/src/botan/build/include/botan/argon2.h
Line | Count | Source (jump to first uncovered line) |
1 | | /** |
2 | | * (C) 2018,2019 Jack Lloyd |
3 | | * |
4 | | * Botan is released under the Simplified BSD License (see license.txt) |
5 | | */ |
6 | | |
7 | | #ifndef BOTAN_ARGON2_H_ |
8 | | #define BOTAN_ARGON2_H_ |
9 | | |
10 | | #include <botan/exceptn.h> |
11 | | #include <botan/pwdhash.h> |
12 | | |
13 | | #if defined(BOTAN_HAS_ARGON2_FMT) |
14 | | #include <botan/argon2fmt.h> |
15 | | #endif |
16 | | |
17 | | BOTAN_FUTURE_INTERNAL_HEADER(argon2.h) |
18 | | |
19 | | namespace Botan { |
20 | | |
21 | | class RandomNumberGenerator; |
22 | | |
23 | | /** |
24 | | * Argon2 key derivation function |
25 | | */ |
26 | | class BOTAN_PUBLIC_API(2, 11) Argon2 final : public PasswordHash { |
27 | | public: |
28 | | Argon2(uint8_t family, size_t M, size_t t, size_t p); |
29 | | |
30 | | Argon2(const Argon2& other) = default; |
31 | | Argon2& operator=(const Argon2&) = default; |
32 | | |
33 | | /** |
34 | | * Derive a new key under the current Argon2 parameter set |
35 | | */ |
36 | | void derive_key(uint8_t out[], |
37 | | size_t out_len, |
38 | | const char* password, |
39 | | size_t password_len, |
40 | | const uint8_t salt[], |
41 | | size_t salt_len) const override; |
42 | | |
43 | | void derive_key(uint8_t out[], |
44 | | size_t out_len, |
45 | | const char* password, |
46 | | size_t password_len, |
47 | | const uint8_t salt[], |
48 | | size_t salt_len, |
49 | | const uint8_t ad[], |
50 | | size_t ad_len, |
51 | | const uint8_t key[], |
52 | | size_t key_len) const override; |
53 | | |
54 | | std::string to_string() const override; |
55 | | |
56 | 0 | size_t M() const { return m_M; } |
57 | | |
58 | 0 | size_t t() const { return m_t; } |
59 | | |
60 | 0 | size_t p() const { return m_p; } |
61 | | |
62 | 0 | bool supports_keyed_operation() const override { return true; } |
63 | | |
64 | 0 | bool supports_associated_data() const override { return true; } |
65 | | |
66 | 0 | size_t iterations() const override { return t(); } |
67 | | |
68 | 0 | size_t parallelism() const override { return p(); } |
69 | | |
70 | 0 | size_t memory_param() const override { return M(); } |
71 | | |
72 | 0 | size_t total_memory_usage() const override { return M() * 1024; } |
73 | | |
74 | | /** |
75 | | * Argon2's BLAMKA function |
76 | | */ |
77 | | static void blamka(uint64_t N[128], uint64_t T[128]); |
78 | | |
79 | | private: |
80 | | #if defined(BOTAN_HAS_ARGON2_AVX2) |
81 | | static void blamka_avx2(uint64_t N[128], uint64_t T[128]); |
82 | | #endif |
83 | | |
84 | | #if defined(BOTAN_HAS_ARGON2_SSSE3) |
85 | | static void blamka_ssse3(uint64_t N[128], uint64_t T[128]); |
86 | | #endif |
87 | | |
88 | | void argon2(uint8_t output[], |
89 | | size_t output_len, |
90 | | const char* password, |
91 | | size_t password_len, |
92 | | const uint8_t salt[], |
93 | | size_t salt_len, |
94 | | const uint8_t key[], |
95 | | size_t key_len, |
96 | | const uint8_t ad[], |
97 | | size_t ad_len) const; |
98 | | |
99 | | uint8_t m_family; |
100 | | size_t m_M, m_t, m_p; |
101 | | }; |
102 | | |
103 | | class BOTAN_PUBLIC_API(2, 11) Argon2_Family final : public PasswordHashFamily { |
104 | | public: |
105 | | Argon2_Family(uint8_t family); |
106 | | |
107 | | std::string name() const override; |
108 | | |
109 | | std::unique_ptr<PasswordHash> tune(size_t output_length, |
110 | | std::chrono::milliseconds msec, |
111 | | size_t max_memory, |
112 | | std::chrono::milliseconds tune_msec) const override; |
113 | | |
114 | | std::unique_ptr<PasswordHash> default_params() const override; |
115 | | |
116 | | std::unique_ptr<PasswordHash> from_iterations(size_t iter) const override; |
117 | | |
118 | | std::unique_ptr<PasswordHash> from_params(size_t M, size_t t, size_t p) const override; |
119 | | |
120 | | private: |
121 | | const uint8_t m_family; |
122 | | }; |
123 | | |
124 | | /** |
125 | | * Argon2 key derivation function |
126 | | * |
127 | | * @param output the output will be placed here |
128 | | * @param output_len length of output |
129 | | * @param password the user password |
130 | | * @param password_len the length of password |
131 | | * @param salt the salt |
132 | | * @param salt_len length of salt |
133 | | * @param key an optional secret key |
134 | | * @param key_len the length of key |
135 | | * @param ad an optional additional input |
136 | | * @param ad_len the length of ad |
137 | | * @param y the Argon2 variant (0 = Argon2d, 1 = Argon2i, 2 = Argon2id) |
138 | | * @param p the parallelization parameter |
139 | | * @param M the amount of memory to use in Kb |
140 | | * @param t the number of iterations to use |
141 | | */ |
142 | | BOTAN_DEPRECATED("Use PasswordHashFamily+PasswordHash") |
143 | | |
144 | | inline void argon2(uint8_t output[], |
145 | | size_t output_len, |
146 | | const char* password, |
147 | | size_t password_len, |
148 | | const uint8_t salt[], |
149 | | size_t salt_len, |
150 | | const uint8_t key[], |
151 | | size_t key_len, |
152 | | const uint8_t ad[], |
153 | | size_t ad_len, |
154 | | uint8_t y, |
155 | | size_t p, |
156 | | size_t M, |
157 | 0 | size_t t) { |
158 | 0 | std::unique_ptr<PasswordHashFamily> pwdhash_fam; |
159 | 0 |
|
160 | 0 | if(y == 0) { |
161 | 0 | pwdhash_fam = PasswordHashFamily::create_or_throw("Argon2d"); |
162 | 0 | } else if(y == 1) { |
163 | 0 | pwdhash_fam = PasswordHashFamily::create_or_throw("Argon2i"); |
164 | 0 | } else if(y == 2) { |
165 | 0 | pwdhash_fam = PasswordHashFamily::create_or_throw("Argon2id"); |
166 | 0 | } else { |
167 | 0 | throw Not_Implemented("Unknown Argon2 family type"); |
168 | 0 | } |
169 | 0 |
|
170 | 0 | auto pwdhash = pwdhash_fam->from_params(M, t, p); |
171 | 0 |
|
172 | 0 | pwdhash->derive_key(output, output_len, password, password_len, salt, salt_len, ad, ad_len, key, key_len); |
173 | 0 | } |
174 | | |
175 | | } // namespace Botan |
176 | | |
177 | | #endif |