Botan 3.0.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::RFC4880_S2K_Family Class Referencefinal

#include <pgp_s2k.h>

Inheritance diagram for Botan::RFC4880_S2K_Family:
Botan::PasswordHashFamily

Public Member Functions

std::unique_ptr< PasswordHashdefault_params () const override
 
std::unique_ptr< PasswordHashfrom_iterations (size_t iter) const override
 
std::unique_ptr< PasswordHashfrom_params (size_t iter, size_t, size_t) const override
 
std::string name () const override
 
 RFC4880_S2K_Family (std::unique_ptr< HashFunction > hash)
 
std::unique_ptr< PasswordHashtune (size_t output_len, std::chrono::milliseconds msec, size_t max_mem, std::chrono::milliseconds tune_msec) const override
 

Static Public Member Functions

static std::unique_ptr< PasswordHashFamilycreate (std::string_view algo_spec, std::string_view provider="")
 
static std::unique_ptr< PasswordHashFamilycreate_or_throw (std::string_view algo_spec, std::string_view provider="")
 
static std::vector< std::string > providers (std::string_view algo_spec)
 

Detailed Description

Definition at line 113 of file pgp_s2k.h.

Constructor & Destructor Documentation

◆ RFC4880_S2K_Family()

Botan::RFC4880_S2K_Family::RFC4880_S2K_Family ( std::unique_ptr< HashFunction hash)
inline

Definition at line 116 of file pgp_s2k.h.

116: m_hash(std::move(hash)) {}

Member Function Documentation

◆ create()

std::unique_ptr< PasswordHashFamily > Botan::PasswordHashFamily::create ( std::string_view  algo_spec,
std::string_view  provider = "" 
)
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to choose
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 50 of file pwdhash.cpp.

52 {
53 const SCAN_Name req(algo_spec);
54
55#if defined(BOTAN_HAS_PBKDF2)
56 if(req.algo_name() == "PBKDF2")
57 {
58 if(provider.empty() || provider == "base")
59 {
60 if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")"))
61 return std::make_unique<PBKDF2_Family>(std::move(mac));
62
63 if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
64 return std::make_unique<PBKDF2_Family>(std::move(mac));
65 }
66
67 return nullptr;
68 }
69#endif
70
71#if defined(BOTAN_HAS_SCRYPT)
72 if(req.algo_name() == "Scrypt")
73 {
74 return std::make_unique<Scrypt_Family>();
75 }
76#endif
77
78#if defined(BOTAN_HAS_ARGON2)
79 if(req.algo_name() == "Argon2d")
80 {
81 return std::make_unique<Argon2_Family>(static_cast<uint8_t>(0));
82 }
83 else if(req.algo_name() == "Argon2i")
84 {
85 return std::make_unique<Argon2_Family>(static_cast<uint8_t>(1));
86 }
87 else if(req.algo_name() == "Argon2id")
88 {
89 return std::make_unique<Argon2_Family>(static_cast<uint8_t>(2));
90 }
91#endif
92
93#if defined(BOTAN_HAS_PBKDF_BCRYPT)
94 if(req.algo_name() == "Bcrypt-PBKDF")
95 {
96 return std::make_unique<Bcrypt_PBKDF_Family>();
97 }
98#endif
99
100#if defined(BOTAN_HAS_PGP_S2K)
101 if(req.algo_name() == "OpenPGP-S2K" && req.arg_count() == 1)
102 {
103 if(auto hash = HashFunction::create(req.arg(0)))
104 {
105 return std::make_unique<RFC4880_S2K_Family>(std::move(hash));
106 }
107 }
108#endif
109
110 BOTAN_UNUSED(req);
111 BOTAN_UNUSED(provider);
112
113 return nullptr;
114 }
BOTAN_UNUSED
#define BOTAN_UNUSED(...)
Definition: assert.h:141
Botan::HashFunction::create
static std::unique_ptr< HashFunction > create(std::string_view algo_spec, std::string_view provider="")
Definition: hash.cpp:102
Botan::MessageAuthenticationCode::create
static std::unique_ptr< MessageAuthenticationCode > create(std::string_view algo_spec, std::string_view provider="")
Definition: mac.cpp:46

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::HashFunction::create(), and Botan::MessageAuthenticationCode::create().

Referenced by botan_pwdhash(), botan_pwdhash_timed(), and Botan::PasswordHashFamily::create_or_throw().

◆ create_or_throw()

std::unique_ptr< PasswordHashFamily > Botan::PasswordHashFamily::create_or_throw ( std::string_view  algo_spec,
std::string_view  provider = "" 
)
staticinherited

Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.

Definition at line 118 of file pwdhash.cpp.

120 {
121 if(auto pbkdf = PasswordHashFamily::create(algo, provider))
122 {
123 return pbkdf;
124 }
125 throw Lookup_Error("PasswordHashFamily", algo, provider);
126 }
Botan::PasswordHashFamily::create
static std::unique_ptr< PasswordHashFamily > create(std::string_view algo_spec, std::string_view provider="")
Definition: pwdhash.cpp:50

References Botan::PasswordHashFamily::create().

Referenced by Botan::argon2_check_pwhash(), Botan::argon2_generate_pwhash(), Botan::CryptoBox::decrypt_bin(), and Botan::CryptoBox::encrypt().

◆ default_params()

std::unique_ptr< PasswordHash > Botan::RFC4880_S2K_Family::default_params ( ) const
overridevirtual

Return some default parameter set for this PBKDF that should be good enough for most users. The value returned may change over time as processing power and attacks improve.

Implements Botan::PasswordHashFamily.

Definition at line 133 of file pgp_s2k.cpp.

134 {
135 return std::make_unique<RFC4880_S2K>(m_hash->new_object(), 50331648);
136 }

◆ from_iterations()

std::unique_ptr< PasswordHash > Botan::RFC4880_S2K_Family::from_iterations ( size_t  iterations) const
overridevirtual

Return a parameter chosen based on a rough approximation with the specified iteration count. The exact value this returns for a particular algorithm may change from over time. Think of it as an alternative to tune, where time is expressed in terms of PBKDF2 iterations rather than milliseconds.

Implements Botan::PasswordHashFamily.

Definition at line 138 of file pgp_s2k.cpp.

139 {
140 return std::make_unique<RFC4880_S2K>(m_hash->new_object(), iter);
141 }

◆ from_params()

std::unique_ptr< PasswordHash > Botan::RFC4880_S2K_Family::from_params ( size_t  i1,
size_t  i2,
size_t  i3 
) const
overridevirtual

Create a password hash using some scheme specific format. Parameters are as follows:

  • For PBKDF2, PGP-S2K, and Bcrypt-PBKDF, i1 is iterations
  • Scrypt uses N, r, p for i{1-3}
  • Argon2 family uses memory (in KB), iterations, and parallelism for i{1-3}

All unneeded parameters should be set to 0 or left blank.

Implements Botan::PasswordHashFamily.

Definition at line 128 of file pgp_s2k.cpp.

129 {
130 return std::make_unique<RFC4880_S2K>(m_hash->new_object(), iter);
131 }

◆ name()

std::string Botan::RFC4880_S2K_Family::name ( ) const
overridevirtual
Returns
name of this PasswordHash

Implements Botan::PasswordHashFamily.

Definition at line 97 of file pgp_s2k.cpp.

98 {
99 return fmt("OpenPGP-S2K({})", m_hash->name());
100 }
Botan::fmt
std::string fmt(std::string_view format, const T &... args)
Definition: fmt.h:60

References Botan::fmt().

◆ providers()

std::vector< std::string > Botan::PasswordHashFamily::providers ( std::string_view  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available

Definition at line 128 of file pwdhash.cpp.

129 {
130 return probe_providers_of<PasswordHashFamily>(algo_spec);
131 }

◆ tune()

std::unique_ptr< PasswordHash > Botan::RFC4880_S2K_Family::tune ( size_t  output_length,
std::chrono::milliseconds  msec,
size_t  max_memory_usage_mb,
std::chrono::milliseconds  tuning_msec 
) const
overridevirtual

Return a new parameter set tuned for this machine

Parameters
output_lengthhow long the output length will be
msecthe desired execution time in milliseconds
max_memory_usage_mbsome password hash functions can use a tunable amount of memory, in this case max_memory_usage limits the amount of RAM the returned parameters will require, in mebibytes (2**20 bytes). It may require some small amount above the request. Set to zero to place no limit at all.
tuning_msechow long to run the tuning loop

Implements Botan::PasswordHashFamily.

Definition at line 102 of file pgp_s2k.cpp.

107 {
108 const size_t buf_size = 1024;
109 std::vector<uint8_t> buffer(buf_size);
110
111 Timer timer("RFC4880_S2K", buf_size);
112 timer.run_until_elapsed(tune_time, [&]() {
113 m_hash->update(buffer);
114 });
115
116 const double hash_bytes_per_second = timer.bytes_per_second();
117 const uint64_t desired_nsec = msec.count() * 1000000;
118
119 const size_t hash_size = m_hash->output_length();
120 const size_t blocks_required = (output_len <= hash_size ? 1 : (output_len + hash_size - 1) / hash_size);
121
122 const double bytes_to_be_hashed = (hash_bytes_per_second * (desired_nsec / 1000000000.0)) / blocks_required;
123 const size_t iterations = RFC4880_round_iterations(static_cast<size_t>(bytes_to_be_hashed));
124
125 return std::make_unique<RFC4880_S2K>(m_hash->new_object(), iterations);
126 }
Botan::RFC4880_round_iterations
size_t RFC4880_round_iterations(size_t iterations)
Definition: rfc4880.h:32

References Botan::Timer::bytes_per_second(), Botan::RFC4880_round_iterations(), and Botan::Timer::run_until_elapsed().

Referenced by Botan::OpenPGP_S2K::pbkdf().

The documentation for this class was generated from the following files:
Generated by doxygen 1.9.6