tor  0.4.2.0-alpha-dev
Macros | Functions
crypto_s2k.h File Reference
#include <stdio.h>
#include "lib/cc/torint.h"

Go to the source code of this file.

Macros

#define S2K_RFC2440_SPECIFIER_LEN   9
 
#define S2K_FLAG_NO_SCRYPT   (1u<<0)
 
#define S2K_FLAG_LOW_MEM   (1u<<1)
 
#define S2K_FLAG_USE_PBKDF2   (1u<<2)
 
#define S2K_MAXLEN   64
 
#define S2K_OKAY   0
 
#define S2K_FAILED   -1
 
#define S2K_BAD_SECRET   -2
 
#define S2K_BAD_ALGORITHM   -3
 
#define S2K_BAD_PARAMS   -4
 
#define S2K_NO_SCRYPT_SUPPORT   -5
 
#define S2K_TRUNCATED   -6
 
#define S2K_BAD_LEN   -7
 

Functions

void secret_to_key_rfc2440 (char *key_out, size_t key_out_len, const char *secret, size_t secret_len, const char *s2k_specifier)
 
int secret_to_key_new (uint8_t *buf, size_t buf_len, size_t *len_out, const char *secret, size_t secret_len, unsigned flags)
 
int secret_to_key_make_specifier (uint8_t *buf, size_t buf_len, unsigned flags)
 
int secret_to_key_check (const uint8_t *spec_and_key, size_t spec_and_key_len, const char *secret, size_t secret_len)
 
int secret_to_key_derivekey (uint8_t *key_out, size_t key_out_len, const uint8_t *spec, size_t spec_len, const char *secret, size_t secret_len)
 

Detailed Description

Header for crypto_s2k.c.

Definition in file crypto_s2k.h.

Macro Definition Documentation

◆ S2K_BAD_ALGORITHM

#define S2K_BAD_ALGORITHM   -3

Error code from secret-to-key functions: didn't recognize the algorithm

Definition at line 45 of file crypto_s2k.h.

◆ S2K_BAD_LEN

#define S2K_BAD_LEN   -7

Error code from secret-to-key functions: Wrong length for specifier.

Definition at line 54 of file crypto_s2k.h.

◆ S2K_BAD_PARAMS

#define S2K_BAD_PARAMS   -4

Error code from secret-to-key functions: specifier wasn't valid

Definition at line 47 of file crypto_s2k.h.

◆ S2K_BAD_SECRET

#define S2K_BAD_SECRET   -2

Error code from secret-to-key functions: provided secret didn't match

Definition at line 43 of file crypto_s2k.h.

◆ S2K_FAILED

#define S2K_FAILED   -1

Error code from secret-to-key functions: generic failure

Definition at line 41 of file crypto_s2k.h.

◆ S2K_FLAG_LOW_MEM

#define S2K_FLAG_LOW_MEM   (1u<<1)

Flag for secret-to-key functions: if using a memory-tuned s2k function, assume that we have limited memory.

Definition at line 30 of file crypto_s2k.h.

◆ S2K_FLAG_NO_SCRYPT

#define S2K_FLAG_NO_SCRYPT   (1u<<0)

Flag for secret-to-key function: do not use scrypt.

Definition at line 27 of file crypto_s2k.h.

◆ S2K_FLAG_USE_PBKDF2

#define S2K_FLAG_USE_PBKDF2   (1u<<2)

Flag for secret-to-key functions: force use of pbkdf2. Without this, we default to scrypt, then RFC2440.

Definition at line 33 of file crypto_s2k.h.

◆ S2K_MAXLEN

#define S2K_MAXLEN   64

Maximum possible output length from secret_to_key_new.

Definition at line 36 of file crypto_s2k.h.

◆ S2K_NO_SCRYPT_SUPPORT

#define S2K_NO_SCRYPT_SUPPORT   -5

Error code from secret-to-key functions: compiled without scrypt

Definition at line 49 of file crypto_s2k.h.

◆ S2K_OKAY

#define S2K_OKAY   0

Error code from secret-to-key functions: all is well

Definition at line 39 of file crypto_s2k.h.

◆ S2K_RFC2440_SPECIFIER_LEN

#define S2K_RFC2440_SPECIFIER_LEN   9

Length of RFC2440-style S2K specifier: the first 8 bytes are a salt, the 9th describes how much iteration to do.

Definition at line 21 of file crypto_s2k.h.

◆ S2K_TRUNCATED

#define S2K_TRUNCATED   -6

Error code from secret-to-key functions: not enough space to write output.

Definition at line 52 of file crypto_s2k.h.

Function Documentation

◆ secret_to_key_check()

int secret_to_key_check ( const uint8_t *  spec_and_key,
size_t  spec_and_key_len,
const char *  secret,
size_t  secret_len 
)

Given a hashed passphrase in spec_and_key of length spec_and_key_len as generated by secret_to_key_new(), verify whether it is a hash of the passphrase secret of length secret_len. Return S2K_OKAY on a match, S2K_BAD_SECRET on a well-formed hash that doesn't match this secret, and another error code on other errors.

Definition at line 486 of file crypto_s2k.c.

◆ secret_to_key_derivekey()

int secret_to_key_derivekey ( uint8_t *  key_out,
size_t  key_out_len,
const uint8_t *  spec,
size_t  spec_len,
const char *  secret,
size_t  secret_len 
)

Given a specifier previously constructed with secret_to_key_make_specifier in spec of length spec_len, and a secret password in secret of length secret_len, generate key_out_len bytes of cryptographic material in key_out. The native output of the secret-to-key function will be truncated if key_out_len is short, and expanded with HKDF if key_out_len is long. Returns S2K_OKAY on success, and an error code on failure.

Definition at line 370 of file crypto_s2k.c.

◆ secret_to_key_make_specifier()

int secret_to_key_make_specifier ( uint8_t *  buf,
size_t  buf_len,
unsigned  flags 
)

Construct a new s2k algorithm specifier and salt in buf, according to the bitwise-or of some S2K_FLAG_* options in flags. Up to buf_len bytes of storage may be used in buf. Return the number of bytes used on success and an error code on failure.

Definition at line 405 of file crypto_s2k.c.

◆ secret_to_key_new()

int secret_to_key_new ( uint8_t *  buf,
size_t  buf_len,
size_t *  len_out,
const char *  secret,
size_t  secret_len,
unsigned  flags 
)

Hash a passphrase from secret of length secret_len, according to the bitwise-or of some S2K_FLAG_* options in flags, and store the hash along with salt and hashing parameters into buf. Up to buf_len bytes of storage may be used in buf. Set *len_out to the number of bytes used and return S2K_OKAY on success; and return an error code on failure.

Definition at line 442 of file crypto_s2k.c.

◆ secret_to_key_rfc2440()

void secret_to_key_rfc2440 ( char *  key_out,
size_t  key_out_len,
const char *  secret,
size_t  secret_len,
const char *  s2k_specifier 
)

Implement RFC2440-style iterated-salted S2K conversion: convert the secret_len-byte secret into a key_out_len byte key_out. As in RFC2440, the first 8 bytes of s2k_specifier are a salt; the 9th byte describes how much iteration to do. If key_out_len > DIGEST_LEN, use HDKF to expand the result.

Definition at line 203 of file crypto_s2k.c.

References DIGEST_LEN, SIZE_T_CEILING, and tor_assert().

Referenced by do_hash_password().