eelke/pgLab
1
0
Fork 0
Code Issues 28 Pull requests Projects Releases 1 Packages Wiki Activity Actions

Unit tests on PasswordManager are now much faster because the tests use a much

Browse source 
lower iterations count now then the default setting.
This commit is contained in:
eelke 2017-12-16 21:42:41 +01:00
parent 0b088a2723
commit 8f1ba8130c
5 changed files with 30 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

16
core/PasswordManager.cpp
View file

@ -31,7 +31,7 @@ namespace {
const size_t MAC_KEY_LEN = 32;
const size_t MAC_OUTPUT_LEN = 20;
const size_t PBKDF_SALT_LEN = 10;
const size_t PBKDF_ITERATIONS = 8 * 1024;
//const size_t PBKDF_ITERATIONS = 8 * 1024;
const size_t PBKDF_OUTPUT_LEN = CIPHER_KEY_LEN + CIPHER_IV_LEN + MAC_KEY_LEN;
@ -41,14 +41,15 @@ namespace {
StrengthenedKey generateKey(const std::string &passphrase, const uint8_t *salt, int saltlength)
StrengthenedKey generateKey(const std::string &passphrase, const uint8_t *salt,
int saltlength, int iterations)
{
PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512));
OctetString master_key = pbkdf.derive_key(
PBKDF_OUTPUT_LEN,
passphrase,
salt, saltlength,
PBKDF_ITERATIONS);
iterations);
const uint8_t* mk = master_key.begin();
@ -146,9 +147,9 @@ namespace {
PasswordManager::PasswordManager()
PasswordManager::PasswordManager(int iterations)
: m_iterations(iterations)
{
}
Expected<bool> PasswordManager::unlock(const std::string &master_password)
@ -158,7 +159,8 @@ Expected<bool> PasswordManager::unlock(const std::string &master_password)
if (m_masterHash.length() == 0 && master_password.empty()) {
result = true;
} else {
StrengthenedKey key = generateKey(master_password, m_keySalt.begin(), m_keySalt.length());
StrengthenedKey key = generateKey(master_password, m_keySalt.begin(),
m_keySalt.length(), m_iterations);
OctetString hash = hashStrengthenedKey(key, m_hashSalt);
BOOST_ASSERT_MSG(hash.length() == m_masterHash.length(), "Both hashes should have the same length! Versioning error?");
@ -182,7 +184,7 @@ Expected<bool> PasswordManager::changeMasterPassword(const std::string &old_mast
if (m_masterHash.length() == 0 && old_master_password.empty()) {
// Nothing set yet so we initialize for first use
m_keySalt = OctetString(m_rng, v1_consts.pbkdf_salt_len);
m_masterKey = generateKey(new_master_password, m_keySalt.begin(), m_keySalt.length());
m_masterKey = generateKey(new_master_password, m_keySalt.begin(), m_keySalt.length(), m_iterations);
m_hashSalt = OctetString(m_rng, v1_consts.pbkdf_salt_len);
m_masterHash = hashStrengthenedKey(m_masterKey, m_hashSalt);