CryptoPassphrase  Diff

Differences From Artifact [c0c1315d5a]:

To Artifact [d5c5dfec12]:


1
2
3
4
5
6
7
8
9
10
11
/*
 * Copyright (c) 2016 - 2019 Jonathan Schleifer <js@heap.zone>
 *
 * https://heap.zone/git/cryptopassphrase.git
 *
 * Permission to use, copy, modify, and/or distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice is present in all copies.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

|

|







1
2
3
4
5
6
7
8
9
10
11
/*
 * Copyright (c) 2016 - 2020 Jonathan Schleifer <js@nil.im>
 *
 * https://nil.im/git/cryptopassphrase.git
 *
 * Permission to use, copy, modify, and/or distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice is present in all copies.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54
55
56
57
58
59
60

61

62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

85
86
87
88
89
90

91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
}

- (void)derivePassword
{
	OFSHA256Hash *siteHash = [OFSHA256Hash
	    cryptoHashWithAllowsSwappableMemory: true];
	size_t passphraseLength, combinedPassphraseLength;

	char *combinedPassphrase;


	[siteHash updateWithBuffer: _site.UTF8String
			    length: _site.UTF8StringLength];

	if (_output != NULL) {
		of_explicit_memset(_output, 0, _length);
		[self freeMemory: _output];
	}

	_output = [self allocMemoryWithSize: _length + 1];

	passphraseLength = combinedPassphraseLength = strlen(_passphrase);
	if (_keyFile != nil) {
		if (SIZE_MAX - combinedPassphraseLength < _keyFile.count)
			@throw [OFOutOfRangeException exception];

		combinedPassphraseLength += _keyFile.count;
	}

	if ((combinedPassphrase = malloc(combinedPassphraseLength)) == NULL)
		@throw [OFOutOfMemoryException
		    exceptionWithRequestedSize: combinedPassphraseLength];
	@try {

		memcpy(combinedPassphrase, _passphrase, passphraseLength);

		if (_keyFile != nil)
			memcpy(combinedPassphrase + passphraseLength,
			    _keyFile.items, _keyFile.count);


		of_scrypt(8, 524288, 2, siteHash.digest,
		    [siteHash.class digestSize], combinedPassphrase,
		    combinedPassphraseLength, _output, _length, true);
	} @finally {
		of_explicit_memset(combinedPassphrase, 0,
		    combinedPassphraseLength);
		free(combinedPassphrase);
	}

	/*
	 * This has a bias, however, this is what scrypt-genpass does and the
	 * legacy mode wants to be compatible to scrypt-genpass.
	 */
	_output[0] = "abcdefghijklmnopqrstuvwxyz"[_output[0] % 26];
	_output[1] = "0123456789"[_output[1] % 10];
	_output[2] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"[_output[2] % 26];

	for (size_t i = 3; i < _length; i++)
		_output[i] = "abcdefghijklmnopqrstuvwxyz"
		    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
		    "0123456789"[_output[i] % (26 + 26 + 10)];
}
@end







>
|
>




|
<
|
<
|
|

|







|
<
|
|
>
|

|
|
|

>
|
|
|
<
<
<
<
<





|
|
|


|

|


54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

69

70
71
72
73
74
75
76
77
78
79
80
81

82
83
84
85
86
87
88
89
90
91
92
93
94





95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
}

- (void)derivePassword
{
	OFSHA256Hash *siteHash = [OFSHA256Hash
	    cryptoHashWithAllowsSwappableMemory: true];
	size_t passphraseLength, combinedPassphraseLength;
	OFSecureData *combinedPassphrase;
	char *combinedPassphraseItems;
	unsigned char *outputItems;

	[siteHash updateWithBuffer: _site.UTF8String
			    length: _site.UTF8StringLength];

	[_output release];

	_output = nil;

	_output = [[OFSecureData alloc] initWithCount: _length + 1
				allowsSwappableMemory: false];

	passphraseLength = combinedPassphraseLength = _passphrase.count - 1;
	if (_keyFile != nil) {
		if (SIZE_MAX - combinedPassphraseLength < _keyFile.count)
			@throw [OFOutOfRangeException exception];

		combinedPassphraseLength += _keyFile.count;
	}

	combinedPassphrase = [OFSecureData

		    dataWithCount: combinedPassphraseLength
	    allowsSwappableMemory: false];
	combinedPassphraseItems = combinedPassphrase.mutableItems;
	memcpy(combinedPassphraseItems, _passphrase.items, passphraseLength);

	if (_keyFile != nil)
		memcpy(combinedPassphraseItems + passphraseLength,
		    _keyFile.items, _keyFile.count);

	outputItems = _output.mutableItems;
	of_scrypt(8, 524288, 2, siteHash.digest, [siteHash.class digestSize],
	    combinedPassphraseItems, combinedPassphraseLength, outputItems,
	    _length, true);






	/*
	 * This has a bias, however, this is what scrypt-genpass does and the
	 * legacy mode wants to be compatible to scrypt-genpass.
	 */
	outputItems[0] = "abcdefghijklmnopqrstuvwxyz"[outputItems[0] % 26];
	outputItems[1] = "0123456789"[outputItems[1] % 10];
	outputItems[2] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"[outputItems[2] % 26];

	for (size_t i = 3; i < _length; i++)
		outputItems[i] = "abcdefghijklmnopqrstuvwxyz"
		    "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
		    "0123456789"[outputItems[i] % (26 + 26 + 10)];
}
@end