/* * Copyright (c) 2016 - 2023 Jonathan Schleifer <js@nil.im> * * https://fl.nil.im/cryptopassphrase * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ #import "LegacyPasswordGenerator.h" @implementation LegacyPasswordGenerator @synthesize site = _site, keyFile = _keyFile, passphrase = _passphrase; @synthesize output = _output; + (instancetype)generator { return [[[self alloc] init] autorelease]; } - (instancetype)init { self = [super init]; _length = 16; return self; } - (void)setLength: (size_t)length { if (length < 3) @throw [OFInvalidArgumentException exception]; _length = length; } - (size_t)length { return _length; } - (void)derivePassword { OFSHA256Hash *siteHash = [OFSHA256Hash hashWithAllowsSwappableMemory: true]; size_t passphraseLength, combinedPassphraseLength; OFSecureData *combinedPassphrase; char *combinedPassphraseItems; unsigned char *outputItems; [siteHash updateWithBuffer: _site.UTF8String length: _site.UTF8StringLength]; [siteHash calculate]; [_output release]; _output = nil; _output = [[OFSecureData alloc] initWithCount: _length + 1 allowsSwappableMemory: true]; passphraseLength = combinedPassphraseLength = _passphrase.count - 1; if (_keyFile != nil) { if (SIZE_MAX - combinedPassphraseLength < _keyFile.count) @throw [OFOutOfRangeException exception]; combinedPassphraseLength += _keyFile.count; } combinedPassphrase = [OFSecureData dataWithCount: combinedPassphraseLength allowsSwappableMemory: true]; combinedPassphraseItems = combinedPassphrase.mutableItems; memcpy(combinedPassphraseItems, _passphrase.items, passphraseLength); if (_keyFile != nil) memcpy(combinedPassphraseItems + passphraseLength, _keyFile.items, _keyFile.count); outputItems = _output.mutableItems; OFScrypt((OFScryptParameters){ .blockSize = 8, .costFactor = 524288, .parallelization = 2, .salt = siteHash.digest, .saltLength = [siteHash.class digestSize], .password = combinedPassphraseItems, .passwordLength = combinedPassphraseLength, .key = outputItems, .keyLength = _length, .allowsSwappableMemory = true }); /* * This has a bias, however, this is what scrypt-genpass does and the * legacy mode wants to be compatible to scrypt-genpass. */ outputItems[0] = "abcdefghijklmnopqrstuvwxyz"[outputItems[0] % 26]; outputItems[1] = "0123456789"[outputItems[1] % 10]; outputItems[2] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"[outputItems[2] % 26]; for (size_t i = 3; i < _length; i++) outputItems[i] = "abcdefghijklmnopqrstuvwxyz" "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "0123456789"[outputItems[i] % (26 + 26 + 10)]; } @end