forked from github/server
More WIN32 adaptations, configurable work factor.
This commit is contained in:
Enno Rehling
parent
3c50a4260b
commit
2e9bde0261
|
|
@ -28,7 +28,7 @@ IF (CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang")
|
||||||
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wsign-compare -Wall -Werror -Wno-unknown-pragmas -Wstrict-prototypes -Wpointer-arith -Wno-char-subscripts -Wno-long-long")
|
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wsign-compare -Wall -Werror -Wno-unknown-pragmas -Wstrict-prototypes -Wpointer-arith -Wno-char-subscripts -Wno-long-long")
|
||||||
# SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c89")
|
# SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c89")
|
||||||
ELSEIF(MSVC)
|
ELSEIF(MSVC)
|
||||||
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4 /WX /MP /Za /D_CRT_SECURE_NO_WARNINGS /D_USE_MATH_DEFINES")
|
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4 /WX /MP /D_CRT_SECURE_NO_WARNINGS /D_USE_MATH_DEFINES")
|
||||||
set(CMAKE_EXE_LINKER_FLAGS_DEBUG
|
set(CMAKE_EXE_LINKER_FLAGS_DEBUG
|
||||||
"${CMAKE_EXE_LINKER_FLAGS_DEBUG} /NODEFAULTLIB:libc.lib /NODEFAULTLIB:libcmt.lib /NODEFAULTLIB:libcd.lib /NODEFAULTLIB:libcmtd.lib /NODEFAULTLIB:msvcrt.lib")
|
"${CMAKE_EXE_LINKER_FLAGS_DEBUG} /NODEFAULTLIB:libc.lib /NODEFAULTLIB:libcmt.lib /NODEFAULTLIB:libcd.lib /NODEFAULTLIB:libcmtd.lib /NODEFAULTLIB:msvcrt.lib")
|
||||||
set(CMAKE_EXE_LINKER_FLAGS_RELEASE
|
set(CMAKE_EXE_LINKER_FLAGS_RELEASE
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,7 @@
|
||||||
#pragma warning(disable: 4457) // declaration hides function parameter
|
#pragma warning(disable: 4457) // declaration hides function parameter
|
||||||
#pragma warning(disable: 4459) // declaration hides global
|
#pragma warning(disable: 4459) // declaration hides global
|
||||||
#pragma warning(disable: 4224) // formal parameter was previously defined as a type
|
#pragma warning(disable: 4224) // formal parameter was previously defined as a type
|
||||||
|
#pragma warning(disable: 4214) // bit field types other than int
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* @see https://insanecoding.blogspot.no/2007/11/pathmax-simply-isnt.html */
|
/* @see https://insanecoding.blogspot.no/2007/11/pathmax-simply-isnt.html */
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@ IF (MSVC)
|
||||||
ENDIF (MSVC)
|
ENDIF (MSVC)
|
||||||
|
|
||||||
SET (LIB_SRC
|
SET (LIB_SRC
|
||||||
bcrypt.c
|
crypto.c
|
||||||
crypt_blowfish/wrapper.c
|
crypt_blowfish/wrapper.c
|
||||||
crypt_blowfish/crypt_blowfish.c
|
crypt_blowfish/crypt_blowfish.c
|
||||||
crypt_blowfish/crypt_gensalt.c
|
crypt_blowfish/crypt_gensalt.c
|
||||||
|
|
@ -18,8 +18,7 @@ set (CRYPTO_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR} CACHE INTERNAL "cJSON header
|
||||||
set (CRYPTO_LIBRARIES crypto CACHE INTERNAL "crypto libraries")
|
set (CRYPTO_LIBRARIES crypto CACHE INTERNAL "crypto libraries")
|
||||||
|
|
||||||
IF(WIN32)
|
IF(WIN32)
|
||||||
FIND_LIBRARY(WIN32_CNG_LIBRARY bcrypt)
|
SET(CRYPTO_LIBRARIES ${CRYPTO_LIBRARIES} bcrypt CACHE
|
||||||
SET(CRYPTO_LIBRARIES ${CRYPTO_LIBRARIES} ${WIN32_CNG_LIBRARY} CACHE
|
|
||||||
INTERNAL "crypto libraries")
|
INTERNAL "crypto libraries")
|
||||||
ENDIF()
|
ENDIF()
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -243,13 +243,15 @@ char *__crypt_gensalt_ra(const char *prefix, unsigned long count,
|
||||||
input, size, output, sizeof(output));
|
input, size, output, sizeof(output));
|
||||||
|
|
||||||
if (retval) {
|
if (retval) {
|
||||||
retval = strdup(retval);
|
size_t len = 1 + strlen(retval);
|
||||||
|
char * dst = malloc(len);
|
||||||
#ifndef __GLIBC__
|
#ifndef __GLIBC__
|
||||||
/* strdup(3) on glibc sets errno, so we don't need to bother */
|
/* malloc(3) on glibc sets errno, so we don't need to bother */
|
||||||
if (!retval)
|
if (!dst)
|
||||||
__set_errno(ENOMEM);
|
__set_errno(ENOMEM);
|
||||||
#endif
|
#endif
|
||||||
}
|
retval = memcpy(dst, retval, len);
|
||||||
|
}
|
||||||
|
|
||||||
return retval;
|
return retval;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include "bcrypt.h"
|
#include "crypto.h"
|
||||||
#include "crypt_blowfish/ow-crypt.h"
|
#include "crypt_blowfish/ow-crypt.h"
|
||||||
|
|
||||||
#define RANDBYTES (16)
|
#define RANDBYTES (16)
|
||||||
|
|
@ -3,12 +3,14 @@
|
||||||
#endif
|
#endif
|
||||||
#include "password.h"
|
#include "password.h"
|
||||||
|
|
||||||
#include "crypto/bcrypt.h"
|
#include "crypto/crypto.h"
|
||||||
|
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
|
||||||
|
int bcrypt_workfactor = 8;
|
||||||
|
|
||||||
bool password_is_implemented(cryptalgo_t algo) {
|
bool password_is_implemented(cryptalgo_t algo) {
|
||||||
if (algo == PASSWORD_BCRYPT) return true;
|
if (algo == PASSWORD_BCRYPT) return true;
|
||||||
return algo == PASSWORD_PLAINTEXT;
|
return algo == PASSWORD_PLAINTEXT;
|
||||||
|
|
@ -19,7 +21,7 @@ const char * password_encode(const char * passwd, cryptalgo_t algo) {
|
||||||
char salt[BCRYPT_HASHSIZE];
|
char salt[BCRYPT_HASHSIZE];
|
||||||
static char hash[BCRYPT_HASHSIZE];
|
static char hash[BCRYPT_HASHSIZE];
|
||||||
int ret;
|
int ret;
|
||||||
bcrypt_gensalt(12, salt);
|
bcrypt_gensalt(bcrypt_workfactor, salt);
|
||||||
ret = bcrypt_hashpw(passwd, salt, hash);
|
ret = bcrypt_hashpw(passwd, salt, hash);
|
||||||
assert(ret == 0);
|
assert(ret == 0);
|
||||||
return hash;
|
return hash;
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,8 @@ typedef enum cryptalgo_t {
|
||||||
} cryptalgo_t;
|
} cryptalgo_t;
|
||||||
#define PASSWORD_DEFAULT PASSWORD_PLAINTEXT
|
#define PASSWORD_DEFAULT PASSWORD_PLAINTEXT
|
||||||
|
|
||||||
|
extern int bcrypt_workfactor;
|
||||||
|
|
||||||
#define VERIFY_OK 0
|
#define VERIFY_OK 0
|
||||||
#define VERIFY_FAIL 1
|
#define VERIFY_FAIL 1
|
||||||
#define VERIFY_UNKNOWN 2
|
#define VERIFY_UNKNOWN 2
|
||||||
|
|
|
||||||
|
|
@ -7,11 +7,15 @@ static void test_passwords(CuTest *tc) {
|
||||||
const char *hash;
|
const char *hash;
|
||||||
|
|
||||||
if (password_is_implemented(PASSWORD_BCRYPT)) {
|
if (password_is_implemented(PASSWORD_BCRYPT)) {
|
||||||
|
bcrypt_workfactor = 4;
|
||||||
hash = password_encode("password", PASSWORD_BCRYPT);
|
hash = password_encode("password", PASSWORD_BCRYPT);
|
||||||
CuAssertPtrNotNull(tc, hash);
|
CuAssertPtrNotNull(tc, hash);
|
||||||
CuAssertIntEquals(tc, '$', hash[0]);
|
CuAssertIntEquals(tc, '$', hash[0]);
|
||||||
CuAssertIntEquals(tc, '2', hash[1]);
|
CuAssertIntEquals(tc, '2', hash[1]);
|
||||||
CuAssertIntEquals(tc, '$', hash[3]);
|
CuAssertIntEquals(tc, '$', hash[3]);
|
||||||
|
CuAssertIntEquals(tc, '0', hash[4]);
|
||||||
|
CuAssertIntEquals(tc, '4', hash[5]);
|
||||||
|
CuAssertIntEquals(tc, '$', hash[6]);
|
||||||
CuAssertIntEquals(tc, VERIFY_OK, password_verify(hash, "password"));
|
CuAssertIntEquals(tc, VERIFY_OK, password_verify(hash, "password"));
|
||||||
CuAssertIntEquals(tc, VERIFY_FAIL, password_verify(hash, "arseword"));
|
CuAssertIntEquals(tc, VERIFY_FAIL, password_verify(hash, "arseword"));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue