* [PATCH] crypt_blowfish: support $2b$ prefix
@ 2017-01-09 18:09 Julien Ramseier
2017-01-12 4:14 ` Rich Felker
0 siblings, 1 reply; 3+ messages in thread
From: Julien Ramseier @ 2017-01-09 18:09 UTC (permalink / raw)
To: musl
[-- Attachment #1: Type: text/plain, Size: 252 bytes --]
Merge changes from Solar Designer's crypt_blowfish v1.3 [1].
This makes crypt_blowfish fully compatible with OpenBSD's bcrypt
by adding support for the $2b$ prefix (which behaves the same as
crypt_blowfish's $2y$).
[1] http://www.openwall.com/crypt/
[-- Attachment #2: crypt_blowfish-1.3.patch --]
[-- Type: application/octet-stream, Size: 3924 bytes --]
diff --git a/src/crypt/crypt_blowfish.c b/src/crypt/crypt_blowfish.c
index d3f7985..9eb2a73 100644
--- a/src/crypt/crypt_blowfish.c
+++ b/src/crypt/crypt_blowfish.c
@@ -15,7 +15,7 @@
* No copyright is claimed, and the software is hereby placed in the public
* domain. In case this attempt to disclaim copyright and place the software
* in the public domain is deemed null and void, then the software is
- * Copyright (c) 1998-2012 Solar Designer and it is hereby released to the
+ * Copyright (c) 1998-2014 Solar Designer and it is hereby released to the
* general public under the following terms:
*
* Redistribution and use in source and binary forms, with or without
@@ -31,12 +31,12 @@
* you place this code and any modifications you make under a license
* of your choice.
*
- * This implementation is mostly compatible with OpenBSD's bcrypt.c (prefix
- * "$2a$") by Niels Provos <provos at citi.umich.edu>, and uses some of his
- * ideas. The password hashing algorithm was designed by David Mazieres
- * <dm at lcs.mit.edu>. For more information on the level of compatibility,
- * please refer to the comments in BF_set_key() below and to the included
- * crypt(3) man page.
+ * This implementation is fully compatible with OpenBSD's bcrypt.c for prefix
+ * "$2b$", originally by Niels Provos <provos at citi.umich.edu>, and it uses
+ * some of his ideas. The password hashing algorithm was designed by David
+ * Mazieres <dm at lcs.mit.edu>. For information on the level of
+ * compatibility for bcrypt hash prefixes other than "$2b$", please refer to
+ * the comments in BF_set_key() below and to the included crypt(3) man page.
*
* There's a paper on the algorithm that explains its design decisions:
*
@@ -533,6 +533,7 @@ static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
* Valid combinations of settings are:
*
* Prefix "$2a$": bug = 0, safety = 0x10000
+ * Prefix "$2b$": bug = 0, safety = 0
* Prefix "$2x$": bug = 1, safety = 0
* Prefix "$2y$": bug = 0, safety = 0
*/
@@ -596,12 +597,14 @@ static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
initial[0] ^= sign;
}
+static const unsigned char flags_by_subtype[26] = {
+ 2, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0
+};
+
static char *BF_crypt(const char *key, const char *setting,
char *output, BF_word min)
{
- static const unsigned char flags_by_subtype[26] =
- {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
struct {
BF_ctx ctx;
BF_key expanded_key;
@@ -746,9 +749,11 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
{
const char *test_key = "8b \xd0\xc1\xd2\xcf\xcc\xd8";
const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu";
- static const char test_hash[2][34] =
- {"VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* $2x$ */
- "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2y$ */
+ static const char *const test_hashes[2] = {
+ "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55", /* 'a', 'b', 'y' */
+ "VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* 'x' */
+ };
+ const char *test_hash = test_hashes[0];
char *retval;
const char *p;
int ok;
@@ -768,8 +773,11 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
* detected by the self-test.
*/
memcpy(buf.s, test_setting, sizeof(buf.s));
- if (retval)
+ if (retval) {
+ unsigned int flags = flags_by_subtype[setting[2] - 'a'];
+ test_hash = test_hashes[flags & 1];
buf.s[2] = setting[2];
+ }
memset(buf.o, 0x55, sizeof(buf.o));
buf.o[sizeof(buf.o) - 1] = 0;
p = BF_crypt(test_key, buf.s, buf.o, 1);
@@ -777,7 +785,7 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
ok = (p == buf.o &&
!memcmp(p, buf.s, 7 + 22) &&
!memcmp(p + (7 + 22),
- test_hash[buf.s[2] & 1],
+ test_hash,
31 + 1 + 1 + 1));
{
[-- Attachment #3: Type: text/plain, Size: 2 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] crypt_blowfish: support $2b$ prefix
2017-01-09 18:09 [PATCH] crypt_blowfish: support $2b$ prefix Julien Ramseier
@ 2017-01-12 4:14 ` Rich Felker
2017-01-12 14:06 ` Julien Ramseier
0 siblings, 1 reply; 3+ messages in thread
From: Rich Felker @ 2017-01-12 4:14 UTC (permalink / raw)
To: musl
On Mon, Jan 09, 2017 at 07:09:13PM +0100, Julien Ramseier wrote:
> Merge changes from Solar Designer's crypt_blowfish v1.3 [1].
> This makes crypt_blowfish fully compatible with OpenBSD's bcrypt
> by adding support for the $2b$ prefix (which behaves the same as
> crypt_blowfish's $2y$).
>
> [1] http://www.openwall.com/crypt/
>
Concept is good; some feedback below:
> diff --git a/src/crypt/crypt_blowfish.c b/src/crypt/crypt_blowfish.c
> index d3f7985..9eb2a73 100644
> --- a/src/crypt/crypt_blowfish.c
> +++ b/src/crypt/crypt_blowfish.c
> @@ -15,7 +15,7 @@
> * No copyright is claimed, and the software is hereby placed in the public
> * domain. In case this attempt to disclaim copyright and place the software
> * in the public domain is deemed null and void, then the software is
> - * Copyright (c) 1998-2012 Solar Designer and it is hereby released to the
> + * Copyright (c) 1998-2014 Solar Designer and it is hereby released to the
> * general public under the following terms:
> *
> * Redistribution and use in source and binary forms, with or without
> @@ -31,12 +31,12 @@
> * you place this code and any modifications you make under a license
> * of your choice.
> *
> - * This implementation is mostly compatible with OpenBSD's bcrypt.c (prefix
> - * "$2a$") by Niels Provos <provos at citi.umich.edu>, and uses some of his
> - * ideas. The password hashing algorithm was designed by David Mazieres
> - * <dm at lcs.mit.edu>. For more information on the level of compatibility,
> - * please refer to the comments in BF_set_key() below and to the included
> - * crypt(3) man page.
> + * This implementation is fully compatible with OpenBSD's bcrypt.c for prefix
> + * "$2b$", originally by Niels Provos <provos at citi.umich.edu>, and it uses
> + * some of his ideas. The password hashing algorithm was designed by David
> + * Mazieres <dm at lcs.mit.edu>. For information on the level of
> + * compatibility for bcrypt hash prefixes other than "$2b$", please refer to
> + * the comments in BF_set_key() below and to the included crypt(3) man page.
> *
> * There's a paper on the algorithm that explains its design decisions:
> *
> @@ -533,6 +533,7 @@ static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
> * Valid combinations of settings are:
> *
> * Prefix "$2a$": bug = 0, safety = 0x10000
> + * Prefix "$2b$": bug = 0, safety = 0
> * Prefix "$2x$": bug = 1, safety = 0
> * Prefix "$2y$": bug = 0, safety = 0
> */
> @@ -596,12 +597,14 @@ static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
> initial[0] ^= sign;
> }
>
> +static const unsigned char flags_by_subtype[26] = {
> + 2, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
> + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0
> +};
> +
> static char *BF_crypt(const char *key, const char *setting,
> char *output, BF_word min)
> {
> - static const unsigned char flags_by_subtype[26] =
> - {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
> - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
> struct {
> BF_ctx ctx;
> BF_key expanded_key;
> @@ -746,9 +749,11 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
> {
> const char *test_key = "8b \xd0\xc1\xd2\xcf\xcc\xd8";
> const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu";
> - static const char test_hash[2][34] =
> - {"VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* $2x$ */
> - "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2y$ */
> + static const char *const test_hashes[2] = {
> + "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55", /* 'a', 'b', 'y' */
> + "VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* 'x' */
> + };
> + const char *test_hash = test_hashes[0];
Use of a 2d array rather than array of pointers is intentional. It
allows everything to be in read-only shared memory in
position-independent code (libc.so or static-pie).
> char *retval;
> const char *p;
> int ok;
> @@ -768,8 +773,11 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
> * detected by the self-test.
> */
> memcpy(buf.s, test_setting, sizeof(buf.s));
> - if (retval)
> + if (retval) {
> + unsigned int flags = flags_by_subtype[setting[2] - 'a'];
> + test_hash = test_hashes[flags & 1];
> buf.s[2] = setting[2];
> + }
> memset(buf.o, 0x55, sizeof(buf.o));
> buf.o[sizeof(buf.o) - 1] = 0;
> p = BF_crypt(test_key, buf.s, buf.o, 1);
> @@ -777,7 +785,7 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
> ok = (p == buf.o &&
> !memcmp(p, buf.s, 7 + 22) &&
> !memcmp(p + (7 + 22),
> - test_hash[buf.s[2] & 1],
> + test_hash,
> 31 + 1 + 1 + 1));
>
> {
Is there any concrete improvement being made here?
Rich
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] crypt_blowfish: support $2b$ prefix
2017-01-12 4:14 ` Rich Felker
@ 2017-01-12 14:06 ` Julien Ramseier
0 siblings, 0 replies; 3+ messages in thread
From: Julien Ramseier @ 2017-01-12 14:06 UTC (permalink / raw)
To: musl
[-- Attachment #1: Type: text/plain, Size: 1962 bytes --]
> Le 12 janv. 2017 à 05:14, Rich Felker <dalias@libc.org> a écrit :
>
>>
>> @@ -746,9 +749,11 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
>> {
>> const char *test_key = "8b \xd0\xc1\xd2\xcf\xcc\xd8";
>> const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu";
>> - static const char test_hash[2][34] =
>> - {"VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* $2x$ */
>> - "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2y$ */
>> + static const char *const test_hashes[2] = {
>> + "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55", /* 'a', 'b', 'y' */
>> + "VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* 'x' */
>> + };
>> + const char *test_hash = test_hashes[0];
>
> Use of a 2d array rather than array of pointers is intentional. It
> allows everything to be in read-only shared memory in
> position-independent code (libc.so or static-pie).
>
>> char *retval;
>> const char *p;
>> int ok;
>> @@ -768,8 +773,11 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
>> * detected by the self-test.
>> */
>> memcpy(buf.s, test_setting, sizeof(buf.s));
>> - if (retval)
>> + if (retval) {
>> + unsigned int flags = flags_by_subtype[setting[2] - 'a'];
>> + test_hash = test_hashes[flags & 1];
>> buf.s[2] = setting[2];
>> + }
>> memset(buf.o, 0x55, sizeof(buf.o));
>> buf.o[sizeof(buf.o) - 1] = 0;
>> p = BF_crypt(test_key, buf.s, buf.o, 1);
>> @@ -777,7 +785,7 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
>> ok = (p == buf.o &&
>> !memcmp(p, buf.s, 7 + 22) &&
>> !memcmp(p + (7 + 22),
>> - test_hash[buf.s[2] & 1],
>> + test_hash,
>> 31 + 1 + 1 + 1));
>>
>> {
>
> Is there any concrete improvement being made here?
>
No improvements per se, but needed to select the correct test hash when using
the 'b' setting.
Here's v2 patch which now uses a 2D array as you suggested.
[-- Attachment #2: crypt_blowfish-V2.patch --]
[-- Type: application/octet-stream, Size: 3919 bytes --]
diff --git a/src/crypt/crypt_blowfish.c b/src/crypt/crypt_blowfish.c
index d3f7985..9eb2a73 100644
--- a/src/crypt/crypt_blowfish.c
+++ b/src/crypt/crypt_blowfish.c
@@ -15,7 +15,7 @@
* No copyright is claimed, and the software is hereby placed in the public
* domain. In case this attempt to disclaim copyright and place the software
* in the public domain is deemed null and void, then the software is
- * Copyright (c) 1998-2012 Solar Designer and it is hereby released to the
+ * Copyright (c) 1998-2014 Solar Designer and it is hereby released to the
* general public under the following terms:
*
* Redistribution and use in source and binary forms, with or without
@@ -31,12 +31,12 @@
* you place this code and any modifications you make under a license
* of your choice.
*
- * This implementation is mostly compatible with OpenBSD's bcrypt.c (prefix
- * "$2a$") by Niels Provos <provos at citi.umich.edu>, and uses some of his
- * ideas. The password hashing algorithm was designed by David Mazieres
- * <dm at lcs.mit.edu>. For more information on the level of compatibility,
- * please refer to the comments in BF_set_key() below and to the included
- * crypt(3) man page.
+ * This implementation is fully compatible with OpenBSD's bcrypt.c for prefix
+ * "$2b$", originally by Niels Provos <provos at citi.umich.edu>, and it uses
+ * some of his ideas. The password hashing algorithm was designed by David
+ * Mazieres <dm at lcs.mit.edu>. For information on the level of
+ * compatibility for bcrypt hash prefixes other than "$2b$", please refer to
+ * the comments in BF_set_key() below and to the included crypt(3) man page.
*
* There's a paper on the algorithm that explains its design decisions:
*
@@ -533,6 +533,7 @@ static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
* Valid combinations of settings are:
*
* Prefix "$2a$": bug = 0, safety = 0x10000
+ * Prefix "$2b$": bug = 0, safety = 0
* Prefix "$2x$": bug = 1, safety = 0
* Prefix "$2y$": bug = 0, safety = 0
*/
@@ -596,12 +597,14 @@ static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
initial[0] ^= sign;
}
+static const unsigned char flags_by_subtype[26] = {
+ 2, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0
+};
+
static char *BF_crypt(const char *key, const char *setting,
char *output, BF_word min)
{
- static const unsigned char flags_by_subtype[26] =
- {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
struct {
BF_ctx ctx;
BF_key expanded_key;
@@ -746,9 +749,11 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
{
const char *test_key = "8b \xd0\xc1\xd2\xcf\xcc\xd8";
const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu";
- static const char test_hash[2][34] =
- {"VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* $2x$ */
- "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2y$ */
+ static const char test_hashes[2][34] = {
+ "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55", /* 'a', 'b', 'y' */
+ "VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* 'x' */
+ };
+ const char *test_hash = test_hashes[0];
char *retval;
const char *p;
int ok;
@@ -768,8 +773,11 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
* detected by the self-test.
*/
memcpy(buf.s, test_setting, sizeof(buf.s));
- if (retval)
+ if (retval) {
+ unsigned int flags = flags_by_subtype[setting[2] - 'a'];
+ test_hash = test_hashes[flags & 1];
buf.s[2] = setting[2];
+ }
memset(buf.o, 0x55, sizeof(buf.o));
buf.o[sizeof(buf.o) - 1] = 0;
p = BF_crypt(test_key, buf.s, buf.o, 1);
@@ -777,7 +785,7 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
ok = (p == buf.o &&
!memcmp(p, buf.s, 7 + 22) &&
!memcmp(p + (7 + 22),
- test_hash[buf.s[2] & 1],
+ test_hash,
31 + 1 + 1 + 1));
{
[-- Attachment #3: Type: text/plain, Size: 2 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-01-12 14:06 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-01-09 18:09 [PATCH] crypt_blowfish: support $2b$ prefix Julien Ramseier
2017-01-12 4:14 ` Rich Felker
2017-01-12 14:06 ` Julien Ramseier
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).