1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
/*
* Password Hashing
* (C) 2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
#include <botan/passhash.h>
#include <botan/pbkdf2.h>
#include <botan/hmac.h>
#include <botan/sha2_64.h>
#include <botan/base64.h>
#include <botan/pipe.h>
namespace Botan {
namespace {
const u32bit SALT_BYTES = 8; // 64 bits of salt
const u32bit PBKDF_OUTPUT_LEN = 15; // 112 bits output
const u32bit WORK_FACTOR_SCALE = 10000;
}
std::string password_hash(const std::string& pass,
RandomNumberGenerator& rng,
byte work_factor)
{
PKCS5_PBKDF2 kdf(new HMAC(new SHA_512));
SecureVector<byte> salt(SALT_BYTES);
rng.randomize(&salt[0], salt.size());
u32bit kdf_iterations = WORK_FACTOR_SCALE * work_factor;
SecureVector<byte> pbkdf2_output =
kdf.derive_key(PBKDF_OUTPUT_LEN, pass,
&salt[0], salt.size(),
kdf_iterations).bits_of();
Pipe pipe(new Base64_Encoder);
pipe.start_msg();
pipe.write(work_factor);
pipe.write(salt);
pipe.write(pbkdf2_output);
pipe.end_msg();
return pipe.read_all_as_string();
}
bool password_hash_ok(const std::string& pass, const std::string& hash)
{
Pipe pipe(new Base64_Decoder);
pipe.start_msg();
pipe.write(hash);
pipe.end_msg();
SecureVector<byte> bin = pipe.read_all();
if(bin.size() != (1 + PBKDF_OUTPUT_LEN + SALT_BYTES))
return false;
u32bit kdf_iterations = WORK_FACTOR_SCALE * bin[0];
if(kdf_iterations == 0)
return false;
PKCS5_PBKDF2 kdf(new HMAC(new SHA_512));
SecureVector<byte> cmp = kdf.derive_key(
PBKDF_OUTPUT_LEN, pass,
&bin[1], SALT_BYTES,
kdf_iterations).bits_of();
return same_mem(cmp.begin(),
bin.begin() + 1 + SALT_BYTES,
PBKDF_OUTPUT_LEN);
}
}
|
