fosster/rexcrypt
1
0
Fork 0
Code Issues Pull requests Projects Releases 3 Packages Wiki Activity Actions

3 releases 5 tags

RSS feed
  • v2.6.0 5e48cacf47

    v2.6.0 Stable

    sezieru released this 2025-10-19 10:33:03 +00:00 | 15 commits to main since this release

    RexCrypt v2.6.0 — now a two-tool teaching suite

    This release adds rexcrack, a small multithreaded dictionary-attack demo that builds directly on RexCrypt’s “hash-as-setting” verification model. No breaking changes to rexcrypt.

    What’s new

    New tool: rexcrack

    • Purpose: educational dictionary attack using crypt_r(3).
    • Concurrency: pthread worker pool; one struct crypt_data per thread; shared fgets() under a mutex; overlong line drain so the next candidate is clean.
    • Validation: anchored regex checks for crypt(5) formats; prefers crypt_checksalt() when available. Legacy DES/bigcrypt intentionally accepted for teaching.
    • I/O discipline: winner printed to stdout; verbose logs (if -v) go to stderr.
    • Exit codes: 0 (match), 2 (not found), EX_* for errors (e.g., EX_NOINPUT bad file, EX_DATAERR invalid hash).

    CLI

    rexcrack -h <hash> -w <wordlist> [-t <threads>] [-v]
    • -h <hash>: stored hash (exact string from rexcrypt)
    • -w <wordlist>: newline-separated candidates (blank & overlong lines OK)
    • -t <threads>: default=#CPUs, min 1, soft cap 64
    • -v: verbose tracing to stderr (stdout kept clean for pipelines)

    🔧 RexCrypt improvements (recap)

    • Non-TTY handling + -k - stdin path, length cap via CRYPT_MAX_PASSPHRASE_SIZE.
    • Verify mode (-V <hash>) with script-friendly exit codes (0/2/1).
    • Algorithm probe (-L) to list support on the host.

    🧪 Tests (TAP v14)

    • New cases for rexcrack: match, not-found, bad wordlist, invalid hash, overlong/blank line handling, stdout/stderr separation, thread-count edges.
    • Existing rexcrypt coverage retained (prefixes, stdin/non-TTY, verify OK/FAIL, listing, etc.).

    📚 Docs & build

    • README/TESTING updated with rexcrack usage, exit semantics, and examples.
    • Makefile builds both bin/rexcrypt and bin/rexcrack.

    Install / Build

    make                 # builds ./bin/rexcrypt and ./bin/rexcrack
make test            # TAP v14 suite
# manual:
# rexcrypt
clang -Wall -Wextra -W -O2 -Iinclude -o bin/rexcrypt src/rexcrypt.c -lcrypt
# rexcrack (pthreads)
clang -Wall -Wextra -W -O2 -Iinclude -o bin/rexcrack src/rexcrack.c -lcrypt -pthread

    Quick start

    H="$(./bin/rexcrypt -k hunter2)"
./bin/rexcrack -h "$H" -w tests/wordlist.txt -t 8

    Notes

    • This project is educational: not a production password subsystem.
    • Algorithm availability and -c semantics depend on your system’s libxcrypt build.
    • Legacy formats are supported to demonstrate why they’re legacy.
    Downloads
  • v2.5.0 7cf174e4a3

    v2.5.0 Stable

    sezieru released this 2025-10-17 20:42:46 +00:00 | 33 commits to main since this release

    RexCrypt v2.5.0

    Highlights

    • Salt specification (-s <salt>): Pass a deterministic salt/setting to get a resulting hash. The same salt/setting, key, and algorithm will generate the same resulting hash.
    • Verify mode (-V <hash>): Pass the stored hash as the "setting" to crypt(3) and compare. Prints human-readable status and provides exit codes for scripting/TAP tests.
    • List algorithms (-L): Probe support on the current system (via crypt_gensalt()), and where available, crypt_checksalt()) and prints a short status table. Perfect for "what does this box support?" demos.
    • TAP v14 tests expanded: Test runner asserts exit codes, treats rexcrypt as a black box, and prints TAP to stdout with diagnostics on stderr. Added cases around verify OK/FAIL and error paths; regex comparator prints helpful compile errors.
    • Usage/README/TESTING updated: Built-in help and docs provide information on feature options, and docs provide additional detail where needed.

    Changes & Refactors

    • Complete refactor of the core: rexcrypt.c has been rewritten to move much of the functionality into separate functions, adding new functions for support, and providing appropriate documentation in all cases.
    • select_alg() no longer allocates: now returns a const char * "setting" prefix; callers stop freeing it. Simpler, safer, and easier to explain.
    • Unsigned count semantics: Internal counters (e.g. resalt, cpu_tim, and alg) use unsigned long; parsing moved to strtoul() (parse_ulong() helper). The resalt loop was adjusted to avoid the classic "--u >= 0" unsigned underflow trap; comments call this out as a teachable gotcha.
    • Additional polish: Safer copymem() demo, consistent help/usage text, and alignment/comment cleanups.
    • Multi-line support for regex comparator: cmp_regex.c now supports multi-line matches, allowing for greater test case flexibility & robustness.

    CLI (recap)

    rexcrypt [-c <cpu_tim>] [-r <resalt>] [-a <alg>] [-k <key>|-] [-s <salt>] [-V <hash>] [-L]
    • -k - reads from stdin (newline trimmed; echo not disabled).
    • Passphrase input is capped by CRYPT_MAX_PASSPHRASE_SIZE (commonly 512 bytes).

    Build / Test

    make            # builds ./bin/rexcrypt
make test       # runs TAP v14 tests

    Notes

    • RexCrypt remains an educational tool, not a production password subsystem.
    • Algorithm availability and the semantics of -c depend on your system's libxcrypt build.
    Downloads
  • v2.0.1 aefe74a482

    v2.0.1 Stable

    sezieru released this 2025-10-13 21:32:53 +00:00 | 66 commits to main since this release

    RexCrypt v2.0.1

    Teaching-focused release of a small, readable crypt(3) demo with a clean CLI, strong inline commentary, and a black-box TAP test harness.

    Highlights

    • Non-TTY handling: if stdin isn’t a TTY and -k isn’t provided, RexCrypt exits with a helpful hint instead of prompting.
    • -k - (stdin): read the secret from standard input for scripting; trailing newline is trimmed.
    • Length bound: passphrase input is capped by CRYPT_MAX_PASSPHRASE_SIZE (commonly 512 bytes) to match struct crypt_data.
    • Built-in help (-?): concise usage() with options, algorithm table, and examples (printed to stderr for easy piping).
    • TAP v14 tests: make test runs a small suite that treats RexCrypt as a black box (prefix checks, stdin path, non-TTY error path).
    • Safer memory handling: fix and use a standards-compliant copymem() demo.
    • Clean repo layout: src/ for the tool, tests/ for the TAP harness + comparators, bin/ for outputs.

    CLI

    rexcrypt [-c <cpu_tim>] [-r <resalt>] [-a <alg>] [-k <key>|-]
    • -c <cpu_tim>: library-defined cost/rounds/time knob (unsigned long).
    • -r <resalt>: respin the salt N extra times after the first generation (default 0).
    • -a <alg>: algorithm selector (0..9, a, b) – availability depends on your libxcrypt build.
    • -k <key>: provide the secret inline; omit to be prompted via getpass().
    • -k -: read the secret from stdin (for scripting; echo is not disabled).

    Build / Test

    make            # builds ./bin/rexcrypt
make test       # runs TAP v14 tests

    Requires a C compiler (clang/gcc) and libxcrypt/libcrypt headers + library.

    Notable changes since 1.x

    • New non-TTY check & -k - code path.
    • Input buffer sized to CRYPT_MAX_PASSPHRASE_SIZE to match crypt_r limits.
    • Usage/help text expanded; README synced with CLI behavior.
    • TAP harness upgraded and modularized (tests/ with comparator modules).
    • Minor fixes and comment cleanups to keep the code strictly C-portable and student-friendly.

    Notes

    • The tool is educational, not a drop-in production password solution.
    • Algorithm availability and exact semantics of -c depend on your system’s libxcrypt build.
    Downloads