add binding for wc_PBKDF2

John Bland · John Bland · commit 0e47e0e238fa · 2022-08-08T15:56:13.000-04:00
diff --git a/addon/wolfcrypt/h/pbkdf2.h b/addon/wolfcrypt/h/pbkdf2.h
@@ -0,0 +1,26 @@
+/* pbkdf2.h
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <napi.h>
+#include "wolfssl/options.h"
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/pwdbased.h>
+
+Napi::Number bind_wc_PBKDF2(const Napi::CallbackInfo& info);
diff --git a/addon/wolfcrypt/main.cpp b/addon/wolfcrypt/main.cpp
@@ -26,6 +26,7 @@
 #include "./h/rsa.h"
 #include "./h/sha.h"
 #include "./h/ecc.h"
+#include "./h/pbkdf2.h"
 
 using namespace Napi;
 
@@ -113,6 +114,8 @@ Napi::Object Init(Napi::Env env, Napi::Object exports)
   exports.Set(Napi::String::New(env, "wc_ecc_verify_hash"), Napi::Function::New(env, bind_wc_ecc_verify_hash));
   exports.Set(Napi::String::New(env, "wc_ecc_free"), Napi::Function::New(env, bind_wc_ecc_free));
 
+  exports.Set(Napi::String::New(env, "wc_PBKDF2"), Napi::Function::New(env, bind_wc_PBKDF2));
+
   return exports;
 }
 
diff --git a/addon/wolfcrypt/pbkdf2.cpp b/addon/wolfcrypt/pbkdf2.cpp
@@ -0,0 +1,39 @@
+/* pbkdf2.cpp
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "./h/pbkdf2.h"
+
+Napi::Number bind_wc_PBKDF2(const Napi::CallbackInfo& info)
+{
+  Napi::Env env = info.Env();
+  int ret;
+  uint8_t* out = info[0].As<Napi::Uint8Array>().Data();
+  uint8_t* passwd = info[1].As<Napi::Uint8Array>().Data();
+  int p_len = info[2].As<Napi::Number>().Int32Value();
+  uint8_t* salt = info[3].As<Napi::Uint8Array>().Data();
+  int s_len = info[4].As<Napi::Number>().Int32Value();
+  int iterations = info[5].As<Napi::Number>().Int32Value();
+  int k_len = info[6].As<Napi::Number>().Int32Value();
+  int type_h = info[7].As<Napi::Number>().Int32Value();
+
+  ret = wc_PBKDF2( out, passwd, p_len, salt, s_len, iterations, k_len, type_h );
+
+  return Napi::Number::New( env, ret );
+}
diff --git a/app.js b/app.js
@@ -23,6 +23,7 @@ const hmac_tests = require( './tests/hmac' );
 const rsa_tests = require( './tests/rsa' );
 const sha_tests = require( './tests/sha' );
 const ecc_tests = require( './tests/ecc' );
+const pbkdf2_tests = require( './tests/pbkdf2' );
 
 (async function() {
   for ( const key of Object.keys( evp_tests ) )
@@ -49,4 +50,9 @@ const ecc_tests = require( './tests/ecc' );
   {
     await ecc_tests[key]()
   }
+
+  for ( const key of Object.keys( pbkdf2_tests ) )
+  {
+    await pbkdf2_tests[key]()
+  }
 })()
diff --git a/binding.gyp b/binding.gyp
@@ -9,7 +9,8 @@
             "addon/wolfcrypt/hmac.cpp",
             "addon/wolfcrypt/rsa.cpp",
             "addon/wolfcrypt/sha.cpp",
-            "addon/wolfcrypt/ecc.cpp"
+            "addon/wolfcrypt/ecc.cpp",
+            "addon/wolfcrypt/pbkdf2.cpp"
         ],
         'include_dirs': [
             "<!@(node -p \"require('node-addon-api').include\")"
diff --git a/interfaces/pbkdf2.js b/interfaces/pbkdf2.js
@@ -0,0 +1,55 @@
+/* pbkdf2.js
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+const wolfcrypt = require( '../build/Release/wolfcrypt' )
+
+const WolfSSL_PBDKF2 = function( password, salt, iterations, keyLen, hash_type )
+{
+  if ( !Buffer.isBuffer( password ) )
+  {
+    throw 'password must be Buffer'
+  }
+
+  if ( !Buffer.isBuffer( salt ) )
+  {
+    throw 'salt must be Buffer'
+  }
+
+  let type = wolfcrypt.typeof_Hmac( hash_type )
+
+  if ( type < 0 )
+  {
+    throw 'Invalid hash_type'
+  }
+
+  let key = Buffer.alloc( keyLen )
+
+  let ret = wolfcrypt.wc_PBKDF2( key, password, password.length, salt, salt.length, iterations, keyLen, type )
+
+  if ( ret != 0 )
+  {
+    throw `Failed to wc_PBKDF2 ${ ret }`
+  }
+
+  return key
+}
+
+exports.WolfSSL_PBDKF2 = WolfSSL_PBDKF2
diff --git a/tests/pbkdf2.js b/tests/pbkdf2.js
@@ -0,0 +1,45 @@
+/* pbkdf2.js
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+const { WolfSSL_PBDKF2 } = require( '../interfaces/pbkdf2' )
+
+const pbkdf2_tests = 
+{
+  pbkdf2: function()
+  {
+    const password = Buffer.from( 'super secret password' )
+    const salt = Buffer.from( 'super secret salt' )
+
+    const key1 = WolfSSL_PBDKF2( password, salt, 2048, 64, 'SHA512' )
+    const key2 = WolfSSL_PBDKF2( password, salt, 2048, 64, 'SHA512' )
+
+    if ( key1.toString( 'hex' ) == key2.toString( 'hex' ) )
+    {
+      console.log( 'PASS pbkdf2' );
+    }
+    else
+    {
+      console.log( 'FAIL pbkdf2', key1.toString( 'hex' ), key2.toString( 'hex' ) );
+    }
+  }
+}
+
+module.exports = pbkdf2_tests
