LupusNobilis/sogo
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

(fix) fixed broken string initializations (fixes #3899)

Browse source
This commit is contained in:
Ludovic Marcotte 2016-11-15 14:18:57 -05:00
parent d992ab921f
commit 53b1cc5477
1 changed files with 20 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
SoObjects/SOGo/NSData+Crypto.m
View file

@ -607,7 +607,7 @@ static void _nettle_md5_compress(uint32_t *digest, const uint8_t *input);
} }
cryptString = [[NSString alloc] initWithData: self encoding: NSUTF8StringEncoding]; cryptString = [[NSString alloc] initWithData: self encoding: NSUTF8StringEncoding];
saltData = [NSMutableData dataWithData: [[NSString stringWithFormat:@"$@$", magic] dataUsingEncoding: NSUTF8StringEncoding]]; saltData = [NSMutableData dataWithData: [[NSString stringWithFormat:@"$%@$", magic] dataUsingEncoding: NSUTF8StringEncoding]];
[saltData appendData: theSalt]; [saltData appendData: theSalt];
// Terminate with "$" // Terminate with "$"
@ -709,26 +709,36 @@ static void _nettle_md5_compress(uint32_t *digest, const uint8_t *input);
// the crypt() function is able to extract it by itself // the crypt() function is able to extract it by itself
r = NSMakeRange(0, len); r = NSMakeRange(0, len);
} }
else if ([theScheme caseInsensitiveCompare: @"md5-crypt"] == NSOrderedSame) else if ([theScheme caseInsensitiveCompare: @"md5-crypt"] == NSOrderedSame ||
[theScheme caseInsensitiveCompare: @"sha256-crypt"] == NSOrderedSame ||
[theScheme caseInsensitiveCompare: @"sha512-crypt"] == NSOrderedSame)
{ {
// md5 crypt is generated the following "$1$<salt>$<encrypted pass>" // md5-crypt is generated the following "$1$<salt>$<encrypted pass>"
// sha256-crypt is generated the following "$5$<salt>$<encrypted pass>"
// sha512-crypt is generated the following "$6$<salt>$<encrypted pass>"
NSString *cryptString; NSString *cryptString;
NSArray *cryptParts; NSArray *cryptParts;
cryptString = [NSString stringWithUTF8String: [self bytes] ];
cryptString = [[NSString alloc] initWithData: self encoding: NSUTF8StringEncoding];
AUTORELEASE(cryptString);
cryptParts = [cryptString componentsSeparatedByString: @"$"]; cryptParts = [cryptString componentsSeparatedByString: @"$"];
// correct number of elements (first one is an empty string) // correct number of elements (first one is an empty string)
if ([cryptParts count] != 4) if ([cryptParts count] != 4)
{ {
return [NSData data]; return [NSData data];
} }
// second is the identifier of md5-crypt // second is the identifier of md5-crypt/sha256-crypt or sha512-crypt
else if( [[cryptParts objectAtIndex: 1] caseInsensitiveCompare: @"1"] != NSOrderedSame ) else if ([[cryptParts objectAtIndex: 1] caseInsensitiveCompare: @"1"] == NSOrderedSame ||
[[cryptParts objectAtIndex: 1] caseInsensitiveCompare: @"5"] == NSOrderedSame ||
[[cryptParts objectAtIndex: 1] caseInsensitiveCompare: @"6"] == NSOrderedSame)
{ {
return [NSData data];
}
// third is the salt; convert it to NSData // third is the salt; convert it to NSData
return [[cryptParts objectAtIndex: 2] dataUsingEncoding: NSUTF8StringEncoding]; return [[cryptParts objectAtIndex: 2] dataUsingEncoding: NSUTF8StringEncoding];
} }
// nothing good
return [NSData data];
}
else if ([theScheme caseInsensitiveCompare: @"ssha"] == NSOrderedSame) else if ([theScheme caseInsensitiveCompare: @"ssha"] == NSOrderedSame)
{ {
r = NSMakeRange(SHA_DIGEST_LENGTH, len - SHA_DIGEST_LENGTH); r = NSMakeRange(SHA_DIGEST_LENGTH, len - SHA_DIGEST_LENGTH);