More WIN32 adaptations, configurable work factor.

2018-09-26 19:05:49 +02:00 · 2018-09-26 19:05:49 +02:00 · 2e9bde0261
parent 3c50a4260b
commit 2e9bde0261
9 changed files with 21 additions and 11 deletions
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@ -28,7 +28,7 @@ IF (CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang")
    SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wsign-compare -Wall -Werror -Wno-unknown-pragmas -Wstrict-prototypes -Wpointer-arith -Wno-char-subscripts -Wno-long-long")
 #    SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c89")
 ELSEIF(MSVC)
-    SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4 /WX /MP /Za /D_CRT_SECURE_NO_WARNINGS /D_USE_MATH_DEFINES")
+    SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4 /WX /MP /D_CRT_SECURE_NO_WARNINGS /D_USE_MATH_DEFINES")
    set(CMAKE_EXE_LINKER_FLAGS_DEBUG
        "${CMAKE_EXE_LINKER_FLAGS_DEBUG} /NODEFAULTLIB:libc.lib /NODEFAULTLIB:libcmt.lib /NODEFAULTLIB:libcd.lib /NODEFAULTLIB:libcmtd.lib /NODEFAULTLIB:msvcrt.lib")
    set(CMAKE_EXE_LINKER_FLAGS_RELEASE
--- a/src/platform.h
+++ b/src/platform.h
@ -14,6 +14,7 @@
 #pragma warning(disable: 4457) // declaration hides function parameter
 #pragma warning(disable: 4459) // declaration hides global
 #pragma warning(disable: 4224) // formal parameter was previously defined as a type
+#pragma warning(disable: 4214) // bit field types other than int
 #endif

 /* @see https://insanecoding.blogspot.no/2007/11/pathmax-simply-isnt.html */
--- a/src/util/crypto/CMakeLists.txt
+++ b/src/util/crypto/CMakeLists.txt
@ -7,7 +7,7 @@ IF (MSVC)
 ENDIF (MSVC)

 SET (LIB_SRC
-  bcrypt.c
+  crypto.c
  crypt_blowfish/wrapper.c
  crypt_blowfish/crypt_blowfish.c
  crypt_blowfish/crypt_gensalt.c
@ -18,8 +18,7 @@ set (CRYPTO_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR} CACHE INTERNAL "cJSON header
 set (CRYPTO_LIBRARIES crypto CACHE INTERNAL "crypto libraries")

 IF(WIN32)
-  FIND_LIBRARY(WIN32_CNG_LIBRARY bcrypt)
-  SET(CRYPTO_LIBRARIES ${CRYPTO_LIBRARIES} ${WIN32_CNG_LIBRARY} CACHE
+  SET(CRYPTO_LIBRARIES ${CRYPTO_LIBRARIES} bcrypt CACHE
    INTERNAL "crypto libraries")
 ENDIF()
            
--- a/src/util/crypto/crypt_blowfish/wrapper.c
+++ b/src/util/crypto/crypt_blowfish/wrapper.c
@ -243,13 +243,15 @@ char *__crypt_gensalt_ra(const char *prefix, unsigned long count,
 		input, size, output, sizeof(output));

 	if (retval) {
-		retval = strdup(retval);
+        size_t len = 1 + strlen(retval);
+        char * dst = malloc(len);
 #ifndef __GLIBC__
-		/* strdup(3) on glibc sets errno, so we don't need to bother */
-		if (!retval)
+		/* malloc(3) on glibc sets errno, so we don't need to bother */
+		if (!dst)
 			__set_errno(ENOMEM);
 #endif
-	}
+        retval = memcpy(dst, retval, len);
+    }

 	return retval;
 }
--- a/src/util/crypto/crypto.c
+++ b/src/util/crypto/crypto.c
@ -24,7 +24,7 @@
 #include <unistd.h>
 #endif

-#include "bcrypt.h"
+#include "crypto.h"
 #include "crypt_blowfish/ow-crypt.h"

 #define RANDBYTES (16)
--- a/src/util/crypto/crypto.h
+++ b/src/util/crypto/crypto.h
--- a/src/util/password.c
+++ b/src/util/password.c
@ -3,12 +3,14 @@
 #endif
 #include "password.h"

-#include "crypto/bcrypt.h"
+#include "crypto/crypto.h"

 #include <assert.h>
 #include <string.h>
 #include <stdio.h>

+int bcrypt_workfactor = 8;
+
 bool password_is_implemented(cryptalgo_t algo) {
    if (algo == PASSWORD_BCRYPT) return true;
    return algo == PASSWORD_PLAINTEXT;
@ -19,7 +21,7 @@ const char * password_encode(const char * passwd, cryptalgo_t algo) {
        char salt[BCRYPT_HASHSIZE];
        static char hash[BCRYPT_HASHSIZE];
        int ret;
-        bcrypt_gensalt(12, salt);
+        bcrypt_gensalt(bcrypt_workfactor, salt);
        ret = bcrypt_hashpw(passwd, salt, hash);
        assert(ret == 0);
        return hash;
--- a/src/util/password.h
+++ b/src/util/password.h
@ -7,6 +7,8 @@ typedef enum cryptalgo_t {
 } cryptalgo_t;
 #define PASSWORD_DEFAULT PASSWORD_PLAINTEXT

+extern int bcrypt_workfactor;
+
 #define VERIFY_OK 0
 #define VERIFY_FAIL 1
 #define VERIFY_UNKNOWN 2
--- a/src/util/password.test.c
+++ b/src/util/password.test.c
@ -7,11 +7,15 @@ static void test_passwords(CuTest *tc) {
    const char *hash;
    
    if (password_is_implemented(PASSWORD_BCRYPT)) {
+        bcrypt_workfactor = 4;
        hash = password_encode("password", PASSWORD_BCRYPT);
        CuAssertPtrNotNull(tc, hash);
        CuAssertIntEquals(tc, '$', hash[0]);
        CuAssertIntEquals(tc, '2', hash[1]);
        CuAssertIntEquals(tc, '$', hash[3]);
+        CuAssertIntEquals(tc, '0', hash[4]);
+        CuAssertIntEquals(tc, '4', hash[5]);
+        CuAssertIntEquals(tc, '$', hash[6]);
        CuAssertIntEquals(tc, VERIFY_OK, password_verify(hash, "password"));
        CuAssertIntEquals(tc, VERIFY_FAIL, password_verify(hash, "arseword"));
    }