From fede748ff4d5e69d08fe7153d4818c5fd6085cca Mon Sep 17 00:00:00 2001
From: Sebastian Messmer <messmer@cryfs.org>
Date: Sat, 19 May 2018 13:53:21 -0700
Subject: [PATCH] Use cryptopp scrypt instead of vendor/scrypt one

---
 CMakeLists.txt                      |  1 +
 src/cpp-utils/CMakeLists.txt        |  2 +-
 src/cpp-utils/crypto/kdf/Scrypt.cpp | 16 ++++++++++------
 src/cpp-utils/crypto/kdf/Scrypt.h   |  5 +----
 4 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index ba9625eb..bcf171dd 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,4 +1,5 @@
 cmake_minimum_required(VERSION 3.0 FATAL_ERROR)
+cmake_policy(SET CMP0054 NEW)
 
 # note: for clang-tidy, we need cmake 3.6, or (if the return code should be handled correctly, e.g. on CI), we need 3.8.
 
diff --git a/src/cpp-utils/CMakeLists.txt b/src/cpp-utils/CMakeLists.txt
index 61d5d55e..caf6ebc8 100644
--- a/src/cpp-utils/CMakeLists.txt
+++ b/src/cpp-utils/CMakeLists.txt
@@ -63,7 +63,7 @@ target_link_libraries(${PROJECT_NAME} PUBLIC ${CMAKE_THREAD_LIBS_INIT})
 
 target_link_libraries(${PROJECT_NAME} PUBLIC ${CMAKE_DL_LIBS})
 
-target_link_libraries(${PROJECT_NAME} PUBLIC scrypt spdlog cryptopp)
+target_link_libraries(${PROJECT_NAME} PUBLIC spdlog cryptopp)
 
 target_add_boost(${PROJECT_NAME} filesystem system thread)
 target_enable_style_warnings(${PROJECT_NAME})
diff --git a/src/cpp-utils/crypto/kdf/Scrypt.cpp b/src/cpp-utils/crypto/kdf/Scrypt.cpp
index 3a76ad81..517fbfbc 100644
--- a/src/cpp-utils/crypto/kdf/Scrypt.cpp
+++ b/src/cpp-utils/crypto/kdf/Scrypt.cpp
@@ -1,4 +1,5 @@
 #include "Scrypt.h"
+#include <cryptopp/scrypt.h>
 
 using std::string;
 
@@ -23,12 +24,15 @@ namespace cpputils {
 
     void SCrypt::derive(void *destination, size_t size, const string &password) {
         _checkCallOnlyOnce();
-        int errorcode = crypto_scrypt(reinterpret_cast<const uint8_t*>(password.c_str()), password.size(),
-                                      static_cast<const uint8_t*>(_config.salt().data()), _config.salt().size(),
-                                      _config.N(), _config.r(), _config.p(),
-                                      static_cast<uint8_t*>(destination), size);
-        if (errorcode != 0) {
-            throw std::runtime_error("Error running scrypt key derivation. Error code: "+std::to_string(errorcode));
+
+        size_t status = CryptoPP::Scrypt().DeriveKey(
+            static_cast<uint8_t*>(destination), size,
+            reinterpret_cast<const uint8_t*>(password.c_str()), password.size(),
+            static_cast<const uint8_t*>(_config.salt().data()), _config.salt().size(),
+            _config.N(), _config.r(), _config.p()
+        );
+        if (status != 1) {
+            throw std::runtime_error("Error running scrypt key derivation. Error code: "+std::to_string(status));
         }
     }
 
diff --git a/src/cpp-utils/crypto/kdf/Scrypt.h b/src/cpp-utils/crypto/kdf/Scrypt.h
index 6578e950..596a1f47 100644
--- a/src/cpp-utils/crypto/kdf/Scrypt.h
+++ b/src/cpp-utils/crypto/kdf/Scrypt.h
@@ -7,9 +7,6 @@
 #include "../../pointer/unique_ref.h"
 #include "PasswordBasedKDF.h"
 
-extern "C" {
-    #include <scrypt/lib/crypto/crypto_scrypt.h>
-}
 #include <stdexcept>
 #include "SCryptParameters.h"
 
@@ -25,7 +22,7 @@ namespace cpputils {
     class SCrypt final : public PasswordBasedKDF {
     public:
         static constexpr SCryptSettings ParanoidSettings = SCryptSettings {32, 1048576, 8, 16};
-        static constexpr SCryptSettings DefaultSettings = SCryptSettings {32, 1048576, 4, 1};
+        static constexpr SCryptSettings DefaultSettings = SCryptSettings {32, 1048576, 4, 4};
         static constexpr SCryptSettings TestSettings = SCryptSettings {32, 1024, 1, 1};
 
         static unique_ref<SCrypt> forNewKey(const SCryptSettings &settings);