LM
/
u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ADD: [uboot] Add unix crypt feature 

Use unix crypt (sha256) for password check.

BugzId: 43635

SVN commit 22143@trunk
This commit is contained in:
Stefan Eichenberger 2016-10-07 13:39:43 +00:00 committed by Moritz Rosenthal
parent 1ae87e60b5
commit f5e5778c9c
7 changed files with 387 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
common/main.c
View File

@ -30,6 +30,9 @@
#include <common.h> #include <common.h>
#include <watchdog.h> #include <watchdog.h>
#include <command.h> #include <command.h>
#ifdef CONFIG_CRYPT
#include <crypt.h>
#endif
#ifdef CONFIG_MODEM_SUPPORT #ifdef CONFIG_MODEM_SUPPORT
#include <malloc.h> /* for free() prototype */ #include <malloc.h> /* for free() prototype */
#endif #endif
@ -269,7 +272,7 @@ static __inline__ int abortboot(int bootdelay)
# endif /* CONFIG_AUTOBOOT_KEYED */ # endif /* CONFIG_AUTOBOOT_KEYED */
#endif /* CONFIG_BOOTDELAY >= 0 */ #endif /* CONFIG_BOOTDELAY >= 0 */
#ifdef CONFIG_CRYPT
/**************************************************************************** /****************************************************************************
* check if ubootpwd exists in data partition and perform a login, * check if ubootpwd exists in data partition and perform a login,
* otherwise continue booting * otherwise continue booting
@ -278,9 +281,12 @@ static __inline__ int abortboot(int bootdelay)
int login (void) int login (void)
{ {
char *stored = (char*)0x02700000; char *stored = (char*)0x02700000;
char buf[256], entered[16]; char buf[256], entered[32];
const int max = 255; const int max = 255;
int len, i, tries; int len, i, tries;
char *hash_type = 0, *salt = 0, *hash = 0;
uint8_t bin_hash[32], bin_salt[32];
int legacy_md5 = 0;
puts("\nautoboot has been stopped, press 'e' to enter: "); puts("\nautoboot has been stopped, press 'e' to enter: ");
@ -296,12 +302,13 @@ int login (void)
memset(stored, 0x0, max); memset(stored, 0x0, max);
len = cmd_yaffs_mread_file("/data/root/boot/bootpass", stored); len = cmd_yaffs_mread_file("/data/root/boot/bootpass", stored);
if (len != 16) { if (len == 16) {
/* no file or md5 hash found */ legacy_md5 = 1;
}
else if (len <= 0) {
puts("Login succeeded\n\n"); puts("Login succeeded\n\n");
return 1; return 1;
} }
for (tries = 1; ; tries++) { for (tries = 1; ; tries++) {
puts("\nEnter password: "); puts("\nEnter password: ");
@ -317,23 +324,34 @@ int login (void)
if (strlen(buf) > 0) { if (strlen(buf) > 0) {
puts("\n"); puts("\n");
if (legacy_md5) {
md5((unsigned char*) buf, strlen(buf), (unsigned char *)entered); md5((unsigned char*) buf, strlen(buf), (unsigned char *)entered);
if (memcmp(stored, entered, 16) == 0) { if (memcmp(stored, entered, 16) == 0) {
break; break;
} else { }
}
else {
char *cp = sha_crypt(buf, stored);
if (memcmp(cp, stored, len) == 0) {
free(cp);
break;
}
free(cp);
}
puts("Login incorrect\n"); puts("Login incorrect\n");
if (tries == 3) { if (tries == 3) {
return 0; return 0;
} }
} }
} }
}
/* succeeded */ /* succeeded */
puts("Login succeeded\n\n"); puts("Login succeeded\n\n");
return 1; return 1;
} }
#else
int login (void) {return 1;}
#endif /*CONFIG_CRYPT*/
/****************************************************************************/ /****************************************************************************/
void main_loop (void) void main_loop (void)

2
include/configs/NBHW08.h
View File

@ -670,6 +670,8 @@
#define CONFIG_SYS_HZ 1000 /* decrementer freq: 1ms ticks */ #define CONFIG_SYS_HZ 1000 /* decrementer freq: 1ms ticks */
#define CONFIG_MD5 1 #define CONFIG_MD5 1
#define CONFIG_SHA256 1
#define CONFIG_CRYPT 1
/* /*
* For booting Linux, the board info and command line data * For booting Linux, the board info and command line data

2
include/configs/NBHW09.h
View File

@ -681,6 +681,8 @@
#define CONFIG_SYS_HZ 1000 /* decrementer freq: 1ms ticks */ #define CONFIG_SYS_HZ 1000 /* decrementer freq: 1ms ticks */
#define CONFIG_MD5 1 #define CONFIG_MD5 1
#define CONFIG_SHA256 1
#define CONFIG_CRYPT 1
/* /*
* For booting Linux, the board info and command line data * For booting Linux, the board info and command line data

2
include/configs/NBHW12.h
View File

@ -702,6 +702,8 @@
#define CONFIG_SYS_HZ 1000 /* decrementer freq: 1ms ticks */ #define CONFIG_SYS_HZ 1000 /* decrementer freq: 1ms ticks */
#define CONFIG_MD5 1 #define CONFIG_MD5 1
#define CONFIG_SHA256 1
#define CONFIG_CRYPT 1
/* /*
* For booting Linux, the board info and command line data * For booting Linux, the board info and command line data

6
include/crypt.h Normal file
View File

@ -0,0 +1,6 @@
#ifndef _CRYPT_H
#define _CRYPT_H
extern char * sha_crypt(const char *key, const char *salt);
#endif /* _CRYPT_H */

1
lib_generic/Makefile
View File

@ -32,6 +32,7 @@ COBJS-$(CONFIG_BZIP2) += bzlib_decompress.o
COBJS-$(CONFIG_BZIP2) += bzlib_randtable.o COBJS-$(CONFIG_BZIP2) += bzlib_randtable.o
COBJS-$(CONFIG_BZIP2) += bzlib_huffman.o COBJS-$(CONFIG_BZIP2) += bzlib_huffman.o
COBJS-$(CONFIG_USB_TTY) += circbuf.o COBJS-$(CONFIG_USB_TTY) += circbuf.o
COBJS-$(CONFIG_CRYPT) += crypt.o
COBJS-y += crc16.o COBJS-y += crc16.o
COBJS-y += crc32.o COBJS-y += crc32.o
COBJS-y += ctype.o COBJS-y += ctype.o

329
lib_generic/crypt.c Normal file
View File

@ -0,0 +1,329 @@
#include <common.h>
#include <sha256.h>
#include <malloc.h>
#include <linux/types.h>
/* The crypt source code was ported from busybox sources pw_crypt */
/* Used by pw_encrypt_XXX.c */
static const uint8_t ascii64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
static char*
to64(char *s, unsigned v, int n)
{
while (--n >= 0) {
*s++ = ascii64[v & 0x3f];
v >>= 6;
}
return s;
}
/* SHA256 and SHA512-based Unix crypt implementation.
* Released into the Public Domain by Ulrich Drepper <drepper@redhat.com>.
*/
/* Prefix for optional rounds specification. */
static const char str_rounds[] = "rounds=%u$";
/* Maximum salt string length. */
#define SALT_LEN_MAX 16
/* Default number of rounds if not explicitly specified. */
#define ROUNDS_DEFAULT 5000
/* Minimum number of rounds. */
#define ROUNDS_MIN 1000
/* Maximum number of rounds. */
#define ROUNDS_MAX 999999999
char *sha_crypt(const char *key_data, const char *salt_data)
{
void (*sha_begin)(void *ctx);
void (*sha_hash)(void *ctx, const void *buffer, size_t len);
void* (*sha_end)( void *ctx, void *resbuf);
int _32or64;
char *result, *resptr;
/* btw, sha256 needs [32] and uint32_t only */
unsigned char alt_result[64] __attribute__((__aligned__(__alignof__(uint64_t))));
unsigned char temp_result[64] __attribute__((__aligned__(__alignof__(uint64_t))));
union {
sha256_context x;
#if 0
sha512_ctx_t y;
#endif
} ctx;
union {
sha256_context x;
#if 0
sha512_ctx_t y;
#endif
} alt_ctx;
unsigned salt_len;
unsigned key_len;
unsigned cnt;
unsigned rounds;
char *cp;
char is_sha512;
char *tmp;
/* Analyze salt, construct already known part of result */
cnt = strlen(salt_data) + 1 + 43 + 1;
is_sha512 = salt_data[1];
if (is_sha512 == '6') {
printf("SHA-512 is not supported yet");
return 0;
/* cnt += 43; */
}
result = resptr = malloc(cnt); /* will provide NUL terminator */
memset(result, 0, cnt);
*resptr++ = '$';
*resptr++ = is_sha512;
*resptr++ = '$';
rounds = ROUNDS_DEFAULT;
salt_data += 3;
if (strncmp(salt_data, str_rounds, 7) == 0) {
/* 7 == strlen("rounds=") */
char *endp;
cnt = simple_strtoul(salt_data + 7, &endp, 10);
if (*endp == '$') {
salt_data = endp + 1;
rounds = cnt;
if (rounds < ROUNDS_MIN)
rounds = ROUNDS_MIN;
if (rounds > ROUNDS_MAX)
rounds = ROUNDS_MAX;
/* add "rounds=NNNNN$" to result */
resptr += sprintf(resptr, str_rounds, rounds);
}
}
{
char *salt_end = strchr(salt_data, '$');
if (salt_end != 0) {
salt_len = salt_end - salt_data;
}
else {
salt_len = strnlen(salt_data, SALT_LEN_MAX);
}
}
// salt_len = (int)strchrnul(salt_data, '$') - (int)salt_data;
if (salt_len > SALT_LEN_MAX)
salt_len = SALT_LEN_MAX;
/* xstrdup assures suitable alignment; also we will use it
as a scratch space later. */
tmp = malloc(strnlen(salt_data, 128));
memcpy(tmp, salt_data, strnlen(salt_data, 128));
salt_data = tmp;
//salt_data = xstrndup(salt_data, salt_len);
/* add "salt$" to result */
strcpy(resptr, salt_data);
resptr += salt_len;
*resptr++ = '$';
/* key data doesn't need much processing */
key_len = strlen(key_data);
tmp = malloc(strnlen(key_data, 256));
memcpy(tmp, key_data, strnlen(key_data, 256));
key_data = tmp;
// key_data = xstrdup(key_data);
/* Which flavor of SHAnnn ops to use? */
sha_begin = (void*)sha256_starts;
sha_hash = (void*)sha256_update;
sha_end = (void*)sha256_finish;
_32or64 = 32;
/* Not supported */
#if 0
if (is_sha512 == '6') {
sha_begin = (void*)sha512_begin;
sha_hash = (void*)sha512_hash;
sha_end = (void*)sha512_end;
_32or64 = 64;
}
#endif
/* Add KEY, SALT. */
sha_begin(&ctx);
sha_hash(&ctx, key_data, key_len);
sha_hash(&ctx, salt_data, salt_len);
/* Compute alternate SHA sum with input KEY, SALT, and KEY.
The final result will be added to the first context. */
sha_begin(&alt_ctx);
sha_hash(&alt_ctx, key_data, key_len);
sha_hash(&alt_ctx, salt_data, salt_len);
sha_hash(&alt_ctx, key_data, key_len);
sha_end(&alt_ctx, alt_result);
/* Add result of this to the other context. */
/* Add for any character in the key one byte of the alternate sum. */
for (cnt = key_len; cnt > _32or64; cnt -= _32or64)
sha_hash(&ctx, alt_result, _32or64);
sha_hash(&ctx, alt_result, cnt);
/* Take the binary representation of the length of the key and for every
1 add the alternate sum, for every 0 the key. */
for (cnt = key_len; cnt != 0; cnt >>= 1)
if ((cnt & 1) != 0)
sha_hash(&ctx, alt_result, _32or64);
else
sha_hash(&ctx, key_data, key_len);
/* Create intermediate result. */
sha_end(&ctx, alt_result);
/* Start computation of P byte sequence. */
/* For every character in the password add the entire password. */
sha_begin(&alt_ctx);
for (cnt = 0; cnt < key_len; ++cnt)
sha_hash(&alt_ctx, key_data, key_len);
sha_end(&alt_ctx, temp_result);
/* NB: past this point, raw key_data is not used anymore */
/* Create byte sequence P. */
#define p_bytes key_data /* reuse the buffer as it is of the key_len size */
cp = p_bytes; /* was: ... = alloca(key_len); */
for (cnt = key_len; cnt >= _32or64; cnt -= _32or64) {
cp = memcpy(cp, temp_result, _32or64);
cp += _32or64;
}
memcpy(cp, temp_result, cnt);
/* Start computation of S byte sequence. */
/* For every character in the password add the entire password. */
sha_begin(&alt_ctx);
for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt)
sha_hash(&alt_ctx, salt_data, salt_len);
sha_end(&alt_ctx, temp_result);
/* NB: past this point, raw salt_data is not used anymore */
/* Create byte sequence S. */
#define s_bytes salt_data /* reuse the buffer as it is of the salt_len size */
cp = s_bytes; /* was: ... = alloca(salt_len); */
for (cnt = salt_len; cnt >= _32or64; cnt -= _32or64) {
cp = memcpy(cp, temp_result, _32or64);
cp += _32or64;
}
memcpy(cp, temp_result, cnt);
/* Repeatedly run the collected hash value through SHA to burn
CPU cycles. */
for (cnt = 0; cnt < rounds; ++cnt) {
sha_begin(&ctx);
/* Add key or last result. */
if ((cnt & 1) != 0)
sha_hash(&ctx, p_bytes, key_len);
else
sha_hash(&ctx, alt_result, _32or64);
/* Add salt for numbers not divisible by 3. */
if (cnt % 3 != 0)
sha_hash(&ctx, s_bytes, salt_len);
/* Add key for numbers not divisible by 7. */
if (cnt % 7 != 0)
sha_hash(&ctx, p_bytes, key_len);
/* Add key or last result. */
if ((cnt & 1) != 0)
sha_hash(&ctx, alt_result, _32or64);
else
sha_hash(&ctx, p_bytes, key_len);
sha_end(&ctx, alt_result);
}
/* Append encrypted password to result buffer */
//TODO: replace with something like
// bb_uuencode(cp, src, length, bb_uuenc_tbl_XXXbase64);
#define b64_from_24bit(B2, B1, B0, N) \
do { \
unsigned w = ((B2) << 16) | ((B1) << 8) | (B0); \
resptr = to64(resptr, w, N); \
} while (0)
if (is_sha512 == '5') {
unsigned i = 0;
unsigned j = 10;
unsigned k = 20;
/* strange swap of one byte (see below why) */
unsigned char alt_result_31 = alt_result[31];
alt_result[31] = alt_result[1];
while (1) {
b64_from_24bit(alt_result[i], alt_result[j], alt_result[k], 4);
if (i == 9)
break;
i += 21; i = (((i >> 4) & 2) + i) & 0x1f;
j += 21; j = (((j >> 4) & 2) + j) & 0x1f;
k += 21; k = (((k >> 4) & 2) + k) & 0x1f;
}
b64_from_24bit(0, alt_result_31, alt_result[30], 3);
/* was:
b64_from_24bit(alt_result[0], alt_result[10], alt_result[20], 4);
b64_from_24bit(alt_result[21], alt_result[1], alt_result[11], 4);
...............................^^^^^^^^^^^^^ why [1] and not [31]?
b64_from_24bit(alt_result[12], alt_result[22], alt_result[2], 4);
b64_from_24bit(alt_result[3], alt_result[13], alt_result[23], 4);
b64_from_24bit(alt_result[24], alt_result[4], alt_result[14], 4);
b64_from_24bit(alt_result[15], alt_result[25], alt_result[5], 4);
b64_from_24bit(alt_result[6], alt_result[16], alt_result[26], 4);
b64_from_24bit(alt_result[27], alt_result[7], alt_result[17], 4);
b64_from_24bit(alt_result[18], alt_result[28], alt_result[8], 4);
b64_from_24bit(alt_result[9], alt_result[19], alt_result[29], 4);
b64_from_24bit(0, alt_result[31], alt_result[30], 3);
*/
} else {
unsigned i = 0;
unsigned j = 21;
unsigned k = 42;
while (1) {
b64_from_24bit(alt_result[i], alt_result[j], alt_result[k], 4);
if (i == 62)
break;
i += 22; i = ((i >> 6) + i) & 0x3f;
j += 22; j = ((j >> 6) + j) & 0x3f;
k += 22; k = ((k >> 6) + k) & 0x3f;
}
b64_from_24bit(0, 0, alt_result[63], 2);
/* was:
b64_from_24bit(alt_result[0], alt_result[21], alt_result[42], 4);
b64_from_24bit(alt_result[22], alt_result[43], alt_result[1], 4);
b64_from_24bit(alt_result[44], alt_result[2], alt_result[23], 4);
b64_from_24bit(alt_result[3], alt_result[24], alt_result[45], 4);
b64_from_24bit(alt_result[25], alt_result[46], alt_result[4], 4);
b64_from_24bit(alt_result[47], alt_result[5], alt_result[26], 4);
b64_from_24bit(alt_result[6], alt_result[27], alt_result[48], 4);
b64_from_24bit(alt_result[28], alt_result[49], alt_result[7], 4);
b64_from_24bit(alt_result[50], alt_result[8], alt_result[29], 4);
b64_from_24bit(alt_result[9], alt_result[30], alt_result[51], 4);
b64_from_24bit(alt_result[31], alt_result[52], alt_result[10], 4);
b64_from_24bit(alt_result[53], alt_result[11], alt_result[32], 4);
b64_from_24bit(alt_result[12], alt_result[33], alt_result[54], 4);
b64_from_24bit(alt_result[34], alt_result[55], alt_result[13], 4);
b64_from_24bit(alt_result[56], alt_result[14], alt_result[35], 4);
b64_from_24bit(alt_result[15], alt_result[36], alt_result[57], 4);
b64_from_24bit(alt_result[37], alt_result[58], alt_result[16], 4);
b64_from_24bit(alt_result[59], alt_result[17], alt_result[38], 4);
b64_from_24bit(alt_result[18], alt_result[39], alt_result[60], 4);
b64_from_24bit(alt_result[40], alt_result[61], alt_result[19], 4);
b64_from_24bit(alt_result[62], alt_result[20], alt_result[41], 4);
b64_from_24bit(0, 0, alt_result[63], 2);
*/
}
/* *resptr = '\0'; - xzalloc did it */
#undef b64_from_24bit
/* Clear the buffer for the intermediate result so that people
attaching to processes or reading core dumps cannot get any
information. */
memset(temp_result, 0, sizeof(temp_result));
memset(alt_result, 0, sizeof(alt_result));
memset(&ctx, 0, sizeof(ctx));
memset(&alt_ctx, 0, sizeof(alt_ctx));
memset(key_data, 0, key_len); /* also p_bytes */
memset(salt_data, 0, salt_len); /* also s_bytes */
free(key_data);
free(salt_data);
#undef p_bytes
#undef s_bytes
return result;
}