示例#1
0
int main(void)
{
    char       *str_out;
    char       *str_out2;
    char       *salt;
    const char *passwd = "Correct Horse Battery Staple";

    tv();
    tv2();
    salt = (char *) sodium_malloc(crypto_pwhash_SALTBYTES);
    str_out = (char *) sodium_malloc(crypto_pwhash_STRBYTES);
    str_out2 = (char *) sodium_malloc(crypto_pwhash_STRBYTES);
    memcpy(salt, ">A 16-bytes salt", crypto_pwhash_SALTBYTES);
    if (crypto_pwhash_str(str_out, passwd, strlen(passwd),
                          OPSLIMIT, MEMLIMIT) != 0) {
        printf("pwhash_str failure\n");
    }
    if (crypto_pwhash_str(str_out2, passwd, strlen(passwd),
                          OPSLIMIT, MEMLIMIT) != 0) {
        printf("pwhash_str(2) failure\n");
    }
    if (strcmp(str_out, str_out2) == 0) {
        printf("pwhash_str doesn't generate different salts\n");
    }
    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != 0) {
        printf("pwhash_str_verify failure\n");
    }
    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != 0) {
        printf("pwhash_str_verify failure\n");
    }
    str_out[14]++;
    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) == 0) {
        printf("pwhash_str_verify(2) failure\n");
    }
    str_out[14]--;

    assert(str_out[crypto_pwhash_STRBYTES - 1U] == 0);
    assert(crypto_pwhash_saltbytes() > 0U);
    assert(crypto_pwhash_strbytes() > 1U);
    assert(crypto_pwhash_strbytes() > strlen(crypto_pwhash_strprefix()));
    assert(crypto_pwhash_opslimit_interactive() > 0U);
    assert(crypto_pwhash_memlimit_interactive() > 0U);
    assert(crypto_pwhash_opslimit_moderate() > 0U);
    assert(crypto_pwhash_memlimit_moderate() > 0U);
    assert(crypto_pwhash_opslimit_sensitive() > 0U);
    assert(crypto_pwhash_memlimit_sensitive() > 0U);

    sodium_free(salt);
    sodium_free(str_out);
    sodium_free(str_out2);

    printf("OK\n");

    return 0;
}
示例#2
0
static void
str_tests(void)
{
    char       *str_out;
    char       *str_out2;
    char       *salt;
    const char *passwd = "Correct Horse Battery Staple";

    salt     = (char *) sodium_malloc(crypto_pwhash_argon2id_SALTBYTES);
    str_out  = (char *) sodium_malloc(crypto_pwhash_argon2id_STRBYTES);
    str_out2 = (char *) sodium_malloc(crypto_pwhash_argon2id_STRBYTES);
    memcpy(salt, ">A 16-bytes salt", crypto_pwhash_argon2id_SALTBYTES);
    if (crypto_pwhash_str(str_out, passwd, strlen(passwd), OPSLIMIT,
                          MEMLIMIT) != 0) {
        printf("pwhash_str failure\n");
    }
    if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), OPSLIMIT,
                          MEMLIMIT) != 0) {
        printf("pwhash_str(2) failure\n");
    }
    if (strcmp(str_out, str_out2) == 0) {
        printf("pwhash_str() doesn't generate different salts\n");
    }
    if (crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) != 0 ||
        crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) != 0) {
        printf("needs_rehash() false positive\n");
    }
    if (crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1 ||
        crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT - 1, MEMLIMIT) != 1 ||
        crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != 1 ||
        crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT + 1, MEMLIMIT) != 1) {
        printf("needs_rehash() false negative (0)\n");
    }
    if (crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1 ||
        crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT - 1, MEMLIMIT) != 1 ||
        crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != 1 ||
        crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT + 1, MEMLIMIT) != 1) {
        printf("needs_rehash() false negative (1)\n");
    }
    if (crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != -1 ||
        crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT - 1, MEMLIMIT) != -1 ||
        crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != -1 ||
        crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT + 1, MEMLIMIT) != -1) {
        printf("needs_rehash() false negative (2)\n");
    }
    if (crypto_pwhash_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1) {
        printf("pwhash_str_needs_rehash() didn't handle argon2id\n");
    }
    if (crypto_pwhash_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) != -1 ||
        crypto_pwhash_argon2id_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) != -1) {
        printf("needs_rehash() didn't fail with an invalid hash string\n");
    }
    if (sodium_is_zero((const unsigned char *) str_out + strlen(str_out),
                       crypto_pwhash_STRBYTES - strlen(str_out)) != 1 ||
        sodium_is_zero((const unsigned char *) str_out2 + strlen(str_out2),
                       crypto_pwhash_STRBYTES - strlen(str_out2)) != 1) {
        printf("pwhash_argon2id_str() doesn't properly pad with zeros\n");
    }
    if (crypto_pwhash_argon2id_str_verify(str_out, passwd, strlen(passwd)) != 0) {
        printf("pwhash_argon2id_str_verify(1) failure\n");
    }
    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != 0) {
        printf("pwhash_str_verify(1') failure\n");
    }
    str_out[14]++;
    if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != -1) {
        printf("pwhash_argon2id_str_verify(2) failure\n");
    }
    str_out[14]--;
    assert(str_out[crypto_pwhash_argon2id_STRBYTES - 1U] == 0);

    if (crypto_pwhash_str(str_out2, passwd, 0x100000000ULL, OPSLIMIT,
                          MEMLIMIT) != -1) {
        printf("pwhash_str() with a large password should have failed\n");
    }
    if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), 1, MEMLIMIT) != 0) {
        printf("pwhash_str() with a small opslimit should not have failed\n");
    }
    if (crypto_pwhash_str(str_out2, passwd, strlen(passwd), 0, MEMLIMIT) != -1) {
        printf("pwhash_argon2id_str() with a null opslimit should have failed\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1c29tZXNhbHQ"
                                 "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
                                 "password", 0x100000000ULL) != -1) {
        printf("pwhash_str_verify(invalid(0)) failure\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1c29tZXNhbHQ"
                                 "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
                                 "password", strlen("password")) != -1) {
        printf("pwhash_str_verify(invalid(1)) failure %d\n", errno);
    }
    if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1$c29tZXNhbHQ"
                                 "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
                                 "password", strlen("password")) != -1) {
        printf("pwhash_str_verify(invalid(2)) failure\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$m=65536,t=2,p=1$c29tZXNhbHQ"
                                 "$b2G3seW+uPzerwQQC+/E1K50CLLO7YXy0JRcaTuswRo",
                                 "password", strlen("password")) != -1) {
        printf("pwhash_str_verify(invalid(3)) failure\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$v=19$m=65536,t=2,p=1c29tZXNhbHQ"
                                 "$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
                                 "password", strlen("password")) != -1) {
        printf("pwhash_str_verify(invalid(4)) failure\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
                                 "wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
                                 "password", strlen("password")) != -1) {
        printf("pwhash_str_verify(invalid(5)) failure\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
                                 "$8iIuixkI73Js3G1uMbezQXD0b8LG4SXGsOwoQkdAQIM",
                                 "password", strlen("password")) != -1) {
        printf("pwhash_str_verify(invalid(6)) failure\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
                                 "$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
                                 "password", strlen("password")) != 0) {
        printf("pwhash_str_verify(valid(7)) failure\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
                                 "$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
                                 "passwore", strlen("passwore")) != -1 || errno != EINVAL) {
        printf("pwhash_str_verify(invalid(7)) failure\n");
    }
    if (crypto_pwhash_str_verify("$Argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
                                 "$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
                                 "password", strlen("password")) != -1 || errno != EINVAL) {
        printf("pwhash_str_verify(invalid(8)) failure\n");
    }
    if (crypto_pwhash_str_verify("$argon2id$v=19$m=256,t=3,p=2$MDEyMzQ1Njc"
                                 "$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
                                 "password", strlen("password")) != -1 || errno != EINVAL) {
        printf("pwhash_str_verify(invalid(9)) failure\n");
    }
    assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT,
                                 crypto_pwhash_ALG_ARGON2ID13) == 0);
    assert(crypto_pwhash_argon2id_str_verify(str_out, "test", 4) == 0);
    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
                                                   OPSLIMIT, MEMLIMIT) == 0);
    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
                                                   OPSLIMIT / 2, MEMLIMIT) == 1);
    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out,
                                                   OPSLIMIT, MEMLIMIT / 2) == 1);
    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == 1);
    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == -1);
    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out + 1,
                                                   OPSLIMIT, MEMLIMIT) == -1);
    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == -1);
    assert(crypto_pwhash_argon2i_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1);
    assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT,
                                 crypto_pwhash_ALG_ARGON2I13) == 0);
    assert(crypto_pwhash_argon2i_str_verify(str_out, "test", 4) == 0);
    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
                                                  OPSLIMIT, MEMLIMIT) == 0);
    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
                                                  OPSLIMIT / 2, MEMLIMIT) == 1);
    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out,
                                                  OPSLIMIT, MEMLIMIT / 2) == 1);
    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == 1);
    assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == -1);
    assert(crypto_pwhash_argon2i_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1);
    assert(crypto_pwhash_argon2i_str_needs_rehash(str_out + 1,
                                                  OPSLIMIT, MEMLIMIT) == -1);
    sodium_free(salt);
    sodium_free(str_out);
    sodium_free(str_out2);
}
示例#3
0
static char *best_crypt(const char * const pwd,
                        const unsigned long max_concurrent_logins,
                        const unsigned long long max_auth_memory)
{
#if defined(crypto_pwhash_STRBYTES) || defined(crypto_pwhash_scryptsalsa208sha256_STRBYTES)
# ifndef crypto_pwhash_STRBYTES
#  define crypto_pwhash_STRBYTES crypto_pwhash_scryptsalsa208sha256_STRBYTES
#  define crypto_pwhash_str crypto_pwhash_scryptsalsa208sha256_str
# endif
    static char hash[crypto_pwhash_STRBYTES];
    struct timeval tv_start, tv_now;
    struct timezone tz;
    unsigned long long probe_ops = MIN_AUTH_OPS;
    unsigned long long ops = 0ULL;
    unsigned long long auth_memory =
        max_auth_memory / (unsigned long long) max_concurrent_logins;
    unsigned long long elapsed;
    unsigned long long auth_time_ms = DEFAULT_AUTH_TIME_MS;

    if (max_concurrent_logins > AUTH_CORES) {
        auth_time_ms /= (unsigned long long) max_concurrent_logins / AUTH_CORES;
    }
    if (auth_time_ms < MIN_AUTH_TIME_MS) {
        auth_time_ms = MIN_AUTH_TIME_MS;
    }
    if (auth_memory < MIN_AUTH_MEMORY) {
        auth_memory = MIN_AUTH_MEMORY;
    }
    gettimeofday(&tv_start, &tz);
    for (;;) {
        if (crypto_pwhash_str(hash, pwd, strlen(pwd),
                              probe_ops, auth_memory) != 0) {
            no_mem();
        }
        ops += probe_ops;
        probe_ops *= 2;
        gettimeofday(&tv_now, &tz);
        elapsed = (tv_now.tv_sec * 1000ULL + tv_now.tv_usec / 1000ULL) -
            (tv_start.tv_sec * 1000ULL + tv_start.tv_usec / 1000ULL);
        if (elapsed >= auth_time_ms) {
            break;
        }
    }
    if (ops < MIN_AUTH_OPS) {
        ops = MIN_AUTH_OPS;
    }
    if (crypto_pwhash_str(hash, pwd, strlen(pwd), ops, auth_memory) != 0) {
        no_mem();
    }
    return hash;
#else
    static const char crcars[64] =
        "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
    const char *crypted;

    if ((crypted = (const char *)      /* bcrypt */
         crypt("test", "$2a$08$1234567890123456789012")) != NULL &&
        strcmp(crypted,
               "$2a$08$123456789012345678901uBdmsfIXjJcWQwz1wT/IZrWhimJ6xy6a")
        == 0) {
        char salt[] = "$2a$10$0000000000000000000000";
        int c = 28;

        do {
            c--;
            salt[c] = crcars[alt_arc4random() & 63];
        } while (c > 7);

        return (char *) crypt(pwd, salt);
    } else if ((crypted = (const char *)    /* SHA-512 */
                crypt("test", "$6$1234567890123456$")) != NULL &&
               strcmp(crypted,
                      "$6$1234567890123456$d.pgKQFaiD8bRiExg5NesbGR/"
                      "3u51YvxeYaQXPzx4C6oSYREw8VoReiuYZjx0V9OhGVTZF"
                      "qhc6emAxT1RC5BV.") == 0) {
        char salt[] = "$6$0000000000000000";
        int c = 18;

        do {
            c--;
            salt[c] = crcars[alt_arc4random() & 63];
        } while (c > 3);

        return (char *) crypt(pwd, salt);
    } else if ((crypted = (const char *)    /* MD5 */
                crypt("test", "$1$12345678$")) != NULL &&
               strcmp(crypted, "$1$12345678$oEitTZYQtRHfNGmsFvTBA/") == 0) {
        char salt[] = "$1$00000000";
        int c = 10;

        do {
            c--;
            salt[c] = crcars[alt_arc4random() & 63];
        } while (c > 3);

        return (char *) crypt(pwd, salt);
    } else {
        fprintf(stderr, "No useable password hashing function found\n"
               "Please install libsodium (https://libsodium.org) and recompile pure-ftpd.\n");
        exit(EXIT_FAILURE);
    }
#endif
}