#include <pbkdf2.h>
Inheritance diagram for Botan::PKCS5_PBKDF2:
Public Member Functions | |
| PBKDF * | clone () const |
| template<typename Alloc > | |
| OctetString | derive_key (size_t out_len, std::string_view passphrase, const std::vector< uint8_t, Alloc > &salt, size_t iterations) const |
| template<typename Alloc > | |
| OctetString | derive_key (size_t out_len, std::string_view passphrase, const std::vector< uint8_t, Alloc > &salt, std::chrono::milliseconds msec, size_t &iterations) const |
| OctetString | derive_key (size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const |
| OctetString | derive_key (size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const |
| std::string | name () const override |
| std::unique_ptr< PBKDF > | new_object () const override |
| size_t | pbkdf (uint8_t output_buf[], size_t output_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations, std::chrono::milliseconds msec) const override |
| secure_vector< uint8_t > | pbkdf_iterations (size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const |
| void | pbkdf_iterations (uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const |
| secure_vector< uint8_t > | pbkdf_timed (size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const |
| void | pbkdf_timed (uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const |
| PKCS5_PBKDF2 (MessageAuthenticationCode *mac_fn) | |
| PKCS5_PBKDF2 (std::unique_ptr< MessageAuthenticationCode > mac_fn) | |
Static Public Member Functions | |
| static std::unique_ptr< PBKDF > | create (std::string_view algo_spec, std::string_view provider="") |
| static std::unique_ptr< PBKDF > | create_or_throw (std::string_view algo_spec, std::string_view provider="") |
| static std::vector< std::string > | providers (std::string_view algo_spec) |
Detailed Description
Constructor & Destructor Documentation
◆ PKCS5_PBKDF2() [1/2]
|
inlineexplicit |
◆ PKCS5_PBKDF2() [2/2]
|
inlineexplicit |
Member Function Documentation
◆ clone()
|
inlineinherited |
◆ create()
|
staticinherited |
Create an instance based on a name If provider is empty then best available is chosen.
- Parameters
-
algo_spec algorithm name provider provider implementation to choose
- Returns
- a null pointer if the algo/provider combination cannot be found
Definition at line 23 of file pbkdf.cpp.
23 {
24 const SCAN_Name req(algo_spec);
25
26#if defined(BOTAN_HAS_PBKDF2)
27 if(req.algo_name() == "PBKDF2") {
28 // TODO OpenSSL
29
30 if(provider.empty() || provider == "base") {
32 return std::make_unique<PKCS5_PBKDF2>(std::move(mac));
33 }
34
36 return std::make_unique<PKCS5_PBKDF2>(std::move(mac));
37 }
38 }
39
40 return nullptr;
41 }
42#endif
43
44#if defined(BOTAN_HAS_PGP_S2K)
45 if(req.algo_name() == "OpenPGP-S2K" && req.arg_count() == 1) {
47 return std::make_unique<OpenPGP_S2K>(std::move(hash));
48 }
49 }
50#endif
51
52 BOTAN_UNUSED(req);
53 BOTAN_UNUSED(provider);
54
55 return nullptr;
56}
static std::unique_ptr< HashFunction > create(std::string_view algo_spec, std::string_view provider="")
Definition hash.cpp:107
static std::unique_ptr< MessageAuthenticationCode > create(std::string_view algo_spec, std::string_view provider="")
Definition mac.cpp:51
References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::HashFunction::create(), and Botan::MessageAuthenticationCode::create().
Referenced by Botan::PBKDF::create_or_throw().
◆ create_or_throw()
|
staticinherited |
Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.
Definition at line 59 of file pbkdf.cpp.
59 {
62 }
63 throw Lookup_Error("PBKDF", algo, provider);
64}
virtual size_t pbkdf(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations, std::chrono::milliseconds msec) const =0
static std::unique_ptr< PBKDF > create(std::string_view algo_spec, std::string_view provider="")
Definition pbkdf.cpp:23
References Botan::PBKDF::create(), and Botan::PBKDF::pbkdf().
◆ derive_key() [1/4]
template<typename Alloc >
|
inlineinherited |
Derive a key from a passphrase
- Parameters
-
out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt iterations the number of iterations to use (use 10K or more)
Definition at line 186 of file pbkdf.h.
189 {
190 return OctetString(pbkdf_iterations(out_len, passphrase, salt.data(), salt.size(), iterations));
191 }
void pbkdf_iterations(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const
Definition pbkdf.cpp:80
@ OctetString
◆ derive_key() [2/4]
template<typename Alloc >
|
inlineinherited |
Derive a key from a passphrase using a certain amount of time
- Parameters
-
out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt msec is how long to run the PBKDF iterations is set to the number of iterations used
Definition at line 220 of file pbkdf.h.
224 {
225 return OctetString(pbkdf_timed(out_len, passphrase, salt.data(), salt.size(), msec, iterations));
226 }
void pbkdf_timed(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const
Definition pbkdf.cpp:70
◆ derive_key() [3/4]
|
inlineinherited |
Derive a key from a passphrase
- Parameters
-
out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt salt_len length of salt in bytes iterations the number of iterations to use (use 10K or more)
Definition at line 173 of file pbkdf.h.
174 {
176 }
Referenced by Botan::check_passhash9(), and Botan::generate_passhash9().
◆ derive_key() [4/4]
|
inlineinherited |
Derive a key from a passphrase
- Parameters
-
out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt salt_len length of salt in bytes msec is how long to run the PBKDF iterations is set to the number of iterations used
Definition at line 202 of file pbkdf.h.
207 {
209 }
◆ name()
|
overridevirtual |
- Returns
- name of this PBKDF
Implements Botan::PBKDF.
Definition at line 158 of file pbkdf2.cpp.
158 {
160}
References Botan::fmt().
◆ new_object()
|
overridevirtual |
- Returns
- new instance of this same algorithm
Implements Botan::PBKDF.
Definition at line 162 of file pbkdf2.cpp.
162 {
163 return std::make_unique<PKCS5_PBKDF2>(m_mac->new_object());
164}
◆ pbkdf()
|
overridevirtual |
Derive a key from a passphrase for a number of iterations specified by either iterations or if iterations == 0 then running until msec time has elapsed.
- Parameters
-
out buffer to store the derived key, must be of out_len bytes out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt salt_len length of salt in bytes iterations the number of iterations to use (use 10K or more) msec if iterations is zero, then instead the PBKDF is run until msec milliseconds has passed.
- Returns
- the number of iterations performed
Implements Botan::PBKDF.
Definition at line 140 of file pbkdf2.cpp.
146 {
147 if(iterations == 0) {
148 iterations = tune_pbkdf2(*m_mac, key_len, msec);
149 }
150
151 PBKDF2 pbkdf2(*m_mac, iterations);
152
153 pbkdf2.derive_key(key, key_len, password.data(), password.size(), salt, salt_len);
154
155 return iterations;
156}
size_t pbkdf2(MessageAuthenticationCode &prf, uint8_t out[], size_t out_len, std::string_view password, const uint8_t salt[], size_t salt_len, size_t iterations, std::chrono::milliseconds msec)
Definition pbkdf2.cpp:78
References Botan::pbkdf2().
◆ pbkdf_iterations() [1/2]
|
inherited |
Derive a key from a passphrase for a number of iterations.
- Parameters
-
out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt salt_len length of salt in bytes iterations the number of iterations to use (use 10K or more)
- Returns
- the derived key
Definition at line 95 of file pbkdf.cpp.
96 {
97 secure_vector<uint8_t> out(out_len);
98 pbkdf_iterations(out.data(), out_len, passphrase, salt, salt_len, iterations);
99 return out;
100}
References Botan::PBKDF::pbkdf_iterations().
◆ pbkdf_iterations() [2/2]
|
inherited |
Derive a key from a passphrase for a number of iterations.
- Parameters
-
out buffer to store the derived key, must be of out_len bytes out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt salt_len length of salt in bytes iterations the number of iterations to use (use 10K or more)
Definition at line 80 of file pbkdf.cpp.
85 {
86 if(iterations == 0) {
88 }
89
90 const size_t iterations_run =
91 pbkdf(out, out_len, passphrase, salt, salt_len, iterations, std::chrono::milliseconds(0));
93}
virtual std::string name() const =0
References BOTAN_ASSERT_EQUAL, Botan::PBKDF::name(), and Botan::PBKDF::pbkdf().
Referenced by Botan::PBKDF::pbkdf_iterations().
◆ pbkdf_timed() [1/2]
|
inherited |
Derive a key from a passphrase, running until msec time has elapsed.
- Parameters
-
out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt salt_len length of salt in bytes msec if iterations is zero, then instead the PBKDF is run until msec milliseconds has passed. iterations set to the number iterations executed
- Returns
- the derived key
Definition at line 102 of file pbkdf.cpp.
107 {
108 secure_vector<uint8_t> out(out_len);
109 pbkdf_timed(out.data(), out_len, passphrase, salt, salt_len, msec, iterations);
110 return out;
111}
References Botan::PBKDF::pbkdf_timed().
◆ pbkdf_timed() [2/2]
|
inherited |
Derive a key from a passphrase, running until msec time has elapsed.
- Parameters
-
out buffer to store the derived key, must be of out_len bytes out_len the desired length of the key to produce passphrase the password to derive the key from salt a randomly chosen salt salt_len length of salt in bytes msec if iterations is zero, then instead the PBKDF is run until msec milliseconds has passed. iterations set to the number iterations executed
Definition at line 70 of file pbkdf.cpp.
References Botan::PBKDF::pbkdf().
Referenced by Botan::PBKDF::pbkdf_timed().
◆ providers()
|
staticinherited |
The documentation for this class was generated from the following files:
- src/lib/pbkdf/pbkdf2/pbkdf2.h
- src/lib/pbkdf/pbkdf2/pbkdf2.cpp
