1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117
//! Rust implementation of OpenSSL [EVP_bytesToKey] function. //! //! `evpkdf` derives key from the given password and salt. //! //! Notice that this approach is **too weak** for modern standard //! now. Newer applications should choice a more modern algorithm //! like [bcrypt], [pbkdf2] or [scrypt]. //! //! [EVP_bytesToKey]: https://www.openssl.org/docs/man1.0.2/man3/EVP_BytesToKey.html //! [bcrypt]: https://crates.io/crates/bcrypt //! [pbkdf2]: https://crates.io/crates/pbkdf2 //! [scrypt]: https://crates.io/crates/scrypt //! //! # Basic Usage //! //! ```rust //! use evpkdf::evpkdf; //! use hex_literal::hex; //! use md5::Md5; // from md-5 crate //! use sha1::Sha1; // from sha-1 crate //! //! let mut output = []; //! //! evpkdf::<Md5>(b"password", b"saltsalt", 1000, &mut output); //! //! assert_eq!(output, []); //! //! let mut output = [0; 128 / 8]; //! //! evpkdf::<Md5>(b"password", b"saltsalt", 1000, &mut output); //! //! assert_eq!(output, hex!("8006de5d2a5d15f9bbdb8f40196d5af1")); //! //! let mut output = [0; 128 / 8]; //! //! evpkdf::<Sha1>(b"password", b"saltsalt", 1000, &mut output); //! //! assert_eq!(output, hex!("f8833429b112582447bc66f433497f75")); //! ``` //! //! # Compatible with crypto-js //! //! Below sinppet generates the same result as //! `CryptoJS.kdf.OpenSSL.execute('password', 256 / 32, 128 / 32, 'saltsalt')`. //! //! ```rust //! use evpkdf::evpkdf; //! use hex_literal::hex; //! use md5::Md5; // from md-5 crate //! //! const KEY_SIZE: usize = 256; //! const IV_SIZE: usize = 128; //! //! let mut output = [0; (KEY_SIZE + IV_SIZE) / 8]; //! //! evpkdf::<Md5>(b"password", b"saltsalt", 1, &mut output); //! //! let (key, iv) = output.split_at(KEY_SIZE / 8); //! //! assert_eq!( //! key, //! hex!("fdbdf3419fff98bdb0241390f62a9db35f4aba29d77566377997314ebfc709f2") //! ); //! //! assert_eq!( //! iv, //! hex!("0b5ca7b1081f94b1ac12e3c8ba87d05a") //! ); //! ``` //! //! # License //! //! MIT use digest::Digest; /// Derives key from the given arguments. /// /// ```rust /// use evpkdf::evpkdf; /// use hex_literal::hex; /// use md5::Md5; // from md-5 crate /// /// let mut output = [0; 128 / 8]; // key size, 128 bits /// /// evpkdf::<Md5>( /// b"password", // password /// b"saltsalt", // salt /// 1000, // iteration count /// &mut output /// ); /// ``` pub fn evpkdf<D: Digest>(pass: &[u8], salt: &[u8], count: usize, output: &mut [u8]) { let mut hasher = D::new(); let mut derived_key = Vec::with_capacity(output.len()); let mut block = Vec::new(); while derived_key.len() < output.len() { if !block.is_empty() { hasher.input(block); } hasher.input(pass); hasher.input(salt.as_ref()); block = hasher.result_reset().to_vec(); // avoid subtract with overflow if count > 1 { for _ in 0..(count - 1) { hasher.input(block); block = hasher.result_reset().to_vec(); } } derived_key.extend_from_slice(&block); } output.copy_from_slice(&derived_key[0..output.len()]); }