New version 1.1.0

* Sanitize commandline arguments * Add tests * Clarified README.md about 128 bytes limitation * Re-ordered Automake files so 'clean' and 'distclean' work as intended Signed-off-by: Vasyl Gello <[email protected]>
basilgello · May 30, 2020 · 3e5286f · 3e5286f
1 parent b388dec
commit 3e5286f
Show file tree

Hide file tree

Showing 10 changed files with 179 additions and 67 deletions.
diff --git a/Makefile.am b/Makefile.am
@@ -1,2 +1,2 @@
-SUBDIRS = src tests
+SUBDIRS = lib src tests
 man1_MANS = cryptopass.1
diff --git a/README.md b/README.md
@@ -102,6 +102,7 @@ And finally:
         -DNO_CONFIGURE_BUILD \
         -I lib/ \
         src/cryptopass.c \
+        lib/libcryptopass/libcryptopass.c \
         lib/fastpbkdf2/fastpbkdf2.c \
         lib/base64/base64.c
     ```
@@ -128,6 +129,7 @@ To create static builds for Android:
         -DNO_CONFIGURE_BUILD \
         -I lib/ \
         src/cryptopass.c \
+        lib/libcryptopass/libcryptopass.c \
         lib/fastpbkdf2/fastpbkdf2.c \
         lib/base64/base64.c
 
@@ -139,6 +141,7 @@ To create static builds for Android:
         -DNO_CONFIGURE_BUILD \
         -I lib/ \
         src/cryptopass.c \
+        lib/libcryptopass/libcryptopass.c \
         lib/fastpbkdf2/fastpbkdf2.c \
         lib/base64/base64.c
     ```

diff --git a/configure.ac b/configure.ac
@@ -1,6 +1,8 @@
-AC_INIT([cryptopass], [1.0], [[email protected]])
+AC_INIT([cryptopass], [1.1.0], [[email protected]])
 AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
 AC_PROG_CC
+AC_PROG_RANLIB
+AM_PROG_AR
 AC_CHECK_HEADER([assert.h],
                 [AC_DEFINE([HAVE_ASSERT_H], [1],
                 [Define to 1 if you have <assert.h>.])],
@@ -17,6 +19,7 @@ AC_CHECK_HEADER([termios.h],
 AC_CONFIG_HEADERS([config.h])
 AC_CONFIG_FILES([
  Makefile
+ lib/Makefile
  src/Makefile
  tests/Makefile
 ])

diff --git a/lib/Makefile.am b/lib/Makefile.am
@@ -0,0 +1,3 @@
+noinst_LIBRARIES = libcryptopass.a
+libcryptopass_a_SOURCES = base64/base64.c fastpbkdf2/fastpbkdf2.c libcryptopass/libcryptopass.c
+libcryptopass_a_CPPFLAGS = -DFASTPBKDF2_NOASM -I. $(CPPFLAGS)
diff --git a/lib/libcryptopass/libcryptopass.c b/lib/libcryptopass/libcryptopass.c
@@ -0,0 +1,66 @@
+/*
+ *  Copyright (C) 2019 Vasyl Gello <[email protected]>
+ *  This file is part of cryptopass - https://github.com/basilgello/cryptopass
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *  See LICENSE for more information
+ */
+
+#include "libcryptopass.h"
+
+#include <base64/base64.h>
+#include <fastpbkdf2/fastpbkdf2.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+char cryptopass(const char *masterpassword, const unsigned char *salt,
+		char *derivedpassword, unsigned int derivedcapacity)
+{
+	unsigned char digest[32]; /* 32 bytes for SHA-256 */
+
+	char *b64_digest = NULL;
+	size_t b64_len = 0;
+
+	/* Some sanity checks */
+
+	if (!masterpassword || !salt || !derivedpassword || !derivedcapacity)
+		return 0;
+
+	/* Instantiate the digest and password arrays */
+
+	memset(digest, 0, 32);
+
+	/*
+	   Digest the PBKDF2-HMAC-SHA256-5000 from
+	   master password and salt
+	*/
+
+	fastpbkdf2_hmac_sha256(masterpassword, strlen(masterpassword), salt,
+			       strlen(salt), 5000, /* iterations */
+			       digest, 32 /* sizeof(digest) */);
+
+	/* Encode the digest with Base64 */
+
+	b64_digest = base64_encode(digest, 32, &b64_len);
+
+	if (b64_len < derivedcapacity) {
+		free(b64_digest);
+		b64_digest = NULL;
+		b64_len = 0;
+		return 0;
+	}
+
+	/* Copy requested amount of bytes into output array */
+
+	strncpy(derivedpassword, b64_digest, derivedcapacity);
+
+	/* Clean up */
+
+	free(b64_digest);
+
+	b64_digest = NULL;
+	b64_len = 0;
+
+	return 1;
+}
diff --git a/lib/libcryptopass/libcryptopass.h b/lib/libcryptopass/libcryptopass.h
@@ -0,0 +1,15 @@
+/*
+ *  Copyright (C) 2019 Vasyl Gello <[email protected]>
+ *  This file is part of cryptopass - https://github.com/basilgello/cryptopass
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *  See LICENSE for more information
+ */
+
+#ifndef _LIBCRYPTOPASS_H_
+#define _LIBCRYPTOPASS_H_
+
+char cryptopass(const char *masterpassword, const unsigned char *salt,
+		char *derivedpassword, unsigned int derivedcapacity);
+
+#endif // _LIBCRYPTOPASS_H_
diff --git a/src/Makefile.am b/src/Makefile.am
@@ -1,3 +1,4 @@
 bin_PROGRAMS = cryptopass
-cryptopass_SOURCES = cryptopass.c ../lib/fastpbkdf2/fastpbkdf2.c ../lib/base64/base64.c
+cryptopass_SOURCES = cryptopass.c
+cryptopass_LDADD = ../lib/libcryptopass.a
 cryptopass_CPPFLAGS = -DFASTPBKDF2_NOASM -I ../lib/ $(CPPFLAGS)
diff --git a/src/cryptopass.c b/src/cryptopass.c
@@ -8,7 +8,7 @@
 
 #ifdef NO_CONFIGURE_BUILD
 #define PACKAGE_NAME "cryptopass"
-#define PACKAGE_VERSION "1.0"
+#define PACKAGE_VERSION "1.1.0"
 #define PACKAGE_BUGREPORT "[email protected]"
 #else
 #include <config.h>
@@ -22,59 +22,7 @@
 #include <termios.h>
 #endif
 
-#include <base64/base64.h>
-#include <fastpbkdf2/fastpbkdf2.h>
-
-char cryptopass(const char *masterpassword, const unsigned char *salt,
-		char *derivedpassword, unsigned int derivedcapacity)
-{
-	unsigned char digest[32]; /* 32 bytes for SHA-256 */
-
-	char *b64_digest = NULL;
-	size_t b64_len = 0;
-
-	/* Some sanity checks */
-
-	if (!masterpassword || !salt || !derivedpassword || !derivedcapacity)
-		return 0;
-
-	/* Instantiate the digest and password arrays */
-
-	memset(digest, 0, 32);
-
-	/*
-	   Digest the PBKDF2-HMAC-SHA256-5000 from
-	   master password and salt
-	*/
-
-	fastpbkdf2_hmac_sha256(masterpassword, strlen(masterpassword), salt,
-			       strlen(salt), 5000, /* iterations */
-			       digest, 32 /* sizeof(digest) */);
-
-	/* Encode the digest with Base64 */
-
-	b64_digest = base64_encode(digest, 32, &b64_len);
-
-	if (b64_len < derivedcapacity) {
-		free(b64_digest);
-		b64_digest = NULL;
-		b64_len = 0;
-		return 0;
-	}
-
-	/* Copy requested amount of bytes into output array */
-
-	strncpy(derivedpassword, b64_digest, derivedcapacity);
-
-	/* Clean up */
-
-	free(b64_digest);
-
-	b64_digest = NULL;
-	b64_len = 0;
-
-	return 1;
-}
+#include <libcryptopass/libcryptopass.h>
 
 int main(int argc, char **argv)
 {
@@ -133,11 +81,11 @@ int main(int argc, char **argv)
 
 	/* Instantiate arrays */
 
-	memset(derivedpassword, 0, PASSWORD_BUFFER_SIZE);
-	memset(domain, 0, MAX_INPUT_SIZE);
-	memset(masterpassword, 0, MAX_INPUT_SIZE);
-	memset(passlenbuf, 0, PASSWORD_LENGTH_BUFFER_SIZE);
-	memset(salt, 0, SALT_BUFFER_SIZE);
+	memset(derivedpassword, 0, sizeof(derivedpassword));
+	memset(domain, 0, sizeof(domain));
+	memset(masterpassword, 0, sizeof(masterpassword));
+	memset(passlenbuf, 0, sizeof(passlenbuf));
+	memset(salt, 0, sizeof(salt));
 	memset(username, 0, MAX_INPUT_SIZE);
 
 	/* Get username */

diff --git a/tests/Makefile.am b/tests/Makefile.am
@@ -1,9 +1,15 @@
-TESTS = testbase64 testfastpbkdf2
+TESTS = testbase64 testfastpbkdf2 testlibcryptopass
 
-check_PROGRAMS = testbase64 testfastpbkdf2
+check_PROGRAMS = testbase64 testfastpbkdf2 testlibcryptopass
 
-testbase64_SOURCES = base64/testbase64.c ../lib/base64/base64.c
+testbase64_SOURCES = base64/testbase64.c
+testbase64_LDADD = ../lib/libcryptopass.a
 testbase64_CPPFLAGS = -I../lib/ $(CPPFLAGS)
 
-testfastpbkdf2_SOURCES = fastpbkdf2/testfastpbkdf2.c ../lib/fastpbkdf2/fastpbkdf2.c
-testfastpbkdf2_CPPFLAGS = -DFASTPBKDF2_NOASM -I ../lib/ $(CPPFLAGS)
+testfastpbkdf2_SOURCES = fastpbkdf2/testfastpbkdf2.c
+testfastpbkdf2_LDADD = ../lib/libcryptopass.a
+testfastpbkdf2_CPPFLAGS = -I ../lib/ $(CPPFLAGS)
+
+testlibcryptopass_SOURCES = libcryptopass/testlibcryptopass.c
+testlibcryptopass_LDADD = ../lib/libcryptopass.a
+testlibcryptopass_CPPFLAGS = -I ../lib/ $(CPPFLAGS)
diff --git a/tests/libcryptopass/testlibcryptopass.c b/tests/libcryptopass/testlibcryptopass.c
@@ -0,0 +1,67 @@
+/*
+ *  Copyright (C) 2019 Vasyl Gello <[email protected]>
+ *  This file is part of cryptopass - https://github.com/basilgello/cryptopass
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *  See LICENSE for more information
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <libcryptopass/libcryptopass.h>
+
+typedef struct {
+	char *master_password;
+	char *salt;
+	unsigned int derived_password_length;
+	char *derived_password;
+} testitem;
+
+int main(int argc, char **argv)
+{
+	const testitem const testvector[] = {
+		{ "testpassword", "[email protected]", 25, "efpbGPH4wUw//pgDaPfvR7eak" },
+		{ "d0d1d2d3d4d5d6d7d8d9d0", "some@random", 20, "UJrRaF7DjVo359niCGxL" }
+	};
+
+	char generated_password[40];
+	unsigned int counter = 0;
+
+	for (counter = 0; counter < sizeof(testvector) / sizeof(testitem);
+	     counter++) {
+		fprintf(stderr,
+			"Processing %d: { '%s', '%s', '%u' } -> '%s':\n",
+			counter,
+			testvector[counter].master_password,
+			testvector[counter].salt,
+			testvector[counter].derived_password_length,
+			testvector[counter].derived_password);
+
+		memset(generated_password, 0, sizeof(generated_password));
+
+		if (!cryptopass(testvector[counter].master_password,
+			testvector[counter].salt,
+			generated_password,
+			testvector[counter].derived_password_length)) {
+			fprintf(stderr, "ERROR: cryptopass() returned error!\n");
+
+			return 1;
+
+		}
+
+		if (strncmp(generated_password,
+			testvector[counter].derived_password,
+			testvector[counter].derived_password_length)) {
+			fprintf(stderr,
+				"ERROR: Produced password '%s', expected '%s'!\n",
+				generated_password,
+				testvector[counter].derived_password);
+
+			return 1;
+		}
+	}
+
+	return 0;
+}