-/* $OpenBSD: bcrypt.c,v 1.37 2014/04/08 20:14:25 tedu Exp $ */
+/* $OpenBSD: bcrypt.c,v 1.38 2014/04/19 15:17:59 tedu Exp $ */
/*
* Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
char arounds[3];
/* Discard "$" identifier */
+ if (*salt != '$')
+ return -1;
salt++;
- if (*salt > BCRYPT_VERSION) {
+ if (*salt != BCRYPT_VERSION)
return -1;
- }
/* Check for minor versions */
if (salt[1] != '$') {
case 'b': /* cap input length at 72 bytes */
minor = salt[1];
salt++;
+ if (salt[1] != '$')
+ return -1;
break;
default:
return -1;
return -1;
/* We dont want the base64 salt but the raw data */
- decode_base64(csalt, BCRYPT_MAXSALT, salt);
+ if (decode_base64(csalt, BCRYPT_MAXSALT, salt))
+ return -1;
salt_len = BCRYPT_MAXSALT;
if (minor <= 'a')
key_len = (u_int8_t)(strlen(key) + (minor >= 'a' ? 1 : 0));
c3 = CHAR64(*(p + 2));
if (c3 == 255)
- break;
+ return -1;
*bp++ = ((c2 & 0x0f) << 4) | ((c3 & 0x3c) >> 2);
if (bp >= buffer + len)
c4 = CHAR64(*(p + 3));
if (c4 == 255)
- break;
+ return -1;
*bp++ = ((c3 & 0x03) << 6) | c4;
p += 4;
projects / openbsd / commitdiff