b529253bea
This imports upstream's scrypt implementation, though it's been heavily revised. I lost track of words vs. blocks vs. bigger blocks too many times in the original code and introduced a typedef for the fixed-width Salsa20 blocks. The downside is going from bytes to blocks is a bit trickier, so I took advantage of our little-endian assumption. This also adds an missing check for N < 2^32. Upstream's code is making this assumption in Integerify. I'll send that change back upstream. I've also removed the weird edge case where a NULL out_key parameter means to validate N/r/p against max_mem and nothing else. That's just in there to get a different error code out of their PKCS#12 code. Performance-wise, the cleanup appears to be the same (up to what little precision I was able to get here), but an optimization to use bitwise AND rather than modulus makes us measurably faster. Though scrypt isn't a fast operation to begin with, so hopefully it isn't anyone's bottleneck. This CL does not route scrypt up to the PKCS#12 code, though we could write our own version of that if we need to later. BUG=chromium:731993 Change-Id: Ib2f43344017ed37b6bafd85a2c2b103d695020b8 Reviewed-on: https://boringssl-review.googlesource.com/17084 Reviewed-by: Adam Langley <agl@google.com>
39 lines
1.2 KiB
Plaintext
39 lines
1.2 KiB
Plaintext
#
|
|
# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
|
|
#
|
|
# Licensed under the OpenSSL license (the "License"). You may not use
|
|
# this file except in compliance with the License. You can obtain a copy
|
|
# in the file LICENSE in the source distribution or at
|
|
# https://www.openssl.org/source/license.html
|
|
|
|
Password = ""
|
|
Salt = ""
|
|
N = 16
|
|
r = 1
|
|
p = 1
|
|
Key = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906
|
|
|
|
Password = "password"
|
|
Salt = "NaCl"
|
|
N = 1024
|
|
r = 8
|
|
p = 16
|
|
Key = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
|
|
|
|
Password = "pleaseletmein"
|
|
Salt = "SodiumChloride"
|
|
N = 16384
|
|
r = 8
|
|
p = 1
|
|
Key = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
|
|
|
|
# NB: this test requires more than 1GB of memory to run so it is disabled by
|
|
# default. Uncomment it to run.
|
|
# Password = "pleaseletmein"
|
|
# Salt = "SodiumChloride"
|
|
# N = 1048576
|
|
# r = 8
|
|
# p = 1
|
|
# Key = 2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4
|
|
# MaxMemory = 10000000000
|