diff options
| author | Xavier Del Campo Romero <xavi92@disroot.org> | 2025-10-08 13:50:52 +0200 |
|---|---|---|
| committer | Xavier Del Campo Romero <xavi92@disroot.org> | 2025-10-08 22:55:44 +0200 |
| commit | 10e42591ac72285736d5cc4ee5e7c2f68dbf1e4b (patch) | |
| tree | 3bb586177e375a6f7f91c0335876faefc28b805c /base64.c | |
| parent | 805630dbfcd409a5d49bc89102f4183b71f713f9 (diff) | |
| download | slcl-10e42591ac72285736d5cc4ee5e7c2f68dbf1e4b.tar.gz | |
Replace OpenSSL with libsodium and argon2id
The SHA256-based password hashing algorithm used by slcl(1) and
usergen(1) is considered insecure against several kinds of attacks,
including brute force attacks. [1]
Therefore, a stronger password hashing algorithm based on the Argon2id
key derivation function is now used by default. While OpenSSL does
support Argon2id, it is only supported by very recent versions [2],
which are still not packaged by most distributions as of the time of
this writing. [3]
As an alternative to OpenSSL, libsodium [4] had several benefits:
- It provides easy-to-use functions for password hashing, base64
encoding/decoding and other cryptographic primitives used by slcl(1)
and usergen(1).
- It is packaged by most distributions [5], and most often only the patch
version differs, which ensures good compatibility across distributions.
Unfortunately, and as opposed to OpenSSL, libsodium does not come with
command-line tools. Therefore, usergen(1) had to be rewritten in C.
In order to maintain backwards compatiblity with existing databases,
slcl(1) and usergen(1) shall support the insecure, SHA256-based password
hashing algorithm. However, Argon2id shall now be the default choice for
usergen(1).
[1]: https://security.stackexchange.com/questions/195563/why-is-sha-256-not-good-for-passwords
[2]: https://docs.openssl.org/3.3/man7/EVP_KDF-ARGON2/
[3]: https://repology.org/project/openssl/versions
[4]: https://www.libsodium.org/
[5]: https://repology.org/project/libsodium/versions
Diffstat (limited to 'base64.c')
| -rw-r--r-- | base64.c | 126 |
1 files changed, 0 insertions, 126 deletions
diff --git a/base64.c b/base64.c deleted file mode 100644 index b1d4737..0000000 --- a/base64.c +++ /dev/null @@ -1,126 +0,0 @@ -#include "base64.h" -#include <openssl/evp.h> -#include <errno.h> -#include <stddef.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> - -static void remove_lf(char *b64) -{ - while ((b64 = strchr(b64, '\n'))) - memcpy(b64, b64 + 1, strlen(b64)); -} - -static size_t base64len(const size_t n) -{ - /* Read EVP_EncodeInit(3) for further reference. */ - return ((n / 48) * 65) + (n % 48 ? 1 + ((n / 3) + 1) * 4 : 0); -} - -static size_t decodedlen(const size_t n) -{ - return ((n / 64) * 48) + (n % 64 ? (n / 4) * 3 : 0); -} - -char *base64_encode(const void *const buf, const size_t n) -{ - EVP_ENCODE_CTX *const ctx = EVP_ENCODE_CTX_new(); - char *ret = NULL; - unsigned char *b64 = NULL; - - if (!ctx) - { - fprintf(stderr, "%s: EVP_ENCODE_CTX_new failed\n", __func__); - goto end; - } - - const size_t b64len = base64len(n); - - if (!(b64 = malloc(b64len + 1))) - { - fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); - goto end; - } - - EVP_EncodeInit(ctx); - - size_t rem = n, done = 0; - int outl = b64len; - - while (rem) - { - const size_t i = n - rem, inl = rem > 48 ? 48 : rem; - const unsigned char *const in = buf; - - if (!EVP_EncodeUpdate(ctx, &b64[done], &outl, &in[i], inl)) - { - fprintf(stderr, "%s: EVP_EncodeUpdate failed\n", __func__); - goto end; - } - - done += outl; - rem -= inl; - } - - EVP_EncodeFinal(ctx, b64, &outl); - ret = (char *)b64; - remove_lf(ret); - -end: - if (!ret) - free(b64); - - EVP_ENCODE_CTX_free(ctx); - return ret; -} - -void *base64_decode(const char *const b64, size_t *const n) -{ - void *ret = NULL; - const size_t len = strlen(b64), dlen = decodedlen(len); - EVP_ENCODE_CTX *const ctx = EVP_ENCODE_CTX_new(); - unsigned char *const buf = malloc(dlen); - - if (!buf) - { - fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); - goto end; - } - else if (!ctx) - { - fprintf(stderr, "%s: EVP_ENCODE_CTX_new failed\n", __func__); - goto end; - } - - EVP_DecodeInit(ctx); - - size_t rem = len, done = 0; - int outl = dlen; - - while (rem) - { - const size_t i = len - rem, inl = rem > 64 ? 64 : rem; - const unsigned char *const in = (const unsigned char *)b64; - - if (EVP_DecodeUpdate(ctx, &buf[done], &outl, &in[i], inl) < 0) - { - fprintf(stderr, "%s: EVP_EncodeUpdate failed\n", __func__); - goto end; - } - - done += outl; - rem -= inl; - } - - EVP_DecodeFinal(ctx, buf, &outl); - *n = done; - ret = buf; - -end: - if (!ret) - free(buf); - - EVP_ENCODE_CTX_free(ctx); - return ret; -} |