[PATCH] pw_encrypt: Add option to enable bcrypt support

[Andreas Helmcke]

Am 03.05.22 um 14:51 schrieb Emmanuel Deloget:
> Le mar. 3 mai 2022 à 13:58, Andreas Helmcke <ahe at helmcke.name> a écrit :
>>
>> diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
>> index 3463fd95b..2da4ab1d0 100644
>> --- a/libbb/pw_encrypt.c
>> +++ b/libbb/pw_encrypt.c
>> @@ -70,6 +70,24 @@ char* FAST_FUNC crypt_make_pw_salt(char
>> salt[MAX_PW_SALT_LEN], const char *algo)
>>                           salt[1] = '5' + (strcasecmp(algo, "sha512") == 0);
>>                           len = 16/2;
>>                   }
>> +#endif
>> +#if ENABLE_USE_BCRYPT
>> +               if ((algo[0]|0x20) == 'b') { /* bcrypt */
>> +                       int cost = 0;
>> +#if ENABLE_FEATURE_BCRYPT_COST
> 
> It seems to me that if ENABLE_USE_BCRYPT is set, then the bcrypt cost
> is always there. Am I missing something?
> 
>> +                       cost = (CONFIG_FEATURE_BCRYPT_COST);
>> +#endif
>> +                       if (cost < 0 || cost > 31)
> 
> This allows values (1, 2, 3) that are outside the range of the values
> specified in the config text.
> 
> BTW, if the values outside [4, 31] are invalid, maybe a compile-time
> error would be a good thing? (this is actually a real question, not a
> code change suggestion). That would make the code a bit smaller as you
> could confidently and directly use (CONFIG_FEATURE_BCRYPT_COST / 10)
> and (CONFIG_FEATURE_BCRYPT_COST % 10) in the code below (no need to
> set a cost variable).

Good idea.
My intention was to try to avoid compile time errors, but a clear error 
while compiling is better than some unexpected effects later.

>> +config FEATURE_BCRYPT_COST
>> +       int "bcrypt cost"
>> +       range 4 31
>> +       default 10
>> +       depends on USE_BCRYPT
>> +       help
>> +       Cost paramter for the bcrypt hashing algorithm.
> 
> typo: parameter

Changed, thanks.