mirrors/minisign
1
0
Fork 0
mirror of https://github.com/jedisct1/minisign.git synced 2025-04-04 19:37:48 +03:00
Code Issues Projects Releases Packages Wiki Activity

Progressively reduce the parameters on low memory

Browse source
This commit is contained in:
Frank Denis 2019-08-28 14:17:41 +02:00
parent ddc54a9248
commit 5cff07069b
1 changed files with 26 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

54
src/minisign.c
View file

@ -18,6 +18,11 @@
#include "helpers.h" #include "helpers.h"
#include "minisign.h" #include "minisign.h"
#ifndef crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN
# define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN 32768U
# define crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN 16777216U
#endif
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
static const char *getopt_options = "GSVRHhc:fm:oP:p:qQs:t:vx:"; static const char *getopt_options = "GSVRHhc:fm:oP:p:qQs:t:vx:";
#else #else
@ -368,8 +373,7 @@ seckey_load(const char *sk_file)
seckey_struct->kdf_salt, seckey_struct->kdf_salt,
le64_load(seckey_struct->kdf_opslimit_le), le64_load(seckey_struct->kdf_opslimit_le),
le64_load(seckey_struct->kdf_memlimit_le)) != 0) { le64_load(seckey_struct->kdf_memlimit_le)) != 0) {
puts("failed"); exit_err("Unable to complete key derivation - This probably means out of memory");
exit_err("Unable to complete key derivation");
} }
sodium_free(pwd); sodium_free(pwd);
xor_buf((unsigned char *) (void *) &seckey_struct->keynum_sk, stream, xor_buf((unsigned char *) (void *) &seckey_struct->keynum_sk, stream,
@ -632,6 +636,8 @@ generate(const char *pk_file, const char *sk_file, const char *comment,
PubkeyStruct *pubkey_struct = xsodium_malloc(sizeof(PubkeyStruct)); PubkeyStruct *pubkey_struct = xsodium_malloc(sizeof(PubkeyStruct));
unsigned char *stream ; unsigned char *stream ;
FILE *fp; FILE *fp;
unsigned long kdf_memlimit;
unsigned long kdf_opslimit;
abort_on_existing_key_files(pk_file, sk_file, force); abort_on_existing_key_files(pk_file, sk_file, force);
randombytes_buf(seckey_struct->keynum_sk.keynum, randombytes_buf(seckey_struct->keynum_sk.keynum,
@ -641,12 +647,6 @@ generate(const char *pk_file, const char *sk_file, const char *comment,
memcpy(seckey_struct->sig_alg, SIGALG, sizeof seckey_struct->sig_alg); memcpy(seckey_struct->sig_alg, SIGALG, sizeof seckey_struct->sig_alg);
memcpy(seckey_struct->kdf_alg, KDFALG, sizeof seckey_struct->kdf_alg); memcpy(seckey_struct->kdf_alg, KDFALG, sizeof seckey_struct->kdf_alg);
memcpy(seckey_struct->chk_alg, CHKALG, sizeof seckey_struct->chk_alg); memcpy(seckey_struct->chk_alg, CHKALG, sizeof seckey_struct->chk_alg);
randombytes_buf(seckey_struct->kdf_salt, sizeof seckey_struct->kdf_salt);
le64_store(seckey_struct->kdf_opslimit_le,
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE);
le64_store(seckey_struct->kdf_memlimit_le,
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE);
seckey_chk(seckey_struct->keynum_sk.chk, seckey_struct);
memcpy(pubkey_struct->keynum_pk.keynum, seckey_struct->keynum_sk.keynum, memcpy(pubkey_struct->keynum_pk.keynum, seckey_struct->keynum_sk.keynum,
sizeof pubkey_struct->keynum_pk.keynum); sizeof pubkey_struct->keynum_pk.keynum);
memcpy(pubkey_struct->sig_alg, SIGALG, sizeof pubkey_struct->sig_alg); memcpy(pubkey_struct->sig_alg, SIGALG, sizeof pubkey_struct->sig_alg);
@ -662,35 +662,33 @@ generate(const char *pk_file, const char *sk_file, const char *comment,
printf("Deriving a key from the password in order to encrypt the secret key... "); printf("Deriving a key from the password in order to encrypt the secret key... ");
fflush(stdout); fflush(stdout);
stream = xsodium_malloc(sizeof seckey_struct->keynum_sk); stream = xsodium_malloc(sizeof seckey_struct->keynum_sk);
randombytes_buf(seckey_struct->kdf_salt, sizeof seckey_struct->kdf_salt);
kdf_opslimit = crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE;
kdf_memlimit = crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE;
if (crypto_pwhash_scryptsalsa208sha256 while (crypto_pwhash_scryptsalsa208sha256
(stream, sizeof seckey_struct->keynum_sk, pwd, strlen(pwd), (stream, sizeof seckey_struct->keynum_sk, pwd, strlen(pwd),
seckey_struct->kdf_salt, seckey_struct->kdf_salt, kdf_opslimit, kdf_memlimit) != 0) {
le64_load(seckey_struct->kdf_opslimit_le), kdf_opslimit /= 2;
le64_load(seckey_struct->kdf_memlimit_le)) != 0) { kdf_memlimit /= 2;
if (kdf_opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN ||
le64_store(seckey_struct->kdf_memlimit_le, kdf_memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN) {
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE); exit_err("Unable to complete key derivation - More memory would be needed");
if (crypto_pwhash_scryptsalsa208sha256
(stream, sizeof seckey_struct->keynum_sk, pwd, strlen(pwd),
seckey_struct->kdf_salt,
le64_load(seckey_struct->kdf_opslimit_le),
le64_load(seckey_struct->kdf_memlimit_le)) != 0) {
puts("failed");
exit_err("Unable to complete key derivation");
} }
} }
sodium_free(pwd); sodium_free(pwd);
sodium_free(pwd2); sodium_free(pwd2);
if (kdf_memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE) {
fprintf(stderr, "Warning: due to limited memory the KDF used less "
"memory than the default\n");
}
le64_store(seckey_struct->kdf_opslimit_le, kdf_opslimit);
le64_store(seckey_struct->kdf_memlimit_le, kdf_memlimit);
seckey_chk(seckey_struct->keynum_sk.chk, seckey_struct);
xor_buf((unsigned char *) (void *) &seckey_struct->keynum_sk, stream, xor_buf((unsigned char *) (void *) &seckey_struct->keynum_sk, stream,
sizeof seckey_struct->keynum_sk); sizeof seckey_struct->keynum_sk);
sodium_free(stream); sodium_free(stream);
puts("done\n"); puts("done\n");
if (le64_load(seckey_struct->kdf_memlimit_le) == crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
fprintf(stderr, "Warning: due to insufficient memory the KDF used less memory than the default\n");
}
abort_on_existing_key_files(pk_file, sk_file, force); abort_on_existing_key_files(pk_file, sk_file, force);
if (basedir_create_useronly(sk_file) != 0) { if (basedir_create_useronly(sk_file) != 0) {