OpenCore  1.0.4
OpenCore Bootloader
Loading...
Searching...
No Matches
PasswordHash.c
Go to the documentation of this file.
1
14#include "CryptoInternal.h"
15
16VOID
17OcHashPasswordSha512 (
18 IN CONST UINT8 *Password,
19 IN UINT32 PasswordSize,
20 IN CONST UINT8 *Salt,
21 IN UINT32 SaltSize,
22 OUT UINT8 *Hash
23 )
24{
25 UINT32 Index;
26 SHA512_CONTEXT ShaContext;
27
28 ASSERT (Password != NULL);
29 ASSERT (Hash != NULL);
30
31 Sha512Init (&ShaContext);
32 Sha512Update (&ShaContext, Password, PasswordSize);
33 Sha512Update (&ShaContext, Salt, SaltSize);
34 Sha512Final (&ShaContext, Hash);
35 //
36 // The hash function is applied iteratively to slow down bruteforce attacks.
37 // The iteration count has been chosen to take roughly three seconds on
38 // modern hardware.
39 //
40 for (Index = 0; Index < 5000000; ++Index) {
41 Sha512Init (&ShaContext);
42 Sha512Update (&ShaContext, Hash, SHA512_DIGEST_SIZE);
43 //
44 // Password and Salt are re-added into hashing to, in case of a hash
45 // collision, again yield a unique hash in the subsequent iteration.
46 //
47 Sha512Update (&ShaContext, Password, PasswordSize);
48 Sha512Update (&ShaContext, Salt, SaltSize);
49 Sha512Final (&ShaContext, Hash);
50 }
51
52 SecureZeroMem (&ShaContext, sizeof (ShaContext));
53}
54
68BOOLEAN
69OcVerifyPasswordSha512 (
70 IN CONST UINT8 *Password,
71 IN UINT32 PasswordSize,
72 IN CONST UINT8 *Salt,
73 IN UINT32 SaltSize,
74 IN CONST UINT8 *RefHash
75 )
76{
77 BOOLEAN Result;
78 UINT8 VerifyHash[SHA512_DIGEST_SIZE];
79
80 ASSERT (Password != NULL);
81 ASSERT (RefHash != NULL);
82
83 OcHashPasswordSha512 (Password, PasswordSize, Salt, SaltSize, VerifyHash);
84 Result = SecureCompareMem (RefHash, VerifyHash, SHA512_DIGEST_SIZE) == 0;
85 SecureZeroMem (VerifyHash, SHA512_DIGEST_SIZE);
86
87 return Result;
88}
Sha512Update
VOID Sha512Update(SHA512_CONTEXT *Context, CONST UINT8 *Data, UINTN Len)
Sha512Init
VOID Sha512Init(SHA512_CONTEXT *Context)
Sha512Final
VOID Sha512Final(SHA512_CONTEXT *Context, UINT8 *HashDigest)
SHA512_DIGEST_SIZE
#define SHA512_DIGEST_SIZE
Definition OcCryptoLib.h:47
SecureCompareMem
INTN SecureCompareMem(IN CONST VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition SecureMem.c:17
SecureZeroMem
VOID * SecureZeroMem(OUT VOID *Buffer, IN UINTN Length)
Definition SecureMem.c:73
OcHashPasswordSha512
VOID OcHashPasswordSha512(IN CONST UINT8 *Password, IN UINT32 PasswordSize, IN CONST UINT8 *Salt, IN UINT32 SaltSize, OUT UINT8 *Hash)
Definition PasswordHash.c:17
OcVerifyPasswordSha512
BOOLEAN OcVerifyPasswordSha512(IN CONST UINT8 *Password, IN UINT32 PasswordSize, IN CONST UINT8 *Salt, IN UINT32 SaltSize, IN CONST UINT8 *RefHash)
Definition PasswordHash.c:69
ASSERT
#define ASSERT(x)
Definition coder.h:55
SHA512_CONTEXT_
Definition OcCryptoLib.h:139