From 2140db3ac8a7f4a3907ddd1cc2a6cbe2d6a360dc Mon Sep 17 00:00:00 2001 From: Chris Oei Date: Sun, 2 Sep 2012 19:22:41 -0700 Subject: [PATCH] Remove extraneous scryptenc library and have main call genpass instead --- Makefile.in | 41 +- lib/genpass/genpass.c | 10 +- lib/genpass/genpass.h | 2 +- lib/scryptenc/scryptenc.c | 606 ------------------------------ lib/scryptenc/scryptenc.h | 112 ------ lib/scryptenc/scryptenc_cpuperf.c | 185 --------- lib/scryptenc/scryptenc_cpuperf.h | 39 -- main.c | 48 +-- 8 files changed, 29 insertions(+), 1014 deletions(-) delete mode 100644 lib/scryptenc/scryptenc.c delete mode 100644 lib/scryptenc/scryptenc.h delete mode 100644 lib/scryptenc/scryptenc_cpuperf.c delete mode 100644 lib/scryptenc/scryptenc_cpuperf.h diff --git a/Makefile.in b/Makefile.in index 2d32445..562e63b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -51,7 +51,7 @@ binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) am_scrypt_OBJECTS = scrypt-main.$(OBJEXT) scrypt-memlimit.$(OBJEXT) \ scrypt-readpass.$(OBJEXT) scrypt-warn.$(OBJEXT) \ - scrypt-scryptenc.$(OBJEXT) scrypt-scryptenc_cpuperf.$(OBJEXT) \ + scrypt-genpass.$(OBJEXT) \ scrypt-crypto_aesctr.$(OBJEXT) scrypt-sha256.$(OBJEXT) \ scrypt-crypto_scrypt-@SCRYPTVER@.$(OBJEXT) scrypt_OBJECTS = $(am_scrypt_OBJECTS) @@ -182,7 +182,7 @@ scrypt_SOURCES = main.c \ lib/crypto/sha256.c \ lib/crypto/crypto_scrypt-@SCRYPTVER@.c -scrypt_CFLAGS = -I . -I lib/util -I lib/scryptenc -I lib/crypto +scrypt_CFLAGS = -I . -I lib/util -I lib/genpass -I lib/crypto scrypt_LDADD = -lcrypto scrypt_man_MANS = scrypt.1 all: config.h @@ -278,8 +278,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scrypt-main.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scrypt-memlimit.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scrypt-readpass.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scrypt-scryptenc.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scrypt-scryptenc_cpuperf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scrypt-genpass.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scrypt-sha256.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scrypt-warn.Po@am__quote@ @@ -353,33 +352,19 @@ scrypt-warn.obj: lib/util/warn.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -c -o scrypt-warn.obj `if test -f 'lib/util/warn.c'; then $(CYGPATH_W) 'lib/util/warn.c'; else $(CYGPATH_W) '$(srcdir)/lib/util/warn.c'; fi` -scrypt-scryptenc.o: lib/scryptenc/scryptenc.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -MT scrypt-scryptenc.o -MD -MP -MF $(DEPDIR)/scrypt-scryptenc.Tpo -c -o scrypt-scryptenc.o `test -f 'lib/scryptenc/scryptenc.c' || echo '$(srcdir)/'`lib/scryptenc/scryptenc.c -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/scrypt-scryptenc.Tpo $(DEPDIR)/scrypt-scryptenc.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/scryptenc/scryptenc.c' object='scrypt-scryptenc.o' libtool=no @AMDEPBACKSLASH@ +scrypt-genpass.o: lib/genpass/genpass.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -MT scrypt-genpass.o -MD -MP -MF $(DEPDIR)/scrypt-genpass.Tpo -c -o scrypt-genpass.o `test -f 'lib/genpass/genpass.c' || echo '$(srcdir)/'`lib/genpass/genpass.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/scrypt-genpass.Tpo $(DEPDIR)/scrypt-genpass.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/genpass/genpass.c' object='scrypt-genpass.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -c -o scrypt-scryptenc.o `test -f 'lib/scryptenc/scryptenc.c' || echo '$(srcdir)/'`lib/scryptenc/scryptenc.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -c -o scrypt-genpass.o `test -f 'lib/genpass/genpass.c' || echo '$(srcdir)/'`lib/genpass/genpass.c -scrypt-scryptenc.obj: lib/scryptenc/scryptenc.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -MT scrypt-scryptenc.obj -MD -MP -MF $(DEPDIR)/scrypt-scryptenc.Tpo -c -o scrypt-scryptenc.obj `if test -f 'lib/scryptenc/scryptenc.c'; then $(CYGPATH_W) 'lib/scryptenc/scryptenc.c'; else $(CYGPATH_W) '$(srcdir)/lib/scryptenc/scryptenc.c'; fi` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/scrypt-scryptenc.Tpo $(DEPDIR)/scrypt-scryptenc.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/scryptenc/scryptenc.c' object='scrypt-scryptenc.obj' libtool=no @AMDEPBACKSLASH@ +scrypt-genpass.obj: lib/genpass/genpass.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -MT scrypt-genpass.obj -MD -MP -MF $(DEPDIR)/scrypt-genpass.Tpo -c -o scrypt-genpass.obj `if test -f 'lib/genpass/genpass.c'; then $(CYGPATH_W) 'lib/genpass/genpass.c'; else $(CYGPATH_W) '$(srcdir)/lib/genpass/genpass.c'; fi` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/scrypt-genpass.Tpo $(DEPDIR)/scrypt-genpass.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/genpass/genpass.c' object='scrypt-genpass.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -c -o scrypt-scryptenc.obj `if test -f 'lib/scryptenc/scryptenc.c'; then $(CYGPATH_W) 'lib/scryptenc/scryptenc.c'; else $(CYGPATH_W) '$(srcdir)/lib/scryptenc/scryptenc.c'; fi` - -scrypt-scryptenc_cpuperf.o: lib/scryptenc/scryptenc_cpuperf.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -MT scrypt-scryptenc_cpuperf.o -MD -MP -MF $(DEPDIR)/scrypt-scryptenc_cpuperf.Tpo -c -o scrypt-scryptenc_cpuperf.o `test -f 'lib/scryptenc/scryptenc_cpuperf.c' || echo '$(srcdir)/'`lib/scryptenc/scryptenc_cpuperf.c -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/scrypt-scryptenc_cpuperf.Tpo $(DEPDIR)/scrypt-scryptenc_cpuperf.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/scryptenc/scryptenc_cpuperf.c' object='scrypt-scryptenc_cpuperf.o' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -c -o scrypt-scryptenc_cpuperf.o `test -f 'lib/scryptenc/scryptenc_cpuperf.c' || echo '$(srcdir)/'`lib/scryptenc/scryptenc_cpuperf.c - -scrypt-scryptenc_cpuperf.obj: lib/scryptenc/scryptenc_cpuperf.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -MT scrypt-scryptenc_cpuperf.obj -MD -MP -MF $(DEPDIR)/scrypt-scryptenc_cpuperf.Tpo -c -o scrypt-scryptenc_cpuperf.obj `if test -f 'lib/scryptenc/scryptenc_cpuperf.c'; then $(CYGPATH_W) 'lib/scryptenc/scryptenc_cpuperf.c'; else $(CYGPATH_W) '$(srcdir)/lib/scryptenc/scryptenc_cpuperf.c'; fi` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/scrypt-scryptenc_cpuperf.Tpo $(DEPDIR)/scrypt-scryptenc_cpuperf.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/scryptenc/scryptenc_cpuperf.c' object='scrypt-scryptenc_cpuperf.obj' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -c -o scrypt-scryptenc_cpuperf.obj `if test -f 'lib/scryptenc/scryptenc_cpuperf.c'; then $(CYGPATH_W) 'lib/scryptenc/scryptenc_cpuperf.c'; else $(CYGPATH_W) '$(srcdir)/lib/scryptenc/scryptenc_cpuperf.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -c -o scrypt-genpass.obj `if test -f 'lib/genpass/genpass.c'; then $(CYGPATH_W) 'lib/genpass/genpass.c'; else $(CYGPATH_W) '$(srcdir)/lib/genpass/genpass.c'; fi` scrypt-crypto_aesctr.o: lib/crypto/crypto_aesctr.c @am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(scrypt_CFLAGS) $(CFLAGS) -MT scrypt-crypto_aesctr.o -MD -MP -MF $(DEPDIR)/scrypt-crypto_aesctr.Tpo -c -o scrypt-crypto_aesctr.o `test -f 'lib/crypto/crypto_aesctr.c' || echo '$(srcdir)/'`lib/crypto/crypto_aesctr.c diff --git a/lib/genpass/genpass.c b/lib/genpass/genpass.c index f032a2f..9fc8677 100644 --- a/lib/genpass/genpass.c +++ b/lib/genpass/genpass.c @@ -40,11 +40,10 @@ #include "crypto_aesctr.h" #include "crypto_scrypt.h" #include "memlimit.h" -#include "scryptenc_cpuperf.h" #include "sha256.h" #include "sysendian.h" -#include "scryptenc.h" +#include "genpass.h" #define ENCBLOCK 65536 @@ -67,9 +66,8 @@ pickparams(size_t maxmem, double maxmemfrac, double maxtime, if (memtouse(maxmem, maxmemfrac, &memlimit)) return (1); - /* Figure out how fast the CPU is. */ - if ((rc = scryptenc_cpuperf(&opps)) != 0) - return (rc); + opps = 1; /* FIXIT: don't attempt to calculate CPU speed since + we want the same result on any computer. */ opslimit = opps * maxtime; /* Allow a minimum of 2^15 salsa20/8 cores. */ @@ -198,7 +196,7 @@ err0: return (4); } -static int +int genpass(uint8_t dk[64], const uint8_t * passwd, size_t passwdlen, size_t maxmem, double maxmemfrac, double maxtime) diff --git a/lib/genpass/genpass.h b/lib/genpass/genpass.h index 05263d5..dfda41b 100644 --- a/lib/genpass/genpass.h +++ b/lib/genpass/genpass.h @@ -72,7 +72,7 @@ * 13 error reading input file */ -int genpass(uint8_t header[96], uint8_t dk[64], +int genpass(uint8_t dk[64], const uint8_t * passwd, size_t passwdlen, size_t maxmem, double maxmemfrac, double maxtime); diff --git a/lib/scryptenc/scryptenc.c b/lib/scryptenc/scryptenc.c deleted file mode 100644 index 3b7fd0f..0000000 --- a/lib/scryptenc/scryptenc.c +++ /dev/null @@ -1,606 +0,0 @@ -/*- - * Copyright 2009 Colin Percival - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * This file was originally written by Colin Percival as part of the Tarsnap - * online backup system. - */ -#include "scrypt_platform.h" - -#include -#include -#include -#include -#include -#include - -#include - -#include "crypto_aesctr.h" -#include "crypto_scrypt.h" -#include "memlimit.h" -#include "scryptenc_cpuperf.h" -#include "sha256.h" -#include "sysendian.h" - -#include "scryptenc.h" - -#define ENCBLOCK 65536 - -static int pickparams(size_t, double, double, - int *, uint32_t *, uint32_t *); -static int checkparams(size_t, double, double, int, uint32_t, uint32_t); -static int getsalt(uint8_t[32]); - -static int -pickparams(size_t maxmem, double maxmemfrac, double maxtime, - int * logN, uint32_t * r, uint32_t * p) -{ - size_t memlimit; - double opps; - double opslimit; - double maxN, maxrp; - int rc; - - /* Figure out how much memory to use. */ - if (memtouse(maxmem, maxmemfrac, &memlimit)) - return (1); - - /* Figure out how fast the CPU is. */ - if ((rc = scryptenc_cpuperf(&opps)) != 0) - return (rc); - opslimit = opps * maxtime; - - /* Allow a minimum of 2^15 salsa20/8 cores. */ - if (opslimit < 32768) - opslimit = 32768; - - /* Fix r = 8 for now. */ - *r = 8; - - /* - * The memory limit requires that 128Nr <= memlimit, while the CPU - * limit requires that 4Nrp <= opslimit. If opslimit < memlimit/32, - * opslimit imposes the stronger limit on N. - */ -#ifdef DEBUG - fprintf(stderr, "Requiring 128Nr <= %zu, 4Nrp <= %f\n", - memlimit, opslimit); -#endif - if (opslimit < memlimit/32) { - /* Set p = 1 and choose N based on the CPU limit. */ - *p = 1; - maxN = opslimit / (*r * 4); - for (*logN = 1; *logN < 63; *logN += 1) { - if ((uint64_t)(1) << *logN > maxN / 2) - break; - } - } else { - /* Set N based on the memory limit. */ - maxN = memlimit / (*r * 128); - for (*logN = 1; *logN < 63; *logN += 1) { - if ((uint64_t)(1) << *logN > maxN / 2) - break; - } - - /* Choose p based on the CPU limit. */ - maxrp = (opslimit / 4) / ((uint64_t)(1) << *logN); - if (maxrp > 0x3fffffff) - maxrp = 0x3fffffff; - *p = (uint32_t)(maxrp) / *r; - } - -#ifdef DEBUG - fprintf(stderr, "N = %zu r = %d p = %d\n", - (size_t)(1) << *logN, (int)(*r), (int)(*p)); -#endif - - /* Success! */ - return (0); -} - -static int -checkparams(size_t maxmem, double maxmemfrac, double maxtime, - int logN, uint32_t r, uint32_t p) -{ - size_t memlimit; - double opps; - double opslimit; - uint64_t N; - int rc; - - /* Figure out the maximum amount of memory we can use. */ - if (memtouse(maxmem, maxmemfrac, &memlimit)) - return (1); - - /* Figure out how fast the CPU is. */ - if ((rc = scryptenc_cpuperf(&opps)) != 0) - return (rc); - opslimit = opps * maxtime; - - /* Sanity-check values. */ - if ((logN < 1) || (logN > 63)) - return (7); - if ((uint64_t)(r) * (uint64_t)(p) >= 0x40000000) - return (7); - - /* Check limits. */ - N = (uint64_t)(1) << logN; - if ((memlimit / N) / r < 128) - return (9); - if ((opslimit / N) / (r * p) < 4) - return (10); - - /* Success! */ - return (0); -} - -static int -getsalt(uint8_t salt[32]) -{ - int fd; - ssize_t lenread; - uint8_t * buf = salt; - size_t buflen = 32; - - /* Open /dev/urandom. */ - if ((fd = open("/dev/urandom", O_RDONLY)) == -1) - goto err0; - - /* Read bytes until we have filled the buffer. */ - while (buflen > 0) { - if ((lenread = read(fd, buf, buflen)) == -1) - goto err1; - - /* The random device should never EOF. */ - if (lenread == 0) - goto err1; - - /* We're partly done. */ - buf += lenread; - buflen -= lenread; - } - - /* Close the device. */ - while (close(fd) == -1) { - if (errno != EINTR) - goto err0; - } - - /* Success! */ - return (0); - -err1: - close(fd); -err0: - /* Failure! */ - return (4); -} - -static int -scryptenc_setup(uint8_t header[96], uint8_t dk[64], - const uint8_t * passwd, size_t passwdlen, - size_t maxmem, double maxmemfrac, double maxtime) -{ - uint8_t salt[32]; - uint8_t hbuf[32]; - int logN; - uint64_t N; - uint32_t r; - uint32_t p; - SHA256_CTX ctx; - uint8_t * key_hmac = &dk[32]; - HMAC_SHA256_CTX hctx; - int rc; - - /* Pick values for N, r, p. */ - if ((rc = pickparams(maxmem, maxmemfrac, maxtime, - &logN, &r, &p)) != 0) - return (rc); - N = (uint64_t)(1) << logN; - - /* Get some salt. */ - if ((rc = getsalt(salt)) != 0) - return (rc); - - /* Generate the derived keys. */ - if (crypto_scrypt(passwd, passwdlen, salt, 32, N, r, p, dk, 64)) - return (3); - - /* Construct the file header. */ - memcpy(header, "scrypt", 6); - header[6] = 0; - header[7] = logN; - be32enc(&header[8], r); - be32enc(&header[12], p); - memcpy(&header[16], salt, 32); - - /* Add header checksum. */ - SHA256_Init(&ctx); - SHA256_Update(&ctx, header, 48); - SHA256_Final(hbuf, &ctx); - memcpy(&header[48], hbuf, 16); - - /* Add header signature (used for verifying password). */ - HMAC_SHA256_Init(&hctx, key_hmac, 32); - HMAC_SHA256_Update(&hctx, header, 64); - HMAC_SHA256_Final(hbuf, &hctx); - memcpy(&header[64], hbuf, 32); - - /* Success! */ - return (0); -} - -static int -scryptdec_setup(const uint8_t header[96], uint8_t dk[64], - const uint8_t * passwd, size_t passwdlen, - size_t maxmem, double maxmemfrac, double maxtime) -{ - uint8_t salt[32]; - uint8_t hbuf[32]; - int logN; - uint32_t r; - uint32_t p; - uint64_t N; - SHA256_CTX ctx; - uint8_t * key_hmac = &dk[32]; - HMAC_SHA256_CTX hctx; - int rc; - - /* Parse N, r, p, salt. */ - logN = header[7]; - r = be32dec(&header[8]); - p = be32dec(&header[12]); - memcpy(salt, &header[16], 32); - - /* Verify header checksum. */ - SHA256_Init(&ctx); - SHA256_Update(&ctx, header, 48); - SHA256_Final(hbuf, &ctx); - if (memcmp(&header[48], hbuf, 16)) - return (7); - - /* - * Check whether the provided parameters are valid and whether the - * key derivation function can be computed within the allowed memory - * and CPU time. - */ - if ((rc = checkparams(maxmem, maxmemfrac, maxtime, logN, r, p)) != 0) - return (rc); - - /* Compute the derived keys. */ - N = (uint64_t)(1) << logN; - if (crypto_scrypt(passwd, passwdlen, salt, 32, N, r, p, dk, 64)) - return (3); - - /* Check header signature (i.e., verify password). */ - HMAC_SHA256_Init(&hctx, key_hmac, 32); - HMAC_SHA256_Update(&hctx, header, 64); - HMAC_SHA256_Final(hbuf, &hctx); - if (memcmp(hbuf, &header[64], 32)) - return (11); - - /* Success! */ - return (0); -} - -/** - * scryptenc_buf(inbuf, inbuflen, outbuf, passwd, passwdlen, - * maxmem, maxmemfrac, maxtime): - * Encrypt inbuflen bytes from inbuf, writing the resulting inbuflen + 128 - * bytes to outbuf. - */ -int -scryptenc_buf(const uint8_t * inbuf, size_t inbuflen, uint8_t * outbuf, - const uint8_t * passwd, size_t passwdlen, - size_t maxmem, double maxmemfrac, double maxtime) -{ - uint8_t dk[64]; - uint8_t hbuf[32]; - uint8_t header[96]; - uint8_t * key_enc = dk; - uint8_t * key_hmac = &dk[32]; - int rc; - HMAC_SHA256_CTX hctx; - AES_KEY key_enc_exp; - struct crypto_aesctr * AES; - - /* Generate the header and derived key. */ - if ((rc = scryptenc_setup(header, dk, passwd, passwdlen, - maxmem, maxmemfrac, maxtime)) != 0) - return (rc); - - /* Copy header into output buffer. */ - memcpy(outbuf, header, 96); - - /* Encrypt data. */ - if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) - return (5); - if ((AES = crypto_aesctr_init(&key_enc_exp, 0)) == NULL) - return (6); - crypto_aesctr_stream(AES, inbuf, &outbuf[96], inbuflen); - crypto_aesctr_free(AES); - - /* Add signature. */ - HMAC_SHA256_Init(&hctx, key_hmac, 32); - HMAC_SHA256_Update(&hctx, outbuf, 96 + inbuflen); - HMAC_SHA256_Final(hbuf, &hctx); - memcpy(&outbuf[96 + inbuflen], hbuf, 32); - - /* Zero sensitive data. */ - memset(dk, 0, 64); - memset(&key_enc_exp, 0, sizeof(AES_KEY)); - - /* Success! */ - return (0); -} - -/** - * scryptdec_buf(inbuf, inbuflen, outbuf, outlen, passwd, passwdlen, - * maxmem, maxmemfrac, maxtime): - * Decrypt inbuflen bytes fro inbuf, writing the result into outbuf and the - * decrypted data length to outlen. The allocated length of outbuf must - * be at least inbuflen. - */ -int -scryptdec_buf(const uint8_t * inbuf, size_t inbuflen, uint8_t * outbuf, - size_t * outlen, const uint8_t * passwd, size_t passwdlen, - size_t maxmem, double maxmemfrac, double maxtime) -{ - uint8_t hbuf[32]; - uint8_t dk[64]; - uint8_t * key_enc = dk; - uint8_t * key_hmac = &dk[32]; - int rc; - HMAC_SHA256_CTX hctx; - AES_KEY key_enc_exp; - struct crypto_aesctr * AES; - - /* - * All versions of the scrypt format will start with "scrypt" and - * have at least 7 bytes of header. - */ - if ((inbuflen < 7) || (memcmp(inbuf, "scrypt", 6) != 0)) - return (7); - - /* Check the format. */ - if (inbuf[6] != 0) - return (8); - - /* We must have at least 128 bytes. */ - if (inbuflen < 128) - return (7); - - /* Parse the header and generate derived keys. */ - if ((rc = scryptdec_setup(inbuf, dk, passwd, passwdlen, - maxmem, maxmemfrac, maxtime)) != 0) - return (rc); - - /* Decrypt data. */ - if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) - return (5); - if ((AES = crypto_aesctr_init(&key_enc_exp, 0)) == NULL) - return (6); - crypto_aesctr_stream(AES, &inbuf[96], outbuf, inbuflen - 128); - crypto_aesctr_free(AES); - *outlen = inbuflen - 128; - - /* Verify signature. */ - HMAC_SHA256_Init(&hctx, key_hmac, 32); - HMAC_SHA256_Update(&hctx, inbuf, inbuflen - 32); - HMAC_SHA256_Final(hbuf, &hctx); - if (memcmp(hbuf, &inbuf[inbuflen - 32], 32)) - return (7); - - /* Zero sensitive data. */ - memset(dk, 0, 64); - memset(&key_enc_exp, 0, sizeof(AES_KEY)); - - /* Success! */ - return (0); -} - -/** - * scryptenc_file(infile, outfile, passwd, passwdlen, - * maxmem, maxmemfrac, maxtime): - * Read a stream from infile and encrypt it, writing the resulting stream to - * outfile. - */ -int -scryptenc_file(FILE * infile, FILE * outfile, - const uint8_t * passwd, size_t passwdlen, - size_t maxmem, double maxmemfrac, double maxtime) -{ - uint8_t buf[ENCBLOCK]; - uint8_t dk[64]; - uint8_t hbuf[32]; - uint8_t header[96]; - uint8_t * key_enc = dk; - uint8_t * key_hmac = &dk[32]; - size_t readlen; - HMAC_SHA256_CTX hctx; - AES_KEY key_enc_exp; - struct crypto_aesctr * AES; - int rc; - - /* Generate the header and derived key. */ - if ((rc = scryptenc_setup(header, dk, passwd, passwdlen, - maxmem, maxmemfrac, maxtime)) != 0) - return (rc); - - /* Hash and write the header. */ - HMAC_SHA256_Init(&hctx, key_hmac, 32); - HMAC_SHA256_Update(&hctx, header, 96); - if (fwrite(header, 96, 1, outfile) != 1) - return (12); - - /* - * Read blocks of data, encrypt them, and write them out; hash the - * data as it is produced. - */ - if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) - return (5); - if ((AES = crypto_aesctr_init(&key_enc_exp, 0)) == NULL) - return (6); - do { - if ((readlen = fread(buf, 1, ENCBLOCK, infile)) == 0) - break; - crypto_aesctr_stream(AES, buf, buf, readlen); - HMAC_SHA256_Update(&hctx, buf, readlen); - if (fwrite(buf, 1, readlen, outfile) < readlen) - return (12); - } while (1); - crypto_aesctr_free(AES); - - /* Did we exit the loop due to a read error? */ - if (ferror(infile)) - return (13); - - /* Compute the final HMAC and output it. */ - HMAC_SHA256_Final(hbuf, &hctx); - if (fwrite(hbuf, 32, 1, outfile) != 1) - return (12); - - /* Zero sensitive data. */ - memset(dk, 0, 64); - memset(&key_enc_exp, 0, sizeof(AES_KEY)); - - /* Success! */ - return (0); -} - -/** - * scryptdec_file(infile, outfile, passwd, passwdlen, - * maxmem, maxmemfrac, maxtime): - * Read a stream from infile and decrypt it, writing the resulting stream to - * outfile. - */ -int -scryptdec_file(FILE * infile, FILE * outfile, - const uint8_t * passwd, size_t passwdlen, - size_t maxmem, double maxmemfrac, double maxtime) -{ - uint8_t buf[ENCBLOCK + 32]; - uint8_t header[96]; - uint8_t hbuf[32]; - uint8_t dk[64]; - uint8_t * key_enc = dk; - uint8_t * key_hmac = &dk[32]; - size_t buflen = 0; - size_t readlen; - HMAC_SHA256_CTX hctx; - AES_KEY key_enc_exp; - struct crypto_aesctr * AES; - int rc; - - /* - * Read the first 7 bytes of the file; all future version of scrypt - * are guaranteed to have at least 7 bytes of header. - */ - if (fread(header, 7, 1, infile) < 1) { - if (ferror(infile)) - return (13); - else - return (7); - } - - /* Do we have the right magic? */ - if (memcmp(header, "scrypt", 6)) - return (7); - if (header[6] != 0) - return (8); - - /* - * Read another 89 bytes of the file; version 0 of the srypt file - * format has a 96-byte header. - */ - if (fread(&header[7], 89, 1, infile) < 1) { - if (ferror(infile)) - return (13); - else - return (7); - } - - /* Parse the header and generate derived keys. */ - if ((rc = scryptdec_setup(header, dk, passwd, passwdlen, - maxmem, maxmemfrac, maxtime)) != 0) - return (rc); - - /* Start hashing with the header. */ - HMAC_SHA256_Init(&hctx, key_hmac, 32); - HMAC_SHA256_Update(&hctx, header, 96); - - /* - * We don't know how long the encrypted data block is (we can't know, - * since data can be streamed into 'scrypt enc') so we need to read - * data and decrypt all of it except the final 32 bytes, then check - * if that final 32 bytes is the correct signature. - */ - if (AES_set_encrypt_key(key_enc, 256, &key_enc_exp)) - return (5); - if ((AES = crypto_aesctr_init(&key_enc_exp, 0)) == NULL) - return (6); - do { - /* Read data until we have more than 32 bytes of it. */ - if ((readlen = fread(&buf[buflen], 1, - ENCBLOCK + 32 - buflen, infile)) == 0) - break; - buflen += readlen; - if (buflen <= 32) - continue; - - /* - * Decrypt, hash, and output everything except the last 32 - * bytes out of what we have in our buffer. - */ - HMAC_SHA256_Update(&hctx, buf, buflen - 32); - crypto_aesctr_stream(AES, buf, buf, buflen - 32); - if (fwrite(buf, 1, buflen - 32, outfile) < buflen - 32) - return (12); - - /* Move the last 32 bytes to the start of the buffer. */ - memmove(buf, &buf[buflen - 32], 32); - buflen = 32; - } while (1); - crypto_aesctr_free(AES); - - /* Did we exit the loop due to a read error? */ - if (ferror(infile)) - return (13); - - /* Did we read enough data that we *might* have a valid signature? */ - if (buflen < 32) - return (7); - - /* Verify signature. */ - HMAC_SHA256_Final(hbuf, &hctx); - if (memcmp(hbuf, buf, 32)) - return (7); - - /* Zero sensitive data. */ - memset(dk, 0, 64); - memset(&key_enc_exp, 0, sizeof(AES_KEY)); - - return (0); -} diff --git a/lib/scryptenc/scryptenc.h b/lib/scryptenc/scryptenc.h deleted file mode 100644 index 7dc3dd3..0000000 --- a/lib/scryptenc/scryptenc.h +++ /dev/null @@ -1,112 +0,0 @@ -/*- - * Copyright 2009 Colin Percival - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * This file was originally written by Colin Percival as part of the Tarsnap - * online backup system. - */ -#ifndef _SCRYPTENC_H_ -#define _SCRYPTENC_H_ - -#include -#include - -/** - * The parameters maxmem, maxmemfrac, and maxtime used by all of these - * functions are defined as follows: - * maxmem - maximum number of bytes of storage to use for V array (which is - * by far the largest consumer of memory). If this value is set to 0, no - * maximum will be enforced; any other value less than 1 MiB will be - * treated as 1 MiB. - * maxmemfrac - maximum fraction of available storage to use for the V array, - * where "available storage" is defined as the minimum out of the - * RLIMIT_AS, RLIMIT_DATA. and RLIMIT_RSS resource limits (if any are - * set). If this value is set to 0 or more than 0.5 it will be treated - * as 0.5; and this value will never cause a limit of less than 1 MiB to - * be enforced. - * maxtime - maximum amount of CPU time to spend computing the derived keys, - * in seconds. This limit is only approximately enforced; the CPU - * performance is estimated and parameter limits are chosen accordingly. - * For the encryption functions, the parameters to the scrypt key derivation - * function are chosen to make the key as strong as possible subject to the - * specified limits; for the decryption functions, the parameters used are - * compared to the computed limits and an error is returned if decrypting - * the data would take too much memory or CPU time. - */ -/** - * Return codes from scrypt(enc|dec)_(buf|file): - * 0 success - * 1 getrlimit or sysctl(hw.usermem) failed - * 2 clock_getres or clock_gettime failed - * 3 error computing derived key - * 4 could not read salt from /dev/urandom - * 5 error in OpenSSL - * 6 malloc failed - * 7 data is not a valid scrypt-encrypted block - * 8 unrecognized scrypt format - * 9 decrypting file would take too much memory - * 10 decrypting file would take too long - * 11 password is incorrect - * 12 error writing output file - * 13 error reading input file - */ - -/** - * scryptenc_buf(inbuf, inbuflen, outbuf, passwd, passwdlen, - * maxmem, maxmemfrac, maxtime): - * Encrypt inbuflen bytes from inbuf, writing the resulting inbuflen + 128 - * bytes to outbuf. - */ -int scryptenc_buf(const uint8_t *, size_t, uint8_t *, - const uint8_t *, size_t, size_t, double, double); - -/** - * scryptdec_buf(inbuf, inbuflen, outbuf, outlen, passwd, passwdlen, - * maxmem, maxmemfrac, maxtime): - * Decrypt inbuflen bytes from inbuf, writing the result into outbuf and the - * decrypted data length to outlen. The allocated length of outbuf must - * be at least inbuflen. - */ -int scryptdec_buf(const uint8_t *, size_t, uint8_t *, size_t *, - const uint8_t *, size_t, size_t, double, double); - -/** - * scryptenc_file(infile, outfile, passwd, passwdlen, - * maxmem, maxmemfrac, maxtime): - * Read a stream from infile and encrypt it, writing the resulting stream to - * outfile. - */ -int scryptenc_file(FILE *, FILE *, const uint8_t *, size_t, - size_t, double, double); - -/** - * scryptdec_file(infile, outfile, passwd, passwdlen, - * maxmem, maxmemfrac, maxtime): - * Read a stream from infile and decrypt it, writing the resulting stream to - * outfile. - */ -int scryptdec_file(FILE *, FILE *, const uint8_t *, size_t, - size_t, double, double); - -#endif /* !_SCRYPTENC_H_ */ diff --git a/lib/scryptenc/scryptenc_cpuperf.c b/lib/scryptenc/scryptenc_cpuperf.c deleted file mode 100644 index aa2d503..0000000 --- a/lib/scryptenc/scryptenc_cpuperf.c +++ /dev/null @@ -1,185 +0,0 @@ -/*- - * Copyright 2009 Colin Percival - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * This file was originally written by Colin Percival as part of the Tarsnap - * online backup system. - */ -#include "scrypt_platform.h" - -#include - -#include -#include -#include - -#include "crypto_scrypt.h" - -#include "scryptenc_cpuperf.h" - -#ifdef HAVE_CLOCK_GETTIME - -static clock_t clocktouse; - -static int -getclockres(double * resd) -{ - struct timespec res; - - /* - * Try clocks in order of preference until we find one which works. - * (We assume that if clock_getres works, clock_gettime will, too.) - * The use of if/else/if/else/if/else rather than if/elif/elif/else - * is ugly but legal, and allows us to #ifdef things appropriately. - */ -#ifdef CLOCK_VIRTUAL - if (clock_getres(CLOCK_VIRTUAL, &res) == 0) - clocktouse = CLOCK_VIRTUAL; - else -#endif -#ifdef CLOCK_MONOTONIC - if (clock_getres(CLOCK_MONOTONIC, &res) == 0) - clocktouse = CLOCK_MONOTONIC; - else -#endif - if (clock_getres(CLOCK_REALTIME, &res) == 0) - clocktouse = CLOCK_REALTIME; - else - return (-1); - - /* Convert clock resolution to a double. */ - *resd = res.tv_sec + res.tv_nsec * 0.000000001; - - return (0); -} - -static int -getclocktime(struct timespec * ts) -{ - - if (clock_gettime(clocktouse, ts)) - return (-1); - - return (0); -} - -#else -static int -getclockres(double * resd) -{ - - *resd = 1.0 / CLOCKS_PER_SEC; - - return (0); -} - -static int -getclocktime(struct timespec * ts) -{ - struct timeval tv; - - if (gettimeofday(&tv, NULL)) - return (-1); - ts->tv_sec = tv.tv_sec; - ts->tv_nsec = tv.tv_usec * 1000; - - return (0); -} -#endif - -static int -getclockdiff(struct timespec * st, double * diffd) -{ - struct timespec en; - - if (getclocktime(&en)) - return (1); - *diffd = (en.tv_nsec - st->tv_nsec) * 0.000000001 + - (en.tv_sec - st->tv_sec); - - return (0); -} - -/** - * scryptenc_cpuperf(opps): - * Estimate the number of salsa20/8 cores which can be executed per second, - * and return the value via opps. - */ -int -scryptenc_cpuperf(double * opps) -{ - struct timespec st; - double resd, diffd; - uint64_t i = 0; - - /* Get the clock resolution. */ - if (getclockres(&resd)) - return (2); - -#ifdef DEBUG - fprintf(stderr, "Clock resolution is %f\n", resd); -#endif - - /* Loop until the clock ticks. */ - if (getclocktime(&st)) - return (2); - do { - /* Do an scrypt. */ - if (crypto_scrypt(NULL, 0, NULL, 0, 16, 1, 1, NULL, 0)) - return (3); - - /* Has the clock ticked? */ - if (getclockdiff(&st, &diffd)) - return (2); - if (diffd > 0) - break; - } while (1); - - /* Could how many scryps we can do before the next tick. */ - if (getclocktime(&st)) - return (2); - do { - /* Do an scrypt. */ - if (crypto_scrypt(NULL, 0, NULL, 0, 128, 1, 1, NULL, 0)) - return (3); - - /* We invoked the salsa20/8 core 512 times. */ - i += 512; - - /* Check if we have looped for long enough. */ - if (getclockdiff(&st, &diffd)) - return (2); - if (diffd > resd) - break; - } while (1); - -#ifdef DEBUG - fprintf(stderr, "%ju salsa20/8 cores performed in %f seconds\n", - (uintmax_t)i, diffd); -#endif - - /* We can do approximately i salsa20/8 cores per diffd seconds. */ - *opps = i / diffd; - return (0); -} diff --git a/lib/scryptenc/scryptenc_cpuperf.h b/lib/scryptenc/scryptenc_cpuperf.h deleted file mode 100644 index e236fff..0000000 --- a/lib/scryptenc/scryptenc_cpuperf.h +++ /dev/null @@ -1,39 +0,0 @@ -/*- - * Copyright 2009 Colin Percival - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * This file was originally written by Colin Percival as part of the Tarsnap - * online backup system. - */ -#ifndef _SCRYPTENC_CPUPERF_H_ -#define _SCRYPTENC_CPUPERF_H_ - -/** - * scryptenc_cpuperf(opps): - * Estimate the number of salsa20/8 cores which can be executed per second, - * and return the value via opps. - */ -int scryptenc_cpuperf(double *); - -#endif /* !_SCRYPTENC_CPUPERF_H_ */ diff --git a/main.c b/main.c index 3c6dcc1..12330fe 100644 --- a/main.c +++ b/main.c @@ -33,7 +33,7 @@ #include #include "readpass.h" -#include "scryptenc.h" +#include "genpass.h" #include "warn.h" static void @@ -41,7 +41,7 @@ usage(void) { fprintf(stderr, - "usage: scrypt-genpass \n"); + "usage: scrypt-genpass \n"); exit(1); } @@ -62,19 +62,11 @@ main(int argc, char *argv[]) warn_progname = "scrypt"; #endif - /* We should have "enc" or "dec" first. */ - if (argc < 2) + if (argc < 1) usage(); - if (strcmp(argv[1], "enc") == 0) { - maxmem = 0; - maxmemfrac = 0.125; - maxtime = 5.0; - } else if (strcmp(argv[1], "dec") == 0) { - dec = 1; - } else - usage(); - argc--; - argv++; + maxmem = 0; + maxmemfrac = 0.125; + maxtime = 5.0; /* Parse arguments. */ while ((ch = getopt(argc, argv, "hm:M:t:")) != -1) { @@ -95,36 +87,18 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; - /* We must have one or two parameters left. */ - if ((argc < 1) || (argc > 2)) + /* We must have one parameters left. */ + if (argc != 1) usage(); - /* Open the input file. */ - if ((infile = fopen(argv[0], "r")) == NULL) { - warn("Cannot open input file: %s", argv[0]); - exit(1); - } - - /* If we have an output file, open it. */ - if (argc > 1) { - if ((outfile = fopen(argv[1], "w")) == NULL) { - warn("Cannot open output file: %s", argv[1]); - exit(1); - } - } - /* Prompt for a password. */ if (tarsnap_readpass(&passwd, "Please enter passphrase", dec ? NULL : "Please confirm passphrase", 1)) exit(1); - /* Encrypt or decrypt. */ - if (dec) - rc = scryptdec_file(infile, outfile, (uint8_t *)passwd, - strlen(passwd), maxmem, maxmemfrac, maxtime); - else - rc = scryptenc_file(infile, outfile, (uint8_t *)passwd, - strlen(passwd), maxmem, maxmemfrac, maxtime); + uint8_t dk[64]; + rc = genpass(dk, (uint8_t *)passwd, + strlen(passwd), maxmem, maxmemfrac, maxtime); /* Zero and free the password. */ memset(passwd, 0, strlen(passwd));