forked from lastpass/lastpass-cli
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpbkdf2.c
106 lines (91 loc) · 3 KB
/
pbkdf2.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
/*
* Copyright (c) 2014-2016 Thomas Hurst.
* Copyright (c) 2016-2018 LastPass.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
#include "pbkdf2.h"
#include <string.h>
#include <openssl/hmac.h>
#ifndef min
#define min(a, b) (((a) < (b)) ? (a) : (b))
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
#define ERR_IFZERO(x) if (!(x)) goto err
#define ERR_LABEL err:
#else
#define ERR_IFZERO(x) (x)
#define ERR_LABEL
#endif
int fallback_pkcs5_pbkdf2_hmac(const char *pass, size_t pass_len,
const unsigned char *salt, size_t salt_len, unsigned int iterations,
const EVP_MD *digest, size_t key_len, unsigned char *output)
{
HMAC_CTX *ctx;
unsigned char *out = output;
unsigned int iter = 1, count = 1;
unsigned int cp_len, i, ret = 0;
unsigned int key_left = key_len;
unsigned int md_len = EVP_MD_size(digest);
if (md_len == 0)
return 0;
unsigned char tmp_md[md_len];
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
HMAC_CTX real_ctx;
ctx = &real_ctx;
HMAC_CTX_init(ctx);
#else
ctx = HMAC_CTX_new();
if (!ctx)
return 0;
#endif
ERR_IFZERO(HMAC_Init_ex(ctx, pass, pass_len, digest, NULL));
while (key_left) {
cp_len = min(key_left, md_len);
unsigned char c[4];
c[0] = (count >> 24) & 0xff;
c[1] = (count >> 16) & 0xff;
c[2] = (count >> 8) & 0xff;
c[3] = (count) & 0xff;
ERR_IFZERO(HMAC_Init_ex(ctx, NULL, 0, digest, NULL));
ERR_IFZERO(HMAC_Update(ctx, salt, salt_len));
ERR_IFZERO(HMAC_Update(ctx, c, 4));
ERR_IFZERO(HMAC_Final(ctx, tmp_md, NULL));
memcpy(out, tmp_md, cp_len);
for (iter=1; iter < iterations; iter++) {
ERR_IFZERO(HMAC_Init_ex(ctx, NULL, 0, digest, NULL));
ERR_IFZERO(HMAC_Update(ctx, tmp_md, md_len));
ERR_IFZERO(HMAC_Final(ctx, tmp_md, NULL));
for (i = 0; i < cp_len; i++) {
out[i] ^= tmp_md[i];
}
}
key_left -= cp_len;
out += cp_len;
count++;
}
ret = 1;
ERR_LABEL
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
HMAC_CTX_cleanup(ctx);
#else
HMAC_CTX_free(ctx);
#endif
return ret;
}