armybox 0.3.0

A memory-safe #[no_std] BusyBox/Toybox clone in Rust - 299 Unix utilities in ~500KB
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123

//! mkpasswd - generate password hash
//!
//! Generates a password hash in various formats.

use crate::io;
use super::get_arg;

/// mkpasswd - generate password hash
///
/// # Synopsis
/// ```text
/// mkpasswd [-m method] [-S salt] [password]
/// ```
///
/// # Description
/// Generates a password hash. Currently outputs a simple hash format.
/// For production use, use the system's mkpasswd or openssl.
///
/// # Options
/// - `-m, --method`: Hash method (md5, sha256, sha512)
/// - `-S, --salt`: Salt to use
///
/// # Exit Status
/// - 0: Success
pub fn mkpasswd(argc: i32, argv: *const *const u8) -> i32 {
    let mut method = b"sha512" as &[u8];
    let mut salt: Option<&[u8]> = None;
    let mut password: Option<&[u8]> = None;
    let mut i = 1;

    // Parse arguments
    while i < argc as usize {
        let arg = match unsafe { get_arg(argv, i as i32) } {
            Some(a) => a,
            None => break,
        };

        if arg == b"-m" || arg == b"--method" {
            i += 1;
            if let Some(m) = unsafe { get_arg(argv, i as i32) } {
                method = m;
            }
        } else if arg == b"-S" || arg == b"--salt" {
            i += 1;
            salt = unsafe { get_arg(argv, i as i32) };
        } else if !arg.starts_with(b"-") {
            password = Some(arg);
        }
        i += 1;
    }

    let salt_str = salt.unwrap_or(b"randomsalt");
    let pwd = password.unwrap_or(b"password");

    // Generate a simple hash (not cryptographically secure - for demo purposes)
    // In real usage, users should use system mkpasswd or openssl passwd
    let prefix: &[u8] = match method {
        b"md5" | b"1" => b"$1$",
        b"sha256" | b"5" => b"$5$",
        b"sha512" | b"6" => b"$6$",
        _ => b"$6$",
    };

    // Simple hash: XOR password bytes with salt, then format as hex
    let mut hash: u64 = 0x5381; // djb2 seed
    for &b in pwd {
        hash = hash.wrapping_mul(33).wrapping_add(b as u64);
    }
    for &b in salt_str {
        hash = hash.wrapping_mul(33).wrapping_add(b as u64);
    }

    io::write_all(1, prefix);
    io::write_all(1, salt_str);
    io::write_str(1, b"$");

    // Output hash as base64-ish characters (like crypt output)
    const B64: &[u8] = b"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
    let mut hash_chars = [0u8; 86];
    let mut h = hash;
    for i in 0..86 {
        hash_chars[i] = B64[(h & 0x3F) as usize];
        h = h.wrapping_mul(0x5DEECE66D).wrapping_add(11);
    }
    io::write_all(1, &hash_chars);
    io::write_str(1, b"\n");

    0
}

#[cfg(test)]
mod tests {
    extern crate std;
    use std::process::Command;
    use std::path::PathBuf;

    fn get_armybox_path() -> PathBuf {
        if let Ok(path) = std::env::var("ARMYBOX_PATH") {
            return PathBuf::from(path);
        }
        let manifest_dir = std::env::var("CARGO_MANIFEST_DIR")
            .map(PathBuf::from)
            .unwrap_or_else(|_| std::env::current_dir().unwrap());
        let release = manifest_dir.join("target/release/armybox");
        if release.exists() { return release; }
        manifest_dir.join("target/debug/armybox")
    }

    #[test]
    fn test_mkpasswd() {
        let armybox = get_armybox_path();
        if !armybox.exists() { return; }

        let output = Command::new(&armybox)
            .args(["mkpasswd", "mypassword"])
            .output()
            .unwrap();

        assert_eq!(output.status.code(), Some(0));
        let stdout = std::string::String::from_utf8_lossy(&output.stdout);
        assert!(stdout.starts_with("$6$")); // Default sha512
    }
}