Botan 3.6.1
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::OpenPGP_S2K Class Referencefinal

#include <pgp_s2k.h>

Inheritance diagram for Botan::OpenPGP_S2K:
Botan::PBKDF

Public Member Functions

PBKDFclone () const
 
template<typename Alloc >
OctetString derive_key (size_t out_len, std::string_view passphrase, const std::vector< uint8_t, Alloc > &salt, size_t iterations) const
 
template<typename Alloc >
OctetString derive_key (size_t out_len, std::string_view passphrase, const std::vector< uint8_t, Alloc > &salt, std::chrono::milliseconds msec, size_t &iterations) const
 
OctetString derive_key (size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const
 
OctetString derive_key (size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const
 
std::string name () const override
 
std::unique_ptr< PBKDFnew_object () const override
 
 OpenPGP_S2K (std::unique_ptr< HashFunction > hash)
 
size_t pbkdf (uint8_t output_buf[], size_t output_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations, std::chrono::milliseconds msec) const override
 
secure_vector< uint8_t > pbkdf_iterations (size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const
 
void pbkdf_iterations (uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const
 
secure_vector< uint8_t > pbkdf_timed (size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const
 
void pbkdf_timed (uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const
 

Static Public Member Functions

static std::unique_ptr< PBKDFcreate (std::string_view algo_spec, std::string_view provider="")
 
static std::unique_ptr< PBKDFcreate_or_throw (std::string_view algo_spec, std::string_view provider="")
 
static size_t decode_count (uint8_t encoded_iter)
 
static uint8_t encode_count (size_t iterations)
 
static std::vector< std::string > providers (std::string_view algo_spec)
 

Detailed Description

OpenPGP's S2K

See RFC 4880 sections 3.7.1.1, 3.7.1.2, and 3.7.1.3 If the salt is empty and iterations == 1, "simple" S2K is used If the salt is non-empty and iterations == 1, "salted" S2K is used If the salt is non-empty and iterations > 1, "iterated" S2K is used

Due to complexities of the PGP S2K algorithm, time-based derivation is not supported. So if iterations == 0 and msec.count() > 0, an exception is thrown. In the future this may be supported, in which case "iterated" S2K will be used and the number of iterations performed is returned.

Note that unlike PBKDF2, OpenPGP S2K's "iterations" are defined as the number of bytes hashed.

Definition at line 39 of file pgp_s2k.h.

Constructor & Destructor Documentation

◆ OpenPGP_S2K()

Botan::OpenPGP_S2K::OpenPGP_S2K ( std::unique_ptr< HashFunction > hash)
inlineexplicit
Parameters
hashthe hash function to use

Definition at line 44 of file pgp_s2k.h.

44: m_hash(std::move(hash)) {}

Member Function Documentation

◆ clone()

PBKDF * Botan::PBKDF::clone ( ) const
inlineinherited
Returns
new instance of this same algorithm

Definition at line 64 of file pbkdf.h.

64{ return this->new_object().release(); }
Botan::PBKDF::new_object
virtual std::unique_ptr< PBKDF > new_object() const =0

◆ create()

std::unique_ptr< PBKDF > Botan::PBKDF::create ( std::string_view algo_spec,
std::string_view provider = "" )
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to choose
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 23 of file pbkdf.cpp.

23 {
24 const SCAN_Name req(algo_spec);
25
26#if defined(BOTAN_HAS_PBKDF2)
27 if(req.algo_name() == "PBKDF2") {
28 // TODO OpenSSL
29
30 if(provider.empty() || provider == "base") {
31 if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")")) {
32 return std::make_unique<PKCS5_PBKDF2>(std::move(mac));
33 }
34
35 if(auto mac = MessageAuthenticationCode::create(req.arg(0))) {
36 return std::make_unique<PKCS5_PBKDF2>(std::move(mac));
37 }
38 }
39
40 return nullptr;
41 }
42#endif
43
44#if defined(BOTAN_HAS_PGP_S2K)
45 if(req.algo_name() == "OpenPGP-S2K" && req.arg_count() == 1) {
46 if(auto hash = HashFunction::create(req.arg(0))) {
47 return std::make_unique<OpenPGP_S2K>(std::move(hash));
48 }
49 }
50#endif
51
52 BOTAN_UNUSED(req);
53 BOTAN_UNUSED(provider);
54
55 return nullptr;
56}
BOTAN_UNUSED
#define BOTAN_UNUSED
Definition assert.h:118
Botan::HashFunction::create
static std::unique_ptr< HashFunction > create(std::string_view algo_spec, std::string_view provider="")
Definition hash.cpp:107
Botan::MessageAuthenticationCode::create
static std::unique_ptr< MessageAuthenticationCode > create(std::string_view algo_spec, std::string_view provider="")
Definition mac.cpp:51

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::HashFunction::create(), and Botan::MessageAuthenticationCode::create().

Referenced by Botan::PBKDF::create_or_throw().

◆ create_or_throw()

std::unique_ptr< PBKDF > Botan::PBKDF::create_or_throw ( std::string_view algo_spec,
std::string_view provider = "" )
staticinherited

Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.

Definition at line 59 of file pbkdf.cpp.

59 {
60 if(auto pbkdf = PBKDF::create(algo, provider)) {
61 return pbkdf;
62 }
63 throw Lookup_Error("PBKDF", algo, provider);
64}
Botan::PBKDF::pbkdf
virtual size_t pbkdf(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations, std::chrono::milliseconds msec) const =0
Botan::PBKDF::create
static std::unique_ptr< PBKDF > create(std::string_view algo_spec, std::string_view provider="")
Definition pbkdf.cpp:23

References Botan::PBKDF::create(), and Botan::PBKDF::pbkdf().

◆ decode_count()

static size_t Botan::OpenPGP_S2K::decode_count ( uint8_t encoded_iter)
inlinestatic

Definition at line 63 of file pgp_s2k.h.

63{ return RFC4880_decode_count(encoded_iter); }
Botan::RFC4880_decode_count
size_t RFC4880_decode_count(uint8_t iter)
Definition rfc4880.cpp:61

References Botan::RFC4880_decode_count().

◆ derive_key() [1/4]

template<typename Alloc >
OctetString Botan::PBKDF::derive_key ( size_t out_len,
std::string_view passphrase,
const std::vector< uint8_t, Alloc > & salt,
size_t iterations ) const
inlineinherited

Derive a key from a passphrase

Parameters
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
iterationsthe number of iterations to use (use 10K or more)

Definition at line 188 of file pbkdf.h.

191 {
192 return OctetString(pbkdf_iterations(out_len, passphrase, salt.data(), salt.size(), iterations));
193 }
Botan::PBKDF::pbkdf_iterations
void pbkdf_iterations(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const
Definition pbkdf.cpp:80

◆ derive_key() [2/4]

template<typename Alloc >
OctetString Botan::PBKDF::derive_key ( size_t out_len,
std::string_view passphrase,
const std::vector< uint8_t, Alloc > & salt,
std::chrono::milliseconds msec,
size_t & iterations ) const
inlineinherited

Derive a key from a passphrase using a certain amount of time

Parameters
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
msecis how long to run the PBKDF
iterationsis set to the number of iterations used

Definition at line 222 of file pbkdf.h.

226 {
227 return OctetString(pbkdf_timed(out_len, passphrase, salt.data(), salt.size(), msec, iterations));
228 }
Botan::PBKDF::pbkdf_timed
void pbkdf_timed(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const
Definition pbkdf.cpp:70

◆ derive_key() [3/4]

OctetString Botan::PBKDF::derive_key ( size_t out_len,
std::string_view passphrase,
const uint8_t salt[],
size_t salt_len,
size_t iterations ) const
inlineinherited

Derive a key from a passphrase

Parameters
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
salt_lenlength of salt in bytes
iterationsthe number of iterations to use (use 10K or more)

Definition at line 175 of file pbkdf.h.

176 {
177 return OctetString(pbkdf_iterations(out_len, passphrase, salt, salt_len, iterations));
178 }

Referenced by Botan::check_passhash9(), and Botan::generate_passhash9().

◆ derive_key() [4/4]

OctetString Botan::PBKDF::derive_key ( size_t out_len,
std::string_view passphrase,
const uint8_t salt[],
size_t salt_len,
std::chrono::milliseconds msec,
size_t & iterations ) const
inlineinherited

Derive a key from a passphrase

Parameters
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
salt_lenlength of salt in bytes
msecis how long to run the PBKDF
iterationsis set to the number of iterations used

Definition at line 204 of file pbkdf.h.

209 {
210 return OctetString(pbkdf_timed(out_len, passphrase, salt, salt_len, msec, iterations));
211 }

◆ encode_count()

static uint8_t Botan::OpenPGP_S2K::encode_count ( size_t iterations)
inlinestatic

RFC 4880 encodes the iteration count to a single-byte value

Definition at line 61 of file pgp_s2k.h.

61{ return RFC4880_encode_count(iterations); }
Botan::RFC4880_encode_count
uint8_t RFC4880_encode_count(size_t desired_iterations)
Definition rfc4880.cpp:47

References Botan::RFC4880_encode_count().

◆ name()

std::string Botan::OpenPGP_S2K::name ( ) const
inlineoverridevirtual
Returns
name of this PBKDF

Implements Botan::PBKDF.

Definition at line 46 of file pgp_s2k.h.

46{ return "OpenPGP-S2K(" + m_hash->name() + ")"; }

◆ new_object()

std::unique_ptr< PBKDF > Botan::OpenPGP_S2K::new_object ( ) const
inlineoverridevirtual
Returns
new instance of this same algorithm

Implements Botan::PBKDF.

Definition at line 48 of file pgp_s2k.h.

48{ return std::make_unique<OpenPGP_S2K>(m_hash->new_object()); }

◆ pbkdf()

size_t Botan::OpenPGP_S2K::pbkdf ( uint8_t out[],
size_t out_len,
std::string_view passphrase,
const uint8_t salt[],
size_t salt_len,
size_t iterations,
std::chrono::milliseconds msec ) const
overridevirtual

Derive a key from a passphrase for a number of iterations specified by either iterations or if iterations == 0 then running until msec time has elapsed.

Parameters
outbuffer to store the derived key, must be of out_len bytes
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
salt_lenlength of salt in bytes
iterationsthe number of iterations to use (use 10K or more)
msecif iterations is zero, then instead the PBKDF is run until msec milliseconds has passed.
Returns
the number of iterations performed

Implements Botan::PBKDF.

Definition at line 71 of file pgp_s2k.cpp.

77 {
78 std::unique_ptr<PasswordHash> pwdhash;
79
80 if(iterations == 0) {
81 RFC4880_S2K_Family s2k_params(m_hash->new_object());
82 iterations = s2k_params.tune(output_len, msec, 0, std::chrono::milliseconds(10))->iterations();
83 }
84
85 pgp_s2k(*m_hash, output_buf, output_len, password.data(), password.size(), salt, salt_len, iterations);
86
87 return iterations;
88}

References Botan::RFC4880_S2K_Family::tune().

◆ pbkdf_iterations() [1/2]

secure_vector< uint8_t > Botan::PBKDF::pbkdf_iterations ( size_t out_len,
std::string_view passphrase,
const uint8_t salt[],
size_t salt_len,
size_t iterations ) const
inherited

Derive a key from a passphrase for a number of iterations.

Parameters
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
salt_lenlength of salt in bytes
iterationsthe number of iterations to use (use 10K or more)
Returns
the derived key

Definition at line 95 of file pbkdf.cpp.

96 {
97 secure_vector<uint8_t> out(out_len);
98 pbkdf_iterations(out.data(), out_len, passphrase, salt, salt_len, iterations);
99 return out;
100}
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61

References Botan::PBKDF::pbkdf_iterations().

◆ pbkdf_iterations() [2/2]

void Botan::PBKDF::pbkdf_iterations ( uint8_t out[],
size_t out_len,
std::string_view passphrase,
const uint8_t salt[],
size_t salt_len,
size_t iterations ) const
inherited

Derive a key from a passphrase for a number of iterations.

Parameters
outbuffer to store the derived key, must be of out_len bytes
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
salt_lenlength of salt in bytes
iterationsthe number of iterations to use (use 10K or more)

Definition at line 80 of file pbkdf.cpp.

85 {
86 if(iterations == 0) {
87 throw Invalid_Argument(name() + ": Invalid iteration count");
88 }
89
90 const size_t iterations_run =
91 pbkdf(out, out_len, passphrase, salt, salt_len, iterations, std::chrono::milliseconds(0));
92 BOTAN_ASSERT_EQUAL(iterations, iterations_run, "Expected PBKDF iterations");
93}
BOTAN_ASSERT_EQUAL
#define BOTAN_ASSERT_EQUAL(expr1, expr2, assertion_made)
Definition assert.h:68
Botan::PBKDF::name
virtual std::string name() const =0

References BOTAN_ASSERT_EQUAL, Botan::PBKDF::name(), and Botan::PBKDF::pbkdf().

Referenced by Botan::PBKDF::pbkdf_iterations().

◆ pbkdf_timed() [1/2]

secure_vector< uint8_t > Botan::PBKDF::pbkdf_timed ( size_t out_len,
std::string_view passphrase,
const uint8_t salt[],
size_t salt_len,
std::chrono::milliseconds msec,
size_t & iterations ) const
inherited

Derive a key from a passphrase, running until msec time has elapsed.

Parameters
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
salt_lenlength of salt in bytes
msecif iterations is zero, then instead the PBKDF is run until msec milliseconds has passed.
iterationsset to the number iterations executed
Returns
the derived key

Definition at line 102 of file pbkdf.cpp.

107 {
108 secure_vector<uint8_t> out(out_len);
109 pbkdf_timed(out.data(), out_len, passphrase, salt, salt_len, msec, iterations);
110 return out;
111}

References Botan::PBKDF::pbkdf_timed().

◆ pbkdf_timed() [2/2]

void Botan::PBKDF::pbkdf_timed ( uint8_t out[],
size_t out_len,
std::string_view passphrase,
const uint8_t salt[],
size_t salt_len,
std::chrono::milliseconds msec,
size_t & iterations ) const
inherited

Derive a key from a passphrase, running until msec time has elapsed.

Parameters
outbuffer to store the derived key, must be of out_len bytes
out_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
salt_lenlength of salt in bytes
msecif iterations is zero, then instead the PBKDF is run until msec milliseconds has passed.
iterationsset to the number iterations executed

Definition at line 70 of file pbkdf.cpp.

76 {
77 iterations = pbkdf(out, out_len, passphrase, salt, salt_len, 0, msec);
78}

References Botan::PBKDF::pbkdf().

Referenced by Botan::PBKDF::pbkdf_timed().

◆ providers()

std::vector< std::string > Botan::PBKDF::providers ( std::string_view algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available

Definition at line 66 of file pbkdf.cpp.

66 {
67 return probe_providers_of<PBKDF>(algo_spec);
68}
Botan::probe_providers_of
std::vector< std::string > probe_providers_of(std::string_view algo_spec, const std::vector< std::string > &possible={"base"})
Definition scan_name.h:105

References Botan::probe_providers_of().

The documentation for this class was generated from the following files:
Generated by doxygen 1.12.0