Botan::Argon2_Family Class Reference

#include <argon2.h>

Inheritance diagram for Botan::Argon2_Family:

Public Member Functions
	Argon2_Family (uint8_t family)
std::unique_ptr< PasswordHash >	default_params () const override
std::unique_ptr< PasswordHash >	from_iterations (size_t iter) const override
std::unique_ptr< PasswordHash >	from_params (size_t M, size_t t, size_t p) const override
std::string	name () const override
std::unique_ptr< PasswordHash >	tune (size_t output_length, std::chrono::milliseconds msec, size_t max_memory, std::chrono::milliseconds tune_msec) const override

Static Public Member Functions
static std::unique_ptr< PasswordHashFamily >	create (std::string_view algo_spec, std::string_view provider="")
static std::unique_ptr< PasswordHashFamily >	create_or_throw (std::string_view algo_spec, std::string_view provider="")
static std::vector< std::string >	providers (std::string_view algo_spec)

Detailed Description

Definition at line 88 of file argon2.h.

Constructor & Destructor Documentation

Argon2_Family()

Botan::Argon2_Family::Argon2_Family

(

uint8_t

family

)

Definition at line 76 of file argon2pwhash.cpp.

                                           : m_family(family)
   {
   if(m_family != 0 && m_family != 1 && m_family != 2)
      throw Invalid_Argument("Unknown Argon2 family identifier");
   }

Member Function Documentation

create()

std::unique_ptr< PasswordHashFamily > Botan::PasswordHashFamily::create ( std::string_view  algo_spec, std::string_view  provider = ""  )

staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters

algo_spec	algorithm name
provider	provider implementation to choose

Returns

a null pointer if the algo/provider combination cannot be found

Definition at line 50 of file pwdhash.cpp.

   {
   const SCAN_Name req(algo_spec);
 
#if defined(BOTAN_HAS_PBKDF2)
   if(req.algo_name() == "PBKDF2")
      {
      if(provider.empty() || provider == "base")
         {
         if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")"))
            return std::make_unique<PBKDF2_Family>(std::move(mac));
 
         if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
            return std::make_unique<PBKDF2_Family>(std::move(mac));
         }
 
      return nullptr;
      }
#endif
 
#if defined(BOTAN_HAS_SCRYPT)
   if(req.algo_name() == "Scrypt")
      {
      return std::make_unique<Scrypt_Family>();
      }
#endif
 
#if defined(BOTAN_HAS_ARGON2)
   if(req.algo_name() == "Argon2d")
      {
      return std::make_unique<Argon2_Family>(static_cast<uint8_t>(0));
      }
   else if(req.algo_name() == "Argon2i")
      {
      return std::make_unique<Argon2_Family>(static_cast<uint8_t>(1));
      }
   else if(req.algo_name() == "Argon2id")
      {
      return std::make_unique<Argon2_Family>(static_cast<uint8_t>(2));
      }
#endif
 
#if defined(BOTAN_HAS_PBKDF_BCRYPT)
   if(req.algo_name() == "Bcrypt-PBKDF")
      {
      return std::make_unique<Bcrypt_PBKDF_Family>();
      }
#endif
 
#if defined(BOTAN_HAS_PGP_S2K)
   if(req.algo_name() == "OpenPGP-S2K" && req.arg_count() == 1)
      {
      if(auto hash = HashFunction::create(req.arg(0)))
         {
         return std::make_unique<RFC4880_S2K_Family>(std::move(hash));
         }
      }
#endif
 
   BOTAN_UNUSED(req);
   BOTAN_UNUSED(provider);
 
   return nullptr;
   }

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::HashFunction::create(), and Botan::MessageAuthenticationCode::create().

Referenced by botan_pwdhash(), botan_pwdhash_timed(), and Botan::PasswordHashFamily::create_or_throw().

create_or_throw()

std::unique_ptr< PasswordHashFamily > Botan::PasswordHashFamily::create_or_throw ( std::string_view  algo_spec, std::string_view  provider = ""  )

staticinherited

Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.

Definition at line 118 of file pwdhash.cpp.

   {
   if(auto pbkdf = PasswordHashFamily::create(algo, provider))
      {
      return pbkdf;
      }
   throw Lookup_Error("PasswordHashFamily", algo, provider);
   }

References Botan::PasswordHashFamily::create().

Referenced by Botan::argon2_check_pwhash(), Botan::argon2_generate_pwhash(), Botan::CryptoBox::decrypt_bin(), and Botan::CryptoBox::encrypt().

default_params()

std::unique_ptr< PasswordHash > Botan::Argon2_Family::default_params ( ) const

overridevirtual

Return some default parameter set for this PBKDF that should be good enough for most users. The value returned may change over time as processing power and attacks improve.

Implements Botan::PasswordHashFamily.

Definition at line 151 of file argon2pwhash.cpp.

   {
   return this->from_params(128*1024, 1, 1);
   }

References from_params().

Referenced by tune().

from_iterations()

std::unique_ptr< PasswordHash > Botan::Argon2_Family::from_iterations ( size_t  iterations ) const

overridevirtual

Return a parameter chosen based on a rough approximation with the specified iteration count. The exact value this returns for a particular algorithm may change from over time. Think of it as an alternative to tune, where time is expressed in terms of PBKDF2 iterations rather than milliseconds.

Implements Botan::PasswordHashFamily.

Definition at line 156 of file argon2pwhash.cpp.

   {
   /*
   These choices are arbitrary, but should not change in future
   releases since they will break applications expecting deterministic
   mapping from iteration count to params
   */
   const size_t M = iter;
   const size_t t = 1;
   const size_t p = 1;
   return this->from_params(M, t, p);
   }

References from_params().

from_params()

std::unique_ptr< PasswordHash > Botan::Argon2_Family::from_params ( size_t  i1, size_t  i2, size_t  i3  ) const

overridevirtual

Create a password hash using some scheme specific format. Parameters are as follows:

• For PBKDF2, PGP-S2K, and Bcrypt-PBKDF, i1 is iterations
• Scrypt uses N, r, p for i{1-3}
• Argon2 family uses memory (in KB), iterations, and parallelism for i{1-3}

All unneeded parameters should be set to 0 or left blank.

Implements Botan::PasswordHashFamily.

Definition at line 169 of file argon2pwhash.cpp.

   {
   return std::make_unique<Argon2>(m_family, M, t, p);
   }

Referenced by default_params(), from_iterations(), and tune().

name()

std::string Botan::Argon2_Family::name ( ) const

overridevirtual

Returns

name of this PasswordHash

Implements Botan::PasswordHashFamily.

Definition at line 82 of file argon2pwhash.cpp.

   {
   return argon2_family_name(m_family);
   }

providers()

std::vector< std::string > Botan::PasswordHashFamily::providers ( std::string_view  algo_spec )

staticinherited

Returns

list of available providers for this algorithm, empty if not available

Definition at line 128 of file pwdhash.cpp.

   {
   return probe_providers_of<PasswordHashFamily>(algo_spec);
   }

tune()

std::unique_ptr< PasswordHash > Botan::Argon2_Family::tune ( size_t  output_length, std::chrono::milliseconds  msec, size_t  max_memory_usage_mb, std::chrono::milliseconds  tuning_msec  ) const

overridevirtual

Return a new parameter set tuned for this machine

Parameters

output_length	how long the output length will be
msec	the desired execution time in milliseconds
max_memory_usage_mb	some password hash functions can use a tunable amount of memory, in this case max_memory_usage limits the amount of RAM the returned parameters will require, in mebibytes (2**20 bytes). It may require some small amount above the request. Set to zero to place no limit at all.
tuning_msec	how long to run the tuning loop

Implements Botan::PasswordHashFamily.

Definition at line 87 of file argon2pwhash.cpp.

   {
   const size_t max_kib = (max_memory == 0) ? 256*1024 : max_memory*1024;
 
   // Tune with a large memory otherwise we measure cache vs RAM speeds and underestimate
   // costs for larger params. Default is 36 MiB, or use 128 for long times.
   const size_t tune_M = (msec >= std::chrono::milliseconds(200) ? 128 : 36) * 1024;
   const size_t p = 1;
   size_t t = 1;
 
   Timer timer("Argon2");
 
   auto pwhash = this->from_params(tune_M, t, p);
 
   timer.run_until_elapsed(tune_time, [&]() {
      uint8_t output[64] = { 0 };
      pwhash->derive_key(output, sizeof(output),
                         "test", 4,
                         nullptr, 0);
      });
 
   if(timer.events() == 0 || timer.value() == 0)
      return default_params();
 
   size_t M = 4*1024;
 
   const uint64_t measured_time = timer.value() / (timer.events() * (tune_M / M));
 
   const uint64_t target_nsec = msec.count() * static_cast<uint64_t>(1000000);
 
   /*
   * Argon2 scaling rules:
   * k*M, k*t, k*p all increase cost by about k
   *
   * Since we don't even take advantage of p > 1, we prefer increasing
   * t or M instead.
   *
   * If possible to increase M, prefer that.
   */
 
   uint64_t est_nsec = measured_time;
 
   if(est_nsec < target_nsec && M < max_kib)
      {
      const uint64_t desired_cost_increase = (target_nsec + est_nsec - 1) / est_nsec;
      const uint64_t mem_headroom = max_kib / M;
 
      const uint64_t M_mult = std::min(desired_cost_increase, mem_headroom);
      M *= static_cast<size_t>(M_mult);
      est_nsec *= M_mult;
      }
 
   if(est_nsec < target_nsec / 2)
      {
      const uint64_t desired_cost_increase = (target_nsec + est_nsec - 1) / est_nsec;
      t *= static_cast<size_t>(desired_cost_increase);
      }
 
   return this->from_params(M, t, p);
   }

References default_params(), Botan::Timer::events(), from_params(), Botan::Timer::run_until_elapsed(), and Botan::Timer::value().

---

The documentation for this class was generated from the following files:

• src/lib/pbkdf/argon2/argon2.h
• src/lib/pbkdf/argon2/argon2pwhash.cpp