd-1-6]: src/lib/libcrypt Pullup rev 1.19-1.21 (requested by provos ...

[jmc <jmc%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/787f6eedf4b7
branches:  netbsd-1-6
changeset: 531167:787f6eedf4b7
user:      jmc <jmc%NetBSD.org@localhost>
date:      Fri Mar 26 22:53:04 2004 +0000

description:
Pullup rev 1.19-1.21 (requested by provos in ticket #1386)

Introduce bcrypt password scheme. Adds the arc4random API for creating
cryptographically strong random numbers.

diffstat:

 lib/libcrypt/crypt.c |  32 ++++++++++++++------------------
 1 files changed, 14 insertions(+), 18 deletions(-)

diffs (129 lines):

diff -r 0025a9f884ef -r 787f6eedf4b7 lib/libcrypt/crypt.c
--- a/lib/libcrypt/crypt.c      Fri Mar 26 22:52:58 2004 +0000
+++ b/lib/libcrypt/crypt.c      Fri Mar 26 22:53:04 2004 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: crypt.c,v 1.18 2001/03/01 14:37:35 wiz Exp $   */
+/*     $NetBSD: crypt.c,v 1.18.2.1 2004/03/26 22:53:04 jmc Exp $       */
 
 /*
  * Copyright (c) 1989, 1993
@@ -15,11 +15,7 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *     This product includes software developed by the University of
- *     California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
+ * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  *
@@ -41,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)crypt.c    8.1.1.1 (Berkeley) 8/18/93";
 #else
-__RCSID("$NetBSD: crypt.c,v 1.18 2001/03/01 14:37:35 wiz Exp $");
+__RCSID("$NetBSD: crypt.c,v 1.18.2.1 2004/03/26 22:53:04 jmc Exp $");
 #endif
 #endif /* not lint */
 
@@ -321,7 +317,7 @@
 
 /* =====  (mostly) Standard DES Tables ==================== */
 
-static unsigned char IP[] = {          /* initial permutation */
+static const unsigned char IP[] = {    /* initial permutation */
        58, 50, 42, 34, 26, 18, 10,  2,
        60, 52, 44, 36, 28, 20, 12,  4,
        62, 54, 46, 38, 30, 22, 14,  6,
@@ -334,7 +330,7 @@
 
 /* The final permutation is the inverse of IP - no table is necessary */
 
-static unsigned char ExpandTr[] = {    /* expansion operation */
+static const unsigned char ExpandTr[] = {      /* expansion operation */
        32,  1,  2,  3,  4,  5,
         4,  5,  6,  7,  8,  9,
         8,  9, 10, 11, 12, 13,
@@ -345,7 +341,7 @@
        28, 29, 30, 31, 32,  1,
 };
 
-static unsigned char PC1[] = {         /* permuted choice table 1 */
+static const unsigned char PC1[] = {   /* permuted choice table 1 */
        57, 49, 41, 33, 25, 17,  9,
         1, 58, 50, 42, 34, 26, 18,
        10,  2, 59, 51, 43, 35, 27,
@@ -357,12 +353,12 @@
        21, 13,  5, 28, 20, 12,  4,
 };
 
-static unsigned char Rotates[] = {     /* PC1 rotation schedule */
+static const unsigned char Rotates[] = {/* PC1 rotation schedule */
        1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1,
 };
 
 /* note: each "row" of PC2 is left-padded with bits that make it invertible */
-static unsigned char PC2[] = {         /* permuted choice table 2 */
+static const unsigned char PC2[] = {   /* permuted choice table 2 */
         9, 18,    14, 17, 11, 24,  1,  5,
        22, 25,     3, 28, 15,  6, 21, 10,
        35, 38,    23, 19, 12,  4, 26,  8,
@@ -374,7 +370,7 @@
         0,  0,    46, 42, 50, 36, 29, 32,
 };
 
-static unsigned char S[8][64] = {      /* 48->32 bit substitution tables */
+static const unsigned char S[8][64] = {        /* 48->32 bit substitution tables */
                                        /* S[1]                 */
        { 14,  4, 13,  1,  2, 15, 11,  8,  3, 10,  6, 12,  5,  9,  0,  7,
           0, 15,  7,  4, 14,  2, 13,  1, 10,  6, 12, 11,  9,  5,  3,  8,
@@ -417,7 +413,7 @@
           2,  1, 14,  7,  4, 10,  8, 13, 15, 12,  9,  0,  3,  5,  6, 11 }
 };
 
-static unsigned char P32Tr[] = {       /* 32-bit permutation function */
+static const unsigned char P32Tr[] = { /* 32-bit permutation function */
        16,  7, 20, 21,
        29, 12, 28, 17,
         1, 15, 23, 26,
@@ -428,7 +424,7 @@
        22, 11,  4, 25,
 };
 
-static unsigned char CIFP[] = {                /* compressed/interleaved permutation */
+static const unsigned char CIFP[] = {  /* compressed/interleaved permutation */
         1,  2,  3,  4,   17, 18, 19, 20,
         5,  6,  7,  8,   21, 22, 23, 24,
         9, 10, 11, 12,   25, 26, 27, 28,
@@ -440,7 +436,7 @@
        45, 46, 47, 48,   61, 62, 63, 64,
 };
 
-static unsigned char itoa64[] =                /* 0..63 => ascii-64 */
+static const unsigned char itoa64[] =          /* 0..63 => ascii-64 */
        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 
 
@@ -472,6 +468,8 @@
 static char    cryptresult[1+4+4+11+1];        /* encrypted result */
 
 extern char *__md5crypt(const char *, const char *);   /* XXX */
+extern char *__bcrypt(const char *, const char *);     /* XXX */
+
 
 /*
  * Return a pointer to static data consisting of the "setting"
@@ -492,10 +490,8 @@
        /* Non-DES encryption schemes hook in here. */
        if (setting[0] == _PASSWORD_NONDES) {
                switch (setting[1]) {
-#ifdef notyet
                case '2':
                        return (__bcrypt(key, setting));
-#endif
                case '1':
                default:
                        return (__md5crypt(key, setting));