Differences From Artifact [ec228bf0de]:
- File src/scrypt.m — part of check-in [0509d7a844] at 2019-01-03 19:13:03 on branch trunk — Update copyright (user: js, size: 6198) [annotate] [blame] [check-ins using]
To Artifact [1e18b4aacd]:
- File
src/scrypt.m
— part of check-in
[e629dc83a9]
at
2019-12-27 00:41:54
on branch trunk
— OFSecureData: Add allowsSwappableMemory property
With this property, it's possible to specify whether the memory should
be protected from swapping or not. This makes it easier for e.g. the
crypto hash classes: They can now just always use OFSecureData without
wasting unswappable memory if it's not needed. (user: js, size: 6194) [annotate] [blame] [check-ins using]
︙ | ︙ | |||
15 16 17 18 19 20 21 22 23 24 25 26 27 28 | * file. */ #include "config.h" #import "OFHMAC.h" #import "OFSHA256Hash.h" #import "OFInvalidArgumentException.h" #import "OFOutOfMemoryException.h" #import "OFOutOfRangeException.h" #import "scrypt.h" #import "pbkdf2.h" | > | 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | * file. */ #include "config.h" #import "OFHMAC.h" #import "OFSHA256Hash.h" #import "OFSecureData.h" #import "OFInvalidArgumentException.h" #import "OFOutOfMemoryException.h" #import "OFOutOfRangeException.h" #import "scrypt.h" #import "pbkdf2.h" |
︙ | ︙ | |||
137 138 139 140 141 142 143 | memcpy(tmp, buffer, 128 * blockSize); } } void of_scrypt(size_t blockSize, size_t costFactor, size_t parallelization, const unsigned char *salt, size_t saltLength, const char *password, size_t passwordLength, | | | > > | < | < | | > > | < | | < | | > | > > | > | | | | > < < | < < | < | 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 | memcpy(tmp, buffer, 128 * blockSize); } } void of_scrypt(size_t blockSize, size_t costFactor, size_t parallelization, const unsigned char *salt, size_t saltLength, const char *password, size_t passwordLength, unsigned char *key, size_t keyLength, bool allowsSwappableMemory) { OFSecureData *tmp = nil, *buffer = nil; OFHMAC *HMAC = nil; if (blockSize == 0 || costFactor <= 1 || (costFactor & (costFactor - 1)) != 0 || parallelization == 0) @throw [OFInvalidArgumentException exception]; /* * These are defined by the functions above. They are defined there so * that the check is next to the code and easy to verify, but actually * checked here for performance. */ OVERFLOW_CHECK_1 OVERFLOW_CHECK_2 @try { uint32_t *tmpItems, *bufferItems; if (costFactor > SIZE_MAX - 1 || (costFactor + 1) > SIZE_MAX / 128) @throw [OFOutOfRangeException exception]; tmp = [[OFSecureData alloc] initWithItemSize: blockSize count: (costFactor + 1) * 128 allowsSwappableMemory: allowsSwappableMemory]; tmpItems = tmp.mutableItems; if (parallelization > SIZE_MAX / 128) @throw [OFOutOfRangeException exception]; buffer = [[OFSecureData alloc] initWithItemSize: blockSize count: parallelization * 128 allowsSwappableMemory: allowsSwappableMemory]; bufferItems = buffer.mutableItems; HMAC = [[OFHMAC alloc] initWithHashClass: [OFSHA256Hash class] allowsSwappableMemory: allowsSwappableMemory]; of_pbkdf2(HMAC, 1, salt, saltLength, password, passwordLength, (unsigned char *)bufferItems, parallelization * 128 * blockSize, allowsSwappableMemory); for (size_t i = 0; i < parallelization; i++) of_scrypt_romix(bufferItems + i * 32 * blockSize, blockSize, costFactor, tmpItems); of_pbkdf2(HMAC, 1, (unsigned char *)bufferItems, parallelization * 128 * blockSize, password, passwordLength, key, keyLength, allowsSwappableMemory); } @finally { [tmp release]; [buffer release]; [HMAC release]; } } |