Botan 3.9.0
Crypto and TLS for C&
argon2.h
Go to the documentation of this file.
1/**
2* (C) 2018,2019 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#ifndef BOTAN_ARGON2_H_
8#define BOTAN_ARGON2_H_
9
10#include <botan/exceptn.h>
11#include <botan/pwdhash.h>
12
13#if defined(BOTAN_HAS_ARGON2_FMT)
14 #include <botan/argon2fmt.h>
15#endif
16
18
19namespace Botan {
20
21class RandomNumberGenerator;
22
23/**
24* Argon2 key derivation function
25*/
26class BOTAN_PUBLIC_API(2, 11) Argon2 final : public PasswordHash {
27 public:
28 Argon2(uint8_t family, size_t M, size_t t, size_t p);
29
30 /**
31 * Derive a new key under the current Argon2 parameter set
32 */
33 void derive_key(uint8_t out[],
34 size_t out_len,
35 const char* password,
36 size_t password_len,
37 const uint8_t salt[],
38 size_t salt_len) const override;
39
40 void derive_key(uint8_t out[],
41 size_t out_len,
42 const char* password,
43 size_t password_len,
44 const uint8_t salt[],
45 size_t salt_len,
46 const uint8_t ad[],
47 size_t ad_len,
48 const uint8_t key[],
49 size_t key_len) const override;
50
51 std::string to_string() const override;
52
53 size_t M() const { return m_M; }
54
55 size_t t() const { return m_t; }
56
57 size_t p() const { return m_p; }
58
59 bool supports_keyed_operation() const override { return true; }
60
61 bool supports_associated_data() const override { return true; }
62
63 size_t iterations() const override { return t(); }
64
65 size_t parallelism() const override { return p(); }
66
67 size_t memory_param() const override { return M(); }
68
69 size_t total_memory_usage() const override { return M() * 1024; }
70
71 /**
72 * Argon2's BLAMKA function
73 */
74 static void blamka(uint64_t N[128], uint64_t T[128]);
75
76 private:
77#if defined(BOTAN_HAS_ARGON2_AVX2)
78 static void blamka_avx2(uint64_t N[128], uint64_t T[128]);
79#endif
80
81#if defined(BOTAN_HAS_ARGON2_SSSE3)
82 static void blamka_ssse3(uint64_t N[128], uint64_t T[128]);
83#endif
84
85 void argon2(uint8_t output[],
86 size_t output_len,
87 const char* password,
88 size_t password_len,
89 const uint8_t salt[],
90 size_t salt_len,
91 const uint8_t key[],
92 size_t key_len,
93 const uint8_t ad[],
94 size_t ad_len) const;
95
96 uint8_t m_family;
97 size_t m_M, m_t, m_p;
98};
99
101 public:
102 BOTAN_FUTURE_EXPLICIT Argon2_Family(uint8_t family);
103
104 std::string name() const override;
105
106 std::unique_ptr<PasswordHash> tune(size_t output_length,
107 std::chrono::milliseconds msec,
108 size_t max_memory,
109 std::chrono::milliseconds tune_msec) const override;
110
111 std::unique_ptr<PasswordHash> default_params() const override;
112
113 std::unique_ptr<PasswordHash> from_iterations(size_t iter) const override;
114
115 std::unique_ptr<PasswordHash> from_params(size_t M, size_t t, size_t p) const override;
116
117 private:
118 const uint8_t m_family;
119};
120
121/**
122* Argon2 key derivation function
123*
124* @param output the output will be placed here
125* @param output_len length of output
126* @param password the user password
127* @param password_len the length of password
128* @param salt the salt
129* @param salt_len length of salt
130* @param key an optional secret key
131* @param key_len the length of key
132* @param ad an optional additional input
133* @param ad_len the length of ad
134* @param y the Argon2 variant (0 = Argon2d, 1 = Argon2i, 2 = Argon2id)
135* @param p the parallelization parameter
136* @param M the amount of memory to use in Kb
137* @param t the number of iterations to use
138*/
139BOTAN_DEPRECATED("Use PasswordHashFamily+PasswordHash")
140
141inline void argon2(uint8_t output[],
142 size_t output_len,
143 const char* password,
144 size_t password_len,
145 const uint8_t salt[],
146 size_t salt_len,
147 const uint8_t key[],
148 size_t key_len,
149 const uint8_t ad[],
150 size_t ad_len,
151 uint8_t y,
152 size_t p,
153 size_t M,
154 size_t t) {
155 auto pwdhash_fam = PasswordHashFamily::create_or_throw([y] {
156 switch(y) {
157 case 0:
158 return "Argon2d";
159 case 1:
160 return "Argon2i";
161 case 2:
162 return "Argon2id";
163 default:
164 throw Not_Implemented("Unknown Argon2 family type");
165 }
166 }());
167 auto pwdhash = pwdhash_fam->from_params(M, t, p);
168 pwdhash->derive_key(output, output_len, password, password_len, salt, salt_len, ad, ad_len, key, key_len);
169}
170
171} // namespace Botan
172
173#endif
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:21
#define BOTAN_FUTURE_INTERNAL_HEADER(hdr)
Definition api.h:98
#define BOTAN_DEPRECATED(msg)
Definition api.h:73
#define BOTAN_FUTURE_EXPLICIT
Definition api.h:52
std::unique_ptr< PasswordHash > from_params(size_t M, size_t t, size_t p) const override
std::string name() const override
BOTAN_FUTURE_EXPLICIT Argon2_Family(uint8_t family)
std::unique_ptr< PasswordHash > tune(size_t output_length, std::chrono::milliseconds msec, size_t max_memory, std::chrono::milliseconds tune_msec) const override
std::unique_ptr< PasswordHash > default_params() const override
std::unique_ptr< PasswordHash > from_iterations(size_t iter) const override
size_t p() const
Definition argon2.h:57
bool supports_keyed_operation() const override
Definition argon2.h:59
size_t iterations() const override
Definition argon2.h:63
size_t total_memory_usage() const override
Definition argon2.h:69
size_t t() const
Definition argon2.h:55
size_t parallelism() const override
Definition argon2.h:65
bool supports_associated_data() const override
Definition argon2.h:61
size_t M() const
Definition argon2.h:53
size_t memory_param() const override
Definition argon2.h:67
Argon2(uint8_t family, size_t M, size_t t, size_t p)
static std::unique_ptr< PasswordHashFamily > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition pwdhash.cpp:110
virtual void derive_key(uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len) const =0
virtual std::string to_string() const =0
void argon2(uint8_t output[], size_t output_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len, const uint8_t key[], size_t key_len, const uint8_t ad[], size_t ad_len, uint8_t y, size_t p, size_t M, size_t t)
Definition argon2.h:141