127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
-
+
|
iklen = EVP_CIPHER_key_length(cipher);
ivlen = EVP_CIPHER_iv_length(cipher);
dk_len = iklen+ivlen;
}
/* Derive key */
if (!PKCS5_PBKDF2_HMAC(pass, (int) pass_len, salt, (int) salt_len, iter, md, dk_len, tmpkeyiv)) {
Tcl_AppendResult(interp, "Key derivation failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Key derivation failed: ", GET_ERR_REASON(), (char *) NULL);
return TCL_ERROR;
}
/* Set result to key and iv */
if (cipher == NULL) {
Tcl_SetObjResult(interp, Tcl_NewByteArrayObj(tmpkeyiv, (Tcl_Size) dk_len));
} else {
|
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
|
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
|
-
+
-
+
-
+
-
+
-
+
-
+
|
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
if (pctx == NULL) {
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
goto error;
}
if (EVP_PKEY_derive_init(pctx) < 1) {
Tcl_AppendResult(interp, "Initialize failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Initialize failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
/* Set config parameters */
if (EVP_PKEY_CTX_set_hkdf_md(pctx, md) < 1) {
Tcl_AppendResult(interp, "Set digest failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set digest failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
if (EVP_PKEY_CTX_set1_hkdf_key(pctx, key, (int) key_len) < 1) {
Tcl_AppendResult(interp, "Set key failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set key failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
if (salt != NULL && EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, (int) salt_len) < 1) {
Tcl_AppendResult(interp, "Set salt failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set salt failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
if (info != NULL && EVP_PKEY_CTX_add1_hkdf_info(pctx, info, (int) info_len) < 1) {
Tcl_AppendResult(interp, "Set info failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set info failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
/* Get buffer */
resultObj = Tcl_NewObj();
if ((out = Tcl_SetByteArrayLength(resultObj, (Tcl_Size) dk_len)) == NULL) {
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
goto error;
}
out_len = (size_t) dk_len;
/* Derive key */
if (EVP_PKEY_derive(pctx, out, &out_len) > 0) {
/* Shrink buffer to actual size */
Tcl_SetByteArrayLength(resultObj, (Tcl_Size) out_len);
Tcl_SetObjResult(interp, resultObj);
res = TCL_OK;
goto done;
} else {
Tcl_AppendResult(interp, "Key derivation failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Key derivation failed: ", GET_ERR_REASON(), (char *) NULL);
Tcl_DecrRefCount(resultObj);
}
error:
res = TCL_ERROR;
done:
if (pctx != NULL) {
|
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
|
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
|
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
|
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL);
if (pctx == NULL) {
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
goto error;
}
if (EVP_PKEY_derive_init(pctx) < 1) {
Tcl_AppendResult(interp, "Initialize failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Initialize failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
/* Set config parameters */
if (EVP_PKEY_CTX_set1_pbe_pass(pctx, pass, (int) pass_len) < 1) {
Tcl_AppendResult(interp, "Set key failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set key failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, salt, (int) salt_len) < 1) {
Tcl_AppendResult(interp, "Set salt failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set salt failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
if (N != 0 && EVP_PKEY_CTX_set_scrypt_N(pctx, N) < 1) {
Tcl_AppendResult(interp, "Set cost parameter (N) failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set cost parameter (N) failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
if (r != 0 && EVP_PKEY_CTX_set_scrypt_r(pctx, r) < 1) {
Tcl_AppendResult(interp, "Set lock size parameter (r) failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set lock size parameter (r) failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
if (p != 0 && EVP_PKEY_CTX_set_scrypt_p(pctx, p) < 1) {
Tcl_AppendResult(interp, "Set Parallelization parameter (p) failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set Parallelization parameter (p) failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
if (maxmem != 0 && EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, maxmem) < 1) {
Tcl_AppendResult(interp, "Set max memory failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Set max memory failed: ", GET_ERR_REASON(), (char *) NULL);
goto error;
}
/* Get buffer */
resultObj = Tcl_NewObj();
if ((out = Tcl_SetByteArrayLength(resultObj, (Tcl_Size) dk_len)) == NULL) {
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
goto error;
}
out_len = (size_t) dk_len;
/* Derive key */
if (EVP_PKEY_derive(pctx, out, &out_len) > 0) {
/* Shrink buffer to actual size */
Tcl_SetByteArrayLength(resultObj, (Tcl_Size) out_len);
Tcl_SetObjResult(interp, resultObj);
goto done;
} else {
Tcl_AppendResult(interp, "Key derivation failed: ", REASON(), (char *) NULL);
Tcl_AppendResult(interp, "Key derivation failed: ", GET_ERR_REASON(), (char *) NULL);
Tcl_DecrRefCount(resultObj);
}
error:
res = TCL_ERROR;
done:
|