rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,

nor are they the same size.
9 years ago · 94520ae40e
--- a/src/lib/libc/crypt/bcrypt.c
+++ b/src/lib/libc/crypt/bcrypt.c
@ -1,4 +1,4 @@
 /*	$OpenBSD: bcrypt.c,v 1.50 2015/01/07 16:05:28 tedu Exp $	*/
 /*	$OpenBSD: bcrypt.c,v 1.51 2015/01/12 03:20:04 tedu Exp $	*/

 /*
 * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
@ -47,7 +47,7 @@

 #define BCRYPT_VERSION '2'
 #define BCRYPT_MAXSALT 16	/* Precomputation is just so nice */
 #define BCRYPT_BLOCKS 6		/* Ciphertext blocks */
 #define BCRYPT_WORDS 6		/* Ciphertext words */
 #define BCRYPT_MINLOGROUNDS 4	/* we have log2(rounds) in salt */

 #define	BCRYPT_SALTSPACE	(7 + (BCRYPT_MAXSALT * 4 + 2) / 3 + 1)
@ -96,9 +96,9 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted,
 	u_int16_t j;
 	size_t key_len;
 	u_int8_t salt_len, logr, minor;
 	u_int8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt";
 	u_int8_t ciphertext[4 * BCRYPT_WORDS] = "OrpheanBeholderScryDoubt";
 	u_int8_t csalt[BCRYPT_MAXSALT];
 	u_int32_t cdata[BCRYPT_BLOCKS];
 	u_int32_t cdata[BCRYPT_WORDS];

 	if (encryptedlen < BCRYPT_HASHSPACE)
 		goto inval;
@ -166,14 +166,14 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted,

 	/* This can be precomputed later */
 	j = 0;
 	for (i = 0; i < BCRYPT_BLOCKS; i++)
 		cdata[i] = Blowfish_stream2word(ciphertext, 4 * BCRYPT_BLOCKS, &j);
 	for (i = 0; i < BCRYPT_WORDS; i++)
 		cdata[i] = Blowfish_stream2word(ciphertext, 4 * BCRYPT_WORDS, &j);

 	/* Now do the encryption */
 	for (k = 0; k < 64; k++)
 		blf_enc(&state, cdata, BCRYPT_BLOCKS / 2);
 		blf_enc(&state, cdata, BCRYPT_WORDS / 2);

 	for (i = 0; i < BCRYPT_BLOCKS; i++) {
 	for (i = 0; i < BCRYPT_WORDS; i++) {
 		ciphertext[4 * i + 3] = cdata[i] & 0xff;
 		cdata[i] = cdata[i] >> 8;
 		ciphertext[4 * i + 2] = cdata[i] & 0xff;
@ -186,7 +186,7 @@ bcrypt_hashpass(const char *key, const char *salt, char *encrypted,

 	snprintf(encrypted, 8, "$2%c$%2.2u$", minor, logr);
 	encode_base64(encrypted + 7, csalt, BCRYPT_MAXSALT);
 	encode_base64(encrypted + 7 + 22, ciphertext, 4 * BCRYPT_BLOCKS - 1);
 	encode_base64(encrypted + 7 + 22, ciphertext, 4 * BCRYPT_WORDS - 1);
 	explicit_bzero(&state, sizeof(state));
 	explicit_bzero(ciphertext, sizeof(ciphertext));
 	explicit_bzero(csalt, sizeof(csalt));
--- a/src/lib/libutil/bcrypt_pbkdf.c
+++ b/src/lib/libutil/bcrypt_pbkdf.c
@ -1,4 +1,4 @@
 /* $OpenBSD: bcrypt_pbkdf.c,v 1.12 2015/01/08 00:30:07 deraadt Exp $ */
 /* $OpenBSD: bcrypt_pbkdf.c,v 1.13 2015/01/12 03:20:04 tedu Exp $ */
 /*
 * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
 *
@ -50,8 +50,8 @@
 * wise caller could do; we just do it for you.
 */

 #define BCRYPT_BLOCKS 8
 #define BCRYPT_HASHSIZE (BCRYPT_BLOCKS * 4)
 #define BCRYPT_WORDS 8
 #define BCRYPT_HASHSIZE (BCRYPT_WORDS * 4)

 static void
 bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
@ -59,7 +59,7 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
 	blf_ctx state;
 	uint8_t ciphertext[BCRYPT_HASHSIZE] =
 	    "OxychromaticBlowfishSwatDynamite";
 	uint32_t cdata[BCRYPT_BLOCKS];
 	uint32_t cdata[BCRYPT_WORDS];
 	int i;
 	uint16_t j;
 	size_t shalen = SHA512_DIGEST_LENGTH;
@ -74,14 +74,14 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)

 	/* encryption */
 	j = 0;
 	for (i = 0; i < BCRYPT_BLOCKS; i++)
 	for (i = 0; i < BCRYPT_WORDS; i++)
 		cdata[i] = Blowfish_stream2word(ciphertext, sizeof(ciphertext),
 		    &j);
 	for (i = 0; i < 64; i++)
 		blf_enc(&state, cdata, sizeof(cdata) / sizeof(uint64_t));

 	/* copy out */
 	for (i = 0; i < BCRYPT_BLOCKS; i++) {
 	for (i = 0; i < BCRYPT_WORDS; i++) {
 		out[4 * i + 3] = (cdata[i] >> 24) & 0xff;
 		out[4 * i + 2] = (cdata[i] >> 16) & 0xff;
 		out[4 * i + 1] = (cdata[i] >> 8) & 0xff;