RT3998: Allow scrypt to be disabled

This does 64-bit division and multiplication, and on 32-bit platforms pulls in libgcc symbols (and MSVC does similar) which may not be available. Mostly done by David Woodhouse. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-09-04 13:07:10 -04:00
parent a939b0aab5
commit b0809bc8ff
10 changed files with 42 additions and 9 deletions
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1075,6 +1075,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
                          ASN1_TYPE *param, const EVP_CIPHER *cipher,
                          const EVP_MD *md, int en_de);

+#ifndef OPENSSL_NO_SCRYPT
 int EVP_PBE_scrypt(const char *pass, size_t passlen,
                   const unsigned char *salt, size_t saltlen,
                   uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
@@ -1083,6 +1084,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
 int PKCS5_v2_scrypt_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
                             int passlen, ASN1_TYPE *param,
                             const EVP_CIPHER *c, const EVP_MD *md, int en_de);
+#endif

 void PKCS5_PBE_add(void);

--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -1052,10 +1052,12 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
                              unsigned char *salt, int saltlen,
                              unsigned char *aiv, int prf_nid);

+#ifndef OPENSSL_NO_SCRYPT
 X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
                                  const unsigned char *salt, int saltlen,
                                  unsigned char *aiv, uint64_t N, uint64_t r,
                                  uint64_t p);
+#endif

 X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
                             int prf_nid, int keylen);