static unsigned int tunable_cost_p(void *salt) { const uint8_t * setting; const uint8_t * src; uint32_t r, p; setting = salt; if (setting[0] != '$' || setting[1] != '7' || setting[2] != '$') return 0; src = setting + 3; { uint32_t N_log2; if (decode64_one(&N_log2, *src)) return 0; src++; } src = decode64_uint32(&r, 30, src); if (!src) return 0; src = decode64_uint32(&p, 30, src); if (!src) return 0; return (unsigned int) p; }
const uint8_t * escrypt_parse_setting(const uint8_t *setting, uint32_t *N_log2_p, uint32_t *r_p, uint32_t *p_p) { const uint8_t *src; if (setting[0] != '$' || setting[1] != '7' || setting[2] != '$') { return NULL; } src = setting + 3; if (decode64_one(N_log2_p, *src)) { return NULL; } src++; src = decode64_uint32(r_p, 30, src); if (!src) { return NULL; } src = decode64_uint32(p_p, 30, src); if (!src) { return NULL; } return src; }
static const uint8_t* decode64_uint32(uint32_t* dst, uint32_t dstbits, const uint8_t* src) { uint32_t bit; uint32_t value; value = 0; for (bit = 0; bit < dstbits; bit += 6) { uint32_t one; if (decode64_one(&one, *src)) { *dst = 0; return NULL; } src++; value |= one << bit; } *dst = value; return src; }
static unsigned int tunable_cost_N(void *salt) { const uint8_t * setting; const uint8_t * src; uint64_t N; setting = salt; if (setting[0] != '$' || setting[1] != '7' || setting[2] != '$') return 0; src = setting + 3; { uint32_t N_log2; if (decode64_one(&N_log2, *src)) return 0; src++; N = (uint64_t)1 << N_log2; } return (unsigned int) N; }
static int valid(char *ciphertext, struct fmt_main *self) { char *p; int length; unsigned tmp; if (strncmp(ciphertext, "$7$", 3)) return 0; for (p = ciphertext + 3; p < ciphertext + (3 + 1 + 5 + 5); p++) if (atoi64[ARCH_INDEX(*p)] == 0x7F) return 0; p = strrchr(ciphertext, '$'); if (!p) return 0; if (p - ciphertext > BINARY_SIZE - (1 + 43)) return 0; ++p; length = base64_valid_length(p, e_b64_cryptBS, flg_Base64_NO_FLAGS); decode64_one(&tmp, ciphertext[3]); if (!tmp) return 0; decode64_uint32(&tmp, 30, (const uint8_t *)&ciphertext[4]); if (!tmp) return 0; decode64_uint32(&tmp, 30, (const uint8_t *)&ciphertext[4+5]); if (!tmp) return 0; // we want the hash to use 32 bytes OR more. 43 base64 bytes is 32 raw bytes return p[length]==0 && length >= 43; }
uint8_t * escrypt_r(escrypt_local_t * local, const uint8_t * passwd, size_t passwdlen, const uint8_t * setting, uint8_t * buf, size_t buflen) { uint8_t hash[HASH_SIZE]; const uint8_t * src, * salt; uint8_t * dst; size_t prefixlen, saltlen, need; uint64_t N; uint32_t r, p; if (setting[0] != '$' || setting[1] != '7' || setting[2] != '$') return NULL; src = setting + 3; { uint32_t N_log2; if (decode64_one(&N_log2, *src)) return NULL; src++; N = (uint64_t)1 << N_log2; } src = decode64_uint32(&r, 30, src); if (!src) return NULL; src = decode64_uint32(&p, 30, src); if (!src) return NULL; prefixlen = src - setting; salt = src; src = (uint8_t *)strrchr((char *)salt, '$'); if (src) saltlen = src - salt; else saltlen = strlen((char *)salt); need = prefixlen + saltlen + 1 + HASH_LEN + 1; if (need > buflen || need < saltlen) return NULL; if (escrypt_kdf(local, passwd, passwdlen, salt, saltlen, N, r, p, hash, sizeof(hash))) return NULL; dst = buf; memcpy(dst, setting, prefixlen + saltlen); dst += prefixlen + saltlen; *dst++ = '$'; dst = encode64(dst, buflen - (dst - buf), hash, sizeof(hash)); /* Could zeroize hash[] here, but escrypt_kdf() doesn't zeroize its * memory allocations yet anyway. */ if (!dst || dst >= buf + buflen) /* Can't happen */ return NULL; *dst = 0; /* NUL termination */ return buf; }
uint8_t * escrypt_r(escrypt_local_t * local, const uint8_t * passwd, size_t passwdlen, const uint8_t * setting, uint8_t * buf, size_t buflen) { uint8_t hash[crypto_pwhash_scryptxsalsa208sha256_STRHASHBYTES]; escrypt_kdf_t escrypt_kdf; const uint8_t *src; const uint8_t *salt; uint8_t *dst; size_t prefixlen; size_t saltlen; size_t need; uint64_t N; uint32_t N_log2; uint32_t r; uint32_t p; if (setting[0] != '$' || setting[1] != '7' || setting[2] != '$') { return NULL; } src = setting + 3; if (decode64_one(&N_log2, *src)) { return NULL; } src++; N = (uint64_t)1 << N_log2; src = decode64_uint32(&r, 30, src); if (!src) { return NULL; } src = decode64_uint32(&p, 30, src); if (!src) { return NULL; } prefixlen = src - setting; salt = src; src = (uint8_t *) strrchr((char *)salt, '$'); if (src) { saltlen = src - salt; } else { saltlen = strlen((char *)salt); } need = prefixlen + saltlen + 1 + crypto_pwhash_scryptxsalsa208sha256_STRHASHBYTES_ENCODED + 1; if (need > buflen || need < saltlen) { return NULL; } #if defined(HAVE_EMMINTRIN_H) || defined(_MSC_VER) escrypt_kdf = sodium_runtime_has_sse2() ? escrypt_kdf_sse : escrypt_kdf_nosse; #else escrypt_kdf = escrypt_kdf_nosse; #endif if (escrypt_kdf(local, passwd, passwdlen, salt, saltlen, N, r, p, hash, sizeof(hash))) { return NULL; } dst = buf; memcpy(dst, setting, prefixlen + saltlen); dst += prefixlen + saltlen; *dst++ = '$'; dst = encode64(dst, buflen - (dst - buf), hash, sizeof(hash)); sodium_memzero(hash, sizeof hash); if (!dst || dst >= buf + buflen) { /* Can't happen */ return NULL; } *dst = 0; /* NUL termination */ return buf; }
uint8_t* yescrypt_r(const yescrypt_shared_t* shared, yescrypt_local_t* local, const uint8_t* passwd, size_t passwdlen, const uint8_t* setting, uint8_t* buf, size_t buflen) { uint8_t hash[HASH_SIZE]; const uint8_t * src, * salt; uint8_t * dst; size_t prefixlen, saltlen, need; uint8_t version; uint64_t N; uint32_t r, p; yescrypt_flags_t flags = YESCRYPT_WORM; printf("pass1 ..."); fflush(stdout); if (setting[0] != '$' || setting[1] != '7') { printf("died$7 ..."); fflush(stdout); return NULL; } printf("died80 ..."); fflush(stdout); src = setting + 2; printf("hello '%p'\n", (char *)src); fflush(stdout); switch ((version = *src)) { case '$': printf("died2 ..."); fflush(stdout); break; case 'X': src++; flags = YESCRYPT_RW; printf("died3 ..."); fflush(stdout); break; default: printf("died4 ..."); fflush(stdout); return NULL; } printf("pass2 ..."); fflush(stdout); if (*src != '$') { uint32_t decoded_flags; if (decode64_one(&decoded_flags, *src)) { printf("died5 ..."); fflush(stdout); return NULL; } flags = decoded_flags; if (*++src != '$') { printf("died6 ..."); fflush(stdout); return NULL; } } src++; { uint32_t N_log2; if (decode64_one(&N_log2, *src)) { printf("died7 ..."); return NULL; } src++; N = (uint64_t)1 << N_log2; } src = decode64_uint32(&r, 30, src); if (!src) { printf("died6 ..."); return NULL; } src = decode64_uint32(&p, 30, src); if (!src) { printf("died7 ..."); return NULL; } prefixlen = src - setting; salt = src; src = (uint8_t *)strrchr((char *)salt, '$'); if (src) saltlen = src - salt; else saltlen = strlen((char *)salt); need = prefixlen + saltlen + 1 + HASH_LEN + 1; if (need > buflen || need < saltlen) { printf("'%d %d %d'", (int) need, (int) buflen, (int) saltlen); printf("died8killbuf ..."); fflush(stdout); return NULL; } if (yescrypt_kdf(shared, local, passwd, passwdlen, salt, saltlen, N, r, p, 0, flags, hash, sizeof(hash))) { printf("died10 ..."); fflush(stdout); return NULL; } dst = buf; memcpy(dst, setting, prefixlen + saltlen); dst += prefixlen + saltlen; *dst++ = '$'; dst = encode64(dst, buflen - (dst - buf), hash, sizeof(hash)); /* Could zeroize hash[] here, but yescrypt_kdf() doesn't zeroize its * memory allocations yet anyway. */ if (!dst || dst >= buf + buflen) { /* Can't happen */ printf("died11 ..."); return NULL; } *dst = 0; /* NUL termination */ printf("died12 ..."); fflush(stdout); return buf; }
uint8_t * yescrypt_r(const yescrypt_shared_t * shared, yescrypt_local_t * local, const uint8_t * passwd, size_t passwdlen, const uint8_t * setting, uint8_t * buf, size_t buflen) { uint8_t hash[HASH_SIZE]; const uint8_t * src, * salt; uint8_t * dst; size_t prefixlen, saltlen, need; uint8_t version; uint64_t N; uint32_t r, p; yescrypt_flags_t flags = 0; if (setting[0] != '$' || setting[1] != '7') return NULL; src = setting + 2; switch ((version = *src)) { case '$': break; case 'X': src++; flags = YESCRYPT_RW; break; default: return NULL; } if (*src != '$') { uint32_t decoded_flags; if (decode64_one(&decoded_flags, *src)) return NULL; flags = decoded_flags; if (*++src != '$') return NULL; } src++; { uint32_t N_log2; if (decode64_one(&N_log2, *src)) return NULL; src++; N = (uint64_t)1 << N_log2; } src = decode64_uint32(&r, 30, src); if (!src) return NULL; src = decode64_uint32(&p, 30, src); if (!src) return NULL; prefixlen = src - setting; salt = src; src = (uint8_t *)strrchr((char *)salt, '$'); if (src) saltlen = src - salt; else saltlen = strlen((char *)salt); need = prefixlen + saltlen + 1 + HASH_LEN + 1; if (need > buflen || need < saltlen) return NULL; if (yescrypt_kdf(shared, local, passwd, passwdlen, salt, saltlen, N, r, p, 0, 0, flags, hash, sizeof(hash))) return NULL; dst = buf; memcpy(dst, setting, prefixlen + saltlen); dst += prefixlen + saltlen; *dst++ = '$'; dst = encode64(dst, buflen - (dst - buf), hash, sizeof(hash)); /* Could zeroize hash[] here, but yescrypt_kdf() doesn't zeroize its * memory allocations yet anyway. */ if (!dst || dst >= buf + buflen) /* Can't happen */ return NULL; *dst = 0; /* NUL termination */ return buf; }