New way to configure SCrypt algorithm
This commit is contained in:
Sebastian Messmer
parent
7f6dffdbd9
commit
5575509594
|
|
@ -1,13 +1,7 @@
|
|||
#include "Scrypt.h"
|
||||
|
||||
namespace cpputils {
|
||||
constexpr size_t SCryptDefaultSettings::SALT_LEN;
|
||||
constexpr uint64_t SCryptDefaultSettings::N;
|
||||
constexpr uint32_t SCryptDefaultSettings::r;
|
||||
constexpr uint32_t SCryptDefaultSettings::p;
|
||||
|
||||
constexpr size_t SCryptParanoidSettings::SALT_LEN;
|
||||
constexpr uint64_t SCryptParanoidSettings::N;
|
||||
constexpr uint32_t SCryptParanoidSettings::r;
|
||||
constexpr uint32_t SCryptParanoidSettings::p;
|
||||
constexpr SCryptSettings SCrypt::ParanoidSettings;
|
||||
constexpr SCryptSettings SCrypt::DefaultSettings;
|
||||
constexpr SCryptSettings SCrypt::TestSettings;
|
||||
}
|
||||
|
|
@ -12,32 +12,31 @@ extern "C" {
|
|||
|
||||
namespace cpputils {
|
||||
|
||||
struct SCryptParanoidSettings {
|
||||
constexpr static size_t SALT_LEN = 32; // Size of the salt
|
||||
constexpr static uint64_t N = 1048576; // CPU/Memory cost
|
||||
constexpr static uint32_t r = 8; // Blocksize
|
||||
constexpr static uint32_t p = 16; // Parallelization
|
||||
struct SCryptSettings {
|
||||
size_t SALT_LEN;
|
||||
uint64_t N;
|
||||
uint32_t r;
|
||||
uint32_t p;
|
||||
};
|
||||
|
||||
struct SCryptDefaultSettings {
|
||||
constexpr static size_t SALT_LEN = 32; // Size of the salt
|
||||
constexpr static uint64_t N = 524288; // CPU/Memory cost
|
||||
constexpr static uint32_t r = 1; // Blocksize
|
||||
constexpr static uint32_t p = 1; // Parallelization
|
||||
};
|
||||
|
||||
class SCrypt {
|
||||
class SCrypt final {
|
||||
public:
|
||||
static constexpr SCryptSettings ParanoidSettings = SCryptSettings {32, 1048576, 8, 16};
|
||||
static constexpr SCryptSettings DefaultSettings = SCryptSettings {32, 524288, 1, 1};
|
||||
static constexpr SCryptSettings TestSettings = SCryptSettings {32, 1024, 1, 1};
|
||||
|
||||
SCrypt() {}
|
||||
|
||||
template<size_t KEYSIZE, class Settings = SCryptDefaultSettings> DerivedKey<KEYSIZE> generateKey(const std::string &password) {
|
||||
auto salt = Random::PseudoRandom().get(Settings::SALT_LEN);
|
||||
auto config = DerivedKeyConfig(std::move(salt), Settings::N, Settings::r, Settings::p);
|
||||
template<size_t KEYSIZE>
|
||||
DerivedKey<KEYSIZE> generateKey(const std::string &password, const SCryptSettings &settings) {
|
||||
auto salt = Random::PseudoRandom().get(settings.SALT_LEN);
|
||||
auto config = DerivedKeyConfig(std::move(salt), settings.N, settings.r, settings.p);
|
||||
auto key = generateKeyFromConfig<KEYSIZE>(password, config);
|
||||
return DerivedKey<KEYSIZE>(std::move(config), key);
|
||||
}
|
||||
|
||||
template<size_t KEYSIZE> FixedSizeData<KEYSIZE> generateKeyFromConfig(const std::string &password, const DerivedKeyConfig &config) {
|
||||
template<size_t KEYSIZE>
|
||||
FixedSizeData<KEYSIZE> generateKeyFromConfig(const std::string &password, const DerivedKeyConfig &config) {
|
||||
auto key = FixedSizeData<KEYSIZE>::Null();
|
||||
int errorcode = crypto_scrypt(reinterpret_cast<const uint8_t*>(password.c_str()), password.size(),
|
||||
reinterpret_cast<const uint8_t*>(config.salt().data()), config.salt().size(),
|
||||
|
|
|
|||
|
|
@ -1,51 +1,50 @@
|
|||
#include <google/gtest/gtest.h>
|
||||
#include "../../../crypto/kdf/Scrypt.h"
|
||||
#include "testutils/SCryptTestSettings.h"
|
||||
|
||||
using namespace cpputils;
|
||||
|
||||
TEST(SCryptTest, GeneratedKeyIsReproductible_448) {
|
||||
auto created = SCrypt().generateKey<56, SCryptTestSettings>("mypassword");
|
||||
auto created = SCrypt().generateKey<56>("mypassword", SCrypt::TestSettings);
|
||||
auto recreated = SCrypt().generateKeyFromConfig<56>("mypassword", created.config());
|
||||
EXPECT_EQ(created.key(), recreated);
|
||||
}
|
||||
|
||||
TEST(SCryptTest, GeneratedKeyIsReproductible_256) {
|
||||
auto created = SCrypt().generateKey<32, SCryptTestSettings>("mypassword");
|
||||
auto created = SCrypt().generateKey<32>("mypassword", SCrypt::TestSettings);
|
||||
auto recreated = SCrypt().generateKeyFromConfig<32>("mypassword", created.config());
|
||||
EXPECT_EQ(created.key(), recreated);
|
||||
}
|
||||
|
||||
TEST(SCryptTest, GeneratedKeyIsReproductible_128) {
|
||||
auto created = SCrypt().generateKey<16, SCryptTestSettings>("mypassword");
|
||||
auto created = SCrypt().generateKey<16>("mypassword", SCrypt::TestSettings);
|
||||
auto recreated = SCrypt().generateKeyFromConfig<16>("mypassword", created.config());
|
||||
EXPECT_EQ(created.key(), recreated);
|
||||
}
|
||||
|
||||
TEST(SCryptTest, GeneratedKeyIsReproductible_DefaultSettings) {
|
||||
auto created = SCrypt().generateKey<16>("mypassword");
|
||||
auto created = SCrypt().generateKey<16>("mypassword", SCrypt::DefaultSettings);
|
||||
auto recreated = SCrypt().generateKeyFromConfig<16>("mypassword", created.config());
|
||||
EXPECT_EQ(created.key(), recreated);
|
||||
}
|
||||
|
||||
TEST(SCryptTest, DifferentPasswordResultsInDifferentKey) {
|
||||
auto created = SCrypt().generateKey<16, SCryptTestSettings>("mypassword");
|
||||
auto created = SCrypt().generateKey<16>("mypassword", SCrypt::TestSettings);
|
||||
auto recreated = SCrypt().generateKeyFromConfig<16>("mypassword2", created.config());
|
||||
EXPECT_NE(created.key(), recreated);
|
||||
}
|
||||
|
||||
TEST(SCryptTest, UsesCorrectSettings) {
|
||||
auto created = SCrypt().generateKey<16, SCryptTestSettings>("mypassword");
|
||||
EXPECT_EQ(SCryptTestSettings::SALT_LEN, created.config().salt().size());
|
||||
EXPECT_EQ(SCryptTestSettings::N, created.config().N());
|
||||
EXPECT_EQ(SCryptTestSettings::r, created.config().r());
|
||||
EXPECT_EQ(SCryptTestSettings::p, created.config().p());
|
||||
auto created = SCrypt().generateKey<16>("mypassword", SCrypt::TestSettings);
|
||||
EXPECT_EQ(SCrypt::TestSettings.SALT_LEN, created.config().salt().size());
|
||||
EXPECT_EQ(SCrypt::TestSettings.N, created.config().N());
|
||||
EXPECT_EQ(SCrypt::TestSettings.r, created.config().r());
|
||||
EXPECT_EQ(SCrypt::TestSettings.p, created.config().p());
|
||||
}
|
||||
|
||||
TEST(SCryptTest, UsesCorrectDefaultSettings) {
|
||||
auto created = SCrypt().generateKey<16>("mypassword");
|
||||
EXPECT_EQ(SCryptDefaultSettings::SALT_LEN, created.config().salt().size());
|
||||
EXPECT_EQ(SCryptDefaultSettings::N, created.config().N());
|
||||
EXPECT_EQ(SCryptDefaultSettings::r, created.config().r());
|
||||
EXPECT_EQ(SCryptDefaultSettings::p, created.config().p());
|
||||
auto created = SCrypt().generateKey<16>("mypassword", SCrypt::DefaultSettings);
|
||||
EXPECT_EQ(SCrypt::DefaultSettings.SALT_LEN, created.config().salt().size());
|
||||
EXPECT_EQ(SCrypt::DefaultSettings.N, created.config().N());
|
||||
EXPECT_EQ(SCrypt::DefaultSettings.r, created.config().r());
|
||||
EXPECT_EQ(SCrypt::DefaultSettings.p, created.config().p());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +0,0 @@
|
|||
#include "SCryptTestSettings.h"
|
||||
|
||||
constexpr size_t SCryptTestSettings::SALT_LEN;
|
||||
constexpr uint64_t SCryptTestSettings::N;
|
||||
constexpr uint32_t SCryptTestSettings::r;
|
||||
constexpr uint32_t SCryptTestSettings::p;
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
#ifndef MESSMER_CPPUTILS_TEST_CRYPTO_KDF_TESTUTILS_SCRYPTTESTSETTINGS_H
|
||||
#define MESSMER_CPPUTILS_TEST_CRYPTO_KDF_TESTUTILS_SCRYPTTESTSETTINGS_H
|
||||
|
||||
#include <cstddef>
|
||||
#include <cstdint>
|
||||
|
||||
struct SCryptTestSettings {
|
||||
constexpr static size_t SALT_LEN = 32; // Size of the salt
|
||||
constexpr static uint64_t N = 1024; // CPU/Memory cost
|
||||
constexpr static uint32_t r = 1; // Blocksize
|
||||
constexpr static uint32_t p = 1; // Parallelization
|
||||
};
|
||||
|
||||
#endif
|
||||
Loading…
Reference in New Issue