int
crypto_pwhash_scryptsalsa208sha256(unsigned char * const out,
unsigned long long outlen,
const char * const passwd,
unsigned long long passwdlen,
const unsigned char * const salt,
unsigned long long opslimit,
size_t memlimit)
{
uint32_t N_log2;
uint32_t p;
uint32_t r;
memset(out, 0, outlen);
if (passwdlen > SIZE_MAX || outlen > SIZE_MAX) {
errno = EFBIG; /* LCOV_EXCL_LINE */
return -1; /* LCOV_EXCL_LINE */
}
if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) {
errno = EINVAL; /* LCOV_EXCL_LINE */
return -1; /* LCOV_EXCL_LINE */
}
return crypto_pwhash_scryptsalsa208sha256_ll((const uint8_t *) passwd,
(size_t) passwdlen,
(const uint8_t *) salt,
crypto_pwhash_scryptsalsa208sha256_SALTBYTES,
(uint64_t) (1) << N_log2, r, p,
out, (size_t) outlen);
}
int
crypto_pwhash_scryptsalsa208sha256(unsigned char * const out,
unsigned long long outlen,
const char * const passwd,
unsigned long long passwdlen,
const unsigned char * const salt,
unsigned long long opslimit,
size_t memlimit)
{
//fprintf(stderr, "Doing that dirty thang!!!!\n");
uint32_t N_log2;
uint32_t p;
uint32_t r;
memset(out, 0, outlen);
if (passwdlen > SIZE_MAX || outlen > SIZE_MAX) {
errno = EFBIG;
return -1;
}
if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) {
errno = EINVAL;
return -1;
}
return crypto_pwhash_scryptsalsa208sha256_ll((const uint8_t *) passwd,
(size_t) passwdlen,
(const uint8_t *) salt,
crypto_pwhash_scryptsalsa208sha256_SALTBYTES,
(uint64_t) (1) << N_log2, r, p,
out, (size_t) outlen);
}
static void test_vector(const char *password, const char *salt, uint64_t N,
uint32_t r, uint32_t p)
{
uint8_t data[64];
size_t i;
size_t olen = (sizeof data / sizeof data[0]);
size_t passwordLength = strlen(password);
size_t saltLenght = strlen(salt);
int lineitems = 0;
int lineitemsLimit = 15;
if (crypto_pwhash_scryptsalsa208sha256_ll(
(const uint8_t *)password, passwordLength, (const uint8_t *)salt,
saltLenght, N, r, p, data, olen) != 0) {
printf("pwhash_scryptsalsa208sha256_ll([%s],[%s]) failure\n", password,
salt);
return;
}
printf("scrypt('%s', '%s', %llu, %lu, %lu, %lu) =\n", password, salt,
(unsigned long long)N, (unsigned long)r, (unsigned long)p,
(unsigned long)olen);
for (i = 0; i < olen; ++i) {
printf("%02x%c", data[i], lineitems < lineitemsLimit ? ' ' : '\n');
lineitems = lineitems < lineitemsLimit ? lineitems + 1 : 0;
}
}
int
get_key_from_password(unsigned char *k, size_t k_bytes, int confirm)
{
#define SALT_PREFIX "Personalization for this example"
#define SALT_PREFIX_LEN 32
char email[1024U];
char pwd2[1024U];
char pwd[1024U];
unsigned char salt[SALT_PREFIX_LEN + 1024U];
unsigned char h0[56];
size_t email_len;
size_t i;
int ret;
assert(strlen(SALT_PREFIX) == SALT_PREFIX_LEN);
if (get_line(email, sizeof email, "Email: ") != 0) {
return -1;
}
email_len = strlen(email);
for (i = 0U; i < email_len; i++) {
email[i] = (char) tolower((unsigned char) email[i]);
}
if (get_password(pwd, sizeof pwd, "Password: "******"Password (one more time): ") != 0) {
sodium_memzero(pwd, sizeof pwd);
sodium_memzero(pwd2, sizeof pwd2);
return -1;
}
if (strcmp(pwd, pwd2) != 0) {
sodium_memzero(pwd, sizeof pwd);
sodium_memzero(pwd2, sizeof pwd2);
safe_write(2, "Passwords don't match\n",
sizeof "Passwords don't match\n" - 1U, -1);
return -1;
}
sodium_memzero(pwd2, sizeof pwd2);
}
safe_write(2, "Deriving key from password... ",
sizeof "Deriving key from password... " - 1U, -1);
crypto_generichash(h0, sizeof h0, (const unsigned char *) pwd,
strlen(pwd), NULL, 0);
sodium_memzero(pwd, sizeof pwd);
memcpy(salt + SALT_PREFIX_LEN, email, email_len);
sodium_memzero(email, sizeof email);
ret = crypto_pwhash_scryptsalsa208sha256_ll(h0, sizeof h0, salt,
SALT_PREFIX_LEN + email_len,
1ULL << 18, 1U, 8U, k, k_bytes);
sodium_memzero(h0, sizeof h0);
sodium_memzero(salt, sizeof salt);
safe_write(2, "done\n", sizeof "done\n" - 1U, -1);
return ret;
}