diff options
Diffstat (limited to 'src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2')
| -rw-r--r-- | src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/info.txt | 7 | ||||
| -rw-r--r-- | src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/pbkdf2.cpp | 118 | ||||
| -rw-r--r-- | src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/pbkdf2.h | 57 |
3 files changed, 182 insertions, 0 deletions
diff --git a/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/info.txt b/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/info.txt new file mode 100644 index 00000000000..bc5c2e49168 --- /dev/null +++ b/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/info.txt @@ -0,0 +1,7 @@ +<defines> +PBKDF2 -> 20131128 +</defines> + +<requires> +hmac +</requires> diff --git a/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/pbkdf2.cpp b/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/pbkdf2.cpp new file mode 100644 index 00000000000..cc2982f6e93 --- /dev/null +++ b/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/pbkdf2.cpp @@ -0,0 +1,118 @@ +/* +* PBKDF2 +* (C) 1999-2007 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include <botan/pbkdf2.h> +#include <botan/exceptn.h> +#include <botan/internal/rounding.h> + +namespace Botan { + +size_t +pbkdf2(MessageAuthenticationCode& prf, + uint8_t out[], + size_t out_len, + const std::string& passphrase, + const uint8_t salt[], size_t salt_len, + size_t iterations, + std::chrono::milliseconds msec) + { + clear_mem(out, out_len); + + if(out_len == 0) + return 0; + + try + { + prf.set_key(cast_char_ptr_to_uint8(passphrase.data()), passphrase.size()); + } + catch(Invalid_Key_Length&) + { + throw Exception("PBKDF2 with " + prf.name() + + " cannot accept passphrases of length " + + std::to_string(passphrase.size())); + } + + const size_t prf_sz = prf.output_length(); + secure_vector<uint8_t> U(prf_sz); + + const size_t blocks_needed = round_up(out_len, prf_sz) / prf_sz; + + std::chrono::microseconds usec_per_block = + std::chrono::duration_cast<std::chrono::microseconds>(msec) / blocks_needed; + + uint32_t counter = 1; + while(out_len) + { + const size_t prf_output = std::min<size_t>(prf_sz, out_len); + + prf.update(salt, salt_len); + prf.update_be(counter++); + prf.final(U.data()); + + xor_buf(out, U.data(), prf_output); + + if(iterations == 0) + { + /* + If no iterations set, run the first block to calibrate based + on how long hashing takes on whatever machine we're running on. + */ + + const auto start = std::chrono::high_resolution_clock::now(); + + iterations = 1; // the first iteration we did above + + while(true) + { + prf.update(U); + prf.final(U.data()); + xor_buf(out, U.data(), prf_output); + iterations++; + + /* + Only break on relatively 'even' iterations. For one it + avoids confusion, and likely some broken implementations + break on getting completely randomly distributed values + */ + if(iterations % 10000 == 0) + { + auto time_taken = std::chrono::high_resolution_clock::now() - start; + auto usec_taken = std::chrono::duration_cast<std::chrono::microseconds>(time_taken); + if(usec_taken > usec_per_block) + break; + } + } + } + else + { + for(size_t i = 1; i != iterations; ++i) + { + prf.update(U); + prf.final(U.data()); + xor_buf(out, U.data(), prf_output); + } + } + + out_len -= prf_output; + out += prf_output; + } + + return iterations; + } + +size_t +PKCS5_PBKDF2::pbkdf(uint8_t key[], size_t key_len, + const std::string& passphrase, + const uint8_t salt[], size_t salt_len, + size_t iterations, + std::chrono::milliseconds msec) const + { + return pbkdf2(*m_mac.get(), key, key_len, passphrase, salt, salt_len, iterations, msec); + } + + +} diff --git a/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/pbkdf2.h b/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/pbkdf2.h new file mode 100644 index 00000000000..ea357cac0b9 --- /dev/null +++ b/src/libs/3rdparty/botan/src/lib/pbkdf/pbkdf2/pbkdf2.h @@ -0,0 +1,57 @@ +/* +* PBKDF2 +* (C) 1999-2007,2012 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#ifndef BOTAN_PBKDF2_H_ +#define BOTAN_PBKDF2_H_ + +#include <botan/pbkdf.h> +#include <botan/mac.h> + +namespace Botan { + +BOTAN_PUBLIC_API(2,0) size_t pbkdf2(MessageAuthenticationCode& prf, + uint8_t out[], + size_t out_len, + const std::string& passphrase, + const uint8_t salt[], size_t salt_len, + size_t iterations, + std::chrono::milliseconds msec); + +/** +* PKCS #5 PBKDF2 +*/ +class BOTAN_PUBLIC_API(2,0) PKCS5_PBKDF2 final : public PBKDF + { + public: + std::string name() const override + { + return "PBKDF2(" + m_mac->name() + ")"; + } + + PBKDF* clone() const override + { + return new PKCS5_PBKDF2(m_mac->clone()); + } + + size_t pbkdf(uint8_t output_buf[], size_t output_len, + const std::string& passphrase, + const uint8_t salt[], size_t salt_len, + size_t iterations, + std::chrono::milliseconds msec) const override; + + /** + * Create a PKCS #5 instance using the specified message auth code + * @param mac_fn the MAC object to use as PRF + */ + explicit PKCS5_PBKDF2(MessageAuthenticationCode* mac_fn) : m_mac(mac_fn) {} + private: + std::unique_ptr<MessageAuthenticationCode> m_mac; + }; + +} + +#endif |