Botan  2.12.1
Crypto and TLS for C++11
ffi_kdf.cpp
Go to the documentation of this file.
1 /*
2 * (C) 2015,2017 Jack Lloyd
3 *
4 * Botan is released under the Simplified BSD License (see license.txt)
5 */
6 
7 #include <botan/ffi.h>
8 #include <botan/internal/ffi_util.h>
9 #include <botan/internal/ffi_rng.h>
10 #include <botan/pbkdf.h>
11 #include <botan/pwdhash.h>
12 #include <botan/kdf.h>
13 
14 #if defined(BOTAN_HAS_BCRYPT)
15  #include <botan/bcrypt.h>
16 #endif
17 
18 extern "C" {
19 
20 using namespace Botan_FFI;
21 
22 int botan_pbkdf(const char* algo, uint8_t out[], size_t out_len,
23  const char* pass, const uint8_t salt[], size_t salt_len,
24  size_t iterations)
25  {
26  return botan_pwdhash(algo,
27  iterations,
28  0,
29  0,
30  out, out_len,
31  pass, 0,
32  salt, salt_len);
33  }
34 
35 int botan_pbkdf_timed(const char* algo,
36  uint8_t out[], size_t out_len,
37  const char* password,
38  const uint8_t salt[], size_t salt_len,
39  size_t ms_to_run,
40  size_t* iterations_used)
41  {
42  return botan_pwdhash_timed(algo,
43  static_cast<uint32_t>(ms_to_run),
44  iterations_used,
45  nullptr,
46  nullptr,
47  out, out_len,
48  password, 0,
49  salt, salt_len);
50  }
51 
53  const char* algo,
54  size_t param1,
55  size_t param2,
56  size_t param3,
57  uint8_t out[],
58  size_t out_len,
59  const char* password,
60  size_t password_len,
61  const uint8_t salt[],
62  size_t salt_len)
63  {
64  if(algo == nullptr || password == nullptr)
66 
67  if(password_len == 0)
68  password_len = std::strlen(password);
69 
70  return ffi_guard_thunk(__func__, [=]() -> int {
71  auto pwdhash_fam = Botan::PasswordHashFamily::create(algo);
72 
73  if(!pwdhash_fam)
75 
76  auto pwdhash = pwdhash_fam->from_params(param1, param2, param3);
77 
78  pwdhash->derive_key(out, out_len,
79  password, password_len,
80  salt, salt_len);
81 
82  return BOTAN_FFI_SUCCESS;
83  });
84  }
85 
87  const char* algo,
88  uint32_t msec,
89  size_t* param1,
90  size_t* param2,
91  size_t* param3,
92  uint8_t out[],
93  size_t out_len,
94  const char* password,
95  size_t password_len,
96  const uint8_t salt[],
97  size_t salt_len)
98  {
99  if(algo == nullptr || password == nullptr)
101 
102  if(password_len == 0)
103  password_len = std::strlen(password);
104 
105  return ffi_guard_thunk(__func__, [=]() -> int {
106 
107  auto pwdhash_fam = Botan::PasswordHashFamily::create(algo);
108 
109  if(!pwdhash_fam)
111 
112  auto pwdhash = pwdhash_fam->tune(out_len, std::chrono::milliseconds(msec));
113 
114  if(param1)
115  *param1 = pwdhash->iterations();
116  if(param2)
117  *param2 = pwdhash->parallelism();
118  if(param3)
119  *param3 = pwdhash->memory_param();
120 
121  pwdhash->derive_key(out, out_len,
122  password, password_len,
123  salt, salt_len);
124 
125  return BOTAN_FFI_SUCCESS;
126  });
127  }
128 
129 int botan_kdf(const char* kdf_algo,
130  uint8_t out[], size_t out_len,
131  const uint8_t secret[], size_t secret_len,
132  const uint8_t salt[], size_t salt_len,
133  const uint8_t label[], size_t label_len)
134  {
135  return ffi_guard_thunk(__func__, [=]() -> int {
136  std::unique_ptr<Botan::KDF> kdf(Botan::get_kdf(kdf_algo));
137  kdf->kdf(out, out_len, secret, secret_len, salt, salt_len, label, label_len);
138  return BOTAN_FFI_SUCCESS;
139  });
140  }
141 
142 int botan_scrypt(uint8_t out[], size_t out_len,
143  const char* password,
144  const uint8_t salt[], size_t salt_len,
145  size_t N, size_t r, size_t p)
146  {
147  return botan_pwdhash("Scrypt", N, r, p,
148  out, out_len,
149  password, 0,
150  salt, salt_len);
151  }
152 
153 int botan_bcrypt_generate(uint8_t* out, size_t* out_len,
154  const char* pass,
155  botan_rng_t rng_obj, size_t wf,
156  uint32_t flags)
157  {
158 #if defined(BOTAN_HAS_BCRYPT)
159  return ffi_guard_thunk(__func__, [=]() -> int {
160  if(out == nullptr || out_len == nullptr || pass == nullptr)
162 
163  if(flags != 0)
165 
166  if(wf < 4 || wf > 18)
168 
169  Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
170  const std::string bcrypt = Botan::generate_bcrypt(pass, rng, static_cast<uint16_t>(wf));
171  return write_str_output(out, out_len, bcrypt);
172  });
173 #else
175 #endif
176  }
177 
178 int botan_bcrypt_is_valid(const char* pass, const char* hash)
179  {
180 #if defined(BOTAN_HAS_BCRYPT)
181  return ffi_guard_thunk(__func__, [=]() -> int {
183  });
184 #else
186 #endif
187  }
188 
189 }
int ffi_guard_thunk(const char *func_name, std::function< int()> thunk)
Definition: ffi.cpp:86
int botan_bcrypt_generate(uint8_t *out, size_t *out_len, const char *pass, botan_rng_t rng_obj, size_t wf, uint32_t flags)
Definition: ffi_kdf.cpp:153
int botan_pbkdf_timed(const char *algo, uint8_t out[], size_t out_len, const char *password, const uint8_t salt[], size_t salt_len, size_t ms_to_run, size_t *iterations_used)
Definition: ffi_kdf.cpp:35
Flags flags(Flag flags)
Definition: p11.h:858
int botan_pwdhash_timed(const char *algo, uint32_t msec, size_t *param1, size_t *param2, size_t *param3, uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len)
Definition: ffi_kdf.cpp:86
int write_str_output(uint8_t out[], size_t *out_len, const std::string &str)
Definition: ffi_util.h:151
int botan_pbkdf(const char *algo, uint8_t out[], size_t out_len, const char *pass, const uint8_t salt[], size_t salt_len, size_t iterations)
Definition: ffi_kdf.cpp:22
KDF * get_kdf(const std::string &algo_spec)
Definition: kdf.cpp:237
size_t salt_len
Definition: x509_obj.cpp:25
static std::unique_ptr< PasswordHashFamily > create(const std::string &algo_spec, const std::string &provider="")
Definition: pwdhash.cpp:33
T & safe_get(botan_struct< T, M > *p)
Definition: ffi_util.h:61
int botan_pwdhash(const char *algo, size_t param1, size_t param2, size_t param3, uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len)
Definition: ffi_kdf.cpp:52
int botan_scrypt(uint8_t out[], size_t out_len, const char *password, const uint8_t salt[], size_t salt_len, size_t N, size_t r, size_t p)
Definition: ffi_kdf.cpp:142
bool check_bcrypt(const std::string &pass, const std::string &hash)
Definition: bcrypt.cpp:155
int botan_bcrypt_is_valid(const char *pass, const char *hash)
Definition: ffi_kdf.cpp:178
MechanismType hash
int botan_kdf(const char *kdf_algo, uint8_t out[], size_t out_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len)
Definition: ffi_kdf.cpp:129
struct botan_rng_struct * botan_rng_t
Definition: ffi.h:188
std::string generate_bcrypt(const std::string &pass, RandomNumberGenerator &rng, uint16_t work_factor, char version)
Definition: bcrypt.cpp:137