New in version 2.4.0.
Many applications need to store pre-shared keys (hereafter PSKs) for authentication purposes.
An abstract interface to PSK stores is provided in
Returns true if (at least) the PSKs themselves are encrypted. Returns false if PSKs are stored in plaintext.
Return the set of valid names stored in the database, ie values for which
getwill return a value.
set(const std::string &name, const uint8_t psk, size_t psk_len)¶
Save a PSK. If
namealready exists, the current value will be overwritten.
get(const std::string &name) const¶
Return a value saved with
set. Throws an exception if
remove(const std::string &name)¶
namefrom the database. If
namedoesn’t exist, ignores the request.
set_str(const std::string &name, const std::string &psk)¶
setbut accepts the psk as a string (eg for a password).
The same header also provides a specific instantiation of
encrypts both names and PSKs. It must be subclassed to provide the storage.
Encrypted_PSK_Database: public PSK_Database¶
Encrypted_PSK_Database(const secure_vector<uint8_t> &master_key)¶
Initializes or opens a PSK database. The master key is used the secure the contents. It may be of any length. If encrypting PSKs under a passphrase, use a suitable key derivation scheme (such as PBKDF2) to derive the secret key. If the master key is lost, all PSKs stored are unrecoverable.
Both names and values are encrypted using NIST key wrapping (see NIST SP800-38F) with AES-256. First the master key is used with HMAC(SHA-256) to derive two 256-bit keys, one for encrypting all names and the other to key an instance of HMAC(SHA-256). Values are each encrypted under an individual key created by hashing the encrypted name with HMAC. This associates the encrypted key with the name, and prevents an attacker with write access to the data store from taking an encrypted key associated with one entity and copying it to another entity.
Names and PSKs are both padded to the next multiple of 8 bytes, providing some obfuscation of the length.
One artifact of the names being encrypted is that is is possible to use multiple different master keys with the same underlying storage. Each master key will be responsible for a subset of the keys. An attacker who knows one of the keys will be able to tell there are other values encrypted under another key.
kv_set(const std::string &index, const std::string &value) = 0¶
Save an encrypted value. Both
valuewill be non-empty base64 encoded strings.
kv_get(const std::string &index) const = 0¶
Return a value saved with
kv_set, or return the empty string.
kv_del(const std::string &index) = 0¶
Remove a value saved with
kv_get_all() const = 0¶
Return all active names (ie values for which
kv_getwill return a non-empty string).
A subclass of
Encrypted_PSK_Database which stores data in a SQL database
is also available. This class is declared in