diff options
| author | Mattias Andrée <m@maandree.se> | 2026-05-21 21:32:38 +0200 |
|---|---|---|
| committer | Mattias Andrée <m@maandree.se> | 2026-05-21 21:32:38 +0200 |
| commit | aff22d5d2f207a6b57f7f1a2b29a9b69f82e2fd7 (patch) | |
| tree | 69fdf92fea4d6a43a7f01b44ab4a7e56b9516abe | |
| parent | Add more tests and fix a bug and and typo (diff) | |
| download | librecrypt-1.1.tar.gz librecrypt-1.1.tar.bz2 librecrypt-1.1.tar.xz | |
Signed-off-by: Mattias Andrée <m@maandree.se>
Diffstat (limited to '')
| -rw-r--r-- | argon2/hash.c | 8 | ||||
| -rw-r--r-- | librecrypt_crypt.c | 93 | ||||
| -rw-r--r-- | librecrypt_hash.c | 96 | ||||
| -rw-r--r-- | librecrypt_hash_.c | 313 | ||||
| -rw-r--r-- | librecrypt_hash_binary.c | 74 | ||||
| -rw-r--r-- | librecrypt_settings_prefix.c | 10 | ||||
| -rw-r--r-- | librecrypt_verify.c | 62 |
7 files changed, 526 insertions, 130 deletions
diff --git a/argon2/hash.c b/argon2/hash.c index 5d56479..c964455 100644 --- a/argon2/hash.c +++ b/argon2/hash.c @@ -202,8 +202,10 @@ librecrypt__argon2__hash(char *restrict out_buffer, size_t size, const char *phr algo_v10 = LIBRECRYPT_ARGON2DS_V1_0; algo_v13 = LIBRECRYPT_ARGON2DS_V1_3; break; + /* $covered{$ (impossible) */ default: - abort(); /* $covered$ (impossible) */ + abort(); + /* $covered}$ */ } switch (params.version) { case LIBAR2_ARGON2_VERSION_10: @@ -212,8 +214,10 @@ librecrypt__argon2__hash(char *restrict out_buffer, size_t size, const char *phr case LIBAR2_ARGON2_VERSION_13: algo = algo_v13; break; + /* $covered{$ (impossible) */ default: - abort(); /* $covered$ (impossible) */ + abort(); + /* $covered}$ */ } pepper = librecrypt_get_pepper_(ctx, algo, 0u); no_pepper: diff --git a/librecrypt_crypt.c b/librecrypt_crypt.c index af46520..21e6e32 100644 --- a/librecrypt_crypt.c +++ b/librecrypt_crypt.c @@ -14,9 +14,17 @@ librecrypt_crypt(char *restrict out_buffer, size_t size, const char *phrase, #else +#define SP4 " " +#define SP20 SP4 SP4 SP4 SP4 SP4 +#define SP80 SP20 SP20 SP20 SP20 +#define SP84 SP80 SP4 + +#define GET_ARGON2_SCRATCH_SIZE(HASHLEN) ((HASHLEN) > 64u ? ((HASHLEN) + 63u) & ~31u : (HASHLEN)) + + static void check(const char *phrase, const char *settings, const char *chain, size_t chain_prefix, const char *hash, - size_t hash_prefix, size_t scratchsize) + size_t hash_prefix, size_t scratchsize, LIBRECRYPT_CONTEXT *ctx) { size_t hashlen = strlen(hash); size_t len = strlen(phrase); @@ -28,45 +36,45 @@ check(const char *phrase, const char *settings, const char *chain, size_t chain_ assert(hashlen <= sizeof(buf)); CANARY_FILL(buf); - EXPECT(librecrypt_crypt(buf, sizeof(buf), phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_crypt(buf, sizeof(buf), phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(hash, buf, hashlen + 1u)); CANARY_X_CHECK(buf, hashlen + 1u, scratchsize); CANARY_FILL(buf); - EXPECT(librecrypt_crypt(buf, hashlen + 1u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_crypt(buf, hashlen + 1u, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(hash, buf, hashlen + 1u)); CANARY_X_CHECK(buf, hashlen + 1u, scratchsize); CANARY_FILL(buf); - EXPECT(librecrypt_crypt(buf, hashlen, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_crypt(buf, hashlen, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(hash, buf, hashlen - 1u)); EXPECT(!buf[hashlen - 1u]); CANARY_X_CHECK(buf, hashlen, scratchsize); CANARY_FILL(buf); - EXPECT(librecrypt_crypt(buf, 2u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_crypt(buf, 2u, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(hash, buf, 1u)); EXPECT(!buf[1u]); CANARY_X_CHECK(buf, 2u, 2u); CANARY_FILL(buf); - EXPECT(librecrypt_crypt(buf, 1u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_crypt(buf, 1u, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!buf[0u]); CANARY_X_CHECK(buf, 1u, 1u); - EXPECT(librecrypt_crypt(buf, 0u, phrase, len, settings, NULL) == (ssize_t)hashlen); - EXPECT(librecrypt_crypt(NULL, 0u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_crypt(buf, 0u, phrase, len, settings, ctx) == (ssize_t)hashlen); + EXPECT(librecrypt_crypt(NULL, 0u, phrase, len, settings, ctx) == (ssize_t)hashlen); - lut = librecrypt_get_encoding(settings, strlen(settings), &pad, &strict_pad, 1, NULL); + lut = librecrypt_get_encoding(settings, strlen(settings), &pad, &strict_pad, 1, ctx); assert(lut); r = librecrypt_decode(expected, sizeof(expected), &hash[hash_prefix], hashlen - hash_prefix, lut, pad, strict_pad); assert(r > 0 && (size_t)r <= sizeof(expected)); CANARY_FILL(buf); CANARY_FILL(buf2); - EXPECT(librecrypt_crypt(buf, sizeof(buf), expected, (size_t)r, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_crypt(buf, sizeof(buf), expected, (size_t)r, settings, ctx) == (ssize_t)hashlen); errno = 0; - EXPECT(librecrypt_crypt(buf2, sizeof(buf2), phrase, len, chain, NULL) == (ssize_t)(hashlen - hash_prefix + chain_prefix)); + EXPECT(librecrypt_crypt(buf2, sizeof(buf2), phrase, len, chain, ctx) == (ssize_t)(hashlen - hash_prefix + chain_prefix)); EXPECT(!memcmp(buf2, chain, chain_prefix)); EXPECT(!memcmp(&buf[hash_prefix], &buf2[chain_prefix], hashlen - hash_prefix + 1u)); CANARY_X_CHECK(buf, hashlen, scratchsize); @@ -78,12 +86,14 @@ check(const char *phrase, const char *settings, const char *chain, size_t chain_ do {\ size_t scratchsize = GET_SCRATCH_SIZE(HASHLEN);\ check(PHRASE, CONF HASH, CONF "*" #HASHLEN ">" CONF HASH,\ - sizeof(CONF "*" #HASHLEN ">" CONF) - 1u, CONF HASH, sizeof(CONF) - 1u, scratchsize);\ + sizeof(CONF "*" #HASHLEN ">" CONF) - 1u, CONF HASH,\ + sizeof(CONF) - 1u, scratchsize, ctx);\ check(PHRASE, CONF "*" #HASHLEN, CONF "*" #HASHLEN ">" CONF "*" #HASHLEN,\ - sizeof(CONF "*" #HASHLEN ">" CONF) - 1u, CONF HASH, sizeof(CONF) - 1u, scratchsize);\ + sizeof(CONF "*" #HASHLEN ">" CONF) - 1u, CONF HASH,\ + sizeof(CONF) - 1u, scratchsize, ctx);\ if (IS_DEFAULT_HASHLEN) {\ check(PHRASE, CONF, CONF ">" CONF, sizeof(CONF ">" CONF) - 1u,\ - CONF HASH, sizeof(CONF) - 1u, scratchsize);\ + CONF HASH, sizeof(CONF) - 1u, scratchsize, ctx);\ }\ } while (0) @@ -91,7 +101,7 @@ check(const char *phrase, const char *settings, const char *chain, size_t chain_ #define CHECK_BAD(ALGO)\ do {\ errno = 0;\ - EXPECT(librecrypt_crypt(NULL, 0u, NULL, 0u, ALGO"m=0,t=999999999999999999,p=0$AAAABBBB$*0", NULL) == -1);\ + EXPECT(librecrypt_crypt(NULL, 0u, NULL, 0u, ALGO"m=0,t=999999999999999999,p=0$AAAABBBB$*0", ctx) == -1);\ EXPECT(errno == EINVAL);\ } while (0) @@ -99,7 +109,8 @@ check(const char *phrase, const char *settings, const char *chain, size_t chain_ int main(void) { - char buf[1024], buf2[1024], conf[256]; + char buf[1024], buf2[1024], conf[256], nuls[256]; + LIBRECRYPT_CONTEXT *ctx = NULL; ssize_t r; SET_UP_ALARM(); @@ -110,12 +121,12 @@ main(void) libtest_getrandom_error = ENOSYS; #endif -#define GET_SCRATCH_SIZE(HASHLEN) ((HASHLEN) > 64u ? ((HASHLEN) + 63u) & ~31u : (HASHLEN)) +#define GET_SCRATCH_SIZE(HASHLEN) GET_ARGON2_SCRATCH_SIZE(HASHLEN) #if defined(SUPPORT_ARGON2I) r = snprintf(conf, sizeof(conf), "$argon2i$m=256,t=8,p=1$AAAABBBBCCCC$*%zu", SIZE_MAX / 4u * 3u + 3u); assert(r > 0 && (size_t)r < sizeof(conf)); errno = 0; - EXPECT(librecrypt_crypt(NULL, 0u, NULL, 0u, conf, NULL) == -1); + EXPECT(librecrypt_crypt(NULL, 0u, NULL, 0u, conf, ctx) == -1); # if SIZE_MAX > UINT32_MAX EXPECT(errno == EINVAL); # else @@ -123,7 +134,7 @@ main(void) if (libtest_have_custom_malloc()) { libtest_pretend_allocation_successful = 1; errno = 0; - EXPECT(librecrypt_crypt(buf, sizeof(buf), NULL, 0u, conf, NULL) == -1); + EXPECT(librecrypt_crypt(buf, sizeof(buf), NULL, 0u, conf, ctx) == -1); libtest_pretend_allocation_successful = 0; EXPECT(errno == EOVERFLOW); } @@ -133,7 +144,7 @@ main(void) r = snprintf(conf, sizeof(conf), "$argon2i$m=256,t=8,p=1$AAAABBBBCCCC$*%zu", (SIZE_MAX / 4u * 3u) / 2u); assert(r > 0 && (size_t)r < sizeof(conf)); errno = 0; - EXPECT(librecrypt_crypt(NULL, 0u, NULL, 0u, conf, NULL) == -1); + EXPECT(librecrypt_crypt(NULL, 0u, NULL, 0u, conf, ctx) == -1); EXPECT(errno == EOVERFLOW); # endif @@ -141,7 +152,7 @@ main(void) r = snprintf(conf, sizeof(conf), "$argon2i$m=256,t=8,p=1$AAAABBBBCCCC$*%zu", SIZE_MAX / 4u * 3u); assert(r > 0 && (size_t)r < sizeof(conf)); errno = 0; - EXPECT(librecrypt_crypt(NULL, 0u, NULL, 0u, conf, NULL) == -1); + EXPECT(librecrypt_crypt(NULL, 0u, NULL, 0u, conf, ctx) == -1); EXPECT(errno == EOVERFLOW); # endif @@ -175,7 +186,7 @@ main(void) libtest_random_pattern_length = 4u; libtest_random_pattern_offset = 0u; CANARY_FILL(buf); - r = librecrypt_crypt(buf, sizeof(buf), "", 0u, "$argon2id$v=19$m=8,t=1,p=1$*18$*33", NULL); + r = librecrypt_crypt(buf, sizeof(buf), "", 0u, "$argon2id$v=19$m=8,t=1,p=1$*18$*33", ctx); libtest_random_pattern = NULL; libtest_random_pattern_length = 0u; libtest_random_pattern_offset = 0u; @@ -185,7 +196,7 @@ main(void) EXPECT((size_t)r == sizeof("$argon2id$v=19$m=8,t=1,p=1$$") - 1u + 24u + 44u); EXPECT(!buf[r]); CANARY_FILL(buf2); - EXPECT(librecrypt_crypt(buf2, sizeof(buf2), "", 0u, buf, NULL) == r); + EXPECT(librecrypt_crypt(buf2, sizeof(buf2), "", 0u, buf, ctx) == r); EXPECT(!memcmp(buf, buf2, (size_t)r + 1u)); EXPECT(!memcmp(buf, "$argon2id$v=19$m=8,t=1,p=1$ABCDABCDABCDABCDABCDABCD$", sizeof("$argon2id$v=19$m=8,t=1,p=1$ABCDABCDABCDABCDABCDABCD$") - 1u)); @@ -198,7 +209,7 @@ main(void) libtest_random_pattern_offset = 0u; CANARY_FILL(buf); r = librecrypt_crypt(buf, sizeof(buf), "", 0u, "$argon2id$v=19$m=8,t=1,p=1$*18$*33>" - "$argon2id$v=19$m=8,t=1,p=1$*18$*33", NULL); + "$argon2id$v=19$m=8,t=1,p=1$*18$*33", ctx); libtest_random_pattern = NULL; libtest_random_pattern_length = 0u; libtest_random_pattern_offset = 0u; @@ -208,7 +219,7 @@ main(void) EXPECT((size_t)r == sizeof("$argon2id$v=19$m=8,t=1,p=1$$*33>$argon2id$v=19$m=8,t=1,p=1$$") - 1u + 2u * 24u + 44u); EXPECT(!buf[r]); CANARY_FILL(buf2); - EXPECT(librecrypt_crypt(buf2, sizeof(buf2), "", 0u, buf, NULL) == r); + EXPECT(librecrypt_crypt(buf2, sizeof(buf2), "", 0u, buf, ctx) == r); EXPECT(!memcmp(buf, buf2, (size_t)r + 1u)); EXPECT(!memcmp(buf, "$argon2id$v=19$m=8,t=1,p=1$ABCDABCDABCDABCDABCDABCD$*33>" "$argon2id$v=19$m=8,t=1,p=1$ABCDABCDABCDABCDABCDABCD$", @@ -224,6 +235,38 @@ main(void) libtest_getrandom_error = 0; #endif + ctx = librecrypt_create_context(); + assert(ctx != NULL); + memset(nuls, 0, sizeof(nuls)); + +#if defined(SUPPORT_ARGON2I) +# define GET_SCRATCH_SIZE(HASHLEN) GET_ARGON2_SCRATCH_SIZE(HASHLEN) + assert(sizeof(nuls) >= 4u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 4u) == 0); + CHECK(" ", "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "Mhl4o3AkJuA"); + CHECK(SP84, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "+hlEcRn+F3s"); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "z2d6ce8UqS0"); + + assert(sizeof(nuls) >= 140u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 140u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "15FAGe1KIX8"); + + assert(sizeof(nuls) >= 160u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 160u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "oH3H5atuca8"); + + assert(sizeof(nuls) >= 128u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 128u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "TsimqI1YC08"); + + assert(sizeof(nuls) >= 256u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 256u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "mzPlVOVjVos"); +# undef GET_SCRATCH_SIZE +#endif + + librecrypt_free_context(ctx); + STOP_RESOURCE_TEST(); return 0; } diff --git a/librecrypt_hash.c b/librecrypt_hash.c index 06bfe65..35aa8e4 100644 --- a/librecrypt_hash.c +++ b/librecrypt_hash.c @@ -14,8 +14,17 @@ librecrypt_hash(char *restrict out_buffer, size_t size, const char *phrase, #else +#define SP4 " " +#define SP20 SP4 SP4 SP4 SP4 SP4 +#define SP80 SP20 SP20 SP20 SP20 +#define SP84 SP80 SP4 + +#define GET_ARGON2_SCRATCH_SIZE(HASHLEN) ((HASHLEN) > 64u ? ((HASHLEN) + 63u) & ~31u : (HASHLEN)) + + static void -check(const char *phrase, const char *settings, const char *chain, const char *hash, size_t scratchsize) +check(const char *phrase, const char *settings, const char *chain, + const char *hash, size_t scratchsize, LIBRECRYPT_CONTEXT *ctx) { size_t hashlen = strlen(hash); size_t len = strlen(phrase); @@ -28,47 +37,47 @@ check(const char *phrase, const char *settings, const char *chain, const char *h assert(hashlen < sizeof(expected)); CANARY_FILL(buf); - EXPECT(librecrypt_hash(buf, sizeof(buf), phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(buf, sizeof(buf), phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(hash, buf, hashlen + 1u)); CANARY_X_CHECK(buf, hashlen + 1u, scratchsize); CANARY_FILL(buf); - EXPECT(librecrypt_hash(buf, hashlen + 1u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(buf, hashlen + 1u, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(hash, buf, hashlen + 1u)); CANARY_X_CHECK(buf, hashlen + 1u, scratchsize); CANARY_FILL(buf); - EXPECT(librecrypt_hash(buf, hashlen, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(buf, hashlen, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(hash, buf, hashlen - 1u)); EXPECT(!buf[hashlen - 1]); CANARY_X_CHECK(buf, hashlen, scratchsize); CANARY_FILL(buf); - EXPECT(librecrypt_hash(buf, 2u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(buf, 2u, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(hash, buf, 1u)); EXPECT(!buf[1u]); CANARY_X_CHECK(buf, 2u, 2u); CANARY_FILL(buf); - EXPECT(librecrypt_hash(buf, 1u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(buf, 1u, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!buf[0u]); CANARY_X_CHECK(buf, 1u, 1u); CANARY_FILL(buf); - EXPECT(librecrypt_hash(buf, 0u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(buf, 0u, phrase, len, settings, ctx) == (ssize_t)hashlen); CANARY_X_CHECK(buf, 0u, 0u); - EXPECT(librecrypt_hash(NULL, 0u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(NULL, 0u, phrase, len, settings, ctx) == (ssize_t)hashlen); - lut = librecrypt_get_encoding(settings, strlen(settings), &pad, &strict_pad, 1, NULL); + lut = librecrypt_get_encoding(settings, strlen(settings), &pad, &strict_pad, 1, ctx); assert(lut); r = librecrypt_decode(expected, sizeof(expected), hash, strlen(hash), lut, pad, strict_pad); assert(r > 0 && (size_t)r <= sizeof(expected)); CANARY_FILL(buf); CANARY_FILL(buf2); - EXPECT(librecrypt_hash(buf, sizeof(buf), expected, (size_t)r, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(buf, sizeof(buf), expected, (size_t)r, settings, ctx) == (ssize_t)hashlen); errno = 0; - EXPECT(librecrypt_hash(buf2, sizeof(buf2), phrase, len, chain, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash(buf2, sizeof(buf2), phrase, len, chain, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(buf, buf2, hashlen + 1u)); CANARY_X_CHECK(buf, hashlen + 2, scratchsize); CANARY_X_CHECK(buf2, hashlen + 2, scratchsize); @@ -78,41 +87,41 @@ check(const char *phrase, const char *settings, const char *chain, const char *h #define CHECK(PHRASE, CONF, HASHLEN, IS_DEFAULT_HASHLEN, HASH)\ do {\ size_t scratchsize = GET_SCRATCH_SIZE(HASHLEN);\ - check(PHRASE, CONF HASH, CONF "*" #HASHLEN ">" CONF HASH, HASH, scratchsize);\ - check(PHRASE, CONF "*" #HASHLEN, CONF "*" #HASHLEN ">" CONF "*" #HASHLEN, HASH, scratchsize);\ + check(PHRASE, CONF HASH, CONF "*" #HASHLEN ">" CONF HASH, HASH, scratchsize, ctx);\ + check(PHRASE, CONF "*" #HASHLEN, CONF "*" #HASHLEN ">" CONF "*" #HASHLEN, HASH, scratchsize, ctx);\ if (IS_DEFAULT_HASHLEN)\ - check(PHRASE, CONF, CONF ">" CONF, HASH, scratchsize);\ + check(PHRASE, CONF, CONF ">" CONF, HASH, scratchsize, ctx);\ } while (0) #define CHECK_BAD(ALGO)\ do {\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=0,t=999999999999999999,p=0$AAAABBBB$*0", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=0,t=999999999999999999,p=0$AAAABBBB$*0", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$*32$", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$*32$", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$*0", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$*0", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$*x", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$*x", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$*2x", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$*2x", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$*9999999999999999999999999999999", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$*9999999999999999999999999999999", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$AAAABBBBCCCCDDDDEEEEFFFF>", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$AAAABBBBCCCCDDDDEEEEFFFF>", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$AAAABBBBCCCCDDDDEEEEFFFFG", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$AAAABBBBCCCCDDDDEEEEFFFFG", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$AAAABBBBCCCCDDDDEEEEFFFF~", NULL) == -1);\ + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$AAAABBBBCCCCDDDD$AAAABBBBCCCCDDDDEEEEFFFF~", ctx) == -1);\ EXPECT(errno == EINVAL);\ } while (0) @@ -120,18 +129,19 @@ check(const char *phrase, const char *settings, const char *chain, const char *h int main(void) { - char conf[256]; + char conf[256], nuls[256]; + LIBRECRYPT_CONTEXT *ctx = NULL; int r; SET_UP_ALARM(); INIT_RESOURCE_TEST(); -#define GET_SCRATCH_SIZE(HASHLEN) ((HASHLEN) > 64u ? ((HASHLEN) + 63u) & ~31u : (HASHLEN)) +#define GET_SCRATCH_SIZE(HASHLEN) GET_ARGON2_SCRATCH_SIZE(HASHLEN) #if defined(SUPPORT_ARGON2I) r = snprintf(conf, sizeof(conf), "$argon2i$m=256,t=8,p=1$AAAABBBBCCCC$*%zu", SIZE_MAX / 4u * 3u + 3u); assert(r > 0 && (size_t)r < sizeof(conf)); errno = 0; - EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, conf, NULL) == -1); + EXPECT(librecrypt_hash(NULL, 0u, NULL, 0u, conf, ctx) == -1); # if SIZE_MAX > UINT32_MAX EXPECT(errno == EINVAL); # else @@ -140,7 +150,7 @@ main(void) char buf[1024]; libtest_pretend_allocation_successful = 1; errno = 0; - EXPECT(librecrypt_hash(buf, sizeof(buf), NULL, 0u, conf, NULL) == -1); + EXPECT(librecrypt_hash(buf, sizeof(buf), NULL, 0u, conf, ctx) == -1); libtest_pretend_allocation_successful = 0; EXPECT(errno == EOVERFLOW); } @@ -166,6 +176,38 @@ main(void) #endif #undef GET_SCRATCH_SIZE + ctx = librecrypt_create_context(); + assert(ctx != NULL); + memset(nuls, 0, sizeof(nuls)); + +#if defined(SUPPORT_ARGON2I) +# define GET_SCRATCH_SIZE(HASHLEN) GET_ARGON2_SCRATCH_SIZE(HASHLEN) + assert(sizeof(nuls) >= 4u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 4u) == 0); + CHECK(" ", "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "Mhl4o3AkJuA"); + CHECK(SP84, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "+hlEcRn+F3s"); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "z2d6ce8UqS0"); + + assert(sizeof(nuls) >= 140u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 140u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "15FAGe1KIX8"); + + assert(sizeof(nuls) >= 160u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 160u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "oH3H5atuca8"); + + assert(sizeof(nuls) >= 128u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 128u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "TsimqI1YC08"); + + assert(sizeof(nuls) >= 256u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 256u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "mzPlVOVjVos"); +# undef GET_SCRATCH_SIZE +#endif + + librecrypt_free_context(ctx); + STOP_RESOURCE_TEST(); return 0; } diff --git a/librecrypt_hash_.c b/librecrypt_hash_.c index 89c8e88..538dc8a 100644 --- a/librecrypt_hash_.c +++ b/librecrypt_hash_.c @@ -119,12 +119,12 @@ next: prefix = 1u; /* $covered$ (TODO we currently don't have an algorithm to trigger this) */ } if (!algo->flexible_hash_size && prefix != n) - goto einval; /* TODO test with custom hash function */ + goto einval; /* Get hash size */ if (!algo->flexible_hash_size) { /* fixed */ - hash_size = algo->hash_size; /* TODO test with custom hash function */ + hash_size = algo->hash_size; } else if (prefix == n) { /* default */ hash_size = algo->hash_size; @@ -152,11 +152,10 @@ next: break; hash_size = i - prefix; if (algo->pad && algo->strict_pad) { - /* TODO test with custom hash function */ for (; i < n; i++) if (settings[i] != algo->pad) break; - if (i - prefix % 4u) + if ((i - prefix) % 4u) goto einval; if (i - prefix - hash_size >= 4u) goto einval; @@ -241,7 +240,7 @@ next: ascii_len = hash_size % 3u; if (ascii_len) { if (algo->pad && algo->strict_pad) - ascii_len = 4u; /* padding to for bytes */ /* TODO test with custom hash function */ + ascii_len = 4u; /* padding to for bytes */ else ascii_len += 1u; /* 3n+m bytes: 4n+m+1 chars, unless m=0 */ } @@ -357,6 +356,109 @@ fail: /* Mainly tested via librecrypt_hash_binary, librecrypt_hash, and librecrypt_crypt */ +#define ALPHABET "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" +NONSTRING static const char elut[256u] = MAKE_ENCODING_LUT(ALPHABET); +#undef ALPHABET + +static const unsigned char dlut[256u] = { + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, 62, XX, XX, XX, 63, + 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, XX, XX, XX, XX, XX, XX, + XX, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, + 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, XX, XX, XX, XX, XX, + XX, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, + 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, + XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX, XX +}; + + +static unsigned +rot4_is_algorithm(const char *settings, size_t len) +{ + if (len >= sizeof("$rot4$") - 1u) + if (!strncmp(settings, "$rot4$", sizeof("$rot4$") - 1u)) + return 1u; + return 0u; +} + +static unsigned +add1_is_algorithm(const char *settings, size_t len) +{ + if (len >= sizeof("$add1$") - 1u) + if (!strncmp(settings, "$add1$", sizeof("$add1$") - 1u)) + return 1u; + return 0u; +} + +static int +rot4_hash(char *restrict out_buffer, size_t size, const char *phrase, size_t len, + const char *settings, size_t prefix, LIBRECRYPT_CONTEXT *ctx) +{ + size_t i; + + (void) settings; + (void) prefix; + (void) ctx; + + for (i = 0u; i < 8u && i < size; i++) { + out_buffer[i] = '\0'; + if (i < len) + out_buffer[i] = (char)((((int)phrase[i] & 0x0F) << 4) | (((int)phrase[i] >> 4) & 0x0F)); + } + + return 0; +} + +static int +add1_hash(char *restrict out_buffer, size_t size, const char *phrase, size_t len, + const char *settings, size_t prefix, LIBRECRYPT_CONTEXT *ctx) +{ + size_t i; + + (void) settings; + (void) prefix; + (void) ctx; + + for (i = 0u; i < 8u && i < size; i++) { + out_buffer[i] = '\0'; + if (i < len) + out_buffer[i] = (char)(unsigned char)((unsigned)(unsigned char)phrase[i] + 1u); + } + + return 0; +} + +static const struct librecrypt_algorithm rot4 = { + .is_algorithm = &rot4_is_algorithm, + .hash = &rot4_hash, + .encoding_lut = elut, + .decoding_lut = dlut, + .hash_size = 8u, + .flexible_hash_size = 0, + .strict_pad = 1, + .pad = '#' +}; + +static const struct librecrypt_algorithm add1 = { + .is_algorithm = &add1_is_algorithm, + .hash = &add1_hash, + .encoding_lut = elut, + .decoding_lut = dlut, + .hash_size = 8u, + .flexible_hash_size = 0, + .strict_pad = 1, + .pad = '#' +}; + + int main(void) { @@ -373,16 +475,20 @@ main(void) char sbuf[160]; size_t i, n; ssize_t r, r1, r1b, r1c, r2, r3; + LIBRECRYPT_CONTEXT *ctx = NULL; + struct librecrypt_algorithm custom[] = {rot4, add1}; SET_UP_ALARM(); INIT_RESOURCE_TEST(); +start_over: + errno = 0; - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, "$~no~such~algorithm~$", NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, "$~no~such~algorithm~$", ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOSYS); errno = 0; - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, "$~no~such~algorithm~$*100$", NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, "$~no~such~algorithm~$*100$", ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOSYS); #if defined(SUPPORT_ARGON2ID) @@ -391,22 +497,22 @@ main(void) CANARY_FILL(buf); errno = 0; - EXPECT(librecrypt_hash_(buf, sizeof(buf), "hello", 5u, "!"ARGON2ID_STR, NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(buf, sizeof(buf), "hello", 5u, "!"ARGON2ID_STR, ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOSYS); CANARY_CHECK(buf, 0u); CANARY_FILL(buf); errno = 0; - EXPECT(librecrypt_hash_(buf, sizeof(buf), "hello", 5u, ARGON2ID_PREFIX"*"LARGE"$", NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(buf, sizeof(buf), "hello", 5u, ARGON2ID_PREFIX"*"LARGE"$", ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOMEM); CANARY_CHECK(buf, sizeof(ARGON2ID_PREFIX"*")); - r = librecrypt_hash_(NULL, 0u, "hello", 5u, ARGON2ID_PREFIX"*1000$", NULL, ASCII_CRYPT); + r = librecrypt_hash_(NULL, 0u, "hello", 5u, ARGON2ID_PREFIX"*1000$", ctx, ASCII_CRYPT); EXPECT(r > 0); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, ARGON2ID_PREFIX"*1000$", NULL, ASCII_CRYPT) == r); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, ARGON2ID_PREFIX"*1000$", ctx, ASCII_CRYPT) == r); for (i = 0u; i <= sizeof(sbuf); i++) { CANARY_FILL(sbuf); - EXPECT(librecrypt_hash_(sbuf, i, NULL, 0u, ARGON2ID_PREFIX"*1000$", NULL, ASCII_CRYPT) == r); + EXPECT(librecrypt_hash_(sbuf, i, NULL, 0u, ARGON2ID_PREFIX"*1000$", ctx, ASCII_CRYPT) == r); CANARY_X_CHECK(sbuf, MIN(i, (size_t)r), MIN(i, 32u)); } @@ -418,45 +524,45 @@ main(void) r = (ssize_t)snprintf(buf, sizeof(buf), "%s*%zu$", ARGON2ID_PREFIX, (size_t)SSIZE_MAX + 1u); assert(r > 0 && r < (ssize_t)sizeof(buf)); errno = 0; - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, buf, NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, buf, ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOMEM); libtest_set_alloc_failure_in(0u); /* target settings_scratch */ errno = 0; libtest_set_alloc_failure_in(1u); - EXPECT(librecrypt_hash_(NULL, 0u, "hello", 5u, ARGON2ID_PREFIX"*1000$", NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(NULL, 0u, "hello", 5u, ARGON2ID_PREFIX"*1000$", ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOMEM); EXPECT(libtest_get_alloc_failure_in() == 0u); /* target phrase_scratches */ errno = 0; libtest_set_alloc_failure_in(1u); - EXPECT(librecrypt_hash_(buf, sizeof(buf), "hello", 5u, X2(ARGON2ID_STR), NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(buf, sizeof(buf), "hello", 5u, X2(ARGON2ID_STR), ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOMEM); EXPECT(libtest_get_alloc_failure_in() == 0u); /* target *algo->hash */ errno = 0; libtest_set_alloc_failure_in(2u); - EXPECT(librecrypt_hash_(buf, sizeof(buf), "hello", 5u, X2(ARGON2ID_STR), NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(buf, sizeof(buf), "hello", 5u, X2(ARGON2ID_STR), ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOMEM); EXPECT(libtest_get_alloc_failure_in() == 0u); /* target deallocation of settings_scratch */ errno = 0; libtest_set_alloc_failure_in(2u); - EXPECT(librecrypt_hash_(buf, 1u, "hello", 5u, ARGON2ID_PREFIX"*1000$>"ARGON2ID_STR, NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(buf, 1u, "hello", 5u, ARGON2ID_PREFIX"*1000$>"ARGON2ID_STR, ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOMEM); EXPECT(libtest_get_alloc_failure_in() == 0u); /* target deallocation of phrase_scratches[1] */ libtest_set_alloc_failure_in(SIZE_MAX); - EXPECT(librecrypt_hash_(buf, 1u, "hello", 5u, X3(ARGON2ID_STR), NULL, ASCII_CRYPT) > 0); + EXPECT(librecrypt_hash_(buf, 1u, "hello", 5u, X3(ARGON2ID_STR), ctx, ASCII_CRYPT) > 0); n = SIZE_MAX - libtest_get_alloc_failure_in(); errno = 0; libtest_set_alloc_failure_in(n); - EXPECT(librecrypt_hash_(buf, 1u, "hello", 5u, X3(ARGON2ID_STR), NULL, ASCII_CRYPT) == -1); + EXPECT(librecrypt_hash_(buf, 1u, "hello", 5u, X3(ARGON2ID_STR), ctx, ASCII_CRYPT) == -1); EXPECT(errno == ENOMEM); EXPECT(libtest_get_alloc_failure_in() == 0u); @@ -464,33 +570,33 @@ main(void) CANARY_FILL(buf1); memset(buf1, 99, sizeof(buf1)); - r1 = librecrypt_hash_(buf1, sizeof(buf1), NULL, 0u, X2(ARGON2ID_STR), NULL, ASCII_CRYPT); + r1 = librecrypt_hash_(buf1, sizeof(buf1), NULL, 0u, X2(ARGON2ID_STR), ctx, ASCII_CRYPT); EXPECT(r1 > 0); EXPECT(r1 > 2 * (ssize_t)sizeof(ARGON2ID_STR)); - r1b = librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X3(ARGON2ID_STR), NULL, ASCII_CRYPT); + r1b = librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X3(ARGON2ID_STR), ctx, ASCII_CRYPT); EXPECT(r1b > 0); EXPECT(r1b == r1 + 1 * (ssize_t)sizeof(ARGON2ID_STR)); - r1c = librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X4(ARGON2ID_STR), NULL, ASCII_CRYPT); + r1c = librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X4(ARGON2ID_STR), ctx, ASCII_CRYPT); EXPECT(r1c > 0); EXPECT(r1c == r1 + 2 * (ssize_t)sizeof(ARGON2ID_STR)); CANARY_FILL(buf2); - EXPECT((r2 = librecrypt_hash_(buf2, sizeof(buf2), NULL, 0u, X2(ARGON2ID_STR), NULL, ASCII_HASH)) > 0); - EXPECT(librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X3(ARGON2ID_STR), NULL, ASCII_HASH) == r2); - EXPECT(librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X4(ARGON2ID_STR), NULL, ASCII_HASH) == r2); + EXPECT((r2 = librecrypt_hash_(buf2, sizeof(buf2), NULL, 0u, X2(ARGON2ID_STR), ctx, ASCII_HASH)) > 0); + EXPECT(librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X3(ARGON2ID_STR), ctx, ASCII_HASH) == r2); + EXPECT(librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X4(ARGON2ID_STR), ctx, ASCII_HASH) == r2); EXPECT(r2 < r1); CANARY_FILL(buf3); - EXPECT((r3 = librecrypt_hash_(buf3, sizeof(buf3), NULL, 0u, X2(ARGON2ID_STR), NULL, BINARY_HASH)) > 0); - EXPECT(librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X3(ARGON2ID_STR), NULL, BINARY_HASH) == r3); - EXPECT(librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X4(ARGON2ID_STR), NULL, BINARY_HASH) == r3); + EXPECT((r3 = librecrypt_hash_(buf3, sizeof(buf3), NULL, 0u, X2(ARGON2ID_STR), ctx, BINARY_HASH)) > 0); + EXPECT(librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X3(ARGON2ID_STR), ctx, BINARY_HASH) == r3); + EXPECT(librecrypt_hash_(buf, sizeof(buf), NULL, 0u, X4(ARGON2ID_STR), ctx, BINARY_HASH) == r3); EXPECT(r3 < r2); assert((size_t)r1 < sizeof(buf) - 11u); for (i = (size_t)r1 + 11u; i < SIZE_MAX; i--) { if (i <= (size_t)r1 + 10u) { CANARY_C_FILL(88, buf); - EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), NULL, ASCII_CRYPT) == r1); + EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), ctx, ASCII_CRYPT) == r1); if (i) { n = MIN(i - 1u, (size_t)r1); EXPECT(!memcmp(buf, buf1, n)); @@ -500,7 +606,7 @@ main(void) } if (i <= (size_t)r2 + 10u) { CANARY_C_FILL(88, buf); - EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), NULL, ASCII_HASH) == r2); + EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), ctx, ASCII_HASH) == r2); if (i) { n = MIN(i - 1u, (size_t)r2); EXPECT(!memcmp(buf, buf2, n)); @@ -510,7 +616,7 @@ main(void) } if (i <= (size_t)r3 + 10u) { CANARY_C_FILL(88, buf); - EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), NULL, BINARY_HASH) == r3); + EXPECT(librecrypt_hash_(buf, i, NULL, 0u, X2(ARGON2ID_STR), ctx, BINARY_HASH) == r3); EXPECT(!memcmp(buf, buf3, MIN(i, (size_t)r3))); CANARY_X_CHECK(buf, MIN(i, (size_t)r3), MIN(i, 32u)); } @@ -520,23 +626,148 @@ main(void) CANARY_X_CHECK(buf2, (size_t)r2, 32u); CANARY_X_CHECK(buf3, (size_t)r3, 32u); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X2(ARGON2ID_STR), NULL, ASCII_CRYPT) == r1); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X3(ARGON2ID_STR), NULL, ASCII_CRYPT) == r1b); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X4(ARGON2ID_STR), NULL, ASCII_CRYPT) == r1c); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X2(ARGON2ID_STR), ctx, ASCII_CRYPT) == r1); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X3(ARGON2ID_STR), ctx, ASCII_CRYPT) == r1b); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X4(ARGON2ID_STR), ctx, ASCII_CRYPT) == r1c); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X2(ARGON2ID_STR), NULL, ASCII_HASH) == r2); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X3(ARGON2ID_STR), NULL, ASCII_HASH) == r2); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X4(ARGON2ID_STR), NULL, ASCII_HASH) == r2); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X2(ARGON2ID_STR), ctx, ASCII_HASH) == r2); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X3(ARGON2ID_STR), ctx, ASCII_HASH) == r2); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X4(ARGON2ID_STR), ctx, ASCII_HASH) == r2); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X2(ARGON2ID_STR), NULL, BINARY_HASH) == r3); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X3(ARGON2ID_STR), NULL, BINARY_HASH) == r3); - EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X4(ARGON2ID_STR), NULL, BINARY_HASH) == r3); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X2(ARGON2ID_STR), ctx, BINARY_HASH) == r3); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X3(ARGON2ID_STR), ctx, BINARY_HASH) == r3); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, X4(ARGON2ID_STR), ctx, BINARY_HASH) == r3); #endif + if (!ctx) { + ctx = librecrypt_create_context(); + assert(ctx != NULL); + goto start_over; + } + + librecrypt_set_custom_algorithms(ctx, custom, ELEMSOF(custom)); + + errno = 0; + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, "$rot4$*8", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, "$rot4$", ctx, ASCII_CRYPT) == (ssize_t)sizeof("$rot4$") - 1 + 12); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, "$rot4$", ctx, ASCII_HASH) == 12); + EXPECT(librecrypt_hash_(NULL, 0u, NULL, 0u, "$rot4$", ctx, BINARY_HASH) == 8); + +#define MSG "\x12\x23\x34\x45\x56\x67\x78\x89", 8u + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$", ctx, BINARY_HASH) == 8); + assert(sizeof(buf) >= 8u); + EXPECT(!memcmp(buf, "\x21\x32\x43\x54\x65\x76\x87\x98", 8u)); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$", ctx, ASCII_HASH) == 12); + assert(sizeof(buf) >= 12u); + EXPECT(!memcmp(buf, "ITJDVGV2h5g#", 12u + sizeof(""))); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$", ctx, ASCII_CRYPT) == (ssize_t)sizeof("$rot4$") - 1 + 12); + assert(sizeof(buf) >= sizeof("$rot4$") + 12u); + EXPECT(!memcmp(buf, "$rot4$ITJDVGV2h5g#", sizeof("$rot4$") + 12u)); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$add1$", ctx, BINARY_HASH) == 8); + assert(sizeof(buf) >= 8u); + EXPECT(!memcmp(buf, "\x13\x24\x35\x46\x57\x68\x79\x8A", 8u)); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$add1$", ctx, ASCII_HASH) == 12); + assert(sizeof(buf) >= 12u); + EXPECT(!memcmp(buf, "EyQ1RldoeYo#", 12u + sizeof(""))); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$add1$", ctx, ASCII_CRYPT) == (ssize_t)sizeof("$add1$") - 1 + 12); + assert(sizeof(buf) >= sizeof("$add1$") + 12u); + EXPECT(!memcmp(buf, "$add1$EyQ1RldoeYo#", sizeof("$add1$") + 12u)); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$>$add1$", ctx, BINARY_HASH) == 8); + assert(sizeof(buf) >= 8u); + EXPECT(!memcmp(buf, "\x22\x33\x44\x55\x66\x77\x88\x99", 8u)); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$>$add1$", ctx, ASCII_HASH) == 12); + assert(sizeof(buf) >= 12u); + EXPECT(!memcmp(buf, "IjNEVWZ3iJk#", 12u + sizeof(""))); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$>$add1$", ctx, ASCII_CRYPT) == (ssize_t)sizeof("$rot4$>$add1$") - 1 + 12); + assert(sizeof(buf) >= sizeof("$rot4$>$add1$") + 12u); + EXPECT(!memcmp(buf, "$rot4$>$add1$IjNEVWZ3iJk#", sizeof("$rot4$>$add1$") + 12u)); + + custom[0].flexible_hash_size = 1; + custom[1].flexible_hash_size = 1; + + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA", ctx, BINARY_HASH) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA", ctx, ASCII_HASH) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#A", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#~", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAA#", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA##", ctx, BINARY_HASH) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA###", ctx, ASCII_HASH) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA####", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#####", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#", ctx, BINARY_HASH) == 8); + assert(sizeof(buf) >= 8u); + EXPECT(!memcmp(buf, "\x21\x32\x43\x54\x65\x76\x87\x98", 8u)); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#", ctx, ASCII_HASH) == 12); + assert(sizeof(buf) >= 12u); + EXPECT(!memcmp(buf, "ITJDVGV2h5g#", 12u + sizeof(""))); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#", ctx, ASCII_CRYPT) == (ssize_t)sizeof("$rot4$") - 1 + 12); + assert(sizeof(buf) >= sizeof("$rot4$") + 12u); + EXPECT(!memcmp(buf, "$rot4$ITJDVGV2h5g#", sizeof("$rot4$") + 12u)); + + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAA##", ctx, BINARY_HASH) == 7); + EXPECT(!memcmp(buf, "\x21\x32\x43\x54\x65\x76\x87", 7u)); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAA###", ctx, BINARY_HASH) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAA####", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + + custom[0].pad = 0; + custom[1].pad = 0; + + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#", ctx, BINARY_HASH) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#", ctx, ASCII_HASH) == -1); + EXPECT(errno == EINVAL); + errno = 0; + EXPECT(librecrypt_hash_(buf, sizeof(buf), MSG, "$rot4$AAAAAAAAAAA#", ctx, ASCII_CRYPT) == -1); + EXPECT(errno == EINVAL); + +#undef msg + + librecrypt_free_context(ctx); + STOP_RESOURCE_TEST(); return 0; } -/* TODO test mixed algorithm chaining */ #endif diff --git a/librecrypt_hash_binary.c b/librecrypt_hash_binary.c index b9ca93c..63cfb41 100644 --- a/librecrypt_hash_binary.c +++ b/librecrypt_hash_binary.c @@ -14,8 +14,17 @@ librecrypt_hash_binary(void *restrict out_buffer, size_t size, const char *phras #else +#define SP4 " " +#define SP20 SP4 SP4 SP4 SP4 SP4 +#define SP80 SP20 SP20 SP20 SP20 +#define SP84 SP80 SP4 + +#define GET_ARGON2_SCRATCH_SIZE(HASHLEN) ((HASHLEN) > 64u ? ((HASHLEN) + 63u) & ~31u : (HASHLEN)) + + static void -check(const char *phrase, const char *settings, const char *chain, const char *hash, size_t hashlen, size_t scratchsize) +check(const char *phrase, const char *settings, const char *chain, const char *hash, + size_t hashlen, size_t scratchsize, LIBRECRYPT_CONTEXT *ctx) { size_t len = strlen(phrase); char buf[1024], buf2[sizeof(buf)], expected[256], pad; @@ -26,37 +35,37 @@ check(const char *phrase, const char *settings, const char *chain, const char *h assert(hashlen <= sizeof(buf)); assert(hashlen <= sizeof(expected)); - lut = librecrypt_get_encoding(settings, strlen(settings), &pad, &strict_pad, 1, NULL); + lut = librecrypt_get_encoding(settings, strlen(settings), &pad, &strict_pad, 1, ctx); assert(lut); r = librecrypt_decode(expected, sizeof(expected), hash, strlen(hash), lut, pad, strict_pad); assert(r > 0 && (size_t)r == hashlen); CANARY_FILL(buf); - EXPECT(librecrypt_hash_binary(buf, sizeof(buf), phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash_binary(buf, sizeof(buf), phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(buf, expected, hashlen)); CANARY_X_CHECK(buf, hashlen, scratchsize); CANARY_FILL(buf); - EXPECT(librecrypt_hash_binary(buf, hashlen, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash_binary(buf, hashlen, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(buf, expected, hashlen)); CANARY_X_CHECK(buf, hashlen, scratchsize); CANARY_FILL(buf); - EXPECT(librecrypt_hash_binary(buf, 1u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash_binary(buf, 1u, phrase, len, settings, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(buf, expected, 1u)); CANARY_X_CHECK(buf, 1u, 1u); CANARY_FILL(buf); - EXPECT(librecrypt_hash_binary(buf, 0u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash_binary(buf, 0u, phrase, len, settings, ctx) == (ssize_t)hashlen); CANARY_X_CHECK(buf, 0u, 0u); - EXPECT(librecrypt_hash_binary(NULL, 0u, phrase, len, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash_binary(NULL, 0u, phrase, len, settings, ctx) == (ssize_t)hashlen); CANARY_FILL(buf); CANARY_FILL(buf2); - EXPECT(librecrypt_hash_binary(buf, sizeof(buf), expected, hashlen, settings, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash_binary(buf, sizeof(buf), expected, hashlen, settings, ctx) == (ssize_t)hashlen); errno = 0; - EXPECT(librecrypt_hash_binary(buf2, sizeof(buf2), phrase, len, chain, NULL) == (ssize_t)hashlen); + EXPECT(librecrypt_hash_binary(buf2, sizeof(buf2), phrase, len, chain, ctx) == (ssize_t)hashlen); EXPECT(!memcmp(buf, buf2, hashlen)); CANARY_X_CHECK(buf, hashlen, scratchsize); CANARY_X_CHECK(buf2, hashlen, scratchsize); @@ -66,20 +75,20 @@ check(const char *phrase, const char *settings, const char *chain, const char *h #define CHECK(PHRASE, CONF, HASHLEN, IS_DEFAULT_HASHLEN, HASH)\ do {\ size_t scratchsize = GET_SCRATCH_SIZE(HASHLEN);\ - check(PHRASE, CONF HASH, CONF "*" #HASHLEN ">" CONF HASH, HASH, (size_t)HASHLEN, scratchsize);\ - check(PHRASE, CONF "*" #HASHLEN, CONF "*" #HASHLEN ">" CONF "*" #HASHLEN, HASH, (size_t)HASHLEN, scratchsize);\ + check(PHRASE, CONF HASH, CONF "*" #HASHLEN ">" CONF HASH, HASH, (size_t)HASHLEN, scratchsize, ctx);\ + check(PHRASE, CONF "*" #HASHLEN, CONF "*" #HASHLEN ">" CONF "*" #HASHLEN, HASH, (size_t)HASHLEN, scratchsize, ctx);\ if (IS_DEFAULT_HASHLEN)\ - check(PHRASE, CONF, CONF ">" CONF, HASH, (size_t)HASHLEN, scratchsize);\ + check(PHRASE, CONF, CONF ">" CONF, HASH, (size_t)HASHLEN, scratchsize, ctx);\ } while (0) #define CHECK_BAD(ALGO)\ do {\ errno = 0;\ - EXPECT(librecrypt_hash_binary(NULL, 0u, NULL, 0u, ALGO"m=0,t=999999999999999999,p=0$AAAABBBB$*0", NULL) == -1);\ + EXPECT(librecrypt_hash_binary(NULL, 0u, NULL, 0u, ALGO"m=0,t=999999999999999999,p=0$AAAABBBB$*0", ctx) == -1);\ EXPECT(errno == EINVAL);\ errno = 0;\ - EXPECT(librecrypt_hash_binary(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$*32$", NULL) == -1);\ + EXPECT(librecrypt_hash_binary(NULL, 0u, NULL, 0u, ALGO"m=4096,t=10,p=1$*32$", ctx) == -1);\ EXPECT(errno == EINVAL);\ } while (0) @@ -87,10 +96,13 @@ check(const char *phrase, const char *settings, const char *chain, const char *h int main(void) { + LIBRECRYPT_CONTEXT *ctx = NULL; + char nuls[256]; + SET_UP_ALARM(); INIT_RESOURCE_TEST(); -#define GET_SCRATCH_SIZE(HASHLEN) ((HASHLEN) > 64u ? ((HASHLEN) + 63u) & ~31u : (HASHLEN)) +#define GET_SCRATCH_SIZE(HASHLEN) GET_ARGON2_SCRATCH_SIZE(HASHLEN) #if defined(SUPPORT_ARGON2I) CHECK("password", "$argon2i$" "m=256,t=2,p=1$c29tZXNhbHQ$", 32, 1, "/U3YPXYsSb3q9XxHvc0MLxur+GP960kN9j7emXX8zwY"); CHECK("password", "$argon2i$v=19$m=256,t=2,p=1$c29tZXNhbHQ$", 32, 1, "iekCn0Y3spW+sCcFanM2xBT63UP2sghkUoHLIUpWRS8"); @@ -112,6 +124,38 @@ main(void) #endif #undef GET_SCRATCH_SIZE + ctx = librecrypt_create_context(); + assert(ctx != NULL); + memset(nuls, 0, sizeof(nuls)); + +#if defined(SUPPORT_ARGON2I) +# define GET_SCRATCH_SIZE(HASHLEN) GET_ARGON2_SCRATCH_SIZE(HASHLEN) + assert(sizeof(nuls) >= 4u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 4u) == 0); + CHECK(" ", "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "Mhl4o3AkJuA"); + CHECK(SP84, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "+hlEcRn+F3s"); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "z2d6ce8UqS0"); + + assert(sizeof(nuls) >= 140u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 140u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "15FAGe1KIX8"); + + assert(sizeof(nuls) >= 160u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 160u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "oH3H5atuca8"); + + assert(sizeof(nuls) >= 128u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 128u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "TsimqI1YC08"); + + assert(sizeof(nuls) >= 256u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 256u) == 0); + CHECK(SP80, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$", 8, 0, "mzPlVOVjVos"); +# undef GET_SCRATCH_SIZE +#endif + + librecrypt_free_context(ctx); + STOP_RESOURCE_TEST(); return 0; } diff --git a/librecrypt_settings_prefix.c b/librecrypt_settings_prefix.c index fbb0262..31359c7 100644 --- a/librecrypt_settings_prefix.c +++ b/librecrypt_settings_prefix.c @@ -60,21 +60,21 @@ out: #define CHECK_NULL(PREFIX, SUFFIX)\ do {\ - EXPECT(librecrypt_settings_prefix(PREFIX SUFFIX, NULL, NULL) == sizeof(PREFIX) - 1u);\ - EXPECT(librecrypt_settings_prefix(PREFIX, NULL, NULL) == sizeof(PREFIX) - 1u); \ + EXPECT(librecrypt_settings_prefix(PREFIX SUFFIX, NULL, ctx) == sizeof(PREFIX) - 1u);\ + EXPECT(librecrypt_settings_prefix(PREFIX, NULL, ctx) == sizeof(PREFIX) - 1u); \ } while (0) #define CHECK_ZERO(PREFIX, SUFFIX)\ do {\ size_t hashsize = 99999u;\ - EXPECT(librecrypt_settings_prefix(PREFIX SUFFIX, &hashsize, NULL) == sizeof(PREFIX) - 1u);\ + EXPECT(librecrypt_settings_prefix(PREFIX SUFFIX, &hashsize, ctx) == sizeof(PREFIX) - 1u);\ EXPECT(hashsize == 0u);\ } while (0) #define CHECK_HASH(PREFIX, SUFFIX, HASH)\ do {\ size_t hashsize = 99999u;\ - EXPECT(librecrypt_settings_prefix(PREFIX SUFFIX, &hashsize, NULL) == sizeof(PREFIX) - 1u);\ + EXPECT(librecrypt_settings_prefix(PREFIX SUFFIX, &hashsize, ctx) == sizeof(PREFIX) - 1u);\ EXPECT(hashsize == HASH##u);\ } while (0) @@ -97,7 +97,7 @@ static struct librecrypt_algorithm dumdum = { int main(void) { - LIBRECRYPT_CONTEXT *ctx; + LIBRECRYPT_CONTEXT *ctx = NULL; SET_UP_ALARM(); INIT_RESOURCE_TEST(); diff --git a/librecrypt_verify.c b/librecrypt_verify.c index 04efff4..d74973c 100644 --- a/librecrypt_verify.c +++ b/librecrypt_verify.c @@ -67,45 +67,46 @@ librecrypt_verify(const char *phrase, size_t len, const char *settings, LIBRECRY int main(void) { - char conf[256]; + LIBRECRYPT_CONTEXT *ctx = NULL; + char conf[256], nuls[256], spaces[256]; int r; SET_UP_ALARM(); INIT_RESOURCE_TEST(); errno = 0; - EXPECT(librecrypt_verify(NULL, 0u, "$~no~such~algorithm~$", NULL) == -1); + EXPECT(librecrypt_verify(NULL, 0u, "$~no~such~algorithm~$", ctx) == -1); EXPECT(errno == ENOSYS); #if defined(SUPPORT_ARGON2ID) - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", NULL) == 1); - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/", NULL) == 0); - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4x", NULL) == 0); - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/a", NULL) == 0); - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$a29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/a", NULL) == 0); - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$af65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", NULL) == 0); - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMRauIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", NULL) == 0); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", ctx) == 1); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/", ctx) == 0); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4x", ctx) == 0); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/a", ctx) == 0); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$a29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/a", ctx) == 0); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$af65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", ctx) == 0); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMRauIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", ctx) == 0); errno = 0; - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$", NULL) == -1); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$", ctx) == -1); EXPECT(errno == EINVAL); errno = 0; - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$*64", NULL) == -1); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$*64", ctx) == -1); EXPECT(errno == EINVAL); errno = 0; - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$*16$nf65EOgLrQMRauIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", NULL) == -1); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$*16$nf65EOgLrQMRauIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", ctx) == -1); EXPECT(errno == EINVAL); if (libtest_have_custom_malloc()) { libtest_set_alloc_failure_in(1u); errno = 0; - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", NULL) == -1); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", ctx) == -1); assert(errno == ENOMEM); assert(libtest_get_alloc_failure_in() == 0u); libtest_set_alloc_failure_in(2u); errno = 0; - EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", NULL) == -1); + EXPECT(librecrypt_verify("password", 8u, "$argon2id$v=19$m=256,t=2,p=1$c29tZXNhbHQ$nf65EOgLrQMR/uIPnA4rEsF5h7TKyQwu9U1bMCHGi/4", ctx) == -1); assert(errno == ENOMEM); assert(libtest_get_alloc_failure_in() == 0u); } @@ -113,7 +114,7 @@ main(void) r = snprintf(conf, sizeof(conf), "$argon2id$m=256,t=8,p=1$AAAABBBBCCCC$*%zu", SIZE_MAX / 4u * 3u + 3u); assert(r > 0 && (size_t)r < sizeof(conf)); errno = 0; - EXPECT(librecrypt_verify(NULL, 0u, conf, NULL) == -1); + EXPECT(librecrypt_verify(NULL, 0u, conf, ctx) == -1); # if SIZE_MAX > UINT32_MAX EXPECT(errno == EINVAL); # else @@ -121,6 +122,37 @@ main(void) # endif #endif + ctx = librecrypt_create_context(); + assert(ctx != NULL); + memset(nuls, 0, sizeof(nuls)); + memset(spaces, ' ', sizeof(spaces)); + +#if defined(SUPPORT_ARGON2I) + assert(sizeof(nuls) >= 4u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 4u) == 0); + EXPECT(librecrypt_verify(spaces, 1u, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$Mhl4o3AkJuA", ctx) == 1); + EXPECT(librecrypt_verify(spaces, 84u, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$+hlEcRn+F3s", ctx) == 1); + EXPECT(librecrypt_verify(spaces, 80u, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$z2d6ce8UqS0", ctx) == 1); + + assert(sizeof(nuls) >= 140u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 140u) == 0); + EXPECT(librecrypt_verify(spaces, 80u, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$15FAGe1KIX8", ctx) == 1); + + assert(sizeof(nuls) >= 160u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 160u) == 0); + EXPECT(librecrypt_verify(spaces, 80u, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$oH3H5atuca8", ctx) == 1); + + assert(sizeof(nuls) >= 128u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 128u) == 0); + EXPECT(librecrypt_verify(spaces, 80u, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$TsimqI1YC08", ctx) == 1); + + assert(sizeof(nuls) >= 256u); + assert(librecrypt_set_pepper(ctx, LIBRECRYPT_ARGON2I_V1_3, nuls, 256u) == 0); + EXPECT(librecrypt_verify(spaces, 80u, "$argon2i$v=19$m=8,t=1,p=1$ICAgICAgICA$mzPlVOVjVos", ctx) == 1); +#endif + + librecrypt_free_context(ctx); + STOP_RESOURCE_TEST(); return 0; } |