Add "scrypt" to third_party for use in generating secure hash of user…

… password that can later be used for off-line authentication in the case when on-line authentication is not available.

The planned use for this is profile-locking where unlocking has to be possible even when not connected to a network.

BUG=


Review URL: https://chromiumcodereview.appspot.com/11637016

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@175069 0039d316-1c4b-4281-b951-d872f2087c98

.gitignore

@@ -230,6 +230,7 @@ v8.log
 /third_party/pywebsocket/src
 /third_party/safe_browsing/testing
 /third_party/scons-2.0.1
+/third_party/scrypt
 /third_party/sfntly
 /third_party/skia
 /third_party/smhasher

third_party/scrypt/.gitattributes

@@ -0,0 +1,11 @@
+# ./configure has an embedded CR (ac_cr='^M').  When treated as text, this gets
+# converted to a CRLF pair by the codereview site which then makes the patch
+# file invalid as such:
+#
+# +
+# +ac_cr='
+# '
+# +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
+#
+# All attempts to apply this patch then fail.
+configure       binary

third_party/scrypt/FORMAT

@@ -0,0 +1,18 @@
+scrypt encrypted data format
+----------------------------
+
+offset	length
+0	6	"scrypt"
+6	1	scrypt data file version number (== 0)
+7	1	log2(N) (must be between 1 and 63 inclusive)
+8	4	r (big-endian integer; must satisfy r * p < 2^30)
+12	4	p (big-endian integer; must satisfy r * p < 2^30)
+16	32	salt
+48	16	first 16 bytes of SHA256(bytes 0 .. 47)
+64	32	HMAC-SHA256(bytes 0 .. 63)
+96	X	data xor AES256-CTR key stream generated with nonce == 0
+96+X	32	HMAC-SHA256(bytes 96 .. 96 + (X - 1))
+
+AES256-CTR is computed with a 256-bit AES key key_enc, and HMAC-SHA256 is
+computed with a 256-bit key key_hmac, where
+  scrypt(password, salt, N, r, p, 64) == [key_enc][key_hmac]

third_party/scrypt/LICENSE

@@ -0,0 +1,27 @@
+(extracted from main.c)
+
+-------------------------------------------------------------------------------
+
+Copyright 2009 Colin Percival
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.