result_t crypto_base::pbkdf2(int32_t algo, Buffer_base* password, Buffer_base* salt, int32_t iterations, int32_t size, obj_ptr<Buffer_base>& retVal) { if (algo < hash_base::_MD2 || algo > hash_base::_RIPEMD160) return CHECK_ERROR(CALL_E_INVALIDARG); qstring str_pass; qstring str_salt; qstring str_key; password->toString(str_pass); salt->toString(str_salt); str_key.resize(size); mbedtls_md_context_t ctx; mbedtls_md_setup(&ctx, mbedtls_md_info_from_type((mbedtls_md_type_t)algo), 1); mbedtls_pkcs5_pbkdf2_hmac(&ctx, (const unsigned char *)str_pass.c_str(), str_pass.length(), (const unsigned char *)str_salt.c_str(), str_salt.length(), iterations, size, (unsigned char *)&str_key[0]); mbedtls_md_free(&ctx); retVal = new Buffer(str_key); return 0; }
/*JSON{ "type" : "staticmethod", "class" : "crypto", "name" : "PBKDF2", "generate" : "jswrap_crypto_PBKDF2", "params" : [ ["passphrase","JsVar","Passphrase"], ["salt","JsVar","Salt for turning passphrase into a key"], ["options","JsVar","Object of Options, `{ keySize: 8 (in 32 bit words), iterations: 10, hasher: 'SHA1'/'SHA224'/'SHA256'/'SHA384'/'SHA512' }`"] ], "return" : ["JsVar","Returns an ArrayBuffer"], "return_object" : "ArrayBuffer", "ifdef" : "USE_TLS" } Password-Based Key Derivation Function 2 algorithm, using SHA512 */ JsVar *jswrap_crypto_PBKDF2(JsVar *passphrase, JsVar *salt, JsVar *options) { int iterations = 1; int keySize = 128/32; mbedtls_md_type_t hasher = MBEDTLS_MD_SHA1; if (jsvIsObject(options)) { keySize = jsvGetIntegerAndUnLock(jsvObjectGetChild(options, "keySize", 0)); if (keySize<=0) keySize=128/32; iterations = jsvGetIntegerAndUnLock(jsvObjectGetChild(options, "iterations", 0)); if (iterations<1) iterations = 1; JsVar *hashVar = jsvObjectGetChild(options, "hasher", 0); if (!jsvIsUndefined(hashVar)) hasher = jswrap_crypto_getHasher(hashVar); jsvUnLock(hashVar); } else if (!jsvIsUndefined(options)) jsError("Options should be an object or undefined, got %t", options); if (hasher == MBEDTLS_MD_NONE) return 0; // already shown an error JSV_GET_AS_CHAR_ARRAY(passPtr, passLen, passphrase); if (!passPtr) return 0; JSV_GET_AS_CHAR_ARRAY(saltPtr, saltLen, salt); if (!saltPtr) return 0; int err; mbedtls_md_context_t ctx; mbedtls_md_init( &ctx ); err = mbedtls_md_setup( &ctx, mbedtls_md_info_from_type( hasher ), 1 ); assert(err==0); char *keyPtr = 0; JsVar *keyArr = jsvNewArrayBufferWithPtr((unsigned)keySize*4, &keyPtr); if (!keyPtr) { jsError("Not enough memory for result"); return 0; } err = mbedtls_pkcs5_pbkdf2_hmac( &ctx, (unsigned char*)passPtr, passLen, (unsigned char*)saltPtr, saltLen, (unsigned)iterations, (unsigned)keySize*4, (unsigned char*)keyPtr ); mbedtls_md_free( &ctx ); if (!err) { return keyArr; } else { jswrap_crypto_error(err); jsvUnLock(keyArr); return 0; } }
int mbedtls_pkcs5_self_test( int verbose ) { mbedtls_md_context_t sha1_ctx; const mbedtls_md_info_t *info_sha1; int ret, i; unsigned char key[64]; mbedtls_md_init( &sha1_ctx ); info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); if( info_sha1 == NULL ) { ret = 1; goto exit; } if( ( ret = mbedtls_md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 ) { ret = 1; goto exit; } for( i = 0; i < MAX_TESTS; i++ ) { if( verbose != 0 ) mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i ); ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i], slen[i], it_cnt[i], key_len[i], key ); if( ret != 0 || memcmp( result_key[i], key, key_len[i] ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); exit: mbedtls_md_free( &sha1_ctx ); return( ret ); }
int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t datalen, unsigned char *output ) { int ret, iterations = 0, keylen = 0; unsigned char *p, *end; mbedtls_asn1_buf kdf_alg_oid, enc_scheme_oid, kdf_alg_params, enc_scheme_params; mbedtls_asn1_buf salt; mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1; unsigned char key[32], iv[32]; size_t olen = 0; const mbedtls_md_info_t *md_info; const mbedtls_cipher_info_t *cipher_info; mbedtls_md_context_t md_ctx; mbedtls_cipher_type_t cipher_alg; mbedtls_cipher_context_t cipher_ctx; p = pbe_params->p; end = p + pbe_params->len; /* * PBES2-params ::= SEQUENCE { * keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, * encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} * } */ if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 ) return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); // Only PBKDF2 supported at the moment // if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid ) != 0 ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); if( ( ret = pkcs5_parse_pbkdf2_params( &kdf_alg_params, &salt, &iterations, &keylen, &md_type ) ) != 0 ) { return( ret ); } md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, &enc_scheme_params ) ) != 0 ) { return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); } if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); cipher_info = mbedtls_cipher_info_from_type( cipher_alg ); if( cipher_info == NULL ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); /* * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored * since it is optional and we don't know if it was set or not */ keylen = cipher_info->key_bitlen / 8; if( enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || enc_scheme_params.len != cipher_info->iv_size ) { return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT ); } mbedtls_md_init( &md_ctx ); mbedtls_cipher_init( &cipher_ctx ); memcpy( iv, enc_scheme_params.p, enc_scheme_params.len ); if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) goto exit; if( ( ret = mbedtls_pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len, iterations, keylen, key ) ) != 0 ) { goto exit; } if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 ) goto exit; if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 ) goto exit; if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len, data, datalen, output, &olen ) ) != 0 ) ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH; exit: mbedtls_md_free( &md_ctx ); mbedtls_cipher_free( &cipher_ctx ); return( ret ); }