#include <pgp_s2k.h>
Public Member Functions | |
| void | derive_key (uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len) const override |
| virtual void | derive_key (uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len, const uint8_t ad[], size_t ad_len, const uint8_t key[], size_t key_len) const |
| void | hash (std::span< uint8_t > out, std::string_view password, std::span< const uint8_t > salt) const |
| void | hash (std::span< uint8_t > out, std::string_view password, std::span< const uint8_t > salt, std::span< const uint8_t > associated_data, std::span< const uint8_t > key) const |
| size_t | iterations () const override |
| virtual size_t | memory_param () const |
| virtual size_t | parallelism () const |
| RFC4880_S2K (std::unique_ptr< HashFunction > hash, size_t iterations) | |
| virtual bool | supports_associated_data () const |
| virtual bool | supports_keyed_operation () const |
| std::string | to_string () const override |
| virtual size_t | total_memory_usage () const |
Detailed Description
OpenPGP's S2K
See RFC 4880 sections 3.7.1.1, 3.7.1.2, and 3.7.1.3 If the salt is empty and iterations == 1, "simple" S2K is used If the salt is non-empty and iterations == 1, "salted" S2K is used If the salt is non-empty and iterations > 1, "iterated" S2K is used
Note that unlike PBKDF2, OpenPGP S2K's "iterations" are defined as the number of bytes hashed.
Constructor & Destructor Documentation
◆ RFC4880_S2K()
| Botan::RFC4880_S2K::RFC4880_S2K | ( | std::unique_ptr< HashFunction > | hash, |
| size_t | iterations ) |
- Parameters
-
hash the hash function to use iterations is rounded due to PGP formatting
Definition at line 128 of file pgp_s2k.cpp.
Member Function Documentation
◆ derive_key() [1/2]
|
overridevirtual |
Derive a key from a password
- Parameters
-
out buffer to store the derived key, must be of out_len bytes out_len the desired length of the key to produce password the password to derive the key from password_len the length of password in bytes salt a randomly chosen salt salt_len length of salt in bytes
This function is const, but is not thread safe. Different threads should either use unique objects, or serialize all access.
Implements Botan::PasswordHash.
Definition at line 135 of file pgp_s2k.cpp.
◆ derive_key() [2/2]
|
virtualinherited |
Derive a key from a password plus additional data and/or a secret key
Currently this is only supported for Argon2. Using a non-empty AD or key with other algorithms will cause a Not_Implemented exception.
- Parameters
-
out buffer to store the derived key, must be of out_len bytes out_len the desired length of the key to produce password the password to derive the key from password_len the length of password in bytes salt a randomly chosen salt salt_len length of salt in bytes ad some additional data ad_len length of ad in bytes key a secret key key_len length of key in bytes
This function is const, but is not thread safe. Different threads should either use unique objects, or serialize all access.
Reimplemented in Botan::Argon2.
Definition at line 34 of file pwdhash.cpp.
References BOTAN_UNUSED, Botan::PasswordHash::derive_key(), and Botan::PasswordHash::to_string().
◆ hash() [1/2]
|
inlineinherited |
Hash a password into a bitstring
- Parameters
-
out a span where the derived key will be placed password the password to derive the key from salt a randomly chosen salt
This function is const, but is not thread safe. Different threads should either use unique objects, or serialize all access.
Definition at line 81 of file pwdhash.h.
◆ hash() [2/2]
|
inlineinherited |
Hash a password into a bitstring
- Parameters
-
out a span where the derived key will be placed password the password to derive the key from salt a randomly chosen salt associated_data some additional data key a secret key
This function is const, but is not thread safe. Different threads should either use unique objects, or serialize all access.
Definition at line 97 of file pwdhash.h.
◆ iterations()
|
inlineoverridevirtual |
Most password hashes have some notion of iterations.
Implements Botan::PasswordHash.
Definition at line 90 of file pgp_s2k.h.
◆ memory_param()
|
inlinevirtualinherited |
Some password hashing algorithms have a parameter which controls how much memory is used. If not supported by some algorithm, returns 0.
Reimplemented in Botan::Argon2, Botan::Bcrypt_PBKDF, and Botan::Scrypt.
Definition at line 40 of file pwdhash.h.
◆ parallelism()
|
inlinevirtualinherited |
Some password hashing algorithms have a parallelism parameter. If the algorithm does not support this notion, then the function returns zero. This allows distinguishing between a password hash which just does not support parallel operation, vs one that does support parallel operation but which has been configured to use a single lane.
Reimplemented in Botan::Argon2, Botan::Bcrypt_PBKDF, and Botan::Scrypt.
Definition at line 50 of file pwdhash.h.
◆ supports_associated_data()
|
inlinevirtualinherited |
Returns true if this password hash supports supplying associated data
Reimplemented in Botan::Argon2.
Definition at line 69 of file pwdhash.h.
◆ supports_keyed_operation()
|
inlinevirtualinherited |
Returns true if this password hash supports supplying a key
Reimplemented in Botan::Argon2.
Definition at line 64 of file pwdhash.h.
◆ to_string()
|
overridevirtual |
Implements Botan::PasswordHash.
Definition at line 131 of file pgp_s2k.cpp.
References Botan::fmt().
◆ total_memory_usage()
|
inlinevirtualinherited |
Returns an estimate of the total number of bytes required to perform this key derivation.
If this algorithm uses a small and constant amount of memory, with no effort made towards being memory hard, this function returns 0.
Reimplemented in Botan::Argon2, Botan::Bcrypt_PBKDF, and Botan::Scrypt.
Definition at line 59 of file pwdhash.h.
The documentation for this class was generated from the following files:
- src/lib/pbkdf/pgp_s2k/pgp_s2k.h
- src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
