[git commit] libbb/yescrypt: remove obviously unused, commented-out parts
Denys Vlasenko
vda.linux at googlemail.com
Sat Jul 5 22:55:08 UTC 2025
commit: https://git.busybox.net/busybox/commit/?id=444a91abc93fe1b3d98e9a18a63f0a2056290208
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master
No code changes
Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
libbb/yescrypt/alg-yescrypt-common.c | 364 -----------------------------------
libbb/yescrypt/alg-yescrypt.h | 81 --------
2 files changed, 445 deletions(-)
diff --git a/libbb/yescrypt/alg-yescrypt-common.c b/libbb/yescrypt/alg-yescrypt-common.c
index 75b59d1cf..7c519b01d 100644
--- a/libbb/yescrypt/alg-yescrypt-common.c
+++ b/libbb/yescrypt/alg-yescrypt-common.c
@@ -18,45 +18,6 @@
* SUCH DAMAGE.
*/
-#if 0 //UNUSED
-static uint8_t *encode64_uint32(uint8_t *dst, size_t dstlen,
- uint32_t src, uint32_t min)
-{
- uint32_t start = 0, end = 47, chars = 1, bits = 0;
-
- if (src < min)
- return NULL;
- src -= min;
-
- do {
- uint32_t count = (end + 1 - start) << bits;
- if (src < count)
- break;
- if (start >= 63)
- return NULL;
- start = end + 1;
- end = start + (62 - end) / 2;
- src -= count;
- chars++;
- bits += 6;
- } while (1);
-
- if (dstlen <= chars) /* require room for a NUL terminator */
- return NULL;
-
- *dst++ = itoa64[start + (src >> bits)];
-
- while (--chars) {
- bits -= 6;
- *dst++ = itoa64[(src >> bits) & 0x3f];
- }
-
- *dst = 0; /* NUL terminate just in case */
-
- return dst;
-}
-#endif //UNUSED
-
static inline uint32_t atoi64(uint8_t src)
{
static const uint8_t atoi64_partial[77] = {
@@ -223,81 +184,11 @@ fail:
return NULL;
}
-#if 0 //UNUSED //KEY:
-typedef enum { ENC = 1, DEC = -1 } encrypt_dir_t;
-
-static void memxor(unsigned char *dst, unsigned char *src, size_t size)
-{
- while (size--)
- *dst++ ^= *src++;
-}
-
-static void yescrypt_sha256_cipher(unsigned char *data, size_t datalen,
- const yescrypt_binary_t *key, encrypt_dir_t dir)
-{
- SHA256_CTX ctx;
- unsigned char f[32 + 4];
- size_t halflen, which;
- unsigned char mask, round, target;
-
- if (!datalen)
- return;
- if (datalen > 64)
- datalen = 64;
-
- halflen = datalen >> 1;
-
- which = 0; /* offset to half we are working on (0 or halflen) */
- mask = 0x0f; /* current half's extra nibble mask if datalen is odd */
-
- round = 0;
- target = 5; /* 6 rounds due to Jacques Patarin's CRYPTO 2004 paper */
-
- if (dir == DEC) {
- which = halflen; /* even round count, so swap the halves */
- mask ^= 0xff;
-
- round = target;
- target = 0;
- }
-
- f[32] = 0;
- f[33] = sizeof(*key);
- f[34] = datalen;
-
- do {
- SHA256_Init(&ctx);
- f[35] = round;
- SHA256_Update(&ctx, &f[32], 4);
- SHA256_Update(&ctx, key, sizeof(*key));
- SHA256_Update(&ctx, &data[which], halflen);
- if (datalen & 1) {
- f[0] = data[datalen - 1] & mask;
- SHA256_Update(&ctx, f, 1);
- }
- SHA256_Final(f, &ctx);
- which ^= halflen;
- memxor(&data[which], f, halflen);
- if (datalen & 1) {
- mask ^= 0xff;
- data[datalen - 1] ^= f[halflen] & mask;
- }
- if (round == target)
- break;
- round += dir;
- } while (1);
-
- /* ctx is presumably zeroized by SHA256_Final() */
- explicit_bzero(f, sizeof(f));
-}
-#endif //UNUSED //KEY:
-
uint8_t *yescrypt_r(
const yescrypt_shared_t *shared,
yescrypt_local_t *local,
const uint8_t *passwd, size_t passwdlen,
const uint8_t *setting,
- //KEY const yescrypt_binary_t *key,
uint8_t *buf, size_t buflen)
{
unsigned char saltbin[64], hashbin[32];
@@ -325,9 +216,6 @@ uint8_t *yescrypt_r(
src = decode64_uint32_fixed(¶ms.p, 30, src);
if (!src)
return NULL;
-
- //KEY:if (key)
- //KEY: return NULL;
} else {
uint32_t flavor, N_log2;
@@ -425,11 +313,6 @@ uint8_t *yescrypt_r(
¶ms, hashbin, sizeof(hashbin)))
goto fail;
- //KEY:if (key) {
- //KEY: explicit_bzero(saltbin, sizeof(saltbin));
- //KEY: yescrypt_sha256_cipher(hashbin, sizeof(hashbin), key, ENC);
- //KEY:}
-
dst = buf;
memcpy(dst, setting, prefixlen + saltstrlen);
dst += prefixlen + saltstrlen;
@@ -450,14 +333,6 @@ fail:
return NULL;
}
-
-
-
-
-
-
-
-
int yescrypt_free_shared(yescrypt_shared_t *shared)
{
return free_region(shared);
@@ -473,242 +348,3 @@ int yescrypt_free_local(yescrypt_local_t *local)
{
return free_region(local);
}
-
-#if 0 //UNUSED
-uint8_t *yescrypt(const uint8_t *passwd, const uint8_t *setting)
-{
- /* prefix, '$', hash, NUL */
- static uint8_t buf[PREFIX_LEN + 1 + HASH_LEN + 1];
- yescrypt_local_t local;
- uint8_t *retval;
-
- if (yescrypt_init_local(&local))
- return NULL;
- retval = yescrypt_r(
- /* const yescrypt_shared_t *shared */ NULL,
- &local,
- passwd, strlen((char *)passwd),
- setting,
- //KEY:/* const yescrypt_binary_t *key */ NULL,
- buf, sizeof(buf));
- if (yescrypt_free_local(&local))
- return NULL;
- return retval;
-}
-
-uint8_t *yescrypt_reencrypt(uint8_t *hash,
- const yescrypt_binary_t *from_key,
- const yescrypt_binary_t *to_key)
-{
- uint8_t *retval = NULL, *saltstart, *hashstart;
- const uint8_t *hashend;
- unsigned char saltbin[64], hashbin[32];
- size_t saltstrlen, saltlen = 0, hashlen;
-
- if (strncmp((char *)hash, "$y$", 3))
- return NULL;
-
- saltstart = NULL;
- hashstart = (uint8_t *)strrchr((char *)hash, '$');
- if (hashstart) {
- if (hashstart > (uint8_t *)hash) {
- saltstart = hashstart - 1;
- while (*saltstart != '$' && saltstart > hash)
- saltstart--;
- if (*saltstart == '$')
- saltstart++;
- }
- hashstart++;
- } else {
- hashstart = hash;
- }
- saltstrlen = saltstart ? (hashstart - 1 - saltstart) : 0;
- if (saltstrlen > BYTES2CHARS(64) ||
- strlen((char *)hashstart) != HASH_LEN)
- return NULL;
-
- if (saltstrlen) {
- const uint8_t *saltend;
- saltlen = sizeof(saltbin);
- saltend = decode64(saltbin, &saltlen, saltstart, saltstrlen);
- if (!saltend || *saltend != '$' || saltlen < 1 || saltlen > 64)
- goto out;
-
- if (from_key)
- yescrypt_sha256_cipher(saltbin, saltlen, from_key, ENC);
- if (to_key)
- yescrypt_sha256_cipher(saltbin, saltlen, to_key, DEC);
- }
-
- hashlen = sizeof(hashbin);
- hashend = decode64(hashbin, &hashlen, hashstart, HASH_LEN);
- if (!hashend || *hashend || hashlen != sizeof(hashbin))
- goto out;
-
- if (from_key)
- yescrypt_sha256_cipher(hashbin, hashlen, from_key, DEC);
- if (to_key)
- yescrypt_sha256_cipher(hashbin, hashlen, to_key, ENC);
-
- if (saltstrlen) {
- if (!encode64(saltstart, saltstrlen + 1, saltbin, saltlen))
- goto out; /* can't happen */
- *(saltstart + saltstrlen) = '$';
- }
-
- if (!encode64(hashstart, HASH_LEN + 1, hashbin, hashlen))
- goto out; /* can't happen */
-
- retval = hash;
-
-out:
- explicit_bzero(saltbin, sizeof(saltbin));
- explicit_bzero(hashbin, sizeof(hashbin));
-
- return retval;
-}
-
-static uint32_t N2log2(uint64_t N)
-{
- uint32_t N_log2;
-
- if (N < 2)
- return 0;
-
- N_log2 = 2;
- while (N >> N_log2 != 0)
- N_log2++;
- N_log2--;
-
- if (N >> N_log2 != 1)
- return 0;
-
- return N_log2;
-}
-
-uint8_t *yescrypt_encode_params_r(const yescrypt_params_t *params,
- const uint8_t *src, size_t srclen,
- uint8_t *buf, size_t buflen)
-{
- uint32_t flavor, N_log2, NROM_log2, have;
- uint8_t *dst;
-
- if (srclen > SIZE_MAX / 16)
- return NULL;
-
- if (params->flags < YESCRYPT_RW) {
- flavor = params->flags;
- } else if ((params->flags & YESCRYPT_MODE_MASK) == YESCRYPT_RW &&
- params->flags <= (YESCRYPT_RW | YESCRYPT_RW_FLAVOR_MASK)) {
- flavor = YESCRYPT_RW + (params->flags >> 2);
- } else {
- return NULL;
- }
-
- N_log2 = N2log2(params->N);
- if (!N_log2)
- return NULL;
-
- NROM_log2 = N2log2(params->NROM);
- if (params->NROM && !NROM_log2)
- return NULL;
-
- if ((uint64_t)params->r * (uint64_t)params->p >= (1U << 30))
- return NULL;
-
- dst = buf;
- *dst++ = '$';
- *dst++ = 'y';
- *dst++ = '$';
-
- dst = encode64_uint32(dst, buflen - (dst - buf), flavor, 0);
- if (!dst)
- return NULL;
-
- dst = encode64_uint32(dst, buflen - (dst - buf), N_log2, 1);
- if (!dst)
- return NULL;
-
- dst = encode64_uint32(dst, buflen - (dst - buf), params->r, 1);
- if (!dst)
- return NULL;
-
- have = 0;
- if (params->p != 1)
- have |= 1;
- if (params->t)
- have |= 2;
- if (params->g)
- have |= 4;
- if (NROM_log2)
- have |= 8;
-
- if (have) {
- dst = encode64_uint32(dst, buflen - (dst - buf), have, 1);
- if (!dst)
- return NULL;
- }
-
- if (params->p != 1) {
- dst = encode64_uint32(dst, buflen - (dst - buf), params->p, 2);
- if (!dst)
- return NULL;
- }
-
- if (params->t) {
- dst = encode64_uint32(dst, buflen - (dst - buf), params->t, 1);
- if (!dst)
- return NULL;
- }
-
- if (params->g) {
- dst = encode64_uint32(dst, buflen - (dst - buf), params->g, 1);
- if (!dst)
- return NULL;
- }
-
- if (NROM_log2) {
- dst = encode64_uint32(dst, buflen - (dst - buf), NROM_log2, 1);
- if (!dst)
- return NULL;
- }
-
- if (dst >= buf + buflen)
- return NULL;
-
- *dst++ = '$';
-
- dst = encode64(dst, buflen - (dst - buf), src, srclen);
- if (!dst || dst >= buf + buflen)
- return NULL;
-
- *dst = 0; /* NUL termination */
-
- return buf;
-}
-
-uint8_t *yescrypt_encode_params(const yescrypt_params_t *params,
- const uint8_t *src, size_t srclen)
-{
- /* prefix, NUL */
- static uint8_t buf[PREFIX_LEN + 1];
- return yescrypt_encode_params_r(params, src, srclen, buf, sizeof(buf));
-}
-
-int crypto_scrypt(const uint8_t *passwd, size_t passwdlen,
- const uint8_t *salt, size_t saltlen, uint64_t N, uint32_t r, uint32_t p,
- uint8_t *buf, size_t buflen)
-{
- yescrypt_local_t local;
- yescrypt_params_t params = { .flags = 0, .N = N, .r = r, .p = p };
- int retval;
-
- if (yescrypt_init_local(&local))
- return -1;
- retval = yescrypt_kdf(NULL, &local,
- passwd, passwdlen, salt, saltlen, ¶ms, buf, buflen);
- if (yescrypt_free_local(&local))
- return -1;
- return retval;
-}
-#endif //UNUSED
diff --git a/libbb/yescrypt/alg-yescrypt.h b/libbb/yescrypt/alg-yescrypt.h
index e3c7e6398..9755ac420 100644
--- a/libbb/yescrypt/alg-yescrypt.h
+++ b/libbb/yescrypt/alg-yescrypt.h
@@ -28,23 +28,6 @@
* online backup system.
*/
-#if 0 //UNUSED
-/**
- * crypto_scrypt(passwd, passwdlen, salt, saltlen, N, r, p, buf, buflen):
- * Compute scrypt(passwd[0 .. passwdlen - 1], salt[0 .. saltlen - 1], N, r,
- * p, buflen) and write the result into buf. The parameters r, p, and buflen
- * must satisfy r * p < 2^30 and buflen <= (2^32 - 1) * 32. The parameter N
- * must be a power of 2 greater than 1.
- *
- * Return 0 on success; or -1 on error.
- *
- * MT-safe as long as buf is local to the thread.
- */
-extern int crypto_scrypt(const uint8_t *passwd, size_t passwdlen,
- const uint8_t *salt, size_t saltlen,
- uint64_t N, uint32_t r, uint32_t p, uint8_t *buf, size_t buflen);
-#endif
-
/**
* Internal type used by the memory allocator. Please do not use it directly.
* Use yescrypt_shared_t and yescrypt_local_t as appropriate instead, since
@@ -285,70 +268,6 @@ extern uint8_t *yescrypt_r(const yescrypt_shared_t *shared,
//KEY: const yescrypt_binary_t *key,
uint8_t *buf, size_t buflen);
-#if 0 //UNUSED
-/**
- * yescrypt(passwd, setting):
- * Compute and encode an scrypt or enhanced scrypt hash of passwd given the
- * parameters and salt value encoded in setting. Whether to compute classic
- * scrypt, YESCRYPT_WORM (a slight deviation from classic scrypt), or
- * YESCRYPT_RW (time-memory tradeoff discouraging modification) is determined
- * by the setting string.
- *
- * Return the encoded hash string on success; or NULL on error.
- *
- * This is a crypt(3)-like interface, which is simpler to use than
- * yescrypt_r(), but it is not MT-safe, it does not allow for the use of a ROM,
- * and it is slower than yescrypt_r() for repeated calls because it allocates
- * and frees memory on each call.
- *
- * MT-unsafe.
- */
-extern uint8_t *yescrypt(const uint8_t *passwd, const uint8_t *setting);
-
-/**
- * yescrypt_reencrypt(hash, from_key, to_key):
- * Re-encrypt a yescrypt hash from one key to another. Either key may be NULL
- * to indicate unencrypted hash. The encoded hash string is modified in-place.
- *
- * Return the hash pointer on success; or NULL on error (in which case the hash
- * string is left unmodified).
- *
- * MT-safe as long as hash is local to the thread.
- */
-extern uint8_t *yescrypt_reencrypt(uint8_t *hash,
- const yescrypt_binary_t *from_key,
- const yescrypt_binary_t *to_key);
-
-/**
- * yescrypt_encode_params_r(params, src, srclen, buf, buflen):
- * Generate a setting string for use with yescrypt_r() and yescrypt() by
- * encoding into it the parameters flags, N, r, p, t, g, and a salt given by
- * src (of srclen bytes). buf must be large enough (as indicated by buflen)
- * to hold the setting string.
- *
- * Return the setting string on success; or NULL on error.
- *
- * MT-safe as long as buf is local to the thread.
- */
-extern uint8_t *yescrypt_encode_params_r(const yescrypt_params_t *params,
- const uint8_t *src, size_t srclen,
- uint8_t *buf, size_t buflen);
-
-
-/**
- * yescrypt_encode_params(params, src, srclen):
- * Generate a setting string for use with yescrypt_r() and yescrypt(). This
- * function is the same as yescrypt_encode_params_r() except that it uses a
- * static buffer and thus is not MT-safe.
- *
- * Return the setting string on success; or NULL on error.
- *
- * MT-unsafe.
- */
-extern uint8_t *yescrypt_encode_params(const yescrypt_params_t *params,
- const uint8_t *src, size_t srclen);
-#endif
-
extern const uint8_t *decode64(uint8_t *dst, size_t *dstlen,
const uint8_t *src, size_t srclen);
extern uint8_t *encode64(uint8_t *dst, size_t dstlen,
More information about the busybox-cvs
mailing list