/
soldim
/
keepassxc
GigaCode
beta
ОбзорЦентр заботыВойти

keepassxc

Форк
0
Ветки: 13Коммиты: 4628Теги: 59
keepassxc
/src
/crypto
/kdf
/
Argon2Kdf.cpp 
214 строк · 5.9 Кб
1
/*
2
 *  Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
3
 *
4
 *  This program is free software: you can redistribute it and/or modify
5
 *  it under the terms of the GNU General Public License as published by
6
 *  the Free Software Foundation, either version 2 or (at your option)
7
 *  version 3 of the License.
8
 *
9
 *  This program is distributed in the hope that it will be useful,
10
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
11
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12
 *  GNU General Public License for more details.
13
 *
14
 *  You should have received a copy of the GNU General Public License
15
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
16
 */
17


18
#include "Argon2Kdf.h"
19


20
#include <QElapsedTimer>
21
#include <QThread>
22


23
#include <argon2.h>
24


25
#include "format/KeePass2.h"
26


27
/**
28
 * KeePass' Argon2 implementation supports all parameters that are defined in the official specification,
29
 * but only the number of iterations, the memory size and the degree of parallelism can be configured by
30
 * the user in the database settings dialog. For the other parameters, KeePass chooses reasonable defaults:
31
 * a 256-bit salt is generated each time the database is saved, the tag length is 256 bits, no secret key
32
 * or associated data. KeePass uses the latest version of Argon2, v1.3.
33
 */
34
Argon2Kdf::Argon2Kdf(Type type)
35
    : Kdf::Kdf(type == Type::Argon2d ? KeePass2::KDF_ARGON2D : KeePass2::KDF_ARGON2ID)
36
    , m_version(0x13)
37
    , m_memory(1 << 16)
38
    , m_parallelism(static_cast<quint32>(QThread::idealThreadCount()))
39
{
40
    m_rounds = 10;
41
}
42


43
quint32 Argon2Kdf::version() const
44
{
45
    return m_version;
46
}
47


48
bool Argon2Kdf::setVersion(quint32 version)
49
{
50
    // MIN=0x10; MAX=0x13)
51
    if (version >= 0x10 && version <= 0x13) {
52
        m_version = version;
53
        return true;
54
    }
55
    m_version = 0x13;
56
    return false;
57
}
58


59
Argon2Kdf::Type Argon2Kdf::type() const
60
{
61
    return uuid() == KeePass2::KDF_ARGON2D ? Type::Argon2d : Type::Argon2id;
62
}
63


64
quint64 Argon2Kdf::memory() const
65
{
66
    return m_memory;
67
}
68


69
bool Argon2Kdf::setMemory(quint64 kibibytes)
70
{
71
    // MIN=8KB; MAX=2,147,483,648KB
72
    if (kibibytes >= 8 && kibibytes < (1ULL << 32)) {
73
        m_memory = kibibytes;
74
        return true;
75
    }
76
    m_memory = 16;
77
    return false;
78
}
79


80
quint32 Argon2Kdf::parallelism() const
81
{
82
    return m_parallelism;
83
}
84


85
bool Argon2Kdf::setParallelism(quint32 threads)
86
{
87
    // MIN=1; MAX=16,777,215
88
    if (threads >= 1 && threads < (1 << 24)) {
89
        m_parallelism = threads;
90
        return true;
91
    }
92
    m_parallelism = 1;
93
    return false;
94
}
95


96
bool Argon2Kdf::processParameters(const QVariantMap& p)
97
{
98
    QByteArray salt = p.value(KeePass2::KDFPARAM_ARGON2_SALT).toByteArray();
99
    if (!setSeed(salt)) {
100
        return false;
101
    }
102


103
    bool ok;
104
    quint32 version = p.value(KeePass2::KDFPARAM_ARGON2_VERSION).toUInt(&ok);
105
    if (!ok || !setVersion(version)) {
106
        return false;
107
    }
108


109
    quint32 lanes = p.value(KeePass2::KDFPARAM_ARGON2_PARALLELISM).toUInt(&ok);
110
    if (!ok || !setParallelism(lanes)) {
111
        return false;
112
    }
113


114
    quint64 memory = p.value(KeePass2::KDFPARAM_ARGON2_MEMORY).toULongLong(&ok) / 1024ULL;
115
    if (!ok || !setMemory(memory)) {
116
        return false;
117
    }
118


119
    quint64 iterations = p.value(KeePass2::KDFPARAM_ARGON2_ITERATIONS).toULongLong(&ok);
120
    if (!ok || !setRounds(iterations)) {
121
        return false;
122
    }
123


124
    /* KeePass2 does not currently implement these parameters
125
     *
126
    QByteArray secret = p.value(KeePass2::KDFPARAM_ARGON2_SECRET).toByteArray();
127
    if (!argon2Kdf->setSecret(secret)) {
128
        return nullptr;
129
    }
130


131
    QByteArray ad = p.value(KeePass2::KDFPARAM_ARGON2_ASSOCDATA).toByteArray();
132
    if (!argon2Kdf->setAssocData(ad)) {
133
        return nullptr;
134
    }
135
    */
136


137
    return true;
138
}
139


140
QVariantMap Argon2Kdf::writeParameters()
141
{
142
    QVariantMap p;
143
    p.insert(KeePass2::KDFPARAM_UUID, uuid().toRfc4122());
144
    p.insert(KeePass2::KDFPARAM_ARGON2_VERSION, version());
145
    p.insert(KeePass2::KDFPARAM_ARGON2_PARALLELISM, parallelism());
146
    p.insert(KeePass2::KDFPARAM_ARGON2_MEMORY, memory() * 1024);
147
    p.insert(KeePass2::KDFPARAM_ARGON2_ITERATIONS, static_cast<quint64>(rounds()));
148
    p.insert(KeePass2::KDFPARAM_ARGON2_SALT, seed());
149


150
    /* KeePass2 does not currently implement these
151
     *
152
    if (!assocData().isEmpty()) {
153
        p.insert(KeePass2::KDFPARAM_ARGON2_ASSOCDATA, argon2Kdf.assocData());
154
    }
155


156
    if (!secret().isEmpty()) {
157
        p.insert(KeePass2::KDFPARAM_ARGON2_SECRET, argon2Kdf.secret());
158
    }
159
    */
160


161
    return p;
162
}
163


164
bool Argon2Kdf::transform(const QByteArray& raw, QByteArray& result) const
165
{
166
    result.clear();
167
    result.resize(32);
168
    // Time Cost, Mem Cost, Threads/Lanes, Password, length, Salt, length, out, length
169


170
    int rc = argon2_hash(rounds(),
171
                         memory(),
172
                         parallelism(),
173
                         raw.data(),
174
                         raw.size(),
175
                         seed().data(),
176
                         seed().size(),
177
                         result.data(),
178
                         result.size(),
179
                         nullptr,
180
                         0,
181
                         type() == Type::Argon2d ? Argon2_d : Argon2_id,
182
                         version());
183
    if (rc != ARGON2_OK) {
184
        qWarning("Argon2 error: %s", argon2_error_message(rc));
185
        return false;
186
    }
187


188
    return true;
189
}
190


191
QSharedPointer<Kdf> Argon2Kdf::clone() const
192
{
193
    return QSharedPointer<Argon2Kdf>::create(*this);
194
}
195


196
int Argon2Kdf::benchmark(int msec) const
197
{
198
    QByteArray key = QByteArray(16, '\x7E');
199


200
    QElapsedTimer timer;
201
    timer.start();
202


203
    if (transform(key, key)) {
204
        return static_cast<int>(rounds() * (static_cast<float>(msec) / timer.elapsed()));
205
    }
206


207
    return 1;
208
}
209


210
QString Argon2Kdf::toString() const
211
{
212
    return QObject::tr("Argon2%1 (%2 rounds, %3 KB)")
213
        .arg(type() == Type::Argon2d ? "d" : "id", QString::number(rounds()), QString::number(memory()));
214
}
215

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.