Add from_iterations

author: Jack Lloyd <[email protected]> 2018-09-06 15:02:52 -0400
committer: Jack Lloyd <[email protected]> 2018-09-10 13:27:45 -0400
commit: 9e88329b1d5c64e399c1677ccc6c158e45f19511 (patch)
tree: e69afd7882e49959ac8059695c09d54c5a965232 /src/lib/pbkdf
parent: 7a5ef7c8277ef5d85e3f99b7165e42108c179c24 (diff)
7 files changed, 53 insertions, 4 deletions
diff --git a/src/lib/pbkdf/pbkdf2/pbkdf2.cpp b/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
index 47a5a0bb4..65e8a9503 100644
--- a/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
+++ b/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
@@ -214,4 +214,9 @@ std::unique_ptr<PasswordHash> PBKDF2_Family::from_params(size_t iter, size_t, si
    return std::unique_ptr<PasswordHash>(new PBKDF2(*m_prf, iter));
    }
 
+std::unique_ptr<PasswordHash> PBKDF2_Family::from_iterations(size_t iter) const
+   {
+   return std::unique_ptr<PasswordHash>(new PBKDF2(*m_prf, iter));
+   }
+
 }
diff --git a/src/lib/pbkdf/pbkdf2/pbkdf2.h b/src/lib/pbkdf/pbkdf2/pbkdf2.h
index e70f56d99..72637bc30 100644
--- a/src/lib/pbkdf/pbkdf2/pbkdf2.h
+++ b/src/lib/pbkdf/pbkdf2/pbkdf2.h
@@ -77,6 +77,8 @@ class BOTAN_PUBLIC_API(2,8) PBKDF2_Family final : public PasswordHashFamily
       */
       std::unique_ptr<PasswordHash> default_params() const override;
 
+      std::unique_ptr<PasswordHash> from_iterations(size_t iter) const override;
+
       std::unique_ptr<PasswordHash> from_params(
          size_t iter, size_t, size_t) const override;
    private:
diff --git a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
index 65e4e72c0..355e2cf44 100644
--- a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
+++ b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
@@ -188,6 +188,11 @@ std::unique_ptr<PasswordHash> RFC4880_S2K_Family::default_params() const
    return std::unique_ptr<PasswordHash>(new RFC4880_S2K(m_hash->clone(), 50331648));
    }
 
+std::unique_ptr<PasswordHash> RFC4880_S2K_Family::from_iterations(size_t iter) const
+   {
+   return std::unique_ptr<PasswordHash>(new RFC4880_S2K(m_hash->clone(), iter));
+   }
+
 RFC4880_S2K::RFC4880_S2K(HashFunction* hash, size_t iterations) :
    m_hash(hash),
    m_iterations(iterations)
diff --git a/src/lib/pbkdf/pgp_s2k/pgp_s2k.h b/src/lib/pbkdf/pgp_s2k/pgp_s2k.h
index b2c16d9ed..820fa3801 100644
--- a/src/lib/pbkdf/pgp_s2k/pgp_s2k.h
+++ b/src/lib/pbkdf/pgp_s2k/pgp_s2k.h
@@ -143,6 +143,8 @@ class BOTAN_PUBLIC_API(2,8) RFC4880_S2K_Family final : public PasswordHashFamily
       */
       std::unique_ptr<PasswordHash> default_params() const override;
 
+      std::unique_ptr<PasswordHash> from_iterations(size_t iter) const override;
+
       std::unique_ptr<PasswordHash> from_params(
          size_t iter, size_t, size_t) const override;
    private:
diff --git a/src/lib/pbkdf/pwdhash.h b/src/lib/pbkdf/pwdhash.h
index 7ecf111c6..d4a205340 100644
--- a/src/lib/pbkdf/pwdhash.h
+++ b/src/lib/pbkdf/pwdhash.h
@@ -41,9 +41,13 @@ class BOTAN_PUBLIC_API(2,8) PasswordHash
 
       /**
       * Some password hashing algorithms have a parallelism parameter.
-      * If not supported by some algorithm, just returns 1
+      * If the algorithm does not support this notion, then the
+      * function returns zero. This allows distinguishing between a
+      * password hash which just does not support parallel operation,
+      * vs one that does support parallel operation but which has been
+      * configured to use a single lane.
       */
-      virtual size_t parallelism() const { return 1; }
+      virtual size_t parallelism() const { return 0; }
 
       /**
       * Returns an estimate of the total memory usage required to perform this
@@ -119,7 +123,7 @@ class BOTAN_PUBLIC_API(2,8) PasswordHashFamily
       */
       virtual std::unique_ptr<PasswordHash> tune(size_t output_len,
                                                  std::chrono::milliseconds msec,
-                                                 size_t max_memory_usage_mb = 128) const = 0;
+                                                 size_t max_memory_usage_mb = 0) const = 0;
 
       /**
       * Return some default parameter set for this PBKDF that should be good
@@ -129,6 +133,15 @@ class BOTAN_PUBLIC_API(2,8) PasswordHashFamily
       virtual std::unique_ptr<PasswordHash> default_params() const = 0;
 
       /**
+      * Return a parameter chosen based on a rough approximation with the
+      * specified iteration count. The exact value this returns for a particular
+      * algorithm may change from over time. Think of it as an alternative to
+      * tune, where time is expressed in terms of PBKDF2 iterations rather than
+      * milliseconds.
+      */
+      virtual std::unique_ptr<PasswordHash> from_iterations(size_t iterations) const = 0;
+
+      /**
       * Create a password hash using some scheme specific format.
       * Eg PBKDF2 and PGP-S2K set iterations in i1
       * Scrypt uses N,r,p in i{1-3}
diff --git a/src/lib/pbkdf/scrypt/scrypt.cpp b/src/lib/pbkdf/scrypt/scrypt.cpp
index e7f2fd96b..826438926 100644
--- a/src/lib/pbkdf/scrypt/scrypt.cpp
+++ b/src/lib/pbkdf/scrypt/scrypt.cpp
@@ -43,7 +43,6 @@ std::unique_ptr<PasswordHash> Scrypt_Family::tune(size_t output_length,
    *
    * Compute stime(8192,1,1) as baseline and extrapolate
    */
-   //printf("max mem %d\n", max_memory_usage_mb);
 
    const size_t max_memory_usage = max_memory_usage_mb * 1024 * 1024;
    // Starting parameters
@@ -82,6 +81,8 @@ std::unique_ptr<PasswordHash> Scrypt_Family::tune(size_t output_length,
          }
       }
 
+   // Now double N as many times as we can
+
    while(max_memory_usage == 0 || scrypt_memory_usage(N, r, p)*2 < max_memory_usage)
       {
       if(target_nsec / est_nsec >= 2)
@@ -93,6 +94,8 @@ std::unique_ptr<PasswordHash> Scrypt_Family::tune(size_t output_length,
          break;
       }
 
+   // If we have extra runtime budget, increment p
+
    if(target_nsec / est_nsec > 2)
       p *= std::min<size_t>(1024, (target_nsec / est_nsec));
 
@@ -104,6 +107,23 @@ std::unique_ptr<PasswordHash> Scrypt_Family::from_params(size_t N, size_t r, siz
    return std::unique_ptr<PasswordHash>(new Scrypt(N, r, p));
    }
 
+std::unique_ptr<PasswordHash> Scrypt_Family::from_iterations(size_t iter) const
+   {
+   const size_t r = 8;
+   const size_t p = 1;
+
+   size_t N = 8192;
+
+   if(iter > 50000)
+      N = 16384;
+   if(iter > 100000)
+      N = 32768;
+   if(iter > 150000)
+      N = 65536;
+
+   return std::unique_ptr<PasswordHash>(new Scrypt(N, r, p));
+   }
+
 Scrypt::Scrypt(size_t N, size_t r, size_t p) :
    m_N(N), m_r(r), m_p(p)
    {
diff --git a/src/lib/pbkdf/scrypt/scrypt.h b/src/lib/pbkdf/scrypt/scrypt.h
index 8db46f779..42d0f0a3b 100644
--- a/src/lib/pbkdf/scrypt/scrypt.h
+++ b/src/lib/pbkdf/scrypt/scrypt.h
@@ -59,6 +59,8 @@ class BOTAN_PUBLIC_API(2,8) Scrypt_Family final : public PasswordHashFamily
 
       std::unique_ptr<PasswordHash> default_params() const override;
 
+      std::unique_ptr<PasswordHash> from_iterations(size_t iter) const override;
+
       std::unique_ptr<PasswordHash> from_params(
          size_t N, size_t r, size_t p) const override;
    };
author	Jack Lloyd <[email protected]>	2018-09-06 15:02:52 -0400
committer	Jack Lloyd <[email protected]>	2018-09-10 13:27:45 -0400
commit	9e88329b1d5c64e399c1677ccc6c158e45f19511 (patch)
tree	e69afd7882e49959ac8059695c09d54c5a965232 /src/lib/pbkdf
parent	7a5ef7c8277ef5d85e3f99b7165e42108c179c24 (diff)