@@ -1,6 +1,10 @@ /* $OpenBSD: bcrypt.c,v 1.22 2007/02/20 01:44:16 ray Exp $ */ -/* +/* + * Modified by <coda.hale@gmail.com> on 2009-09-16: + * + * - Standardized on stdint.h's numerical types and removed some debug cruft. + * * Modified by <hongli@phusion.nl> on 2009-08-05: * * - Got rid of the global variables; they're not thread-safe. @@ -58,13 +62,8 @@ * */ -#if 0 -#include <stdio.h> -#endif - #include <stdio.h> #include <stdlib.h> -#include <sys/types.h> #include <string.h> #include "blf.h" #include "bcrypt.h" @@ -74,14 +73,14 @@ * time to come. */ -static void encode_salt(char *, u_int8_t *, u_int16_t, u_int8_t); -static void encode_base64(u_int8_t *, u_int8_t *, u_int16_t); -static void decode_base64(u_int8_t *, u_int16_t, u_int8_t *); +static void encode_salt(char *, uint8_t *, uint16_t, uint8_t); +static void encode_base64(uint8_t *, uint8_t *, uint16_t); +static void decode_base64(uint8_t *, uint16_t, uint8_t *); -const static u_int8_t Base64Code[] = +const static uint8_t Base64Code[] = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; -const static u_int8_t index_64[128] = { +const static uint8_t index_64[128] = { 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, @@ -99,11 +98,11 @@ const static u_int8_t index_64[128] = { #define CHAR64(c) ( (c) > 127 ? 255 : index_64[(c)]) static void -decode_base64(u_int8_t *buffer, u_int16_t len, u_int8_t *data) +decode_base64(uint8_t *buffer, uint16_t len, uint8_t *data) { - u_int8_t *bp = buffer; - u_int8_t *p = data; - u_int8_t c1, c2, c3, c4; + uint8_t *bp = buffer; + uint8_t *p = data; + uint8_t c1, c2, c3, c4; while (bp < buffer + len) { c1 = CHAR64(*p); c2 = CHAR64(*(p + 1)); @@ -134,7 +133,7 @@ decode_base64(u_int8_t *buffer, u_int16_t len, u_int8_t *data) } static void -encode_salt(char *salt, u_int8_t *csalt, u_int16_t clen, u_int8_t logr) +encode_salt(char *salt, uint8_t *csalt, uint16_t clen, uint8_t logr) { salt[0] = '$'; salt[1] = BCRYPT_VERSION; @@ -143,7 +142,7 @@ encode_salt(char *salt, u_int8_t *csalt, u_int16_t clen, u_int8_t logr) snprintf(salt + 4, 4, "%2.2u$", logr); - encode_base64((u_int8_t *) salt + 7, csalt, clen); + encode_base64((uint8_t *) salt + 7, csalt, clen); } /* Generates a salt for this version of crypt. Since versions may change. Keeping this here @@ -151,7 +150,7 @@ encode_salt(char *salt, u_int8_t *csalt, u_int16_t clen, u_int8_t logr) */ char * -bcrypt_gensalt(char *output, u_int8_t log_rounds, u_int8_t *rseed) +bcrypt_gensalt(char *output, uint8_t log_rounds, uint8_t *rseed) { if (log_rounds < 4) log_rounds = 4; @@ -168,12 +167,12 @@ char * bcrypt(char *output, const char *key, const char *salt) { blf_ctx state; - u_int32_t rounds, i, k; - u_int16_t j; - u_int8_t key_len, salt_len, logr, minor; - u_int8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt"; - u_int8_t csalt[BCRYPT_MAXSALT]; - u_int32_t cdata[BCRYPT_BLOCKS]; + uint32_t rounds, i, k; + uint16_t j; + uint8_t key_len, salt_len, logr, minor; + uint8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt"; + uint8_t csalt[BCRYPT_MAXSALT]; + uint32_t cdata[BCRYPT_BLOCKS]; int n; /* Discard "$" identifier */ @@ -208,8 +207,8 @@ bcrypt(char *output, const char *key, const char *salt) n = atoi(salt); if (n > 31 || n < 0) return NULL; - logr = (u_int8_t)n; - if ((rounds = (u_int32_t) 1 << logr) < BCRYPT_MINROUNDS) + logr = (uint8_t)n; + if ((rounds = (uint32_t) 1 << logr) < BCRYPT_MINROUNDS) return NULL; /* Discard num rounds + "$" identifier */ @@ -219,16 +218,16 @@ bcrypt(char *output, const char *key, const char *salt) return NULL; /* We dont want the base64 salt but the raw data */ - decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt); + decode_base64(csalt, BCRYPT_MAXSALT, (uint8_t *) salt); salt_len = BCRYPT_MAXSALT; key_len = strlen(key) + (minor >= 'a' ? 1 : 0); /* Setting up S-Boxes and Subkeys */ Blowfish_initstate(&state); Blowfish_expandstate(&state, csalt, salt_len, - (u_int8_t *) key, key_len); + (uint8_t *) key, key_len); for (k = 0; k < rounds; k++) { - Blowfish_expand0state(&state, (u_int8_t *) key, key_len); + Blowfish_expand0state(&state, (uint8_t *) key, key_len); Blowfish_expand0state(&state, csalt, salt_len); } @@ -261,18 +260,18 @@ bcrypt(char *output, const char *key, const char *salt) snprintf(output + i, 4, "%2.2u$", logr); - encode_base64((u_int8_t *) output + i + 3, csalt, BCRYPT_MAXSALT); - encode_base64((u_int8_t *) output + strlen(output), ciphertext, + encode_base64((uint8_t *) output + i + 3, csalt, BCRYPT_MAXSALT); + encode_base64((uint8_t *) output + strlen(output), ciphertext, 4 * BCRYPT_BLOCKS - 1); return output; } static void -encode_base64(u_int8_t *buffer, u_int8_t *data, u_int16_t len) +encode_base64(uint8_t *buffer, uint8_t *data, uint16_t len) { - u_int8_t *bp = buffer; - u_int8_t *p = data; - u_int8_t c1, c2; + uint8_t *bp = buffer; + uint8_t *p = data; + uint8_t c1, c2; while (p < data + len) { c1 = *p++; *bp++ = Base64Code[(c1 >> 2)]; @@ -296,33 +295,3 @@ encode_base64(u_int8_t *buffer, u_int8_t *data, u_int16_t len) } *bp = '\0'; } -#if 0 -void -main() -{ - char blubber[73]; - char salt[100]; - char *p; - salt[0] = '$'; - salt[1] = BCRYPT_VERSION; - salt[2] = '$'; - - snprintf(salt + 3, 4, "%2.2u$", 5); - - printf("24 bytes of salt: "); - fgets(salt + 6, sizeof(salt) - 6, stdin); - salt[99] = 0; - printf("72 bytes of password: "); - fpurge(stdin); - fgets(blubber, sizeof(blubber), stdin); - blubber[72] = 0; - - p = crypt(blubber, salt); - printf("Passwd entry: %s\n\n", p); - - p = bcrypt_gensalt(5); - printf("Generated salt: %s\n", p); - p = crypt(blubber, p); - printf("Passwd entry: %s\n", p); -} -#endif ext/mri/bcrypt.c @@ -31,6 +31,8 @@ #ifndef _BCRYPT_H_ #define _BCRYPT_H_ +#include <stdint.h> + #define BCRYPT_VERSION '2' #define BCRYPT_MAXSALT 16 /* Precomputation is just so nice */ #define BCRYPT_BLOCKS 6 /* Ciphertext blocks */ @@ -49,7 +51,7 @@ * cryptographically secure random source. * Returns: output */ -char *bcrypt_gensalt(char *output, u_int8_t log_rounds, u_int8_t *rseed); +char *bcrypt_gensalt(char *output, uint8_t log_rounds, uint8_t *rseed); /* * Given a secret and a salt, generates a salted hash (which you can then store safely). ext/mri/bcrypt.h @@ -41,7 +41,7 @@ static VALUE bc_salt(VALUE self, VALUE cost, VALUE seed) { int icost = NUM2INT(cost); char salt[BCRYPT_SALT_OUTPUT_SIZE]; - bcrypt_gensalt(salt, icost, (u_int8_t *)RSTRING_PTR(seed)); + bcrypt_gensalt(salt, icost, (uint8_t *)RSTRING_PTR(seed)); return rb_str_new2(salt); } ext/mri/bcrypt_ext.c @@ -31,18 +31,11 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* Add this type so we'll compile nicely on Solaris. - Thanks to Jeremy LaTrasse and the Twitter crew. */ -#ifdef __sun - #define u_int8_t uint8_t - #define u_int16_t uint16_t - #define u_int32_t uint32_t - #define u_int64_t uint64_t -#endif - #ifndef _BLF_H_ #define _BLF_H_ +#include <stdint.h> + // Imported from pwd.h. <coda.hale@gmail.com> #define _PASSWORD_LEN 128 /* max length, not counting NUL */ @@ -58,8 +51,8 @@ /* Blowfish context */ typedef struct BlowfishContext { - u_int32_t S[4][256]; /* S-Boxes */ - u_int32_t P[BLF_N + 2]; /* Subkeys */ + uint32_t S[4][256]; /* S-Boxes */ + uint32_t P[BLF_N + 2]; /* Subkeys */ } blf_ctx; /* Raw access to customized Blowfish @@ -68,26 +61,26 @@ typedef struct BlowfishContext { * Blowfish_expand0state( state, key, keylen ) */ -void Blowfish_encipher(blf_ctx *, u_int32_t *, u_int32_t *); -void Blowfish_decipher(blf_ctx *, u_int32_t *, u_int32_t *); +void Blowfish_encipher(blf_ctx *, uint32_t *, uint32_t *); +void Blowfish_decipher(blf_ctx *, uint32_t *, uint32_t *); void Blowfish_initstate(blf_ctx *); -void Blowfish_expand0state(blf_ctx *, const u_int8_t *, u_int16_t); +void Blowfish_expand0state(blf_ctx *, const uint8_t *, uint16_t); void Blowfish_expandstate -(blf_ctx *, const u_int8_t *, u_int16_t, const u_int8_t *, u_int16_t); +(blf_ctx *, const uint8_t *, uint16_t, const uint8_t *, uint16_t); /* Standard Blowfish */ -void blf_key(blf_ctx *, const u_int8_t *, u_int16_t); -void blf_enc(blf_ctx *, u_int32_t *, u_int16_t); -void blf_dec(blf_ctx *, u_int32_t *, u_int16_t); +void blf_key(blf_ctx *, const uint8_t *, uint16_t); +void blf_enc(blf_ctx *, uint32_t *, uint16_t); +void blf_dec(blf_ctx *, uint32_t *, uint16_t); -void blf_ecb_encrypt(blf_ctx *, u_int8_t *, u_int32_t); -void blf_ecb_decrypt(blf_ctx *, u_int8_t *, u_int32_t); +void blf_ecb_encrypt(blf_ctx *, uint8_t *, uint32_t); +void blf_ecb_decrypt(blf_ctx *, uint8_t *, uint32_t); -void blf_cbc_encrypt(blf_ctx *, u_int8_t *, u_int8_t *, u_int32_t); -void blf_cbc_decrypt(blf_ctx *, u_int8_t *, u_int8_t *, u_int32_t); +void blf_cbc_encrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); +void blf_cbc_decrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); -/* Converts u_int8_t to u_int32_t */ -u_int32_t Blowfish_stream2word(const u_int8_t *, u_int16_t , u_int16_t *); +/* Converts uint8_t to uint32_t */ +uint32_t Blowfish_stream2word(const uint8_t *, uint16_t , uint16_t *); #endif ext/mri/blf.h @@ -39,12 +39,6 @@ * Bruce Schneier. */ -#if 0 -#include <stdio.h> /* used for debugging */ -#include <string.h> -#endif - -#include <sys/types.h> #include "blf.h" #undef inline @@ -64,12 +58,12 @@ #define BLFRND(s,p,i,j,n) (i ^= F(s,j) ^ (p)[n]) void -Blowfish_encipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr) +Blowfish_encipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) { - u_int32_t Xl; - u_int32_t Xr; - u_int32_t *s = c->S[0]; - u_int32_t *p = c->P; + uint32_t Xl; + uint32_t Xr; + uint32_t *s = c->S[0]; + uint32_t *p = c->P; Xl = *xl; Xr = *xr; @@ -89,12 +83,12 @@ Blowfish_encipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr) } void -Blowfish_decipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr) +Blowfish_decipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) { - u_int32_t Xl; - u_int32_t Xr; - u_int32_t *s = c->S[0]; - u_int32_t *p = c->P; + uint32_t Xl; + uint32_t Xr; + uint32_t *s = c->S[0]; + uint32_t *p = c->P; Xl = *xl; Xr = *xr; @@ -392,13 +386,13 @@ Blowfish_initstate(blf_ctx *c) *c = initstate; } -u_int32_t -Blowfish_stream2word(const u_int8_t *data, u_int16_t databytes, - u_int16_t *current) +uint32_t +Blowfish_stream2word(const uint8_t *data, uint16_t databytes, + uint16_t *current) { - u_int8_t i; - u_int16_t j; - u_int32_t temp; + uint8_t i; + uint16_t j; + uint32_t temp; temp = 0x00000000; j = *current; @@ -414,14 +408,14 @@ Blowfish_stream2word(const u_int8_t *data, u_int16_t databytes, } void -Blowfish_expand0state(blf_ctx *c, const u_int8_t *key, u_int16_t keybytes) +Blowfish_expand0state(blf_ctx *c, const uint8_t *key, uint16_t keybytes) { - u_int16_t i; - u_int16_t j; - u_int16_t k; - u_int32_t temp; - u_int32_t datal; - u_int32_t datar; + uint16_t i; + uint16_t j; + uint16_t k; + uint32_t temp; + uint32_t datal; + uint32_t datar; j = 0; for (i = 0; i < BLF_N + 2; i++) { @@ -452,15 +446,15 @@ Blowfish_expand0state(blf_ctx *c, const u_int8_t *key, u_int16_t keybytes) void -Blowfish_expandstate(blf_ctx *c, const u_int8_t *data, u_int16_t databytes, - const u_int8_t *key, u_int16_t keybytes) +Blowfish_expandstate(blf_ctx *c, const uint8_t *data, uint16_t databytes, + const uint8_t *key, uint16_t keybytes) { - u_int16_t i; - u_int16_t j; - u_int16_t k; - u_int32_t temp; - u_int32_t datal; - u_int32_t datar; + uint16_t i; + uint16_t j; + uint16_t k; + uint32_t temp; + uint32_t datal; + uint32_t datar; j = 0; for (i = 0; i < BLF_N + 2; i++) { @@ -495,7 +489,7 @@ Blowfish_expandstate(blf_ctx *c, const u_int8_t *data, u_int16_t databytes, } void -blf_key(blf_ctx *c, const u_int8_t *k, u_int16_t len) +blf_key(blf_ctx *c, const uint8_t *k, uint16_t len) { /* Initialize S-boxes and subkeys with Pi */ Blowfish_initstate(c); @@ -505,10 +499,10 @@ blf_key(blf_ctx *c, const u_int8_t *k, u_int16_t len) } void -blf_enc(blf_ctx *c, u_int32_t *data, u_int16_t blocks) +blf_enc(blf_ctx *c, uint32_t *data, uint16_t blocks) { - u_int32_t *d; - u_int16_t i; + uint32_t *d; + uint16_t i; d = data; for (i = 0; i < blocks; i++) { @@ -518,10 +512,10 @@ blf_enc(blf_ctx *c, u_int32_t *data, u_int16_t blocks) } void -blf_dec(blf_ctx *c, u_int32_t *data, u_int16_t blocks) +blf_dec(blf_ctx *c, uint32_t *data, uint16_t blocks) { - u_int32_t *d; - u_int16_t i; + uint32_t *d; + uint16_t i; d = data; for (i = 0; i < blocks; i++) { @@ -531,10 +525,10 @@ blf_dec(blf_ctx *c, u_int32_t *data, u_int16_t blocks) } void -blf_ecb_encrypt(blf_ctx *c, u_int8_t *data, u_int32_t len) +blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len) { - u_int32_t l, r; - u_int32_t i; + uint32_t l, r; + uint32_t i; for (i = 0; i < len; i += 8) { l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; @@ -553,10 +547,10 @@ blf_ecb_encrypt(blf_ctx *c, u_int8_t *data, u_int32_t len) } void -blf_ecb_decrypt(blf_ctx *c, u_int8_t *data, u_int32_t len) +blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len) { - u_int32_t l, r; - u_int32_t i; + uint32_t l, r; + uint32_t i; for (i = 0; i < len; i += 8) { l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; @@ -575,10 +569,10 @@ blf_ecb_decrypt(blf_ctx *c, u_int8_t *data, u_int32_t len) } void -blf_cbc_encrypt(blf_ctx *c, u_int8_t *iv, u_int8_t *data, u_int32_t len) +blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len) { - u_int32_t l, r; - u_int32_t i, j; + uint32_t l, r; + uint32_t i, j; for (i = 0; i < len; i += 8) { for (j = 0; j < 8; j++) @@ -600,11 +594,11 @@ blf_cbc_encrypt(blf_ctx *c, u_int8_t *iv, u_int8_t *data, u_int32_t len) } void -blf_cbc_decrypt(blf_ctx *c, u_int8_t *iva, u_int8_t *data, u_int32_t len) +blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len) { - u_int32_t l, r; - u_int8_t *iv; - u_int32_t i, j; + uint32_t l, r; + uint8_t *iv; + uint32_t i, j; iv = data + len - 16; data = data + len - 8; @@ -639,47 +633,3 @@ blf_cbc_decrypt(blf_ctx *c, u_int8_t *iva, u_int8_t *data, u_int32_t len) for (j = 0; j < 8; j++) data[j] ^= iva[j]; } - -#if 0 -void -report(u_int32_t data[], u_int16_t len) -{ - u_int16_t i; - for (i = 0; i < len; i += 2) - printf("Block %0hd: %08lx %08lx.\n", - i / 2, data[i], data[i + 1]); -} -void -main(void) -{ - - blf_ctx c; - char key[] = "AAAAA"; - char key2[] = "abcdefghijklmnopqrstuvwxyz"; - - u_int32_t data[10]; - u_int32_t data2[] = - {0x424c4f57l, 0x46495348l}; - - u_int16_t i; - - /* First test */ - for (i = 0; i < 10; i++) - data[i] = i; - - blf_key(&c, (u_int8_t *) key, 5); - blf_enc(&c, data, 5); - blf_dec(&c, data, 1); - blf_dec(&c, data + 2, 4); - printf("Should read as 0 - 9.\n"); - report(data, 10); - - /* Second test */ - blf_key(&c, (u_int8_t *) key2, strlen(key2)); - blf_enc(&c, data2, 1); - printf("\nShould read as: 0x324ed0fe 0xf413a203.\n"); - report(data2, 2); - blf_dec(&c, data2, 1); - report(data2, 2); -} -#endif ext/mri/blowfish.c @@ -12,7 +12,6 @@ if RUBY_PLATFORM == "java" else require "mkmf" dir_config("bcrypt_ext") - # enable this when we're feeling nitpicky - # CONFIG['CC'] << " -Wall " + CONFIG['CC'] << " -Wall " create_makefile("bcrypt_ext") end \ No newline at end of file ext/mri/extconf.rb 525b5999142d3d8c731fd7524eb07780dcd03720 Coda Hale coda.hale@gmail.com http://github.com/codahale/bcrypt-ruby/commit/ba77ac1e2d88b72126fa0495b28fecd821ca118c ba77ac1e2d88b72126fa0495b28fecd821ca118c 2009-09-16T12:39:54-07:00 2009-09-16T12:39:54-07:00 Standardized on stdint's uint_* types; cleanup. Removed a fair bit of #if 0'd debug code which we don't need. f91e42287c96f72ddf50c60f7b321da64832e16a Coda Hale coda.hale@gmail.com