Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/openssl/demos/kdf/scrypt.c
34869 views
1
/*

2
 * Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.

3
 *

4
 * Licensed under the Apache License 2.0 (the "License").  You may not use

5
 * this file except in compliance with the License.  You can obtain a copy

6
 * in the file LICENSE in the source distribution or at

7
 * https://www.openssl.org/source/license.html

8
 */

9


10
#include <stdio.h>

11
#include <openssl/core_names.h>

12
#include <openssl/crypto.h>

13
#include <openssl/kdf.h>

14
#include <openssl/obj_mac.h>

15
#include <openssl/params.h>

16


17
/*

18
 * test vector from

19
 * https://datatracker.ietf.org/doc/html/rfc7914

20
 */

21


22
/*

23
 * Hard coding a password into an application is very bad.

24
 * It is done here solely for educational purposes.

25
 */

26
static unsigned char password[] = {

27
    'p', 'a', 's', 's', 'w', 'o', 'r', 'd'

28
};

29


30
/*

31
 * The salt is better not being hard coded too.  Each password should have a

32
 * different salt if possible.  The salt is not considered secret information

33
 * and is safe to store with an encrypted password.

34
 */

35
static unsigned char scrypt_salt[] = {

36
    'N', 'a', 'C', 'l'

37
};

38


39
/*

40
 * The SCRYPT parameters can be variable or hard coded.  The disadvantage with

41
 * hard coding them is that they cannot easily be adjusted for future

42
 * technological improvements appear.

43
 */

44
static unsigned int scrypt_n = 1024;

45
static unsigned int scrypt_r = 8;

46
static unsigned int scrypt_p = 16;

47


48
static const unsigned char expected_output[] = {

49


50
    0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,

51
    0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,

52
    0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,

53
    0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,

54
    0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,

55
    0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,

56
    0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,

57
    0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40

58
};

59


60
int main(int argc, char **argv)

61
{

62
    int ret = EXIT_FAILURE;

63
    EVP_KDF *kdf = NULL;

64
    EVP_KDF_CTX *kctx = NULL;

65
    unsigned char out[64];

66
    OSSL_PARAM params[6], *p = params;

67
    OSSL_LIB_CTX *library_context = NULL;

68


69
    library_context = OSSL_LIB_CTX_new();

70
    if (library_context == NULL) {

71
        fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");

72
        goto end;

73
    }

74


75
    /* Fetch the key derivation function implementation */

76
    kdf = EVP_KDF_fetch(library_context, "SCRYPT", NULL);

77
    if (kdf == NULL) {

78
        fprintf(stderr, "EVP_KDF_fetch() returned NULL\n");

79
        goto end;

80
    }

81


82
    /* Create a context for the key derivation operation */

83
    kctx = EVP_KDF_CTX_new(kdf);

84
    if (kctx == NULL) {

85
        fprintf(stderr, "EVP_KDF_CTX_new() returned NULL\n");

86
        goto end;

87
    }

88


89
    /* Set password */

90
    *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, password,

91
                                             sizeof(password));

92
    /* Set salt */

93
    *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, scrypt_salt,

94
                                             sizeof(scrypt_salt));

95
    /* Set N (default 1048576) */

96
    *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_N, &scrypt_n);

97
    /* Set R (default 8) */

98
    *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_R, &scrypt_r);

99
    /* Set P (default 1) */

100
    *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_P, &scrypt_p);

101
    *p = OSSL_PARAM_construct_end();

102


103
    /* Derive the key */

104
    if (EVP_KDF_derive(kctx, out, sizeof(out), params) != 1) {

105
        fprintf(stderr, "EVP_KDF_derive() failed\n");

106
        goto end;

107
    }

108


109
    if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {

110
        fprintf(stderr, "Generated key does not match expected value\n");

111
        goto end;

112
    }

113


114
    printf("Success\n");

115


116
    ret = EXIT_SUCCESS;

117
end:

118
    EVP_KDF_CTX_free(kctx);

119
    EVP_KDF_free(kdf);

120
    OSSL_LIB_CTX_free(library_context);

121
    return ret;

122
}

123


124