xcrypt 0.1.0

data/ext/libxcrypt/test/crypt-gost-yescrypt.c

@@ -0,0 +1,149 @@
+/* Copyright (C) 2018 vt@altlinux.org
+ * Copyright (C) 2018 Björn Esser besser82@fedoraproject.org
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "crypt-port.h"
+
+#if INCLUDE_gost_yescrypt
+
+#include "alg-gost3411-2012-hmac.h"
+
+#include <stdio.h>
+
+/* redefine outer hmac to this function to test entropy bypass */
+static void
+test_outer_hmac (const uint8_t *k, size_t n, const uint8_t *t, size_t len,
+                 uint8_t *out32, gost_hmac_256_t *gostbuf);
+#define outer_gost_hmac256 test_outer_hmac
+#include "../lib/crypt-gost-yescrypt.c"
+
+static int test_mode = 0;
+
+static void
+test_outer_hmac (const uint8_t *k, size_t n, const uint8_t *t, size_t len,
+                 uint8_t *out32, gost_hmac_256_t *gostbuf)
+{
+  const uint8_t zero[32] = {0};
+
+  /* Zero one of arguments to outer hmac. */
+  if (test_mode & 1)
+    {
+      k = zero;
+      n = sizeof (zero);
+    }
+  if (test_mode & 2)
+    {
+      t = zero;
+      len = sizeof (zero);
+    }
+  gost_hmac256 (k, n, t, len, out32, gostbuf);
+}
+
+static int
+test_crypt_raw (int m, int p, int s, char **a, size_t *a_size)
+{
+  char output[CRYPT_OUTPUT_SIZE];
+  char pass[CRYPT_MAX_PASSPHRASE_SIZE];
+  char pref[CRYPT_GENSALT_OUTPUT_SIZE];
+  char scratch[ALG_SPECIFIC_SIZE];
+  char *salt;
+
+  test_mode = m;
+  fprintf (stderr, ".");
+  snprintf (pass, sizeof (pass), "%d", p);
+  snprintf (pref, sizeof (pref), "%15d", s);
+  salt = crypt_gensalt ("$gy$", 0, pref, (int) strlen(pref) + 1);
+  if (!salt || salt[0] == '*')
+    {
+      fprintf(stderr, "ERROR: entropy test (gensalt) [%s]\n", pref);
+      return 1;
+    }
+  crypt_gost_yescrypt_rn (pass, strlen (pass), salt, strlen (salt),
+                          (uint8_t *) output, sizeof (output),
+                          scratch, sizeof (scratch));
+  if (output[0] == '*')
+    {
+      fprintf(stderr, "ERROR: entropy test (crypt)\n");
+      return 1;
+    }
+  char *h = strrchr (output, '$') + 1;
+  if (*a && strstr (*a, h))
+    {
+      fprintf (stderr, "ERROR: duplicated hash %s\n", output);
+      return 1;
+    }
+  size_t len = strlen(h);
+  *a = realloc (*a, *a_size + len + 1);
+  strcpy (*a + *a_size, h);
+  *a_size += len;
+  (*a)[*a_size] = '\0';
+
+  return 0;
+}
+
+int
+main (void)
+{
+  int result = 0;
+
+  /* Entropy tests
+   * Replace left then right argument of outer hmac() with constant
+   * and do hashing, verifying that output hashes are still different
+   * when password or salt are changing.
+   * Thus, we prove that entropy is still passing to the output not
+   * depending on yescrypt. */
+
+  int m, pp, ss;
+  int etest = 0;
+  char **a = malloc (sizeof (char*));
+  size_t *a_size = malloc (sizeof (size_t));
+
+  *a = malloc (sizeof (char));
+  (*a)[0] = '\0';
+  *a_size = 0;
+
+  for (m = 1; m < 3; m++)
+    {
+      for (pp = 0; pp < 22; pp++)
+        etest |= test_crypt_raw (m, pp, 0, a, a_size);
+      for (ss = 0; ss < 22; ss++)
+        etest |= test_crypt_raw (m, pp, ss, a, a_size);
+    }
+  fprintf (stderr, "\n");
+  if (etest)
+    fprintf (stderr, "ERROR: entropy test failed.\n");
+  else
+    fprintf (stderr, "   ok: entropy test\n");
+  result |= etest;
+
+  free (*a);
+  free (a);
+  free (a_size);
+
+  return result;
+}
+
+#else
+
+int
+main (void)
+{
+  return 77; /* UNSUPPORTED */
+}
+
+#endif /* INCLUDE_gost_yescrypt */

data/ext/libxcrypt/test/crypt-nested-call.c

@@ -0,0 +1,180 @@
+/*
+ * Copyright (c) 2025 Björn Esser <besser82 at fedoraproject.org>
+ * All rights reserved.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "crypt-port.h"
+#include <stdlib.h>
+#include <stdio.h>
+
+#define PASSW "alexander"
+
+static const char *settings[] =
+{
+#if INCLUDE_descrypt
+  "Mp",
+#endif
+#if INCLUDE_bigcrypt
+  "Mp............",
+#endif
+#if INCLUDE_bsdicrypt
+  "_J9..MJHn",
+#endif
+#if INCLUDE_md5crypt
+  "$1$MJHnaAke",
+#endif
+#if INCLUDE_nt
+  "$3$",
+#endif
+#if INCLUDE_sunmd5
+  "$md5$BPm.fm03$",
+#endif
+#if INCLUDE_sm3crypt
+  "$sm3$MJHnaAkegEVYHsFK",
+#endif
+#if INCLUDE_sha1crypt
+  "$sha1$248488$ggu.H673kaZ5$",
+#endif
+#if INCLUDE_sha256crypt
+  "$5$MJHnaAkegEVYHsFK",
+#endif
+#if INCLUDE_sha512crypt
+  "$6$MJHnaAkegEVYHsFK",
+#endif
+#if INCLUDE_bcrypt_a
+  "$2a$05$UBVLHeMpJ/QQCv3XqJx8zO",
+#endif
+#if INCLUDE_bcrypt
+  "$2b$05$UBVLHeMpJ/QQCv3XqJx8zO",
+#endif
+#if INCLUDE_bcrypt_y
+  "$2y$05$UBVLHeMpJ/QQCv3XqJx8zO",
+#endif
+#if INCLUDE_bcrypt_x
+  "$2x$05$UBVLHeMpJ/QQCv3XqJx8zO",
+#endif
+#if INCLUDE_yescrypt
+  "$y$j9T$MJHnaAkegEVYHsFKkmfzJ1",
+#endif
+#if INCLUDE_scrypt
+  "$7$CU..../....MJHnaAkegEVYHsFKkmfzJ1",
+#endif
+#if INCLUDE_gost_yescrypt
+  "$gy$j9T$MJHnaAkegEVYHsFKkmfzJ1",
+#endif
+#if INCLUDE_sm3_yescrypt
+  "$sm3y$j9T$MJHnaAkegEVYHsFKkmfzJ1",
+#endif
+};
+
+int
+main (void)
+{
+  char *retval = NULL;
+  int status = 0;
+  struct crypt_data cd;
+  struct crypt_data *p = &cd;
+  int cd_size = (int) sizeof (cd);
+
+  for (size_t i = 0; i < ARRAY_SIZE (settings); i++)
+    {
+      retval = crypt (PASSW, settings[i]);
+      retval = crypt (PASSW, retval);
+
+      if (!retval || *retval == '*')
+        {
+          printf ("Subsequent call to crypt(3) with output as setting "
+                  "failed for prefix \"%s\".\n",
+                  settings[i]);
+          status = 1;
+        }
+
+      // coverity[var_deref_model]
+      retval = crypt (retval, settings[i]);
+
+      if (!retval || *retval == '*')
+        {
+          printf ("Subsequent call to crypt(3) with output as key "
+                  "failed for prefix \"%s\".\n",
+                  settings[i]);
+          status = 1;
+        }
+
+      retval = crypt_r (PASSW, settings[i], p);
+      retval = crypt_r (PASSW, retval, p);
+
+      if (!retval || *retval == '*')
+        {
+          printf ("Subsequent call to crypt_r(3) with output as setting "
+                  "failed for prefix \"%s\".\n",
+                  settings[i]);
+          status = 1;
+        }
+
+      retval = crypt_r (retval, settings[i], p);
+
+      if (!retval || *retval == '*')
+        {
+          printf ("Subsequent call to crypt_r(3) with output as key "
+                  "failed for prefix \"%s\".\n",
+                  settings[i]);
+          status = 1;
+        }
+
+      retval = crypt_rn (PASSW, settings[i], p, cd_size);
+      retval = crypt_rn (PASSW, retval, p, cd_size);
+
+      if (!retval || *retval == '*')
+        {
+          printf ("Subsequent call to crypt_rn(3) with output as setting "
+                  "failed for prefix \"%s\".\n",
+                  settings[i]);
+          status = 1;
+        }
+
+      retval = crypt_rn (retval, settings[i], p, cd_size);
+
+      if (!retval || *retval == '*')
+        {
+          printf ("Subsequent call to crypt_rn(3) with output as key "
+                  "failed for prefix \"%s\".\n",
+                  settings[i]);
+          status = 1;
+        }
+
+      retval = crypt_ra (PASSW, settings[i], (void **) &p, &cd_size);
+      retval = crypt_ra (PASSW, retval, (void **) &p, &cd_size);
+
+      if (!retval || *retval == '*')
+        {
+          printf ("Subsequent call to crypt_ra(3) with output as setting "
+                  "failed for prefix \"%s\".\n",
+                  settings[i]);
+          status = 1;
+        }
+
+      retval = crypt_ra (retval, settings[i], (void **) &p, &cd_size);
+
+      if (!retval || *retval == '*')
+        {
+          printf ("Subsequent call to crypt_ra(3) with output as key "
+                  "failed for prefix \"%s\".\n",
+                  settings[i]);
+          status = 1;
+        }
+    }
+
+  explicit_bzero (&cd, sizeof cd);
+  return status;
+}

data/ext/libxcrypt/test/crypt-sm3-yescrypt.c

@@ -0,0 +1,149 @@
+/* Copyright (C) 2018 vt@altlinux.org
+ * Copyright (C) 2018, 2024 Björn Esser besser82@fedoraproject.org
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "crypt-port.h"
+
+#if INCLUDE_sm3_yescrypt
+
+#include "alg-sm3-hmac.h"
+
+#include <stdio.h>
+
+/* redefine outer hmac to this function to test entropy bypass */
+static void
+test_outer_hmac (const uint8_t *k, size_t n, const uint8_t *t, size_t len,
+                 uint8_t *out, sm3_hmac_ctx_t *sm3buf);
+#define outer_sm3_hmac test_outer_hmac
+#include "../lib/crypt-sm3-yescrypt.c"
+
+static int test_mode = 0;
+
+static void
+test_outer_hmac (const uint8_t *k, size_t n, const uint8_t *t, size_t len,
+                 uint8_t *out, sm3_hmac_ctx_t *sm3buf)
+{
+  const uint8_t zero[32] = {0};
+
+  /* Zero one of arguments to outer hmac. */
+  if (test_mode & 1)
+    {
+      k = zero;
+      n = sizeof (zero);
+    }
+  if (test_mode & 2)
+    {
+      t = zero;
+      len = sizeof (zero);
+    }
+  sm3_hmac (k, n, t, len, out, sm3buf);
+}
+
+static int
+test_crypt_raw (int m, int p, int s, char **a, size_t *a_size)
+{
+  char output[CRYPT_OUTPUT_SIZE];
+  char pass[CRYPT_MAX_PASSPHRASE_SIZE];
+  char pref[CRYPT_GENSALT_OUTPUT_SIZE];
+  char scratch[ALG_SPECIFIC_SIZE];
+  char *salt;
+
+  test_mode = m;
+  fprintf (stderr, ".");
+  snprintf (pass, sizeof (pass), "%d", p);
+  snprintf (pref, sizeof (pref), "%15d", s);
+  salt = crypt_gensalt ("$sm3y$", 0, pref, (int) strlen(pref) + 1);
+  if (!salt || salt[0] == '*')
+    {
+      fprintf(stderr, "ERROR: entropy test (gensalt) [%s]\n", pref);
+      return 1;
+    }
+  crypt_sm3_yescrypt_rn (pass, strlen (pass), salt, strlen (salt),
+                         (uint8_t *) output, sizeof (output),
+                         scratch, sizeof (scratch));
+  if (output[0] == '*')
+    {
+      fprintf(stderr, "ERROR: entropy test (crypt)\n");
+      return 1;
+    }
+  char *h = strrchr (output, '$') + 1;
+  if (*a && strstr (*a, h))
+    {
+      fprintf (stderr, "ERROR: duplicated hash %s\n", output);
+      return 1;
+    }
+  size_t len = strlen(h);
+  *a = realloc (*a, *a_size + len + 1);
+  strcpy (*a + *a_size, h);
+  *a_size += len;
+  (*a)[*a_size] = '\0';
+
+  return 0;
+}
+
+int
+main (void)
+{
+  int result = 0;
+
+  /* Entropy tests
+   * Replace left then right argument of outer hmac() with constant
+   * and do hashing, verifying that output hashes are still different
+   * when password or salt are changing.
+   * Thus, we prove that entropy is still passing to the output not
+   * depending on yescrypt. */
+
+  int m, pp, ss;
+  int etest = 0;
+  char **a = malloc (sizeof (char*));
+  size_t *a_size = malloc (sizeof (size_t));
+
+  *a = malloc (sizeof (char));
+  (*a)[0] = '\0';
+  *a_size = 0;
+
+  for (m = 1; m < 3; m++)
+    {
+      for (pp = 0; pp < 22; pp++)
+        etest |= test_crypt_raw (m, pp, 0, a, a_size);
+      for (ss = 0; ss < 22; ss++)
+        etest |= test_crypt_raw (m, pp, ss, a, a_size);
+    }
+  fprintf (stderr, "\n");
+  if (etest)
+    fprintf (stderr, "ERROR: entropy test failed.\n");
+  else
+    fprintf (stderr, "   ok: entropy test\n");
+  result |= etest;
+
+  free (*a);
+  free (a);
+  free (a_size);
+
+  return result;
+}
+
+#else
+
+int
+main (void)
+{
+  return 77; /* UNSUPPORTED */
+}
+
+#endif /* INCLUDE_sm3_yescrypt */

data/ext/libxcrypt/test/crypt-too-long-phrase.c

@@ -0,0 +1,157 @@
+/*
+ * Copyright (c) 2025 Björn Esser <besser82 at fedoraproject.org>
+ * All rights reserved.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "crypt-port.h"
+#include <errno.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+static const char *settings[] =
+{
+#if INCLUDE_descrypt
+  "Mp",
+#endif
+#if INCLUDE_bigcrypt
+  "Mp............",
+#endif
+#if INCLUDE_bsdicrypt
+  "_J9..MJHn",
+#endif
+#if INCLUDE_md5crypt
+  "$1$MJHnaAke",
+#endif
+#if INCLUDE_nt
+  "$3$",
+#endif
+#if INCLUDE_sunmd5
+  "$md5$BPm.fm03$",
+#endif
+#if INCLUDE_sm3crypt
+  "$sm3$MJHnaAkegEVYHsFK",
+#endif
+#if INCLUDE_sha1crypt
+  "$sha1$248488$ggu.H673kaZ5$",
+#endif
+#if INCLUDE_sha256crypt
+  "$5$MJHnaAkegEVYHsFK",
+#endif
+#if INCLUDE_sha512crypt
+  "$6$MJHnaAkegEVYHsFK",
+#endif
+#if INCLUDE_bcrypt_a
+  "$2a$05$UBVLHeMpJ/QQCv3XqJx8zO",
+#endif
+#if INCLUDE_bcrypt
+  "$2b$05$UBVLHeMpJ/QQCv3XqJx8zO",
+#endif
+#if INCLUDE_bcrypt_y
+  "$2y$05$UBVLHeMpJ/QQCv3XqJx8zO",
+#endif
+#if INCLUDE_bcrypt_x
+  "$2x$05$UBVLHeMpJ/QQCv3XqJx8zO",
+#endif
+#if INCLUDE_yescrypt
+  "$y$j9T$MJHnaAkegEVYHsFKkmfzJ1",
+#endif
+#if INCLUDE_scrypt
+  "$7$CU..../....MJHnaAkegEVYHsFKkmfzJ1",
+#endif
+#if INCLUDE_gost_yescrypt
+  "$gy$j9T$MJHnaAkegEVYHsFKkmfzJ1",
+#endif
+#if INCLUDE_sm3_yescrypt
+  "$sm3y$j9T$MJHnaAkegEVYHsFKkmfzJ1",
+#endif
+};
+
+int
+main (void)
+{
+  char *retval = NULL;
+  char phrase[CRYPT_MAX_PASSPHRASE_SIZE * 2];
+  int status = 0;
+  struct crypt_data crypt_ctx;
+
+  memset (phrase, 'a', sizeof phrase);
+  phrase[sizeof phrase - 1] = '\0';
+
+  for (size_t i = 0; i < ARRAY_SIZE (settings); i++)
+    {
+      struct crypt_data *cd = &crypt_ctx;
+      void **data = (void **) &cd;
+      int size = sizeof crypt_ctx;
+
+      memset (cd, 0, sizeof crypt_ctx);
+      errno = 0;
+      retval = crypt (phrase, settings[i]);
+
+      if ((retval && retval[0] != '*') || errno != ERANGE)
+        {
+          printf ("crypt(3) returned unexpectedly.\n"
+                  "setting: %s\ngot: %s\nERRNO: %d, %s\n",
+                  settings[i], retval, errno, strerror (errno));
+          status = 1;
+        }
+
+      errno = 0;
+      retval = crypt_r (phrase, settings[i], cd);
+
+      if ((retval && retval[0] != '*') || errno != ERANGE)
+        {
+          printf ("crypt_r(3) returned unexpectedly.\n"
+                  "setting: %s\ngot: %s\nERRNO: %d, %s\n",
+                  settings[i], retval, errno, strerror (errno));
+          status = 1;
+        }
+
+      errno = 0;
+      retval = crypt_rn (phrase, settings[i], cd, size);
+
+      if (retval || errno != ERANGE)
+        {
+          printf ("crypt_rn(3) returned unexpectedly.\n"
+                  "setting: %s\ngot: %s\nERRNO: %d, %s\n",
+                  settings[i], retval, errno, strerror (errno));
+          status = 1;
+        }
+
+      errno = 0;
+      retval = crypt_ra (phrase, settings[i], data, &size);
+
+      if (retval || errno != ERANGE)
+        {
+          printf ("crypt_ra(3) (pre-alloc) returned unexpectedly.\n"
+                  "setting: %s\ngot: %s\nERRNO: %d, %s\n",
+                  settings[i], retval, errno, strerror (errno));
+          status = 1;
+        }
+
+      *data = NULL;
+      size = 0;
+      errno = 0;
+      retval = crypt_ra (phrase, settings[i], data, &size);
+
+      if (retval || errno != ERANGE)
+        {
+          printf ("crypt_ra(3) (new alloc) returned unexpectedly.\n"
+                  "setting: %s\ngot: %s\nERRNO: %d, %s\n",
+                  settings[i], retval, errno, strerror (errno));
+          status = 1;
+        }
+      free (*data);
+    }
+  return status;
+}