3 #ifndef CRYPTOPP_PWDBASED_H
4 #define CRYPTOPP_PWDBASED_H
11 NAMESPACE_BEGIN(CryptoPP)
17 virtual size_t MaxDerivedKeyLength()
const =0;
18 virtual bool UsesPurposeByte()
const =0;
22 virtual unsigned int DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds=0)
const =0;
30 size_t MaxDerivedKeyLength()
const {
return T::DIGESTSIZE;}
31 bool UsesPurposeByte()
const {
return false;}
33 unsigned int DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds=0)
const;
41 size_t MaxDerivedKeyLength()
const {
return 0xffffffffU;}
42 bool UsesPurposeByte()
const {
return false;}
43 unsigned int DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds=0)
const;
57 unsigned int PKCS5_PBKDF1<T>::DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds)
const
59 assert(derivedLen <= MaxDerivedKeyLength());
60 assert(iterations > 0 || timeInSeconds > 0);
66 hash.Update(password, passwordLen);
67 hash.Update(salt, saltLen);
78 for (i=1; i<iterations || (timeInSeconds && (i%128!=0 || timer.ElapsedTimeAsDouble() < timeInSeconds)); i++)
79 hash.CalculateDigest(buffer, buffer, buffer.size());
81 memcpy(derived, buffer, derivedLen);
86 unsigned int PKCS5_PBKDF2_HMAC<T>::DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds)
const
88 assert(derivedLen <= MaxDerivedKeyLength());
89 assert(iterations > 0 || timeInSeconds > 0);
94 HMAC<T> hmac(password, passwordLen);
99 while (derivedLen > 0)
101 hmac.
Update(salt, saltLen);
105 byte b = byte(i >> ((3-j)*8));
110 size_t segmentLen = STDMIN(derivedLen, buffer.size());
111 memcpy(derived, buffer, segmentLen);
115 timeInSeconds = timeInSeconds / ((derivedLen + buffer.size() - 1) / buffer.size());
119 for (j=1; j<iterations || (timeInSeconds && (j%128!=0 || timer.ElapsedTimeAsDouble() < timeInSeconds)); j++)
122 xorbuf(derived, buffer, segmentLen);
131 derived += segmentLen;
132 derivedLen -= segmentLen;
144 size_t MaxDerivedKeyLength()
const {
return size_t(0)-1;}
145 bool UsesPurposeByte()
const {
return true;}
146 unsigned int DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds)
const;
150 unsigned int PKCS12_PBKDF<T>::DeriveKey(byte *derived,
size_t derivedLen, byte purpose,
const byte *password,
size_t passwordLen,
const byte *salt,
size_t saltLen,
unsigned int iterations,
double timeInSeconds)
const
152 assert(derivedLen <= MaxDerivedKeyLength());
153 assert(iterations > 0 || timeInSeconds > 0);
158 const size_t v = T::BLOCKSIZE;
159 const size_t DLen = v, SLen = RoundUpToMultipleOf(saltLen, v);
160 const size_t PLen = RoundUpToMultipleOf(passwordLen, v), ILen = SLen + PLen;
162 byte *D = buffer, *S = buffer+DLen, *P = buffer+DLen+SLen, *I = S;
164 memset(D, purpose, DLen);
166 for (i=0; i<SLen; i++)
167 S[i] = salt[i % saltLen];
168 for (i=0; i<PLen; i++)
169 P[i] = password[i % passwordLen];
176 while (derivedLen > 0)
178 hash.CalculateDigest(Ai, buffer, buffer.size());
182 timeInSeconds = timeInSeconds / ((derivedLen + Ai.size() - 1) / Ai.size());
186 for (i=1; i<iterations || (timeInSeconds && (i%128!=0 || timer.ElapsedTimeAsDouble() < timeInSeconds)); i++)
187 hash.CalculateDigest(Ai, Ai, Ai.size());
191 iterations = (
unsigned int)i;
195 for (i=0; i<B.size(); i++)
196 B[i] = Ai[i % Ai.size()];
200 for (i=0; i<ILen; i+=v)
201 (
Integer(I+i, v) + B1).Encode(I+i, v);
203 size_t segmentLen = STDMIN(derivedLen, Ai.size());
204 memcpy(derived, Ai, segmentLen);
205 derived += segmentLen;
206 derivedLen -= segmentLen;
unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds=0) const
derive key from password
unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds) const
derive key from password
abstract base class for password based key derivation function
PBKDF2 from PKCS #5, T should be a HashTransformation class.
PBKDF1 from PKCS #5, T should be a HashTransformation class.
unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds=0) const
derive key from password
PBKDF from PKCS #12, appendix B, T should be a HashTransformation class.
unsigned int DigestSize() const
size of the hash/digest/MAC returned by Final()
multiple precision integer and basic arithmetics
void Update(const byte *input, size_t length)
process more input
measure CPU time spent executing instructions of this thread (if supported by OS) ...