changed the way how the IV is stored with the password and renamed some variables to make the code more understandable

git-svn-id: http://anope.svn.sourceforge.net/svnroot/anope/trunk@2870 5417fbe8-f217-4b02-8779-1006273d7864

1 files changed, 33 insertions, 30 deletions

diff --git a/src/core/enc_sha256.c b/src/core/enc_sha256.c
index 307e905d9..94c7c6525 100644
--- a/src/core/enc_sha256.c
+++ b/src/core/enc_sha256.c
@@ -130,49 +130,51 @@ uint32_t sha256_k[64] =
 
 class ESHA256 : public Module
 {
-	unsigned int salt[8];
-	bool use_salt;
+	unsigned int iv[8];
+	bool use_iv;
 
-	/* initializes the salt with a new random value */
-	void NewRandomSalt()
+	/* initializes the IV with a new random value */
+	void NewRandomIV()
 	{
 		srand(time(NULL));
 		for (int i = 0; i < 8; i++)
 		{
-			salt[i] = getrandom32();
+			iv[i] = getrandom32();
 		}
 	}
 
-	/* returns the salt as base64-encrypted string */
-	std::string GetSaltString()
+	/* returns the IV as base64-encrypted string */
+	std::string GetIVString()
 	{
-		std::stringstream buf;
-		char buf2[1000];
-		buf << salt[0] << " " << salt[1] << " " << salt[2] << " " << salt[3] << " ";
-		buf << salt[4] << " " << salt[5] << " " << salt[6] << " " << salt[7];
-		b64_encode(buf.str().c_str(), buf.str().size(), buf2, 1000);
+		unsigned char buf[33];
+		char buf2[512];
+		for (int i = 0; i < 8; i++)
+		{
+			UNPACK32(iv[i], &buf[i << 2]);
+		}
+		b64_encode(reinterpret_cast<char*>(buf), 32, buf2, 512);
 		return buf2;
 	}
 
-	/* splits the appended salt from the password string so it can be used for the next encryption */ 
-	/* password format:  <hashmethod>:<password_b64>:<hash_b64> */
-	void GetSaltFromPass(std::string &password)
+	/* splits the appended IV from the password string so it can be used for the next encryption */ 
+	/* password format:  <hashmethod>:<password_b64>:<iv_b64> */
+	void GetIVFromPass(std::string &password)
 	{
-		size_t pos, i = 0;
-		std::string saltstr;
+		size_t pos;
 		pos = password.find(":");
 		std::string buf(password, password.find(":", pos+1)+1, password.size());
-		char buf2[1000];
-		b64_decode(buf.c_str(), buf2, 1000);
-		std::stringstream sbuf(buf2);
-		for (i = 0; i < 8; i++)
-			sbuf >> salt[i];
+		unsigned char buf2[33];
+		b64_decode(buf.c_str(), reinterpret_cast<char*>(buf2), 33);
+		for (int i = 0 ; i < 8; i++)
+		{
+			PACK32(&buf2[i<<2], &iv[i]);
+		}
 	}
 
 	void SHA256Init(SHA256Context *ctx)
 	{
 		for (int i = 0; i < 8; i++)
-			ctx->h[i] = salt[i];
+			ctx->h[i] = iv[i];
 		ctx->len = 0;
 		ctx->tot_len = 0;
 	}
@@ -276,7 +278,7 @@ class ESHA256 : public Module
 		ModuleManager::Attach(I_OnDecrypt, this);
 		ModuleManager::Attach(I_OnCheckPassword, this);
 
-		use_salt = false;
+		use_iv = false;
 	}
 
 	EventReturn OnEncrypt(const std::string &src, std::string &dest)
@@ -286,17 +288,17 @@ class ESHA256 : public Module
 		SHA256Context ctx;
 		std::stringstream buf;
 
-		if (!use_salt)
-			NewRandomSalt();
+		if (!use_iv)
+			NewRandomIV();
 		else
-			use_salt = false;
+			use_iv = false;
 
 		SHA256Init(&ctx);
 		SHA256Update(&ctx, (unsigned char *)src.c_str(), src.size());
 		SHA256Final(&ctx, (unsigned char*)digest);
 
 		b64_encode(digest, SHA256_DIGEST_SIZE, cpass, 1000);
-		buf << "sha256:" << cpass << ":" << GetSaltString();
+		buf << "sha256:" << cpass << ":" << GetIVString();
 		Alog(LOG_DEBUG_2) << "(enc_sha256) hashed password from [" << src << "] to [" << buf.str() << " ]";
 		dest.assign(buf.str());
 		return EVENT_ALLOW;
@@ -321,9 +323,10 @@ class ESHA256 : public Module
 			return EVENT_CONTINUE;
 		std::string buf;
 
-		GetSaltFromPass(password);
-		use_salt = true;
+		GetIVFromPass(password);
+		use_iv = true;
 		this->OnEncrypt(plaintext, buf);
+
 		if(!password.compare(buf))
 		{
 			/* if we are NOT the first module in the list,