use crate::{Error, Result, SYNC_POINTS};
use base64ct::{Base64Unpadded as B64, Encoding};
use core::str::FromStr;
#[cfg(feature = "password-hash")]
use password_hash::{ParamsString, PasswordHash};
#[derive(Clone, Debug, Eq, PartialEq)]
pub struct Params {
m_cost: u32,
t_cost: u32,
p_cost: u32,
keyid: KeyId,
data: AssociatedData,
output_len: Option<usize>,
}
impl Params {
pub const DEFAULT_M_COST: u32 = 4096;
pub const MIN_M_COST: u32 = 2 * SYNC_POINTS;
pub const MAX_M_COST: u32 = 0x0FFFFFFF;
pub const DEFAULT_T_COST: u32 = 3;
pub const MIN_T_COST: u32 = 1;
pub const MAX_T_COST: u32 = u32::MAX;
pub const DEFAULT_P_COST: u32 = 1;
pub const MIN_P_COST: u32 = 1;
pub const MAX_P_COST: u32 = 0xFFFFFF;
pub const MAX_KEYID_LEN: usize = 8;
pub const MAX_DATA_LEN: usize = 32;
pub const DEFAULT_OUTPUT_LEN: usize = 32;
pub const MIN_OUTPUT_LEN: usize = 4;
pub const MAX_OUTPUT_LEN: usize = 0xFFFFFFFF;
pub fn new(m_cost: u32, t_cost: u32, p_cost: u32, output_len: Option<usize>) -> Result<Self> {
let mut builder = ParamsBuilder::new();
builder.m_cost(m_cost)?;
builder.t_cost(t_cost)?;
builder.p_cost(p_cost)?;
if let Some(len) = output_len {
builder.output_len(len)?;
}
builder.params()
}
pub fn m_cost(&self) -> u32 {
self.m_cost
}
pub fn t_cost(&self) -> u32 {
self.t_cost
}
pub fn p_cost(&self) -> u32 {
self.p_cost
}
pub fn keyid(&self) -> &[u8] {
self.keyid.as_bytes()
}
pub fn data(&self) -> &[u8] {
self.data.as_bytes()
}
pub fn output_len(&self) -> Option<usize> {
self.output_len
}
pub(crate) fn lanes(&self) -> u32 {
self.p_cost
}
pub(crate) fn segment_length(&self) -> u32 {
let memory_blocks = if self.m_cost < 2 * SYNC_POINTS * self.lanes() {
2 * SYNC_POINTS * self.lanes()
} else {
self.m_cost
};
memory_blocks / (self.lanes() * SYNC_POINTS)
}
pub fn block_count(&self) -> usize {
(self.segment_length() * self.p_cost * SYNC_POINTS) as usize
}
}
impl Default for Params {
fn default() -> Params {
Params {
m_cost: Self::DEFAULT_M_COST,
t_cost: Self::DEFAULT_T_COST,
p_cost: Self::DEFAULT_P_COST,
keyid: KeyId::default(),
data: AssociatedData::default(),
output_len: None,
}
}
}
macro_rules! param_buf {
($ty:ident, $name:expr, $max_len:expr, $error:expr, $doc:expr) => {
#[doc = $doc]
#[derive(Copy, Clone, Debug, Default, Eq, Hash, PartialEq, PartialOrd, Ord)]
pub struct $ty {
/// Byte array
bytes: [u8; Self::MAX_LEN],
len: usize,
}
impl $ty {
pub const MAX_LEN: usize = $max_len;
#[doc = "Create a new"]
#[doc = $name]
#[doc = "from a slice."]
pub fn new(slice: &[u8]) -> Result<Self> {
let mut bytes = [0u8; Self::MAX_LEN];
let len = slice.len();
bytes.get_mut(..len).ok_or($error)?.copy_from_slice(slice);
Ok(Self { bytes, len })
}
#[doc = "Decode"]
#[doc = $name]
#[doc = " from a B64 string"]
pub fn from_b64(s: &str) -> Result<Self> {
let mut bytes = [0u8; Self::MAX_LEN];
Self::new(B64::decode(s, &mut bytes)?)
}
pub fn as_bytes(&self) -> &[u8] {
&self.bytes[..self.len]
}
#[allow(dead_code)]
pub fn len(&self) -> usize {
self.len
}
#[allow(dead_code)]
pub fn is_empty(&self) -> bool {
self.len() == 0
}
}
impl AsRef<[u8]> for $ty {
fn as_ref(&self) -> &[u8] {
self.as_bytes()
}
}
impl FromStr for $ty {
type Err = Error;
fn from_str(s: &str) -> Result<Self> {
Self::from_b64(s)
}
}
impl TryFrom<&[u8]> for $ty {
type Error = Error;
fn try_from(bytes: &[u8]) -> Result<Self> {
Self::new(bytes)
}
}
};
}
param_buf!(
KeyId,
"KeyId",
Params::MAX_KEYID_LEN,
Error::KeyIdTooLong,
"Key identifier"
);
param_buf!(
AssociatedData,
"AssociatedData",
Params::MAX_DATA_LEN,
Error::AdTooLong,
"Associated data"
);
#[cfg(feature = "password-hash")]
#[cfg_attr(docsrs, doc(cfg(feature = "password-hash")))]
impl<'a> TryFrom<&'a PasswordHash<'a>> for Params {
type Error = password_hash::Error;
fn try_from(hash: &'a PasswordHash<'a>) -> password_hash::Result<Self> {
let mut builder = ParamsBuilder::new();
for (ident, value) in hash.params.iter() {
match ident.as_str() {
"m" => {
builder.m_cost(value.decimal()?)?;
}
"t" => {
builder.t_cost(value.decimal()?)?;
}
"p" => {
builder.p_cost(value.decimal()?)?;
}
"keyid" => {
builder.params.keyid = value.as_str().parse()?;
}
"data" => {
builder.params.data = value.as_str().parse()?;
}
_ => return Err(password_hash::Error::ParamNameInvalid),
}
}
if let Some(output) = &hash.hash {
builder.output_len(output.len())?;
}
Ok(builder.try_into()?)
}
}
#[cfg(feature = "password-hash")]
#[cfg_attr(docsrs, doc(cfg(feature = "password-hash")))]
impl<'a> TryFrom<Params> for ParamsString {
type Error = password_hash::Error;
fn try_from(params: Params) -> password_hash::Result<ParamsString> {
ParamsString::try_from(¶ms)
}
}
#[cfg(feature = "password-hash")]
#[cfg_attr(docsrs, doc(cfg(feature = "password-hash")))]
impl<'a> TryFrom<&Params> for ParamsString {
type Error = password_hash::Error;
fn try_from(params: &Params) -> password_hash::Result<ParamsString> {
let mut output = ParamsString::new();
output.add_decimal("m", params.m_cost)?;
output.add_decimal("t", params.t_cost)?;
output.add_decimal("p", params.p_cost)?;
if !params.keyid.is_empty() {
output.add_b64_bytes("keyid", params.keyid.as_bytes())?;
}
if !params.data.is_empty() {
output.add_b64_bytes("data", params.data.as_bytes())?;
}
Ok(output)
}
}
#[derive(Clone, Debug, Default, Eq, PartialEq)]
pub struct ParamsBuilder {
params: Params,
}
impl ParamsBuilder {
pub fn new() -> Self {
Self {
params: Params::default(),
}
}
pub fn m_cost(&mut self, m_cost: u32) -> Result<&mut Self> {
if m_cost < Params::MIN_M_COST {
return Err(Error::MemoryTooLittle);
}
if m_cost > Params::MAX_M_COST {
return Err(Error::MemoryTooMuch);
}
self.params.m_cost = m_cost;
Ok(self)
}
pub fn t_cost(&mut self, t_cost: u32) -> Result<&mut Self> {
if t_cost < Params::MIN_T_COST {
return Err(Error::TimeTooSmall);
}
self.params.t_cost = t_cost;
Ok(self)
}
pub fn p_cost(&mut self, p_cost: u32) -> Result<&mut Self> {
if p_cost < Params::MIN_P_COST {
return Err(Error::ThreadsTooFew);
}
if p_cost > Params::MAX_P_COST {
return Err(Error::ThreadsTooMany);
}
self.params.p_cost = p_cost;
Ok(self)
}
pub fn keyid(&mut self, keyid: &[u8]) -> Result<&mut Self> {
self.params.keyid = KeyId::new(keyid)?;
Ok(self)
}
pub fn data(&mut self, bytes: &[u8]) -> Result<&mut Self> {
self.params.data = AssociatedData::new(bytes)?;
Ok(self)
}
pub fn output_len(&mut self, len: usize) -> Result<&mut Self> {
if len < Params::MIN_OUTPUT_LEN {
return Err(Error::OutputTooShort);
}
if len > Params::MAX_OUTPUT_LEN {
return Err(Error::OutputTooLong);
}
self.params.output_len = Some(len);
Ok(self)
}
pub fn params(self) -> Result<Params> {
if self.params.m_cost < self.params.p_cost * 8 {
return Err(Error::MemoryTooLittle);
}
Ok(self.params)
}
}
impl TryFrom<ParamsBuilder> for Params {
type Error = Error;
fn try_from(builder: ParamsBuilder) -> Result<Params> {
builder.params()
}
}
#[cfg(all(test, feature = "alloc", feature = "password-hash"))]
mod tests {
use super::*;
#[test]
fn params_builder_bad_values() {
let mut builder = ParamsBuilder::new();
assert_eq!(
builder.m_cost(Params::MIN_M_COST - 1),
Err(Error::MemoryTooLittle)
);
assert_eq!(
builder.m_cost(Params::MAX_M_COST + 1),
Err(Error::MemoryTooMuch)
);
assert_eq!(
builder.t_cost(Params::MIN_T_COST - 1),
Err(Error::TimeTooSmall)
);
assert_eq!(
builder.p_cost(Params::MIN_P_COST - 1),
Err(Error::ThreadsTooFew)
);
assert_eq!(
builder.p_cost(Params::MAX_P_COST + 1),
Err(Error::ThreadsTooMany)
);
}
#[test]
fn params_builder_data_too_long() {
let mut builder = ParamsBuilder::new();
let ret = builder.data(&[0u8; Params::MAX_DATA_LEN + 1]);
assert_eq!(ret, Err(Error::AdTooLong));
}
#[test]
fn params_builder_keyid_too_long() {
let mut builder = ParamsBuilder::new();
let ret = builder.keyid(&[0u8; Params::MAX_KEYID_LEN + 1]);
assert_eq!(ret, Err(Error::KeyIdTooLong));
}
}