]>
Commit | Line | Data |
---|---|---|
73a3b967 | 1 | /* |
da1c088f | 2 | * Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved. |
73a3b967 P |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <stdio.h> | |
11 | #include <openssl/core_names.h> | |
12 | #include <openssl/crypto.h> | |
13 | #include <openssl/kdf.h> | |
14 | #include <openssl/obj_mac.h> | |
15 | #include <openssl/params.h> | |
16 | ||
17 | /* | |
18 | * test vector from | |
19 | * https://datatracker.ietf.org/doc/html/rfc7914 | |
20 | */ | |
21 | ||
22 | /* | |
23 | * Hard coding a password into an application is very bad. | |
24 | * It is done here solely for educational purposes. | |
25 | */ | |
26 | static unsigned char password[] = { | |
27 | 'p', 'a', 's', 's', 'w', 'o', 'r', 'd' | |
28 | }; | |
29 | ||
30 | /* | |
31 | * The salt is better not being hard coded too. Each password should have a | |
32 | * different salt if possible. The salt is not considered secret information | |
33 | * and is safe to store with an encrypted password. | |
34 | */ | |
35 | static unsigned char scrypt_salt[] = { | |
36 | 'N', 'a', 'C', 'l' | |
37 | }; | |
38 | ||
39 | /* | |
40 | * The SCRYPT parameters can be variable or hard coded. The disadvantage with | |
41 | * hard coding them is that they cannot easily be adjusted for future | |
42 | * technological improvements appear. | |
43 | */ | |
44 | static unsigned int scrypt_n = 1024; | |
45 | static unsigned int scrypt_r = 8; | |
46 | static unsigned int scrypt_p = 16; | |
47 | ||
48 | static const unsigned char expected_output[] = { | |
49 | ||
50 | 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, | |
51 | 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, | |
52 | 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, | |
53 | 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, | |
54 | 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, | |
55 | 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, | |
56 | 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, | |
57 | 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 | |
58 | }; | |
59 | ||
60 | int main(int argc, char **argv) | |
61 | { | |
09ff84bd | 62 | int ret = EXIT_FAILURE; |
73a3b967 P |
63 | EVP_KDF *kdf = NULL; |
64 | EVP_KDF_CTX *kctx = NULL; | |
65 | unsigned char out[64]; | |
66 | OSSL_PARAM params[6], *p = params; | |
67 | OSSL_LIB_CTX *library_context = NULL; | |
68 | ||
69 | library_context = OSSL_LIB_CTX_new(); | |
70 | if (library_context == NULL) { | |
71 | fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n"); | |
72 | goto end; | |
73 | } | |
74 | ||
75 | /* Fetch the key derivation function implementation */ | |
76 | kdf = EVP_KDF_fetch(library_context, "SCRYPT", NULL); | |
77 | if (kdf == NULL) { | |
78 | fprintf(stderr, "EVP_KDF_fetch() returned NULL\n"); | |
79 | goto end; | |
80 | } | |
81 | ||
82 | /* Create a context for the key derivation operation */ | |
83 | kctx = EVP_KDF_CTX_new(kdf); | |
84 | if (kctx == NULL) { | |
85 | fprintf(stderr, "EVP_KDF_CTX_new() returned NULL\n"); | |
86 | goto end; | |
87 | } | |
88 | ||
89 | /* Set password */ | |
90 | *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, password, | |
91 | sizeof(password)); | |
92 | /* Set salt */ | |
93 | *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, scrypt_salt, | |
94 | sizeof(scrypt_salt)); | |
95 | /* Set N (default 1048576) */ | |
96 | *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_N, &scrypt_n); | |
97 | /* Set R (default 8) */ | |
98 | *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_R, &scrypt_r); | |
99 | /* Set P (default 1) */ | |
100 | *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_P, &scrypt_p); | |
101 | *p = OSSL_PARAM_construct_end(); | |
102 | ||
103 | /* Derive the key */ | |
104 | if (EVP_KDF_derive(kctx, out, sizeof(out), params) != 1) { | |
105 | fprintf(stderr, "EVP_KDF_derive() failed\n"); | |
106 | goto end; | |
107 | } | |
108 | ||
109 | if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) { | |
110 | fprintf(stderr, "Generated key does not match expected value\n"); | |
111 | goto end; | |
112 | } | |
113 | ||
09ff84bd | 114 | ret = EXIT_SUCCESS; |
73a3b967 P |
115 | end: |
116 | EVP_KDF_CTX_free(kctx); | |
117 | EVP_KDF_free(kdf); | |
118 | OSSL_LIB_CTX_free(library_context); | |
09ff84bd | 119 | return ret; |
73a3b967 | 120 | } |