1. Forum
  2. Usenet
  3. COMP.UNIX.PROGRAMMER

  • A check for whether crypt() supports Blowfish?

    From Muttley@dastardlyhq.com@21:1/5 to All on Fri Oct 28 14:36:48 2022
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in the crypt via the $2a$ preamble in the salt. Does anyone know of a way to check if its supported on a given system as crypt() has the very unhelpful behaviour of SIGSEGV'ing if you give it an invalid encryption algo number.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Scott Lurndal@21:1/5 to Muttley@dastardlyhq.com on Fri Oct 28 15:09:57 2022
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in the >crypt via the $2a$ preamble in the salt. Does anyone know of a way to check if >its supported on a given system as crypt() has the very unhelpful behaviour of >SIGSEGV'ing if you give it an invalid encryption algo number.


    Have you considered using openssl instead?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Scott Lurndal@21:1/5 to Muttley@dastardlyhq.com on Fri Oct 28 15:45:02 2022
    Muttley@dastardlyhq.com writes:
    On Fri, 28 Oct 2022 15:09:57 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >>the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check >>if
    its supported on a given system as crypt() has the very unhelpful behaviour >>of
    SIGSEGV'ing if you give it an invalid encryption algo number.


    Have you considered using openssl instead?

    This has nothing to do with sockets.


    Openssl is a generalized cryptographic library that supports pretty much
    every standard symmetric and asymmetric crypto algorithm. It does far
    more than support transport level security. It's the primary toolkit
    (aside from RSA BSAFE) used in cryptographic software of all forms.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Scott Lurndal on Fri Oct 28 15:52:07 2022
    On Fri, 28 Oct 2022 15:45:02 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    On Fri, 28 Oct 2022 15:09:57 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >>>the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check >>>if
    its supported on a given system as crypt() has the very unhelpful behaviour >>>of
    SIGSEGV'ing if you give it an invalid encryption algo number.


    Have you considered using openssl instead?

    This has nothing to do with sockets.


    Openssl is a generalized cryptographic library that supports pretty much >every standard symmetric and asymmetric crypto algorithm. It does far
    more than support transport level security. It's the primary toolkit
    (aside from RSA BSAFE) used in cryptographic software of all forms.

    Looks like an absolute PITA to use for that with contect creation and init calls (why?) whereas crypt() is a single standalone function call that returns the encrypted data. I'll pass.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Scott Lurndal@21:1/5 to Muttley@dastardlyhq.com on Fri Oct 28 16:01:31 2022
    Muttley@dastardlyhq.com writes:
    On Fri, 28 Oct 2022 15:45:02 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    On Fri, 28 Oct 2022 15:09:57 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >>>>the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check
    if
    its supported on a given system as crypt() has the very unhelpful behaviour
    of
    SIGSEGV'ing if you give it an invalid encryption algo number.


    Have you considered using openssl instead?

    This has nothing to do with sockets.


    Openssl is a generalized cryptographic library that supports pretty much >>every standard symmetric and asymmetric crypto algorithm. It does far
    more than support transport level security. It's the primary toolkit >>(aside from RSA BSAFE) used in cryptographic software of all forms.

    Looks like an absolute PITA to use for that with contect creation and init >calls (why?) whereas crypt() is a single standalone function call that returns >the encrypted data. I'll pass.


    openssl will opportunistically use cryptographic hardware on the
    host, when available. A big deal for production software. For toy
    software, crypt() may be easy to use, but not necessarily efficient.

    Yes, it has a complex API.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Scott Lurndal@21:1/5 to Scott Lurndal on Fri Oct 28 16:05:00 2022
    scott@slp53.sl.home (Scott Lurndal) writes:
    Nicolas George <nicolas$george@salle-s.org> writes:
    Scott Lurndal, dans le message <9hS6L.680938$Ny99.558805@fx16.iad>, a
    écrit :
    Have you considered using openssl instead?

    Are you sure you understand what crypt() does?

    Are you sure you understand what opensll does?

    Hint, it supports all forms of symmetric and asymmetric
    cryptographic algorithms for stand-alone software as
    well as supporting transport layer security.

    FWIW, I spent four years at Verisign doing crypto
    software and my CPOE designs and sells high-end cryptographic processors.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Nicolas George@21:1/5 to All on Fri Oct 28 15:54:25 2022
    Scott Lurndal, dans le message <9hS6L.680938$Ny99.558805@fx16.iad>, a
    écrit :
    Have you considered using openssl instead?

    Are you sure you understand what crypt() does?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Scott Lurndal on Fri Oct 28 15:30:07 2022
    On Fri, 28 Oct 2022 15:09:57 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check >if
    its supported on a given system as crypt() has the very unhelpful behaviour >of
    SIGSEGV'ing if you give it an invalid encryption algo number.


    Have you considered using openssl instead?

    This has nothing to do with sockets.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Scott Lurndal@21:1/5 to Nicolas George on Fri Oct 28 16:02:46 2022
    Nicolas George <nicolas$george@salle-s.org> writes:
    Scott Lurndal, dans le message <9hS6L.680938$Ny99.558805@fx16.iad>, a
    écrit :
    Have you considered using openssl instead?

    Are you sure you understand what crypt() does?

    Are you sure you understand what opensll does?

    Hint, it supports all forms of symmetric and asymmetric
    cryptographic algorithms for stand-alone software as
    well as supporting transport layer security.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Lew Pitcher@21:1/5 to Muttley on Fri Oct 28 16:17:17 2022
    On Fri, 28 Oct 2022 15:52:07 +0000, Muttley wrote:

    On Fri, 28 Oct 2022 15:45:02 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    On Fri, 28 Oct 2022 15:09:57 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >>>>the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check
    if
    its supported on a given system as crypt() has the very unhelpful behaviour
    of
    SIGSEGV'ing if you give it an invalid encryption algo number.


    Have you considered using openssl instead?

    This has nothing to do with sockets.


    Openssl is a generalized cryptographic library that supports pretty much >>every standard symmetric and asymmetric crypto algorithm. It does far
    more than support transport level security. It's the primary toolkit >>(aside from RSA BSAFE) used in cryptographic software of all forms.

    Looks like an absolute PITA to use for that with contect creation and init calls (why?) whereas crypt() is a single standalone function call that returns
    the encrypted data. I'll pass.

    Actually, crypt(3) doesn't return encrypted data; that would imply that there is a way to decrypt the results of crypt(3), which there is not.

    crypt(3) returns a suitably-composed encryption "signature" of the original data. Specifically, it uses the original data, along with a "salt" value, as
    an encryption key. It applies this key to encrypt a constant value (usually
    a field of binary zeros) using the chosen encryption algorithm. What you get back is nothing more than an anonymous data blob, encrypted using your
    original data as a part of the encryption key. To decrypt the resulting data would be useless; you'd get back that blob of zeros. To recover the data
    given to crypt(3), you must /recover or recreate the encryption key/,
    which is a much harder task.

    While Openssl can generate message digests, that process would be much
    more involved than a simple call to crypt(3).

    --
    Lew Pitcher
    "In Skills, We Trust"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Nicolas George@21:1/5 to All on Fri Oct 28 17:48:47 2022
    Scott Lurndal, dans le message <M4T6L.348053$elEa.147813@fx09.iad>, a
    écrit :
    Hint, it supports all forms of symmetric and asymmetric
    cryptographic algorithms for stand-alone software as
    well as supporting transport layer security.

    So now I am sure you do not understand what crypt does().

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Muttley@dastardlyhq.com on Fri Oct 28 18:15:21 2022
    On 2022-10-28, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check if
    its supported on a given system as crypt() has the very unhelpful behaviour of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    I have experience in this area, having integrated crypt into the TXR
    Lisp language, and worked around the embarrassing segfault issue.

    This is the TXR Lisp interactive listener of TXR 283.
    Quit with :quit or Ctrl-D on an empty line. Ctrl-X ? for cheatsheet.
    Remove TXR any time for a complete refund of your disk space.
    1> (crypt "foo" "abc")
    "abQ9KY.KfrYrc"
    2> (crypt "foo" "$1$abc")
    "$1$abc$/ThTVu/5nq9QB8iGNy5rp/"
    3> (crypt "foo" "$2$abc")
    ** crypt failed: 22/"Invalid argument"
    ** during evaluation at expr-3:1 of form (crypt "foo" "$2$abc")
    3> (crypt "foo" "$2a$abc")
    ** crypt failed: 22/"Invalid argument"
    ** during evaluation at expr-3:1 of form (crypt "foo" "$2a$abc")
    3> (crypt "foo" "$5$abc")
    "$5$abc$SNQ2QQBO1ax39EAHKvvnCoQB2LZIm1UiTfvRzzx0ud8"
    4> (crypt "foo" "$7$abc")
    ** crypt failed: 22/"Invalid argument"
    ** during evaluation at expr-4:1 of form (crypt "foo" "$7$abc")

    Why doesn't it segfault for $7$?

    Because my wrapper function lexically analyzes the salt
    to validate for good cases that don't crash, and only those
    go through to crypt. For the cases that would crash if
    crypt were called, it simulates the EINVAL error.

    See the crypt_wrap function and its validate_salt helper
    in this source file:

    http://www.kylheku.com/cgit/txr/tree/sysif.c

    validate_salt processes a wchar_t * string because that's
    what the project uses everywhere for strings. It goes
    to UTF-8 before handing it to crypt. This is 2-Clause BSD
    licensed code so you have a lot of freedom with it,
    like converting to char *.

    If you happen use the code/approach and find cases that sneak through
    and cause crypt to crash, please drop me a note.

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Scott Lurndal on Fri Oct 28 18:33:45 2022
    On 2022-10-28, Scott Lurndal <scott@slp53.sl.home> wrote:
    openssl will opportunistically use cryptographic hardware on the
    host, when available. A big deal for production software. For toy
    software, crypt() may be easy to use, but not necessarily efficient.

    Nobody needs crypt to be fast, other than password crackers.

    Crypt is only required during password authentication. Maybe if you have
    a single box with ten million users, each of whom is doing nothing
    but logging in and out once a second, you might benefit from hardware-accelerated crypt.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Scott Lurndal on Fri Oct 28 18:27:33 2022
    On 2022-10-28, Scott Lurndal <scott@slp53.sl.home> wrote:
    Nicolas George <nicolas$george@salle-s.org> writes:
    Scott Lurndal, dans le message <9hS6L.680938$Ny99.558805@fx16.iad>, a
    écrit :
    Have you considered using openssl instead?

    Are you sure you understand what crypt() does?

    Are you sure you understand what opensll does?

    Hint, it supports all forms of symmetric and asymmetric
    cryptographic algorithms for stand-alone software as
    well as supporting transport layer security.

    It's an extra dependency to add to a program, whereas
    crypt is in any POSIX glibc (and we can probe it at run-time
    for glibc extensions).

    if a program just wants to detect whether the glibc "$2a"
    is available, and maybe doesn't even care if the answer is
    no, then it's rather a big detour to bring in openssl
    and muck around with its Blowfish API.

    I'm looking at the "openssl passwd" man page for the password
    hashing command on a system here. It doesn't have Blowfish
    either, only -1, -5, -6, -apr1 and -aixmd5. The first
    three are like $1$, $5$ and $6$ in glibc crypt.

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Scott Lurndal@21:1/5 to Kaz Kylheku on Fri Oct 28 22:13:24 2022
    Kaz Kylheku <864-117-4973@kylheku.com> writes:
    On 2022-10-28, Scott Lurndal <scott@slp53.sl.home> wrote:
    openssl will opportunistically use cryptographic hardware on the
    host, when available. A big deal for production software. For toy
    software, crypt() may be easy to use, but not necessarily efficient.

    Nobody needs crypt to be fast, other than password crackers.

    Crypt is only required during password authentication. Maybe if you have
    a single box with ten million users, each of whom is doing nothing
    but logging in and out once a second, you might benefit from >hardware-accelerated crypt.

    Who still uses crypt for password authentication[*]? Most use
    message digests or secure hashes. The OP wanted to override the
    algorithm with blowfish anyway, using openssl's BF_set_key() and BF_ecb_encrypt()
    is relatively straightforward. Typical linux systems use MD5 hashes.

    [*] the man page recommends against using crypt for cryptography
    projects generally, except for backwards compatability with
    legacy password authentication using DES.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Scott Lurndal on Fri Oct 28 22:58:56 2022
    On 2022-10-28, Scott Lurndal <scott@slp53.sl.home> wrote:
    Kaz Kylheku <864-117-4973@kylheku.com> writes:
    On 2022-10-28, Scott Lurndal <scott@slp53.sl.home> wrote:
    openssl will opportunistically use cryptographic hardware on the
    host, when available. A big deal for production software. For toy
    software, crypt() may be easy to use, but not necessarily efficient.

    Nobody needs crypt to be fast, other than password crackers.

    Crypt is only required during password authentication. Maybe if you have
    a single box with ten million users, each of whom is doing nothing
    but logging in and out once a second, you might benefit from >>hardware-accelerated crypt.

    Who still uses crypt for password authentication[*]? Most use

    Probably, nobody; but they use the crypt API function.

    For instance, in an Ubuntu system here, I have this in /etc/shadow:

    root:$6$[...edited out...]:18246:0:99999:7:::

    $6$ indicates SHA-512. This is the same as what openssl passwd will
    generate with the -6 argument.

    Your login program and whatnot check that with crypt().

    algorithm with blowfish anyway, using openssl's BF_set_key() and BF_ecb_encrypt()
    is relatively straightforward. Typical linux systems use MD5 hashes.

    Not so much any more, I think.

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Lew Pitcher on Sat Oct 29 07:58:13 2022
    On Fri, 28 Oct 2022 16:17:17 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 15:52:07 +0000, Muttley wrote:
    Looks like an absolute PITA to use for that with contect creation and init >> calls (why?) whereas crypt() is a single standalone function call that >returns
    the encrypted data. I'll pass.

    Actually, crypt(3) doesn't return encrypted data; that would imply that there >is a way to decrypt the results of crypt(3), which there is not.

    That depends on how you personally define encryption. Others have different ideas.

    https://man7.org/linux/man-pages/man3/crypt.3.html

    "crypt() is the password encryption function."

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Kaz Kylheku on Sat Oct 29 08:07:56 2022
    On Fri, 28 Oct 2022 18:27:33 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote:
    On 2022-10-28, Scott Lurndal <scott@slp53.sl.home> wrote:
    Nicolas George <nicolas$george@salle-s.org> writes:
    Scott Lurndal, dans le message <9hS6L.680938$Ny99.558805@fx16.iad>, a
    écrit :
    Have you considered using openssl instead?

    Are you sure you understand what crypt() does?

    Are you sure you understand what opensll does?

    Hint, it supports all forms of symmetric and asymmetric
    cryptographic algorithms for stand-alone software as
    well as supporting transport layer security.

    It's an extra dependency to add to a program, whereas
    crypt is in any POSIX glibc (and we can probe it at run-time
    for glibc extensions).

    How do we probe it without it crashing? Thats what I'm trying to find out.
    Even a macro I can put in an #ifdef would work.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Scott Lurndal on Sat Oct 29 07:54:42 2022
    On Fri, 28 Oct 2022 16:01:31 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    On Fri, 28 Oct 2022 15:45:02 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    On Fri, 28 Oct 2022 15:09:57 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in

    the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to >check
    if
    its supported on a given system as crypt() has the very unhelpful >behaviour
    of
    SIGSEGV'ing if you give it an invalid encryption algo number.


    Have you considered using openssl instead?

    This has nothing to do with sockets.


    Openssl is a generalized cryptographic library that supports pretty much >>>every standard symmetric and asymmetric crypto algorithm. It does far >>>more than support transport level security. It's the primary toolkit >>>(aside from RSA BSAFE) used in cryptographic software of all forms.

    Looks like an absolute PITA to use for that with contect creation and init >>calls (why?) whereas crypt() is a single standalone function call that >returns
    the encrypted data. I'll pass.


    openssl will opportunistically use cryptographic hardware on the
    host, when available. A big deal for production software. For toy

    Is it? Depends how often you'll be calling it. For user password checks I
    doubt you'll be doing it more than a few times a minute at most.

    software, crypt() may be easy to use, but not necessarily efficient.

    So /bin/login is toy software?

    Yes, it has a complex API.

    Which is a problem with a lot of modern frameworks.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Kaz Kylheku on Sat Oct 29 08:01:58 2022
    On Fri, 28 Oct 2022 18:15:21 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote:
    On 2022-10-28, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check >if
    its supported on a given system as crypt() has the very unhelpful behaviour >of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    I have experience in this area, having integrated crypt into the TXR
    Lisp language, and worked around the embarrassing segfault issue.

    Why doesn't it segfault for $7$?

    Because my wrapper function lexically analyzes the salt
    to validate for good cases that don't crash, and only those
    go through to crypt. For the cases that would crash if
    crypt were called, it simulates the EINVAL error.
    See the crypt_wrap function and its validate_salt helper
    in this source file:

    http://www.kylheku.com/cgit/txr/tree/sysif.c

    That doesn't help to determine if a given system would support a given encryption function because your code simply has hard coded validation.

    My problem is that some versions of glibc support $2a$ and some don't and I can't find any way of determining on the fly which they are short of calling crypt() and seeing if it crashes which obviously is not very useful on a running system as I don't want to be catching SIGSEGV just for this case.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Scott Lurndal on Sat Oct 29 08:10:17 2022
    On Fri, 28 Oct 2022 22:13:24 GMT
    scott@slp53.sl.home (Scott Lurndal) wrote:
    Kaz Kylheku <864-117-4973@kylheku.com> writes:
    On 2022-10-28, Scott Lurndal <scott@slp53.sl.home> wrote:
    openssl will opportunistically use cryptographic hardware on the
    host, when available. A big deal for production software. For toy
    software, crypt() may be easy to use, but not necessarily efficient.

    Nobody needs crypt to be fast, other than password crackers.

    Crypt is only required during password authentication. Maybe if you have
    a single box with ten million users, each of whom is doing nothing
    but logging in and out once a second, you might benefit from >>hardware-accelerated crypt.

    Who still uses crypt for password authentication[*]? Most use
    message digests or secure hashes. The OP wanted to override the
    algorithm with blowfish anyway, using openssl's BF_set_key() and >BF_ecb_encrypt()

    Why does OpenSSL require so many stages to do such a simple task?

    ie: Here is the key, salt and encryption type, now give me the encrypted
    data. That can be a single function call.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Nicolas George on Sat Oct 29 09:30:57 2022
    On 29 Oct 2022 09:21:50 GMT
    Nicolas George <nicolas$george@salle-s.org> wrote:
    Muttley@dastardlyhq.com, dans le message <tjin0r$9rb$1@gioia.aioe.org>,
    a écrit :
    How do we probe it without it crashing?

    Fork to insulate the crash and probe.

    Yes, that would work but its a lot of effort. Surely glibc must have some
    way of informing you whether it supports it?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Nicolas George@21:1/5 to All on Sat Oct 29 09:21:50 2022
    Muttley@dastardlyhq.com, dans le message <tjin0r$9rb$1@gioia.aioe.org>,
    a écrit :
    How do we probe it without it crashing?

    Fork to insulate the crash and probe.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Lew Pitcher@21:1/5 to Muttley on Sat Oct 29 14:35:21 2022
    On Sat, 29 Oct 2022 07:58:13 +0000, Muttley wrote:

    On Fri, 28 Oct 2022 16:17:17 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 15:52:07 +0000, Muttley wrote:
    Looks like an absolute PITA to use for that with contect creation and init >>> calls (why?) whereas crypt() is a single standalone function call that >>returns
    the encrypted data. I'll pass.

    Actually, crypt(3) doesn't return encrypted data; that would imply that there >>is a way to decrypt the results of crypt(3), which there is not.

    That depends on how you personally define encryption. Others have different ideas.

    https://man7.org/linux/man-pages/man3/crypt.3.html

    "crypt() is the password encryption function."

    Despite what the crypt(3) manpage's summary implies, the
    manpage does detail the operation that crypt(3) performs:
    "By taking the lowest 7 bits of each of the first eight characters
    of the key, a 56-bit key is obtained. This 56-bit key is used to
    encrypt repeatedly a constant string (usually a string consisting
    of all zeros). The returned value points to the encrypted
    password, a series of 13 printable ASCII characters (the first
    two characters represent the salt itself). The return value
    points to static data whose content is overwritten by each call."

    So, as you can see, crypt(3) does /not/ encrypt the password, it
    encrypts a "constant string" using a key derived from the password
    and the salt. Decrypting the results of crypt(3), if at all
    successful, will return only that "constant string" that was
    encrypted.



    --
    Lew Pitcher
    "In Skills, We Trust"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Paul@21:1/5 to Muttley@dastardlyhq.com on Sat Oct 29 10:39:24 2022
    On 10/29/2022 3:58 AM, Muttley@dastardlyhq.com wrote:
    On Fri, 28 Oct 2022 16:17:17 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 15:52:07 +0000, Muttley wrote:
    Looks like an absolute PITA to use for that with contect creation and init >>> calls (why?) whereas crypt() is a single standalone function call that
    returns
    the encrypted data. I'll pass.

    Actually, crypt(3) doesn't return encrypted data; that would imply that there
    is a way to decrypt the results of crypt(3), which there is not.

    That depends on how you personally define encryption. Others have different ideas.

    https://man7.org/linux/man-pages/man3/crypt.3.html

    "crypt() is the password encryption function."


    crypt() , at least in one place, is deprecated.

    There is a substitution library which may be deployed.
    You could check a Ubuntu Synaptic package manager or
    do "apt search crypt" and see what packages are available/installed.

    https://launchpad.net/ubuntu/+source/libxcrypt/1:4.4.28-2

    "libxcrypt is a modern library for one-way hashing of passwords.
    It supports

    DES
    MD5
    NTHASH
    SUNMD5
    SHA-2-256
    SHA-2-512
    bcrypt-based password hashes

    It provides the traditional Unix 'crypt' and 'crypt_r' interfaces,
    as well as a set of extended interfaces like 'crypt_gensalt'.
    "

    The SHA512 might bring you closer in line with current practice.

    If I look at /etc/shadow in Ubuntu in WSL2 in Windows 11, I see

    paul:$6$Igyn9e...

    and the $6 suggests SHA512 is being used.

    Paul

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Lew Pitcher on Sat Oct 29 15:51:05 2022
    On Sat, 29 Oct 2022 14:35:21 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Sat, 29 Oct 2022 07:58:13 +0000, Muttley wrote:

    On Fri, 28 Oct 2022 16:17:17 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 15:52:07 +0000, Muttley wrote:
    Looks like an absolute PITA to use for that with contect creation and init >>>> calls (why?) whereas crypt() is a single standalone function call that >>>returns
    the encrypted data. I'll pass.

    Actually, crypt(3) doesn't return encrypted data; that would imply that there

    is a way to decrypt the results of crypt(3), which there is not.

    That depends on how you personally define encryption. Others have different >> ideas.

    https://man7.org/linux/man-pages/man3/crypt.3.html

    "crypt() is the password encryption function."

    Despite what the crypt(3) manpage's summary implies, the
    manpage does detail the operation that crypt(3) performs:
    "By taking the lowest 7 bits of each of the first eight characters
    of the key, a 56-bit key is obtained. This 56-bit key is used to
    encrypt repeatedly a constant string (usually a string consisting
    of all zeros). The returned value points to the encrypted
    password, a series of 13 printable ASCII characters (the first
    two characters represent the salt itself). The return value
    points to static data whose content is overwritten by each call."

    So, as you can see, crypt(3) does /not/ encrypt the password, it
    encrypts a "constant string" using a key derived from the password
    and the salt. Decrypting the results of crypt(3), if at all
    successful, will return only that "constant string" that was
    encrypted.

    Whatever, play semantics all you want if it makes you happy. At the end of the day you give it a password and it comes back with an encoded version which can't be cracked except by brute force. It solves the problem at hand.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Paul on Sat Oct 29 15:48:43 2022
    On Sat, 29 Oct 2022 10:39:24 -0400
    Paul <nospam@needed.invalid> wrote:
    On 10/29/2022 3:58 AM, Muttley@dastardlyhq.com wrote:
    On Fri, 28 Oct 2022 16:17:17 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 15:52:07 +0000, Muttley wrote:
    Looks like an absolute PITA to use for that with contect creation and init >>>> calls (why?) whereas crypt() is a single standalone function call that
    returns
    the encrypted data. I'll pass.

    Actually, crypt(3) doesn't return encrypted data; that would imply that >there
    is a way to decrypt the results of crypt(3), which there is not.

    That depends on how you personally define encryption. Others have different >> ideas.

    https://man7.org/linux/man-pages/man3/crypt.3.html

    "crypt() is the password encryption function."


    crypt() , at least in one place, is deprecated.

    Thats up to them. Its a simple function from a usage point of view and it works.

    There is a substitution library which may be deployed.

    No thanks, I'm not interested in some 3rd party dependency.

    You could check a Ubuntu Synaptic package manager or

    Not much use on non Ubuntu systems or MacOS.

    The SHA512 might bring you closer in line with current practice.

    The version of crypt() with glibc supports SHA512 out of the box.

    If I look at /etc/shadow in Ubuntu in WSL2 in Windows 11, I see

    paul:$6$Igyn9e...

    and the $6 suggests SHA512 is being used.

    https://man7.org/linux/man-pages/man3/crypt.3.html

    Features in glibc
    The glibc version of this function supports additional encryption
    algorithms.

    If salt is a character string starting with the characters "$id$"
    followed by a string optionally terminated by "$", then the
    result has the form:


    etc.

    I realise some developers love complexity for its own sake but personally
    I prefer something simple that works and if its a single function call so much the better.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Muttley@dastardlyhq.com on Sat Oct 29 16:08:38 2022
    On 2022-10-29, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    On Fri, 28 Oct 2022 18:15:21 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote:
    http://www.kylheku.com/cgit/txr/tree/sysif.c

    That doesn't help to determine if a given system would support a given encryption function because your code simply has hard coded validation.

    That is partially true!

    I neglected to emphasize that I have empirically determined that probing
    the entire space "2a" through "2z" is safe; the function doesn't crash.

    So when the wrapper tells us that "2a" doesn't work, it's reallly
    trying crypt.

    When the wrapper tells you 7 or 3 don't work, that's hard-coded.

    I should have made that clear.

    Look at the code:

    switch (*s++) {
    case '1': case '5': case '6':
    break;
    case '2':
    if (*s >= 'a' && *s++ <= 'z')
    break;
    /* fallthrough */
    default:
    goto badsalt;
    }

    1, 5, 6, 2a-2z are good salts. Anything else, bad.

    The function then checks that this header is followed by a $,
    and that there is a salt which consists only of valid salt
    characters, optionally followed by $, possibly preceded by
    a rounds=<n> header.

    I seem to remember that all these details matter; bad
    salt syntax can crash it.

    Evidence of crypt_r being called with "2a", returning
    null, and setting errno to 22:

    (gdb) b crypt_r
    Breakpoint 1 at 0x804b600
    (gdb) r
    Starting program: /home/kaz/txr/txr
    This is the TXR Lisp interactive listener of TXR 283.
    Quit with :quit or Ctrl-D on an empty line. Ctrl-X ? for cheatsheet.
    warning: Error reading shared library list entry at 0x80
    TXR may be used in areas that are not necessarily well ventilated.
    (crypt "abc" "$2a$salt")

    Breakpoint 1, __crypt_r (key=0x84fa030 "abc", salt=0x84fa040 "$2a$salt", data=0xbffdf084) at crypt-entry.c:76
    76 crypt-entry.c: No such file or directory.
    (gdb) finish
    Run till exit from #0 __crypt_r (key=0x84fa030 "abc", salt=0x84fa040 "$2a$salt", data=0xbffdf084) at crypt-entry.c:76
    0x080dea8f in crypt_wrap (wkey=0xb7b7ee00, wsalt=0xb7b7ed80) at sysif.c:2134 2134 char *hash = (cd.initialized = 0, crypt_r(key, salt, &cd));
    Value returned is $1 = 0x0
    (gdb) p *__errno_location()
    $2 = 22

    My problem is that some versions of glibc support $2a$ and some don't and I can't find any way of determining on the fly which they are short of calling crypt() and seeing if it crashes which obviously is not very useful on a running system as I don't want to be catching SIGSEGV just for this case.

    You may be making some other mistake in how you're passing in the $2a.

    If crypt or crypt_r are crashing for you on the above inputs, instead
    of returning null/EINVAL, let me know.

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Kaz Kylheku on Sat Oct 29 16:11:08 2022
    On Sat, 29 Oct 2022 16:08:38 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote:
    On 2022-10-29, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    On Fri, 28 Oct 2022 18:15:21 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote: >>>http://www.kylheku.com/cgit/txr/tree/sysif.c

    That doesn't help to determine if a given system would support a given
    encryption function because your code simply has hard coded validation.

    That is partially true!

    I neglected to emphasize that I have empirically determined that probing
    the entire space "2a" through "2z" is safe; the function doesn't crash.

    Does when I try it.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Muttley@dastardlyhq.com on Sat Oct 29 16:32:57 2022
    On 2022-10-29, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    On Sat, 29 Oct 2022 16:08:38 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote:
    On 2022-10-29, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    On Fri, 28 Oct 2022 18:15:21 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote: >>>>http://www.kylheku.com/cgit/txr/tree/sysif.c

    That doesn't help to determine if a given system would support a given
    encryption function because your code simply has hard coded validation.

    That is partially true!

    I neglected to emphasize that I have empirically determined that probing >>the entire space "2a" through "2z" is safe; the function doesn't crash.

    Does when I try it.

    Do you have a minimal repro sample?

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Kaz Kylheku on Sat Oct 29 16:58:09 2022
    On 2022-10-29, Kaz Kylheku <864-117-4973@kylheku.com> wrote:
    On 2022-10-29, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    On Sat, 29 Oct 2022 16:08:38 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote:
    On 2022-10-29, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    On Fri, 28 Oct 2022 18:15:21 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote: >>>>>http://www.kylheku.com/cgit/txr/tree/sysif.c

    That doesn't help to determine if a given system would support a given >>>> encryption function because your code simply has hard coded validation. >>>
    That is partially true!

    I neglected to emphasize that I have empirically determined that probing >>>the entire space "2a" through "2z" is safe; the function doesn't crash.

    Does when I try it.

    Do you have a minimal repro sample?

    Just to be sure we are testing the crypt function and not crypt_r,
    let's use FFI:

    On a Debian 11 system with glibc 2.31, I get some results I've
    not seen before:

    1> (with-dyn-lib nil
    (deffi krypt "crypt" str (str str)))
    krypt
    3> (krypt "foo" "$2a$salt")
    "*0"
    4> (list (krypt "foo" "$2a$salt") (errno))
    ("*0" 22)

    This result is a newer feature which is documented in the man page:

    Upon error, crypt_r, crypt_rn, and crypt_ra write an invalid hashed
    passphrase to the output field of their data argument, and crypt writes
    an invalid hash to its static storage area. This string will be shorter
    than 13 characters, will begin with a ‘*’, and will not compare equal to
    setting.

    It is also documented that valid hashes do not contain '*'.

    On an older Ubuntu 18 system, 32 bits, libc 2.27, I get the
    nulll pointer:

    1> (with-dyn-lib nil
    (deffi krypt "crypt" str (str str)))
    krypt
    3> (krypt "abc" "$2a$salt")
    nil
    4> (list (krypt "abc" "$2a$salt") (errno))
    (nil 22)

    On what installations can a segfault be reproduced?

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Paul on Sat Oct 29 16:32:13 2022
    On 2022-10-29, Paul <nospam@needed.invalid> wrote:
    On 10/29/2022 3:58 AM, Muttley@dastardlyhq.com wrote:
    On Fri, 28 Oct 2022 16:17:17 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 15:52:07 +0000, Muttley wrote:
    Looks like an absolute PITA to use for that with contect creation and init >>>> calls (why?) whereas crypt() is a single standalone function call that
    returns
    the encrypted data. I'll pass.

    Actually, crypt(3) doesn't return encrypted data; that would imply that there
    is a way to decrypt the results of crypt(3), which there is not.

    That depends on how you personally define encryption. Others have different >> ideas.

    https://man7.org/linux/man-pages/man3/crypt.3.html

    "crypt() is the password encryption function."


    crypt() , at least in one place, is deprecated.

    Stay out of that ignorant place and you're okay?

    There is a substitution library which may be deployed.
    You could check a Ubuntu Synaptic package manager or
    do "apt search crypt" and see what packages are available/installed.

    https://launchpad.net/ubuntu/+source/libxcrypt/1:4.4.28-2

    "libxcrypt is a modern library for one-way hashing of passwords.
    It supports

    Modern? It's not even written in Rust. :)

    If I look at /etc/shadow in Ubuntu in WSL2 in Windows 11, I see

    paul:$6$Igyn9e...

    and the $6 suggests SHA512 is being used.

    What's also being used to check it is crypt() in the C library,
    which supports multiple algorithms.

    Why would I link in some weird dependency for something
    available in the C library?

    The code which validates passwords doesn't even have to know about the algorithms. When checking a password, all you do is just pass
    through the datum from the password database:

    crypt("attempted password", "$6$Igyn9e...")

    libxcrypt may be useful on systems that don't have a C library,
    or not one with crypt, or not one with crypt that supports
    multiple algortihms.

    If you need a crypt function in some freestanding embedded system,
    libxcrypt may just be the ticket.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Keith Thompson@21:1/5 to Nicolas George on Sat Oct 29 14:53:11 2022
    Nicolas George <nicolas$george@salle-s.org> writes:
    Muttley@dastardlyhq.com, dans le message <tjin0r$9rb$1@gioia.aioe.org>,
    a écrit :
    How do we probe it without it crashing?

    Fork to insulate the crash and probe.

    That could work if it's *guaranteed* to crash. If the code has
    undefined behavior, it might crash or not depending on (slight
    exaggeration) the phase of the moon.

    --
    Keith Thompson (The_Other_Keith) Keith.S.Thompson+u@gmail.com
    [Watch this space]
    void Void(void) { Void(); } /* The recursive call of the void */

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Richard Kettlewell@21:1/5 to Muttley@dastardlyhq.com on Sun Oct 30 11:42:09 2022
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo
    2a) in the crypt via the $2a$ preamble in the salt. Does anyone know
    of a way to check if its supported on a given system as crypt() has
    the very unhelpful behaviour of SIGSEGV'ing if you give it an invalid encryption algo number.

    As far as I can see Glibc provides no way to enumerate supported hashing methods.

    According to crypt(5):
    | The alternative prefix "$2y$" is equivalent to "$2b$". It exists for
    | historical reasons only. The alternative prefixes "$2a$" and "$2x$" proâ€
    | vide bug-compatibility with crypt_blowfish 1.0.4 and earlier, which inâ€
    | correctly processed characters with the 8th bit set.

    If that’s accurate then I don’t know why anyone would want the buggy 2a variant anyway.

    --
    http://www.greenend.org.uk/rjk/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Richard Kettlewell@21:1/5 to Scott Lurndal on Sun Oct 30 11:46:05 2022
    scott@slp53.sl.home (Scott Lurndal) writes:
    Kaz Kylheku <864-117-4973@kylheku.com> writes:
    Crypt is only required during password authentication. Maybe if you have
    a single box with ten million users, each of whom is doing nothing
    but logging in and out once a second, you might benefit from >>hardware-accelerated crypt.

    Who still uses crypt for password authentication[*]? Most use
    message digests or secure hashes.

    crypt is used to referring to whole family of password hashing schemes,
    not just the original DES-based variant from the 1970s or whenever it
    was.

    It’s a reasonable question which ones are supported by any given implementation, although unfortunately it doesn’t seem that there’s a
    good way to find out.

    --
    http://www.greenend.org.uk/rjk/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Richard Kettlewell on Sun Oct 30 13:36:46 2022
    On 2022-10-30, Richard Kettlewell <invalid@invalid.invalid> wrote:
    If that’s accurate then I don’t know why anyone would want the buggy 2a variant anyway.

    Possibly, the thing that "wants" any of these variants is the datum in a sitting in a password file. If someone has a $2a$... password, and you
    drop support for it, that user cannot authenticate. Not even to change
    their password.

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Richard Kettlewell@21:1/5 to Kaz Kylheku on Sun Oct 30 19:00:26 2022
    Kaz Kylheku <864-117-4973@kylheku.com> writes:
    Richard Kettlewell <invalid@invalid.invalid> wrote:
    If that’s accurate then I don’t know why anyone would want the buggy
    2a variant anyway.

    Possibly, the thing that "wants" any of these variants is the datum in a sitting in a password file. If someone has a $2a$... password, and you
    drop support for it, that user cannot authenticate. Not even to change
    their password.

    Fair, although presumably you already have a $2a$ implementation in that
    case, and the question of how to query for it at runtime isn’t likely to arise.

    --
    http://www.greenend.org.uk/rjk/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Keith Thompson@21:1/5 to Muttley@dastardlyhq.com on Sun Oct 30 13:01:03 2022
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check if
    its supported on a given system as crypt() has the very unhelpful behaviour of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    What about checking the value returned by gnu_get_libc_version()?

    You'd have to know which versions support blowfish (assuming support
    depends only on the version and not on some other configuration
    variable).

    --
    Keith Thompson (The_Other_Keith) Keith.S.Thompson+u@gmail.com
    [Watch this space]
    void Void(void) { Void(); } /* The recursive call of the void */

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Rainer Weikusat@21:1/5 to Muttley@dastardlyhq.com on Sun Oct 30 21:01:12 2022
    Muttley@dastardlyhq.com writes:
    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check if
    its supported on a given system as crypt() has the very unhelpful behaviour of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    Well then, to check if it's supported, fork a process trying a crypt
    call and see if it segfaults. Should be easy enough.

    :-)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Lew Pitcher@21:1/5 to Muttley on Mon Oct 31 00:31:26 2022
    On Fri, 28 Oct 2022 14:36:48 +0000, Muttley wrote:

    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check if
    its supported on a given system as crypt() has the very unhelpful behaviour of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    Gotta ask, how do you invoke crypt(3)? I ask because I can't reproduce your problem.


    I wrote a quick pgm that calls crypt(3) using 3DES, MD5, Blowfish (both "a" and "b" variations), SHA256 and SHA512, and, while Blowfish isn't supported in
    the version of glibc crypt(3) on my system, I don't get any SIGSEGV. Instead,
    I get the expected return of NULL with errno set to EINVAL on those calls.

    Program code follows:

    #include <stdio.h>
    #include <stdlib.h>
    #include <unistd.h>
    #include <errno.h>

    int main(void)
    {
    int status = EXIT_SUCCESS;
    char *password = "PaSsWoRd",
    *cryptpswd;

    errno = 0;
    if ((cryptpswd = crypt(password,"ab")) == NULL)
    perror("crypt() 3DES");
    else
    puts("crypt() 3DES succeeds");

    errno = 0;
    if ((cryptpswd = crypt(password,"$1$ab")) == NULL)
    perror("crypt() MD5");
    else
    puts("crypt() MD5 succeeds");

    errno = 0;
    if ((cryptpswd = crypt(password,"$2a$ab")) == NULL)
    perror("crypt() Blowfish(a)");
    else
    puts("crypt() Blowfish(a) succeeds");

    errno = 0;
    if ((cryptpswd = crypt(password,"$2b$ab")) == NULL)
    perror("crypt() Blowfish(b)");
    else
    puts("crypt() Blowfish(b) succeeds");

    errno = 0;
    if ((cryptpswd = crypt(password,"$5$ab")) == NULL)
    perror("crypt() SHA256");
    else
    puts("crypt() SHA256 succeeds");

    errno = 0;
    if ((cryptpswd = crypt(password,"$5$ab")) == NULL)
    perror("crypt() SHA512");
    else
    puts("crypt() SHA512 succeeds");

    return status;
    }
    End of program code. Compilation follows:
    cc -o testcrypt -D_XOPEN_SOURCE testcrypt.c -lcrypt
    End of compilation. Execution follows:
    20:21 $ ./testcrypt
    crypt() 3DES succeeds
    crypt() MD5 succeeds
    crypt() Blowfish(a): Invalid argument
    crypt() Blowfish(b): Invalid argument
    crypt() SHA256 succeeds
    crypt() SHA512 succeeds


    --
    Lew Pitcher
    "In Skills, We Trust"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Lew Pitcher on Mon Oct 31 17:10:49 2022
    On 2022-10-31, Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 14:36:48 +0000, Muttley wrote:

    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check if
    its supported on a given system as crypt() has the very unhelpful behaviour of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    Gotta ask, how do you invoke crypt(3)? I ask because I can't reproduce your problem.


    I wrote a quick pgm that calls crypt(3) using 3DES, MD5, Blowfish (both "a" and
    "b" variations), SHA256 and SHA512, and, while Blowfish isn't supported in the version of glibc crypt(3) on my system, I don't get any SIGSEGV. Instead, I get the expected return of NULL with errno set to EINVAL on those calls.

    Yes; on good arguments, there is no segfault, even on the unsupported arguments.

    I joined this discussion with a "me too" because I was sure there is such segfault for bad arguments.

    Unfortunately, this may might be turning out to be some shared hallucination.

    In February 2020, I made an elaborate commit alleging that there is a
    crash in glibc crypt when the salt argument has bad syntax.

    https://www.kylheku.com/cgit/txr/commit/?id=c3a0ceb2cea1a9d43f2baf5a2e63d0d712c8df19

    Unfortunately, I did a stupid thing there: not adding test cases
    for the alleged issue!

    Today, I'm not able to rediscover those test cases. I've tried all sorts
    of bad inputs to crypt, and cannot get a segfault out of it.

    The commit comment insists that it's a separate problem from the usage
    error of failing to check for a null returned pointer, but that issue in
    the code is fixed in the same commit.

    crypt_wrap had been added almost exactly four years before that commit,
    without the null check.

    In fixing that, I probably fooled myself somehow. Perhaps I added the
    check for null return, but then still saw a crash due to mistakenly
    running an old executable. I seem to have a recollection of looking the
    crash in gdb and seeing the callstack in crypt, but that could be a
    false memory.

    You have add tests religiously; no manual testing and call it done!

    In the absence of a repro sample coming from Muttley, and my inability
    to repro any segfault, the issue has to be classified as nonexistent.

    I'm planning to remove the validate_salt code in the next release
    after one more review round.

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Lew Pitcher on Mon Oct 31 17:12:40 2022
    On Mon, 31 Oct 2022 17:11:40 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Mon, 31 Oct 2022 17:03:51 +0000, Muttley wrote:

    On Mon, 31 Oct 2022 00:31:26 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 14:36:48 +0000, Muttley wrote:

    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >>>the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check

    if
    its supported on a given system as crypt() has the very unhelpful behaviour

    of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    Gotta ask, how do you invoke crypt(3)? I ask because I can't reproduce your >>>problem.

    Actually I can't reproduce it myself now. Now it seems to return NULL. I
    must've cocked up somehow in my original code. Oh well.

    FWIW, the only way I can get crypt(3) to segfault is to pass it a NULL >password or a NULL salt value. That is:
    crypt(NULL,"ab"); /* will segfault */
    or
    crypt("password",NULL); /* will segfault */

    So, it looks like, to answer your question as to how to check whether >crypt(3) supports blowfish or not, you simply have to check the
    return value from crypt(3) for NULL after attempting to use the blowfish >algorithm.

    Yup. Still, led to an interesting thread :)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Lew Pitcher@21:1/5 to Muttley on Mon Oct 31 17:11:40 2022
    On Mon, 31 Oct 2022 17:03:51 +0000, Muttley wrote:

    On Mon, 31 Oct 2022 00:31:26 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 14:36:48 +0000, Muttley wrote:

    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >>the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check >>if
    its supported on a given system as crypt() has the very unhelpful behaviour >>of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    Gotta ask, how do you invoke crypt(3)? I ask because I can't reproduce your >>problem.

    Actually I can't reproduce it myself now. Now it seems to return NULL. I must've cocked up somehow in my original code. Oh well.

    FWIW, the only way I can get crypt(3) to segfault is to pass it a NULL
    password or a NULL salt value. That is:
    crypt(NULL,"ab"); /* will segfault */
    or
    crypt("password",NULL); /* will segfault */

    So, it looks like, to answer your question as to how to check whether
    crypt(3) supports blowfish or not, you simply have to check the
    return value from crypt(3) for NULL after attempting to use the blowfish algorithm.

    --
    Lew Pitcher
    "In Skills, We Trust"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Lew Pitcher on Mon Oct 31 17:03:51 2022
    On Mon, 31 Oct 2022 00:31:26 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 14:36:48 +0000, Muttley wrote:

    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in >the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check >if
    its supported on a given system as crypt() has the very unhelpful behaviour >of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    Gotta ask, how do you invoke crypt(3)? I ask because I can't reproduce your >problem.

    Actually I can't reproduce it myself now. Now it seems to return NULL. I must've cocked up somehow in my original code. Oh well.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Lew Pitcher@21:1/5 to Kaz Kylheku on Mon Oct 31 18:03:39 2022
    On Mon, 31 Oct 2022 17:10:49 +0000, Kaz Kylheku wrote:

    On 2022-10-31, Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 14:36:48 +0000, Muttley wrote:

    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to check if
    its supported on a given system as crypt() has the very unhelpful behaviour of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    Gotta ask, how do you invoke crypt(3)? I ask because I can't reproduce your problem.


    I wrote a quick pgm that calls crypt(3) using 3DES, MD5, Blowfish (both "a" and
    "b" variations), SHA256 and SHA512, and, while Blowfish isn't supported in >> the version of glibc crypt(3) on my system, I don't get any SIGSEGV. Instead,
    I get the expected return of NULL with errno set to EINVAL on those calls.

    Yes; on good arguments, there is no segfault, even on the unsupported arguments.

    I joined this discussion with a "me too" because I was sure there is such segfault for bad arguments.

    Unfortunately, this may might be turning out to be some shared hallucination.

    In February 2020, I made an elaborate commit alleging that there is a
    crash in glibc crypt when the salt argument has bad syntax.

    https://www.kylheku.com/cgit/txr/commit/?id=c3a0ceb2cea1a9d43f2baf5a2e63d0d712c8df19

    Unfortunately, I did a stupid thing there: not adding test cases
    for the alleged issue!

    Today, I'm not able to rediscover those test cases. I've tried all sorts
    of bad inputs to crypt, and cannot get a segfault out of it.

    The commit comment insists that it's a separate problem from the usage
    error of failing to check for a null returned pointer, but that issue in
    the code is fixed in the same commit.
    [snip]
    In the absence of a repro sample coming from Muttley, and my inability
    to repro any segfault, the issue has to be classified as nonexistent.

    I'm planning to remove the validate_salt code in the next release
    after one more review round.

    Don't act too quickly; there are still ways to cause crypt(3) to segfault. Specifically, the glibc version that I used doesn't seem to check the
    input pointers; a NULL in either the /key/ or /salt/ arguments to crypt(3) causes a SIGSEGV.

    Now, I realize that crypt(3) has to trust that it's arguments point to
    memory within the process, and that the memory pointed to must be
    a string, so catching faulty pointers is a difficult thing for it
    to do. However, it /should/ be able to, at least, catch NULL pointers
    and return NULL/EINVAL (or some other suitable error).

    But, apparently, it doesn't.

    --
    Lew Pitcher
    "In Skills, We Trust"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Muttley@dastardlyhq.com on Tue Nov 1 09:38:01 2022
    On Mon, 31 Oct 2022 17:12:40 -0000 (UTC)
    Muttley@dastardlyhq.com wrote:
    On Mon, 31 Oct 2022 17:11:40 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Mon, 31 Oct 2022 17:03:51 +0000, Muttley wrote:

    On Mon, 31 Oct 2022 00:31:26 -0000 (UTC)
    Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:
    On Fri, 28 Oct 2022 14:36:48 +0000, Muttley wrote:

    Yes, I've googled this, no I didn't find an answer.

    Some versions of glibc have been extended to support blowfish (algo 2a) in

    the
    crypt via the $2a$ preamble in the salt. Does anyone know of a way to >check

    if
    its supported on a given system as crypt() has the very unhelpful >behaviour

    of
    SIGSEGV'ing if you give it an invalid encryption algo number.

    Gotta ask, how do you invoke crypt(3)? I ask because I can't reproduce your >>>>problem.

    Actually I can't reproduce it myself now. Now it seems to return NULL. I >>> must've cocked up somehow in my original code. Oh well.

    FWIW, the only way I can get crypt(3) to segfault is to pass it a NULL >>password or a NULL salt value. That is:
    crypt(NULL,"ab"); /* will segfault */
    or
    crypt("password",NULL); /* will segfault */

    So, it looks like, to answer your question as to how to check whether >>crypt(3) supports blowfish or not, you simply have to check the
    return value from crypt(3) for NULL after attempting to use the blowfish >>algorithm.

    Yup. Still, led to an interesting thread :)

    Just found what happened. I'm developing my code simultaniously on Linux and MacOS and on MacOS with clang, if you don't #include <unistd.h> then any
    call to crypt() will return a bad (but non null) pointer no matter what the input parameters which then caused a crash later on.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Kaz Kylheku@21:1/5 to Muttley@dastardlyhq.com on Tue Nov 1 14:56:39 2022
    On 2022-11-01, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    Just found what happened. I'm developing my code simultaniously on Linux and MacOS and on MacOS with clang, if you don't #include <unistd.h> then any
    call to crypt() will return a bad (but non null) pointer no matter what the input parameters which then caused a crash later on.

    If you dohn't declare crypt, an implicit declaration of it will be
    used, which is incorrect: int crypt(char *, char *).

    How are you not getting diagnostics for this? Even with no warnings
    enabled, I get this:

    $ echo 'void foo(void) { char *c = crypt("a", "b"); }' | gcc -x c -
    <stdin>: In function ‘foo’:
    <stdin>:1:28: warning: implicit declaration of function ‘crypt’ [-Wimplicit-function-declaration]
    <stdin>:1:28: warning: initialization makes pointer from integer without a cast [-Wint-conversion]

    (It looks like GCC is turning on -Wimplicit-function-declaration
    because of the bad initialization. If I omit the "char *c = ",
    it is silent. -Werror is required to get implicit declaration warning.)

    During the era in which mainstream desktop and server platforms were 32
    bit, you could get away with such a call that on many matchines because
    int has the same width as pointers, and is returned in the same
    register. (Yet there were examples where that didn't work, like MC68K
    systems that returned pointers via an address register, and int via a
    data register).

    Under 64 bit. If, say, the int return linkage happens to extract only
    the bottom 32 bits out of a 64 bit register, then you get a damaged,
    usless pointer value.

    --
    TXR Programming Language: http://nongnu.org/txr
    Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Kaz Kylheku on Tue Nov 1 17:04:35 2022
    On Tue, 1 Nov 2022 14:56:39 -0000 (UTC)
    Kaz Kylheku <864-117-4973@kylheku.com> wrote:
    On 2022-11-01, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    Just found what happened. I'm developing my code simultaniously on Linux and >> MacOS and on MacOS with clang, if you don't #include <unistd.h> then any
    call to crypt() will return a bad (but non null) pointer no matter what the >> input parameters which then caused a crash later on.

    If you dohn't declare crypt, an implicit declaration of it will be
    used, which is incorrect: int crypt(char *, char *).

    How are you not getting diagnostics for this? Even with no warnings
    enabled, I get this:

    I was. I didn't spot it as its a work in progress which still has warnings.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Nicolas George@21:1/5 to All on Tue Nov 1 17:43:20 2022
    Muttley@dastardlyhq.com, dans le message <tjrjj3$j4a$1@gioia.aioe.org>,
    a écrit :
    I was. I didn't spot it as its a work in progress which still has warnings.

    I do not think fixing the warnings at the end is a winning strategy.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ben Bacarisse@21:1/5 to Kaz Kylheku on Wed Nov 2 12:35:13 2022
    Kaz Kylheku <864-117-4973@kylheku.com> writes:

    On 2022-11-01, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    Just found what happened. I'm developing my code simultaniously on Linux and >> MacOS and on MacOS with clang, if you don't #include <unistd.h> then any
    call to crypt() will return a bad (but non null) pointer no matter what the >> input parameters which then caused a crash later on.

    If you dohn't declare crypt, an implicit declaration of it will be
    used, which is incorrect: int crypt(char *, char *).

    I think the implicit declaration would be int crypt() or, more
    accurately, just crypt() with an implicit int return type.

    --
    Ben.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Keith Thompson@21:1/5 to Ben Bacarisse on Wed Nov 2 09:07:12 2022
    Ben Bacarisse <ben.usenet@bsb.me.uk> writes:
    Kaz Kylheku <864-117-4973@kylheku.com> writes:
    On 2022-11-01, Muttley@dastardlyhq.com <Muttley@dastardlyhq.com> wrote:
    Just found what happened. I'm developing my code simultaniously on Linux and
    MacOS and on MacOS with clang, if you don't #include <unistd.h> then any >>> call to crypt() will return a bad (but non null) pointer no matter what the >>> input parameters which then caused a crash later on.

    If you dohn't declare crypt, an implicit declaration of it will be
    used, which is incorrect: int crypt(char *, char *).

    I think the implicit declaration would be int crypt() or, more
    accurately, just crypt() with an implicit int return type.

    In C90, a call with two char* arguments would result in code that
    assumes crypt() has two char* parameters (which it does) and returns an
    int (which it doesn't, so the behavior is undefined). No diagnostic was required.

    C99 dropped the implicit int rule, so such a call is a constraint
    violation with no specified behavior, but most compilers retain the C90 behavior. And most C compilers do not fully conform to any version
    of the standard unless you ask them nicely.

    --
    Keith Thompson (The_Other_Keith) Keith.S.Thompson+u@gmail.com
    Working, but not speaking, for XCOM Labs
    void Void(void) { Void(); } /* The recursive call of the void */

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Nicolas George on Wed Nov 2 16:43:48 2022
    On 01 Nov 2022 17:43:20 GMT
    Nicolas George <nicolas$george@salle-s.org> wrote:
    Muttley@dastardlyhq.com, dans le message <tjrjj3$j4a$1@gioia.aioe.org>,
    a écrit :
    I was. I didn't spot it as its a work in progress which still has warnings.

    I do not think fixing the warnings at the end is a winning strategy.

    Thanks for the heads up. Its a large program and I was concentrating on
    another module.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)