]> git.proxmox.com Git - grub2.git/blob - util/grub-mkpasswd-pbkdf2.c
projects / grub2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Import grub2_2.02+dfsg1.orig.tar.xz
[grub2.git] / util / grub-mkpasswd-pbkdf2.c
1 /*
2 * GRUB -- GRand Unified Bootloader
3 * Copyright (C) 1992-1999,2001,2003,2004,2005,2009 Free Software Foundation, Inc.
4 *
5 * GRUB is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * GRUB is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
17 */
18
19 #include <config.h>
20
21 #include <grub/types.h>
22 #include <grub/crypto.h>
23 #include <grub/auth.h>
24 #include <grub/emu/misc.h>
25 #include <grub/util/misc.h>
26 #include <grub/i18n.h>
27 #include <grub/misc.h>
28
29 #include <unistd.h>
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33
34 #define _GNU_SOURCE 1
35
36 #pragma GCC diagnostic ignored "-Wmissing-prototypes"
37 #pragma GCC diagnostic ignored "-Wmissing-declarations"
38 #include <argp.h>
39 #pragma GCC diagnostic error "-Wmissing-prototypes"
40 #pragma GCC diagnostic error "-Wmissing-declarations"
41
42
43 #include "progname.h"
44
45 static struct argp_option options[] = {
46 {"iteration-count", 'c', N_("NUM"), 0, N_("Number of PBKDF2 iterations"), 0},
47 {"buflen", 'l', N_("NUM"), 0, N_("Length of generated hash"), 0},
48 {"salt", 's', N_("NUM"), 0, N_("Length of salt"), 0},
49 { 0, 0, 0, 0, 0, 0 }
50 };
51
52 struct arguments
53 {
54 unsigned int count;
55 unsigned int buflen;
56 unsigned int saltlen;
57 };
58
59 static error_t
60 argp_parser (int key, char *arg, struct argp_state *state)
61 {
62 /* Get the input argument from argp_parse, which we
63 know is a pointer to our arguments structure. */
64 struct arguments *arguments = state->input;
65
66 switch (key)
67 {
68 case 'c':
69 arguments->count = strtoul (arg, NULL, 0);
70 break;
71
72 case 'l':
73 arguments->buflen = strtoul (arg, NULL, 0);
74 break;
75
76 case 's':
77 arguments->saltlen = strtoul (arg, NULL, 0);
78 break;
79 default:
80 return ARGP_ERR_UNKNOWN;
81 }
82 return 0;
83 }
84
85 static struct argp argp = {
86 options, argp_parser, N_("[OPTIONS]"),
87 N_("Generate PBKDF2 password hash."),
88 NULL, NULL, NULL
89 };
90
91
92 static void
93 hexify (char *hex, grub_uint8_t *bin, grub_size_t n)
94 {
95 while (n--)
96 {
97 if (((*bin & 0xf0) >> 4) < 10)
98 *hex = ((*bin & 0xf0) >> 4) + '0';
99 else
100 *hex = ((*bin & 0xf0) >> 4) + 'A' - 10;
101 hex++;
102
103 if ((*bin & 0xf) < 10)
104 *hex = (*bin & 0xf) + '0';
105 else
106 *hex = (*bin & 0xf) + 'A' - 10;
107 hex++;
108 bin++;
109 }
110 *hex = 0;
111 }
112
113 int
114 main (int argc, char *argv[])
115 {
116 struct arguments arguments = {
117 .count = 10000,
118 .buflen = 64,
119 .saltlen = 64
120 };
121 char *result, *ptr;
122 gcry_err_code_t gcry_err;
123 grub_uint8_t *buf, *salt;
124 char pass1[GRUB_AUTH_MAX_PASSLEN];
125 char pass2[GRUB_AUTH_MAX_PASSLEN];
126
127 grub_util_host_init (&argc, &argv);
128
129 /* Check for options. */
130 if (argp_parse (&argp, argc, argv, 0, 0, &arguments) != 0)
131 {
132 fprintf (stderr, "%s", _("Error in parsing command line arguments\n"));
133 exit(1);
134 }
135
136 buf = xmalloc (arguments.buflen);
137 salt = xmalloc (arguments.saltlen);
138
139 printf ("%s", _("Enter password: "));
140 if (!grub_password_get (pass1, GRUB_AUTH_MAX_PASSLEN))
141 {
142 free (buf);
143 free (salt);
144 grub_util_error ("%s", _("failure to read password"));
145 }
146 printf ("%s", _("Reenter password: "));
147 if (!grub_password_get (pass2, GRUB_AUTH_MAX_PASSLEN))
148 {
149 free (buf);
150 free (salt);
151 grub_util_error ("%s", _("failure to read password"));
152 }
153
154 if (strcmp (pass1, pass2) != 0)
155 {
156 memset (pass1, 0, sizeof (pass1));
157 memset (pass2, 0, sizeof (pass2));
158 free (buf);
159 free (salt);
160 grub_util_error ("%s", _("passwords don't match"));
161 }
162 memset (pass2, 0, sizeof (pass2));
163
164 if (grub_get_random (salt, arguments.saltlen))
165 {
166 memset (pass1, 0, sizeof (pass1));
167 free (buf);
168 free (salt);
169 grub_util_error ("%s", _("couldn't retrieve random data for salt"));
170 }
171
172 gcry_err = grub_crypto_pbkdf2 (GRUB_MD_SHA512,
173 (grub_uint8_t *) pass1, strlen (pass1),
174 salt, arguments.saltlen,
175 arguments.count, buf, arguments.buflen);
176 memset (pass1, 0, sizeof (pass1));
177
178 if (gcry_err)
179 {
180 memset (buf, 0, arguments.buflen);
181 free (buf);
182 memset (salt, 0, arguments.saltlen);
183 free (salt);
184 grub_util_error (_("cryptographic error number %d"), gcry_err);
185 }
186
187 result = xmalloc (sizeof ("grub.pbkdf2.sha512.XXXXXXXXXXXXXXXXXXX.S.S")
188 + arguments.buflen * 2 + arguments.saltlen * 2);
189 ptr = result;
190 memcpy (ptr, "grub.pbkdf2.sha512.", sizeof ("grub.pbkdf2.sha512.") - 1);
191 ptr += sizeof ("grub.pbkdf2.sha512.") - 1;
192
193 grub_snprintf (ptr, sizeof ("XXXXXXXXXXXXXXXXXXX"), "%d", arguments.count);
194 ptr += strlen (ptr);
195 *ptr++ = '.';
196 hexify (ptr, salt, arguments.saltlen);
197 ptr += arguments.saltlen * 2;
198 *ptr++ = '.';
199 hexify (ptr, buf, arguments.buflen);
200 ptr += arguments.buflen * 2;
201 *ptr = '\0';
202
203 printf (_("PBKDF2 hash of your password is %s\n"), result);
204 memset (buf, 0, arguments.buflen);
205 free (buf);
206 memset (salt, 0, arguments.saltlen);
207 free (salt);
208
209 return 0;
210 }
The GNU GRand Unified Bootloader for Proxmox projects