Add a check for salt length in bcrypt function

Raises an error (as the original doc claimed) if the salt is not the required length of 16 bytes. validatePasswordEither doesn't require separate checking since the hash length as a whole is checked, implicitly ensuring the salt is the right length. Therefore it shouldn't be possible to trigger the error by calling this function. Fixes #93.
2016-07-27 17:38:05 +02:00 · 2016-07-27 17:38:05 +02:00 · fb66c35f46
commit fb66c35f46
parent 8e0d34ff4d
2 changed files with 4 additions and 1 deletions
--- a/Crypto/Cipher/Blowfish/Primitive.hs
+++ b/Crypto/Cipher/Blowfish/Primitive.hs
@ -79,7 +79,9 @@ initBlowfish key
 -- Cost must be between 4 and 31 inclusive
 -- See <https://www.usenix.org/conference/1999-usenix-annual-technical-conference/future-adaptable-password-scheme>
 eksBlowfish :: (ByteArrayAccess salt, ByteArrayAccess password) => Int -> salt -> password -> Context
-eksBlowfish cost salt key = makeKeySchedule key (Just (salt, cost))
+eksBlowfish cost salt key
+    | B.length salt /= 16 = error "bcrypt salt must be 16 bytes"
+    | otherwise           = makeKeySchedule key (Just (salt, cost))

 coreCrypto :: Context -> Word64 -> Word64
 coreCrypto (BF p s0 s1 s2 s3) input = doRound input 0
--- a/tests/BCrypt.hs
+++ b/tests/BCrypt.hs
@ -74,4 +74,5 @@ makeKATs = concatMap maketest (zip3 is passwords hashes)

 tests = testGroup "bcrypt"
    [ testGroup "KATs" makeKATs
+    , testCase "Invalid hash length" (assertEqual "" (Left "Invalid hash format") (validatePasswordEither B.empty ("$2a$06$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s" :: B.ByteString)))
    ]