3 #ifndef CRYPTOPP_PWDBASED_H 4 #define CRYPTOPP_PWDBASED_H 17 virtual size_t MaxDerivedKeyLength()
const =0;
18 virtual bool UsesPurposeByte()
const =0;
22 virtual unsigned int DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds=0)
const =0;
30 size_t MaxDerivedKeyLength()
const {
return T::DIGESTSIZE;}
31 bool UsesPurposeByte()
const {
return false;}
33 unsigned int DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds=0)
const;
41 size_t MaxDerivedKeyLength()
const {
return 0xffffffffU;}
42 bool UsesPurposeByte()
const {
return false;}
43 unsigned int DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds=0)
const;
57 unsigned int PKCS5_PBKDF1<T>::DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds)
const 59 CRYPTOPP_UNUSED(purpose);
60 assert(derivedLen <= MaxDerivedKeyLength());
61 assert(iterations > 0 || timeInSeconds > 0);
67 hash.Update(password, passwordLen);
68 hash.Update(salt, saltLen);
79 for (i=1; i<iterations || (timeInSeconds && (i%128!=0 || timer.ElapsedTimeAsDouble() < timeInSeconds)); i++)
80 hash.CalculateDigest(buffer, buffer, buffer.size());
82 memcpy(derived, buffer, derivedLen);
87 unsigned int PKCS5_PBKDF2_HMAC<T>::DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds)
const 89 CRYPTOPP_UNUSED(purpose);
90 assert(derivedLen <= MaxDerivedKeyLength());
91 assert(iterations > 0 || timeInSeconds > 0);
96 HMAC<T> hmac(password, passwordLen);
101 while (derivedLen > 0)
103 hmac.
Update(salt, saltLen);
107 byte b = byte(i >> ((3-j)*8));
112 #if CRYPTOPP_MSC_VERSION 113 const size_t segmentLen =
STDMIN(derivedLen, buffer.size());
114 memcpy_s(derived, segmentLen, buffer, segmentLen);
116 const size_t segmentLen =
STDMIN(derivedLen, buffer.size());
117 memcpy(derived, buffer, segmentLen);
122 timeInSeconds = timeInSeconds / ((derivedLen + buffer.size() - 1) / buffer.size());
126 for (j=1; j<iterations || (timeInSeconds && (j%128!=0 || timer.ElapsedTimeAsDouble() < timeInSeconds)); j++)
129 xorbuf(derived, buffer, segmentLen);
138 derived += segmentLen;
139 derivedLen -= segmentLen;
151 size_t MaxDerivedKeyLength()
const {
return size_t(0)-1;}
152 bool UsesPurposeByte()
const {
return true;}
153 unsigned int DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds)
const;
157 unsigned int PKCS12_PBKDF<T>::DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds)
const 159 assert(derivedLen <= MaxDerivedKeyLength());
160 assert(iterations > 0 || timeInSeconds > 0);
165 const size_t v = T::BLOCKSIZE;
169 byte *D = buffer, *S = buffer+DLen, *P = buffer+DLen+SLen, *I = S;
171 memset(D, purpose, DLen);
173 for (i=0; i<SLen; i++)
174 S[i] = salt[i % saltLen];
175 for (i=0; i<PLen; i++)
176 P[i] = password[i % passwordLen];
183 while (derivedLen > 0)
185 hash.CalculateDigest(Ai, buffer, buffer.
size());
189 timeInSeconds = timeInSeconds / ((derivedLen + Ai.size() - 1) / Ai.size());
193 for (i=1; i<iterations || (timeInSeconds && (i%128!=0 || timer.ElapsedTimeAsDouble() < timeInSeconds)); i++)
194 hash.CalculateDigest(Ai, Ai, Ai.size());
198 iterations = (
unsigned int)i;
202 for (i=0; i<B.
size(); i++)
203 B[i] = Ai[i % Ai.size()];
207 for (i=0; i<ILen; i+=v)
208 (
Integer(I+i, v) + B1).Encode(I+i, v);
210 #if CRYPTOPP_MSC_VERSION 211 const size_t segmentLen =
STDMIN(derivedLen, Ai.size());
212 memcpy_s(derived, segmentLen, Ai, segmentLen);
214 const size_t segmentLen =
STDMIN(derivedLen, Ai.size());
215 std::memcpy(derived, Ai, segmentLen);
218 derived += segmentLen;
219 derivedLen -= segmentLen;
unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds=0) const
derive key from password
unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds) const
derive key from password
abstract base class for password based key derivation function
Abstract base classes that provide a uniform interface to this library.
void memcpy_s(void *dest, size_t sizeInBytes, const void *src, size_t count)
Bounds checking replacement for memcpy()
size_type size() const
Provides the count of elements in the SecBlock.
SecByteBlock is a SecBlock<byte> typedef.
PBKDF2 from PKCS #5, T should be a HashTransformation class.
PBKDF1 from PKCS #5, T should be a HashTransformation class.
Classes for HMAC message authentication codes.
unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds=0) const
derive key from password
PBKDF from PKCS #12, appendix B, T should be a HashTransformation class.
unsigned int DigestSize() const
Provides the digest size of the hash.
Multiple precision integer with arithmetic operations.
void Update(const byte *input, size_t length)
Updates a hash with additional input.
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
void xorbuf(byte *buf, const byte *mask, size_t count)
Performs an XOR of a buffer with a mask.
T1 RoundUpToMultipleOf(const T1 &n, const T2 &m)
Rounds a value up to a multiple of a second value.
Crypto++ library namespace.
measure CPU time spent executing instructions of this thread (if supported by OS) ...