Coverage Report

Created: 2021-05-04 09:02

/src/botan/src/lib/pbkdf/pwdhash.cpp
Line
Count
Source (jump to first uncovered line)
1
/*
2
* (C) 2018 Ribose Inc
3
*
4
* Botan is released under the Simplified BSD License (see license.txt)
5
*/
6
7
#include <botan/pwdhash.h>
8
#include <botan/exceptn.h>
9
#include <botan/internal/scan_name.h>
10
11
#if defined(BOTAN_HAS_PBKDF2)
12
   #include <botan/pbkdf2.h>
13
#endif
14
15
#if defined(BOTAN_HAS_PGP_S2K)
16
   #include <botan/pgp_s2k.h>
17
#endif
18
19
#if defined(BOTAN_HAS_SCRYPT)
20
   #include <botan/scrypt.h>
21
#endif
22
23
#if defined(BOTAN_HAS_ARGON2)
24
   #include <botan/argon2.h>
25
#endif
26
27
#if defined(BOTAN_HAS_PBKDF_BCRYPT)
28
   #include <botan/bcrypt_pbkdf.h>
29
#endif
30
31
namespace Botan {
32
33
void PasswordHash::derive_key(uint8_t out[], size_t out_len,
34
                              const char* password, size_t password_len,
35
                              const uint8_t salt[], size_t salt_len,
36
                              const uint8_t ad[], size_t ad_len,
37
                              const uint8_t key[], size_t key_len) const
38
0
   {
39
0
   BOTAN_UNUSED(ad, key);
40
41
0
   if(ad_len == 0 && key_len == 0)
42
0
      return this->derive_key(out, out_len,
43
0
                              password, password_len,
44
0
                              salt, salt_len);
45
0
   else
46
0
      throw Not_Implemented("PasswordHash " + this->to_string() + " does not support AD or key");
47
0
   }
48
49
std::unique_ptr<PasswordHashFamily> PasswordHashFamily::create(const std::string& algo_spec,
50
                                     const std::string& provider)
51
0
   {
52
0
   const SCAN_Name req(algo_spec);
53
54
0
#if defined(BOTAN_HAS_PBKDF2)
55
0
   if(req.algo_name() == "PBKDF2")
56
0
      {
57
      // TODO OpenSSL
58
59
0
      if(provider.empty() || provider == "base")
60
0
         {
61
0
         if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")"))
62
0
            return std::make_unique<PBKDF2_Family>(mac.release());
63
64
0
         if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
65
0
            return std::make_unique<PBKDF2_Family>(mac.release());
66
0
         }
67
68
0
      return nullptr;
69
0
      }
70
0
#endif
71
72
0
#if defined(BOTAN_HAS_SCRYPT)
73
0
   if(req.algo_name() == "Scrypt")
74
0
      {
75
0
      return std::make_unique<Scrypt_Family>();
76
0
      }
77
0
#endif
78
79
0
#if defined(BOTAN_HAS_ARGON2)
80
0
   if(req.algo_name() == "Argon2d")
81
0
      {
82
0
      return std::make_unique<Argon2_Family>(static_cast<uint8_t>(0));
83
0
      }
84
0
   else if(req.algo_name() == "Argon2i")
85
0
      {
86
0
      return std::make_unique<Argon2_Family>(static_cast<uint8_t>(1));
87
0
      }
88
0
   else if(req.algo_name() == "Argon2id")
89
0
      {
90
0
      return std::make_unique<Argon2_Family>(static_cast<uint8_t>(2));
91
0
      }
92
0
#endif
93
94
0
#if defined(BOTAN_HAS_PBKDF_BCRYPT)
95
0
   if(req.algo_name() == "Bcrypt-PBKDF")
96
0
      {
97
0
      return std::make_unique<Bcrypt_PBKDF_Family>();
98
0
      }
99
0
#endif
100
101
0
#if defined(BOTAN_HAS_PGP_S2K)
102
0
   if(req.algo_name() == "OpenPGP-S2K" && req.arg_count() == 1)
103
0
      {
104
0
      if(auto hash = HashFunction::create(req.arg(0)))
105
0
         {
106
0
         return std::make_unique<RFC4880_S2K_Family>(hash.release());
107
0
         }
108
0
      }
109
0
#endif
110
111
0
   BOTAN_UNUSED(req);
112
0
   BOTAN_UNUSED(provider);
113
114
0
   return nullptr;
115
0
   }
116
117
//static
118
std::unique_ptr<PasswordHashFamily>
119
PasswordHashFamily::create_or_throw(const std::string& algo,
120
                             const std::string& provider)
121
0
   {
122
0
   if(auto pbkdf = PasswordHashFamily::create(algo, provider))
123
0
      {
124
0
      return pbkdf;
125
0
      }
126
0
   throw Lookup_Error("PasswordHashFamily", algo, provider);
127
0
   }
128
129
std::vector<std::string> PasswordHashFamily::providers(const std::string& algo_spec)
130
0
   {
131
0
   return probe_providers_of<PasswordHashFamily>(algo_spec, { "base", "openssl" });
132
0
   }
133
134
}