[thirdparty/openssl.git] / crypto / evp / pbe_scrypt.c

/*
 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/kdf.h>
#include <openssl/core_names.h>
#include "internal/numbers.h"

#ifndef OPENSSL_NO_SCRYPT

/*
 * Maximum permitted memory allow this to be overridden with Configuration
 * option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible.
 */

#ifdef SCRYPT_MAX_MEM
# if SCRYPT_MAX_MEM == 0
#  undef SCRYPT_MAX_MEM
/*
 * Although we could theoretically allocate SIZE_MAX memory that would leave
 * no memory available for anything else so set limit as half that.
 */
#  define SCRYPT_MAX_MEM (SIZE_MAX/2)
# endif
#else
/* Default memory limit: 32 MB */
# define SCRYPT_MAX_MEM  (1024 * 1024 * 32)
#endif

int EVP_PBE_scrypt(const char *pass, size_t passlen,
                   const unsigned char *salt, size_t saltlen,
                   uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
                   unsigned char *key, size_t keylen)
{
    const char *empty = "";
    int rv = 1;
    EVP_KDF *kdf;
    EVP_KDF_CTX *kctx;
    OSSL_PARAM params[7], *z = params;

    if (r > UINT32_MAX || p > UINT32_MAX) {
        EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
        return 0;
    }

    /* Maintain existing behaviour. */
    if (pass == NULL) {
        pass = empty;
        passlen = 0;
    }
    if (salt == NULL) {
        salt = (const unsigned char *)empty;
        saltlen = 0;
    }
    if (maxmem == 0)
        maxmem = SCRYPT_MAX_MEM;

    kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_SCRYPT, NULL);
    kctx = EVP_KDF_CTX_new(kdf);
    EVP_KDF_free(kdf);
    if (kctx == NULL)
        return 0;

    *z++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
                                              (unsigned char *)pass,
                                                      passlen);
    *z++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
                                             (unsigned char *)salt, saltlen);
    *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_N, &N);
    *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_R, &r);
    *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_P, &p);
    *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_MAXMEM, &maxmem);
    *z = OSSL_PARAM_construct_end();
    if (EVP_KDF_CTX_set_params(kctx, params) != 1
            || EVP_KDF_derive(kctx, key, keylen) != 1)
        rv = 0;

    EVP_KDF_CTX_free(kctx);
    return rv;
}

#endif
Commit	Line	Data
a95fb9e3	1	/*
c4d3c19b	2	* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
a95fb9e3	3	*
4a8b0c55	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
62867571 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
a95fb9e3 DSH	8	*/
a95fb9e3 DSH	9
a95fb9e3	10	#include <openssl/evp.h>
fef034f8	11	#include <openssl/err.h>
5a285add	12	#include <openssl/kdf.h>
7707526b	13	#include <openssl/core_names.h>
546ca2f4	14	#include "internal/numbers.h"
a95fb9e3	15
b0809bc8 RS	16	#ifndef OPENSSL_NO_SCRYPT
b0809bc8 RS	17
a95fb9e3 DSH	18	/*
	19	* Maximum permitted memory allow this to be overridden with Configuration
	20	* option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible.
	21	*/
	22
	23	#ifdef SCRYPT_MAX_MEM
	24	# if SCRYPT_MAX_MEM == 0
	25	# undef SCRYPT_MAX_MEM
	26	/*
	27	* Although we could theoretically allocate SIZE_MAX memory that would leave
	28	* no memory available for anything else so set limit as half that.
	29	*/
	30	# define SCRYPT_MAX_MEM (SIZE_MAX/2)
	31	# endif
	32	#else
	33	/* Default memory limit: 32 MB */
	34	# define SCRYPT_MAX_MEM (1024 * 1024 * 32)
	35	#endif
	36
	37	int EVP_PBE_scrypt(const char *pass, size_t passlen,
	38	const unsigned char *salt, size_t saltlen,
	39	uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
	40	unsigned char *key, size_t keylen)
	41	{
5a285add DM	42	const char *empty = "";
5a285add DM	43	int rv = 1;
7707526b	44	EVP_KDF *kdf;
5a285add	45	EVP_KDF_CTX *kctx;
7707526b	46	OSSL_PARAM params[7], *z = params;
5a285add	47
4c3941c2 MC	48	if (r > UINT32_MAX \|\| p > UINT32_MAX) {
	49	EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
	50	return 0;
	51	}
	52
5a285add DM	53	/* Maintain existing behaviour. */
	54	if (pass == NULL) {
	55	pass = empty;
	56	passlen = 0;
a95fb9e3	57	}
253d7622 VS	58	if (salt == NULL) {
	59	salt = (const unsigned char *)empty;
	60	saltlen = 0;
	61	}
a95fb9e3 DSH	62	if (maxmem == 0)
a95fb9e3 DSH	63	maxmem = SCRYPT_MAX_MEM;
44589b5d	64
64115f05	65	kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_SCRYPT, NULL);
7707526b P	66	kctx = EVP_KDF_CTX_new(kdf);
7707526b P	67	EVP_KDF_free(kdf);
5a285add	68	if (kctx == NULL)
a95fb9e3	69	return 0;
a95fb9e3	70
7707526b P	71	*z++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
	72	(unsigned char *)pass,
	73	passlen);
	74	*z++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
	75	(unsigned char *)salt, saltlen);
	76	*z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_N, &N);
	77	*z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_R, &r);
	78	*z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_P, &p);
	79	*z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_MAXMEM, &maxmem);
	80	*z = OSSL_PARAM_construct_end();
	81	if (EVP_KDF_CTX_set_params(kctx, params) != 1
5a285add DM	82	\|\| EVP_KDF_derive(kctx, key, keylen) != 1)
	83	rv = 0;
	84
	85	EVP_KDF_CTX_free(kctx);
a95fb9e3 DSH	86	return rv;
a95fb9e3 DSH	87	}
5a285add	88
b0809bc8	89	#endif