#include <pbkdf2.h>

Inheritance diagram for Botan::PBKDF2:

Public Member Functions
virtual void	derive_key (uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len, const uint8_t ad[], size_t ad_len, const uint8_t key[], size_t key_len) const
void	derive_key (uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len) const override
void	hash (std::span< uint8_t > out, std::string_view password, std::span< const uint8_t > salt) const
void	hash (std::span< uint8_t > out, std::string_view password, std::span< const uint8_t > salt, std::span< const uint8_t > associated_data, std::span< const uint8_t > key) const
size_t	iterations () const override
virtual size_t	memory_param () const
virtual size_t	parallelism () const
	PBKDF2 (const MessageAuthenticationCode &prf, size_t iter)
	PBKDF2 (const MessageAuthenticationCode &prf, size_t olen, std::chrono::milliseconds msec)
virtual bool	supports_associated_data () const
virtual bool	supports_keyed_operation () const
std::string	to_string () const override
virtual size_t	total_memory_usage () const

Detailed Description

PBKDF2

Definition at line 45 of file pbkdf2.h.

Constructor & Destructor Documentation

◆ PBKDF2() [1/2]

Botan::PBKDF2::PBKDF2	(	const MessageAuthenticationCode &	prf,
		size_t	iter )

inline

Definition at line 47 of file pbkdf2.h.

47: m_prf(prf.new_object()), m_iterations(iter) {}

◆ PBKDF2() [2/2]

Botan::PBKDF2::PBKDF2	(	const MessageAuthenticationCode &	prf,
		size_t	olen,
		std::chrono::milliseconds	msec )

Definition at line 162 of file pbkdf2.cpp.

162 :

163 m_prf(prf.new_object()), m_iterations(tune_pbkdf2(*m_prf, olen, msec)) {}

Member Function Documentation

◆ derive_key() [1/2]

void Botan::PasswordHash::derive_key	(	uint8_t	out[],
		size_t	out_len,
		const char *	password,
		size_t	password_len,
		const uint8_t	salt[],
		size_t	salt_len,
		const uint8_t	ad[],
		size_t	ad_len,
		const uint8_t	key[],
		size_t	key_len ) const

virtualinherited

Derive a key from a password plus additional data and/or a secret key

Currently this is only supported for Argon2. Using a non-empty AD or key with other algorithms will cause a Not_Implemented exception.

Parameters

out	buffer to store the derived key, must be of out_len bytes
out_len	the desired length of the key to produce
password	the password to derive the key from
password_len	the length of password in bytes
salt	a randomly chosen salt
salt_len	length of salt in bytes
ad	some additional data
ad_len	length of ad in bytes
key	a secret key
key_len	length of key in bytes

This function is const, but is not thread safe. Different threads should either use unique objects, or serialize all access.

Reimplemented in Botan::Argon2.

Definition at line 35 of file pwdhash.cpp.

                                                    {
   BOTAN_UNUSED(ad, key);
 
   if(ad_len == 0 && key_len == 0) {
      return this->derive_key(out, out_len, password, password_len, salt, salt_len);
   } else {
      throw Not_Implemented("PasswordHash " + this->to_string() + " does not support AD or key");
   }
}

References BOTAN_UNUSED, derive_key(), and to_string().

◆ derive_key() [2/2]

void Botan::PBKDF2::derive_key	(	uint8_t	out[],
		size_t	out_len,
		const char *	password,
		size_t	password_len,
		const uint8_t	salt[],
		size_t	salt_len ) const

overridevirtual

Derive a key from a password

Parameters

out	buffer to store the derived key, must be of out_len bytes
out_len	the desired length of the key to produce
password	the password to derive the key from
password_len	the length of password in bytes
salt	a randomly chosen salt
salt_len	length of salt in bytes

This function is const, but is not thread safe. Different threads should either use unique objects, or serialize all access.

Implements Botan::PasswordHash.

Definition at line 169 of file pbkdf2.cpp.

                                               {
   pbkdf2_set_key(*m_prf, password, password_len);
   pbkdf2(*m_prf, out, out_len, salt, salt_len, m_iterations);
}

References Botan::pbkdf2().

◆ hash() [1/2]

void Botan::PasswordHash::hash	(	std::span< uint8_t >	out,
		std::string_view	password,
		std::span< const uint8_t >	salt ) const

inlineinherited

Hash a password into a bitstring

Derive a key from the specified password and salt, placing it into out.

Parameters

out	a span where the derived key will be placed
password	the password to derive the key from
salt	a randomly chosen salt

This function is const, but is not thread safe. Different threads should either use unique objects, or serialize all access.

Definition at line 84 of file pwdhash.h.

                                                                                                  {
         this->derive_key(out.data(), out.size(), password.data(), password.size(), salt.data(), salt.size());
      }

References derive_key().

Referenced by Botan::RFC4880_S2K::RFC4880_S2K().

◆ hash() [2/2]

void Botan::PasswordHash::hash	(	std::span< uint8_t >	out,
		std::string_view	password,
		std::span< const uint8_t >	salt,
		std::span< const uint8_t >	associated_data,
		std::span< const uint8_t >	key ) const

inlineinherited

Hash a password into a bitstring

Derive a key from the specified password, salt, associated_data, and secret key, placing it into out. The associated_data and key are both allowed to be empty. Currently non-empty AD/key is only supported with Argon2.

Parameters

out	a span where the derived key will be placed
password	the password to derive the key from
salt	a randomly chosen salt
associated_data	some additional data
key	a secret key

This function is const, but is not thread safe. Different threads should either use unique objects, or serialize all access.

Definition at line 105 of file pwdhash.h.

                                                  {
         this->derive_key(out.data(),
                          out.size(),
                          password.data(),
                          password.size(),
                          salt.data(),
                          salt.size(),
                          associated_data.data(),
                          associated_data.size(),
                          key.data(),
                          key.size());
      }

References derive_key().

◆ iterations()

size_t Botan::PBKDF2::iterations ( ) const

inlineoverridevirtual

Most password hashes have some notion of iterations.

Implements Botan::PasswordHash.

Definition at line 52 of file pbkdf2.h.

52{ return m_iterations; }

References iterations().

Referenced by iterations().

◆ memory_param()

virtual size_t Botan::PasswordHash::memory_param ( ) const

inlinevirtualinherited

Some password hashing algorithms have a parameter which controls how much memory is used. If not supported by some algorithm, returns 0.

Reimplemented in Botan::Argon2, Botan::Bcrypt_PBKDF, and Botan::Scrypt.

Definition at line 40 of file pwdhash.h.

40{ return 0; }

◆ parallelism()

virtual size_t Botan::PasswordHash::parallelism ( ) const

inlinevirtualinherited

Some password hashing algorithms have a parallelism parameter. If the algorithm does not support this notion, then the function returns zero. This allows distinguishing between a password hash which just does not support parallel operation, vs one that does support parallel operation but which has been configured to use a single lane.

Reimplemented in Botan::Argon2, Botan::Bcrypt_PBKDF, and Botan::Scrypt.

Definition at line 50 of file pwdhash.h.

50{ return 0; }

◆ supports_associated_data()

virtual bool Botan::PasswordHash::supports_associated_data ( ) const

inlinevirtualinherited

Returns: true if this password hash supports supplying associated data

Reimplemented in Botan::Argon2.

Definition at line 69 of file pwdhash.h.

69{ return false; }

◆ supports_keyed_operation()

virtual bool Botan::PasswordHash::supports_keyed_operation ( ) const

inlinevirtualinherited

Returns: true if this password hash supports supplying a key

Reimplemented in Botan::Argon2.

Definition at line 64 of file pwdhash.h.

64{ return false; }

◆ to_string()

std::string Botan::PBKDF2::to_string ( ) const

overridevirtual

Implements Botan::PasswordHash.

Definition at line 165 of file pbkdf2.cpp.

                                  {
   return fmt("PBKDF2({},{})", m_prf->name(), m_iterations);
}

References Botan::fmt().

◆ total_memory_usage()

virtual size_t Botan::PasswordHash::total_memory_usage ( ) const

inlinevirtualinherited

Returns an estimate of the total number of bytes required to perform this key derivation.

If this algorithm uses a small and constant amount of memory, with no effort made towards being memory hard, this function returns 0.

Reimplemented in Botan::Argon2, Botan::Bcrypt_PBKDF, and Botan::Scrypt.

Definition at line 59 of file pwdhash.h.

59{ return 0; }

The documentation for this class was generated from the following files:

src/lib/pbkdf/pbkdf2/pbkdf2.h
src/lib/pbkdf/pbkdf2/pbkdf2.cpp

Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ PBKDF2() [1/2]

◆ PBKDF2() [2/2]

Member Function Documentation

◆ derive_key() [1/2]

◆ derive_key() [2/2]

◆ hash() [1/2]

◆ hash() [2/2]

◆ iterations()

◆ memory_param()

◆ parallelism()

◆ supports_associated_data()

◆ supports_keyed_operation()

◆ to_string()

◆ total_memory_usage()