dotya.ml/ mkproof
2
0
Fork 0
mirror of https://git.sr.ht/~sircmpwn/mkproof synced 2024-06-01 22:06:12 +02:00
Code Releases Activity

Fixed up encoding issues -- 

by significantly contraining the space of admissable encodings. This
doesn't break the public API, but makes some previously valid
encodings invalid.

Also made changes to validate_context. Empty vs. NULL passwords and
salts now produce the same results and errors.

Added tests for bad salt in encoding string.
This commit is contained in:
Joe Richey 2016-10-25 14:05:24 -07:00
parent 07524a3114
commit 5d4f7552f0
3 changed files with 63 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
src/core.c
View File

@ -354,37 +354,37 @@ int validate_inputs(const argon2_context *context) {
return ARGON2_OUTPUT_TOO_LONG;
}
/* Validate password length */
/* Validate password (required param) */
if (NULL == context->pwd) {
if (0 != context->pwdlen) {
return ARGON2_PWD_PTR_MISMATCH;
}
} else {
if (ARGON2_MIN_PWD_LENGTH > context->pwdlen) {
return ARGON2_PWD_TOO_SHORT;
}
if (ARGON2_MAX_PWD_LENGTH < context->pwdlen) {
return ARGON2_PWD_TOO_LONG;
}
}
/* Validate salt length */
if (ARGON2_MIN_PWD_LENGTH > context->pwdlen) {
return ARGON2_PWD_TOO_SHORT;
}
if (ARGON2_MAX_PWD_LENGTH < context->pwdlen) {
return ARGON2_PWD_TOO_LONG;
}
/* Validate salt (required param) */
if (NULL == context->salt) {
if (0 != context->saltlen) {
return ARGON2_SALT_PTR_MISMATCH;
}
} else {
if (ARGON2_MIN_SALT_LENGTH > context->saltlen) {
return ARGON2_SALT_TOO_SHORT;
}
if (ARGON2_MAX_SALT_LENGTH < context->saltlen) {
return ARGON2_SALT_TOO_LONG;
}
}
/* Validate secret length */
if (ARGON2_MIN_SALT_LENGTH > context->saltlen) {
return ARGON2_SALT_TOO_SHORT;
}
if (ARGON2_MAX_SALT_LENGTH < context->saltlen) {
return ARGON2_SALT_TOO_LONG;
}
/* Validate secret (optional param) */
if (NULL == context->secret) {
if (0 != context->secretlen) {
return ARGON2_SECRET_PTR_MISMATCH;
@ -393,13 +393,12 @@ int validate_inputs(const argon2_context *context) {
if (ARGON2_MIN_SECRET > context->secretlen) {
return ARGON2_SECRET_TOO_SHORT;
}
if (ARGON2_MAX_SECRET < context->secretlen) {
return ARGON2_SECRET_TOO_LONG;
}
}
/* Validate associated data */
/* Validate associated data (optional param) */
if (NULL == context->ad) {
if (0 != context->adlen) {
return ARGON2_AD_PTR_MISMATCH;
@ -408,7 +407,6 @@ int validate_inputs(const argon2_context *context) {
if (ARGON2_MIN_AD_LENGTH > context->adlen) {
return ARGON2_AD_TOO_SHORT;
}
if (ARGON2_MAX_AD_LENGTH < context->adlen) {
return ARGON2_AD_TOO_LONG;
}

75
src/encoding.c
View File

@ -39,11 +39,6 @@
* the parameters, salts and outputs. It does not compute the hash
* itself.
*
* -- The third section is test code, with a main() function. With
* this section, the whole file compiles as a stand-alone program
* that exercises the encoding and decoding functions with some
* test vectors.
*
* The code was originally written by Thomas Pornin <pornin@bolet.org>,
* to whom comments and remarks may be sent. It is released under what
* should amount to Public Domain or its closest equivalent; the
@ -246,19 +241,18 @@ static const char *decode_decimal(const char *str, unsigned long *v) {
*
* The code below applies the following format:
*
* $argon2<T>[$v=<num>]$m=<num>,t=<num>,p=<num>[,keyid=<bin>][,data=<bin>][$<bin>[$<bin>]]
* $argon2<T>[$v=<num>]$m=<num>,t=<num>,p=<num>$<bin>$<bin>
*
* where <T> is either 'd' or 'i', <num> is a decimal integer (positive, fits in
* an 'unsigned long'), and <bin> is Base64-encoded data (no '=' padding
* where <T> is either 'd', 'id', or 'i', <num> is a decimal integer (positive,
* fits in an 'unsigned long'), and <bin> is Base64-encoded data (no '=' padding
* characters, no newline or whitespace).
* The "keyid" is a binary identifier for a key (up to 8 bytes);
* "data" is associated data (up to 32 bytes). When the 'keyid'
* (resp. the 'data') is empty, then it is ommitted from the output.
*
* The last two binary chunks (encoded in Base64) are, in that order,
* the salt and the output. Both are optional, but you cannot have an
* output without a salt. The binary salt length is between 8 and 48 bytes.
* The output length is always exactly 32 bytes.
* the salt and the output. Both are required. The binary salt length and the
* output length must be in the permisable ranges as defined in argon2.h.
*
* The ctx struct must contain buffers large enough to hold the salt and pwd
* when it is fed into decode_string.
*/
int decode_string(argon2_context *ctx, const char *str, argon2_type type) {
@ -273,7 +267,7 @@ int decode_string(argon2_context *ctx, const char *str, argon2_type type) {
str += cc_len; \
} while ((void)0, 0)
/* prefix checking with supplied code */
/* optional prefix checking with supplied code */
#define CC_opt(prefix, code) \
do { \
size_t cc_len = strlen(prefix); \
@ -283,7 +277,7 @@ int decode_string(argon2_context *ctx, const char *str, argon2_type type) {
} \
} while ((void)0, 0)
/* Decoding prefix into decimal */
/* Decoding prefix into decimal */
#define DECIMAL(x) \
do { \
unsigned long dec_x; \
@ -294,6 +288,7 @@ int decode_string(argon2_context *ctx, const char *str, argon2_type type) {
(x) = dec_x; \
} while ((void)0, 0)
/* Decoding base64 into a binary buffer */
#define BIN(buf, max_len, len) \
do { \
size_t bin_len = (max_len); \
@ -304,26 +299,23 @@ int decode_string(argon2_context *ctx, const char *str, argon2_type type) {
(len) = (uint32_t)bin_len; \
} while ((void)0, 0)
size_t maxadlen = ctx->adlen;
size_t maxsaltlen = ctx->saltlen;
size_t maxoutlen = ctx->outlen;
int validation_result;
const char* type_string;
ctx->adlen = 0;
ctx->saltlen = 0;
ctx->outlen = 0;
ctx->pwdlen = 0;
/* We should start with the argon2_type we are using */
CC("$");
type_string = argon2_type2string(type, 0);
if (type_string) {
CC(type_string);
} else {
if (!type_string) {
return ARGON2_INCORRECT_TYPE;
}
CC("$");
CC(type_string);
/* Reading the version number if the default is suppressed */
ctx->version = ARGON2_VERSION_10;
CC_opt("$v=", DECIMAL(ctx->version));
@ -336,17 +328,11 @@ int decode_string(argon2_context *ctx, const char *str, argon2_type type) {
DECIMAL(ctx->lanes);
ctx->threads = ctx->lanes;
CC_opt(",data=", BIN(ctx->ad, maxadlen, ctx->adlen));
if (*str == 0) {
return ARGON2_OK;
}
CC("$");
BIN(ctx->salt, maxsaltlen, ctx->saltlen);
if (*str == 0) {
return ARGON2_OK;
}
CC("$");
BIN(ctx->out, maxoutlen, ctx->outlen);
validation_result = validate_inputs(ctx);
if (validation_result != ARGON2_OK) {
return validation_result;
@ -393,19 +379,23 @@ int encode_string(char *dst, size_t dst_len, argon2_context *ctx,
} while ((void)0, 0)
const char* type_string = argon2_type2string(type, 0);
SS("$");
if (type_string) {
SS(type_string);
} else {
return ARGON2_ENCODING_FAIL;
int validation_result = validate_inputs(ctx);
if (!type_string) {
return ARGON2_ENCODING_FAIL;
}
if (validate_inputs(ctx) != ARGON2_OK) {
return validate_inputs(ctx);
if (validation_result != ARGON2_OK) {
return validation_result;
}
SS("$");
SS(type_string);
SS("$v=");
SX(ctx->version);
SS("$m=");
SX(ctx->m_cost);
SS(",t=");
@ -413,20 +403,9 @@ int encode_string(char *dst, size_t dst_len, argon2_context *ctx,
SS(",p=");
SX(ctx->lanes);
if (ctx->adlen > 0) {
SS(",data=");
SB(ctx->ad, ctx->adlen);
}
if (ctx->saltlen == 0)
return ARGON2_OK;
SS("$");
SB(ctx->salt, ctx->saltlen);
if (ctx->outlen == 0)
return ARGON2_OK;
SS("$");
SB(ctx->out, ctx->outlen);
return ARGON2_OK;

18
src/test.c
View File

@ -128,9 +128,16 @@ int main() {
ret = argon2_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
"9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
"password", strlen("password"), Argon2_i);
assert(ret == ARGON2_OUTPUT_TOO_SHORT);
assert(ret == ARGON2_DECODING_FAIL);
printf("Recognise an invalid encoding: PASS\n");
/* Handle an invalid encoding correctly (salt is too short) */
ret = argon2_verify("$argon2i$m=65536,t=2,p=1$"
"$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
"password", strlen("password"), Argon2_i);
assert(ret == ARGON2_SALT_TOO_SHORT);
printf("Recognise an invalid salt in encoding: PASS\n");
/* Handle an mismatching hash (the encoded password is "passwore") */
ret = argon2_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ"
"$b2G3seW+uPzerwQQC+/E1K50CLLO7YXy0JRcaTuswRo",
@ -200,9 +207,16 @@ int main() {
ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
"wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA",
"password", strlen("password"), Argon2_i);
assert(ret == ARGON2_OUTPUT_TOO_SHORT);
assert(ret == ARGON2_DECODING_FAIL);
printf("Recognise an invalid encoding: PASS\n");
/* Handle an invalid encoding correctly (salt is too short) */
ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$"
"$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ",
"password", strlen("password"), Argon2_i);
assert(ret == ARGON2_SALT_TOO_SHORT);
printf("Recognise an invalid salt in encoding: PASS\n");
/* Handle an mismatching hash (the encoded password is "passwore") */
ret = argon2_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ"
"$8iIuixkI73Js3G1uMbezQXD0b8LG4SXGsOwoQkdAQIM",