| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Round PBKDF1 and PBKDF2 time-based iterations to multiples of 10000
instead of 8192.
Update the password hashing docs a bit.
|
|
|
|
|
|
| |
This reduces friction to writing an assert, so hopefully there will be
more of them as a result. And we can use asserts in public headers
now, very useful for templates.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
runs the KDF until at least that much time has passed, then returns
the number of interations used.
New parameter to the PKCS8 encryption routines which tells how long to
run the PBKDF. Defaults to 200 milliseconds, which is short enough
that it is unlikely to bother anyone but long enough to provide quite
reasonable security against cracking attacks. On a Core i7-860, 200
ms with PBKDF2/SHA-1 runs about 180K to 220K iterations (compare with
previous default of 10K).
New PBE interface, remove new_params/set_key and require all inputs
including the passphrase to be passed to the constructor.
Drop the PGP S2K as it is pretty weird and not really useful outside
of a full PGP implementation.
Drop the deprecated PKCS8::encrypt_key and PKCS8::encode functions.
|
|
|
|
|
|
| |
using a custom allocator. Currently our allocator just does new/delete
with a memset before deletion, and the mmap and mlock allocators have
been removed.
|
|
|
|
|
|
| |
with a custom allocator; remove the 3 argument version of
MemoryRegion::copy, replacing with freestanding buffer_insert
function.
|
|\
| |
| |
| |
| |
| | |
303b2518a80553214b1e5ab4d9b96ef54629cbc7)
to branch 'net.randombit.botan.c++0x' (head d734eefabe4816be4dd3e3e6e7bb13b7ab5be148)
|
| |\
| | |
| | |
| | |
| | |
| | | |
2898d79f992f27a328a3e41d34b46eb1052da0de)
to branch 'net.randombit.botan.c++0x' (head 6cba76268fd69a73195760c021b7f881b8a6552c)
|
| | | |
|
| | |\
| | | |
| | | |
| | | |
| | | |
| | | | |
a29c41b4a949207b1544096c3afab668f8b5179e)
to branch 'net.randombit.botan.c++0x' (head a9d0c2f805b3c20a4c648575d7256959db8329fe)
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
161b5c0300b72baa746f101fda1e2b4a7c71818c)
to branch 'net.randombit.botan.c++0x' (head 1fc3875bb8daf4ad0e90ba66db72642203cb9984)
|
| | | |
| | | |
| | | |
| | | | |
safe/useful
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
query, clearing, and cloning. Applies to ciphers, hashes, MACs, and
PBKDFs. May extend to KDFs later as well.
A single combined hierarchy in particular will make the algo_factory
much simpler.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|/ /
| |
| |
| |
| | |
representation (rather than in an interator context), instead use &buf[0],
which works for both MemoryRegion and std::vector
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
so for compatability with keys that were encrypted with an empty
passphrase we probably want to support it as well.
In PBKDF2, don't reject empty passphrases out of hand; simply call
set_key and if the underlying MAC cannot use the key, throw an
informative exception. This will also be more helpful in the case that
someone tries using another MAC (say, CMAC) with a block cipher that
only supports keys of specific sizes.
In HMAC, allow zero-length keys. This is not really optimal in the
sense of allowing the user to do something dumb, but a 1 byte key
would be pretty dumb as well and we already allowed that.
Add a test vector using an empty passphrase generated by OpenSSL
|
| | |
|
|/ |
|
|
really is only used by OpenPGP, and largely it was named S2K here
because the OpenPGP S2K was implemented years before the ones in PKCS
#5. We have a typedef of PBKDF to S2K, and an inlined get_s2k that
calls get_pbkdf for source compatability.
There doesn't seem to be any reason to have a forward for the renamed
s2k.h header - to actually use a PBKDF, you'd have to either include
lookup.h and call get_s2k / get_pbkdf, or else include an
algorithm-specific header and use it directly. In either case,
including s2k.h is neither necessary nor sufficient.
|