[thirdparty/openssl.git] / crypto / evp / pbe_scrypt.c

/*
 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/kdf.h>
#include "internal/numbers.h"

#ifndef OPENSSL_NO_SCRYPT

/*
 * Maximum permitted memory allow this to be overridden with Configuration
 * option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible.
 */

#ifdef SCRYPT_MAX_MEM
# if SCRYPT_MAX_MEM == 0
#  undef SCRYPT_MAX_MEM
/*
 * Although we could theoretically allocate SIZE_MAX memory that would leave
 * no memory available for anything else so set limit as half that.
 */
#  define SCRYPT_MAX_MEM (SIZE_MAX/2)
# endif
#else
/* Default memory limit: 32 MB */
# define SCRYPT_MAX_MEM  (1024 * 1024 * 32)
#endif

int EVP_PBE_scrypt(const char *pass, size_t passlen,
                   const unsigned char *salt, size_t saltlen,
                   uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
                   unsigned char *key, size_t keylen)
{
    const char *empty = "";
    int rv = 1;
    EVP_KDF_CTX *kctx;

    if (r > UINT32_MAX || p > UINT32_MAX) {
        EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
        return 0;
    }

    /* Maintain existing behaviour. */
    if (pass == NULL) {
        pass = empty;
        passlen = 0;
    }
    if (salt == NULL) {
        salt = (const unsigned char *)empty;
        saltlen = 0;
    }
    if (maxmem == 0)
        maxmem = SCRYPT_MAX_MEM;

    kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT);
    if (kctx == NULL)
        return 0;

    if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1
            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
                            salt, (size_t)saltlen) != 1
            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, N) != 1
            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)r) != 1
            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)p) != 1
            || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, maxmem) != 1
            || EVP_KDF_derive(kctx, key, keylen) != 1)
        rv = 0;

    EVP_KDF_CTX_free(kctx);
    return rv;
}

#endif
Commit	Line	Data
a95fb9e3	1	/*
c4d3c19b	2	* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
a95fb9e3	3	*
4a8b0c55	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
62867571 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
a95fb9e3 DSH	8	*/
a95fb9e3 DSH	9
a95fb9e3	10	#include <openssl/evp.h>
fef034f8	11	#include <openssl/err.h>
5a285add	12	#include <openssl/kdf.h>
546ca2f4	13	#include "internal/numbers.h"
a95fb9e3	14
b0809bc8 RS	15	#ifndef OPENSSL_NO_SCRYPT
b0809bc8 RS	16
a95fb9e3 DSH	17	/*
	18	* Maximum permitted memory allow this to be overridden with Configuration
	19	* option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible.
	20	*/
	21
	22	#ifdef SCRYPT_MAX_MEM
	23	# if SCRYPT_MAX_MEM == 0
	24	# undef SCRYPT_MAX_MEM
	25	/*
	26	* Although we could theoretically allocate SIZE_MAX memory that would leave
	27	* no memory available for anything else so set limit as half that.
	28	*/
	29	# define SCRYPT_MAX_MEM (SIZE_MAX/2)
	30	# endif
	31	#else
	32	/* Default memory limit: 32 MB */
	33	# define SCRYPT_MAX_MEM (1024 * 1024 * 32)
	34	#endif
	35
	36	int EVP_PBE_scrypt(const char *pass, size_t passlen,
	37	const unsigned char *salt, size_t saltlen,
	38	uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
	39	unsigned char *key, size_t keylen)
	40	{
5a285add DM	41	const char *empty = "";
	42	int rv = 1;
	43	EVP_KDF_CTX *kctx;
	44
4c3941c2 MC	45	if (r > UINT32_MAX \|\| p > UINT32_MAX) {
	46	EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
	47	return 0;
	48	}
	49
5a285add DM	50	/* Maintain existing behaviour. */
	51	if (pass == NULL) {
	52	pass = empty;
	53	passlen = 0;
a95fb9e3	54	}
253d7622 VS	55	if (salt == NULL) {
	56	salt = (const unsigned char *)empty;
	57	saltlen = 0;
	58	}
a95fb9e3 DSH	59	if (maxmem == 0)
a95fb9e3 DSH	60	maxmem = SCRYPT_MAX_MEM;
44589b5d	61
5a285add DM	62	kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT);
5a285add DM	63	if (kctx == NULL)
a95fb9e3	64	return 0;
a95fb9e3	65
5a285add DM	66	if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1
	67	\|\| EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
	68	salt, (size_t)saltlen) != 1
	69	\|\| EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, N) != 1
	70	\|\| EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)r) != 1
	71	\|\| EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)p) != 1
	72	\|\| EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, maxmem) != 1
	73	\|\| EVP_KDF_derive(kctx, key, keylen) != 1)
	74	rv = 0;
	75
	76	EVP_KDF_CTX_free(kctx);
a95fb9e3 DSH	77	return rv;
a95fb9e3 DSH	78	}
5a285add	79
b0809bc8	80	#endif