所以我有3个静态变量:
static char sys_salt[PWORD_SALT_LEN];
static char sys_hash[PWORD_HASH_LEN];
static char *sys_encoded_password;
然后将这3个静态变量发送给该函数:
set_hash_and_salt_for_pword(
pword, sys_hash, sys_salt, sys_encoded_password);
在此功能内,
通过以下方式设置盐:
arc4random_buf(pword_salt, PWORD_SALT_LEN);
sys_hash已成功设置,并在我的set_hash_and_salt_for_pword被调用后保持设置状态。这是在以下函数内完成的:argon2_hash(...)
我希望像设置static char *sys_encoded_password;一样设置sys_hash:在argon_2hash内,实际上是因为我在函数内部调用了NSLog(...)。 (是的。我也正在使用Obejctive-C。但是在函数返回后,指针再次为NULL。
这是怎么回事?为什么该指针不持久?
注意:我看到sys_hash和sys_encoded_password之间有2个区别:
sys_encoded_password的类型为static char*,sys_hash的类型为:static char sys_hash[PWORD_HASH_LEN];(又名-大小由宏定义预先定义,这导致第二个差异:
我通过执行以下sys_encoded_password调用来设置set_hash_and_salt_for_pword中malloc的大小:
encoded_password = malloc(encoded_password_length + 1);
输出如下:
2020-04-22 11:09:16.837705-0400 InsecureApp[31502:3180622] pword inside set_hash_and_salt_for_pword: openSesame
2020-04-22 11:09:16.838315-0400 InsecureApp[31502:3180622] salt inside set_hash_and_salt_for_pword:: \M-}b.\M-1T?\M-4\M^QW#\M^J\M-3\M-y\M-2\^V\M-O\M-E\M-p5\M-M\^R\M^Qii_<L\M-?H\M^F \M-_
2020-04-22 11:09:16.838371-0400 InsecureApp[31502:3180622] hash inside set_hash_and_salt_for_pword:: \M^K)Ϸ\M-R5}v\M-`\^FB&\^W\M^H$'\M-}b.\M-1T?\M-4\M^QW#\M^J\M-3\M-y\M-2\^V\M-O\M-E\M-p5\M-M\^R\M^Qii_<L\M-?H\M^F \M-_
2020-04-22 11:09:16.838435-0400 InsecureApp[31502:3180622] encod inside set_hash_and_salt_for_pword: $argon2id$v=19$m=65536,t=2,p=1$/WIusVQ/tJFXI4qz+bIWz8XwNc0SkWlpXzxMv0iGIN8$iynPt9I1fXbgBkImF4gkJw
2020-04-22 11:09:16.838505-0400 InsecureApp[31502:3180622] pword out: openSesame
2020-04-22 11:09:16.838550-0400 InsecureApp[31502:3180622] salt out:: \M-}b.\M-1T?\M-4\M^QW#\M^J\M-3\M-y\M-2\^V\M-O\M-E\M-p5\M-M\^R\M^Qii_<L\M-?H\M^F \M-_
2020-04-22 11:09:16.838598-0400 InsecureApp[31502:3180622] hash out:: \M^K)Ϸ\M-R5}v\M-`\^FB&\^W\M^H$'\M-}b.\M-1T?\M-4\M^QW#\M^J\M-3\M-y\M-2\^V\M-O\M-E\M-p5\M-M\^R\M^Qii_<L\M-?H\M^F \M-_
2020-04-22 11:09:16.898853-0400 InsecureApp[31502:3180622] encod out: (null)
P.S —这是一个完全不安全的本地应用程序,但我是1)学习C,2)使用argon2 API。
相关代码:
#define PWORD_SALT_LEN 32
#define PWORD_HASH_LEN 16
static char sys_salt[PWORD_SALT_LEN];
static char sys_hash[PWORD_HASH_LEN];
static char *sys_encoded_password;
int set_hash_and_salt_for_pword(
const char *pword
, char pword_hash[PWORD_SALT_LEN]
, char pword_salt[PWORD_HASH_LEN]
, char *encoded_password
){
arc4random_buf(pword_salt, PWORD_SALT_LEN);
uint8_t *pword_for_argon = (uint8_t*)strdup(pword);
uint32_t pword_len = (uint32_t)strlen((char*)pword_for_argon);
uint32_t t_cost = 2; // 1-pass computation
uint32_t m_cost = (1<<16); // 64 mebibytes memory usage
uint32_t lanes = 1; // number of threads and lanes
argon2_type hash_type = Argon2_id;
size_t encoded_password_length;
argon2_version version = ARGON2_VERSION_NUMBER;
encoded_password_length
= argon2_encodedlen(
t_cost
, m_cost
, lanes
, (uint32_t)PWORD_SALT_LEN
, PWORD_HASH_LEN
, hash_type);
encoded_password = malloc(encoded_password_length + 1);
if (!encoded_password) {
// clear_internal_memory(pword_for_argon, pword_len);
NSLog(@"could not allocate memory for hash");
}
// argon2id_hash_encoded(
argon2_hash(
t_cost
, m_cost
, lanes
, pword_for_argon
, pword_len
, pword_salt
, PWORD_SALT_LEN
, pword_hash // EXTRA
, PWORD_HASH_LEN
, encoded_password
, encoded_password_length // )
, hash_type // EXTRA
, version); // EXTRA
NSLog(@"pword inside set_hash_and_salt_for_pword: %s", pword);
NSLog(@"salt inside set_hash_and_salt_for_pword:: %s", pword_salt);
NSLog(@"hash inside set_hash_and_salt_for_pword:: %s", pword_hash);
NSLog(@"encod inside set_hash_and_salt_for_pword: %s", encoded_password);
return 0;
}
int main(){
/* BLAH CODE */
char *pword = "openSesame";
set_hash_and_salt_for_pword(
pword, sys_hash, sys_salt, sys_encoded_password);
NSLog(@"pword out: %s", pword);
NSLog(@"salt out:: %s", sys_salt);
NSLog(@"hash out:: %s", sys_hash);
NSLog(@"encod out: %s", sys_encoded_password);
cleanup();
return 0;
}