8#include <botan/scrypt.h>
9#include <botan/pbkdf2.h>
10#include <botan/salsa20.h>
11#include <botan/loadstor.h>
12#include <botan/exceptn.h>
13#include <botan/internal/bit_ops.h>
14#include <botan/internal/timer.h>
26 return std::unique_ptr<PasswordHash>(
new Scrypt(32768, 8, 1));
30 std::chrono::milliseconds msec,
31 size_t max_memory_usage_mb)
const
47 const size_t max_memory_usage = max_memory_usage_mb * 1024 * 1024;
53 Timer timer(
"Scrypt");
54 const auto tune_time = BOTAN_PBKDF_TUNING_TIME;
57 uint8_t output[32] = { 0 };
58 scrypt(output,
sizeof(output),
"test", 4,
nullptr, 0, N, r, p);
67 const uint64_t measured_time = timer.
value() / timer.
events();
69 const uint64_t target_nsec = msec.count() *
static_cast<uint64_t
>(1000000);
71 uint64_t est_nsec = measured_time;
77 if(target_nsec / est_nsec >= 5)
88 if(target_nsec / est_nsec >= 2)
99 if(target_nsec / est_nsec > 2)
100 p *= std::min<size_t>(1024,
static_cast<size_t>(target_nsec / est_nsec));
102 return std::unique_ptr<PasswordHash>(
new Scrypt(N, r, p));
107 return std::unique_ptr<PasswordHash>(
new Scrypt(N, r, p));
124 return std::unique_ptr<PasswordHash>(
new Scrypt(N, r, p));
128 m_N(N), m_r(r), m_p(p)
133 if(
p == 0 ||
p > 1024)
135 if(
r == 0 ||
r > 256)
137 if(N < 1 || N > 4194304)
143 std::ostringstream oss;
144 oss <<
"Scrypt(" << m_N <<
"," << m_r <<
"," << m_p <<
")";
154 const char* password,
size_t password_len,
155 const uint8_t salt[],
size_t salt_len)
const
157 scrypt(output, output_len,
158 password, password_len,
165void scryptBlockMix(
size_t r, uint8_t* B, uint8_t*
Y)
171 for(
size_t i = 0; i != 2*r; i++)
179 for(
size_t i = 0; i < r; ++i)
181 copy_mem(&B[i*64], &
Y[(i * 2) * 64], 64);
184 for(
size_t i = 0; i < r; ++i)
186 copy_mem(&B[(i + r) * 64], &
Y[(i * 2 + 1) * 64], 64);
190void scryptROMmix(
size_t r,
size_t N, uint8_t* B, secure_vector<uint8_t>& V)
192 const size_t S = 128 * r;
194 for(
size_t i = 0; i != N; ++i)
197 scryptBlockMix(r, B, &V[N*S]);
200 for(
size_t i = 0; i != N; ++i)
205 scryptBlockMix(r, B, &V[N*S]);
211void scrypt(uint8_t output[],
size_t output_len,
212 const char* password,
size_t password_len,
213 const uint8_t salt[],
size_t salt_len,
214 size_t N,
size_t r,
size_t p)
216 const size_t S = 128 * r;
229 throw Invalid_Argument(
"Scrypt cannot accept passphrases of the provided length");
232 pbkdf2(*hmac_sha256.get(),
238 for(
size_t i = 0; i != p; ++i)
240 scryptROMmix(r, N, &B[128*r*i], V);
243 pbkdf2(*hmac_sha256.get(),
#define BOTAN_UNUSED(...)
static std::unique_ptr< MessageAuthenticationCode > create_or_throw(const std::string &algo_spec, const std::string &provider="")
static void salsa_core(uint8_t output[64], const uint32_t input[16], size_t rounds)
std::unique_ptr< PasswordHash > tune(size_t output_length, std::chrono::milliseconds msec, size_t max_memory) const override
std::unique_ptr< PasswordHash > from_params(size_t N, size_t r, size_t p) const override
std::unique_ptr< PasswordHash > from_iterations(size_t iter) const override
std::string name() const override
std::unique_ptr< PasswordHash > default_params() const override
std::string to_string() const override
size_t total_memory_usage() const override
Scrypt(size_t N, size_t r, size_t p)
void derive_key(uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len) const override
void run_until_elapsed(std::chrono::milliseconds msec, F f)
uint32_t load_le< uint32_t >(const uint8_t in[], size_t off)
size_t scrypt_memory_usage(size_t N, size_t r, size_t p)
void scrypt(uint8_t output[], size_t output_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len, size_t N, size_t r, size_t p)
size_t pbkdf2(MessageAuthenticationCode &prf, uint8_t out[], size_t out_len, const std::string &password, const uint8_t salt[], size_t salt_len, size_t iterations, std::chrono::milliseconds msec)
void copy_mem(T *out, const T *in, size_t n)
void xor_buf(uint8_t out[], const uint8_t in[], size_t length)
std::vector< T, secure_allocator< T > > secure_vector
constexpr bool is_power_of_2(T arg)
const uint8_t * cast_char_ptr_to_uint8(const char *s)