aboutsummaryrefslogtreecommitdiffstats
path: root/lib/pbkdf/pbkdf.h
diff options
context:
space:
mode:
Diffstat (limited to 'lib/pbkdf/pbkdf.h')
-rw-r--r--lib/pbkdf/pbkdf.h124
1 files changed, 124 insertions, 0 deletions
diff --git a/lib/pbkdf/pbkdf.h b/lib/pbkdf/pbkdf.h
new file mode 100644
index 000000000..65ad8e83a
--- /dev/null
+++ b/lib/pbkdf/pbkdf.h
@@ -0,0 +1,124 @@
+/*
+* PBKDF
+* (C) 1999-2007,2012 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_PBKDF_H__
+#define BOTAN_PBKDF_H__
+
+#include <botan/algo_base.h>
+#include <botan/symkey.h>
+#include <chrono>
+
+namespace Botan {
+
+/**
+* Base class for PBKDF (password based key derivation function)
+* implementations. Converts a password into a key using a salt
+* and iterated hashing to make brute force attacks harder.
+*/
+class BOTAN_DLL PBKDF : public Algorithm
+ {
+ public:
+
+ /**
+ * @return new instance of this same algorithm
+ */
+ virtual PBKDF* clone() const = 0;
+
+ void clear() {}
+
+ /**
+ * Derive a key from a passphrase
+ * @param output_len the desired length of the key to produce
+ * @param passphrase the password to derive the key from
+ * @param salt a randomly chosen salt
+ * @param salt_len length of salt in bytes
+ * @param iterations the number of iterations to use (use 10K or more)
+ */
+ OctetString derive_key(size_t output_len,
+ const std::string& passphrase,
+ const byte salt[], size_t salt_len,
+ size_t iterations) const;
+
+ /**
+ * Derive a key from a passphrase
+ * @param output_len the desired length of the key to produce
+ * @param passphrase the password to derive the key from
+ * @param salt a randomly chosen salt
+ * @param iterations the number of iterations to use (use 10K or more)
+ */
+ template<typename Alloc>
+ OctetString derive_key(size_t output_len,
+ const std::string& passphrase,
+ const std::vector<byte, Alloc>& salt,
+ size_t iterations) const
+ {
+ return derive_key(output_len, passphrase, &salt[0], salt.size(), iterations);
+ }
+
+ /**
+ * Derive a key from a passphrase
+ * @param output_len the desired length of the key to produce
+ * @param passphrase the password to derive the key from
+ * @param salt a randomly chosen salt
+ * @param salt_len length of salt in bytes
+ * @param msec is how long to run the PBKDF
+ * @param iterations is set to the number of iterations used
+ */
+ OctetString derive_key(size_t output_len,
+ const std::string& passphrase,
+ const byte salt[], size_t salt_len,
+ std::chrono::milliseconds msec,
+ size_t& iterations) const;
+
+ /**
+ * Derive a key from a passphrase using a certain amount of time
+ * @param output_len the desired length of the key to produce
+ * @param passphrase the password to derive the key from
+ * @param salt a randomly chosen salt
+ * @param msec is how long to run the PBKDF
+ * @param iterations is set to the number of iterations used
+ */
+ template<typename Alloc>
+ OctetString derive_key(size_t output_len,
+ const std::string& passphrase,
+ const std::vector<byte, Alloc>& salt,
+ std::chrono::milliseconds msec,
+ size_t& iterations) const
+ {
+ return derive_key(output_len, passphrase, &salt[0], salt.size(), msec, iterations);
+ }
+
+ /**
+ * Derive a key from a passphrase for a number of iterations
+ * specified by either iterations or if iterations == 0 then
+ * running until seconds time has elapsed.
+ *
+ * @param output_len the desired length of the key to produce
+ * @param passphrase the password to derive the key from
+ * @param salt a randomly chosen salt
+ * @param salt_len length of salt in bytes
+ * @param iterations the number of iterations to use (use 10K or more)
+ * @param msec if iterations is zero, then instead the PBKDF is
+ * run until msec milliseconds has passed.
+ * @return the number of iterations performed and the derived key
+ */
+ virtual std::pair<size_t, OctetString>
+ key_derivation(size_t output_len,
+ const std::string& passphrase,
+ const byte salt[], size_t salt_len,
+ size_t iterations,
+ std::chrono::milliseconds msec) const = 0;
+ };
+
+/**
+* For compatability with 1.8
+*/
+typedef PBKDF S2K;
+
+}
+
+#endif