mirror of
https://gitlab.com/pholy/OSCAR-code.git
synced 2025-04-05 02:30:44 +00:00
Add support for decrypting DS2 files with non-default keys.
This commit is contained in:
sawinglogz
parent
ec52b8b436
commit
1cf4b2b6eb
@ -266,7 +266,9 @@ class PRDS2File : public RawDataFile
|
||||
bool initializeKey();
|
||||
bool decryptData();
|
||||
QByteArray m_iv;
|
||||
QByteArray e, j, k;
|
||||
QByteArray m_salt;
|
||||
QByteArray m_export_key;
|
||||
QByteArray m_export_key_tag;
|
||||
QByteArray m_payload_key;
|
||||
QByteArray m_payload_tag;
|
||||
QBuffer m_payload;
|
||||
@ -363,7 +365,8 @@ bool PRDS2File::decryptData()
|
||||
valid = true;
|
||||
}
|
||||
catch (const Botan::Invalid_Authentication_Tag& e) {
|
||||
qWarning() << "DS2 payload doesn't match tag in" << name();
|
||||
// This has been observed where the tag is zero and the data appears truncated.
|
||||
qWarning() << name() << "DS2 payload doesn't match tag, skipping";
|
||||
}
|
||||
}
|
||||
catch (exception& e) {
|
||||
@ -373,29 +376,50 @@ bool PRDS2File::decryptData()
|
||||
return valid;
|
||||
}
|
||||
|
||||
|
||||
static const int KEY_SIZE = 256 / 8; // AES-256
|
||||
static const uint8_t OSCAR_KEY[KEY_SIZE+1] = "Patient access to their own data";
|
||||
static const uint8_t COMMON_KEY[KEY_SIZE] = { 0x75, 0xB3, 0xA2, 0x12, 0x4A, 0x65, 0xAF, 0x97, 0x54, 0xD8, 0xC1, 0xF3, 0xE5, 0x2E, 0xB6, 0xF0, 0x23, 0x20, 0x57, 0x69, 0x7E, 0x38, 0x0E, 0xC9, 0x4A, 0xDC, 0x46, 0x45, 0xB6, 0x92, 0x5A, 0x98 };
|
||||
|
||||
bool PRDS2File::initializeKey()
|
||||
{
|
||||
bool valid = false;
|
||||
try {
|
||||
Botan::secure_vector<uint8_t> common_key(COMMON_KEY, COMMON_KEY + KEY_SIZE);
|
||||
Botan::secure_vector<uint8_t> oscar_key(OSCAR_KEY, OSCAR_KEY + KEY_SIZE);
|
||||
std::unique_ptr<Botan::BlockCipher> oscar = Botan::BlockCipher::create("AES-256");
|
||||
oscar->set_key(oscar_key);
|
||||
oscar->decrypt(common_key);
|
||||
|
||||
// TODO: Figure out how the non-default payload key is derived.
|
||||
static const unsigned char knownIV[] = { 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1 };
|
||||
static const unsigned char knownE[] = { 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1 };
|
||||
static const unsigned char knownJ[] = {
|
||||
0x9a, 0x93, 0x15, 0xc8, 0xd4, 0x24, 0xef, 0x7f, 0xa6, 0xa7, 0x9f, 0xce, 0x82, 0xdd, 0x5d, 0xfe,
|
||||
0xde, 0x8d, 0x4f, 0x9f, 0x15, 0x32, 0x4d, 0x2e, 0x6d, 0x1d, 0x6e, 0xc4, 0xcb, 0x5f, 0xce, 0x64
|
||||
};
|
||||
static const unsigned char knownK[] = {
|
||||
0xc1, 0x70, 0x9e, 0xe9, 0xf0, 0xdf, 0x0a, 0xd4, 0x79, 0xd5, 0xaa, 0x07, 0x97, 0xd4, 0x5c, 0x33
|
||||
};
|
||||
if (m_iv == QByteArray((const char*) knownIV, sizeof(knownIV)) && e == QByteArray((const char*) knownE, sizeof(knownE))) {
|
||||
if (j == QByteArray((const char*) knownJ, sizeof(knownJ)) && k == QByteArray((const char*) knownK, sizeof(knownK))) {
|
||||
m_payload_key = e + e; // This doesn't seem to apply to non-default keys.
|
||||
std::unique_ptr<Botan::PasswordHashFamily> family = Botan::PasswordHashFamily::create("PBKDF2(SHA-256)");
|
||||
std::unique_ptr<Botan::PasswordHash> kdf = family->from_params(10000);
|
||||
Botan::secure_vector<uint8_t> salted_key(KEY_SIZE);
|
||||
kdf->derive_key(salted_key.data(), salted_key.size(),
|
||||
(const char*) common_key.data(), common_key.size(),
|
||||
(const uint8_t*) m_salt.data(), m_salt.size());
|
||||
|
||||
const std::vector<uint8_t> iv(m_iv.begin(), m_iv.end());
|
||||
const std::vector<uint8_t> tag(m_export_key_tag.begin(), m_export_key_tag.end());
|
||||
Botan::secure_vector<uint8_t> message(m_export_key.begin(), m_export_key.end());
|
||||
message += tag;
|
||||
|
||||
std::unique_ptr<Botan::Cipher_Mode> dec = Botan::Cipher_Mode::create("AES-256/GCM", Botan::DECRYPTION);
|
||||
dec->set_key(salted_key);
|
||||
dec->start(iv);
|
||||
try {
|
||||
dec->finish(message);
|
||||
//qDebug() << QString::fromStdString(Botan::hex_encode(message.data(), message.size()));
|
||||
QByteArray payload_key((char*) message.data(), message.size());
|
||||
m_payload_key = payload_key;
|
||||
valid = true;
|
||||
} else {
|
||||
qWarning() << "*** DS2 unexpected j,k for default key in" << name();
|
||||
}
|
||||
} else {
|
||||
qWarning() << "DS2 unknown key for" << name();
|
||||
catch (const Botan::Invalid_Authentication_Tag& e) {
|
||||
qWarning() << "DS2 validation of payload key failed for" << name();
|
||||
}
|
||||
}
|
||||
catch (exception& e) {
|
||||
// Make sure no Botan exceptions leak out and terminate the application.
|
||||
qWarning() << "*** DS2 unexpected exception deriving key for" << name() << ":" << e.what();
|
||||
}
|
||||
return valid;
|
||||
}
|
||||
@ -418,11 +442,11 @@ bool PRDS2File::parseDS2Header()
|
||||
}
|
||||
|
||||
m_iv = readBytes(); // 96-bit IV
|
||||
e = readBytes(); // 128 bits, somehow seeds key
|
||||
if (m_iv.size() != 12 || e.size() != 16) {
|
||||
qWarning() << "DS2 IV,e sizes =" << m_iv.size() << e.size();
|
||||
m_salt = readBytes(); // 128-bit salt used to decrypt export key
|
||||
if (m_iv.size() != 12 || m_salt.size() != 16) {
|
||||
qWarning() << "DS2 IV,salt sizes =" << m_iv.size() << m_salt.size();
|
||||
} else {
|
||||
//qDebug() << "DS2 IV,e =" << m_iv.toHex() << e.toHex();
|
||||
//qDebug() << "DS2 IV,salt =" << m_iv.toHex() << m_salt.toHex();
|
||||
}
|
||||
|
||||
int f = read16();
|
||||
@ -431,20 +455,20 @@ bool PRDS2File::parseDS2Header()
|
||||
qWarning() << "DS2 unexpected middle bytes =" << f << g;
|
||||
}
|
||||
|
||||
QByteArray h = readBytes(); // same per d,e pair, varies per machine
|
||||
QByteArray i = readBytes(); // same per d,e pair, varies per machine
|
||||
if (h.size() != 32 || i.size() != 16) {
|
||||
qWarning() << "DS2 h,i sizes =" << h.size() << i.size();
|
||||
QByteArray import_key = readBytes(); // payload key encrypted with machine-specific key
|
||||
QByteArray import_key_tag = readBytes(); // tag of import key
|
||||
if (import_key.size() != 32 || import_key_tag.size() != 16) {
|
||||
qWarning() << "DS2 import_key sizes =" << import_key.size() << import_key_tag.size();
|
||||
} else {
|
||||
//qDebug() << "DS2 h,i =" << h.toHex() << i.toHex();
|
||||
//qDebug() << "DS2 import_key,tag =" << import_key.toHex() << import_key_tag.toHex();
|
||||
}
|
||||
|
||||
j = readBytes(); // same per d,e pair, does NOT vary per machine; possibly key or IV
|
||||
k = readBytes(); // same per d,e pair, does NOT vary per machine; possibly key or IV
|
||||
if (j.size() != 32 || k.size() != 16) {
|
||||
qWarning() << "DS2 j,k sizes =" << j.size() << k.size();
|
||||
m_export_key = readBytes(); // payload key encrypted with salted common key
|
||||
m_export_key_tag = readBytes(); // tag of export key
|
||||
if (m_export_key.size() != 32 || m_export_key_tag.size() != 16) {
|
||||
qWarning() << "DS2 export_key sizes =" << m_export_key.size() << m_export_key_tag.size();
|
||||
} else {
|
||||
//qDebug() << "DS2 j,k =" << j.toHex() << k.toHex();
|
||||
//qDebug() << "DS2 export_key,tag =" << m_export_key.toHex() << m_export_key_tag.toHex();
|
||||
}
|
||||
|
||||
m_payload_tag = readBytes();
|
||||
@ -668,7 +692,7 @@ bool PRS1Loader::PeekProperties(const QString & filename, QHash<QString,QString>
|
||||
// If it's a DS2 file, insert the DS2 wrapper to decode the chunk stream.
|
||||
PRDS2File* ds2 = new PRDS2File(f);
|
||||
if (!ds2->isValid()) {
|
||||
qWarning() << filename << "unable to decrypt";
|
||||
//qWarning() << filename << "unable to decrypt";
|
||||
delete ds2;
|
||||
return false;
|
||||
}
|
||||
@ -921,12 +945,6 @@ bool PRS1Loader::CreateMachineFromProperties(QString propertyfile)
|
||||
QString model_number = props["ModelNumber"];
|
||||
qWarning().noquote() << "Model" << model_number << QString("(F%1V%2)").arg(family).arg(familyVersion) << "unsupported.";
|
||||
info.modelnumber = QObject::tr("model %1").arg(model_number);
|
||||
} else if (propertyfile.endsWith("PROP.BIN")) {
|
||||
// TODO: If we end up releasing without support for non-default keys,
|
||||
// add a loaderSpecificAlert(QString & message, bool deferred=false) signal
|
||||
// and use that instead of telling the user that the DS2 is entirely unsupported.
|
||||
qWarning() << "DreamStation 2 not using default keys:" << propertyfile;
|
||||
info.modelnumber = QObject::tr("DreamStation 2");
|
||||
} else {
|
||||
qWarning() << "Unable to identify model or series!";
|
||||
info.modelnumber = QObject::tr("unknown model");
|
||||
@ -2726,7 +2744,7 @@ QList<PRS1DataChunk *> PRS1Loader::ParseFile(const QString & path)
|
||||
// If it's a DS2 file, insert the DS2 wrapper to decode the chunk stream.
|
||||
PRDS2File* ds2 = new PRDS2File(f);
|
||||
if (!ds2->isValid()) {
|
||||
qWarning() << path << "unable to decrypt";
|
||||
//qWarning() << path << "unable to decrypt";
|
||||
delete ds2;
|
||||
return CHUNKS;
|
||||
}
|
||||
|
||||
@ -1557,7 +1557,7 @@ bool PRS1DataChunk::ParseSummaryF0V6(void)
|
||||
qWarning() << this->sessionid << "summary data too short:" << chunk_size;
|
||||
return false;
|
||||
}
|
||||
if (chunk_size < 59) UNEXPECTED_VALUE(chunk_size, ">= 59");
|
||||
if (chunk_size < 58) UNEXPECTED_VALUE(chunk_size, ">= 58");
|
||||
|
||||
bool ok = true;
|
||||
int pos = 0;
|
||||
|
||||
1492
oscar/SleepLib/thirdparty/botan_all.cpp
vendored
1492
oscar/SleepLib/thirdparty/botan_all.cpp
vendored
File diff suppressed because it is too large
Load Diff
870
oscar/SleepLib/thirdparty/botan_linux.h
vendored
870
oscar/SleepLib/thirdparty/botan_linux.h
vendored
@ -31,7 +31,7 @@
|
||||
* Build configuration for Botan 2.18.2
|
||||
*
|
||||
* Automatically generated from
|
||||
* 'configure.py --amalgamation --os=linux --cc=gcc --cpu=generic --disable-shared --minimized-build --enable-modules=aes,gcm'
|
||||
* 'configure.py --amalgamation --os=linux --cpu=generic --disable-shared --minimized-build --enable-modules=aes,gcm,sha2_32,pbkdf2'
|
||||
*
|
||||
* Target
|
||||
* - Compiler: g++ -fstack-protector -pthread -std=c++11 -D_REENTRANT -O3
|
||||
@ -109,8 +109,15 @@
|
||||
#define BOTAN_HAS_CTR_BE 20131128
|
||||
#define BOTAN_HAS_ENTROPY_SOURCE 20151120
|
||||
#define BOTAN_HAS_GHASH 20201002
|
||||
#define BOTAN_HAS_HASH 20180112
|
||||
#define BOTAN_HAS_HEX_CODEC 20131128
|
||||
#define BOTAN_HAS_HMAC 20131128
|
||||
#define BOTAN_HAS_MAC 20150626
|
||||
#define BOTAN_HAS_MDX_HASH_FUNCTION 20131128
|
||||
#define BOTAN_HAS_MODES 20150626
|
||||
#define BOTAN_HAS_PBKDF 20180902
|
||||
#define BOTAN_HAS_PBKDF2 20180902
|
||||
#define BOTAN_HAS_SHA2_32 20131128
|
||||
#define BOTAN_HAS_STREAM_CIPHER 20131128
|
||||
#define BOTAN_HAS_UTIL_FUNCTIONS 20180903
|
||||
|
||||
@ -4471,6 +4478,82 @@ class BOTAN_PUBLIC_API(2,0) GHASH final : public SymmetricAlgorithm
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* This class represents hash function (message digest) objects
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) HashFunction : public Buffered_Computation
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name, or return null if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<HashFunction>
|
||||
create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* Throws Lookup_Error if not found.
|
||||
*/
|
||||
static std::unique_ptr<HashFunction>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
* @param algo_spec algorithm name
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
/**
|
||||
* @return new object representing the same algorithm as *this
|
||||
*/
|
||||
virtual HashFunction* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return provider information about this implementation. Default is "base",
|
||||
* might also return "sse2", "avx2", "openssl", or some other arbitrary string.
|
||||
*/
|
||||
virtual std::string provider() const { return "base"; }
|
||||
|
||||
virtual ~HashFunction() = default;
|
||||
|
||||
/**
|
||||
* Reset the state.
|
||||
*/
|
||||
virtual void clear() = 0;
|
||||
|
||||
/**
|
||||
* @return the hash function name
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
/**
|
||||
* @return hash block size as defined for this algorithm
|
||||
*/
|
||||
virtual size_t hash_block_size() const { return 0; }
|
||||
|
||||
/**
|
||||
* Return a new hash object with the same state as *this. This
|
||||
* allows computing the hash of several messages with a common
|
||||
* prefix more efficiently than would otherwise be possible.
|
||||
*
|
||||
* This function should be called `clone` but that was already
|
||||
* used for the case of returning an uninitialized object.
|
||||
* @return new hash object
|
||||
*/
|
||||
virtual std::unique_ptr<HashFunction> copy_state() const = 0;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Perform hex encoding
|
||||
* @param output an array of at least input_length*2 bytes
|
||||
@ -4603,6 +4686,171 @@ hex_decode_locked(const std::string& input,
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* This class represents Message Authentication Code (MAC) objects.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) MessageAuthenticationCode : public Buffered_Computation,
|
||||
public SymmetricAlgorithm
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<MessageAuthenticationCode>
|
||||
create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/*
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* Throws a Lookup_Error if algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<MessageAuthenticationCode>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
virtual ~MessageAuthenticationCode() = default;
|
||||
|
||||
/**
|
||||
* Prepare for processing a message under the specified nonce
|
||||
*
|
||||
* Most MACs neither require nor support a nonce; for these algorithms
|
||||
* calling `start_msg` is optional and calling it with anything other than
|
||||
* an empty string is an error. One MAC which *requires* a per-message
|
||||
* nonce be specified is GMAC.
|
||||
*
|
||||
* @param nonce the message nonce bytes
|
||||
* @param nonce_len the size of len in bytes
|
||||
* Default implementation simply rejects all non-empty nonces
|
||||
* since most hash/MAC algorithms do not support randomization
|
||||
*/
|
||||
virtual void start_msg(const uint8_t nonce[], size_t nonce_len);
|
||||
|
||||
/**
|
||||
* Begin processing a message with a nonce
|
||||
*
|
||||
* @param nonce the per message nonce
|
||||
*/
|
||||
template<typename Alloc>
|
||||
void start(const std::vector<uint8_t, Alloc>& nonce)
|
||||
{
|
||||
start_msg(nonce.data(), nonce.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Begin processing a message.
|
||||
* @param nonce the per message nonce
|
||||
* @param nonce_len length of nonce
|
||||
*/
|
||||
void start(const uint8_t nonce[], size_t nonce_len)
|
||||
{
|
||||
start_msg(nonce, nonce_len);
|
||||
}
|
||||
|
||||
/**
|
||||
* Begin processing a message.
|
||||
*/
|
||||
void start()
|
||||
{
|
||||
return start_msg(nullptr, 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @param length the length of param in
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const uint8_t in[], size_t length);
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const std::vector<uint8_t>& in)
|
||||
{
|
||||
return verify_mac(in.data(), in.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const secure_vector<uint8_t>& in)
|
||||
{
|
||||
return verify_mac(in.data(), in.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a new object representing the same algorithm as *this
|
||||
*/
|
||||
virtual MessageAuthenticationCode* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return provider information about this implementation. Default is "base",
|
||||
* might also return "sse2", "avx2", "openssl", or some other arbitrary string.
|
||||
*/
|
||||
virtual std::string provider() const { return "base"; }
|
||||
|
||||
};
|
||||
|
||||
typedef MessageAuthenticationCode MAC;
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(hmac.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* HMAC
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) HMAC final : public MessageAuthenticationCode
|
||||
{
|
||||
public:
|
||||
void clear() override;
|
||||
std::string name() const override;
|
||||
MessageAuthenticationCode* clone() const override;
|
||||
|
||||
size_t output_length() const override;
|
||||
|
||||
Key_Length_Specification key_spec() const override;
|
||||
|
||||
/**
|
||||
* @param hash the hash to use for HMACing
|
||||
*/
|
||||
explicit HMAC(HashFunction* hash);
|
||||
|
||||
HMAC(const HMAC&) = delete;
|
||||
HMAC& operator=(const HMAC&) = delete;
|
||||
private:
|
||||
void add_data(const uint8_t[], size_t) override;
|
||||
void final_result(uint8_t[]) override;
|
||||
void key_schedule(const uint8_t[], size_t) override;
|
||||
|
||||
std::unique_ptr<HashFunction> m_hash;
|
||||
secure_vector<uint8_t> m_ikey, m_okey;
|
||||
size_t m_hash_output_length;
|
||||
size_t m_hash_block_size;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(loadstor.h)
|
||||
|
||||
#if defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN)
|
||||
@ -5287,6 +5535,66 @@ void copy_out_vec_le(uint8_t out[], size_t out_bytes, const std::vector<T, Alloc
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(mdx_hash.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* MDx Hash Function Base Class
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) MDx_HashFunction : public HashFunction
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* @param block_length is the number of bytes per block, which must
|
||||
* be a power of 2 and at least 8.
|
||||
* @param big_byte_endian specifies if the hash uses big-endian bytes
|
||||
* @param big_bit_endian specifies if the hash uses big-endian bits
|
||||
* @param counter_size specifies the size of the counter var in bytes
|
||||
*/
|
||||
MDx_HashFunction(size_t block_length,
|
||||
bool big_byte_endian,
|
||||
bool big_bit_endian,
|
||||
uint8_t counter_size = 8);
|
||||
|
||||
size_t hash_block_size() const override final { return m_buffer.size(); }
|
||||
protected:
|
||||
void add_data(const uint8_t input[], size_t length) override final;
|
||||
void final_result(uint8_t output[]) override final;
|
||||
|
||||
/**
|
||||
* Run the hash's compression function over a set of blocks
|
||||
* @param blocks the input
|
||||
* @param block_n the number of blocks
|
||||
*/
|
||||
virtual void compress_n(const uint8_t blocks[], size_t block_n) = 0;
|
||||
|
||||
void clear() override;
|
||||
|
||||
/**
|
||||
* Copy the output to the buffer
|
||||
* @param buffer to put the output into
|
||||
*/
|
||||
virtual void copy_out(uint8_t buffer[]) = 0;
|
||||
|
||||
/**
|
||||
* Write the count, if used, to this spot
|
||||
* @param out where to write the counter to
|
||||
*/
|
||||
virtual void write_count(uint8_t out[]);
|
||||
private:
|
||||
const uint8_t m_pad_char;
|
||||
const uint8_t m_counter_size;
|
||||
const uint8_t m_block_bits;
|
||||
const bool m_count_big_endian;
|
||||
|
||||
uint64_t m_count;
|
||||
secure_vector<uint8_t> m_buffer;
|
||||
size_t m_position;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(mul128.h)
|
||||
|
||||
namespace Botan {
|
||||
@ -5561,6 +5869,485 @@ bool BOTAN_PUBLIC_API(2,0) host_wildcard_match(const std::string& wildcard,
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Base class for PBKDF (password based key derivation function)
|
||||
* implementations. Converts a password into a key using a salt
|
||||
* and iterated hashing to make brute force attacks harder.
|
||||
*
|
||||
* Starting in 2.8 this functionality is also offered by PasswordHash.
|
||||
* The PBKDF interface may be removed in a future release.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) PBKDF
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to choose
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<PBKDF> create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name, or throw if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<PBKDF>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
/**
|
||||
* @return new instance of this same algorithm
|
||||
*/
|
||||
virtual PBKDF* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return name of this PBKDF
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
virtual ~PBKDF() = default;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations
|
||||
* specified by either iterations or if iterations == 0 then
|
||||
* running until msec time has elapsed.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @return the number of iterations performed
|
||||
*/
|
||||
virtual size_t pbkdf(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec) const = 0;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
void pbkdf_iterations(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase, running until msec time has elapsed.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @param iterations set to the number iterations executed
|
||||
*/
|
||||
void pbkdf_timed(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations.
|
||||
*
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
* @return the derived key
|
||||
*/
|
||||
secure_vector<uint8_t> pbkdf_iterations(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase, running until msec time has elapsed.
|
||||
*
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @param iterations set to the number iterations executed
|
||||
* @return the derived key
|
||||
*/
|
||||
secure_vector<uint8_t> pbkdf_timed(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const;
|
||||
|
||||
// Following kept for compat with 1.10:
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const
|
||||
{
|
||||
return pbkdf_iterations(out_len, passphrase, salt, salt_len, iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
template<typename Alloc>
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const std::vector<uint8_t, Alloc>& salt,
|
||||
size_t iterations) const
|
||||
{
|
||||
return pbkdf_iterations(out_len, passphrase, salt.data(), salt.size(), iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec is how long to run the PBKDF
|
||||
* @param iterations is set to the number of iterations used
|
||||
*/
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const
|
||||
{
|
||||
return pbkdf_timed(out_len, passphrase, salt, salt_len, msec, iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase using a certain amount of time
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param msec is how long to run the PBKDF
|
||||
* @param iterations is set to the number of iterations used
|
||||
*/
|
||||
template<typename Alloc>
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const std::vector<uint8_t, Alloc>& salt,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const
|
||||
{
|
||||
return pbkdf_timed(out_len, passphrase, salt.data(), salt.size(), msec, iterations);
|
||||
}
|
||||
};
|
||||
|
||||
/*
|
||||
* Compatibility typedef
|
||||
*/
|
||||
typedef PBKDF S2K;
|
||||
|
||||
/**
|
||||
* Password based key derivation function factory method
|
||||
* @param algo_spec the name of the desired PBKDF algorithm
|
||||
* @param provider the provider to use
|
||||
* @return pointer to newly allocated object of that type
|
||||
*/
|
||||
inline PBKDF* get_pbkdf(const std::string& algo_spec,
|
||||
const std::string& provider = "")
|
||||
{
|
||||
return PBKDF::create_or_throw(algo_spec, provider).release();
|
||||
}
|
||||
|
||||
inline PBKDF* get_s2k(const std::string& algo_spec)
|
||||
{
|
||||
return get_pbkdf(algo_spec);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Base class for password based key derivation functions.
|
||||
*
|
||||
* Converts a password into a key using a salt and iterated hashing to
|
||||
* make brute force attacks harder.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PasswordHash
|
||||
{
|
||||
public:
|
||||
virtual ~PasswordHash() = default;
|
||||
|
||||
virtual std::string to_string() const = 0;
|
||||
|
||||
/**
|
||||
* Most password hashes have some notion of iterations.
|
||||
*/
|
||||
virtual size_t iterations() const = 0;
|
||||
|
||||
/**
|
||||
* Some password hashing algorithms have a parameter which controls how
|
||||
* much memory is used. If not supported by some algorithm, returns 0.
|
||||
*/
|
||||
virtual size_t memory_param() const { return 0; }
|
||||
|
||||
/**
|
||||
* Some password hashing algorithms have a parallelism parameter.
|
||||
* If the algorithm does not support this notion, then the
|
||||
* function returns zero. This allows distinguishing between a
|
||||
* password hash which just does not support parallel operation,
|
||||
* vs one that does support parallel operation but which has been
|
||||
* configured to use a single lane.
|
||||
*/
|
||||
virtual size_t parallelism() const { return 0; }
|
||||
|
||||
/**
|
||||
* Returns an estimate of the total memory usage required to perform this
|
||||
* key derivation.
|
||||
*
|
||||
* If this algorithm uses a small and constant amount of memory, with no
|
||||
* effort made towards being memory hard, this function returns 0.
|
||||
*/
|
||||
virtual size_t total_memory_usage() const { return 0; }
|
||||
|
||||
/**
|
||||
* Derive a key from a password
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param password the password to derive the key from
|
||||
* @param password_len the length of password in bytes
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
*
|
||||
* This function is const, but is not thread safe. Different threads should
|
||||
* either use unique objects, or serialize all access.
|
||||
*/
|
||||
virtual void derive_key(uint8_t out[], size_t out_len,
|
||||
const char* password, size_t password_len,
|
||||
const uint8_t salt[], size_t salt_len) const = 0;
|
||||
};
|
||||
|
||||
class BOTAN_PUBLIC_API(2,8) PasswordHashFamily
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to choose
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<PasswordHashFamily> create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name, or throw if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<PasswordHashFamily>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
virtual ~PasswordHashFamily() = default;
|
||||
|
||||
/**
|
||||
* @return name of this PasswordHash
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
/**
|
||||
* Return a new parameter set tuned for this machine
|
||||
* @param output_length how long the output length will be
|
||||
* @param msec the desired execution time in milliseconds
|
||||
*
|
||||
* @param max_memory_usage_mb some password hash functions can use a tunable
|
||||
* amount of memory, in this case max_memory_usage limits the amount of RAM
|
||||
* the returned parameters will require, in mebibytes (2**20 bytes). It may
|
||||
* require some small amount above the request. Set to zero to place no
|
||||
* limit at all.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> tune(size_t output_length,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t max_memory_usage_mb = 0) const = 0;
|
||||
|
||||
/**
|
||||
* Return some default parameter set for this PBKDF that should be good
|
||||
* enough for most users. The value returned may change over time as
|
||||
* processing power and attacks improve.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> default_params() const = 0;
|
||||
|
||||
/**
|
||||
* Return a parameter chosen based on a rough approximation with the
|
||||
* specified iteration count. The exact value this returns for a particular
|
||||
* algorithm may change from over time. Think of it as an alternative to
|
||||
* tune, where time is expressed in terms of PBKDF2 iterations rather than
|
||||
* milliseconds.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> from_iterations(size_t iterations) const = 0;
|
||||
|
||||
/**
|
||||
* Create a password hash using some scheme specific format.
|
||||
* Eg PBKDF2 and PGP-S2K set iterations in i1
|
||||
* Scrypt uses N,r,p in i{1-3}
|
||||
* Bcrypt-PBKDF just has iterations
|
||||
* Argon2{i,d,id} would use iterations, memory, parallelism for i{1-3},
|
||||
* and Argon2 type is part of the family.
|
||||
*
|
||||
* Values not needed should be set to 0
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> from_params(
|
||||
size_t i1,
|
||||
size_t i2 = 0,
|
||||
size_t i3 = 0) const = 0;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(pbkdf2.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
BOTAN_PUBLIC_API(2,0) size_t pbkdf2(MessageAuthenticationCode& prf,
|
||||
uint8_t out[],
|
||||
size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec);
|
||||
|
||||
/**
|
||||
* Perform PBKDF2. The prf is assumed to be keyed already.
|
||||
*/
|
||||
BOTAN_PUBLIC_API(2,8) void pbkdf2(MessageAuthenticationCode& prf,
|
||||
uint8_t out[], size_t out_len,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations);
|
||||
|
||||
/**
|
||||
* PBKDF2
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PBKDF2 final : public PasswordHash
|
||||
{
|
||||
public:
|
||||
PBKDF2(const MessageAuthenticationCode& prf, size_t iter) :
|
||||
m_prf(prf.clone()),
|
||||
m_iterations(iter)
|
||||
{}
|
||||
|
||||
PBKDF2(const MessageAuthenticationCode& prf, size_t olen, std::chrono::milliseconds msec);
|
||||
|
||||
size_t iterations() const override { return m_iterations; }
|
||||
|
||||
std::string to_string() const override;
|
||||
|
||||
void derive_key(uint8_t out[], size_t out_len,
|
||||
const char* password, size_t password_len,
|
||||
const uint8_t salt[], size_t salt_len) const override;
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_prf;
|
||||
size_t m_iterations;
|
||||
};
|
||||
|
||||
/**
|
||||
* Family of PKCS #5 PBKDF2 operations
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PBKDF2_Family final : public PasswordHashFamily
|
||||
{
|
||||
public:
|
||||
PBKDF2_Family(MessageAuthenticationCode* prf) : m_prf(prf) {}
|
||||
|
||||
std::string name() const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> tune(size_t output_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t max_memory) const override;
|
||||
|
||||
/**
|
||||
* Return some default parameter set for this PBKDF that should be good
|
||||
* enough for most users. The value returned may change over time as
|
||||
* processing power and attacks improve.
|
||||
*/
|
||||
std::unique_ptr<PasswordHash> default_params() const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> from_iterations(size_t iter) const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> from_params(
|
||||
size_t iter, size_t, size_t) const override;
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_prf;
|
||||
};
|
||||
|
||||
/**
|
||||
* PKCS #5 PBKDF2 (old interface)
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) PKCS5_PBKDF2 final : public PBKDF
|
||||
{
|
||||
public:
|
||||
std::string name() const override;
|
||||
|
||||
PBKDF* clone() const override;
|
||||
|
||||
size_t pbkdf(uint8_t output_buf[], size_t output_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec) const override;
|
||||
|
||||
/**
|
||||
* Create a PKCS #5 instance using the specified message auth code
|
||||
* @param mac_fn the MAC object to use as PRF
|
||||
*/
|
||||
explicit PKCS5_PBKDF2(MessageAuthenticationCode* mac_fn) : m_mac(mac_fn) {}
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_mac;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(rotate.h)
|
||||
|
||||
namespace Botan {
|
||||
@ -5769,6 +6556,87 @@ std::vector<std::string> probe_providers_of(const std::string& algo_spec,
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(sha2_32.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* SHA-224
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) SHA_224 final : public MDx_HashFunction
|
||||
{
|
||||
public:
|
||||
std::string name() const override { return "SHA-224"; }
|
||||
size_t output_length() const override { return 28; }
|
||||
HashFunction* clone() const override { return new SHA_224; }
|
||||
std::unique_ptr<HashFunction> copy_state() const override;
|
||||
|
||||
void clear() override;
|
||||
|
||||
std::string provider() const override;
|
||||
|
||||
SHA_224() : MDx_HashFunction(64, true, true), m_digest(8)
|
||||
{ clear(); }
|
||||
private:
|
||||
void compress_n(const uint8_t[], size_t blocks) override;
|
||||
void copy_out(uint8_t[]) override;
|
||||
|
||||
secure_vector<uint32_t> m_digest;
|
||||
};
|
||||
|
||||
/**
|
||||
* SHA-256
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) SHA_256 final : public MDx_HashFunction
|
||||
{
|
||||
public:
|
||||
std::string name() const override { return "SHA-256"; }
|
||||
size_t output_length() const override { return 32; }
|
||||
HashFunction* clone() const override { return new SHA_256; }
|
||||
std::unique_ptr<HashFunction> copy_state() const override;
|
||||
|
||||
void clear() override;
|
||||
|
||||
std::string provider() const override;
|
||||
|
||||
SHA_256() : MDx_HashFunction(64, true, true), m_digest(8)
|
||||
{ clear(); }
|
||||
|
||||
/*
|
||||
* Perform a SHA-256 compression. For internal use
|
||||
*/
|
||||
static void compress_digest(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
|
||||
private:
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_ARMV8)
|
||||
static void compress_digest_armv8(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_X86_BMI2)
|
||||
static void compress_digest_x86_bmi2(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_X86)
|
||||
static void compress_digest_x86(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
void compress_n(const uint8_t[], size_t blocks) override;
|
||||
void copy_out(uint8_t[]) override;
|
||||
|
||||
secure_vector<uint32_t> m_digest;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
#if __cplusplus < 201402L
|
||||
#endif
|
||||
|
||||
|
||||
870
oscar/SleepLib/thirdparty/botan_macos.h
vendored
870
oscar/SleepLib/thirdparty/botan_macos.h
vendored
@ -31,7 +31,7 @@
|
||||
* Build configuration for Botan 2.18.2
|
||||
*
|
||||
* Automatically generated from
|
||||
* 'configure.py --amalgamation --os=macos --cpu=generic --disable-shared --minimized-build --enable-modules=aes,gcm'
|
||||
* 'configure.py --amalgamation --os=macos --cpu=generic --disable-shared --minimized-build --enable-modules=aes,gcm,sha2_32,pbkdf2'
|
||||
*
|
||||
* Target
|
||||
* - Compiler: clang++ -fstack-protector -pthread -stdlib=libc++ -std=c++11 -D_REENTRANT -O3
|
||||
@ -111,8 +111,15 @@
|
||||
#define BOTAN_HAS_CTR_BE 20131128
|
||||
#define BOTAN_HAS_ENTROPY_SOURCE 20151120
|
||||
#define BOTAN_HAS_GHASH 20201002
|
||||
#define BOTAN_HAS_HASH 20180112
|
||||
#define BOTAN_HAS_HEX_CODEC 20131128
|
||||
#define BOTAN_HAS_HMAC 20131128
|
||||
#define BOTAN_HAS_MAC 20150626
|
||||
#define BOTAN_HAS_MDX_HASH_FUNCTION 20131128
|
||||
#define BOTAN_HAS_MODES 20150626
|
||||
#define BOTAN_HAS_PBKDF 20180902
|
||||
#define BOTAN_HAS_PBKDF2 20180902
|
||||
#define BOTAN_HAS_SHA2_32 20131128
|
||||
#define BOTAN_HAS_STREAM_CIPHER 20131128
|
||||
#define BOTAN_HAS_UTIL_FUNCTIONS 20180903
|
||||
|
||||
@ -4473,6 +4480,82 @@ class BOTAN_PUBLIC_API(2,0) GHASH final : public SymmetricAlgorithm
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* This class represents hash function (message digest) objects
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) HashFunction : public Buffered_Computation
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name, or return null if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<HashFunction>
|
||||
create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* Throws Lookup_Error if not found.
|
||||
*/
|
||||
static std::unique_ptr<HashFunction>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
* @param algo_spec algorithm name
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
/**
|
||||
* @return new object representing the same algorithm as *this
|
||||
*/
|
||||
virtual HashFunction* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return provider information about this implementation. Default is "base",
|
||||
* might also return "sse2", "avx2", "openssl", or some other arbitrary string.
|
||||
*/
|
||||
virtual std::string provider() const { return "base"; }
|
||||
|
||||
virtual ~HashFunction() = default;
|
||||
|
||||
/**
|
||||
* Reset the state.
|
||||
*/
|
||||
virtual void clear() = 0;
|
||||
|
||||
/**
|
||||
* @return the hash function name
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
/**
|
||||
* @return hash block size as defined for this algorithm
|
||||
*/
|
||||
virtual size_t hash_block_size() const { return 0; }
|
||||
|
||||
/**
|
||||
* Return a new hash object with the same state as *this. This
|
||||
* allows computing the hash of several messages with a common
|
||||
* prefix more efficiently than would otherwise be possible.
|
||||
*
|
||||
* This function should be called `clone` but that was already
|
||||
* used for the case of returning an uninitialized object.
|
||||
* @return new hash object
|
||||
*/
|
||||
virtual std::unique_ptr<HashFunction> copy_state() const = 0;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Perform hex encoding
|
||||
* @param output an array of at least input_length*2 bytes
|
||||
@ -4605,6 +4688,171 @@ hex_decode_locked(const std::string& input,
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* This class represents Message Authentication Code (MAC) objects.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) MessageAuthenticationCode : public Buffered_Computation,
|
||||
public SymmetricAlgorithm
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<MessageAuthenticationCode>
|
||||
create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/*
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* Throws a Lookup_Error if algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<MessageAuthenticationCode>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
virtual ~MessageAuthenticationCode() = default;
|
||||
|
||||
/**
|
||||
* Prepare for processing a message under the specified nonce
|
||||
*
|
||||
* Most MACs neither require nor support a nonce; for these algorithms
|
||||
* calling `start_msg` is optional and calling it with anything other than
|
||||
* an empty string is an error. One MAC which *requires* a per-message
|
||||
* nonce be specified is GMAC.
|
||||
*
|
||||
* @param nonce the message nonce bytes
|
||||
* @param nonce_len the size of len in bytes
|
||||
* Default implementation simply rejects all non-empty nonces
|
||||
* since most hash/MAC algorithms do not support randomization
|
||||
*/
|
||||
virtual void start_msg(const uint8_t nonce[], size_t nonce_len);
|
||||
|
||||
/**
|
||||
* Begin processing a message with a nonce
|
||||
*
|
||||
* @param nonce the per message nonce
|
||||
*/
|
||||
template<typename Alloc>
|
||||
void start(const std::vector<uint8_t, Alloc>& nonce)
|
||||
{
|
||||
start_msg(nonce.data(), nonce.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Begin processing a message.
|
||||
* @param nonce the per message nonce
|
||||
* @param nonce_len length of nonce
|
||||
*/
|
||||
void start(const uint8_t nonce[], size_t nonce_len)
|
||||
{
|
||||
start_msg(nonce, nonce_len);
|
||||
}
|
||||
|
||||
/**
|
||||
* Begin processing a message.
|
||||
*/
|
||||
void start()
|
||||
{
|
||||
return start_msg(nullptr, 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @param length the length of param in
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const uint8_t in[], size_t length);
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const std::vector<uint8_t>& in)
|
||||
{
|
||||
return verify_mac(in.data(), in.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const secure_vector<uint8_t>& in)
|
||||
{
|
||||
return verify_mac(in.data(), in.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a new object representing the same algorithm as *this
|
||||
*/
|
||||
virtual MessageAuthenticationCode* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return provider information about this implementation. Default is "base",
|
||||
* might also return "sse2", "avx2", "openssl", or some other arbitrary string.
|
||||
*/
|
||||
virtual std::string provider() const { return "base"; }
|
||||
|
||||
};
|
||||
|
||||
typedef MessageAuthenticationCode MAC;
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(hmac.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* HMAC
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) HMAC final : public MessageAuthenticationCode
|
||||
{
|
||||
public:
|
||||
void clear() override;
|
||||
std::string name() const override;
|
||||
MessageAuthenticationCode* clone() const override;
|
||||
|
||||
size_t output_length() const override;
|
||||
|
||||
Key_Length_Specification key_spec() const override;
|
||||
|
||||
/**
|
||||
* @param hash the hash to use for HMACing
|
||||
*/
|
||||
explicit HMAC(HashFunction* hash);
|
||||
|
||||
HMAC(const HMAC&) = delete;
|
||||
HMAC& operator=(const HMAC&) = delete;
|
||||
private:
|
||||
void add_data(const uint8_t[], size_t) override;
|
||||
void final_result(uint8_t[]) override;
|
||||
void key_schedule(const uint8_t[], size_t) override;
|
||||
|
||||
std::unique_ptr<HashFunction> m_hash;
|
||||
secure_vector<uint8_t> m_ikey, m_okey;
|
||||
size_t m_hash_output_length;
|
||||
size_t m_hash_block_size;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(loadstor.h)
|
||||
|
||||
#if defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN)
|
||||
@ -5289,6 +5537,66 @@ void copy_out_vec_le(uint8_t out[], size_t out_bytes, const std::vector<T, Alloc
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(mdx_hash.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* MDx Hash Function Base Class
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) MDx_HashFunction : public HashFunction
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* @param block_length is the number of bytes per block, which must
|
||||
* be a power of 2 and at least 8.
|
||||
* @param big_byte_endian specifies if the hash uses big-endian bytes
|
||||
* @param big_bit_endian specifies if the hash uses big-endian bits
|
||||
* @param counter_size specifies the size of the counter var in bytes
|
||||
*/
|
||||
MDx_HashFunction(size_t block_length,
|
||||
bool big_byte_endian,
|
||||
bool big_bit_endian,
|
||||
uint8_t counter_size = 8);
|
||||
|
||||
size_t hash_block_size() const override final { return m_buffer.size(); }
|
||||
protected:
|
||||
void add_data(const uint8_t input[], size_t length) override final;
|
||||
void final_result(uint8_t output[]) override final;
|
||||
|
||||
/**
|
||||
* Run the hash's compression function over a set of blocks
|
||||
* @param blocks the input
|
||||
* @param block_n the number of blocks
|
||||
*/
|
||||
virtual void compress_n(const uint8_t blocks[], size_t block_n) = 0;
|
||||
|
||||
void clear() override;
|
||||
|
||||
/**
|
||||
* Copy the output to the buffer
|
||||
* @param buffer to put the output into
|
||||
*/
|
||||
virtual void copy_out(uint8_t buffer[]) = 0;
|
||||
|
||||
/**
|
||||
* Write the count, if used, to this spot
|
||||
* @param out where to write the counter to
|
||||
*/
|
||||
virtual void write_count(uint8_t out[]);
|
||||
private:
|
||||
const uint8_t m_pad_char;
|
||||
const uint8_t m_counter_size;
|
||||
const uint8_t m_block_bits;
|
||||
const bool m_count_big_endian;
|
||||
|
||||
uint64_t m_count;
|
||||
secure_vector<uint8_t> m_buffer;
|
||||
size_t m_position;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(mul128.h)
|
||||
|
||||
namespace Botan {
|
||||
@ -5563,6 +5871,485 @@ bool BOTAN_PUBLIC_API(2,0) host_wildcard_match(const std::string& wildcard,
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Base class for PBKDF (password based key derivation function)
|
||||
* implementations. Converts a password into a key using a salt
|
||||
* and iterated hashing to make brute force attacks harder.
|
||||
*
|
||||
* Starting in 2.8 this functionality is also offered by PasswordHash.
|
||||
* The PBKDF interface may be removed in a future release.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) PBKDF
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to choose
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<PBKDF> create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name, or throw if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<PBKDF>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
/**
|
||||
* @return new instance of this same algorithm
|
||||
*/
|
||||
virtual PBKDF* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return name of this PBKDF
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
virtual ~PBKDF() = default;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations
|
||||
* specified by either iterations or if iterations == 0 then
|
||||
* running until msec time has elapsed.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @return the number of iterations performed
|
||||
*/
|
||||
virtual size_t pbkdf(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec) const = 0;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
void pbkdf_iterations(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase, running until msec time has elapsed.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @param iterations set to the number iterations executed
|
||||
*/
|
||||
void pbkdf_timed(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations.
|
||||
*
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
* @return the derived key
|
||||
*/
|
||||
secure_vector<uint8_t> pbkdf_iterations(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase, running until msec time has elapsed.
|
||||
*
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @param iterations set to the number iterations executed
|
||||
* @return the derived key
|
||||
*/
|
||||
secure_vector<uint8_t> pbkdf_timed(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const;
|
||||
|
||||
// Following kept for compat with 1.10:
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const
|
||||
{
|
||||
return pbkdf_iterations(out_len, passphrase, salt, salt_len, iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
template<typename Alloc>
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const std::vector<uint8_t, Alloc>& salt,
|
||||
size_t iterations) const
|
||||
{
|
||||
return pbkdf_iterations(out_len, passphrase, salt.data(), salt.size(), iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec is how long to run the PBKDF
|
||||
* @param iterations is set to the number of iterations used
|
||||
*/
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const
|
||||
{
|
||||
return pbkdf_timed(out_len, passphrase, salt, salt_len, msec, iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase using a certain amount of time
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param msec is how long to run the PBKDF
|
||||
* @param iterations is set to the number of iterations used
|
||||
*/
|
||||
template<typename Alloc>
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const std::vector<uint8_t, Alloc>& salt,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const
|
||||
{
|
||||
return pbkdf_timed(out_len, passphrase, salt.data(), salt.size(), msec, iterations);
|
||||
}
|
||||
};
|
||||
|
||||
/*
|
||||
* Compatibility typedef
|
||||
*/
|
||||
typedef PBKDF S2K;
|
||||
|
||||
/**
|
||||
* Password based key derivation function factory method
|
||||
* @param algo_spec the name of the desired PBKDF algorithm
|
||||
* @param provider the provider to use
|
||||
* @return pointer to newly allocated object of that type
|
||||
*/
|
||||
inline PBKDF* get_pbkdf(const std::string& algo_spec,
|
||||
const std::string& provider = "")
|
||||
{
|
||||
return PBKDF::create_or_throw(algo_spec, provider).release();
|
||||
}
|
||||
|
||||
inline PBKDF* get_s2k(const std::string& algo_spec)
|
||||
{
|
||||
return get_pbkdf(algo_spec);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Base class for password based key derivation functions.
|
||||
*
|
||||
* Converts a password into a key using a salt and iterated hashing to
|
||||
* make brute force attacks harder.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PasswordHash
|
||||
{
|
||||
public:
|
||||
virtual ~PasswordHash() = default;
|
||||
|
||||
virtual std::string to_string() const = 0;
|
||||
|
||||
/**
|
||||
* Most password hashes have some notion of iterations.
|
||||
*/
|
||||
virtual size_t iterations() const = 0;
|
||||
|
||||
/**
|
||||
* Some password hashing algorithms have a parameter which controls how
|
||||
* much memory is used. If not supported by some algorithm, returns 0.
|
||||
*/
|
||||
virtual size_t memory_param() const { return 0; }
|
||||
|
||||
/**
|
||||
* Some password hashing algorithms have a parallelism parameter.
|
||||
* If the algorithm does not support this notion, then the
|
||||
* function returns zero. This allows distinguishing between a
|
||||
* password hash which just does not support parallel operation,
|
||||
* vs one that does support parallel operation but which has been
|
||||
* configured to use a single lane.
|
||||
*/
|
||||
virtual size_t parallelism() const { return 0; }
|
||||
|
||||
/**
|
||||
* Returns an estimate of the total memory usage required to perform this
|
||||
* key derivation.
|
||||
*
|
||||
* If this algorithm uses a small and constant amount of memory, with no
|
||||
* effort made towards being memory hard, this function returns 0.
|
||||
*/
|
||||
virtual size_t total_memory_usage() const { return 0; }
|
||||
|
||||
/**
|
||||
* Derive a key from a password
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param password the password to derive the key from
|
||||
* @param password_len the length of password in bytes
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
*
|
||||
* This function is const, but is not thread safe. Different threads should
|
||||
* either use unique objects, or serialize all access.
|
||||
*/
|
||||
virtual void derive_key(uint8_t out[], size_t out_len,
|
||||
const char* password, size_t password_len,
|
||||
const uint8_t salt[], size_t salt_len) const = 0;
|
||||
};
|
||||
|
||||
class BOTAN_PUBLIC_API(2,8) PasswordHashFamily
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to choose
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<PasswordHashFamily> create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name, or throw if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<PasswordHashFamily>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
virtual ~PasswordHashFamily() = default;
|
||||
|
||||
/**
|
||||
* @return name of this PasswordHash
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
/**
|
||||
* Return a new parameter set tuned for this machine
|
||||
* @param output_length how long the output length will be
|
||||
* @param msec the desired execution time in milliseconds
|
||||
*
|
||||
* @param max_memory_usage_mb some password hash functions can use a tunable
|
||||
* amount of memory, in this case max_memory_usage limits the amount of RAM
|
||||
* the returned parameters will require, in mebibytes (2**20 bytes). It may
|
||||
* require some small amount above the request. Set to zero to place no
|
||||
* limit at all.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> tune(size_t output_length,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t max_memory_usage_mb = 0) const = 0;
|
||||
|
||||
/**
|
||||
* Return some default parameter set for this PBKDF that should be good
|
||||
* enough for most users. The value returned may change over time as
|
||||
* processing power and attacks improve.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> default_params() const = 0;
|
||||
|
||||
/**
|
||||
* Return a parameter chosen based on a rough approximation with the
|
||||
* specified iteration count. The exact value this returns for a particular
|
||||
* algorithm may change from over time. Think of it as an alternative to
|
||||
* tune, where time is expressed in terms of PBKDF2 iterations rather than
|
||||
* milliseconds.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> from_iterations(size_t iterations) const = 0;
|
||||
|
||||
/**
|
||||
* Create a password hash using some scheme specific format.
|
||||
* Eg PBKDF2 and PGP-S2K set iterations in i1
|
||||
* Scrypt uses N,r,p in i{1-3}
|
||||
* Bcrypt-PBKDF just has iterations
|
||||
* Argon2{i,d,id} would use iterations, memory, parallelism for i{1-3},
|
||||
* and Argon2 type is part of the family.
|
||||
*
|
||||
* Values not needed should be set to 0
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> from_params(
|
||||
size_t i1,
|
||||
size_t i2 = 0,
|
||||
size_t i3 = 0) const = 0;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(pbkdf2.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
BOTAN_PUBLIC_API(2,0) size_t pbkdf2(MessageAuthenticationCode& prf,
|
||||
uint8_t out[],
|
||||
size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec);
|
||||
|
||||
/**
|
||||
* Perform PBKDF2. The prf is assumed to be keyed already.
|
||||
*/
|
||||
BOTAN_PUBLIC_API(2,8) void pbkdf2(MessageAuthenticationCode& prf,
|
||||
uint8_t out[], size_t out_len,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations);
|
||||
|
||||
/**
|
||||
* PBKDF2
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PBKDF2 final : public PasswordHash
|
||||
{
|
||||
public:
|
||||
PBKDF2(const MessageAuthenticationCode& prf, size_t iter) :
|
||||
m_prf(prf.clone()),
|
||||
m_iterations(iter)
|
||||
{}
|
||||
|
||||
PBKDF2(const MessageAuthenticationCode& prf, size_t olen, std::chrono::milliseconds msec);
|
||||
|
||||
size_t iterations() const override { return m_iterations; }
|
||||
|
||||
std::string to_string() const override;
|
||||
|
||||
void derive_key(uint8_t out[], size_t out_len,
|
||||
const char* password, size_t password_len,
|
||||
const uint8_t salt[], size_t salt_len) const override;
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_prf;
|
||||
size_t m_iterations;
|
||||
};
|
||||
|
||||
/**
|
||||
* Family of PKCS #5 PBKDF2 operations
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PBKDF2_Family final : public PasswordHashFamily
|
||||
{
|
||||
public:
|
||||
PBKDF2_Family(MessageAuthenticationCode* prf) : m_prf(prf) {}
|
||||
|
||||
std::string name() const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> tune(size_t output_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t max_memory) const override;
|
||||
|
||||
/**
|
||||
* Return some default parameter set for this PBKDF that should be good
|
||||
* enough for most users. The value returned may change over time as
|
||||
* processing power and attacks improve.
|
||||
*/
|
||||
std::unique_ptr<PasswordHash> default_params() const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> from_iterations(size_t iter) const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> from_params(
|
||||
size_t iter, size_t, size_t) const override;
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_prf;
|
||||
};
|
||||
|
||||
/**
|
||||
* PKCS #5 PBKDF2 (old interface)
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) PKCS5_PBKDF2 final : public PBKDF
|
||||
{
|
||||
public:
|
||||
std::string name() const override;
|
||||
|
||||
PBKDF* clone() const override;
|
||||
|
||||
size_t pbkdf(uint8_t output_buf[], size_t output_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec) const override;
|
||||
|
||||
/**
|
||||
* Create a PKCS #5 instance using the specified message auth code
|
||||
* @param mac_fn the MAC object to use as PRF
|
||||
*/
|
||||
explicit PKCS5_PBKDF2(MessageAuthenticationCode* mac_fn) : m_mac(mac_fn) {}
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_mac;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(rotate.h)
|
||||
|
||||
namespace Botan {
|
||||
@ -5771,6 +6558,87 @@ std::vector<std::string> probe_providers_of(const std::string& algo_spec,
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(sha2_32.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* SHA-224
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) SHA_224 final : public MDx_HashFunction
|
||||
{
|
||||
public:
|
||||
std::string name() const override { return "SHA-224"; }
|
||||
size_t output_length() const override { return 28; }
|
||||
HashFunction* clone() const override { return new SHA_224; }
|
||||
std::unique_ptr<HashFunction> copy_state() const override;
|
||||
|
||||
void clear() override;
|
||||
|
||||
std::string provider() const override;
|
||||
|
||||
SHA_224() : MDx_HashFunction(64, true, true), m_digest(8)
|
||||
{ clear(); }
|
||||
private:
|
||||
void compress_n(const uint8_t[], size_t blocks) override;
|
||||
void copy_out(uint8_t[]) override;
|
||||
|
||||
secure_vector<uint32_t> m_digest;
|
||||
};
|
||||
|
||||
/**
|
||||
* SHA-256
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) SHA_256 final : public MDx_HashFunction
|
||||
{
|
||||
public:
|
||||
std::string name() const override { return "SHA-256"; }
|
||||
size_t output_length() const override { return 32; }
|
||||
HashFunction* clone() const override { return new SHA_256; }
|
||||
std::unique_ptr<HashFunction> copy_state() const override;
|
||||
|
||||
void clear() override;
|
||||
|
||||
std::string provider() const override;
|
||||
|
||||
SHA_256() : MDx_HashFunction(64, true, true), m_digest(8)
|
||||
{ clear(); }
|
||||
|
||||
/*
|
||||
* Perform a SHA-256 compression. For internal use
|
||||
*/
|
||||
static void compress_digest(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
|
||||
private:
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_ARMV8)
|
||||
static void compress_digest_armv8(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_X86_BMI2)
|
||||
static void compress_digest_x86_bmi2(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_X86)
|
||||
static void compress_digest_x86(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
void compress_n(const uint8_t[], size_t blocks) override;
|
||||
void copy_out(uint8_t[]) override;
|
||||
|
||||
secure_vector<uint32_t> m_digest;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
#if __cplusplus < 201402L
|
||||
#endif
|
||||
|
||||
|
||||
870
oscar/SleepLib/thirdparty/botan_windows.h
vendored
870
oscar/SleepLib/thirdparty/botan_windows.h
vendored
@ -31,7 +31,7 @@
|
||||
* Build configuration for Botan 2.18.2
|
||||
*
|
||||
* Automatically generated from
|
||||
* 'configure.py --amalgamation --os=mingw --cpu=generic --disable-shared --minimized-build --enable-modules=aes,gcm'
|
||||
* 'configure.py --amalgamation --os=mingw --cpu=generic --disable-shared --minimized-build --enable-modules=aes,gcm,sha2_32,pbkdf2'
|
||||
*
|
||||
* Target
|
||||
* - Compiler: g++ -pthread -std=c++11 -D_REENTRANT -O3
|
||||
@ -106,8 +106,15 @@
|
||||
#define BOTAN_HAS_CTR_BE 20131128
|
||||
#define BOTAN_HAS_ENTROPY_SOURCE 20151120
|
||||
#define BOTAN_HAS_GHASH 20201002
|
||||
#define BOTAN_HAS_HASH 20180112
|
||||
#define BOTAN_HAS_HEX_CODEC 20131128
|
||||
#define BOTAN_HAS_HMAC 20131128
|
||||
#define BOTAN_HAS_MAC 20150626
|
||||
#define BOTAN_HAS_MDX_HASH_FUNCTION 20131128
|
||||
#define BOTAN_HAS_MODES 20150626
|
||||
#define BOTAN_HAS_PBKDF 20180902
|
||||
#define BOTAN_HAS_PBKDF2 20180902
|
||||
#define BOTAN_HAS_SHA2_32 20131128
|
||||
#define BOTAN_HAS_STREAM_CIPHER 20131128
|
||||
#define BOTAN_HAS_UTIL_FUNCTIONS 20180903
|
||||
|
||||
@ -4468,6 +4475,82 @@ class BOTAN_PUBLIC_API(2,0) GHASH final : public SymmetricAlgorithm
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* This class represents hash function (message digest) objects
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) HashFunction : public Buffered_Computation
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name, or return null if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<HashFunction>
|
||||
create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* Throws Lookup_Error if not found.
|
||||
*/
|
||||
static std::unique_ptr<HashFunction>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
* @param algo_spec algorithm name
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
/**
|
||||
* @return new object representing the same algorithm as *this
|
||||
*/
|
||||
virtual HashFunction* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return provider information about this implementation. Default is "base",
|
||||
* might also return "sse2", "avx2", "openssl", or some other arbitrary string.
|
||||
*/
|
||||
virtual std::string provider() const { return "base"; }
|
||||
|
||||
virtual ~HashFunction() = default;
|
||||
|
||||
/**
|
||||
* Reset the state.
|
||||
*/
|
||||
virtual void clear() = 0;
|
||||
|
||||
/**
|
||||
* @return the hash function name
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
/**
|
||||
* @return hash block size as defined for this algorithm
|
||||
*/
|
||||
virtual size_t hash_block_size() const { return 0; }
|
||||
|
||||
/**
|
||||
* Return a new hash object with the same state as *this. This
|
||||
* allows computing the hash of several messages with a common
|
||||
* prefix more efficiently than would otherwise be possible.
|
||||
*
|
||||
* This function should be called `clone` but that was already
|
||||
* used for the case of returning an uninitialized object.
|
||||
* @return new hash object
|
||||
*/
|
||||
virtual std::unique_ptr<HashFunction> copy_state() const = 0;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Perform hex encoding
|
||||
* @param output an array of at least input_length*2 bytes
|
||||
@ -4600,6 +4683,171 @@ hex_decode_locked(const std::string& input,
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* This class represents Message Authentication Code (MAC) objects.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) MessageAuthenticationCode : public Buffered_Computation,
|
||||
public SymmetricAlgorithm
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<MessageAuthenticationCode>
|
||||
create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/*
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to use
|
||||
* Throws a Lookup_Error if algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<MessageAuthenticationCode>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
virtual ~MessageAuthenticationCode() = default;
|
||||
|
||||
/**
|
||||
* Prepare for processing a message under the specified nonce
|
||||
*
|
||||
* Most MACs neither require nor support a nonce; for these algorithms
|
||||
* calling `start_msg` is optional and calling it with anything other than
|
||||
* an empty string is an error. One MAC which *requires* a per-message
|
||||
* nonce be specified is GMAC.
|
||||
*
|
||||
* @param nonce the message nonce bytes
|
||||
* @param nonce_len the size of len in bytes
|
||||
* Default implementation simply rejects all non-empty nonces
|
||||
* since most hash/MAC algorithms do not support randomization
|
||||
*/
|
||||
virtual void start_msg(const uint8_t nonce[], size_t nonce_len);
|
||||
|
||||
/**
|
||||
* Begin processing a message with a nonce
|
||||
*
|
||||
* @param nonce the per message nonce
|
||||
*/
|
||||
template<typename Alloc>
|
||||
void start(const std::vector<uint8_t, Alloc>& nonce)
|
||||
{
|
||||
start_msg(nonce.data(), nonce.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Begin processing a message.
|
||||
* @param nonce the per message nonce
|
||||
* @param nonce_len length of nonce
|
||||
*/
|
||||
void start(const uint8_t nonce[], size_t nonce_len)
|
||||
{
|
||||
start_msg(nonce, nonce_len);
|
||||
}
|
||||
|
||||
/**
|
||||
* Begin processing a message.
|
||||
*/
|
||||
void start()
|
||||
{
|
||||
return start_msg(nullptr, 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @param length the length of param in
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const uint8_t in[], size_t length);
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const std::vector<uint8_t>& in)
|
||||
{
|
||||
return verify_mac(in.data(), in.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a MAC.
|
||||
* @param in the MAC to verify as a byte array
|
||||
* @return true if the MAC is valid, false otherwise
|
||||
*/
|
||||
virtual bool verify_mac(const secure_vector<uint8_t>& in)
|
||||
{
|
||||
return verify_mac(in.data(), in.size());
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a new object representing the same algorithm as *this
|
||||
*/
|
||||
virtual MessageAuthenticationCode* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return provider information about this implementation. Default is "base",
|
||||
* might also return "sse2", "avx2", "openssl", or some other arbitrary string.
|
||||
*/
|
||||
virtual std::string provider() const { return "base"; }
|
||||
|
||||
};
|
||||
|
||||
typedef MessageAuthenticationCode MAC;
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(hmac.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* HMAC
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) HMAC final : public MessageAuthenticationCode
|
||||
{
|
||||
public:
|
||||
void clear() override;
|
||||
std::string name() const override;
|
||||
MessageAuthenticationCode* clone() const override;
|
||||
|
||||
size_t output_length() const override;
|
||||
|
||||
Key_Length_Specification key_spec() const override;
|
||||
|
||||
/**
|
||||
* @param hash the hash to use for HMACing
|
||||
*/
|
||||
explicit HMAC(HashFunction* hash);
|
||||
|
||||
HMAC(const HMAC&) = delete;
|
||||
HMAC& operator=(const HMAC&) = delete;
|
||||
private:
|
||||
void add_data(const uint8_t[], size_t) override;
|
||||
void final_result(uint8_t[]) override;
|
||||
void key_schedule(const uint8_t[], size_t) override;
|
||||
|
||||
std::unique_ptr<HashFunction> m_hash;
|
||||
secure_vector<uint8_t> m_ikey, m_okey;
|
||||
size_t m_hash_output_length;
|
||||
size_t m_hash_block_size;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(loadstor.h)
|
||||
|
||||
#if defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN)
|
||||
@ -5284,6 +5532,66 @@ void copy_out_vec_le(uint8_t out[], size_t out_bytes, const std::vector<T, Alloc
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(mdx_hash.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* MDx Hash Function Base Class
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) MDx_HashFunction : public HashFunction
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* @param block_length is the number of bytes per block, which must
|
||||
* be a power of 2 and at least 8.
|
||||
* @param big_byte_endian specifies if the hash uses big-endian bytes
|
||||
* @param big_bit_endian specifies if the hash uses big-endian bits
|
||||
* @param counter_size specifies the size of the counter var in bytes
|
||||
*/
|
||||
MDx_HashFunction(size_t block_length,
|
||||
bool big_byte_endian,
|
||||
bool big_bit_endian,
|
||||
uint8_t counter_size = 8);
|
||||
|
||||
size_t hash_block_size() const override final { return m_buffer.size(); }
|
||||
protected:
|
||||
void add_data(const uint8_t input[], size_t length) override final;
|
||||
void final_result(uint8_t output[]) override final;
|
||||
|
||||
/**
|
||||
* Run the hash's compression function over a set of blocks
|
||||
* @param blocks the input
|
||||
* @param block_n the number of blocks
|
||||
*/
|
||||
virtual void compress_n(const uint8_t blocks[], size_t block_n) = 0;
|
||||
|
||||
void clear() override;
|
||||
|
||||
/**
|
||||
* Copy the output to the buffer
|
||||
* @param buffer to put the output into
|
||||
*/
|
||||
virtual void copy_out(uint8_t buffer[]) = 0;
|
||||
|
||||
/**
|
||||
* Write the count, if used, to this spot
|
||||
* @param out where to write the counter to
|
||||
*/
|
||||
virtual void write_count(uint8_t out[]);
|
||||
private:
|
||||
const uint8_t m_pad_char;
|
||||
const uint8_t m_counter_size;
|
||||
const uint8_t m_block_bits;
|
||||
const bool m_count_big_endian;
|
||||
|
||||
uint64_t m_count;
|
||||
secure_vector<uint8_t> m_buffer;
|
||||
size_t m_position;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(mul128.h)
|
||||
|
||||
namespace Botan {
|
||||
@ -5558,6 +5866,485 @@ bool BOTAN_PUBLIC_API(2,0) host_wildcard_match(const std::string& wildcard,
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Base class for PBKDF (password based key derivation function)
|
||||
* implementations. Converts a password into a key using a salt
|
||||
* and iterated hashing to make brute force attacks harder.
|
||||
*
|
||||
* Starting in 2.8 this functionality is also offered by PasswordHash.
|
||||
* The PBKDF interface may be removed in a future release.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) PBKDF
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to choose
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<PBKDF> create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name, or throw if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<PBKDF>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
/**
|
||||
* @return new instance of this same algorithm
|
||||
*/
|
||||
virtual PBKDF* clone() const = 0;
|
||||
|
||||
/**
|
||||
* @return name of this PBKDF
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
virtual ~PBKDF() = default;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations
|
||||
* specified by either iterations or if iterations == 0 then
|
||||
* running until msec time has elapsed.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @return the number of iterations performed
|
||||
*/
|
||||
virtual size_t pbkdf(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec) const = 0;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
void pbkdf_iterations(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase, running until msec time has elapsed.
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @param iterations set to the number iterations executed
|
||||
*/
|
||||
void pbkdf_timed(uint8_t out[], size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase for a number of iterations.
|
||||
*
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
* @return the derived key
|
||||
*/
|
||||
secure_vector<uint8_t> pbkdf_iterations(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const;
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase, running until msec time has elapsed.
|
||||
*
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec if iterations is zero, then instead the PBKDF is
|
||||
* run until msec milliseconds has passed.
|
||||
* @param iterations set to the number iterations executed
|
||||
* @return the derived key
|
||||
*/
|
||||
secure_vector<uint8_t> pbkdf_timed(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const;
|
||||
|
||||
// Following kept for compat with 1.10:
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations) const
|
||||
{
|
||||
return pbkdf_iterations(out_len, passphrase, salt, salt_len, iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param iterations the number of iterations to use (use 10K or more)
|
||||
*/
|
||||
template<typename Alloc>
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const std::vector<uint8_t, Alloc>& salt,
|
||||
size_t iterations) const
|
||||
{
|
||||
return pbkdf_iterations(out_len, passphrase, salt.data(), salt.size(), iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
* @param msec is how long to run the PBKDF
|
||||
* @param iterations is set to the number of iterations used
|
||||
*/
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const
|
||||
{
|
||||
return pbkdf_timed(out_len, passphrase, salt, salt_len, msec, iterations);
|
||||
}
|
||||
|
||||
/**
|
||||
* Derive a key from a passphrase using a certain amount of time
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param passphrase the password to derive the key from
|
||||
* @param salt a randomly chosen salt
|
||||
* @param msec is how long to run the PBKDF
|
||||
* @param iterations is set to the number of iterations used
|
||||
*/
|
||||
template<typename Alloc>
|
||||
OctetString derive_key(size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const std::vector<uint8_t, Alloc>& salt,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t& iterations) const
|
||||
{
|
||||
return pbkdf_timed(out_len, passphrase, salt.data(), salt.size(), msec, iterations);
|
||||
}
|
||||
};
|
||||
|
||||
/*
|
||||
* Compatibility typedef
|
||||
*/
|
||||
typedef PBKDF S2K;
|
||||
|
||||
/**
|
||||
* Password based key derivation function factory method
|
||||
* @param algo_spec the name of the desired PBKDF algorithm
|
||||
* @param provider the provider to use
|
||||
* @return pointer to newly allocated object of that type
|
||||
*/
|
||||
inline PBKDF* get_pbkdf(const std::string& algo_spec,
|
||||
const std::string& provider = "")
|
||||
{
|
||||
return PBKDF::create_or_throw(algo_spec, provider).release();
|
||||
}
|
||||
|
||||
inline PBKDF* get_s2k(const std::string& algo_spec)
|
||||
{
|
||||
return get_pbkdf(algo_spec);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* Base class for password based key derivation functions.
|
||||
*
|
||||
* Converts a password into a key using a salt and iterated hashing to
|
||||
* make brute force attacks harder.
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PasswordHash
|
||||
{
|
||||
public:
|
||||
virtual ~PasswordHash() = default;
|
||||
|
||||
virtual std::string to_string() const = 0;
|
||||
|
||||
/**
|
||||
* Most password hashes have some notion of iterations.
|
||||
*/
|
||||
virtual size_t iterations() const = 0;
|
||||
|
||||
/**
|
||||
* Some password hashing algorithms have a parameter which controls how
|
||||
* much memory is used. If not supported by some algorithm, returns 0.
|
||||
*/
|
||||
virtual size_t memory_param() const { return 0; }
|
||||
|
||||
/**
|
||||
* Some password hashing algorithms have a parallelism parameter.
|
||||
* If the algorithm does not support this notion, then the
|
||||
* function returns zero. This allows distinguishing between a
|
||||
* password hash which just does not support parallel operation,
|
||||
* vs one that does support parallel operation but which has been
|
||||
* configured to use a single lane.
|
||||
*/
|
||||
virtual size_t parallelism() const { return 0; }
|
||||
|
||||
/**
|
||||
* Returns an estimate of the total memory usage required to perform this
|
||||
* key derivation.
|
||||
*
|
||||
* If this algorithm uses a small and constant amount of memory, with no
|
||||
* effort made towards being memory hard, this function returns 0.
|
||||
*/
|
||||
virtual size_t total_memory_usage() const { return 0; }
|
||||
|
||||
/**
|
||||
* Derive a key from a password
|
||||
*
|
||||
* @param out buffer to store the derived key, must be of out_len bytes
|
||||
* @param out_len the desired length of the key to produce
|
||||
* @param password the password to derive the key from
|
||||
* @param password_len the length of password in bytes
|
||||
* @param salt a randomly chosen salt
|
||||
* @param salt_len length of salt in bytes
|
||||
*
|
||||
* This function is const, but is not thread safe. Different threads should
|
||||
* either use unique objects, or serialize all access.
|
||||
*/
|
||||
virtual void derive_key(uint8_t out[], size_t out_len,
|
||||
const char* password, size_t password_len,
|
||||
const uint8_t salt[], size_t salt_len) const = 0;
|
||||
};
|
||||
|
||||
class BOTAN_PUBLIC_API(2,8) PasswordHashFamily
|
||||
{
|
||||
public:
|
||||
/**
|
||||
* Create an instance based on a name
|
||||
* If provider is empty then best available is chosen.
|
||||
* @param algo_spec algorithm name
|
||||
* @param provider provider implementation to choose
|
||||
* @return a null pointer if the algo/provider combination cannot be found
|
||||
*/
|
||||
static std::unique_ptr<PasswordHashFamily> create(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* Create an instance based on a name, or throw if the
|
||||
* algo/provider combination cannot be found. If provider is
|
||||
* empty then best available is chosen.
|
||||
*/
|
||||
static std::unique_ptr<PasswordHashFamily>
|
||||
create_or_throw(const std::string& algo_spec,
|
||||
const std::string& provider = "");
|
||||
|
||||
/**
|
||||
* @return list of available providers for this algorithm, empty if not available
|
||||
*/
|
||||
static std::vector<std::string> providers(const std::string& algo_spec);
|
||||
|
||||
virtual ~PasswordHashFamily() = default;
|
||||
|
||||
/**
|
||||
* @return name of this PasswordHash
|
||||
*/
|
||||
virtual std::string name() const = 0;
|
||||
|
||||
/**
|
||||
* Return a new parameter set tuned for this machine
|
||||
* @param output_length how long the output length will be
|
||||
* @param msec the desired execution time in milliseconds
|
||||
*
|
||||
* @param max_memory_usage_mb some password hash functions can use a tunable
|
||||
* amount of memory, in this case max_memory_usage limits the amount of RAM
|
||||
* the returned parameters will require, in mebibytes (2**20 bytes). It may
|
||||
* require some small amount above the request. Set to zero to place no
|
||||
* limit at all.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> tune(size_t output_length,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t max_memory_usage_mb = 0) const = 0;
|
||||
|
||||
/**
|
||||
* Return some default parameter set for this PBKDF that should be good
|
||||
* enough for most users. The value returned may change over time as
|
||||
* processing power and attacks improve.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> default_params() const = 0;
|
||||
|
||||
/**
|
||||
* Return a parameter chosen based on a rough approximation with the
|
||||
* specified iteration count. The exact value this returns for a particular
|
||||
* algorithm may change from over time. Think of it as an alternative to
|
||||
* tune, where time is expressed in terms of PBKDF2 iterations rather than
|
||||
* milliseconds.
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> from_iterations(size_t iterations) const = 0;
|
||||
|
||||
/**
|
||||
* Create a password hash using some scheme specific format.
|
||||
* Eg PBKDF2 and PGP-S2K set iterations in i1
|
||||
* Scrypt uses N,r,p in i{1-3}
|
||||
* Bcrypt-PBKDF just has iterations
|
||||
* Argon2{i,d,id} would use iterations, memory, parallelism for i{1-3},
|
||||
* and Argon2 type is part of the family.
|
||||
*
|
||||
* Values not needed should be set to 0
|
||||
*/
|
||||
virtual std::unique_ptr<PasswordHash> from_params(
|
||||
size_t i1,
|
||||
size_t i2 = 0,
|
||||
size_t i3 = 0) const = 0;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(pbkdf2.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
BOTAN_PUBLIC_API(2,0) size_t pbkdf2(MessageAuthenticationCode& prf,
|
||||
uint8_t out[],
|
||||
size_t out_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec);
|
||||
|
||||
/**
|
||||
* Perform PBKDF2. The prf is assumed to be keyed already.
|
||||
*/
|
||||
BOTAN_PUBLIC_API(2,8) void pbkdf2(MessageAuthenticationCode& prf,
|
||||
uint8_t out[], size_t out_len,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations);
|
||||
|
||||
/**
|
||||
* PBKDF2
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PBKDF2 final : public PasswordHash
|
||||
{
|
||||
public:
|
||||
PBKDF2(const MessageAuthenticationCode& prf, size_t iter) :
|
||||
m_prf(prf.clone()),
|
||||
m_iterations(iter)
|
||||
{}
|
||||
|
||||
PBKDF2(const MessageAuthenticationCode& prf, size_t olen, std::chrono::milliseconds msec);
|
||||
|
||||
size_t iterations() const override { return m_iterations; }
|
||||
|
||||
std::string to_string() const override;
|
||||
|
||||
void derive_key(uint8_t out[], size_t out_len,
|
||||
const char* password, size_t password_len,
|
||||
const uint8_t salt[], size_t salt_len) const override;
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_prf;
|
||||
size_t m_iterations;
|
||||
};
|
||||
|
||||
/**
|
||||
* Family of PKCS #5 PBKDF2 operations
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,8) PBKDF2_Family final : public PasswordHashFamily
|
||||
{
|
||||
public:
|
||||
PBKDF2_Family(MessageAuthenticationCode* prf) : m_prf(prf) {}
|
||||
|
||||
std::string name() const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> tune(size_t output_len,
|
||||
std::chrono::milliseconds msec,
|
||||
size_t max_memory) const override;
|
||||
|
||||
/**
|
||||
* Return some default parameter set for this PBKDF that should be good
|
||||
* enough for most users. The value returned may change over time as
|
||||
* processing power and attacks improve.
|
||||
*/
|
||||
std::unique_ptr<PasswordHash> default_params() const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> from_iterations(size_t iter) const override;
|
||||
|
||||
std::unique_ptr<PasswordHash> from_params(
|
||||
size_t iter, size_t, size_t) const override;
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_prf;
|
||||
};
|
||||
|
||||
/**
|
||||
* PKCS #5 PBKDF2 (old interface)
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) PKCS5_PBKDF2 final : public PBKDF
|
||||
{
|
||||
public:
|
||||
std::string name() const override;
|
||||
|
||||
PBKDF* clone() const override;
|
||||
|
||||
size_t pbkdf(uint8_t output_buf[], size_t output_len,
|
||||
const std::string& passphrase,
|
||||
const uint8_t salt[], size_t salt_len,
|
||||
size_t iterations,
|
||||
std::chrono::milliseconds msec) const override;
|
||||
|
||||
/**
|
||||
* Create a PKCS #5 instance using the specified message auth code
|
||||
* @param mac_fn the MAC object to use as PRF
|
||||
*/
|
||||
explicit PKCS5_PBKDF2(MessageAuthenticationCode* mac_fn) : m_mac(mac_fn) {}
|
||||
private:
|
||||
std::unique_ptr<MessageAuthenticationCode> m_mac;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(rotate.h)
|
||||
|
||||
namespace Botan {
|
||||
@ -5766,6 +6553,87 @@ std::vector<std::string> probe_providers_of(const std::string& algo_spec,
|
||||
|
||||
}
|
||||
|
||||
BOTAN_FUTURE_INTERNAL_HEADER(sha2_32.h)
|
||||
|
||||
namespace Botan {
|
||||
|
||||
/**
|
||||
* SHA-224
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) SHA_224 final : public MDx_HashFunction
|
||||
{
|
||||
public:
|
||||
std::string name() const override { return "SHA-224"; }
|
||||
size_t output_length() const override { return 28; }
|
||||
HashFunction* clone() const override { return new SHA_224; }
|
||||
std::unique_ptr<HashFunction> copy_state() const override;
|
||||
|
||||
void clear() override;
|
||||
|
||||
std::string provider() const override;
|
||||
|
||||
SHA_224() : MDx_HashFunction(64, true, true), m_digest(8)
|
||||
{ clear(); }
|
||||
private:
|
||||
void compress_n(const uint8_t[], size_t blocks) override;
|
||||
void copy_out(uint8_t[]) override;
|
||||
|
||||
secure_vector<uint32_t> m_digest;
|
||||
};
|
||||
|
||||
/**
|
||||
* SHA-256
|
||||
*/
|
||||
class BOTAN_PUBLIC_API(2,0) SHA_256 final : public MDx_HashFunction
|
||||
{
|
||||
public:
|
||||
std::string name() const override { return "SHA-256"; }
|
||||
size_t output_length() const override { return 32; }
|
||||
HashFunction* clone() const override { return new SHA_256; }
|
||||
std::unique_ptr<HashFunction> copy_state() const override;
|
||||
|
||||
void clear() override;
|
||||
|
||||
std::string provider() const override;
|
||||
|
||||
SHA_256() : MDx_HashFunction(64, true, true), m_digest(8)
|
||||
{ clear(); }
|
||||
|
||||
/*
|
||||
* Perform a SHA-256 compression. For internal use
|
||||
*/
|
||||
static void compress_digest(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
|
||||
private:
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_ARMV8)
|
||||
static void compress_digest_armv8(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_X86_BMI2)
|
||||
static void compress_digest_x86_bmi2(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
#if defined(BOTAN_HAS_SHA2_32_X86)
|
||||
static void compress_digest_x86(secure_vector<uint32_t>& digest,
|
||||
const uint8_t input[],
|
||||
size_t blocks);
|
||||
#endif
|
||||
|
||||
void compress_n(const uint8_t[], size_t blocks) override;
|
||||
void copy_out(uint8_t[]) override;
|
||||
|
||||
secure_vector<uint32_t> m_digest;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
#if __cplusplus < 201402L
|
||||
#endif
|
||||
|
||||
|
||||
64
oscar/SleepLib/thirdparty/update_botan.sh
vendored
Executable file
64
oscar/SleepLib/thirdparty/update_botan.sh
vendored
Executable file
@ -0,0 +1,64 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# To update the version of Botan included in OSCAR, simply run this script.
|
||||
# To change which modules are included, modify the MODULES variable below.
|
||||
|
||||
MODULES="aes,gcm,sha2_32,pbkdf2"
|
||||
|
||||
BOTAN_DIR=$1
|
||||
if [ -z "$BOTAN_DIR" ]; then
|
||||
echo "Usage: $0 PATH"
|
||||
echo " PATH Directory of the Botan distribution to use"
|
||||
exit 1
|
||||
fi
|
||||
# Convert to absolute path
|
||||
BOTAN_DIR="$(cd "$(dirname "$BOTAN_DIR")"; pwd -P)/$(basename "$BOTAN_DIR")"
|
||||
|
||||
|
||||
SCRIPT_DIR="$(cd -P "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
|
||||
TMP_DIR=$(mktemp -d 2>/dev/null || mktemp -d -t 'tmp')
|
||||
echo "Building in ${TMP_DIR}"
|
||||
pushd "${TMP_DIR}" > /dev/null
|
||||
|
||||
declare -a PLATFORMS
|
||||
|
||||
generate() {
|
||||
label="$1"; shift
|
||||
cpu="$1"; shift
|
||||
os="$label"
|
||||
if [[ $# -gt 0 ]]; then
|
||||
os="$1"
|
||||
fi
|
||||
PLATFORMS+=($label)
|
||||
mkdir "${label}"
|
||||
pushd "${label}" > /dev/null
|
||||
echo "Generating ${label}:"
|
||||
"$BOTAN_DIR/configure.py" --amalgamation --os="$os" --cpu="$cpu" --disable-shared --minimized-build --enable-modules="$MODULES"
|
||||
popd > /dev/null
|
||||
}
|
||||
|
||||
generate linux generic
|
||||
generate macos generic
|
||||
generate windows generic mingw
|
||||
|
||||
# Make sure all the cpp files are identical as expected.
|
||||
for platform in "${PLATFORMS[@]}"; do
|
||||
cmp "${PLATFORMS[0]}/botan_all.cpp" "${platform}/botan_all.cpp" || exit 1
|
||||
done
|
||||
|
||||
echo "Copying files..."
|
||||
cp "${PLATFORMS[0]}/botan_all.cpp" "${SCRIPT_DIR}/botan_all.cpp" || exit 1
|
||||
|
||||
# Copy the platform-specific h files.
|
||||
for platform in "${PLATFORMS[@]}"; do
|
||||
cp "${platform}/botan_all.h" "${SCRIPT_DIR}/botan_${platform}.h" || exit 1
|
||||
done
|
||||
|
||||
for platform in "${PLATFORMS[@]}"; do
|
||||
rm -r "${platform}"
|
||||
done
|
||||
|
||||
popd > /dev/null
|
||||
rmdir ${TMP_DIR}
|
||||
echo "Done."
|
||||
Loading…
Reference in New Issue
Block a user