This is an automated email from the ASF dual-hosted git repository. ronny pushed a commit to branch upd/fast_pbkdf2 in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 052f0856c9c003e83ef3d36c859b7c35592044d0 Author: Ronny Berndt <[email protected]> AuthorDate: Wed Jan 3 20:07:49 2024 +0100 Update fast_pbkdf2 to upstream d079c45 --- src/fast_pbkdf2/Makefile | 39 -------- src/fast_pbkdf2/benchmarks/bench.ex | 7 +- src/fast_pbkdf2/mix.exs | 2 +- src/fast_pbkdf2/rebar.config | 83 ++++++++------- src/fast_pbkdf2/rebar.config.script | 8 ++ src/fast_pbkdf2/src/fast_pbkdf2.erl | 31 ++---- src/fast_pbkdf2/test/erl_pbkdf2.erl | 5 +- src/fast_pbkdf2/test/pbkdf2_SUITE.erl | 183 +++++++++++++++------------------- 8 files changed, 156 insertions(+), 202 deletions(-) diff --git a/src/fast_pbkdf2/Makefile b/src/fast_pbkdf2/Makefile deleted file mode 100644 index b4457cc5c..000000000 --- a/src/fast_pbkdf2/Makefile +++ /dev/null @@ -1,39 +0,0 @@ -.PHONY: rel deps test - -REBARVER = 3.13.2 -ifeq ($(OTPVER),24.0) - REBARVER = 3.15.1 -endif - -all: deps compile - -compile: rebar3 - ./rebar3 compile - -deps: rebar3 - ./rebar3 get-deps - -clean: rebar3 - ./rebar3 clean - -test-deps: rebar3 - ./rebar3 get-deps - -test-compile: rebar3 test-deps - ./rebar3 as test compile - -test: test-compile - ./rebar3 as test ct - -codecov: _build/test/cover/ct.coverdata - ./rebar3 as test codecov analyze - -gcov: test-compile - gcov -o c_src fast_pbkdf2 - -rebar3: - wget https://github.com/erlang/rebar3/releases/download/${REBARVER}/rebar3 &&\ - chmod u+x rebar3 - -dialyzer: rebar3 - ./rebar3 dialyzer diff --git a/src/fast_pbkdf2/benchmarks/bench.ex b/src/fast_pbkdf2/benchmarks/bench.ex index 1ac9fd14b..79464c8df 100644 --- a/src/fast_pbkdf2/benchmarks/bench.ex +++ b/src/fast_pbkdf2/benchmarks/bench.ex @@ -1,5 +1,4 @@ defmodule PBKDF2.Benchmarks do - @moduledoc "blank" def pbkdf2_input itCount do password = :base64.encode(:crypto.strong_rand_bytes(10)) salt = :base64.encode(:crypto.strong_rand_bytes(16)) @@ -26,9 +25,9 @@ Benchee.run( "1. 8" => PBKDF2.Benchmarks.pbkdf2_input(8), "2. 512" => PBKDF2.Benchmarks.pbkdf2_input(512), "3. 4096" => PBKDF2.Benchmarks.pbkdf2_input(4096), - "4. 10000" => PBKDF2.Benchmarks.pbkdf2_input(10_000), - "5. 160000" => PBKDF2.Benchmarks.pbkdf2_input(160_000), - "6. 500000" => PBKDF2.Benchmarks.pbkdf2_input(500_000) + "4. 10000" => PBKDF2.Benchmarks.pbkdf2_input(10000), + "5. 160000" => PBKDF2.Benchmarks.pbkdf2_input(160000), + "6. 500000" => PBKDF2.Benchmarks.pbkdf2_input(500000) }, parallel: 12, time: 5, diff --git a/src/fast_pbkdf2/mix.exs b/src/fast_pbkdf2/mix.exs index c3d2a6124..b581df457 100644 --- a/src/fast_pbkdf2/mix.exs +++ b/src/fast_pbkdf2/mix.exs @@ -1,4 +1,4 @@ -defmodule FastPbkdf2.MixProject do +defmodule Fast_Pbkdf2.MixProject do use Mix.Project def project do diff --git a/src/fast_pbkdf2/rebar.config b/src/fast_pbkdf2/rebar.config index 780eed636..391bcba45 100644 --- a/src/fast_pbkdf2/rebar.config +++ b/src/fast_pbkdf2/rebar.config @@ -1,6 +1,6 @@ {erl_opts, [ deterministic - ]}. +]}. {deps, []}. @@ -10,51 +10,66 @@ {deps, [ {base16, "2.0.1"}, {proper, "1.4.0"} - ]}, + ]}, {plugins, [ - {rebar3_codecov, "0.3.0"} - ]}, - {port_env, - [ - {"CFLAGS", "$CFLAGS -std=c99 -O3 -g -Wall -Wextra -fPIC --coverage"}, - {"LDFLAGS", "$LDFLAGS --coverage"}, - {"LDLIBS", "$LDLIBS -lcrypto"}, - {"DRV_LINK_TEMPLATE", "$DRV_LINK_TEMPLATE $LDLIBS"} - ]} - ]} - ] + {rebar3_codecov, "0.6.0"}]}, + {port_env, + [ + {"(linux|solaris|freebsd|netbsd|openbsd|dragonfly|darwin|gnu)", + "CFLAGS", "$CFLAGS -std=c99 -O0 -g -Wall -Wextra -fPIC -I/opt/homebrew/include -I/usr/local/include --coverage"}, + {"(linux|solaris|freebsd|netbsd|openbsd|dragonfly|darwin|gnu)", + "LDLIBS", "$LDLIBS -lcrypto -L/opt/homebrew/lib/ -L/usr/local/lib --coverage"} + ] + } + ]} +] }. -{plugins, [pc, rebar3_hex]}. +{plugins, [pc]}. -{artifacts, ["priv/fast_pbkdf2.so"]}. +{port_env, + [ + {"(linux|solaris|freebsd|netbsd|openbsd|dragonfly|darwin|gnu)", + "CFLAGS", "$CFLAGS -std=c99 -O3 -g -Wall -Wextra -fPIC -I/opt/homebrew/include -I/usr/local/include"}, + {"(linux|solaris|freebsd|netbsd|openbsd|dragonfly|darwin|gnu)", + "LDLIBS", "$LDLIBS -lcrypto -L/opt/homebrew/lib/ -L/usr/local/lib"}, + {"win32", "CFLAGS", "$CFLAGS /I${OPENSSL_INSTALL_DIR}/include /O2 /DNDEBUG /Wall"}, + {"win32", "LDLIBS", "$LDLIBS /LIBPATH:${OPENSSL_INSTALL_DIR}/lib libcrypto.lib"}, + {"DRV_LINK_TEMPLATE", "$DRV_LINK_TEMPLATE $LDLIBS"} + ] +}. {port_specs, - [ + [ { - % Any arch - ".*", - % Create library - "priv/fast_pbkdf2.so", - % From files - ["c_src/*.c"], - % Using options - [ {env, [{"(linux|solaris|darwin|freebsd)", "CFLAGS", "$CFLAGS -std=c99 -O3 -g -Wall -Wextra -fPIC -I/opt/homebrew/include/"}, - {"win32", "CFLAGS", "$CFLAGS /O2 /DNDEBUG /Wall"}, - {"(linux|solaris|darwin|freebsd)", "LDLIBS", "$LDLIBS -lcrypto -L /opt/homebrew/lib/"}, - {"win32", "LDLIBS", "$LDLIBS libcrypto.lib"}, - {"DRV_LINK_TEMPLATE", "$DRV_LINK_TEMPLATE $LDLIBS"}]}] - } - ]}. + % Any arch + ".*", + % Create library + "priv/fast_pbkdf2.so", + % From files + ["c_src/*.c"] + } + ]}. {provider_hooks, - [ + [ {post, - [ + [ {compile, {pc, compile}}, {clean, {pc, clean}} - ]} - ]}. + ]} + ]}. {cover_enabled, true}. {cover_export_enabled, true}. + +{project_plugins, [ + rebar3_hex, + rebar3_ex_doc +]}. + +{hex, [{doc, ex_doc}]}. + +{ex_doc, [ + {source_url, <<"https://github.com/esl/fast_pbkdf2";>>} +]}. diff --git a/src/fast_pbkdf2/rebar.config.script b/src/fast_pbkdf2/rebar.config.script new file mode 100644 index 000000000..7b602ec3d --- /dev/null +++ b/src/fast_pbkdf2/rebar.config.script @@ -0,0 +1,8 @@ +Artifacts = case os:type() of + {win32, _} -> + [{artifacts, ["priv/fast_pbkdf2.dll"]}]; + _ -> + [{artifacts, ["priv/fast_pbkdf2.so"]}] +end, + +CONFIG ++ Artifacts. diff --git a/src/fast_pbkdf2/src/fast_pbkdf2.erl b/src/fast_pbkdf2/src/fast_pbkdf2.erl index 999a6d47f..4583314bf 100644 --- a/src/fast_pbkdf2/src/fast_pbkdf2.erl +++ b/src/fast_pbkdf2/src/fast_pbkdf2.erl @@ -28,35 +28,24 @@ pbkdf2(_Hash, _Password, _Salt, _IterationCount, DkLen, _BlockIndex, Acc, Len) w binary:part(Bin, 0, DkLen); pbkdf2(Hash, Password, Salt, IterationCount, DkLen, BlockIndex, Acc, Len) -> Block = pbkdf2_block(Hash, Password, Salt, IterationCount, BlockIndex), - pbkdf2( - Hash, - Password, - Salt, - IterationCount, - DkLen, - BlockIndex + 1, - [Block | Acc], - byte_size(Block) + Len - ). + pbkdf2(Hash, Password, Salt, IterationCount, DkLen, BlockIndex + 1, [Block | Acc], byte_size(Block) + Len). %%%=================================================================== %%% NIF %%%=================================================================== --spec pbkdf2_block(sha_type(), binary(), binary(), non_neg_integer(), non_neg_integer()) -> - binary(). +-spec pbkdf2_block(sha_type(), binary(), binary(), non_neg_integer(), non_neg_integer()) -> binary(). pbkdf2_block(_Hash, _Password, _Salt, _IterationCount, _BlockSize) -> erlang:nif_error(not_loaded). -spec load() -> any(). load() -> code:ensure_loaded(crypto), - PrivDir = - case code:priv_dir(?MODULE) of - {error, _} -> - EbinDir = filename:dirname(code:which(?MODULE)), - AppPath = filename:dirname(EbinDir), - filename:join(AppPath, "priv"); - Path -> - Path - end, + PrivDir = case code:priv_dir(?MODULE) of + {error, _} -> + EbinDir = filename:dirname(code:which(?MODULE)), + AppPath = filename:dirname(EbinDir), + filename:join(AppPath, "priv"); + Path -> + Path + end, erlang:load_nif(filename:join(PrivDir, ?MODULE_STRING), none). diff --git a/src/fast_pbkdf2/test/erl_pbkdf2.erl b/src/fast_pbkdf2/test/erl_pbkdf2.erl index b37337445..0bb860e38 100644 --- a/src/fast_pbkdf2/test/erl_pbkdf2.erl +++ b/src/fast_pbkdf2/test/erl_pbkdf2.erl @@ -7,9 +7,8 @@ -spec pbkdf2_oneblock(sha_type(), binary(), binary(), non_neg_integer()) -> binary(). pbkdf2_oneblock(Sha, Password, Salt, 1) -> crypto_hmac(Sha, Password, <<Salt/binary, 0, 0, 0, 1>>); -pbkdf2_oneblock(Sha, Password, Salt, IterationCount) when - is_integer(IterationCount), IterationCount > 1 --> +pbkdf2_oneblock(Sha, Password, Salt, IterationCount) + when is_integer(IterationCount), IterationCount > 1 -> U1 = crypto_hmac(Sha, Password, <<Salt/binary, 0, 0, 0, 1>>), mask(U1, iteration(Sha, Password, U1, IterationCount - 1)). diff --git a/src/fast_pbkdf2/test/pbkdf2_SUITE.erl b/src/fast_pbkdf2/test/pbkdf2_SUITE.erl index da0a01607..f08ed1c11 100644 --- a/src/fast_pbkdf2/test/pbkdf2_SUITE.erl +++ b/src/fast_pbkdf2/test/pbkdf2_SUITE.erl @@ -1,38 +1,36 @@ -module(pbkdf2_SUITE). %% API --export([ - all/0, - groups/0, - init_per_suite/1, - end_per_suite/1, - init_per_group/2, - end_per_group/2, - init_per_testcase/2, - end_per_testcase/2 -]). +-export([all/0, + groups/0, + init_per_suite/1, + end_per_suite/1, + init_per_group/2, + end_per_group/2, + init_per_testcase/2, + end_per_testcase/2]). %% test cases -export([ - erlang_and_nif_are_equivalent_sha1/1, - erlang_and_nif_are_equivalent_sha224/1, - erlang_and_nif_are_equivalent_sha256/1, - erlang_and_nif_are_equivalent_sha384/1, - erlang_and_nif_are_equivalent_sha512/1 -]). + erlang_and_nif_are_equivalent_sha1/1, + erlang_and_nif_are_equivalent_sha224/1, + erlang_and_nif_are_equivalent_sha256/1, + erlang_and_nif_are_equivalent_sha384/1, + erlang_and_nif_are_equivalent_sha512/1 + ]). -export([ - test_vector_sha1_1/1, - test_vector_sha1_2/1, - test_vector_sha1_3/1, - test_vector_sha1_4/1, - test_vector_sha1_5/1, - test_vector_sha256_1/1, - test_vector_sha256_2/1, - test_vector_sha256_3/1, - test_vector_sha256_4/1, - test_vector_sha256_5/1, - test_vector_sha256_6/1 -]). + test_vector_sha1_1/1, + test_vector_sha1_2/1, + test_vector_sha1_3/1, + test_vector_sha1_4/1, + test_vector_sha1_5/1, + test_vector_sha256_1/1, + test_vector_sha256_2/1, + test_vector_sha256_3/1, + test_vector_sha256_4/1, + test_vector_sha256_5/1, + test_vector_sha256_6/1 + ]). -include_lib("common_test/include/ct.hrl"). -include_lib("proper/include/proper.hrl"). @@ -40,32 +38,34 @@ all() -> [ - {group, equivalents}, - {group, test_vectors} + {group, equivalents}, + {group, test_vectors} ]. groups() -> [ - {equivalents, [parallel], [ - erlang_and_nif_are_equivalent_sha1, - erlang_and_nif_are_equivalent_sha224, - erlang_and_nif_are_equivalent_sha256, - erlang_and_nif_are_equivalent_sha384, - erlang_and_nif_are_equivalent_sha512 - ]}, - {test_vectors, [parallel], [ - test_vector_sha1_1, - test_vector_sha1_2, - test_vector_sha1_3, - test_vector_sha1_4, - test_vector_sha1_5, - test_vector_sha256_1, - test_vector_sha256_2, - test_vector_sha256_3, - test_vector_sha256_4, - test_vector_sha256_5, - test_vector_sha256_6 - ]} + {equivalents, [parallel], + [ + erlang_and_nif_are_equivalent_sha1, + erlang_and_nif_are_equivalent_sha224, + erlang_and_nif_are_equivalent_sha256, + erlang_and_nif_are_equivalent_sha384, + erlang_and_nif_are_equivalent_sha512 + ]}, + {test_vectors, [parallel], + [ + test_vector_sha1_1, + test_vector_sha1_2, + test_vector_sha1_3, + test_vector_sha1_4, + test_vector_sha1_5, + test_vector_sha256_1, + test_vector_sha256_2, + test_vector_sha256_3, + test_vector_sha256_4, + test_vector_sha256_5, + test_vector_sha256_6 + ]} ]. %%%=================================================================== @@ -115,89 +115,72 @@ erlang_and_nif_are_equivalent_sha512(_Config) -> erlang_and_nif_are_equivalent_(sha512). erlang_and_nif_are_equivalent_(Sha) -> - Prop = ?FORALL( - {Pass, Salt, Count}, - {binary(), binary(), range(2, 20000)}, - fast_pbkdf2:pbkdf2(Sha, Pass, Salt, Count) =:= - erl_pbkdf2:pbkdf2_oneblock(Sha, Pass, Salt, Count) - ), - ?assert( - proper:quickcheck(Prop, [ - verbose, - long_result, - {numtests, 100}, - {start_size, 2}, - {max_size, 64} - ]) - ). + Prop = ?FORALL({Pass, Salt, Count}, + {binary(), binary(), range(2,20000)}, + fast_pbkdf2:pbkdf2(Sha, Pass, Salt, Count) + =:= erl_pbkdf2:pbkdf2_oneblock(Sha, Pass, Salt, Count) + ), + ?assert(proper:quickcheck(Prop, [verbose, long_result, + {numtests, 100}, + {start_size, 2}, + {max_size, 64}])). + %% Taken from the official RFC https://www.ietf.org/rfc/rfc6070.txt test_vector_sha1_1(_Config) -> - {P, S, It, DkLen, Result} = - {<<"password">>, <<"salt">>, 1, 20, - base16:decode(<<"0c60c80f961f0e71f3a9b524af6012062fe037a6">>)}, + {P,S,It,DkLen,Result} = {<<"password">>,<<"salt">>,1,20, + base16:decode(<<"0c60c80f961f0e71f3a9b524af6012062fe037a6">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha, P, S, It, DkLen)). test_vector_sha1_2(_Config) -> - {P, S, It, DkLen, Result} = - {<<"password">>, <<"salt">>, 2, 20, - base16:decode(<<"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957">>)}, + {P,S,It,DkLen,Result} = {<<"password">>,<<"salt">>,2,20, + base16:decode(<<"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha, P, S, It, DkLen)). test_vector_sha1_3(_Config) -> - {P, S, It, DkLen, Result} = - {<<"password">>, <<"salt">>, 4096, 20, - base16:decode(<<"4b007901b765489abead49d926f721d065a429c1">>)}, + {P,S,It,DkLen,Result} = {<<"password">>,<<"salt">>,4096,20, + base16:decode(<<"4b007901b765489abead49d926f721d065a429c1">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha, P, S, It, DkLen)). test_vector_sha1_4(_Config) -> - {P, S, It, DkLen, Result} = - {<<"password">>, <<"salt">>, 16777216, 20, - base16:decode(<<"eefe3d61cd4da4e4e9945b3d6ba2158c2634e984">>)}, + {P,S,It,DkLen,Result} = {<<"password">>,<<"salt">>,16777216,20, + base16:decode(<<"eefe3d61cd4da4e4e9945b3d6ba2158c2634e984">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha, P, S, It, DkLen)). test_vector_sha1_5(_Config) -> - {P, S, It, DkLen, Result} = - {<<"passwordPASSWORDpassword">>, <<"saltSALTsaltSALTsaltSALTsaltSALTsalt">>, 4096, 25, - base16:decode(<<"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038">>)}, + {P,S,It,DkLen,Result} = {<<"passwordPASSWORDpassword">>,<<"saltSALTsaltSALTsaltSALTsaltSALTsalt">>,4096,25, + base16:decode(<<"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha, P, S, It, DkLen)). + %% Taken from https://stackoverflow.com/a/5136918/8853275 test_vector_sha256_1(_Config) -> - {P, S, It, DkLen, Result} = - {<<"password">>, <<"salt">>, 1, 32, - base16:decode(<<"120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b">>)}, + {P,S,It,DkLen,Result} = {<<"password">>, <<"salt">>, 1, 32, + base16:decode(<<"120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha256, P, S, It, DkLen)). test_vector_sha256_2(_Config) -> - {P, S, It, DkLen, Result} = - {<<"password">>, <<"salt">>, 2, 32, - base16:decode(<<"ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43">>)}, + {P,S,It,DkLen,Result} = {<<"password">>, <<"salt">>, 2, 32, + base16:decode(<<"ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha256, P, S, It, DkLen)). test_vector_sha256_3(_Config) -> - {P, S, It, DkLen, Result} = - {<<"password">>, <<"salt">>, 4096, 32, - base16:decode(<<"c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a">>)}, + {P,S,It,DkLen,Result} = {<<"password">>, <<"salt">>, 4096, 32, + base16:decode(<<"c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha256, P, S, It, DkLen)). test_vector_sha256_4(_Config) -> - {P, S, It, DkLen, Result} = - {<<"password">>, <<"salt">>, 16777216, 32, - base16:decode(<<"cf81c66fe8cfc04d1f31ecb65dab4089f7f179e89b3b0bcb17ad10e3ac6eba46">>)}, + {P,S,It,DkLen,Result} = {<<"password">>, <<"salt">>, 16777216, 32, + base16:decode(<<"cf81c66fe8cfc04d1f31ecb65dab4089f7f179e89b3b0bcb17ad10e3ac6eba46">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha256, P, S, It, DkLen)). test_vector_sha256_5(_Config) -> - {P, S, It, DkLen, Result} = - {<<"passwordPASSWORDpassword">>, <<"saltSALTsaltSALTsaltSALTsaltSALTsalt">>, 4096, 40, - base16:decode( - <<"348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9">> - )}, + {P,S,It,DkLen,Result} = {<<"passwordPASSWORDpassword">>,<<"saltSALTsaltSALTsaltSALTsaltSALTsalt">>,4096,40, + base16:decode(<<"348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha256, P, S, It, DkLen)). test_vector_sha256_6(_Config) -> - {P, S, It, DkLen, Result} = - {<<"pass\0word">>, <<"sa\0lt">>, 4096, 16, - base16:decode(<<"89b69d0516f829893c696226650a8687">>)}, + {P,S,It,DkLen,Result} = {<<"pass\0word">>, <<"sa\0lt">>, 4096, 16, + base16:decode(<<"89b69d0516f829893c696226650a8687">>)}, ?assertEqual(Result, fast_pbkdf2:pbkdf2(sha256, P, S, It, DkLen)).
