Fixed memory leak in TDECPasswordHash.DoDone. Reenabled all BCrypt Crypt/BSD style tests again. IsValidPassword is still a stub.

MHumm · MHumm · commit 27204c816fc3 · 2022-03-05T10:35:53.000+01:00
diff --git a/Source/DECHash.pas b/Source/DECHash.pas
@@ -5237,26 +5237,15 @@ class function THash_BCrypt.GetCryptHash(
                               Format         : TDECFormatClass): string;
 var
   Hash : THash_BCrypt;
-  B: TBytes;
 begin
   Hash := THash_BCrypt.Create;
   try
     Hash.Cost := StrToInt(string(Params));
     Hash.Salt := Salt;
 
     // BCrypt leaves off the $ in front of the actual password hash value
-//    Result := TEncoding.ASCII.GetString(//Hash.CalcBytes(TEncoding.UTF8.GetBytes(Password)));
-//                Format.Encode(Hash.CalcBytes(TEncoding.UTF8.GetBytes(Password))));
-
-//    b:= TEncoding.UTF8.GetBytes(Password);
-
-//    b := Format.Encode([85, 126, 148, 243, 75, 242, 134, 232, 113, 154, 38, 190, 148, 172, 30, 22, 217, 94, 249, 248, 25, 222, 224]);
-    b := Hash.CalcBytes(b);
-    b := Format.Encode(b);
-
-    Result := TEncoding.ASCII.GetString(b);
-//               [85, 126, 148, 243, 75, 242, 134, 232, 113, 154, 38, 190, 148, 172, 30, 22, 217, 94, 249, 248, 25, 222, 224];
-//                //Hash.CalcBytes(TEncoding.UTF8.GetBytes(Password))));
+    Result := TEncoding.ASCII.GetString(Format.Encode(Hash.CalcBytes(
+                TEncoding.UTF8.GetBytes(Password))));
   finally
     Hash.Free;
   end;
@@ -5281,7 +5270,8 @@ class function THash_BCrypt.GetCryptParams(
 class function THash_BCrypt.IsValidPassword(const Password,
                                                   CryptData: string): Boolean;
 begin
-
+{ TODO : To be implemented }
+  Result := false;
 end;
 
 procedure THash_BCrypt.BF_Encrypt(const BI: TBFBlock; var BO: TBFBlock);
diff --git a/Source/DECHashAuthentication.pas b/Source/DECHashAuthentication.pas
@@ -1558,7 +1558,7 @@ procedure TDECPasswordHash.DoDone;
 begin
   inherited;
 
-  ProtectBuffer(FSalt, SizeOf(FSalt));
+  ProtectBuffer(FSalt[0], SizeOf(FSalt));
   SetLength(FSalt, 0);
 end;
 
@@ -1590,19 +1590,12 @@ class function TDECPasswordHash.GetDigestInCryptFormat(
     if SaltIsRaw then
       SaltBytes := TEncoding.UTF8.GetBytes(Salt)
     else
-      SaltBytes := [20, 75, 61, 105, 26, 123, 78, 207, 57, 207, 115, 92, 127, 167, 167, 156]; //Format.Decode(TEncoding.UTF8.GetBytes(Salt));
-
-// Mal noch mehr mocken um einzugrenzen welche Nutzung von Salt das Leck verursacht
-//    Result := Result + GetCryptParams(Params, Format) +
-//                       GetCryptSalt(SaltBytes, Format) +
-//                       GetCryptHash(Password, Params, SaltBytes, Format);
+      SaltBytes := Format.Decode(TEncoding.UTF8.GetBytes(Salt));
 
     Result := Result + GetCryptParams(Params, Format) +
                        GetCryptSalt(SaltBytes, Format) +
                        GetCryptHash(Password, Params, SaltBytes, Format);
   end;
-
-  SetLength(SaltBytes, 0);
 end;
 
 class function TDECPasswordHash.IsValidPassword(const Password  : string;
diff --git a/Unit Tests/Tests/TestDECHash.pas b/Unit Tests/Tests/TestDECHash.pas
@@ -6365,10 +6365,9 @@   TPair = record
   i         : Integer;
   SplitData : TBCryptBSDTestData;
 begin
-  for i := Low(TestData) to 1 do //High(TestData) do
+  for i := Low(TestData) to High(TestData) do
   begin
     SplitData := SplitTestVector(TestData[i].bs);
-// Fix memory leaks we get
     Result := string(THash_BCrypt.GetDigestInCryptFormat(
                                     Passwords[TestData[i].pn],
                                     SplitData.Cost.ToString,
