Modify the S2K interface. Instead of being stateful in terms of the salt

and iteration count, force it to be passed to each call to derive_key.
So remove current_salt, set_iterations, new_random_salt, and change_salt
functions from S2K interface.

Update examples and test application to match.

While I was in there, change the passhash example to use 64 bit salts
and 128 bit PBKDF2 outputs.

1 files changed, 5 insertions, 3 deletions

diff --git a/src/s2k/pbkdf2/pbkdf2.h b/src/s2k/pbkdf2/pbkdf2.h
index 7510338bb..b6d231916 100644
--- a/src/s2k/pbkdf2/pbkdf2.h
+++ b/src/s2k/pbkdf2/pbkdf2.h
@@ -22,6 +22,11 @@ class BOTAN_DLL PKCS5_PBKDF2 : public S2K
       std::string name() const;
       S2K* clone() const;
 
+      OctetString derive_key(u32bit output_len,
+                             const std::string& passphrase,
+                             const byte salt[], u32bit salt_len,
+                             u32bit iterations) const;
+
       /**
       * Create a PKCS #5 instance using the specified message auth code
       * @param mac the MAC to use
@@ -29,9 +34,6 @@ class BOTAN_DLL PKCS5_PBKDF2 : public S2K
       PKCS5_PBKDF2(MessageAuthenticationCode* mac);
       ~PKCS5_PBKDF2();
    private:
-      OctetString derive(u32bit, const std::string&,
-                          const byte[], u32bit, u32bit) const;
-
       MessageAuthenticationCode* mac;
    };