From 97ad7a5452afc4c5a12617b01b03eefb8626d507 Mon Sep 17 00:00:00 2001 From: daveed-al <33853903+daveed-al@users.noreply.github.com> Date: Wed, 31 Jan 2018 18:25:13 +0800 Subject: [PATCH 1/5] pwhash_str doc update --- src/enacl.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/enacl.erl b/src/enacl.erl index 76e834c..0162830 100644 --- a/src/enacl.erl +++ b/src/enacl.erl @@ -316,7 +316,7 @@ generichash_final({hashstate, HashSize, HashState}) -> pwhash(Password, Salt) -> enacl_nif:crypto_pwhash(Password, Salt). -%% @doc pwhash_str_verify/2 generates a ASCII encoded hash of a password +%% @doc pwhash_str/1 generates a ASCII encoded hash of a password %% %% This function generates a fixed size, salted, ASCII encoded hash of a user defined password. %% @end From cd183efd340b2bd7422218e491ae9d4964c06758 Mon Sep 17 00:00:00 2001 From: daveed-al <33853903+daveed-al@users.noreply.github.com> Date: Wed, 31 Jan 2018 18:41:31 +0800 Subject: [PATCH 2/5] pwhash_str_verify respects specs second param as iodata() --- c_src/enacl_nif.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/c_src/enacl_nif.c b/c_src/enacl_nif.c index 1046af7..f2c752c 100644 --- a/c_src/enacl_nif.c +++ b/c_src/enacl_nif.c @@ -35,7 +35,7 @@ int enif_crypto_load(ErlNifEnv *env, void **priv_data, ERL_NIF_TERM load_info) { if( !(generichash_state_type = enif_open_resource_type(env, NULL, CRYPTO_GENERICHASH_STATE_RESOURCE, NULL, ERL_NIF_RT_CREATE, NULL)) ) { return -1; } - + return sodium_init(); } @@ -1261,7 +1261,7 @@ ERL_NIF_TERM enif_crypto_pwhash(ErlNifEnv *env, int argc, ERL_NIF_TERM const arg ERL_NIF_TERM ok = enif_make_atom(env, ATOM_OK); ERL_NIF_TERM ret = enif_make_binary(env, &h); - + return enif_make_tuple2(env, ok, ret); } @@ -1289,7 +1289,7 @@ ERL_NIF_TERM enif_crypto_pwhash_str(ErlNifEnv *env, int argc, ERL_NIF_TERM const ERL_NIF_TERM ok = enif_make_atom(env, ATOM_OK); ERL_NIF_TERM ret = enif_make_binary(env, &h); - + return enif_make_tuple2(env, ok, ret); } @@ -1300,7 +1300,7 @@ ERL_NIF_TERM enif_crypto_pwhash_str_verify(ErlNifEnv *env, int argc, ERL_NIF_TER // Validate the arguments if( (argc != 2) || (!enif_inspect_binary(env, argv[0], &h)) || - (!enif_inspect_binary(env, argv[1], &p)) ) { + (!enif_inspect_iolist_as_binary(env, argv[1], &p)) ) { return enif_make_badarg(env); } @@ -1308,7 +1308,7 @@ ERL_NIF_TERM enif_crypto_pwhash_str_verify(ErlNifEnv *env, int argc, ERL_NIF_TER if( crypto_pwhash_str_verify((char *)h.data, (char *)p.data, p.size) != 0) { /* wrong password */ retVal = enif_make_atom(env, ATOM_FALSE); - } + } return retVal; } @@ -1384,10 +1384,10 @@ ERL_NIF_TERM enif_crypto_generichash(ErlNifEnv *env, int argc, ERL_NIF_TERM cons enif_release_binary(&hash); return nacl_error_tuple(env, "hash_error"); } - + ERL_NIF_TERM ok = enif_make_atom(env, ATOM_OK); ERL_NIF_TERM ret = enif_make_binary(env, &hash); - + return enif_make_tuple2(env, ok, ret); } @@ -1428,8 +1428,8 @@ ERL_NIF_TERM enif_crypto_generichash_init(ErlNifEnv *env, int argc, ERL_NIF_TERM if( 0 != crypto_generichash_init(state, k, key.size, hashSize) ) { return nacl_error_tuple(env, "hash_init_error"); } - - + + // Create return values ERL_NIF_TERM e1 = enif_make_atom(env, "hashstate"); ERL_NIF_TERM e2 = argv[0]; @@ -1475,7 +1475,7 @@ ERL_NIF_TERM enif_crypto_generichash_update(ErlNifEnv *env, int argc, ERL_NIF_TE ERL_NIF_TERM e1 = enif_make_atom(env, "hashstate"); ERL_NIF_TERM e2 = argv[0]; ERL_NIF_TERM e3 = enif_make_resource(env, state); - + // return a tuple return enif_make_tuple3(env, e1, e2, e3); } @@ -1483,7 +1483,7 @@ ERL_NIF_TERM enif_crypto_generichash_update(ErlNifEnv *env, int argc, ERL_NIF_TE static ERL_NIF_TERM enif_crypto_generichash_final(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) { ErlNifBinary hash; - + unsigned hashSize; crypto_generichash_state *state; @@ -1511,10 +1511,10 @@ ERL_NIF_TERM enif_crypto_generichash_final(ErlNifEnv *env, int argc, ERL_NIF_TER enif_release_binary(&hash); return nacl_error_tuple(env, "hash_error"); } - + ERL_NIF_TERM ok = enif_make_atom(env, ATOM_OK); ERL_NIF_TERM ret = enif_make_binary(env, &hash); - + return enif_make_tuple2(env, ok, ret); } @@ -1529,7 +1529,7 @@ static ErlNifFunc nif_funcs[] = { erl_nif_dirty_job_cpu_bound_macro("crypto_box_keypair", 0, enif_crypto_box_keypair), - + erl_nif_dirty_job_cpu_bound_macro("crypto_box", 4, enif_crypto_box), erl_nif_dirty_job_cpu_bound_macro("crypto_box_open", 4, enif_crypto_box_open), @@ -1634,7 +1634,7 @@ static ErlNifFunc nif_funcs[] = { {"crypto_generichash_init", 2, enif_crypto_generichash_init}, {"crypto_generichash_update", 3, enif_crypto_generichash_update}, {"crypto_generichash_final", 2, enif_crypto_generichash_final} - + }; ERL_NIF_INIT(enacl_nif, nif_funcs, enif_crypto_load, NULL, NULL, NULL); From d4a2a14bc9ebf15a326f2c69e4cc68a3acdcfcb8 Mon Sep 17 00:00:00 2001 From: daveed-al <33853903+daveed-al@users.noreply.github.com> Date: Thu, 1 Feb 2018 00:54:20 +0800 Subject: [PATCH 3/5] adding test for pwhash_str_verify --- eqc_test/enacl_eqc.erl | 45 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) diff --git a/eqc_test/enacl_eqc.erl b/eqc_test/enacl_eqc.erl index 3bc2987..ecb0bba 100644 --- a/eqc_test/enacl_eqc.erl +++ b/eqc_test/enacl_eqc.erl @@ -219,7 +219,7 @@ prop_box_failure_integrity() -> end end end). - + prop_seal_box_failure_integrity() -> ?FORALL({Msg, {PK1, SK1}}, {?FAULT_RATE(1,40,g_iodata()), ?FAULT_RATE(1,40,keypair())}, begin @@ -456,6 +456,49 @@ prop_sign_open() -> badargs(fun() -> enacl:sign_open(SignMsg, PK) end) end)). +%% PWHASH +%% ------------------------------- +% enacl:pwhash("password", enacl:randombytes(16)). +% {K, P} = enacl:pwhash_str("password"). +% enacl:pwhash_str_verify(P, "password"). +% enacl:pwhash_str_verify(P, <<"password">>). + +pwhash(Passwd, Salt) -> + try + enacl:pwhash(Passwd, Salt) + catch + error:badarg -> badarg + end. + +% pwhash +% pwhash_str +% pwhash_str_verify +% prop_pwhash() -> +% ?FORALL({Passwd, Salt}, +% {?FAULT_RATE(1, 40, g_iodata()), +% ?FAULT_RATE(1, 40, g_binary(16))}, +% begin +% case v_iodata(Passwd) andalso v_binary(16, Salt) of +% true -> +% {ok, PasswdHash} = enacl:pwhash(Passwd, Salt), +% equals(); + +% end). + +prop_pwhash_str_verify() -> + ?FORALL({PasswdHash, Passwd}, + {?FAULT_RATE(1, 40, g_binary(32)), + ?FAULT_RATE(1, 40, g_iodata())}, + begin + case v_binary(32, PasswdHash) andalso v_iodata(Passwd) of + true -> + Verify = enacl:pwhash_str_verify(PasswdHash, Passwd), + equals(true, Verify); + false -> + badargs(fun() -> enacl:pwhash_str_verify(PasswdHash, Passwd) end) + end + end). + %% CRYPTO SECRET BOX %% ------------------------------- From b2efb4512630b49ad5373e298c4b81923cb1ba46 Mon Sep 17 00:00:00 2001 From: daveed-al <33853903+daveed-al@users.noreply.github.com> Date: Thu, 1 Feb 2018 18:23:23 +0800 Subject: [PATCH 4/5] pwhash_str_verify --- eqc_test/enacl_eqc.erl | 39 +++++++++++++++++++-------------------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/eqc_test/enacl_eqc.erl b/eqc_test/enacl_eqc.erl index ecb0bba..03b63d7 100644 --- a/eqc_test/enacl_eqc.erl +++ b/eqc_test/enacl_eqc.erl @@ -470,32 +470,31 @@ pwhash(Passwd, Salt) -> error:badarg -> badarg end. -% pwhash -% pwhash_str -% pwhash_str_verify -% prop_pwhash() -> -% ?FORALL({Passwd, Salt}, -% {?FAULT_RATE(1, 40, g_iodata()), -% ?FAULT_RATE(1, 40, g_binary(16))}, -% begin -% case v_iodata(Passwd) andalso v_binary(16, Salt) of -% true -> -% {ok, PasswdHash} = enacl:pwhash(Passwd, Salt), -% equals(); +pwhash_str(Passwd) -> + try + enacl:pwhash_str(Passwd) + catch + error:badarg -> badarg + end. -% end). +pwhash_str_verify(PasswdHash, Passwd) -> + try + enacl:pwhash_str_verify(PasswdHash, Passwd) + catch + error:badarg -> badarg + end. prop_pwhash_str_verify() -> - ?FORALL({PasswdHash, Passwd}, - {?FAULT_RATE(1, 40, g_binary(32)), - ?FAULT_RATE(1, 40, g_iodata())}, + ?FORALL({Passwd}, + {?FAULT_RATE(1, 40, g_iodata())}, begin - case v_binary(32, PasswdHash) andalso v_iodata(Passwd) of + case v_iodata(Passwd) of true -> - Verify = enacl:pwhash_str_verify(PasswdHash, Passwd), - equals(true, Verify); + {K, P} = enacl:pwhash_str(Passwd), + S = enacl:pwhash_str_verify(P, Passwd), + equals(S, true); false -> - badargs(fun() -> enacl:pwhash_str_verify(PasswdHash, Passwd) end) + badargs(fun() -> enacl:pwhash_str_verify(Passwd) end) end end). From fb5985da27a87d236afe3b74a6fcbd409c98b3db Mon Sep 17 00:00:00 2001 From: daveed-al <33853903+daveed-al@users.noreply.github.com> Date: Thu, 1 Feb 2018 18:25:16 +0800 Subject: [PATCH 5/5] pwhash_str_verify test update --- eqc_test/enacl_eqc.erl | 4 ---- 1 file changed, 4 deletions(-) diff --git a/eqc_test/enacl_eqc.erl b/eqc_test/enacl_eqc.erl index 03b63d7..3ac59f4 100644 --- a/eqc_test/enacl_eqc.erl +++ b/eqc_test/enacl_eqc.erl @@ -458,10 +458,6 @@ prop_sign_open() -> %% PWHASH %% ------------------------------- -% enacl:pwhash("password", enacl:randombytes(16)). -% {K, P} = enacl:pwhash_str("password"). -% enacl:pwhash_str_verify(P, "password"). -% enacl:pwhash_str_verify(P, <<"password">>). pwhash(Passwd, Salt) -> try