diff options
| author | lloyd <[email protected]> | 2010-07-09 15:06:31 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-07-09 15:06:31 +0000 |
| commit | f9162c355d3cee11be911c4cf469044b5c3c4699 (patch) | |
| tree | 710c305d8e0f965543f56dc06ce2535c842fc524 /src/pbkdf/pgps2k/pgp_s2k.cpp | |
| parent | 14bfa0d15fc666b83a0b58a0713abba76c85dc41 (diff) | |
Rename S2K to PBKDF, because that is by far the most common name - S2K
really is only used by OpenPGP, and largely it was named S2K here
because the OpenPGP S2K was implemented years before the ones in PKCS
#5. We have a typedef of PBKDF to S2K, and an inlined get_s2k that
calls get_pbkdf for source compatability.
There doesn't seem to be any reason to have a forward for the renamed
s2k.h header - to actually use a PBKDF, you'd have to either include
lookup.h and call get_s2k / get_pbkdf, or else include an
algorithm-specific header and use it directly. In either case,
including s2k.h is neither necessary nor sufficient.
Diffstat (limited to 'src/pbkdf/pgps2k/pgp_s2k.cpp')
| -rw-r--r-- | src/pbkdf/pgps2k/pgp_s2k.cpp | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/src/pbkdf/pgps2k/pgp_s2k.cpp b/src/pbkdf/pgps2k/pgp_s2k.cpp new file mode 100644 index 000000000..db18adaf1 --- /dev/null +++ b/src/pbkdf/pgps2k/pgp_s2k.cpp @@ -0,0 +1,57 @@ +/* +* OpenPGP S2K +* (C) 1999-2007 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/pgp_s2k.h> + +namespace Botan { + +/* +* Derive a key using the OpenPGP S2K algorithm +*/ +OctetString OpenPGP_S2K::derive_key(u32bit key_len, + const std::string& passphrase, + const byte salt_buf[], u32bit salt_size, + u32bit iterations) const + { + SecureVector<byte> key(key_len), hash_buf; + + u32bit pass = 0, generated = 0, + total_size = passphrase.size() + salt_size; + u32bit to_hash = std::max(iterations, total_size); + + hash->clear(); + while(key_len > generated) + { + for(u32bit j = 0; j != pass; ++j) + hash->update(0); + + u32bit left = to_hash; + while(left >= total_size) + { + hash->update(salt_buf, salt_size); + hash->update(passphrase); + left -= total_size; + } + if(left <= salt_size) + hash->update(salt_buf, left); + else + { + hash->update(salt_buf, salt_size); + left -= salt_size; + hash->update(reinterpret_cast<const byte*>(passphrase.data()), left); + } + + hash_buf = hash->final(); + key.copy(generated, hash_buf, hash->OUTPUT_LENGTH); + generated += hash->OUTPUT_LENGTH; + ++pass; + } + + return key; + } + +} |