From 8419beeca49e84f0a55188b7a4dcc27bbec66073 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Sun, 31 Jul 2016 02:30:41 +0200 Subject: [PATCH] upd: decrease scrypt workload when testing. Change-Id: I91bdbf9225e80f3a0380ec2a4bbfa592a141f26b --- src/org/cacert/gigi/Gigi.java | 2 + src/org/cacert/gigi/util/PasswordHash.java | 46 ++++++++++++++++++- .../cacert/gigi/testUtils/ConfiguredTest.java | 3 ++ 3 files changed, 50 insertions(+), 1 deletion(-) diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java index 6db61694..812f61fb 100644 --- a/src/org/cacert/gigi/Gigi.java +++ b/src/org/cacert/gigi/Gigi.java @@ -73,6 +73,7 @@ import org.cacert.gigi.pages.wot.RequestTTPPage; import org.cacert.gigi.ping.PingerDaemon; import org.cacert.gigi.util.AuthorizationContext; import org.cacert.gigi.util.DomainAssessment; +import org.cacert.gigi.util.PasswordHash; import org.cacert.gigi.util.ServerConstants; import org.cacert.gigi.util.TimeConditions; @@ -252,6 +253,7 @@ public final class Gigi extends HttpServlet { DomainAssessment.init(conf); DatabaseConnection.init(conf); TimeConditions.init(conf); + PasswordHash.init(conf); this.truststore = truststore; pinger = new PingerDaemon(truststore); pinger.start(); diff --git a/src/org/cacert/gigi/util/PasswordHash.java b/src/org/cacert/gigi/util/PasswordHash.java index 6d598e77..97e3493a 100644 --- a/src/org/cacert/gigi/util/PasswordHash.java +++ b/src/org/cacert/gigi/util/PasswordHash.java @@ -3,6 +3,7 @@ package org.cacert.gigi.util; import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.util.Properties; import com.lambdaworks.crypto.SCryptUtil; @@ -68,6 +69,49 @@ public class PasswordHash { } public static String hash(String password) { - return SCryptUtil.scrypt(password, 1 << 14, 8, 1); + return SCryptUtil.scrypt(password, N, r, p); + } + + private static int N = 1 << 14; + + private static int r = 8; + + private static int p = 1; + + private static boolean initialized = false; + + public static synchronized void init(Properties prop) { + if (initialized) { + throw new IllegalStateException("Already initialized."); + } + String val = prop.getProperty("scrypt.params", "14;8;1"); + String[] parts = val.split(";", 3); + int N = 1 << Integer.parseInt(parts[0]); + int r = Integer.parseInt(parts[1]); + int p = Integer.parseInt(parts[2]); + checkScryptParams(N, r, p); + PasswordHash.N = N; + PasswordHash.r = r; + PasswordHash.p = p; + initialized = true; + } + + private static void checkScryptParams(int N, int r, int p) { + if (N < 2 || (N & (N - 1)) != 0) { + throw new IllegalArgumentException("N must be a power of 2 greater than 1"); + } + if (r <= 0) { + throw new IllegalArgumentException("Parameter r zero or negative"); + } + if (p <= 0) { + throw new IllegalArgumentException("Parameter p zero or negative"); + } + + if (N > Integer.MAX_VALUE / 128 / r) { + throw new IllegalArgumentException("Parameter N is too large"); + } + if (r > Integer.MAX_VALUE / 128 / p) { + throw new IllegalArgumentException("Parameter r is too large"); + } } } diff --git a/tests/org/cacert/gigi/testUtils/ConfiguredTest.java b/tests/org/cacert/gigi/testUtils/ConfiguredTest.java index ec589b4b..1a8ce692 100644 --- a/tests/org/cacert/gigi/testUtils/ConfiguredTest.java +++ b/tests/org/cacert/gigi/testUtils/ConfiguredTest.java @@ -35,6 +35,7 @@ import org.cacert.gigi.util.DatabaseManager; import org.cacert.gigi.util.DomainAssessment; import org.cacert.gigi.util.Notary; import org.cacert.gigi.util.PEM; +import org.cacert.gigi.util.PasswordHash; import org.cacert.gigi.util.ServerConstants; import org.cacert.gigi.util.TimeConditions; import org.junit.BeforeClass; @@ -82,6 +83,7 @@ public abstract class ConfiguredTest { ServerConstants.init(props); TimeConditions.init(props); DomainAssessment.init(props); + PasswordHash.init(props); if ( !DatabaseConnection.isInited()) { DatabaseConnection.init(testProps); @@ -114,6 +116,7 @@ public abstract class ConfiguredTest { } } mainProps.setProperty("highFinancialValue", out.getAbsolutePath()); + mainProps.setProperty("scrypt.params", "1;1;1"); return mainProps; } -- 2.39.2