[PATCH] pw_encrypt: Add option to enable bcrypt support
Andreas Helmcke
ahe at helmcke.name
Tue May 3 15:13:04 UTC 2022
Am 03.05.22 um 14:51 schrieb Emmanuel Deloget:
> Le mar. 3 mai 2022 à 13:58, Andreas Helmcke <ahe at helmcke.name> a écrit :
>>
>> diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
>> index 3463fd95b..2da4ab1d0 100644
>> --- a/libbb/pw_encrypt.c
>> +++ b/libbb/pw_encrypt.c
>> @@ -70,6 +70,24 @@ char* FAST_FUNC crypt_make_pw_salt(char
>> salt[MAX_PW_SALT_LEN], const char *algo)
>> salt[1] = '5' + (strcasecmp(algo, "sha512") == 0);
>> len = 16/2;
>> }
>> +#endif
>> +#if ENABLE_USE_BCRYPT
>> + if ((algo[0]|0x20) == 'b') { /* bcrypt */
>> + int cost = 0;
>> +#if ENABLE_FEATURE_BCRYPT_COST
>
> It seems to me that if ENABLE_USE_BCRYPT is set, then the bcrypt cost
> is always there. Am I missing something?
>
>> + cost = (CONFIG_FEATURE_BCRYPT_COST);
>> +#endif
>> + if (cost < 0 || cost > 31)
>
> This allows values (1, 2, 3) that are outside the range of the values
> specified in the config text.
>
> BTW, if the values outside [4, 31] are invalid, maybe a compile-time
> error would be a good thing? (this is actually a real question, not a
> code change suggestion). That would make the code a bit smaller as you
> could confidently and directly use (CONFIG_FEATURE_BCRYPT_COST / 10)
> and (CONFIG_FEATURE_BCRYPT_COST % 10) in the code below (no need to
> set a cost variable).
Good idea.
My intention was to try to avoid compile time errors, but a clear error
while compiling is better than some unexpected effects later.
>> +config FEATURE_BCRYPT_COST
>> + int "bcrypt cost"
>> + range 4 31
>> + default 10
>> + depends on USE_BCRYPT
>> + help
>> + Cost paramter for the bcrypt hashing algorithm.
>
> typo: parameter
Changed, thanks.
More information about the busybox
mailing list