VirtualBox

source: vbox/trunk/include/iprt/crypto/shacrypt.h@ 102292

Last change on this file since 102292 was 102292, checked in by vboxsync, 17 months ago

IPRT: Implemented SHA-crypt 256 / 512 variants, along with testcases. Needed for password hashing in cloud-init-based Linux installers [build fix, moved docs]. bugref:10551
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 4.5 KB
Line 
1/** @file
2 * IPRT - Crypto - SHA-crypt.
3 */
4
5/*
6 * Copyright (C) 2023 Oracle and/or its affiliates.
7 *
8 * This file is part of VirtualBox base platform packages, as
9 * available from https://www.virtualbox.org.
10 *
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation, in version 3 of the
14 * License.
15 *
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, see <https://www.gnu.org/licenses>.
23 *
24 * The contents of this file may alternatively be used under the terms
25 * of the Common Development and Distribution License Version 1.0
26 * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
27 * in the VirtualBox distribution, in which case the provisions of the
28 * CDDL are applicable instead of those of the GPL.
29 *
30 * You may elect to license modified versions of this file under the
31 * terms and conditions of either the GPL or the CDDL or both.
32 *
33 * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
34 */
35
36#ifndef IPRT_INCLUDED_crypto_shacrypt_h
37#define IPRT_INCLUDED_crypto_shacrypt_h
38#ifndef RT_WITHOUT_PRAGMA_ONCE
39# pragma once
40#endif
41
42#include <iprt/sha.h>
43
44
45/** Default number of rounds for SHA-crypt 256/512. */
46#define RT_SHACRYPT_DEFAULT_ROUNDS 5000
47/** Minimum salt length (in bytes) for SHA-crypt 256/512. */
48#define RT_SHACRYPT_MIN_SALT_LEN 8
49/** Maximum salt length (in bytes) for SHA-crypt 256/512. */
50#define RT_SHACRYPT_MAX_SALT_LEN 16
51
52RT_C_DECLS_BEGIN
53
54/**
55 * Calculates a SHAcrypt (SHA-256) digest.
56 *
57 * @returns VBox status code.
58 * @param pszKey Key (password) to use.
59 * @param pszSalt Salt to use.
60 * Must be >= RT_SHACRYPT_MIN_SALT_LEN and <= RT_SHACRYPT_MAX_SALT_LEN.
61 * @param cRounds Number of rounds to use.
62 * @param pabHash Where to return the hash on success.
63 *
64 * @note This implements SHA-crypt.txt Version: 0.6 2016-8-31.
65 */
66RTR3DECL(int) RTShaCrypt256(const char *pszKey, const char *pszSalt, uint32_t cRounds, uint8_t pabHash[RTSHA256_HASH_SIZE]);
67
68/**
69 * Returns a SHAcrypt (SHA-256) digest as a printable scheme.
70 *
71 * @returns VBox status code.
72 * @param pabHash SHAcrypt (SHA-256) digest to return printable scheme for.
73 * @param pszSalt Salt to use. Must match the salt used when generating \a pabHash via RTSha256Crypt().
74 * @param cRounds Number of rounds used for generating \a pabHash.
75 * @param pszString Where to store the printable string on success.
76 * @param cbString Size (in bytes) of \a pszString.
77 *
78 * @note This implements step 22 of SHA-crypt.txt Version: 0.6 2016-8-31.
79 */
80RTR3DECL(int) RTShaCrypt256ToString(uint8_t abHash[RTSHA256_HASH_SIZE], const char *pszSalt, uint32_t cRounds, char *pszString, size_t cbString);
81
82
83/**
84 * Calculates a SHAcrypt (SHA-512) digest.
85 *
86 * @returns VBox status code.
87 * @param pszKey Key (password) to use.
88 * @param pszSalt Salt to use.
89 * Must be >= RT_SHACRYPT_MIN_SALT_LEN and <= RT_SHACRYPT_MAX_SALT_LEN.
90 * @param cRounds Number of rounds to use.
91 * @param pabHash Where to return the hash on success.
92 *
93 * @note This implements SHA-crypt.txt Version: 0.6 2016-8-31.
94 */
95RTR3DECL(int) RTShaCrypt512(const char *pszKey, const char *szSalt, uint32_t cRounds, uint8_t pabHash[RTSHA512_HASH_SIZE]);
96
97
98/**
99 * Returns a SHAcrypt (SHA-512) digest as a printable scheme.
100 *
101 * @returns VBox status code.
102 * @param pabHash SHAcrypt (SHA-512) digest to return printable scheme for.
103 * @param pszSalt Salt to use. Must match the salt used when generating \a pabHash via RTSha512Crypt().
104 * @param cRounds Number of rounds used for generating \a pabHash.
105 * @param pszString Where to store the printable string on success.
106 * @param cbString Size (in bytes) of \a pszString.
107 *
108 * @note This implements step 22 of SHA-crypt.txt Version: 0.6 2016-8-31.
109 */
110RTR3DECL(int) RTShaCrypt512ToString(uint8_t abHash[RTSHA512_HASH_SIZE], const char *pszSalt, uint32_t cRounds, char *pszString, size_t cbString);
111
112RT_C_DECLS_END
113
114#endif /* !IPRT_INCLUDED_crypto_shacrypt_h */
115
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette