diff options
Diffstat (limited to 'toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c')
-rw-r--r-- | toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c | 211 |
1 files changed, 211 insertions, 0 deletions
diff --git a/toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c b/toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c new file mode 100644 index 00000000..52c51abc --- /dev/null +++ b/toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c | |||
@@ -0,0 +1,211 @@ | |||
1 | #ifdef HAVE_CONFIG_H | ||
2 | #include "config.h" | ||
3 | #endif | ||
4 | #ifdef VANILLA_NACL /* toxcore only uses this when libsodium is unavailable */ | ||
5 | |||
6 | #include <errno.h> | ||
7 | #include <limits.h> | ||
8 | #include <stddef.h> | ||
9 | #include <stdint.h> | ||
10 | #include <string.h> | ||
11 | //#include <stdio.h> | ||
12 | |||
13 | #include "crypto_pwhash_scryptsalsa208sha256.h" | ||
14 | #include "crypto_scrypt.h" | ||
15 | #include "randombytes.h" | ||
16 | #include "utils.h" | ||
17 | |||
18 | #define SETTING_SIZE(saltbytes) \ | ||
19 | (sizeof "$7$" - 1U) + \ | ||
20 | (1U /* N_log2 */) + (5U /* r */) + (5U /* p */) + BYTES2CHARS(saltbytes) | ||
21 | |||
22 | static int | ||
23 | pickparams(unsigned long long opslimit, const size_t memlimit, | ||
24 | uint32_t * const N_log2, uint32_t * const p, uint32_t * const r) | ||
25 | { | ||
26 | unsigned long long maxN; | ||
27 | unsigned long long maxrp; | ||
28 | |||
29 | if (opslimit < 32768) { | ||
30 | opslimit = 32768; | ||
31 | } | ||
32 | *r = 8; | ||
33 | if (opslimit < memlimit / 32) { | ||
34 | *p = 1; | ||
35 | maxN = opslimit / (*r * 4); | ||
36 | for (*N_log2 = 1; *N_log2 < 63; *N_log2 += 1) { | ||
37 | if ((uint64_t)(1) << *N_log2 > maxN / 2) { | ||
38 | break; | ||
39 | } | ||
40 | } | ||
41 | } else { | ||
42 | maxN = memlimit / (*r * 128); | ||
43 | for (*N_log2 = 1; *N_log2 < 63; *N_log2 += 1) { | ||
44 | if ((uint64_t) (1) << *N_log2 > maxN / 2) { | ||
45 | break; | ||
46 | } | ||
47 | } | ||
48 | maxrp = (opslimit / 4) / ((uint64_t) (1) << *N_log2); | ||
49 | if (maxrp > 0x3fffffff) { | ||
50 | maxrp = 0x3fffffff; | ||
51 | } | ||
52 | *p = (uint32_t) (maxrp) / *r; | ||
53 | } | ||
54 | return 0; | ||
55 | } | ||
56 | |||
57 | size_t | ||
58 | crypto_pwhash_scryptsalsa208sha256_saltbytes(void) | ||
59 | { | ||
60 | return crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | ||
61 | } | ||
62 | |||
63 | size_t | ||
64 | crypto_pwhash_scryptsalsa208sha256_strbytes(void) | ||
65 | { | ||
66 | return crypto_pwhash_scryptsalsa208sha256_STRBYTES; | ||
67 | } | ||
68 | |||
69 | const char * | ||
70 | crypto_pwhash_scryptsalsa208sha256_strprefix(void) | ||
71 | { | ||
72 | return crypto_pwhash_scryptsalsa208sha256_STRPREFIX; | ||
73 | } | ||
74 | |||
75 | size_t | ||
76 | crypto_pwhash_scryptsalsa208sha256_opslimit_interactive(void) | ||
77 | { | ||
78 | return crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE; | ||
79 | } | ||
80 | |||
81 | size_t | ||
82 | crypto_pwhash_scryptsalsa208sha256_memlimit_interactive(void) | ||
83 | { | ||
84 | return crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE; | ||
85 | } | ||
86 | |||
87 | size_t | ||
88 | crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive(void) | ||
89 | { | ||
90 | return crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE; | ||
91 | } | ||
92 | |||
93 | size_t | ||
94 | crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive(void) | ||
95 | { | ||
96 | return crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE; | ||
97 | } | ||
98 | |||
99 | int | ||
100 | crypto_pwhash_scryptsalsa208sha256(unsigned char * const out, | ||
101 | unsigned long long outlen, | ||
102 | const char * const passwd, | ||
103 | unsigned long long passwdlen, | ||
104 | const unsigned char * const salt, | ||
105 | unsigned long long opslimit, | ||
106 | size_t memlimit) | ||
107 | { | ||
108 | //fprintf(stderr, "Doing that dirty thang!!!!\n"); | ||
109 | uint32_t N_log2; | ||
110 | uint32_t p; | ||
111 | uint32_t r; | ||
112 | |||
113 | memset(out, 0, outlen); | ||
114 | if (passwdlen > SIZE_MAX || outlen > SIZE_MAX) { | ||
115 | errno = EFBIG; | ||
116 | return -1; | ||
117 | } | ||
118 | if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) { | ||
119 | errno = EINVAL; | ||
120 | return -1; | ||
121 | } | ||
122 | return crypto_pwhash_scryptsalsa208sha256_ll((const uint8_t *) passwd, | ||
123 | (size_t) passwdlen, | ||
124 | (const uint8_t *) salt, | ||
125 | crypto_pwhash_scryptsalsa208sha256_SALTBYTES, | ||
126 | (uint64_t) (1) << N_log2, r, p, | ||
127 | out, (size_t) outlen); | ||
128 | } | ||
129 | |||
130 | int | ||
131 | crypto_pwhash_scryptsalsa208sha256_str(char out[crypto_pwhash_scryptsalsa208sha256_STRBYTES], | ||
132 | const char * const passwd, | ||
133 | unsigned long long passwdlen, | ||
134 | unsigned long long opslimit, | ||
135 | size_t memlimit) | ||
136 | { | ||
137 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_STRSALTBYTES]; | ||
138 | char setting[crypto_pwhash_scryptsalsa208sha256_STRSETTINGBYTES + 1U]; | ||
139 | escrypt_local_t escrypt_local; | ||
140 | uint32_t N_log2; | ||
141 | uint32_t p; | ||
142 | uint32_t r; | ||
143 | |||
144 | memset(out, 0, crypto_pwhash_scryptsalsa208sha256_STRBYTES); | ||
145 | if (passwdlen > SIZE_MAX) { | ||
146 | errno = EFBIG; | ||
147 | return -1; | ||
148 | } | ||
149 | if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) { | ||
150 | errno = EINVAL; | ||
151 | return -1; | ||
152 | } | ||
153 | randombytes(salt, sizeof salt); | ||
154 | if (escrypt_gensalt_r(N_log2, r, p, salt, sizeof salt, | ||
155 | (uint8_t *) setting, sizeof setting) == NULL) { | ||
156 | errno = EINVAL; | ||
157 | return -1; | ||
158 | } | ||
159 | if (escrypt_init_local(&escrypt_local) != 0) { | ||
160 | return -1; | ||
161 | } | ||
162 | if (escrypt_r(&escrypt_local, (const uint8_t *) passwd, (size_t) passwdlen, | ||
163 | (const uint8_t *) setting, (uint8_t *) out, | ||
164 | crypto_pwhash_scryptsalsa208sha256_STRBYTES) == NULL) { | ||
165 | escrypt_free_local(&escrypt_local); | ||
166 | errno = EINVAL; | ||
167 | return -1; | ||
168 | } | ||
169 | escrypt_free_local(&escrypt_local); | ||
170 | |||
171 | (void) sizeof | ||
172 | (int[SETTING_SIZE(crypto_pwhash_scryptsalsa208sha256_STRSALTBYTES) | ||
173 | == crypto_pwhash_scryptsalsa208sha256_STRSETTINGBYTES ? 1 : -1]); | ||
174 | (void) sizeof | ||
175 | (int[crypto_pwhash_scryptsalsa208sha256_STRSETTINGBYTES + 1U + | ||
176 | crypto_pwhash_scryptsalsa208sha256_STRHASHBYTES_ENCODED + 1U | ||
177 | == crypto_pwhash_scryptsalsa208sha256_STRBYTES ? 1 : -1]); | ||
178 | |||
179 | return 0; | ||
180 | } | ||
181 | |||
182 | int | ||
183 | crypto_pwhash_scryptsalsa208sha256_str_verify(const char str[crypto_pwhash_scryptsalsa208sha256_STRBYTES], | ||
184 | const char * const passwd, | ||
185 | unsigned long long passwdlen) | ||
186 | { | ||
187 | char wanted[crypto_pwhash_scryptsalsa208sha256_STRBYTES]; | ||
188 | escrypt_local_t escrypt_local; | ||
189 | int ret = -1; | ||
190 | |||
191 | if (memchr(str, 0, crypto_pwhash_scryptsalsa208sha256_STRBYTES) != | ||
192 | &str[crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1U]) { | ||
193 | return -1; | ||
194 | } | ||
195 | if (escrypt_init_local(&escrypt_local) != 0) { | ||
196 | return -1; | ||
197 | } | ||
198 | if (escrypt_r(&escrypt_local, (const uint8_t *) passwd, (size_t) passwdlen, | ||
199 | (const uint8_t *) str, (uint8_t *) wanted, | ||
200 | sizeof wanted) == NULL) { | ||
201 | escrypt_free_local(&escrypt_local); | ||
202 | return -1; | ||
203 | } | ||
204 | escrypt_free_local(&escrypt_local); | ||
205 | ret = sodium_memcmp(wanted, str, sizeof wanted); | ||
206 | sodium_memzero(wanted, sizeof wanted); | ||
207 | |||
208 | return ret; | ||
209 | } | ||
210 | |||
211 | #endif | ||