From f778c553ef832660555822e9550864624bc8186b Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Wed, 20 Jul 2011 15:06:06 +0200 Subject: Prepare for configurable key setup cost --- lib/App/Raps2.pm | 42 +++++++++++++++++++++++++++++------------- lib/App/Raps2/Password.pm | 18 ++++++++++-------- t/20-app-raps2-password.t | 4 ++-- 3 files changed, 41 insertions(+), 23 deletions(-) diff --git a/lib/App/Raps2.pm b/lib/App/Raps2.pm index c157f71..d2520eb 100644 --- a/lib/App/Raps2.pm +++ b/lib/App/Raps2.pm @@ -76,20 +76,20 @@ sub get_master_password { } $self->{pass} = App::Raps2::Password->new( - cost => $self->{default}{cost}, + cost => $self->{master_cost}, salt => $self->{master_salt}, passphrase => $pass, ); - $self->{pass}->verify( $self->{master_hash} ); + $self->pw->verify( $self->{master_hash} ); return; } sub create_config { my ($self) = @_; - my $cost = 12; - my $pass = $self->{default}{master_password} + my $cost = $self->{default}{cost} // 12; + my $pass = $self->{default}{master_password} // $self->ui->read_pw( 'Master Password', 1 ); $self->{pass} = App::Raps2::Password->new( @@ -104,6 +104,7 @@ sub create_config { "cost ${cost}\n", "salt ${salt}\n", "hash ${hash}\n", + "new_cost ${cost}\n", ); return; @@ -114,7 +115,8 @@ sub load_config { my $cfg = $self->file_to_hash( $self->{xdg_conf} . '/password' ); $self->{master_hash} = $cfg->{hash}; $self->{master_salt} = $cfg->{salt}; - $self->{default}{cost} //= $cfg->{cost}; + $self->{master_cost} = $cfg->{cost}; + $self->{default}{cost} //= $cfg->{new_cost} // 12; return; } @@ -147,11 +149,18 @@ sub pw_save { $data{login} //= q{}; $data{salt} //= $self->pw->create_salt(); $data{url} //= q{}; + $data{cost} //= $self->{default}{cost}; - my $pass_hash = $self->pw->encrypt( $data{password}, $data{salt} ); + my $pass_hash = $self->pw->encrypt( + data => $data{password}, + salt => $data{salt} + ); my $extra_hash = ( - $data{extra} - ? $self->pw->encrypt( $data{extra}, $data{salt} ) + $data{extra} + ? $self->pw->encrypt( + data => $data{extra}, + salt => $data{salt} + ) : q{} ); @@ -159,6 +168,7 @@ sub pw_save { $data{file}, "url $data{url}\n", "login $data{login}\n", + "cost $data{cost}\n", "salt $data{salt}\n", "hash ${pass_hash}\n", "extra ${extra_hash}\n", @@ -177,11 +187,17 @@ sub pw_load { return { url => $key->{url}, login => $key->{login}, - password => $self->pw->decrypt( $key->{hash}, $key->{salt} ), - salt => $key->{salt}, - extra => ( - $key->{extra} - ? $self->pw->decrypt( $key->{extra}, $key->{salt} ) + password => $self->pw->decrypt( + data => $key->{hash}, + salt => $key->{salt} + ), + salt => $key->{salt}, + extra => ( + $key->{extra} + ? $self->pw->decrypt( + data => $key->{extra}, + salt => $key->{salt} + ) : undef ), }; diff --git a/lib/App/Raps2/Password.pm b/lib/App/Raps2/Password.pm index 129f38d..d80a138 100644 --- a/lib/App/Raps2/Password.pm +++ b/lib/App/Raps2/Password.pm @@ -59,27 +59,29 @@ sub salt { } sub encrypt { - my ( $self, $in, $salt ) = @_; + my ( $self, %opt ) = @_; - $salt //= $self->{salt}; + $opt{salt} //= $self->{salt}; + $opt{cost} //= $self->{cost}; my $eksblowfish - = Crypt::Eksblowfish->new( $self->{cost}, $salt, $self->{passphrase}, ); + = Crypt::Eksblowfish->new( $opt{cost}, $opt{salt}, $self->{passphrase}, ); my $cbc = Crypt::CBC->new( -cipher => $eksblowfish ); - return $cbc->encrypt_hex($in); + return $cbc->encrypt_hex( $opt{data} ); } sub decrypt { - my ( $self, $in, $salt ) = @_; + my ( $self, %opt ) = @_; - $salt //= $self->{salt}; + $opt{cost} //= $self->{cost}; + $opt{salt} //= $self->{salt}; my $eksblowfish - = Crypt::Eksblowfish->new( $self->{cost}, $salt, $self->{passphrase}, ); + = Crypt::Eksblowfish->new( $opt{cost}, $opt{salt}, $self->{passphrase}, ); my $cbc = Crypt::CBC->new( -cipher => $eksblowfish ); - return $cbc->decrypt_hex($in); + return $cbc->decrypt_hex( $opt{data} ); } sub bcrypt { diff --git a/t/20-app-raps2-password.t b/t/20-app-raps2-password.t index a8f56e8..4d8f474 100644 --- a/t/20-app-raps2-password.t +++ b/t/20-app-raps2-password.t @@ -67,10 +67,10 @@ $pw = App::Raps2::Password->new( isa_ok($pw, 'App::Raps2::Password'); -is($pw->decrypt('53616c7465645f5f80d8c367e15980d43ec9a6eabc5390b4'), 'quux', +is($pw->decrypt(data => '53616c7465645f5f80d8c367e15980d43ec9a6eabc5390b4'), 'quux', 'decrypt okay'); -is($pw->decrypt($pw->encrypt('foo')), 'foo', 'encrypt->decrypt okay'); +is($pw->decrypt(data => $pw->encrypt(data => 'foo')), 'foo', 'encrypt->decrypt okay'); ok($pw->verify('3lJRlaRuOGWv/z3g1DAOlcH.u9vS8Wm'), 'verify: verifies correct hash'); -- cgit v1.2.3