pgp_s2k.hpp
Go to the documentation of this file.
1 //---------------------------------------------------------------------------//
2 // Copyright (c) 2018-2020 Mikhail Komarov <nemo@nil.foundation>
3 //
4 // MIT License
5 //
6 // Permission is hereby granted, free of charge, to any person obtaining a copy
7 // of this software and associated documentation files (the "Software"), to deal
8 // in the Software without restriction, including without limitation the rights
9 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 // copies of the Software, and to permit persons to whom the Software is
11 // furnished to do so, subject to the following conditions:
12 //
13 // The above copyright notice and this permission notice shall be included in all
14 // copies or substantial portions of the Software.
15 //
16 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 // SOFTWARE.
23 //---------------------------------------------------------------------------//
24 
25 #ifndef CRYPTO3_OPENPGP_S2K_HPP
26 #define CRYPTO3_OPENPGP_S2K_HPP
27 
28 #include <chrono>
29 
31 
32 namespace nil {
33  namespace crypto3 {
34  namespace pbkdf {
54  template<typename Hash>
55  class pgp_s2k {
57 
58  public:
60 
61  constexpr static const std::size_t digest_bits = policy_type::digest_bits;
62  typedef typename policy_type::digest_type digest_type;
63 
64  constexpr static const std::size_t salt_bits = policy_type::salt_bits;
65  typedef typename policy_type::salt_type salt_type;
66 
67  std::size_t derive(digest_type &digest, const std::string &passphrase, const salt_type &salt,
68  size_t iterations, std::chrono::milliseconds msec) const override {
69  if (iterations == 0 && msec.count() > 0) { // FIXME
70  throw Not_Implemented("OpenPGP_S2K does not implemented timed KDF");
71  }
72 
73  if (iterations > 1 && salt_len == 0) {
74  throw std::invalid_argument("OpenPGP_S2K requires a salt in iterated mode");
75  }
76 
77  secure_vector<uint8_t> input_buf(salt_len + passphrase.size());
78  if (salt_len > 0) {
79  copy_mem(&input_buf[0], salt, salt_len);
80  }
81  if (passphrase.empty() == false) {
82  copy_mem(&input_buf[salt_len], cast_char_ptr_to_uint8(passphrase.data()), passphrase.size());
83  }
84 
85  secure_vector<uint8_t> hash_buf(m_hash->output_length());
86 
87  size_t pass = 0;
88  size_t generated = 0;
89 
90  while (generated != output_len) {
91  const size_t output_this_pass = std::min(hash_buf.size(), output_len - generated);
92 
93  // Preload some number of zero bytes (empty first iteration)
94  std::vector<uint8_t> zero_padding(pass);
95  m_hash->update(zero_padding);
96 
97  // The input is always fully processed even if iterations is very small
98  if (input_buf.empty() == false) {
99  size_t left = std::max(iterations, input_buf.size());
100  while (left > 0) {
101  const size_t input_to_take = std::min(left, input_buf.size());
102  m_hash->update(input_buf.data(), input_to_take);
103  left -= input_to_take;
104  }
105  }
106 
107  m_hash->final(hash_buf.data());
108  copy_mem(output_buf + generated, hash_buf.data(), output_this_pass);
109  generated += output_this_pass;
110  ++pass;
111  }
112 
113  return iterations;
114  }
115  };
116 
117  template<typename Hash>
119  } // namespace pbkdf
120  } // namespace crypto3
121 } // namespace nil
122 
123 #endif
OpenPGP's S2K.
Definition: pgp_s2k.hpp:55
std::size_t derive(digest_type &digest, const std::string &passphrase, const salt_type &salt, size_t iterations, std::chrono::milliseconds msec) const override
Definition: pgp_s2k.hpp:67
policy_type::hash_type hash_type
Definition: pgp_s2k.hpp:59
constexpr static const std::size_t salt_bits
Definition: pgp_s2k.hpp:64
constexpr static const std::size_t digest_bits
Definition: pgp_s2k.hpp:61
policy_type::digest_type digest_type
Definition: pgp_s2k.hpp:62
policy_type::salt_type salt_type
Definition: pgp_s2k.hpp:65
constexpr T min(const vector< T, N > &v)
computes the minimum valued element
Definition: algebra/include/nil/crypto3/algebra/vector/math.hpp:135
constexpr T max(const vector< T, N > &v)
computes the maximum valued element
Definition: algebra/include/nil/crypto3/algebra/vector/math.hpp:146
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition: memory_operations.hpp:205
void copy_mem(T *out, const T *in, size_t n)
Definition: memory_operations.hpp:186
Definition: pair.hpp:31
Definition: block/include/nil/crypto3/detail/digest.hpp:72
Definition: pgp_s2k_functions.hpp:35
pgp_s2k_policy< Hash >::hash_type hash_type
Definition: pgp_s2k_functions.hpp:36