diff options
Diffstat (limited to 'src/lib/crypto/s2k_ossl.cpp')
-rw-r--r-- | src/lib/crypto/s2k_ossl.cpp | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/src/lib/crypto/s2k_ossl.cpp b/src/lib/crypto/s2k_ossl.cpp new file mode 100644 index 0000000..acf1ca9 --- /dev/null +++ b/src/lib/crypto/s2k_ossl.cpp @@ -0,0 +1,97 @@ +/*- + * Copyright (c) 2021 Ribose Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <cstdint> +#include <vector> +#include <algorithm> +#include <openssl/evp.h> +#include "hash.hpp" +#include "s2k.h" +#include "mem.h" +#include "logging.h" + +int +pgp_s2k_iterated(pgp_hash_alg_t alg, + uint8_t * out, + size_t output_len, + const char * password, + const uint8_t *salt, + size_t iterations) +{ + if ((iterations > 1) && !salt) { + RNP_LOG("Iterated S2K mus be salted as well."); + return 1; + } + size_t hash_len = rnp::Hash::size(alg); + if (!hash_len) { + RNP_LOG("Unknown digest: %d", (int) alg); + return 1; + } + try { + size_t pswd_len = strlen(password); + size_t salt_len = salt ? PGP_SALT_SIZE : 0; + + rnp::secure_vector<uint8_t> data(salt_len + pswd_len); + if (salt_len) { + memcpy(data.data(), salt, PGP_SALT_SIZE); + } + memcpy(data.data() + salt_len, password, pswd_len); + size_t zeroes = 0; + + while (output_len) { + /* create hash context */ + auto hash = rnp::Hash::create(alg); + /* add leading zeroes */ + for (size_t z = 0; z < zeroes; z++) { + uint8_t zero = 0; + hash->add(&zero, 1); + } + if (!data.empty()) { + /* if iteration is 1 then still hash the whole data chunk */ + size_t left = std::max(data.size(), iterations); + while (left) { + size_t to_hash = std::min(left, data.size()); + hash->add(data.data(), to_hash); + left -= to_hash; + } + } + rnp::secure_vector<uint8_t> dgst(hash_len); + size_t out_cpy = std::min(dgst.size(), output_len); + if (hash->finish(dgst.data()) != dgst.size()) { + RNP_LOG("Unexpected digest size."); + return 1; + } + memcpy(out, dgst.data(), out_cpy); + output_len -= out_cpy; + out += out_cpy; + zeroes++; + } + return 0; + } catch (const std::exception &e) { + RNP_LOG("s2k failed: %s", e.what()); + return 1; + } +} |