Rename S2K to PBKDF, because that is by far the most common name - S2K

really is only used by OpenPGP, and largely it was named S2K here
because the OpenPGP S2K was implemented years before the ones in PKCS
#5. We have a typedef of PBKDF to S2K, and an inlined get_s2k that
calls get_pbkdf for source compatability.

There doesn't seem to be any reason to have a forward for the renamed
s2k.h header - to actually use a PBKDF, you'd have to either include
lookup.h and call get_s2k / get_pbkdf, or else include an
algorithm-specific header and use it directly. In either case,
including s2k.h is neither necessary nor sufficient.

3 files changed, 104 insertions, 0 deletions

diff --git a/src/pbkdf/pbkdf1/info.txt b/src/pbkdf/pbkdf1/info.txt
new file mode 100644
index 000000000..e51b44886
--- /dev/null
+++ b/src/pbkdf/pbkdf1/info.txt
@@ -0,0 +1,5 @@
+define PBKDF1
+
+<requires>
+hash
+</requires>
diff --git a/src/pbkdf/pbkdf1/pbkdf1.cpp b/src/pbkdf/pbkdf1/pbkdf1.cpp
new file mode 100644
index 000000000..02d2c6cc0
--- /dev/null
+++ b/src/pbkdf/pbkdf1/pbkdf1.cpp
@@ -0,0 +1,40 @@
+/*
+* PBKDF1
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/pbkdf1.h>
+#include <botan/exceptn.h>
+
+namespace Botan {
+
+/*
+* Return a PKCS#5 PBKDF1 derived key
+*/
+OctetString PKCS5_PBKDF1::derive_key(u32bit key_len,
+                                     const std::string& passphrase,
+                                     const byte salt[], u32bit salt_size,
+                                     u32bit iterations) const
+   {
+   if(iterations == 0)
+      throw Invalid_Argument("PKCS5_PBKDF1: Invalid iteration count");
+
+   if(key_len > hash->OUTPUT_LENGTH)
+      throw Invalid_Argument("PKCS5_PBKDF1: Requested output length too long");
+
+   hash->update(passphrase);
+   hash->update(salt, salt_size);
+   SecureVector<byte> key = hash->final();
+
+   for(u32bit j = 1; j != iterations; ++j)
+      {
+      hash->update(key);
+      hash->final(key);
+      }
+
+   return OctetString(key, std::min(key_len, key.size()));
+   }
+
+}
diff --git a/src/pbkdf/pbkdf1/pbkdf1.h b/src/pbkdf/pbkdf1/pbkdf1.h
new file mode 100644
index 000000000..d10536f7e
--- /dev/null
+++ b/src/pbkdf/pbkdf1/pbkdf1.h
@@ -0,0 +1,59 @@
+/*
+* PBKDF1
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_PBKDF1_H__
+#define BOTAN_PBKDF1_H__
+
+#include <botan/pbkdf.h>
+#include <botan/hash.h>
+
+namespace Botan {
+
+/**
+* PKCS #5 v1 PBKDF, aka PBKDF1
+* Can only generate a key up to the size of the hash output.
+* Unless needed for backwards compatability, use PKCS5_PBKDF2
+*/
+class BOTAN_DLL PKCS5_PBKDF1 : public PBKDF
+   {
+   public:
+      /**
+      * Create a PKCS #5 instance using the specified hash function.
+      * @param hash_in pointer to a hash function object to use
+      */
+      PKCS5_PBKDF1(HashFunction* hash_in) : hash(hash_in) {}
+
+      /**
+      * Copy constructor
+      * @param other the object to copy
+      */
+      PKCS5_PBKDF1(const PKCS5_PBKDF1& other) :
+         PBKDF(), hash(other.hash->clone()) {}
+
+      ~PKCS5_PBKDF1() { delete hash; }
+
+      std::string name() const
+         {
+         return "PBKDF1(" + hash->name() + ")";
+         }
+
+      PBKDF* clone() const
+         {
+         return new PKCS5_PBKDF1(hash->clone());
+         }
+
+      OctetString derive_key(u32bit output_len,
+                             const std::string& passphrase,
+                             const byte salt[], u32bit salt_len,
+                             u32bit iterations) const;
+   private:
+      HashFunction* hash;
+   };
+
+}
+
+#endif