Add bcrypt and OTP traits (#77)

* Add bcrypt and OTP traits

* Tidy ups

* Drop Swift version because Xcode

* Fix lint issue

* Fix version in README

* Numptie

* Migrate to using FoundationEssentials based API

* Add mawr type safety

* Remove last unsafe usage

Author: 0xTim

Package.swift

@@ -1,4 +1,5 @@
-// swift-tools-version:6.2.3
+// swift-tools-version:6.2
+// This should really be 6.2.3, but Xcode yet again has a bug
 import PackageDescription
 
 let extraSettings: [SwiftSetting] = [
@@ -29,6 +30,14 @@ let package = Package(
     products: [
         .library(name: "Authentication", targets: ["Authentication"])
     ],
+    traits: [
+        .trait(name: "bcrypt"),
+        .trait(name: "OTP"),
+        .default(enabledTraits: [
+            "bcrypt",
+            "OTP",
+        ]),
+    ],
     dependencies: [
         .package(url: "https://github.com/apple/swift-crypto.git", from: "4.0.0")
     ],
@@ -43,8 +52,8 @@ let package = Package(
         .target(
             name: "Authentication",
             dependencies: [
-                .target(name: "CVaporAuthBcrypt"),
-                .product(name: "Crypto", package: "swift-crypto"),
+                .target(name: "CVaporAuthBcrypt", condition: .when(traits: ["bcrypt"])),
+                .product(name: "Crypto", package: "swift-crypto", condition: .when(traits: ["bcrypt", "OTP"])),
             ],
             swiftSettings: extraSettings
         ),

README.md

@@ -18,7 +18,7 @@ Add the Authentication package to your `Package.swift` dependencies:
 
 ```swift
 dependencies: [
-    .package(url: "https://github.com/vapor/authentication.git", from: "4.0.0")
+    .package(url: "https://github.com/vapor/authentication.git", from: "3.0.0")
 ]
 ```
 

…ion/Passwords/Utilities/Data+Array.swift …/Authentication/Helpers/Data+Array.swiftSources/Authentication/Passwords/Utilities/Data+Array.swift renamed to Sources/Authentication/Helpers/Data+Array.swift Sources/Authentication/Passwords/Utilities/Data+Array.swift renamed to Sources/Authentication/Helpers/Data+Array.swift

@@ -1,3 +1,4 @@
+#if OTP
 public import Crypto
 
 #if canImport(FoundationEssentials)
@@ -285,3 +286,4 @@ extension FixedWidthInteger {
         return unsafe .init(bytes: &copy, count: MemoryLayout<Self>.size)
     }
 }
+#endif

Sources/Authentication/OTP/OTP.swift

@@ -1,3 +1,4 @@
+#if bcrypt
 @nonexhaustive
 public enum BcryptError: Swift.Error, CustomStringConvertible, Sendable {
     case invalidCost
@@ -29,3 +30,4 @@ public enum BcryptError: Swift.Error, CustomStringConvertible, Sendable {
         }
     }
 }
+#endif

Sources/Authentication/Passwords/Bcrypt/BcryptError.swift

@@ -1,3 +1,4 @@
+#if bcrypt
 #if canImport(FoundationEssentials)
 public import FoundationEssentials
 #else
@@ -30,3 +31,4 @@ public struct BcryptHasher: PasswordHasher {
         )
     }
 }
+#endif

Sources/Authentication/Passwords/Bcrypt/BcryptHasher.swift

@@ -1,7 +1,8 @@
+#if bcrypt
 internal import CVaporAuthBcrypt
 
 #if canImport(FoundationEssentials)
-internal import Foundation
+internal import FoundationEssentials
 #else
 internal import Foundation
 #endif
@@ -82,11 +83,13 @@ public enum VaporBcrypt: Sendable {
 
         var hashData = [CChar](repeating: 0, count: 128)
         var hashDataSpan = hashData.mutableSpan
-        let result = unsafe vapor_auth_bcrypt_hashpass(plaintext, normalizedSalt, &hashDataSpan)
+        let result = vapor_auth_bcrypt_hashpass(plaintext.utf8CString.span, normalizedSalt.utf8CString.span, &hashDataSpan)
         guard result == 0 else {
             throw BcryptError.hashFailure
         }
-        guard let string = String(utf8String: hashData) else {
+        // Remove null terminated characters
+        let cleanedHashData = Array(hashData.prefix { $0 != 0 })
+        guard let string = String(validating: cleanedHashData, as: UTF8.self) else {
             throw BcryptError.internalError
         }
 
@@ -177,8 +180,11 @@ public enum VaporBcrypt: Sendable {
     /// - returns: Base 64 encoded plaintext
     private static func base64Encode(_ data: [UInt8]) throws(BcryptError) -> String {
         var encodedStringBytes = [CChar](repeating: 0, count: 25)
-        let result = unsafe vapor_auth_encode_base64(&encodedStringBytes, data.span)
-        guard result == 0, let encodedString = String(utf8String: encodedStringBytes) else {
+        var span = encodedStringBytes.mutableSpan
+        let result = vapor_auth_encode_base64(&span, data.span)
+        // Remove null terminated characters
+        let cleanedString = Array(encodedStringBytes.prefix { $0 != 0 })
+        guard result == 0, let encodedString = String(validating: cleanedString, as: UTF8.self) else {
             throw BcryptError.internalError
         }
         return encodedString
@@ -224,3 +230,4 @@ extension Array where Element == UInt8 {
         return array
     }
 }
+#endif

Sources/Authentication/Passwords/Bcrypt/VaporBcrypt.swift

@@ -50,10 +50,12 @@ static int decode_base64(u_int8_t *, size_t, const char *);
  * the core bcrypt function
  */
 int
-vapor_auth_bcrypt_hashpass(
-                           const char *key,
-                           const char *salt,
-                           char *__counted_by(encryptedlen) encrypted __noescape,
+vapor_auth_bcrypt_hashpass(const char *_Nonnull __counted_by(keysize) key __noescape,
+                           const char *_Nonnull __counted_by(saltsize) salt __noescape,
+                           char *_Nonnull __counted_by(encryptedlen)
+                           encrypted __noescape,
+                           size_t keysize,
+                           size_t saltsize,
                            size_t encryptedlen)
 {
     blf_ctx state;
@@ -76,6 +78,10 @@ vapor_auth_bcrypt_hashpass(
 	if (salt[0] != BCRYPT_VERSION)
 		goto inval;
 
+    /* keysize is the size of the key including a null terminator */
+    if ((strlen(key) + 1) != keysize)
+        goto inval;
+
 	/* Check for minor versions */
 	switch ((minor = salt[1])) {
 	case 'a':
@@ -149,8 +155,8 @@ vapor_auth_bcrypt_hashpass(
 
 
 	snprintf(encrypted, 8, "$2%c$%2.2u$", minor, logr);
-	vapor_auth_encode_base64(encrypted + 7, csalt, BCRYPT_MAXSALT);
-	vapor_auth_encode_base64(encrypted + 7 + 22, ciphertext, 4 * BCRYPT_WORDS - 1);
+	vapor_auth_encode_base64(encrypted + 7, csalt, encryptedlen, BCRYPT_MAXSALT);
+	vapor_auth_encode_base64(encrypted + 7 + 22, ciphertext, encryptedlen, 4 * BCRYPT_WORDS - 1);
 	explicit_bzero(&state, sizeof(state));
 	explicit_bzero(ciphertext, sizeof(ciphertext));
 	explicit_bzero(csalt, sizeof(csalt));
@@ -232,7 +238,10 @@ decode_base64(u_int8_t *buffer, size_t len, const char *b64data)
  * This works without = padding.
  */
 int
-vapor_auth_encode_base64(char *b64buffer, const u_int8_t *__counted_by(len)data __noescape, size_t len)
+vapor_auth_encode_base64(char *_Nonnull __counted_by(bufferlen) b64buffer __noescape,
+                         const u_int8_t *_Nonnull __counted_by(len) data __noescape,
+                         size_t bufferlen,
+                         size_t len)
 {
     u_int8_t *bp = (u_int8_t *)b64buffer;
 	const u_int8_t *p = data;

Sources/CVaporAuthBcrypt/bcrypt.c

@@ -1,8 +1,8 @@
-#include <sys/types.h>
-#include <string.h>
-#include <stdio.h>
 #include <lifetimebound.h>
 #include <ptrcheck.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
 
 #if defined(_WIN32)
 typedef unsigned char uint8_t;
@@ -19,23 +19,31 @@ typedef uint64_t u_int64_t;
 #include <stdint.h>
 #endif
 
-#define explicit_bzero(s,n) memset(s, 0, n)
+#define explicit_bzero(s, n) memset(s, 0, n)
 #define DEF_WEAK(f)
 
-
 /* This implementation is adaptable to current computing power.
  * You can have up to 2^31 rounds which should be enough for some
  * time to come.
  */
 
 #define BCRYPT_VERSION '2'
-#define BCRYPT_MAXSALT 16    /* Precomputation is just so nice */
+#define BCRYPT_MAXSALT 16     /* Precomputation is just so nice */
 #define BCRYPT_WORDS 6        /* Ciphertext words */
-#define BCRYPT_MINLOGROUNDS 4    /* we have log2(rounds) in salt */
-
-#define    BCRYPT_SALTSPACE    (7 + (BCRYPT_MAXSALT * 4 + 2) / 3 + 1)
-#define    BCRYPT_HASHSPACE    61
-
-
-int vapor_auth_bcrypt_hashpass(const char *key, const char *salt, char *__counted_by(encryptedlen) encrypted __noescape, size_t encryptedlen);
-int vapor_auth_encode_base64(char *b64buffer, const u_int8_t *__counted_by(len)data __noescape, size_t len);
+#define BCRYPT_MINLOGROUNDS 4 /* we have log2(rounds) in salt */
+
+#define BCRYPT_SALTSPACE (7 + (BCRYPT_MAXSALT * 4 + 2) / 3 + 1)
+#define BCRYPT_HASHSPACE 61
+
+int vapor_auth_bcrypt_hashpass(const char *_Nonnull __counted_by(keysize) key __noescape,
+                               const char *_Nonnull __counted_by(saltsize) salt __noescape,
+                               char *_Nonnull __counted_by(encryptedlen)
+                                   encrypted __noescape,
+                               size_t keysize,
+                               size_t saltsize,
+                               size_t encryptedlen);
+int vapor_auth_encode_base64(char *_Nonnull __counted_by(bufferlen) b64buffer __noescape,
+                             const u_int8_t *_Nonnull __counted_by(len)
+                                 data __noescape,
+                             size_t bufferlen,
+                             size_t len);

Sources/CVaporAuthBcrypt/bcrypt.h

@@ -1,3 +1,4 @@
+#if bcrypt
 import Authentication
 import Testing
 
@@ -66,3 +67,4 @@ struct BcryptTests {
         #expect(result)
     }
 }
+#endif