/src/cryptopp/scrypt.h

Source (jump to first uncovered line)
// scrypt.h - written and placed in public domain by Jeffrey Walton.
//            Based on reference source code by Colin Percival.

/// \file scrypt.h
/// \brief Classes for Scrypt from RFC 7914
/// \sa <A HREF="https://www.tarsnap.com/scrypt/scrypt.pdf">Stronger Key Derivation via
///   Sequential Memory-Hard Functions</a>,
///   <A HREF="https://www.tarsnap.com/scrypt.html">The scrypt key derivation function</A>
///   and <A HREF="https://tools.ietf.org/html/rfc7914">RFC 7914, The scrypt Password-Based
///   Key Derivation Function</A>
/// \since Crypto++ 7.0

#ifndef CRYPTOPP_SCRYPT_H
#define CRYPTOPP_SCRYPT_H

#include "cryptlib.h"
#include "secblock.h"

NAMESPACE_BEGIN(CryptoPP)

/// \brief Scrypt key derivation function
/// \details The Crypto++ implementation uses OpenMP to accelerate the derivation when
///   available.
/// \details The Crypto++ implementation of Scrypt is limited by C++ datatypes. For
///   example, the library is limited to a derived key length of <tt>SIZE_MAX</tt>,
///   and not <tt>(2^32 - 1) * 32</tt>.
/// \sa <A HREF="https://www.tarsnap.com/scrypt/scrypt.pdf">Stronger Key Derivation via
///   Sequential Memory-Hard Functions</A>,
///   <A HREF="https://www.tarsnap.com/scrypt.html">The scrypt key derivation function</A>
///   and <A HREF="https://tools.ietf.org/html/rfc7914">RFC 7914, The scrypt Password-Based
///   Key Derivation Function</A>
/// \since Crypto++ 7.0
class Scrypt : public KeyDerivationFunction
{
public:
    virtual ~Scrypt() {}

    static std::string StaticAlgorithmName () {
        return "scrypt";
    }

    // KeyDerivationFunction interface
    std::string AlgorithmName() const {
        return StaticAlgorithmName();
    }

    // KeyDerivationFunction interface
    size_t MaxDerivedKeyLength() const {
        return static_cast<size_t>(0)-1;
    }

    // KeyDerivationFunction interface
    size_t GetValidDerivedLength(size_t keylength) const;

    // KeyDerivationFunction interface
    size_t DeriveKey(byte *derived, size_t derivedLen, const byte *secret, size_t secretLen,
        const NameValuePairs& params) const;

    /// \brief Derive a key from a seed
    /// \param derived the derived output buffer
    /// \param derivedLen the size of the derived buffer, in bytes
    /// \param secret the seed input buffer
    /// \param secretLen the size of the secret buffer, in bytes
    /// \param salt the salt input buffer
    /// \param saltLen the size of the salt buffer, in bytes
    /// \param cost the CPU/memory cost factor
    /// \param blockSize the block size
    /// \param parallelization the parallelization factor
    /// \return the number of iterations performed
    /// \throw InvalidDerivedKeyLength if <tt>derivedLen</tt> is invalid for the scheme
    /// \details DeriveKey() provides a standard interface to derive a key from
    ///   a seed and other parameters. Each class that derives from KeyDerivationFunction
    ///   provides an overload that accepts most parameters used by the derivation function.
    /// \details The CPU/Memory <tt>cost</tt> parameter ("N" in the documents) must be
    ///   larger than 1, a power of 2, and less than <tt>2^(128 * r / 8)</tt>.
    /// \details The parameter <tt>blockSize</tt> ("r" in the documents) specifies the block
    ///   size.
    /// \details The <tt>parallelization</tt> parameter ("p" in the documents) is a positive
    ///   integer less than or equal to <tt>((2^32-1) * 32) / (128 * r)</tt>. Due to Microsoft
    ///   and its OpenMP 2.0 implementation <tt>parallelization</tt> is limited to
    ///   <tt>std::numeric_limits<int>::max()</tt>.
    /// \details Scrypt always returns 1 because it only performs 1 iteration. Other
    ///   derivation functions, like PBKDF's, will return more interesting values.
    /// \details The Crypto++ implementation of Scrypt is limited by C++ datatypes. For
    ///   example, the library is limited to a derived key length of <tt>SIZE_MAX</tt>,
    ///   and not <tt>(2^32 - 1) * 32</tt>.
    size_t DeriveKey(byte *derived, size_t derivedLen, const byte *secret, size_t secretLen,
        const byte *salt, size_t saltLen, word64 cost=2, word64 blockSize=8, word64 parallelization=1) const;

protected:
    enum {defaultCost=2, defaultBlockSize=8, defaultParallelization=1};

    // KeyDerivationFunction interface
    const Algorithm & GetAlgorithm() const {
        return *this;
    }

    inline void ValidateParameters(size_t derivedlen, word64 cost, word64 blockSize, word64 parallelization) const;
};

NAMESPACE_END

#endif // CRYPTOPP_SCRYPT_H

Line	Count	Source (jump to first uncovered line)
1		// scrypt.h - written and placed in public domain by Jeffrey Walton.
2		// Based on reference source code by Colin Percival.
3
4		/// \file scrypt.h
5		/// \brief Classes for Scrypt from RFC 7914
6		/// \sa <A HREF="https://www.tarsnap.com/scrypt/scrypt.pdf">Stronger Key Derivation via
7		/// Sequential Memory-Hard Functions</a>,
8		/// <A HREF="https://www.tarsnap.com/scrypt.html">The scrypt key derivation function</A>
9		/// and <A HREF="https://tools.ietf.org/html/rfc7914">RFC 7914, The scrypt Password-Based
10		/// Key Derivation Function</A>
11		/// \since Crypto++ 7.0
12
13		#ifndef CRYPTOPP_SCRYPT_H
14		#define CRYPTOPP_SCRYPT_H
15
16		#include "cryptlib.h"
17		#include "secblock.h"
18
19		NAMESPACE_BEGIN(CryptoPP)
20
21		/// \brief Scrypt key derivation function
22		/// \details The Crypto++ implementation uses OpenMP to accelerate the derivation when
23		/// available.
24		/// \details The Crypto++ implementation of Scrypt is limited by C++ datatypes. For
25		/// example, the library is limited to a derived key length of <tt>SIZE_MAX</tt>,
26		/// and not <tt>(2^32 - 1) * 32</tt>.
27		/// \sa <A HREF="https://www.tarsnap.com/scrypt/scrypt.pdf">Stronger Key Derivation via
28		/// Sequential Memory-Hard Functions</A>,
29		/// <A HREF="https://www.tarsnap.com/scrypt.html">The scrypt key derivation function</A>
30		/// and <A HREF="https://tools.ietf.org/html/rfc7914">RFC 7914, The scrypt Password-Based
31		/// Key Derivation Function</A>
32		/// \since Crypto++ 7.0
33		class Scrypt : public KeyDerivationFunction
34		{
35		public:
36	0	virtual ~Scrypt() {}
37
38	0	static std::string StaticAlgorithmName () {
39	0	return "scrypt";
40	0	}
41
42		// KeyDerivationFunction interface
43	0	std::string AlgorithmName() const {
44	0	return StaticAlgorithmName();
45	0	}
46
47		// KeyDerivationFunction interface
48	581	size_t MaxDerivedKeyLength() const {
49	581	return static_cast<size_t>(0)-1;
50	581	}
51
52		// KeyDerivationFunction interface
53		size_t GetValidDerivedLength(size_t keylength) const;
54
55		// KeyDerivationFunction interface
56		size_t DeriveKey(byte derived, size_t derivedLen, const byte secret, size_t secretLen,
57		const NameValuePairs& params) const;
58
59		/// \brief Derive a key from a seed
60		/// \param derived the derived output buffer
61		/// \param derivedLen the size of the derived buffer, in bytes
62		/// \param secret the seed input buffer
63		/// \param secretLen the size of the secret buffer, in bytes
64		/// \param salt the salt input buffer
65		/// \param saltLen the size of the salt buffer, in bytes
66		/// \param cost the CPU/memory cost factor
67		/// \param blockSize the block size
68		/// \param parallelization the parallelization factor
69		/// \return the number of iterations performed
70		/// \throw InvalidDerivedKeyLength if <tt>derivedLen</tt> is invalid for the scheme
71		/// \details DeriveKey() provides a standard interface to derive a key from
72		/// a seed and other parameters. Each class that derives from KeyDerivationFunction
73		/// provides an overload that accepts most parameters used by the derivation function.
74		/// \details The CPU/Memory <tt>cost</tt> parameter ("N" in the documents) must be
75		/// larger than 1, a power of 2, and less than <tt>2^(128 * r / 8)</tt>.
76		/// \details The parameter <tt>blockSize</tt> ("r" in the documents) specifies the block
77		/// size.
78		/// \details The <tt>parallelization</tt> parameter ("p" in the documents) is a positive
79		/// integer less than or equal to <tt>((2^32-1) * 32) / (128 * r)</tt>. Due to Microsoft
80		/// and its OpenMP 2.0 implementation <tt>parallelization</tt> is limited to
81		/// <tt>std::numeric_limits<int>::max()</tt>.
82		/// \details Scrypt always returns 1 because it only performs 1 iteration. Other
83		/// derivation functions, like PBKDF's, will return more interesting values.
84		/// \details The Crypto++ implementation of Scrypt is limited by C++ datatypes. For
85		/// example, the library is limited to a derived key length of <tt>SIZE_MAX</tt>,
86		/// and not <tt>(2^32 - 1) * 32</tt>.
87		size_t DeriveKey(byte derived, size_t derivedLen, const byte secret, size_t secretLen,
88		const byte *salt, size_t saltLen, word64 cost=2, word64 blockSize=8, word64 parallelization=1) const;
89
90		protected:
91		enum {defaultCost=2, defaultBlockSize=8, defaultParallelization=1};
92
93		// KeyDerivationFunction interface
94	0	const Algorithm & GetAlgorithm() const {
95	0	return *this;
96	0	}
97
98		inline void ValidateParameters(size_t derivedlen, word64 cost, word64 blockSize, word64 parallelization) const;
99		};
100
101		NAMESPACE_END
102
103		#endif // CRYPTOPP_SCRYPT_H

Coverage Report

Created: 2024-11-21 07:03