Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Expose LibCrypt's PKCS5_PBKDF2_HMAC #7264

Merged
merged 21 commits into from Apr 8, 2019

Conversation

@mniak
Copy link
Contributor

commented Jan 4, 2019

Fixes #6973
Replaces pull request #6975

@RX14 RX14 added this to the 0.28.0 milestone Jan 4, 2019

@RX14 RX14 changed the title Add pkcs5 pbkdf2 hmac Expose LibCrypt's PKCS5_PBKDF2_HMAC Jan 4, 2019

@RX14

This comment has been minimized.

Copy link
Member

commented Jan 4, 2019

This is perfect, thanks and sorry for the confusion!

@straight-shoota
Copy link
Member

left a comment

The OpenSSL bindings are missing API docs everywhere, but it would be great to include at least some minimal documentation for the newly added features.

Show resolved Hide resolved src/openssl/algorithm.cr
Show resolved Hide resolved src/openssl/hmac.cr
Show resolved Hide resolved src/openssl/algorithm.cr Outdated
SHA512

def to_evp
# The internal bindings to the *LibCrypto* digest operations sometimes require a hash algorithm

This comment has been minimized.

Copy link
@r00ster91

r00ster91 Mar 6, 2019

Contributor

Ditto. Needs to be put in front of to_evp.
But I would only use the bottom text:

Returns the appropriate equivalent hash algorithm that corresponds to the
current enum value.

This comment has been minimized.

Copy link
@straight-shoota

straight-shoota Mar 6, 2019

Member

"equivalent hash algorithm" should be more precise. This enum already represents hash algorithms. This method returns the corresponding identifier in libcrypto.

This comment has been minimized.

Copy link
@mniak

mniak Mar 8, 2019

Author Contributor

The @r00ster91's suggestion seems very concise to me. Thanks for the suggestion.
But really have to agree that this phrasing adds some ambiguity like stated by @straight-shoota.

This comment has been minimized.

Copy link
@mniak

mniak Mar 8, 2019

Author Contributor

The OpenSSL documentation mentions the expression "message digest function" when referring to this type.

Also, the documentation for the SSLeay library (from where OpenSSL was forked) makes it clear that the acronym EVP stands for Envelope.

This comment has been minimized.

Copy link
@mniak

mniak Mar 8, 2019

Author Contributor

The type of the equivalent hash algorithms in the LibCrypto API is EVP_MD.

I found that this MD stands for Message Digest, and in some point the ancient documentation mentions the expressions and "digest method" and "message digest algorithm" related to this type.

That pretty much confuses me. I thought that the algorithm was called hash and the ouput was called digest. (source).

It seems that back then digest algorithm meant what now we call hash algorithm.

Well... I think this is no help at all. I just wanted to add some value, as I can't by means of language, since I do not write very well in english.

This comment has been minimized.

Copy link
@mniak

mniak Mar 11, 2019

Author Contributor

About this review, can I mark as resolved?
I'm not sure what to do

Show resolved Hide resolved src/openssl/algorithm.cr Outdated
Show resolved Hide resolved src/openssl/algorithm.cr
Show resolved Hide resolved src/openssl/algorithm.cr Outdated
Show resolved Hide resolved src/openssl/algorithm.cr Outdated
Show resolved Hide resolved src/openssl/algorithm.cr Outdated
@Sija

This comment has been minimized.

Copy link
Contributor

commented Mar 10, 2019

Hmm, why the darwin CI builds are constantly failing...?

@straight-shoota

This comment has been minimized.

Copy link
Member

commented Mar 10, 2019

@Sija That's an unrelated issue. See #7535

@Sija

This comment has been minimized.

Copy link
Contributor

commented Mar 10, 2019

@straight-shoota I reckon that, I was just wondering... Thanks for creating an issue for that!

Show resolved Hide resolved src/openssl/algorithm.cr Outdated
@RX14

RX14 approved these changes Mar 12, 2019

@RX14

This comment has been minimized.

Copy link
Member

commented Mar 12, 2019

needs a format with bin/crystal tool format

@straight-shoota

This comment has been minimized.

Copy link
Member

commented Mar 12, 2019

Please rebase on master. This will allow test_darwin job to run (see #7535).

@bcardiff

This comment has been minimized.

Copy link
Member

commented Apr 5, 2019

@mniak I would need to ask you for another rebase on master. I'm sorry this is coming 1 month after the last request. Thanks!

@@ -236,6 +236,7 @@ lib LibCrypto
fun md5 = MD5(data : UInt8*, lengh : LibC::SizeT, md : UInt8*) : UInt8*

fun pkcs5_pbkdf2_hmac_sha1 = PKCS5_PBKDF2_HMAC_SHA1(pass : LibC::Char*, passlen : LibC::Int, salt : UInt8*, saltlen : LibC::Int, iter : LibC::Int, keylen : LibC::Int, out : UInt8*) : LibC::Int
fun pkcs5_pbkdf2_hmac = PKCS5_PBKDF2_HMAC(pass : LibC::Char*, passlen : LibC::Int, salt : UInt8*, saltlen : LibC::Int, iter : LibC::Int, digest : EVP_MD, keylen : LibC::Int, out : UInt8*) : LibC::Int

This comment has been minimized.

Copy link
@bcardiff

bcardiff Apr 8, 2019

Member

Here a {% if compare_versions(LibSSL::OPENSSL_VERSION, "1.0.0") >= 0 %} is missing to avoid declaring the fun if it is not available.

@bcardiff

This comment has been minimized.

Copy link
Member

commented Apr 8, 2019

@mniak I will handle the rebase and minor changes I asked and push the changes. Thanks for the patience with this change.

@bcardiff bcardiff merged commit a00c092 into crystal-lang:master Apr 8, 2019

5 checks passed

ci/circleci: check_format Your tests passed on CircleCI!
Details
ci/circleci: test_darwin Your tests passed on CircleCI!
Details
ci/circleci: test_linux Your tests passed on CircleCI!
Details
ci/circleci: test_linux32 Your tests passed on CircleCI!
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@bcardiff

This comment has been minimized.

Copy link
Member

commented Apr 8, 2019

Thanks @mniak and all reviewers

@mniak

This comment has been minimized.

Copy link
Contributor Author

commented Apr 8, 2019

I'm sorry for the delay. Theses days I'm not having mucha spare time as I started in a new position.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.