Botan 3.0.0-alpha0
Crypto and TLS for C&
ffi_kdf.cpp
Go to the documentation of this file.
1/*
2* (C) 2015,2017 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/ffi.h>
8#include <botan/internal/ffi_util.h>
9#include <botan/internal/ffi_rng.h>
10#include <botan/pwdhash.h>
11#include <botan/kdf.h>
12
13#if defined(BOTAN_HAS_BCRYPT)
14 #include <botan/bcrypt.h>
15#endif
16
17extern "C" {
18
19using namespace Botan_FFI;
20
21int botan_pbkdf(const char* algo, uint8_t out[], size_t out_len,
22 const char* pass, const uint8_t salt[], size_t salt_len,
23 size_t iterations)
24 {
25 return botan_pwdhash(algo,
26 iterations,
27 0,
28 0,
29 out, out_len,
30 pass, 0,
31 salt, salt_len);
32 }
33
34int botan_pbkdf_timed(const char* algo,
35 uint8_t out[], size_t out_len,
36 const char* password,
37 const uint8_t salt[], size_t salt_len,
38 size_t ms_to_run,
39 size_t* iterations_used)
40 {
41 return botan_pwdhash_timed(algo,
42 static_cast<uint32_t>(ms_to_run),
43 iterations_used,
44 nullptr,
45 nullptr,
46 out, out_len,
47 password, 0,
48 salt, salt_len);
49 }
50
51int botan_pwdhash(
52 const char* algo,
53 size_t param1,
54 size_t param2,
55 size_t param3,
56 uint8_t out[],
57 size_t out_len,
58 const char* password,
59 size_t password_len,
60 const uint8_t salt[],
61 size_t salt_len)
62 {
63 if(algo == nullptr || password == nullptr)
64 return BOTAN_FFI_ERROR_NULL_POINTER;
65
66 if(password_len == 0)
67 password_len = std::strlen(password);
68
69 return ffi_guard_thunk(__func__, [=]() -> int {
70 auto pwdhash_fam = Botan::PasswordHashFamily::create(algo);
71
72 if(!pwdhash_fam)
73 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
74
75 auto pwdhash = pwdhash_fam->from_params(param1, param2, param3);
76
77 pwdhash->derive_key(out, out_len,
78 password, password_len,
79 salt, salt_len);
80
81 return BOTAN_FFI_SUCCESS;
82 });
83 }
84
85int botan_pwdhash_timed(
86 const char* algo,
87 uint32_t msec,
88 size_t* param1,
89 size_t* param2,
90 size_t* param3,
91 uint8_t out[],
92 size_t out_len,
93 const char* password,
94 size_t password_len,
95 const uint8_t salt[],
96 size_t salt_len)
97 {
98 if(algo == nullptr || password == nullptr)
99 return BOTAN_FFI_ERROR_NULL_POINTER;
100
101 if(password_len == 0)
102 password_len = std::strlen(password);
103
104 return ffi_guard_thunk(__func__, [=]() -> int {
105
106 auto pwdhash_fam = Botan::PasswordHashFamily::create(algo);
107
108 if(!pwdhash_fam)
109 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
110
111 auto pwdhash = pwdhash_fam->tune(out_len, std::chrono::milliseconds(msec));
112
113 if(param1)
114 *param1 = pwdhash->iterations();
115 if(param2)
116 *param2 = pwdhash->parallelism();
117 if(param3)
118 *param3 = pwdhash->memory_param();
119
120 pwdhash->derive_key(out, out_len,
121 password, password_len,
122 salt, salt_len);
123
124 return BOTAN_FFI_SUCCESS;
125 });
126 }
127
128int botan_kdf(const char* kdf_algo,
129 uint8_t out[], size_t out_len,
130 const uint8_t secret[], size_t secret_len,
131 const uint8_t salt[], size_t salt_len,
132 const uint8_t label[], size_t label_len)
133 {
134 return ffi_guard_thunk(__func__, [=]() -> int {
135 auto kdf = Botan::KDF::create_or_throw(kdf_algo);
136 kdf->kdf(out, out_len, secret, secret_len, salt, salt_len, label, label_len);
137 return BOTAN_FFI_SUCCESS;
138 });
139 }
140
141int botan_scrypt(uint8_t out[], size_t out_len,
142 const char* password,
143 const uint8_t salt[], size_t salt_len,
144 size_t N, size_t r, size_t p)
145 {
146 return botan_pwdhash("Scrypt", N, r, p,
147 out, out_len,
148 password, 0,
149 salt, salt_len);
150 }
151
152int botan_bcrypt_generate(uint8_t* out, size_t* out_len,
153 const char* pass,
154 botan_rng_t rng_obj, size_t wf,
155 uint32_t flags)
156 {
157#if defined(BOTAN_HAS_BCRYPT)
158 return ffi_guard_thunk(__func__, [=]() -> int {
159 if(out == nullptr || out_len == nullptr || pass == nullptr)
160 return BOTAN_FFI_ERROR_NULL_POINTER;
161
162 if(flags != 0)
163 return BOTAN_FFI_ERROR_BAD_FLAG;
164
165 if(wf < 4 || wf > 18)
166 return BOTAN_FFI_ERROR_BAD_PARAMETER;
167
168 Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
169 const std::string bcrypt = Botan::generate_bcrypt(pass, rng, static_cast<uint16_t>(wf));
170 return write_str_output(out, out_len, bcrypt);
171 });
172#else
173 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
174#endif
175 }
176
177int botan_bcrypt_is_valid(const char* pass, const char* hash)
178 {
179#if defined(BOTAN_HAS_BCRYPT)
180 return ffi_guard_thunk(__func__, [=]() -> int {
181 return Botan::check_bcrypt(pass, hash) ? BOTAN_FFI_SUCCESS : BOTAN_FFI_INVALID_VERIFIER;
182 });
183#else
184 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
185#endif
186 }
187
188}
Botan::KDF::create_or_throw
static std::unique_ptr< KDF > create_or_throw(const std::string &algo_spec, const std::string &provider="")
Definition: kdf.cpp:212
Botan::PasswordHashFamily::create
static std::unique_ptr< PasswordHashFamily > create(const std::string &algo_spec, const std::string &provider="")
Definition: pwdhash.cpp:49
botan_rng_t
struct botan_rng_struct * botan_rng_t
Definition: ffi.h:200
BOTAN_FFI_ERROR_NOT_IMPLEMENTED
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
Definition: ffi.h:83
BOTAN_FFI_INVALID_VERIFIER
@ BOTAN_FFI_INVALID_VERIFIER
Definition: ffi.h:64
BOTAN_FFI_ERROR_BAD_FLAG
@ BOTAN_FFI_ERROR_BAD_FLAG
Definition: ffi.h:76
BOTAN_FFI_ERROR_NULL_POINTER
@ BOTAN_FFI_ERROR_NULL_POINTER
Definition: ffi.h:77
BOTAN_FFI_SUCCESS
@ BOTAN_FFI_SUCCESS
Definition: ffi.h:63
BOTAN_FFI_ERROR_BAD_PARAMETER
@ BOTAN_FFI_ERROR_BAD_PARAMETER
Definition: ffi.h:78
botan_pbkdf
int botan_pbkdf(const char *algo, uint8_t out[], size_t out_len, const char *pass, const uint8_t salt[], size_t salt_len, size_t iterations)
Definition: ffi_kdf.cpp:21
botan_pwdhash_timed
int botan_pwdhash_timed(const char *algo, uint32_t msec, size_t *param1, size_t *param2, size_t *param3, uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len)
Definition: ffi_kdf.cpp:85
botan_pbkdf_timed
int botan_pbkdf_timed(const char *algo, uint8_t out[], size_t out_len, const char *password, const uint8_t salt[], size_t salt_len, size_t ms_to_run, size_t *iterations_used)
Definition: ffi_kdf.cpp:34
botan_scrypt
int botan_scrypt(uint8_t out[], size_t out_len, const char *password, const uint8_t salt[], size_t salt_len, size_t N, size_t r, size_t p)
Definition: ffi_kdf.cpp:141
botan_bcrypt_generate
int botan_bcrypt_generate(uint8_t *out, size_t *out_len, const char *pass, botan_rng_t rng_obj, size_t wf, uint32_t flags)
Definition: ffi_kdf.cpp:152
botan_kdf
int botan_kdf(const char *kdf_algo, uint8_t out[], size_t out_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len)
Definition: ffi_kdf.cpp:128
botan_pwdhash
int botan_pwdhash(const char *algo, size_t param1, size_t param2, size_t param3, uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len)
Definition: ffi_kdf.cpp:51
botan_bcrypt_is_valid
int botan_bcrypt_is_valid(const char *pass, const char *hash)
Definition: ffi_kdf.cpp:177
Botan::PKCS11::flags
Flags flags(Flag flags)
Definition: p11.h:860
Botan_FFI
Definition: ffi.cpp:17
Botan_FFI::safe_get
T & safe_get(botan_struct< T, M > *p)
Definition: ffi_util.h:65
Botan_FFI::write_str_output
int write_str_output(uint8_t out[], size_t *out_len, const std::string &str)
Definition: ffi_util.h:157
Botan_FFI::ffi_guard_thunk
int ffi_guard_thunk(const char *func_name, const std::function< int()> &thunk)
Definition: ffi.cpp:92
Botan::generate_bcrypt
std::string generate_bcrypt(const std::string &pass, RandomNumberGenerator &rng, uint16_t work_factor, char version)
Definition: bcrypt.cpp:144
Botan::check_bcrypt
bool check_bcrypt(const std::string &pass, const std::string &hash)
Definition: bcrypt.cpp:162
hash
MechanismType hash
Definition: p11_mechanism.cpp:67
salt_len
size_t salt_len
Definition: x509_obj.cpp:25
Generated by doxygen 1.9.3