[prev in list] [next in list] [prev in thread] [next in thread] 

List:       busybox
Subject:    [PATCH 3/5] crypt_make_salt(): simplify and improve
From:       Rasmus Villemoes <rasmus.villemoes () prevas ! dk>
Date:       2024-04-15 12:56:26
Message-ID: 20240415125628.780178-4-rasmus.villemoes () prevas ! dk
[Download RAW message or body]

The use of a PRNG here is useless. No matter what, the generated salt
string is completely determined by the initial value of x.

In fact, since we only look at bits 16-27 and it's a LCG with a
power-of-2 modulus (so the high bits never affect lower bits), only
2^28 different salts can be produced.

So instead of pretending to generate a random string, just
base64-encode the bits we actually have, and make sure all of them are
used. That way we can produce 2^32 instead of 2^28 different salts,
and it also becomes more transparent (due to the trailing '.'
characters from when x hits 0) that the salt generation is not
particularly thorough.

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
---
 libbb/pw_encrypt.c | 15 ++++-----------
 1 file changed, 4 insertions(+), 11 deletions(-)

diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
index 458792faa..9ac75b281 100644
--- a/libbb/pw_encrypt.c
+++ b/libbb/pw_encrypt.c
@@ -37,18 +37,11 @@ static int i64c(int i)
 int FAST_FUNC crypt_make_salt(char *p, int cnt)
 {
 	unsigned x = getpid() + monotonic_us();
+	/* Odd calling convention... */
+	cnt *= 2;
 	do {
-		/* x = (x*1664525 + 1013904223) % 2^32 generator is lame
-		 * (low-order bit is not "random", etc...),
-		 * but for our purposes it is good enough */
-		x = x*1664525 + 1013904223;
-		/* BTW, Park and Miller's "minimal standard generator" is
-		 * x = x*16807 % ((2^31)-1)
-		 * It has no problem with visibly alternating lowest bit
-		 * but is also weak in cryptographic sense + needs div,
-		 * which needs more code (and slower) on many CPUs */
-		*p++ = i64c(x >> 16);
-		*p++ = i64c(x >> 22);
+		*p++ = i64c(x);
+		x >>= 6;
 	} while (--cnt);
 	*p = '\0';
 	return x;
-- 
2.40.1.1.g1c60b9335d

_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic