From 2e9bde0261ca2e1374db27c5d63c0485fc21eec6 Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Wed, 26 Sep 2018 19:05:49 +0200 Subject: [PATCH] More WIN32 adaptations, configurable work factor. --- src/CMakeLists.txt | 2 +- src/platform.h | 1 + src/util/crypto/CMakeLists.txt | 5 ++--- src/util/crypto/crypt_blowfish/wrapper.c | 10 ++++++---- src/util/crypto/{bcrypt.c => crypto.c} | 2 +- src/util/crypto/{bcrypt.h => crypto.h} | 0 src/util/password.c | 6 ++++-- src/util/password.h | 2 ++ src/util/password.test.c | 4 ++++ 9 files changed, 21 insertions(+), 11 deletions(-) rename src/util/crypto/{bcrypt.c => crypto.c} (99%) rename src/util/crypto/{bcrypt.h => crypto.h} (100%) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 506f35473..9a7e4a8ab 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -28,7 +28,7 @@ IF (CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang") SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wsign-compare -Wall -Werror -Wno-unknown-pragmas -Wstrict-prototypes -Wpointer-arith -Wno-char-subscripts -Wno-long-long") # SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c89") ELSEIF(MSVC) - SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4 /WX /MP /Za /D_CRT_SECURE_NO_WARNINGS /D_USE_MATH_DEFINES") + SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4 /WX /MP /D_CRT_SECURE_NO_WARNINGS /D_USE_MATH_DEFINES") set(CMAKE_EXE_LINKER_FLAGS_DEBUG "${CMAKE_EXE_LINKER_FLAGS_DEBUG} /NODEFAULTLIB:libc.lib /NODEFAULTLIB:libcmt.lib /NODEFAULTLIB:libcd.lib /NODEFAULTLIB:libcmtd.lib /NODEFAULTLIB:msvcrt.lib") set(CMAKE_EXE_LINKER_FLAGS_RELEASE diff --git a/src/platform.h b/src/platform.h index fb1ace65a..fdc3760f9 100644 --- a/src/platform.h +++ b/src/platform.h @@ -14,6 +14,7 @@ #pragma warning(disable: 4457) // declaration hides function parameter #pragma warning(disable: 4459) // declaration hides global #pragma warning(disable: 4224) // formal parameter was previously defined as a type +#pragma warning(disable: 4214) // bit field types other than int #endif /* @see https://insanecoding.blogspot.no/2007/11/pathmax-simply-isnt.html */ diff --git a/src/util/crypto/CMakeLists.txt b/src/util/crypto/CMakeLists.txt index 925c73380..195eb02b4 100644 --- a/src/util/crypto/CMakeLists.txt +++ b/src/util/crypto/CMakeLists.txt @@ -7,7 +7,7 @@ IF (MSVC) ENDIF (MSVC) SET (LIB_SRC - bcrypt.c + crypto.c crypt_blowfish/wrapper.c crypt_blowfish/crypt_blowfish.c crypt_blowfish/crypt_gensalt.c @@ -18,8 +18,7 @@ set (CRYPTO_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR} CACHE INTERNAL "cJSON header set (CRYPTO_LIBRARIES crypto CACHE INTERNAL "crypto libraries") IF(WIN32) - FIND_LIBRARY(WIN32_CNG_LIBRARY bcrypt) - SET(CRYPTO_LIBRARIES ${CRYPTO_LIBRARIES} ${WIN32_CNG_LIBRARY} CACHE + SET(CRYPTO_LIBRARIES ${CRYPTO_LIBRARIES} bcrypt CACHE INTERNAL "crypto libraries") ENDIF() diff --git a/src/util/crypto/crypt_blowfish/wrapper.c b/src/util/crypto/crypt_blowfish/wrapper.c index 1e49c90d8..b69ba7ae6 100644 --- a/src/util/crypto/crypt_blowfish/wrapper.c +++ b/src/util/crypto/crypt_blowfish/wrapper.c @@ -243,13 +243,15 @@ char *__crypt_gensalt_ra(const char *prefix, unsigned long count, input, size, output, sizeof(output)); if (retval) { - retval = strdup(retval); + size_t len = 1 + strlen(retval); + char * dst = malloc(len); #ifndef __GLIBC__ - /* strdup(3) on glibc sets errno, so we don't need to bother */ - if (!retval) + /* malloc(3) on glibc sets errno, so we don't need to bother */ + if (!dst) __set_errno(ENOMEM); #endif - } + retval = memcpy(dst, retval, len); + } return retval; } diff --git a/src/util/crypto/bcrypt.c b/src/util/crypto/crypto.c similarity index 99% rename from src/util/crypto/bcrypt.c rename to src/util/crypto/crypto.c index c8cc14e23..75129a826 100644 --- a/src/util/crypto/bcrypt.c +++ b/src/util/crypto/crypto.c @@ -24,7 +24,7 @@ #include #endif -#include "bcrypt.h" +#include "crypto.h" #include "crypt_blowfish/ow-crypt.h" #define RANDBYTES (16) diff --git a/src/util/crypto/bcrypt.h b/src/util/crypto/crypto.h similarity index 100% rename from src/util/crypto/bcrypt.h rename to src/util/crypto/crypto.h diff --git a/src/util/password.c b/src/util/password.c index 73e02c551..a7e14c98b 100644 --- a/src/util/password.c +++ b/src/util/password.c @@ -3,12 +3,14 @@ #endif #include "password.h" -#include "crypto/bcrypt.h" +#include "crypto/crypto.h" #include #include #include +int bcrypt_workfactor = 8; + bool password_is_implemented(cryptalgo_t algo) { if (algo == PASSWORD_BCRYPT) return true; return algo == PASSWORD_PLAINTEXT; @@ -19,7 +21,7 @@ const char * password_encode(const char * passwd, cryptalgo_t algo) { char salt[BCRYPT_HASHSIZE]; static char hash[BCRYPT_HASHSIZE]; int ret; - bcrypt_gensalt(12, salt); + bcrypt_gensalt(bcrypt_workfactor, salt); ret = bcrypt_hashpw(passwd, salt, hash); assert(ret == 0); return hash; diff --git a/src/util/password.h b/src/util/password.h index acd695954..7deb46430 100644 --- a/src/util/password.h +++ b/src/util/password.h @@ -7,6 +7,8 @@ typedef enum cryptalgo_t { } cryptalgo_t; #define PASSWORD_DEFAULT PASSWORD_PLAINTEXT +extern int bcrypt_workfactor; + #define VERIFY_OK 0 #define VERIFY_FAIL 1 #define VERIFY_UNKNOWN 2 diff --git a/src/util/password.test.c b/src/util/password.test.c index 34a252531..9740b4080 100644 --- a/src/util/password.test.c +++ b/src/util/password.test.c @@ -7,11 +7,15 @@ static void test_passwords(CuTest *tc) { const char *hash; if (password_is_implemented(PASSWORD_BCRYPT)) { + bcrypt_workfactor = 4; hash = password_encode("password", PASSWORD_BCRYPT); CuAssertPtrNotNull(tc, hash); CuAssertIntEquals(tc, '$', hash[0]); CuAssertIntEquals(tc, '2', hash[1]); CuAssertIntEquals(tc, '$', hash[3]); + CuAssertIntEquals(tc, '0', hash[4]); + CuAssertIntEquals(tc, '4', hash[5]); + CuAssertIntEquals(tc, '$', hash[6]); CuAssertIntEquals(tc, VERIFY_OK, password_verify(hash, "password")); CuAssertIntEquals(tc, VERIFY_FAIL, password_verify(hash, "arseword")); }