cryptohome/scrypt_password_verifier.cc - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2021 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include <cryptohome/scrypt_password_verifier.h>

 #include <brillo/secure_blob.h>

 #include "cryptohome/cryptolib.h"

 namespace cryptohome {

 namespace {

 constexpr int kScryptNFactor = 1 << 12;  // 2^12
 constexpr int kScryptRFactor = 8;
 constexpr int kScryptPFactor = 1;
 constexpr int kScryptSaltSize = 256 / CHAR_BIT;
 constexpr int kScryptOutputSize = 256 / CHAR_BIT;

 }  // namespace

 bool ScryptPasswordVerifier::Set(const brillo::SecureBlob& secret) {
   verifier_.clear();
   verifier_.resize(kScryptOutputSize, 0);
   scrypt_salt_ = CryptoLib::CreateSecureRandomBlob(kScryptSaltSize);

   return CryptoLib::Scrypt(secret, scrypt_salt_, kScryptNFactor, kScryptRFactor,
                            kScryptPFactor, &verifier_);
 }

 bool ScryptPasswordVerifier::Verify(const brillo::SecureBlob& secret) {
   brillo::SecureBlob hashed_secret(kScryptOutputSize, 0);
   if (!CryptoLib::Scrypt(secret, scrypt_salt_, kScryptNFactor, kScryptRFactor,
                          kScryptPFactor, &hashed_secret)) {
     LOG(ERROR) << "Scrypt failed.";
     return false;
   }
   if (verifier_.size() != hashed_secret.size()) {
     return false;
   }
   return (brillo::SecureMemcmp(hashed_secret.data(), verifier_.data(),
                                verifier_.size()) == 0);
 }

 }  // namespace cryptohome
	// Copyright 2021 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include <cryptohome/scrypt_password_verifier.h>

	#include <brillo/secure_blob.h>

	#include "cryptohome/cryptolib.h"

	namespace cryptohome {

	namespace {

	constexpr int kScryptNFactor = 1 << 12; // 2^12
	constexpr int kScryptRFactor = 8;
	constexpr int kScryptPFactor = 1;
	constexpr int kScryptSaltSize = 256 / CHAR_BIT;
	constexpr int kScryptOutputSize = 256 / CHAR_BIT;

	} // namespace

	bool ScryptPasswordVerifier::Set(const brillo::SecureBlob& secret) {
	verifier_.clear();
	verifier_.resize(kScryptOutputSize, 0);
	scrypt_salt_ = CryptoLib::CreateSecureRandomBlob(kScryptSaltSize);

	return CryptoLib::Scrypt(secret, scrypt_salt_, kScryptNFactor, kScryptRFactor,
	kScryptPFactor, &verifier_);
	}

	bool ScryptPasswordVerifier::Verify(const brillo::SecureBlob& secret) {
	brillo::SecureBlob hashed_secret(kScryptOutputSize, 0);
	if (!CryptoLib::Scrypt(secret, scrypt_salt_, kScryptNFactor, kScryptRFactor,
	kScryptPFactor, &hashed_secret)) {
	LOG(ERROR) << "Scrypt failed.";
	return false;
	}
	if (verifier_.size() != hashed_secret.size()) {
	return false;
	}
	return (brillo::SecureMemcmp(hashed_secret.data(), verifier_.data(),
	verifier_.size()) == 0);
	}

	} // namespace cryptohome