Botan 3.0.0
Crypto and TLS for C&
pbkdf.cpp
Go to the documentation of this file.
1/*
2* PBKDF
3* (C) 2012 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/pbkdf.h>
9#include <botan/exceptn.h>
10#include <botan/internal/scan_name.h>
11
12#if defined(BOTAN_HAS_PBKDF2)
13#include <botan/pbkdf2.h>
14#endif
15
16#if defined(BOTAN_HAS_PGP_S2K)
17#include <botan/pgp_s2k.h>
18#endif
19
20namespace Botan {
21
22std::unique_ptr<PBKDF> PBKDF::create(std::string_view algo_spec,
23 std::string_view provider)
24 {
25 const SCAN_Name req(algo_spec);
26
27#if defined(BOTAN_HAS_PBKDF2)
28 if(req.algo_name() == "PBKDF2")
29 {
30 // TODO OpenSSL
31
32 if(provider.empty() || provider == "base")
33 {
34 if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")"))
35 return std::make_unique<PKCS5_PBKDF2>(std::move(mac));
36
37 if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
38 return std::make_unique<PKCS5_PBKDF2>(std::move(mac));
39 }
40
41 return nullptr;
42 }
43#endif
44
45#if defined(BOTAN_HAS_PGP_S2K)
46 if(req.algo_name() == "OpenPGP-S2K" && req.arg_count() == 1)
47 {
48 if(auto hash = HashFunction::create(req.arg(0)))
49 return std::make_unique<OpenPGP_S2K>(std::move(hash));
50 }
51#endif
52
53 BOTAN_UNUSED(req);
54 BOTAN_UNUSED(provider);
55
56 return nullptr;
57 }
58
59//static
60std::unique_ptr<PBKDF>
61PBKDF::create_or_throw(std::string_view algo,
62 std::string_view provider)
63 {
64 if(auto pbkdf = PBKDF::create(algo, provider))
65 {
66 return pbkdf;
67 }
68 throw Lookup_Error("PBKDF", algo, provider);
69 }
70
71std::vector<std::string> PBKDF::providers(std::string_view algo_spec)
72 {
73 return probe_providers_of<PBKDF>(algo_spec);
74 }
75
76void PBKDF::pbkdf_timed(uint8_t out[], size_t out_len,
77 std::string_view passphrase,
78 const uint8_t salt[], size_t salt_len,
79 std::chrono::milliseconds msec,
80 size_t& iterations) const
81 {
82 iterations = pbkdf(out, out_len, passphrase, salt, salt_len, 0, msec);
83 }
84
85void PBKDF::pbkdf_iterations(uint8_t out[], size_t out_len,
86 std::string_view passphrase,
87 const uint8_t salt[], size_t salt_len,
88 size_t iterations) const
89 {
90 if(iterations == 0)
91 throw Invalid_Argument(name() + ": Invalid iteration count");
92
93 const size_t iterations_run = pbkdf(out, out_len, passphrase,
94 salt, salt_len, iterations,
95 std::chrono::milliseconds(0));
96 BOTAN_ASSERT_EQUAL(iterations, iterations_run, "Expected PBKDF iterations");
97 }
98
100 std::string_view passphrase,
101 const uint8_t salt[], size_t salt_len,
102 size_t iterations) const
103 {
104 secure_vector<uint8_t> out(out_len);
105 pbkdf_iterations(out.data(), out_len, passphrase, salt, salt_len, iterations);
106 return out;
107 }
108
110 std::string_view passphrase,
111 const uint8_t salt[], size_t salt_len,
112 std::chrono::milliseconds msec,
113 size_t& iterations) const
114 {
115 secure_vector<uint8_t> out(out_len);
116 pbkdf_timed(out.data(), out_len, passphrase, salt, salt_len, msec, iterations);
117 return out;
118 }
119
120}
#define BOTAN_UNUSED(...)
Definition: assert.h:141
#define BOTAN_ASSERT_EQUAL(expr1, expr2, assertion_made)
Definition: assert.h:80
static std::unique_ptr< HashFunction > create(std::string_view algo_spec, std::string_view provider="")
Definition: hash.cpp:102
static std::unique_ptr< MessageAuthenticationCode > create(std::string_view algo_spec, std::string_view provider="")
Definition: mac.cpp:46
static std::vector< std::string > providers(std::string_view algo_spec)
Definition: pbkdf.cpp:71
static std::unique_ptr< PBKDF > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition: pbkdf.cpp:61
virtual size_t pbkdf(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations, std::chrono::milliseconds msec) const =0
void pbkdf_iterations(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const
Definition: pbkdf.cpp:85
void pbkdf_timed(uint8_t out[], size_t out_len, std::string_view passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const
Definition: pbkdf.cpp:76
virtual std::string name() const =0
static std::unique_ptr< PBKDF > create(std::string_view algo_spec, std::string_view provider="")
Definition: pbkdf.cpp:22
std::string arg(size_t i) const
Definition: scan_name.cpp:129
size_t arg_count() const
Definition: scan_name.h:50
const std::string algo_name() const
Definition: scan_name.h:45
Definition: alg_id.cpp:12
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:64