go-passwd/utils.go
2024-09-07 18:40:13 -05:00

288 lines
6.3 KiB
Go

package passwd
import (
"errors"
"hash"
)
// The non-standard alphabet for crypt base64 encoding.
const iota64Encoding = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
// Base64 to integer encoding table.
var atoi64Partial = [...]byte{
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11,
64, 64, 64, 64, 64, 64, 64,
12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37,
64, 64, 64, 64, 64, 64,
38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50,
51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
}
// Append base64 for provided uint.
func Base64Append(dst []byte, v uint, n int) []byte {
// Until we finish the number of rounds specified,
// loop and encode to base64.
for n > 0 {
// Append base64 of current bit.
dst = append(dst, iota64Encoding[v&0x3F])
// Jump to the next bit for encoding.
v >>= 6
n -= 1
}
// Return new byte array.
return dst
}
// Encode to crypt base64.
func Base64Encode(src []byte) []byte {
size := len(src)
var b64 []byte
var i int
for i = 0; i < size-3; i += 3 {
l := uint(src[i])<<16 |
uint(src[i+1])<<8 |
uint(src[i+2])
b64 = Base64Append(b64, l, 4)
}
var l uint
if size-i == 2 {
l = uint(src[i])<<16 |
uint(src[i+1])<<8 |
uint(src[0])
b64 = Base64Append(b64, l, 4)
}
return b64
}
// Takes a prior hash, and recycles bytes until the length provided is covered.
func HashBlockRecycle(h hash.Hash, block []byte, len int) {
size := h.BlockSize()
var cnt int
for cnt = len; cnt > size; cnt -= size {
h.Write(block)
}
// Remaining characters of the length, add sub slice here.
h.Write(block[:cnt])
}
// Convert base64 byte to integer value.
func AToI64(c byte) (val int) {
if c >= '.' && c <= 'z' {
val = int(atoi64Partial[c-'.'])
}
return
}
// Convert integer to bae64.
func IToA64(N int) (val byte, err error) {
if N > 64 {
err = errors.New("maximum itoa64 value is 64")
return
}
Nb := byte(N)
for i, b := range atoi64Partial {
if b == Nb {
val = '.' + byte(i)
}
}
return
}
// Get the power of 2 value.
func N2log2(N uint64) (N_log2 int) {
if N < 2 {
return
}
// Find power by bit shifting until shifting results in 0.
N_log2 = 2
for N>>N_log2 != 0 {
N_log2++
}
N_log2--
// If the result of removing one power level ends up resulting in a shift of not 1, return 0.
if N>>N_log2 != 1 {
return 0
}
return
}
// Encode uint32 into base64 at a fixed length.
func Base64Uint32Encode(src, srcbits uint32) (b64 []byte) {
var bits uint32
for bits = 0; bits < srcbits; bits += 6 {
b64 = append(b64, iota64Encoding[src&0x3F])
src >>= 6
}
if src != 0 {
return []byte{}
}
return
}
// Decode uint32 from base64 at a fixed length.
func Base64Uint32Decode(src []byte, dstbits uint32) (dst uint32) {
var bits uint32
var i uint
for bits = 0; bits < dstbits; bits += 6 {
c := AToI64(src[i])
i++
if c > 63 {
return 0
}
dst |= uint32(c << bits)
}
return
}
// Encode base64 in the format used for SCrypt hashes.
func SCryptBase64Encode(src []byte) []byte {
dst := make([]byte, 0, (len(src)*8+5)/6)
for i := 0; i < len(src); {
var val uint32
var bits int32
for ; bits < 24 && i < len(src); bits += 8 {
val |= uint32(src[i]) << bits
i++
}
for ; bits > 0; bits -= 6 {
dst = append(dst, iota64Encoding[val&0x3F])
val >>= 6
}
}
return dst
}
// Decode base64 in the format used for SCrypt hashes.
func SCryptBase64Decode(src []byte) []byte {
dst := make([]byte, 0, len(src)*3/4)
for i := 0; i < len(src); {
var val uint32
var bits int32
for ; bits < 24 && i < len(src); bits += 6 {
c := AToI64(src[i])
if c > 63 {
return nil
}
i++
val |= uint32(c) << bits
}
if bits < 12 {
return nil
}
for ; bits >= 8; bits -= 8 {
dst = append(dst, byte(val))
val >>= 8
}
if val != 0 {
return nil
}
}
return dst
}
// Encode MD5 result to MD5 crypt base64.
func MD5Base64Encode(src []byte) []byte {
// The way the crypt standards work with base64 encoding of MD5 is odd, because the
// last round rotates some of the hash bytes positions. So we must have this custom
// function just to encode MD5 hashes to base64.
var b64 []byte
l := uint(src[0])<<16 | uint(src[6])<<8 | uint(src[12])
b64 = Base64Append(b64, l, 4)
l = uint(src[1])<<16 | uint(src[7])<<8 | uint(src[13])
b64 = Base64Append(b64, l, 4)
l = uint(src[2])<<16 | uint(src[8])<<8 | uint(src[14])
b64 = Base64Append(b64, l, 4)
l = uint(src[3])<<16 | uint(src[9])<<8 | uint(src[15])
b64 = Base64Append(b64, l, 4)
l = uint(src[4])<<16 | uint(src[10])<<8 | uint(src[5])
b64 = Base64Append(b64, l, 4)
l = uint(src[11])
b64 = Base64Append(b64, l, 2)
return b64
}
// The crypt standard likes to rotate bits in base64,
// although it doesn't really do anything for brute force protection.
// This performs the rotation algorithm.
func Base64RotateEncode(src []byte, order bool) []byte {
var b64 []byte
l := len(src)
// Setup indexes.
// Used for the loop.
i := 0
// Index A.
ia := 0
// Index C, should be byte length divided by 3 to ensure we start a the 3rd point.
ib := l / 3
// Index C is just B doubled.
ic := ib + ib
// Index D is used to determine which iteration we're on.
id := 0
// Loop until we reach the last index that fits all 3 values to b64.
for ; i < l-3; i += 3 {
var a, b, c int
// Depending on index D, rotate the A, B, and C indexes.
// I am not sure why we are rotating byte input, it doesn't do anything
// with regards to brute force protection. Someone can just reverse the
// byte order to decode the base64 back down to binary, then use the binary
// for brute force attacks.
if order {
switch id % 3 {
case 0:
a = ia
b = ib
c = ic
case 1:
a = ib
b = ic
c = ia
case 2:
a = ic
b = ia
c = ib
}
} else {
switch id % 3 {
case 0:
a = ia
b = ib
c = ic
case 1:
a = ic
b = ia
c = ib
case 2:
a = ib
b = ic
c = ia
}
}
// For this round, append the base64.
l := uint(src[a])<<16 | uint(src[b])<<8 | uint(src[c])
b64 = Base64Append(b64, l, 4)
// Increment the indexes.
ia++
ib++
ic++
id++
}
// For the remaining bytes, append as needed.
if l-i == 2 {
l := uint(0)<<16 | uint(src[l-1])<<8 | uint(src[l-2])
b64 = Base64Append(b64, l, 3)
} else {
l := uint(0)<<16 | uint(0)<<8 | uint(src[l-1])
b64 = Base64Append(b64, l, 2)
}
// Return the base64.
return b64
}