1 /* 2 * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <openssl/evp.h> 11 #include <openssl/err.h> 12 #include <openssl/kdf.h> 13 #include <openssl/core_names.h> 14 #include "internal/numbers.h" 15 16 #ifndef OPENSSL_NO_SCRYPT 17 18 /* 19 * Maximum permitted memory allow this to be overridden with Configuration 20 * option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible. 21 */ 22 23 #ifdef SCRYPT_MAX_MEM 24 # if SCRYPT_MAX_MEM == 0 25 # undef SCRYPT_MAX_MEM 26 /* 27 * Although we could theoretically allocate SIZE_MAX memory that would leave 28 * no memory available for anything else so set limit as half that. 29 */ 30 # define SCRYPT_MAX_MEM (SIZE_MAX/2) 31 # endif 32 #else 33 /* Default memory limit: 32 MB */ 34 # define SCRYPT_MAX_MEM (1024 * 1024 * 32) 35 #endif 36 37 int EVP_PBE_scrypt_ex(const char *pass, size_t passlen, 38 const unsigned char *salt, size_t saltlen, 39 uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, 40 unsigned char *key, size_t keylen, 41 OSSL_LIB_CTX *ctx, const char *propq) 42 { 43 const char *empty = ""; 44 int rv = 1; 45 EVP_KDF *kdf; 46 EVP_KDF_CTX *kctx; 47 OSSL_PARAM params[7], *z = params; 48 49 if (r > UINT32_MAX || p > UINT32_MAX) { 50 ERR_raise(ERR_LIB_EVP, EVP_R_PARAMETER_TOO_LARGE); 51 return 0; 52 } 53 54 /* Maintain existing behaviour. */ 55 if (pass == NULL) { 56 pass = empty; 57 passlen = 0; 58 } 59 if (salt == NULL) { 60 salt = (const unsigned char *)empty; 61 saltlen = 0; 62 } 63 if (maxmem == 0) 64 maxmem = SCRYPT_MAX_MEM; 65 66 /* Use OSSL_LIB_CTX_set0_default() if you need a library context */ 67 kdf = EVP_KDF_fetch(ctx, OSSL_KDF_NAME_SCRYPT, propq); 68 kctx = EVP_KDF_CTX_new(kdf); 69 EVP_KDF_free(kdf); 70 if (kctx == NULL) 71 return 0; 72 73 *z++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, 74 (unsigned char *)pass, 75 passlen); 76 *z++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, 77 (unsigned char *)salt, saltlen); 78 *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_N, &N); 79 *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_R, &r); 80 *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_P, &p); 81 *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_MAXMEM, &maxmem); 82 *z = OSSL_PARAM_construct_end(); 83 if (EVP_KDF_derive(kctx, key, keylen, params) != 1) 84 rv = 0; 85 86 EVP_KDF_CTX_free(kctx); 87 return rv; 88 } 89 90 int EVP_PBE_scrypt(const char *pass, size_t passlen, 91 const unsigned char *salt, size_t saltlen, 92 uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, 93 unsigned char *key, size_t keylen) 94 { 95 return EVP_PBE_scrypt_ex(pass, passlen, salt, saltlen, N, r, p, maxmem, 96 key, keylen, NULL, NULL); 97 } 98 99 #endif 100