Botan 2.19.3
Crypto and TLS for C&
|
#include <pbkdf.h>
Public Member Functions | |
virtual PBKDF * | clone () const =0 |
template<typename Alloc > | |
OctetString | derive_key (size_t out_len, const std::string &passphrase, const std::vector< uint8_t, Alloc > &salt, size_t iterations) const |
template<typename Alloc > | |
OctetString | derive_key (size_t out_len, const std::string &passphrase, const std::vector< uint8_t, Alloc > &salt, std::chrono::milliseconds msec, size_t &iterations) const |
OctetString | derive_key (size_t out_len, const std::string &passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const |
OctetString | derive_key (size_t out_len, const std::string &passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const |
virtual std::string | name () const =0 |
virtual size_t | pbkdf (uint8_t out[], size_t out_len, const std::string &passphrase, const uint8_t salt[], size_t salt_len, size_t iterations, std::chrono::milliseconds msec) const =0 |
secure_vector< uint8_t > | pbkdf_iterations (size_t out_len, const std::string &passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const |
void | pbkdf_iterations (uint8_t out[], size_t out_len, const std::string &passphrase, const uint8_t salt[], size_t salt_len, size_t iterations) const |
secure_vector< uint8_t > | pbkdf_timed (size_t out_len, const std::string &passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const |
void | pbkdf_timed (uint8_t out[], size_t out_len, const std::string &passphrase, const uint8_t salt[], size_t salt_len, std::chrono::milliseconds msec, size_t &iterations) const |
virtual | ~PBKDF ()=default |
Static Public Member Functions | |
static std::unique_ptr< PBKDF > | create (const std::string &algo_spec, const std::string &provider="") |
static std::unique_ptr< PBKDF > | create_or_throw (const std::string &algo_spec, const std::string &provider="") |
static std::vector< std::string > | providers (const std::string &algo_spec) |
Base class for PBKDF (password based key derivation function) implementations. Converts a password into a key using a salt and iterated hashing to make brute force attacks harder.
Starting in 2.8 this functionality is also offered by PasswordHash. The PBKDF interface may be removed in a future release.
|
virtualdefault |
|
pure virtual |
Implemented in Botan::PKCS5_PBKDF1, Botan::PKCS5_PBKDF2, and Botan::OpenPGP_S2K.
|
static |
Create an instance based on a name If provider is empty then best available is chosen.
algo_spec | algorithm name |
provider | provider implementation to choose |
Definition at line 26 of file pbkdf.cpp.
References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::HashFunction::create(), Botan::MessageAuthenticationCode::create(), and hash.
Referenced by create_or_throw().
|
static |
Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.
Definition at line 72 of file pbkdf.cpp.
References create(), and pbkdf().
Referenced by Botan::CryptoBox::decrypt_bin(), Botan::CryptoBox::encrypt(), and Botan::get_pbkdf().
|
inline |
Derive a key from a passphrase
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
iterations | the number of iterations to use (use 10K or more) |
Definition at line 176 of file pbkdf.h.
|
inline |
Derive a key from a passphrase using a certain amount of time
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
msec | is how long to run the PBKDF |
iterations | is set to the number of iterations used |
Definition at line 211 of file pbkdf.h.
|
inline |
Derive a key from a passphrase
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
salt_len | length of salt in bytes |
iterations | the number of iterations to use (use 10K or more) |
Definition at line 160 of file pbkdf.h.
References salt_len.
Referenced by Botan::check_passhash9(), and Botan::generate_passhash9().
|
inline |
Derive a key from a passphrase
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
salt_len | length of salt in bytes |
msec | is how long to run the PBKDF |
iterations | is set to the number of iterations used |
Definition at line 193 of file pbkdf.h.
References salt_len.
|
pure virtual |
Implemented in Botan::PKCS5_PBKDF1, Botan::PKCS5_PBKDF2, and Botan::OpenPGP_S2K.
Referenced by pbkdf_iterations().
|
pure virtual |
Derive a key from a passphrase for a number of iterations specified by either iterations or if iterations == 0 then running until msec time has elapsed.
out | buffer to store the derived key, must be of out_len bytes |
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
salt_len | length of salt in bytes |
iterations | the number of iterations to use (use 10K or more) |
msec | if iterations is zero, then instead the PBKDF is run until msec milliseconds has passed. |
Implemented in Botan::PKCS5_PBKDF1, Botan::PKCS5_PBKDF2, and Botan::OpenPGP_S2K.
Referenced by create_or_throw(), pbkdf_iterations(), and pbkdf_timed().
secure_vector< uint8_t > Botan::PBKDF::pbkdf_iterations | ( | size_t | out_len, |
const std::string & | passphrase, | ||
const uint8_t | salt[], | ||
size_t | salt_len, | ||
size_t | iterations | ||
) | const |
Derive a key from a passphrase for a number of iterations.
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
salt_len | length of salt in bytes |
iterations | the number of iterations to use (use 10K or more) |
Definition at line 110 of file pbkdf.cpp.
References pbkdf_iterations(), and salt_len.
void Botan::PBKDF::pbkdf_iterations | ( | uint8_t | out[], |
size_t | out_len, | ||
const std::string & | passphrase, | ||
const uint8_t | salt[], | ||
size_t | salt_len, | ||
size_t | iterations | ||
) | const |
Derive a key from a passphrase for a number of iterations.
out | buffer to store the derived key, must be of out_len bytes |
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
salt_len | length of salt in bytes |
iterations | the number of iterations to use (use 10K or more) |
Definition at line 96 of file pbkdf.cpp.
References BOTAN_ASSERT_EQUAL, name(), pbkdf(), and salt_len.
Referenced by pbkdf_iterations().
secure_vector< uint8_t > Botan::PBKDF::pbkdf_timed | ( | size_t | out_len, |
const std::string & | passphrase, | ||
const uint8_t | salt[], | ||
size_t | salt_len, | ||
std::chrono::milliseconds | msec, | ||
size_t & | iterations | ||
) | const |
Derive a key from a passphrase, running until msec time has elapsed.
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
salt_len | length of salt in bytes |
msec | if iterations is zero, then instead the PBKDF is run until msec milliseconds has passed. |
iterations | set to the number iterations executed |
Definition at line 120 of file pbkdf.cpp.
References pbkdf_timed(), and salt_len.
void Botan::PBKDF::pbkdf_timed | ( | uint8_t | out[], |
size_t | out_len, | ||
const std::string & | passphrase, | ||
const uint8_t | salt[], | ||
size_t | salt_len, | ||
std::chrono::milliseconds | msec, | ||
size_t & | iterations | ||
) | const |
Derive a key from a passphrase, running until msec time has elapsed.
out | buffer to store the derived key, must be of out_len bytes |
out_len | the desired length of the key to produce |
passphrase | the password to derive the key from |
salt | a randomly chosen salt |
salt_len | length of salt in bytes |
msec | if iterations is zero, then instead the PBKDF is run until msec milliseconds has passed. |
iterations | set to the number iterations executed |
Definition at line 87 of file pbkdf.cpp.
References pbkdf(), and salt_len.
Referenced by pbkdf_timed().
|
static |