File Coverage

inc/CryptX_KeyDerivation.xs.inc

Criterion	Covered	Total	%
statement	163	189	86.2
branch	127	282	45.0
condition			n/a
subroutine			n/a
pod			n/a
total	290	471	61.5

line	stmt	bran	code
1			MODULE = CryptX PACKAGE = Crypt::KeyDerivation
2
3			PROTOTYPES: DISABLE
4
5			SV *
6			pbkdf1(SV * password, SV * salt, int iteration_count = 5000, const char * hash_name = "SHA256", unsigned long output_len = 32)
7			CODE:
8			{
9			int rv, id;
10			unsigned long derived_len;
11			unsigned char *output;
12	8		unsigned char *password_ptr=NULL;
13	8		STRLEN password_len=0;
14	8		unsigned char *salt_ptr=NULL;
15	8		STRLEN salt_len=0;
16
17	8		id = cryptx_internal_find_hash(hash_name);
18	8	50	if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
19	8		derived_len = hash_descriptor[id].hashsize;
20	8	100	if (output_len > derived_len) {
21	1		croak("FATAL: pbkdf1 output_len cannot exceed hash size (%lu)", derived_len);
22			}
23	7	100	if (!SvPOK_spec(password) \|\| !SvPOK_spec(salt)) XSRETURN_UNDEF;
		50
		0
		0
		0
		100
		50
		0
		0
		0
24
25	4		password_ptr = (unsigned char *)SvPVbyte(password, password_len);
26	4		salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len);
27	4	50	if (salt_len < 8) croak("FATAL: salt_len has to be 8");
28
29	4	50	if (output_len == 0) {
30	0		RETVAL = newSVpvn("", 0);
31			}
32			else {
33	4		RETVAL = NEWSV(0, derived_len); /* avoid zero! */
34	4		SvPOK_only(RETVAL);
35	4		SvCUR_set(RETVAL, derived_len);
36	4		output = (unsigned char *)SvPVX(RETVAL);
37
38	4		rv = pkcs_5_alg1(password_ptr, (unsigned long)password_len, salt_ptr, iteration_count, id, output, &derived_len);
39	4	50	if (rv != CRYPT_OK) {
40	0		SvREFCNT_dec(RETVAL);
41	0		croak("FATAL: pkcs_5_alg1 process failed: %s", error_to_string(rv));
42			}
43	4		SvCUR_set(RETVAL, output_len);
44			}
45			}
46			OUTPUT:
47			RETVAL
48
49			SV *
50			pbkdf1_openssl(SV * password, SV * salt, int iteration_count = 5000, const char * hash_name = "SHA256", unsigned long output_len = 32)
51			CODE:
52			{
53			int rv, id;
54			unsigned char *output;
55	6		unsigned char *password_ptr=NULL;
56	6		STRLEN password_len=0;
57	6		unsigned char *salt_ptr=NULL;
58	6		STRLEN salt_len=0;
59
60	6		id = cryptx_internal_find_hash(hash_name);
61	6	50	if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
62	6	100	if (!SvPOK_spec(password) \|\| !SvPOK_spec(salt)) XSRETURN_UNDEF;
		50
		0
		0
		0
		100
		50
		0
		0
		0
63
64	3		password_ptr = (unsigned char *)SvPVbyte(password, password_len);
65	3		salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len);
66	3	50	if (salt_len < 8) croak("FATAL: salt_len has to be 8");
67
68	3	50	if (output_len == 0) {
69	0		RETVAL = newSVpvn("", 0);
70			}
71			else {
72	3		RETVAL = NEWSV(0, output_len); /* avoid zero! */
73	3		SvPOK_only(RETVAL);
74	3		SvCUR_set(RETVAL, output_len);
75	3		output = (unsigned char *)SvPVX(RETVAL);
76
77	3		rv = pkcs_5_alg1_openssl(password_ptr, (unsigned long)password_len, salt_ptr, iteration_count, id, output, &output_len);
78	3	50	if (rv != CRYPT_OK) {
79	0		SvREFCNT_dec(RETVAL);
80	0		croak("FATAL: pkcs_5_alg1_openssl process failed: %s", error_to_string(rv));
81			}
82	3		SvCUR_set(RETVAL, output_len);
83			}
84			}
85			OUTPUT:
86			RETVAL
87
88			SV *
89			pbkdf2(SV * password, SV * salt, int iteration_count = 5000, const char * hash_name = "SHA256", unsigned long output_len = 32)
90			CODE:
91			{
92			int rv, id;
93			unsigned char *output;
94	10		unsigned char *password_ptr=NULL;
95	10		STRLEN password_len=0;
96	10		unsigned char *salt_ptr=NULL;
97	10		STRLEN salt_len=0;
98
99	10		id = cryptx_internal_find_hash(hash_name);
100	10	100	if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
101	9	100	if (!SvPOK_spec(password) \|\| !SvPOK_spec(salt)) XSRETURN_UNDEF;
		50
		0
		0
		0
		100
		50
		0
		0
		0
102
103	6		password_ptr = (unsigned char *)SvPVbyte(password, password_len);
104	6		salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len);
105
106	6	50	if (output_len == 0) {
107	0		RETVAL = newSVpvn("", 0);
108			}
109			else {
110	6		RETVAL = NEWSV(0, output_len); /* avoid zero! */
111	6		SvPOK_only(RETVAL);
112	6		SvCUR_set(RETVAL, output_len);
113	6		output = (unsigned char *)SvPVX(RETVAL);
114
115	6		rv = pkcs_5_alg2(password_ptr, (unsigned long)password_len, salt_ptr, (unsigned long)salt_len, iteration_count, id, output, &output_len);
116	6	50	if (rv != CRYPT_OK) {
117	0		SvREFCNT_dec(RETVAL);
118	0		croak("FATAL: pkcs_5_alg2 process failed: %s", error_to_string(rv));
119			}
120	6		SvCUR_set(RETVAL, output_len);
121			}
122			}
123			OUTPUT:
124			RETVAL
125
126			SV *
127			hkdf_extract(SV * in, SV * salt = &PL_sv_undef, const char * hash_name = "SHA256")
128			CODE:
129			{
130			int rv, id;
131			unsigned long output_len;
132			unsigned char *output;
133	12		unsigned char in_ptr = NULL, salt_ptr = NULL;
134	12		STRLEN in_len = 0, salt_len = 0;
135
136	12		id = cryptx_internal_find_hash(hash_name);
137	12	50	if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
138
139	12	100	if (!SvPOK_spec(in)) XSRETURN_UNDEF;
		100
		50
		100
		50
140	10		in_ptr = (unsigned char *)SvPVbyte(in, in_len);
141	10	100	if (SvOK(salt)) {
142	9	50	if (!SvPOK_spec(salt)) XSRETURN_UNDEF;
		50
		0
		0
		0
143	9		salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len);
144			}
145
146	10		output_len = hash_descriptor[id].hashsize;
147	10		RETVAL = NEWSV(0, output_len); /* avoid zero! */
148	10		SvPOK_only(RETVAL);
149	10		SvCUR_set(RETVAL, output_len);
150	10		output = (unsigned char *)SvPVX(RETVAL);
151
152	10		rv = hkdf_extract(id, salt_ptr, (unsigned long)salt_len, in_ptr, (unsigned long)in_len, output, &output_len);
153	10	50	if (rv != CRYPT_OK) {
154	0		SvREFCNT_dec(RETVAL);
155	0		croak("FATAL: hkdf_extract process failed: %s", error_to_string(rv));
156			}
157	10		SvCUR_set(RETVAL, output_len);
158			}
159			OUTPUT:
160			RETVAL
161
162			SV *
163			hkdf_expand(SV * in, const char * hash_name = "SHA256", unsigned long output_len = 32, SV * info = &PL_sv_undef)
164			CODE:
165			{
166			int rv, id;
167			unsigned char *output;
168	13		unsigned char in_ptr = NULL, info_ptr = NULL;
169	13		STRLEN in_len = 0, info_len = 0;
170
171	13		id = cryptx_internal_find_hash(hash_name);
172	13	50	if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
173
174	13	100	if (!SvPOK_spec(in)) XSRETURN_UNDEF;
		100
		50
		100
		50
175	10		in_ptr = (unsigned char *)SvPVbyte(in, in_len);
176	10	50	if (SvOK(info)) {
177	10	50	if (!SvPOK_spec(info)) XSRETURN_UNDEF;
		50
		0
		0
		0
178	10		info_ptr = (unsigned char *)SvPVbyte(info, info_len);
179			}
180
181	10	50	if (output_len == 0) {
182	0		RETVAL = newSVpvn("", 0);
183			}
184			else {
185	10		RETVAL = NEWSV(0, output_len); /* avoid zero! */
186	10		SvPOK_only(RETVAL);
187	10		SvCUR_set(RETVAL, output_len);
188	10		output = (unsigned char *)SvPVX(RETVAL);
189
190	10		rv = hkdf_expand(id, info_ptr, (unsigned long)info_len, in_ptr, (unsigned long)in_len, output, output_len);
191	10	50	if (rv != CRYPT_OK) {
192	0		SvREFCNT_dec(RETVAL);
193	0		croak("FATAL: hkdf_expand process failed: %s", error_to_string(rv));
194			}
195	10		SvCUR_set(RETVAL, output_len);
196			}
197			}
198			OUTPUT:
199			RETVAL
200
201			SV *
202			hkdf(SV * in, SV * salt, const char * hash_name = "SHA256", unsigned long output_len = 32, SV * info = &PL_sv_undef)
203			CODE:
204			{
205			int rv, id;
206			unsigned char *output;
207	13		unsigned char in_ptr = NULL, info_ptr = NULL, *salt_ptr = NULL;
208	13		STRLEN in_len = 0, info_len = 0, salt_len = 0;
209
210	13		id = cryptx_internal_find_hash(hash_name);
211	13	50	if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
212
213	13	100	if (!SvPOK_spec(in)) XSRETURN_UNDEF;
		100
		50
		100
		50
214	10		in_ptr = (unsigned char *)SvPVbyte(in, in_len);
215	10	50	if (SvOK(info)) {
216	10	50	if (!SvPOK_spec(info)) XSRETURN_UNDEF;
		50
		0
		0
		0
217	10		info_ptr = (unsigned char *)SvPVbyte(info, info_len);
218			}
219	10	100	if (SvOK(salt)) {
220	9	50	if (!SvPOK_spec(salt)) XSRETURN_UNDEF;
		50
		0
		0
		0
221	9		salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len);
222			}
223
224	10	50	if (output_len == 0) {
225	0		RETVAL = newSVpvn("", 0);
226			}
227			else {
228	10		RETVAL = NEWSV(0, output_len); /* avoid zero! */
229	10		SvPOK_only(RETVAL);
230	10		SvCUR_set(RETVAL, output_len);
231	10		output = (unsigned char *)SvPVX(RETVAL);
232
233	10		rv = hkdf(id, salt_ptr, (unsigned long)salt_len, info_ptr, (unsigned long)info_len, in_ptr, (unsigned long)in_len, output, output_len);
234	10	50	if (rv != CRYPT_OK) {
235	0		SvREFCNT_dec(RETVAL);
236	0		croak("FATAL: hkdf process failed: %s", error_to_string(rv));
237			}
238	10		SvCUR_set(RETVAL, output_len);
239			}
240			}
241			OUTPUT:
242			RETVAL
243
244			SV *
245			bcrypt_pbkdf(SV * password, SV * salt, unsigned int rounds = 16, const char * hash_name = "SHA512", unsigned long output_len = 32)
246			CODE:
247			{
248			int rv, id;
249			unsigned char *output;
250	6		unsigned char *password_ptr=NULL;
251	6		STRLEN password_len=0;
252	6		unsigned char *salt_ptr=NULL;
253	6		STRLEN salt_len=0;
254
255	6		id = cryptx_internal_find_hash(hash_name);
256	6	50	if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
257	6	100	if (!SvPOK_spec(password) \|\| !SvPOK_spec(salt)) XSRETURN_UNDEF;
		50
		0
		0
		0
		100
		50
		0
		0
		0
258
259	3		password_ptr = (unsigned char *)SvPVbyte(password, password_len);
260	3		salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len);
261
262	3	50	if (output_len == 0) {
263	0		RETVAL = newSVpvn("", 0);
264			}
265			else {
266	3		RETVAL = NEWSV(0, output_len); /* avoid zero! */
267	3		SvPOK_only(RETVAL);
268	3		SvCUR_set(RETVAL, output_len);
269	3		output = (unsigned char *)SvPVX(RETVAL);
270
271	3		rv = bcrypt_pbkdf_openbsd(password_ptr, (unsigned long)password_len, salt_ptr, (unsigned long)salt_len, rounds, id, output, &output_len);
272	3	50	if (rv != CRYPT_OK) {
273	0		SvREFCNT_dec(RETVAL);
274	0		croak("FATAL: bcrypt_pbkdf process failed: %s", error_to_string(rv));
275			}
276	3		SvCUR_set(RETVAL, output_len);
277			}
278			}
279			OUTPUT:
280			RETVAL
281
282			SV *
283			scrypt_pbkdf(SV * password, SV * salt, unsigned long N = 1024, unsigned long r = 8, unsigned long p = 1, unsigned long output_len = 32)
284			CODE:
285			{
286			int rv;
287			unsigned char *output;
288	7		unsigned char *password_ptr=NULL;
289	7		STRLEN password_len=0;
290	7		unsigned char *salt_ptr=NULL;
291	7		STRLEN salt_len=0;
292
293	7	100	if (!SvPOK_spec(password) \|\| !SvPOK_spec(salt)) XSRETURN_UNDEF;
		50
		0
		0
		0
		100
		50
		0
		0
		0
294	4		password_ptr = (unsigned char *)SvPVbyte(password, password_len);
295	4		salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len);
296
297	4	50	if (output_len == 0) {
298	0		RETVAL = newSVpvn("", 0);
299			}
300			else {
301	4		RETVAL = NEWSV(0, output_len); /* avoid zero! */
302	4		SvPOK_only(RETVAL);
303	4		SvCUR_set(RETVAL, output_len);
304	4		output = (unsigned char *)SvPVX(RETVAL);
305
306	4		rv = scrypt_pbkdf(password_ptr, (unsigned long)password_len, salt_ptr, (unsigned long)salt_len, N, r, p, output, output_len);
307	4	50	if (rv != CRYPT_OK) {
308	0		SvREFCNT_dec(RETVAL);
309	0		croak("FATAL: scrypt_pbkdf process failed: %s", error_to_string(rv));
310			}
311			}
312			}
313			OUTPUT:
314			RETVAL
315
316			SV *
317			argon2_pbkdf(const char * type, SV * password, SV * salt, unsigned int t_cost = 3, unsigned int m_factor = 65536, unsigned int parallelism = 1, unsigned long output_len = 32, SV * secret = &PL_sv_undef, SV * ad = &PL_sv_undef)
318			CODE:
319			{
320			int rv;
321			argon2_type argon2_t;
322			unsigned char *output;
323	14		unsigned char password_ptr=NULL, salt_ptr=NULL, secret_ptr=NULL, ad_ptr=NULL;
324	14		STRLEN password_len=0, salt_len=0, secret_len=0, ad_len=0;
325
326	14	100	if (strcmp(type, "argon2d") == 0) argon2_t = ARGON2_D;
327	13	100	else if (strcmp(type, "argon2i") == 0) argon2_t = ARGON2_I;
328	12	100	else if (strcmp(type, "argon2id") == 0) argon2_t = ARGON2_ID;
329	1		else croak("FATAL: unknown argon2 type '%s'", type);
330	15	100	if (!SvPOK_spec(password) \|\| !SvPOK_spec(salt)) XSRETURN_UNDEF;
		50
		0
		0
		0
		100
		50
		0
		0
		0
331
332	10		password_ptr = (unsigned char *)SvPVbyte(password, password_len);
333	10		salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len);
334	10	100	if (SvOK(secret)) {
335	9	50	if (!SvPOK_spec(secret)) XSRETURN_UNDEF;
		100
		50
		100
		50
336	8		secret_ptr = (unsigned char *)SvPVbyte(secret, secret_len);
337			}
338	9	100	if (SvOK(ad)) {
339	8	50	if (!SvPOK_spec(ad)) XSRETURN_UNDEF;
		100
		50
		100
		50
340	7		ad_ptr = (unsigned char *)SvPVbyte(ad, ad_len);
341			}
342
343	8	50	if (output_len == 0) {
344	0		RETVAL = newSVpvn("", 0);
345			}
346			else {
347	8		RETVAL = NEWSV(0, output_len); /* avoid zero! */
348	8		SvPOK_only(RETVAL);
349	8		SvCUR_set(RETVAL, output_len);
350	8		output = (unsigned char *)SvPVX(RETVAL);
351
352	8		rv = argon2_hash(password_ptr, (unsigned long)password_len,
353			salt_ptr, (unsigned long)salt_len,
354			secret_ptr, (unsigned long)secret_len,
355			ad_ptr, (unsigned long)ad_len,
356			t_cost, m_factor, parallelism, argon2_t,
357			output, output_len);
358	8	50	if (rv != CRYPT_OK) {
359	0		SvREFCNT_dec(RETVAL);
360	0		croak("FATAL: argon2_pbkdf failed: %s", error_to_string(rv));
361			}
362			}
363			}
364			OUTPUT:
365			RETVAL