Skip to content

Commit

Permalink
Treat 0x or empty salt as the default 16-byte zero-filled salt
Browse files Browse the repository at this point in the history
  • Loading branch information
@lbeder
lbeder committed Nov 11, 2024
1 parent bf295dd commit d9f5880
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 27 deletions.
75 changes: 48 additions & 27 deletions src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,7 @@ fn get_salt() -> Vec<u8> {
let input = Password::with_theme(&ColorfulTheme::default())
.with_prompt("Enter your salt")
.with_confirmation("Enter your salt again", "Error: salts don't match")
.allow_empty_password(true)
.interact()
.unwrap();

Expand All @@ -225,34 +226,53 @@ fn get_salt() -> Vec<u8> {
};

let salt_len = salt.len();
match salt_len.cmp(&SlowKey::SALT_SIZE) {
Ordering::Less => {
match salt_len {
0 => {
println!();

let confirmation = Confirm::new()
.with_prompt(format!(
"Salt's length {} is shorter than {} and will be SHA512 hashed and then truncated to {} bytes. Do you want to continue?",
salt_len,
SlowKey::SALT_SIZE, SlowKey::SALT_SIZE
))
.wait_for_newline(true)
.interact()
.unwrap();
.with_prompt(format!(
"Salt is empty; a default {}-byte zero-filled salt will be used. Do you want to continue?",
SlowKey::SALT_SIZE
))
.wait_for_newline(true)
.interact()
.unwrap();

if confirmation {
let mut sha512 = Sha512::new();
sha512.update(&salt);
salt = sha512.finalize().to_vec();

salt.truncate(SlowKey::SALT_SIZE);
salt = SlowKey::DEFAULT_SALT.to_vec();
} else {
panic!("Aborting");
}
},
Ordering::Greater => {
println!();
_ => match salt_len.cmp(&SlowKey::SALT_SIZE) {
Ordering::Less => {
println!();

let confirmation = Confirm::new()
.with_prompt(format!(
"Salt's length {} is shorter than {} and will be SHA512 hashed and then truncated to {} bytes. Do you want to continue?",
salt_len,
SlowKey::SALT_SIZE, SlowKey::SALT_SIZE
))
.wait_for_newline(true)
.interact()
.unwrap();

let confirmation = Confirm::new()
if confirmation {
let mut sha512 = Sha512::new();
sha512.update(&salt);
salt = sha512.finalize().to_vec();

salt.truncate(SlowKey::SALT_SIZE);
} else {
panic!("Aborting");
}
},
Ordering::Greater => {
println!();

let confirmation = Confirm::new()
.with_prompt(format!(
"Salt's length {} is longer than {} and will be SHA512 hashed and then truncated to {} bytes. Do you want to continue?",
salt_len,
Expand All @@ -262,17 +282,18 @@ fn get_salt() -> Vec<u8> {
.interact()
.unwrap();

if confirmation {
let mut sha512 = Sha512::new();
sha512.update(&salt);
salt = sha512.finalize().to_vec();
if confirmation {
let mut sha512 = Sha512::new();
sha512.update(&salt);
salt = sha512.finalize().to_vec();

salt.truncate(SlowKey::SALT_SIZE);
} else {
panic!("Aborting");
}
salt.truncate(SlowKey::SALT_SIZE);
} else {
panic!("Aborting");
}
},
Ordering::Equal => {},
},
Ordering::Equal => {},
}

println!();
Expand Down
1 change: 1 addition & 0 deletions src/slowkey.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,7 @@ pub struct SlowKey {

impl SlowKey {
pub const SALT_SIZE: usize = 16;
pub const DEFAULT_SALT: [u8; SlowKey::SALT_SIZE] = [0; SlowKey::SALT_SIZE];

pub fn new(opts: &SlowKeyOptions) -> Self {
Self {
Expand Down

0 comments on commit d9f5880

Please sign in to comment.