diff --git a/core/PasswordManager.cpp b/core/PasswordManager.cpp index 60ca821..cf60e9d 100644 --- a/core/PasswordManager.cpp +++ b/core/PasswordManager.cpp @@ -31,7 +31,7 @@ namespace { const size_t MAC_KEY_LEN = 32; const size_t MAC_OUTPUT_LEN = 20; const size_t PBKDF_SALT_LEN = 10; - const size_t PBKDF_ITERATIONS = 8 * 1024; + //const size_t PBKDF_ITERATIONS = 8 * 1024; const size_t PBKDF_OUTPUT_LEN = CIPHER_KEY_LEN + CIPHER_IV_LEN + MAC_KEY_LEN; @@ -41,14 +41,15 @@ namespace { - StrengthenedKey generateKey(const std::string &passphrase, const uint8_t *salt, int saltlength) + StrengthenedKey generateKey(const std::string &passphrase, const uint8_t *salt, + int saltlength, int iterations) { PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512)); OctetString master_key = pbkdf.derive_key( PBKDF_OUTPUT_LEN, passphrase, salt, saltlength, - PBKDF_ITERATIONS); + iterations); const uint8_t* mk = master_key.begin(); @@ -146,9 +147,9 @@ namespace { -PasswordManager::PasswordManager() +PasswordManager::PasswordManager(int iterations) + : m_iterations(iterations) { - } Expected PasswordManager::unlock(const std::string &master_password) @@ -158,7 +159,8 @@ Expected PasswordManager::unlock(const std::string &master_password) if (m_masterHash.length() == 0 && master_password.empty()) { result = true; } else { - StrengthenedKey key = generateKey(master_password, m_keySalt.begin(), m_keySalt.length()); + StrengthenedKey key = generateKey(master_password, m_keySalt.begin(), + m_keySalt.length(), m_iterations); OctetString hash = hashStrengthenedKey(key, m_hashSalt); BOOST_ASSERT_MSG(hash.length() == m_masterHash.length(), "Both hashes should have the same length! Versioning error?"); @@ -182,7 +184,7 @@ Expected PasswordManager::changeMasterPassword(const std::string &old_mast if (m_masterHash.length() == 0 && old_master_password.empty()) { // Nothing set yet so we initialize for first use m_keySalt = OctetString(m_rng, v1_consts.pbkdf_salt_len); - m_masterKey = generateKey(new_master_password, m_keySalt.begin(), m_keySalt.length()); + m_masterKey = generateKey(new_master_password, m_keySalt.begin(), m_keySalt.length(), m_iterations); m_hashSalt = OctetString(m_rng, v1_consts.pbkdf_salt_len); m_masterHash = hashStrengthenedKey(m_masterKey, m_hashSalt); diff --git a/core/PasswordManager.h b/core/PasswordManager.h index 2f66884..5ddd021 100644 --- a/core/PasswordManager.h +++ b/core/PasswordManager.h @@ -29,7 +29,7 @@ public: // static PasswordManager create(const std::string &file_name); - PasswordManager(); + explicit PasswordManager(int iterations = 8192); /** Unlocks the passwords of the connections. * * \return Normally it return a bool specifying if the password was accepted. @@ -49,6 +49,7 @@ public: Expected getPassword(const std::string &key, std::string &out); private: + int m_iterations; Botan::AutoSeeded_RNG m_rng; Botan::OctetString m_keySalt; // salt for generating crypto key StrengthenedKey m_masterKey; // crypto key diff --git a/core/core.pro b/core/core.pro index 9bce7da..bbc84b9 100644 --- a/core/core.pro +++ b/core/core.pro @@ -10,6 +10,8 @@ TARGET = core TEMPLATE = lib CONFIG += staticlib c++14 +QMAKE_CXXFLAGS += /std:c++17 + INCLUDEPATH += C:\prog\include \ C:\Prog\include\pgsql \ C:\VSproj\boost32\include\boost-1_65_1 diff --git a/tests/auto/mycase/mycase.pro b/tests/auto/mycase/mycase.pro index 5ff7c78..9a1cd56 100644 --- a/tests/auto/mycase/mycase.pro +++ b/tests/auto/mycase/mycase.pro @@ -47,3 +47,16 @@ else:win32-g++:CONFIG(debug, debug|release): PRE_TARGETDEPS += $$OUT_PWD/../../. else:win32:!win32-g++:CONFIG(release, debug|release): PRE_TARGETDEPS += $$OUT_PWD/../../../pgsql/release/pgsql.lib else:win32:!win32-g++:CONFIG(debug, debug|release): PRE_TARGETDEPS += $$OUT_PWD/../../../pgsql/debug/pgsql.lib else:unix:!macx: PRE_TARGETDEPS += $$OUT_PWD/../../../pgsql/libpgsql.a + +win32:CONFIG(release, debug|release): LIBS += -L$$OUT_PWD/../../../pglablib/release/ -lpglablib +else:win32:CONFIG(debug, debug|release): LIBS += -L$$OUT_PWD/../../../pglablib/debug/ -lpglablib +else:unix:!macx: LIBS += -L$$OUT_PWD/../../../pglablib/ -lpglablib + +INCLUDEPATH += $$PWD/../../../pglablib +DEPENDPATH += $$PWD/../../../pglablib + +win32-g++:CONFIG(release, debug|release): PRE_TARGETDEPS += $$OUT_PWD/../../../pglablib/release/libpglablib.a +else:win32-g++:CONFIG(debug, debug|release): PRE_TARGETDEPS += $$OUT_PWD/../../../pglablib/debug/libpglablib.a +else:win32:!win32-g++:CONFIG(release, debug|release): PRE_TARGETDEPS += $$OUT_PWD/../../../pglablib/release/pglablib.lib +else:win32:!win32-g++:CONFIG(debug, debug|release): PRE_TARGETDEPS += $$OUT_PWD/../../../pglablib/debug/pglablib.lib +else:unix:!macx: PRE_TARGETDEPS += $$OUT_PWD/../../../pglablib/libpglablib.a diff --git a/tests/auto/mycase/tst_PasswordManager.h b/tests/auto/mycase/tst_PasswordManager.h index a3da28b..f7ca8a2 100644 --- a/tests/auto/mycase/tst_PasswordManager.h +++ b/tests/auto/mycase/tst_PasswordManager.h @@ -7,7 +7,7 @@ using namespace testing; TEST(PasswordManager, initial_changeMasterPassword_returns_true) { - PasswordManager pwm; + PasswordManager pwm(10); auto res = pwm.changeMasterPassword("", "my test passphrase"); ASSERT_NO_THROW( res.get() ); @@ -16,7 +16,7 @@ TEST(PasswordManager, initial_changeMasterPassword_returns_true) TEST(PasswordManager, unlock_succeeds) { - PasswordManager pwm; + PasswordManager pwm(10); std::string passphrase = "my test passphrase"; @@ -31,7 +31,7 @@ TEST(PasswordManager, unlock_succeeds) TEST(PasswordManager, unlock_fails) { - PasswordManager pwm; + PasswordManager pwm(10); std::string passphrase = "my test passphrase"; @@ -46,7 +46,7 @@ TEST(PasswordManager, unlock_fails) TEST(PasswordManager, test_save_get) { - PasswordManager pwm; + PasswordManager pwm(10); std::string passphrase = "my test passphrase";