/src/botan/src/lib/pbkdf/pwdhash.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * (C) 2018 Ribose Inc |
3 | | * |
4 | | * Botan is released under the Simplified BSD License (see license.txt) |
5 | | */ |
6 | | |
7 | | #include <botan/pwdhash.h> |
8 | | #include <botan/exceptn.h> |
9 | | #include <botan/internal/scan_name.h> |
10 | | |
11 | | #if defined(BOTAN_HAS_PBKDF2) |
12 | | #include <botan/pbkdf2.h> |
13 | | #endif |
14 | | |
15 | | #if defined(BOTAN_HAS_PGP_S2K) |
16 | | #include <botan/pgp_s2k.h> |
17 | | #endif |
18 | | |
19 | | #if defined(BOTAN_HAS_SCRYPT) |
20 | | #include <botan/scrypt.h> |
21 | | #endif |
22 | | |
23 | | #if defined(BOTAN_HAS_ARGON2) |
24 | | #include <botan/argon2.h> |
25 | | #endif |
26 | | |
27 | | #if defined(BOTAN_HAS_PBKDF_BCRYPT) |
28 | | #include <botan/bcrypt_pbkdf.h> |
29 | | #endif |
30 | | |
31 | | namespace Botan { |
32 | | |
33 | | void PasswordHash::derive_key(uint8_t out[], size_t out_len, |
34 | | const char* password, size_t password_len, |
35 | | const uint8_t salt[], size_t salt_len, |
36 | | const uint8_t ad[], size_t ad_len, |
37 | | const uint8_t key[], size_t key_len) const |
38 | 0 | { |
39 | 0 | BOTAN_UNUSED(ad, key); |
40 | |
|
41 | 0 | if(ad_len == 0 && key_len == 0) |
42 | 0 | return this->derive_key(out, out_len, |
43 | 0 | password, password_len, |
44 | 0 | salt, salt_len); |
45 | 0 | else |
46 | 0 | throw Not_Implemented("PasswordHash " + this->to_string() + " does not support AD or key"); |
47 | 0 | } |
48 | | |
49 | | std::unique_ptr<PasswordHashFamily> PasswordHashFamily::create(const std::string& algo_spec, |
50 | | const std::string& provider) |
51 | 0 | { |
52 | 0 | const SCAN_Name req(algo_spec); |
53 | |
|
54 | 0 | #if defined(BOTAN_HAS_PBKDF2) |
55 | 0 | if(req.algo_name() == "PBKDF2") |
56 | 0 | { |
57 | 0 | if(provider.empty() || provider == "base") |
58 | 0 | { |
59 | 0 | if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")")) |
60 | 0 | return std::make_unique<PBKDF2_Family>(mac.release()); |
61 | | |
62 | 0 | if(auto mac = MessageAuthenticationCode::create(req.arg(0))) |
63 | 0 | return std::make_unique<PBKDF2_Family>(mac.release()); |
64 | 0 | } |
65 | | |
66 | 0 | return nullptr; |
67 | 0 | } |
68 | 0 | #endif |
69 | | |
70 | 0 | #if defined(BOTAN_HAS_SCRYPT) |
71 | 0 | if(req.algo_name() == "Scrypt") |
72 | 0 | { |
73 | 0 | return std::make_unique<Scrypt_Family>(); |
74 | 0 | } |
75 | 0 | #endif |
76 | | |
77 | 0 | #if defined(BOTAN_HAS_ARGON2) |
78 | 0 | if(req.algo_name() == "Argon2d") |
79 | 0 | { |
80 | 0 | return std::make_unique<Argon2_Family>(static_cast<uint8_t>(0)); |
81 | 0 | } |
82 | 0 | else if(req.algo_name() == "Argon2i") |
83 | 0 | { |
84 | 0 | return std::make_unique<Argon2_Family>(static_cast<uint8_t>(1)); |
85 | 0 | } |
86 | 0 | else if(req.algo_name() == "Argon2id") |
87 | 0 | { |
88 | 0 | return std::make_unique<Argon2_Family>(static_cast<uint8_t>(2)); |
89 | 0 | } |
90 | 0 | #endif |
91 | | |
92 | 0 | #if defined(BOTAN_HAS_PBKDF_BCRYPT) |
93 | 0 | if(req.algo_name() == "Bcrypt-PBKDF") |
94 | 0 | { |
95 | 0 | return std::make_unique<Bcrypt_PBKDF_Family>(); |
96 | 0 | } |
97 | 0 | #endif |
98 | | |
99 | 0 | #if defined(BOTAN_HAS_PGP_S2K) |
100 | 0 | if(req.algo_name() == "OpenPGP-S2K" && req.arg_count() == 1) |
101 | 0 | { |
102 | 0 | if(auto hash = HashFunction::create(req.arg(0))) |
103 | 0 | { |
104 | 0 | return std::make_unique<RFC4880_S2K_Family>(hash.release()); |
105 | 0 | } |
106 | 0 | } |
107 | 0 | #endif |
108 | | |
109 | 0 | BOTAN_UNUSED(req); |
110 | 0 | BOTAN_UNUSED(provider); |
111 | |
|
112 | 0 | return nullptr; |
113 | 0 | } |
114 | | |
115 | | //static |
116 | | std::unique_ptr<PasswordHashFamily> |
117 | | PasswordHashFamily::create_or_throw(const std::string& algo, |
118 | | const std::string& provider) |
119 | 0 | { |
120 | 0 | if(auto pbkdf = PasswordHashFamily::create(algo, provider)) |
121 | 0 | { |
122 | 0 | return pbkdf; |
123 | 0 | } |
124 | 0 | throw Lookup_Error("PasswordHashFamily", algo, provider); |
125 | 0 | } |
126 | | |
127 | | std::vector<std::string> PasswordHashFamily::providers(const std::string& algo_spec) |
128 | 0 | { |
129 | 0 | return probe_providers_of<PasswordHashFamily>(algo_spec); |
130 | 0 | } |
131 | | |
132 | | } |