From ce5253938fd5df031db1ee1cb7443c685fd8746e Mon Sep 17 00:00:00 2001
From: Jack Lloyd <jack@randombit.net>
Date: Sat, 27 May 2017 08:46:15 -0400
Subject: Document that timed calibration is not available for PGP-S2K

Made a try at implementing it but its a huge pain due to the
combination of the iteration count being the byte count and that
we have to end on exactly an encodable iteration count.
---
 src/lib/pbkdf/pgp_s2k/pgp_s2k.h | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/lib/pbkdf/pgp_s2k/pgp_s2k.h')

diff --git a/src/lib/pbkdf/pgp_s2k/pgp_s2k.h b/src/lib/pbkdf/pgp_s2k/pgp_s2k.h
index 3d85ba306..7d8e60a82 100644
--- a/src/lib/pbkdf/pgp_s2k/pgp_s2k.h
+++ b/src/lib/pbkdf/pgp_s2k/pgp_s2k.h
@@ -21,8 +21,11 @@ namespace Botan {
 * If the salt is non-empty and iterations == 1, "salted" S2K is used
 * If the salt is non-empty and iterations > 1, "iterated" S2K is used
 *
-* If iterations == 0 and msec.count() > 0, "iterated" S2K is assumed,
-* and the number of iterations performed is returned.
+* Due to complexities of the PGP S2K algorithm, time-based derivation
+* is not supported. So if iterations == 0 and msec.count() > 0, an
+* exception is thrown. In the future this may be supported, in which
+* case "iterated" S2K will be used and the number of iterations
+* performed is returned.
 *
 * Note that unlike PBKDF2, OpenPGP S2K's "iterations" are defined as
 * the number of bytes hashed.
-- 
cgit v1.2.3