2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/evp.h>
11 #include <openssl/err.h>
12 #include <openssl/kdf.h>
13 #include "internal/numbers.h"
15 #ifndef OPENSSL_NO_SCRYPT
18 * Maximum permitted memory allow this to be overridden with Configuration
19 * option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible.
23 # if SCRYPT_MAX_MEM == 0
24 # undef SCRYPT_MAX_MEM
26 * Although we could theoretically allocate SIZE_MAX memory that would leave
27 * no memory available for anything else so set limit as half that.
29 # define SCRYPT_MAX_MEM (SIZE_MAX/2)
32 /* Default memory limit: 32 MB */
33 # define SCRYPT_MAX_MEM (1024 * 1024 * 32)
36 int EVP_PBE_scrypt(const char *pass
, size_t passlen
,
37 const unsigned char *salt
, size_t saltlen
,
38 uint64_t N
, uint64_t r
, uint64_t p
, uint64_t maxmem
,
39 unsigned char *key
, size_t keylen
)
41 const char *empty
= "";
45 if (r
> UINT32_MAX
|| p
> UINT32_MAX
) {
46 EVPerr(EVP_F_EVP_PBE_SCRYPT
, EVP_R_PARAMETER_TOO_LARGE
);
50 /* Maintain existing behaviour. */
56 salt
= (const unsigned char *)empty
;
60 maxmem
= SCRYPT_MAX_MEM
;
62 kctx
= EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT
);
66 if (EVP_KDF_ctrl(kctx
, EVP_KDF_CTRL_SET_PASS
, pass
, (size_t)passlen
) != 1
67 || EVP_KDF_ctrl(kctx
, EVP_KDF_CTRL_SET_SALT
,
68 salt
, (size_t)saltlen
) != 1
69 || EVP_KDF_ctrl(kctx
, EVP_KDF_CTRL_SET_SCRYPT_N
, N
) != 1
70 || EVP_KDF_ctrl(kctx
, EVP_KDF_CTRL_SET_SCRYPT_R
, (uint32_t)r
) != 1
71 || EVP_KDF_ctrl(kctx
, EVP_KDF_CTRL_SET_SCRYPT_P
, (uint32_t)p
) != 1
72 || EVP_KDF_ctrl(kctx
, EVP_KDF_CTRL_SET_MAXMEM_BYTES
, maxmem
) != 1
73 || EVP_KDF_derive(kctx
, key
, keylen
) != 1)
76 EVP_KDF_CTX_free(kctx
);