Merge GH #1670 New password hashing interface

2 files changed, 136 insertions, 15 deletions

diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h
index 57631bc28..ff7086488 100644
--- a/src/lib/ffi/ffi.h
+++ b/src/lib/ffi/ffi.h
@@ -514,7 +514,7 @@ BOTAN_PUBLIC_API(2,0) int botan_cipher_destroy(botan_cipher_t cipher);
 
 /*
 * Derive a key from a passphrase for a number of iterations
-* @param pbkdf_algo PBKDF algorithm, e.g., "PBKDF2"
+* @param pbkdf_algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)"
 * @param out buffer to store the derived key, must be of out_len bytes
 * @param out_len the desired length of the key to produce
 * @param passphrase the password to derive the key from
@@ -531,7 +531,7 @@ BOTAN_PUBLIC_API(2,0) int botan_pbkdf(const char* pbkdf_algo,
 
 /**
 * Derive a key from a passphrase, running until msec time has elapsed.
-* @param pbkdf_algo PBKDF algorithm, e.g., "PBKDF2"
+* @param pbkdf_algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)"
 * @param out buffer to store the derived key, must be of out_len bytes
 * @param out_len the desired length of the key to produce
 * @param passphrase the password to derive the key from
@@ -550,6 +550,58 @@ BOTAN_PUBLIC_API(2,0) int botan_pbkdf_timed(const char* pbkdf_algo,
                                 size_t* out_iterations_used);
 
 
+/*
+* Derive a key from a passphrase
+* @param algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)" or "Scrypt"
+* @param param1 the first PBKDF algorithm parameter
+* @param param2 the second PBKDF algorithm parameter (may be zero if unneeded)
+* @param param3 the third PBKDF algorithm parameter (may be zero if unneeded)
+* @param out buffer to store the derived key, must be of out_len bytes
+* @param out_len the desired length of the key to produce
+* @param passphrase the password to derive the key from
+* @param salt a randomly chosen salt
+* @param salt_len length of salt in bytes
+* @return 0 on success, a negative value on failure
+*/
+int BOTAN_PUBLIC_API(2,8) botan_pwdhash(
+   const char* algo,
+   size_t param1,
+   size_t param2,
+   size_t param3,
+   uint8_t out[],
+   size_t out_len,
+   const char* passphrase,
+   size_t passphrase_len,
+   const uint8_t salt[],
+   size_t salt_len);
+
+/*
+* Derive a key from a passphrase
+* @param pbkdf_algo PBKDF algorithm, e.g., "Scrypt" or "PBKDF2(SHA-256)"
+* @param msec the desired runtime in milliseconds
+* @param param1 will be set to the first password hash parameter
+* @param param2 will be set to the second password hash parameter
+* @param param3 will be set to the third password hash parameter
+* @param out buffer to store the derived key, must be of out_len bytes
+* @param out_len the desired length of the key to produce
+* @param passphrase the password to derive the key from
+* @param salt a randomly chosen salt
+* @param salt_len length of salt in bytes
+* @return 0 on success, a negative value on failure
+*/
+int BOTAN_PUBLIC_API(2,8) botan_pwdhash_timed(
+   const char* algo,
+   uint32_t msec,
+   size_t* param1,
+   size_t* param2,
+   size_t* param3,
+   uint8_t out[],
+   size_t out_len,
+   const char* passphrase,
+   size_t passphrase_len,
+   const uint8_t salt[],
+   size_t salt_len);
+
 /**
 * Derive a key using scrypt
 */
@@ -557,6 +609,7 @@ BOTAN_PUBLIC_API(2,8) int botan_scrypt(uint8_t out[], size_t out_len,
                                        const char* passphrase,
                                        const uint8_t salt[], size_t salt_len,
                                        size_t N, size_t r, size_t p);
+
 /**
 * Derive a key
 * @param kdf_algo KDF algorithm, e.g., "SP800-56C"
diff --git a/src/lib/ffi/ffi_kdf.cpp b/src/lib/ffi/ffi_kdf.cpp
index c63406625..b72fe935e 100644
--- a/src/lib/ffi/ffi_kdf.cpp
+++ b/src/lib/ffi/ffi_kdf.cpp
@@ -22,29 +22,97 @@ extern "C" {
 
 using namespace Botan_FFI;
 
-int botan_pbkdf(const char* pbkdf_algo, uint8_t out[], size_t out_len,
+int botan_pbkdf(const char* algo, uint8_t out[], size_t out_len,
                 const char* pass, const uint8_t salt[], size_t salt_len,
                 size_t iterations)
    {
-   return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
-      std::unique_ptr<Botan::PBKDF> pbkdf(Botan::get_pbkdf(pbkdf_algo));
-      pbkdf->pbkdf_iterations(out, out_len, pass, salt, salt_len, iterations);
-      return BOTAN_FFI_SUCCESS;
-      });
+   return botan_pwdhash(algo,
+                        iterations,
+                        0,
+                        0,
+                        out, out_len,
+                        pass, std::strlen(pass),
+                        salt, salt_len);
    }
 
-int botan_pbkdf_timed(const char* pbkdf_algo,
+int botan_pbkdf_timed(const char* algo,
                       uint8_t out[], size_t out_len,
                       const char* password,
                       const uint8_t salt[], size_t salt_len,
                       size_t ms_to_run,
                       size_t* iterations_used)
    {
+   return botan_pwdhash_timed(algo,
+                              static_cast<uint32_t>(ms_to_run),
+                              iterations_used,
+                              nullptr,
+                              nullptr,
+                              out, out_len,
+                              password, std::strlen(password),
+                              salt, salt_len);
+   }
+
+int botan_pwdhash(
+   const char* algo,
+   size_t param1,
+   size_t param2,
+   size_t param3,
+   uint8_t out[],
+   size_t out_len,
+   const char* password,
+   size_t password_len,
+   const uint8_t salt[],
+   size_t salt_len)
+   {
+   return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
+      auto pwdhash_fam = Botan::PasswordHashFamily::create(algo);
+
+      if(!pwdhash_fam)
+         return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
+
+      auto pwdhash = pwdhash_fam->from_params(param1, param2, param3);
+
+      pwdhash->derive_key(out, out_len,
+                          password, password_len,
+                          salt, salt_len);
+
+      return BOTAN_FFI_SUCCESS;
+      });
+   }
+
+int botan_pwdhash_timed(
+   const char* algo,
+   uint32_t msec,
+   size_t* param1,
+   size_t* param2,
+   size_t* param3,
+   uint8_t out[],
+   size_t out_len,
+   const char* password,
+   size_t password_len,
+   const uint8_t salt[],
+   size_t salt_len)
+   {
    return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
-      std::unique_ptr<Botan::PBKDF> pbkdf(Botan::get_pbkdf(pbkdf_algo));
-      pbkdf->pbkdf_timed(out, out_len, password, salt, salt_len,
-                         std::chrono::milliseconds(ms_to_run),
-                         *iterations_used);
+
+      auto pwdhash_fam = Botan::PasswordHashFamily::create(algo);
+
+      if(!pwdhash_fam)
+         return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
+
+      auto pwdhash = pwdhash_fam->tune(out_len, std::chrono::milliseconds(msec));
+
+      if(param1)
+         *param1 = pwdhash->iterations();
+      if(param2)
+         *param2 = pwdhash->parallelism();
+      if(param3)
+         *param3 = pwdhash->memory_param();
+
+      pwdhash->derive_key(out, out_len,
+                          password, password_len,
+                          salt, salt_len);
+
       return BOTAN_FFI_SUCCESS;
       });
    }
@@ -63,13 +131,13 @@ int botan_kdf(const char* kdf_algo,
    }
 
 int botan_scrypt(uint8_t out[], size_t out_len,
-                 const char* passphrase,
+                 const char* password,
                  const uint8_t salt[], size_t salt_len,
                  size_t N, size_t r, size_t p)
    {
 #if defined(BOTAN_HAS_SCRYPT)
    return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
-      Botan::scrypt(out, out_len, passphrase, salt, salt_len, N, r, p);
+      Botan::scrypt(out, out_len, password, strlen(password), salt, salt_len, N, r, p);
       return BOTAN_FFI_SUCCESS;
    });
 #else