Botan 2.19.2
Crypto and TLS for C&
ffi_kdf.cpp
Go to the documentation of this file.
1/*
2* (C) 2015,2017 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/ffi.h>
8#include <botan/internal/ffi_util.h>
9#include <botan/internal/ffi_rng.h>
10#include <botan/pbkdf.h>
11#include <botan/pwdhash.h>
12#include <botan/kdf.h>
13
14#if defined(BOTAN_HAS_BCRYPT)
15 #include <botan/bcrypt.h>
16#endif
17
18extern "C" {
19
20using namespace Botan_FFI;
21
22int botan_pbkdf(const char* algo, uint8_t out[], size_t out_len,
23 const char* pass, const uint8_t salt[], size_t salt_len,
24 size_t iterations)
25 {
26 return botan_pwdhash(algo,
27 iterations,
28 0,
29 0,
30 out, out_len,
31 pass, 0,
32 salt, salt_len);
33 }
34
35int botan_pbkdf_timed(const char* algo,
36 uint8_t out[], size_t out_len,
37 const char* password,
38 const uint8_t salt[], size_t salt_len,
39 size_t ms_to_run,
40 size_t* iterations_used)
41 {
42 return botan_pwdhash_timed(algo,
43 static_cast<uint32_t>(ms_to_run),
44 iterations_used,
45 nullptr,
46 nullptr,
47 out, out_len,
48 password, 0,
49 salt, salt_len);
50 }
51
52int botan_pwdhash(
53 const char* algo,
54 size_t param1,
55 size_t param2,
56 size_t param3,
57 uint8_t out[],
58 size_t out_len,
59 const char* password,
60 size_t password_len,
61 const uint8_t salt[],
62 size_t salt_len)
63 {
64 if(algo == nullptr || password == nullptr)
65 return BOTAN_FFI_ERROR_NULL_POINTER;
66
67 if(password_len == 0)
68 password_len = std::strlen(password);
69
70 return ffi_guard_thunk(__func__, [=]() -> int {
71 auto pwdhash_fam = Botan::PasswordHashFamily::create(algo);
72
73 if(!pwdhash_fam)
74 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
75
76 auto pwdhash = pwdhash_fam->from_params(param1, param2, param3);
77
78 pwdhash->derive_key(out, out_len,
79 password, password_len,
80 salt, salt_len);
81
82 return BOTAN_FFI_SUCCESS;
83 });
84 }
85
86int botan_pwdhash_timed(
87 const char* algo,
88 uint32_t msec,
89 size_t* param1,
90 size_t* param2,
91 size_t* param3,
92 uint8_t out[],
93 size_t out_len,
94 const char* password,
95 size_t password_len,
96 const uint8_t salt[],
97 size_t salt_len)
98 {
99 if(algo == nullptr || password == nullptr)
100 return BOTAN_FFI_ERROR_NULL_POINTER;
101
102 if(password_len == 0)
103 password_len = std::strlen(password);
104
105 return ffi_guard_thunk(__func__, [=]() -> int {
106
107 auto pwdhash_fam = Botan::PasswordHashFamily::create(algo);
108
109 if(!pwdhash_fam)
110 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
111
112 auto pwdhash = pwdhash_fam->tune(out_len, std::chrono::milliseconds(msec));
113
114 if(param1)
115 *param1 = pwdhash->iterations();
116 if(param2)
117 *param2 = pwdhash->parallelism();
118 if(param3)
119 *param3 = pwdhash->memory_param();
120
121 pwdhash->derive_key(out, out_len,
122 password, password_len,
123 salt, salt_len);
124
125 return BOTAN_FFI_SUCCESS;
126 });
127 }
128
129int botan_kdf(const char* kdf_algo,
130 uint8_t out[], size_t out_len,
131 const uint8_t secret[], size_t secret_len,
132 const uint8_t salt[], size_t salt_len,
133 const uint8_t label[], size_t label_len)
134 {
135 return ffi_guard_thunk(__func__, [=]() -> int {
136 std::unique_ptr<Botan::KDF> kdf(Botan::get_kdf(kdf_algo));
137 kdf->kdf(out, out_len, secret, secret_len, salt, salt_len, label, label_len);
138 return BOTAN_FFI_SUCCESS;
139 });
140 }
141
142int botan_scrypt(uint8_t out[], size_t out_len,
143 const char* password,
144 const uint8_t salt[], size_t salt_len,
145 size_t N, size_t r, size_t p)
146 {
147 return botan_pwdhash("Scrypt", N, r, p,
148 out, out_len,
149 password, 0,
150 salt, salt_len);
151 }
152
153int botan_bcrypt_generate(uint8_t* out, size_t* out_len,
154 const char* pass,
155 botan_rng_t rng_obj, size_t wf,
156 uint32_t flags)
157 {
158#if defined(BOTAN_HAS_BCRYPT)
159 return ffi_guard_thunk(__func__, [=]() -> int {
160 if(out == nullptr || out_len == nullptr || pass == nullptr)
161 return BOTAN_FFI_ERROR_NULL_POINTER;
162
163 if(flags != 0)
164 return BOTAN_FFI_ERROR_BAD_FLAG;
165
166 if(wf < 4 || wf > 18)
167 return BOTAN_FFI_ERROR_BAD_PARAMETER;
168
169 Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
170 const std::string bcrypt = Botan::generate_bcrypt(pass, rng, static_cast<uint16_t>(wf));
171 return write_str_output(out, out_len, bcrypt);
172 });
173#else
174 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
175#endif
176 }
177
178int botan_bcrypt_is_valid(const char* pass, const char* hash)
179 {
180#if defined(BOTAN_HAS_BCRYPT)
181 return ffi_guard_thunk(__func__, [=]() -> int {
182 return Botan::check_bcrypt(pass, hash) ? BOTAN_FFI_SUCCESS : BOTAN_FFI_INVALID_VERIFIER;
183 });
184#else
185 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
186#endif
187 }
188
189}
Botan::PasswordHashFamily::create
static std::unique_ptr< PasswordHashFamily > create(const std::string &algo_spec, const std::string &provider="")
Definition: pwdhash.cpp:33
botan_rng_t
struct botan_rng_struct * botan_rng_t
Definition: ffi.h:190
BOTAN_FFI_ERROR_NOT_IMPLEMENTED
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
Definition: ffi.h:83
BOTAN_FFI_INVALID_VERIFIER
@ BOTAN_FFI_INVALID_VERIFIER
Definition: ffi.h:64
BOTAN_FFI_ERROR_BAD_FLAG
@ BOTAN_FFI_ERROR_BAD_FLAG
Definition: ffi.h:76
BOTAN_FFI_ERROR_NULL_POINTER
@ BOTAN_FFI_ERROR_NULL_POINTER
Definition: ffi.h:77
BOTAN_FFI_SUCCESS
@ BOTAN_FFI_SUCCESS
Definition: ffi.h:63
BOTAN_FFI_ERROR_BAD_PARAMETER
@ BOTAN_FFI_ERROR_BAD_PARAMETER
Definition: ffi.h:78
botan_pbkdf
int botan_pbkdf(const char *algo, uint8_t out[], size_t out_len, const char *pass, const uint8_t salt[], size_t salt_len, size_t iterations)
Definition: ffi_kdf.cpp:22
botan_pwdhash_timed
int botan_pwdhash_timed(const char *algo, uint32_t msec, size_t *param1, size_t *param2, size_t *param3, uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len)
Definition: ffi_kdf.cpp:86
botan_pbkdf_timed
int botan_pbkdf_timed(const char *algo, uint8_t out[], size_t out_len, const char *password, const uint8_t salt[], size_t salt_len, size_t ms_to_run, size_t *iterations_used)
Definition: ffi_kdf.cpp:35
botan_scrypt
int botan_scrypt(uint8_t out[], size_t out_len, const char *password, const uint8_t salt[], size_t salt_len, size_t N, size_t r, size_t p)
Definition: ffi_kdf.cpp:142
botan_bcrypt_generate
int botan_bcrypt_generate(uint8_t *out, size_t *out_len, const char *pass, botan_rng_t rng_obj, size_t wf, uint32_t flags)
Definition: ffi_kdf.cpp:153
botan_kdf
int botan_kdf(const char *kdf_algo, uint8_t out[], size_t out_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len)
Definition: ffi_kdf.cpp:129
botan_pwdhash
int botan_pwdhash(const char *algo, size_t param1, size_t param2, size_t param3, uint8_t out[], size_t out_len, const char *password, size_t password_len, const uint8_t salt[], size_t salt_len)
Definition: ffi_kdf.cpp:52
botan_bcrypt_is_valid
int botan_bcrypt_is_valid(const char *pass, const char *hash)
Definition: ffi_kdf.cpp:178
Botan::PKCS11::flags
Flags flags(Flag flags)
Definition: p11.h:860
Botan_FFI
Definition: ffi.cpp:17
Botan_FFI::ffi_guard_thunk
int ffi_guard_thunk(const char *func_name, std::function< int()> thunk)
Definition: ffi.cpp:89
Botan_FFI::safe_get
T & safe_get(botan_struct< T, M > *p)
Definition: ffi_util.h:61
Botan_FFI::write_str_output
int write_str_output(uint8_t out[], size_t *out_len, const std::string &str)
Definition: ffi_util.h:160
Botan::get_kdf
KDF * get_kdf(const std::string &algo_spec)
Definition: kdf.cpp:241
Botan::generate_bcrypt
std::string generate_bcrypt(const std::string &pass, RandomNumberGenerator &rng, uint16_t work_factor, char version)
Definition: bcrypt.cpp:137
Botan::check_bcrypt
bool check_bcrypt(const std::string &pass, const std::string &hash)
Definition: bcrypt.cpp:155
hash
MechanismType hash
Definition: p11_mechanism.cpp:64
salt_len
size_t salt_len
Definition: x509_obj.cpp:25
Generated by doxygen 1.9.3