diff options
Diffstat (limited to 'toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pbkdf2-sha256.c')
-rw-r--r-- | toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pbkdf2-sha256.c | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pbkdf2-sha256.c b/toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pbkdf2-sha256.c new file mode 100644 index 00000000..01eb7dff --- /dev/null +++ b/toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pbkdf2-sha256.c | |||
@@ -0,0 +1,91 @@ | |||
1 | #ifdef HAVE_CONFIG_H | ||
2 | #include "config.h" | ||
3 | #endif | ||
4 | #ifdef VANILLA_NACL /* toxcore only uses this when libsodium is unavailable */ | ||
5 | |||
6 | /*- | ||
7 | * Copyright 2005,2007,2009 Colin Percival | ||
8 | * All rights reserved. | ||
9 | * | ||
10 | * Redistribution and use in source and binary forms, with or without | ||
11 | * modification, are permitted provided that the following conditions | ||
12 | * are met: | ||
13 | * 1. Redistributions of source code must retain the above copyright | ||
14 | * notice, this list of conditions and the following disclaimer. | ||
15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
16 | * notice, this list of conditions and the following disclaimer in the | ||
17 | * documentation and/or other materials provided with the distribution. | ||
18 | * | ||
19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND | ||
20 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
22 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
23 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
24 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
25 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
26 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
27 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
28 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
29 | * SUCH DAMAGE. | ||
30 | */ | ||
31 | |||
32 | #include <sys/types.h> | ||
33 | |||
34 | #include <stdint.h> | ||
35 | #include <stdlib.h> | ||
36 | #include <string.h> | ||
37 | |||
38 | #include "crypto_auth_hmacsha256.h" | ||
39 | #include "pbkdf2-sha256.h" | ||
40 | #include "sysendian.h" | ||
41 | #include "utils.h" | ||
42 | |||
43 | /** | ||
44 | * PBKDF2_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen): | ||
45 | * Compute PBKDF2(passwd, salt, c, dkLen) using HMAC-SHA256 as the PRF, and | ||
46 | * write the output to buf. The value dkLen must be at most 32 * (2^32 - 1). | ||
47 | */ | ||
48 | void | ||
49 | PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt, | ||
50 | size_t saltlen, uint64_t c, uint8_t * buf, size_t dkLen) | ||
51 | { | ||
52 | crypto_auth_hmacsha256_state PShctx, hctx; | ||
53 | size_t i; | ||
54 | uint8_t ivec[4]; | ||
55 | uint8_t U[32]; | ||
56 | uint8_t T[32]; | ||
57 | uint64_t j; | ||
58 | int k; | ||
59 | size_t clen; | ||
60 | |||
61 | crypto_auth_hmacsha256_init(&PShctx, passwd, passwdlen); | ||
62 | crypto_auth_hmacsha256_update(&PShctx, salt, saltlen); | ||
63 | |||
64 | for (i = 0; i * 32 < dkLen; i++) { | ||
65 | be32enc(ivec, (uint32_t)(i + 1)); | ||
66 | memcpy(&hctx, &PShctx, sizeof(crypto_auth_hmacsha256_state)); | ||
67 | crypto_auth_hmacsha256_update(&hctx, ivec, 4); | ||
68 | crypto_auth_hmacsha256_final(&hctx, U); | ||
69 | |||
70 | memcpy(T, U, 32); | ||
71 | |||
72 | for (j = 2; j <= c; j++) { | ||
73 | crypto_auth_hmacsha256_init(&hctx, passwd, passwdlen); | ||
74 | crypto_auth_hmacsha256_update(&hctx, U, 32); | ||
75 | crypto_auth_hmacsha256_final(&hctx, U); | ||
76 | |||
77 | for (k = 0; k < 32; k++) { | ||
78 | T[k] ^= U[k]; | ||
79 | } | ||
80 | } | ||
81 | |||
82 | clen = dkLen - i * 32; | ||
83 | if (clen > 32) { | ||
84 | clen = 32; | ||
85 | } | ||
86 | memcpy(&buf[i * 32], T, clen); | ||
87 | } | ||
88 | sodium_memzero((void *) &PShctx, sizeof PShctx); | ||
89 | } | ||
90 | |||
91 | #endif | ||