Botan  1.10.9
Public Member Functions | List of all members
Botan::PKCS5_PBKDF2 Class Reference

#include <pbkdf2.h>

Inheritance diagram for Botan::PKCS5_PBKDF2:
Botan::PBKDF Botan::Algorithm

Public Member Functions

void clear ()
 
PBKDFclone () const
 
OctetString derive_key (size_t output_len, const std::string &passphrase, const byte salt[], size_t salt_len, size_t iterations) const
 
std::string name () const
 
 PKCS5_PBKDF2 (MessageAuthenticationCode *mac_fn)
 
 ~PKCS5_PBKDF2 ()
 

Detailed Description

PKCS #5 PBKDF2

Definition at line 19 of file pbkdf2.h.

Constructor & Destructor Documentation

Botan::PKCS5_PBKDF2::PKCS5_PBKDF2 ( MessageAuthenticationCode mac_fn)
inline

Create a PKCS #5 instance using the specified message auth code

Parameters
mac_fnthe MAC to use

Definition at line 41 of file pbkdf2.h.

41 : mac(mac_fn) {}
Botan::PKCS5_PBKDF2::~PKCS5_PBKDF2 ( )
inline

Destructor

Definition at line 46 of file pbkdf2.h.

References mac.

46 { delete mac; }

Member Function Documentation

void Botan::PBKDF::clear ( )
inlinevirtualinherited

Zeroize internal state

Implements Botan::Algorithm.

Definition at line 30 of file pbkdf.h.

30 {}
PBKDF* Botan::PKCS5_PBKDF2::clone ( ) const
inlinevirtual
Returns
new instance of this same algorithm

Implements Botan::PBKDF.

Definition at line 27 of file pbkdf2.h.

References mac.

28  {
29  return new PKCS5_PBKDF2(mac->clone());
30  }
PKCS5_PBKDF2(MessageAuthenticationCode *mac_fn)
Definition: pbkdf2.h:41
virtual MessageAuthenticationCode * clone() const =0
OctetString Botan::PKCS5_PBKDF2::derive_key ( size_t  output_len,
const std::string &  passphrase,
const byte  salt[],
size_t  salt_len,
size_t  iterations 
) const
virtual

Derive a key from a passphrase

Parameters
output_lenthe desired length of the key to produce
passphrasethe password to derive the key from
salta randomly chosen salt
salt_lenlength of salt in bytes
iterationsthe number of iterations to use (use 10K or more)

Implements Botan::PBKDF.

Definition at line 17 of file pbkdf2.cpp.

References Botan::Buffered_Computation::final(), name(), Botan::Buffered_Computation::output_length(), Botan::SymmetricAlgorithm::set_key(), Botan::to_string(), Botan::Buffered_Computation::update(), Botan::Buffered_Computation::update_be(), and Botan::xor_buf().

Referenced by Botan::check_passhash9(), Botan::CryptoBox::decrypt(), Botan::CryptoBox::encrypt(), and Botan::generate_passhash9().

21  {
22  if(iterations == 0)
23  throw Invalid_Argument("PKCS#5 PBKDF2: Invalid iteration count");
24 
25  try
26  {
27  mac->set_key(reinterpret_cast<const byte*>(passphrase.data()),
28  passphrase.length());
29  }
30  catch(Invalid_Key_Length)
31  {
32  throw Exception(name() + " cannot accept passphrases of length " +
33  to_string(passphrase.length()));
34  }
35 
36  SecureVector<byte> key(key_len);
37 
38  byte* T = &key[0];
39 
40  SecureVector<byte> U(mac->output_length());
41 
42  u32bit counter = 1;
43  while(key_len)
44  {
45  size_t T_size = std::min<size_t>(mac->output_length(), key_len);
46 
47  mac->update(salt, salt_size);
48  mac->update_be(counter);
49  mac->final(&U[0]);
50 
51  xor_buf(T, U, T_size);
52 
53  for(size_t j = 1; j != iterations; ++j)
54  {
55  mac->update(U);
56  mac->final(&U[0]);
57  xor_buf(T, U, T_size);
58  }
59 
60  key_len -= T_size;
61  T += T_size;
62  ++counter;
63  }
64 
65  return key;
66  }
std::string name() const
Definition: pbkdf2.h:22
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
unsigned char byte
Definition: types.h:22
void set_key(const SymmetricKey &key)
Definition: sym_algo.h:60
void update(const byte in[], size_t length)
Definition: buf_comp.h:33
std::runtime_error Exception
Definition: exceptn.h:19
void final(byte out[])
Definition: buf_comp.h:80
std::string to_string(u64bit n, size_t min_len)
Definition: parsing.cpp:42
void update_be(const T in)
Definition: buf_comp.h:48
void xor_buf(byte out[], const byte in[], size_t length)
Definition: xor_buf.h:21
virtual size_t output_length() const =0
unsigned int u32bit
Definition: types.h:32
std::string Botan::PKCS5_PBKDF2::name ( ) const
inlinevirtual
Returns
name of this algorithm

Implements Botan::Algorithm.

Definition at line 22 of file pbkdf2.h.

References mac.

Referenced by derive_key().

23  {
24  return "PBKDF2(" + mac->name() + ")";
25  }
virtual std::string name() const =0

The documentation for this class was generated from the following files: