Support tuning in PGP-S2K PBKDF interface

author: Jack Lloyd <[email protected]> 2018-09-10 14:14:55 -0400
committer: Jack Lloyd <[email protected]> 2018-09-10 14:14:55 -0400
commit: 3731418d7f285d3de36ef31268d773bbbc83f599 (patch)
tree: 20e89c74d2aa655464407780fc8c793784143897 /src/lib/pbkdf
parent: a9e2abdf4a49dcca7e09cc285aef39315dffa252 (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
index 355e2cf44..3f2c564c8 100644
--- a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
+++ b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
@@ -82,7 +82,7 @@ void pgp_s2k(HashFunction& hash,
              size_t iterations)
    {
    if(iterations > 1 && salt_len == 0)
-      throw Invalid_Argument("OpenPGP_S2K requires a salt in iterated mode");
+      throw Invalid_Argument("OpenPGP S2K requires a salt in iterated mode");
 
    secure_vector<uint8_t> input_buf(salt_len + password_size);
    if(salt_len > 0)
@@ -137,8 +137,13 @@ size_t OpenPGP_S2K::pbkdf(uint8_t output_buf[], size_t output_len,
                           size_t iterations,
                           std::chrono::milliseconds msec) const
    {
-   if(iterations == 0 && msec.count() > 0) // FIXME
-      throw Not_Implemented("OpenPGP_S2K does not implemented timed KDF");
+   std::unique_ptr<PasswordHash> pwdhash;
+
+   if(iterations == 0)
+      {
+      RFC4880_S2K_Family s2k_params(m_hash->clone());
+      iterations = s2k_params.tune(output_len, msec, 0)->iterations();
+      }
 
    pgp_s2k(*m_hash, output_buf, output_len,
            password.c_str(), password.size(),
author	Jack Lloyd <[email protected]>	2018-09-10 14:14:55 -0400
committer	Jack Lloyd <[email protected]>	2018-09-10 14:14:55 -0400
commit	3731418d7f285d3de36ef31268d773bbbc83f599 (patch)
tree	20e89c74d2aa655464407780fc8c793784143897 /src/lib/pbkdf
parent	a9e2abdf4a49dcca7e09cc285aef39315dffa252 (diff)