| /* |
| * QEMU Crypto PBKDF support (Password-Based Key Derivation Function) |
| * |
| * Copyright (c) 2015-2016 Red Hat, Inc. |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2.1 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General Public |
| * License along with this library; if not, see <http://www.gnu.org/licenses/>. |
| * |
| */ |
| |
| #ifndef QCRYPTO_PBKDF_H |
| #define QCRYPTO_PBKDF_H |
| |
| #include "crypto/hash.h" |
| |
| /** |
| * This module provides an interface to the PBKDF2 algorithm |
| * |
| * https://en.wikipedia.org/wiki/PBKDF2 |
| * |
| * <example> |
| * <title>Generating an AES encryption key from a user password</title> |
| * <programlisting> |
| * #include "crypto/cipher.h" |
| * #include "crypto/random.h" |
| * #include "crypto/pbkdf.h" |
| * |
| * .... |
| * |
| * char *password = "a-typical-awful-user-password"; |
| * size_t nkey = qcrypto_cipher_get_key_len(QCRYPTO_CIPHER_ALGO_AES_128); |
| * uint8_t *salt = g_new0(uint8_t, nkey); |
| * uint8_t *key = g_new0(uint8_t, nkey); |
| * int iterations; |
| * QCryptoCipher *cipher; |
| * |
| * if (qcrypto_random_bytes(salt, nkey, errp) < 0) { |
| * g_free(key); |
| * g_free(salt); |
| * return -1; |
| * } |
| * |
| * iterations = qcrypto_pbkdf2_count_iters(QCRYPTO_HASH_ALGO_SHA256, |
| * (const uint8_t *)password, |
| * strlen(password), |
| * salt, nkey, errp); |
| * if (iterations < 0) { |
| * g_free(key); |
| * g_free(salt); |
| * return -1; |
| * } |
| * |
| * if (qcrypto_pbkdf2(QCRYPTO_HASH_ALGO_SHA256, |
| * (const uint8_t *)password, strlen(password), |
| * salt, nkey, iterations, key, nkey, errp) < 0) { |
| * g_free(key); |
| * g_free(salt); |
| * return -1; |
| * } |
| * |
| * g_free(salt); |
| * |
| * cipher = qcrypto_cipher_new(QCRYPTO_CIPHER_ALGO_AES_128, |
| * QCRYPTO_CIPHER_MODE_ECB, |
| * key, nkey, errp); |
| * g_free(key); |
| * |
| * ....encrypt some data... |
| * |
| * qcrypto_cipher_free(cipher); |
| * </programlisting> |
| * </example> |
| * |
| */ |
| |
| /** |
| * qcrypto_pbkdf2_supports: |
| * @hash: the hash algorithm |
| * |
| * Determine if the current build supports the PBKDF2 algorithm |
| * in combination with the hash @hash. |
| * |
| * Returns true if supported, false otherwise |
| */ |
| bool qcrypto_pbkdf2_supports(QCryptoHashAlgo hash); |
| |
| |
| /** |
| * qcrypto_pbkdf2: |
| * @hash: the hash algorithm to use |
| * @key: the user password / key |
| * @nkey: the length of @key in bytes |
| * @salt: a random salt |
| * @nsalt: length of @salt in bytes |
| * @iterations: the number of iterations to compute |
| * @out: pointer to pre-allocated buffer to hold output |
| * @nout: length of @out in bytes |
| * @errp: pointer to a NULL-initialized error object |
| * |
| * Apply the PBKDF2 algorithm to derive an encryption |
| * key from a user password provided in @key. The |
| * @salt parameter is used to perturb the algorithm. |
| * The @iterations count determines how many times |
| * the hashing process is run, which influences how |
| * hard it is to crack the key. The number of @iterations |
| * should be large enough such that the algorithm takes |
| * 1 second or longer to derive a key. The derived key |
| * will be stored in the preallocated buffer @out. |
| * |
| * Returns: 0 on success, -1 on error |
| */ |
| int qcrypto_pbkdf2(QCryptoHashAlgo hash, |
| const uint8_t *key, size_t nkey, |
| const uint8_t *salt, size_t nsalt, |
| uint64_t iterations, |
| uint8_t *out, size_t nout, |
| Error **errp); |
| |
| /** |
| * qcrypto_pbkdf2_count_iters: |
| * @hash: the hash algorithm to use |
| * @key: the user password / key |
| * @nkey: the length of @key in bytes |
| * @salt: a random salt |
| * @nsalt: length of @salt in bytes |
| * @nout: size of desired derived key |
| * @errp: pointer to a NULL-initialized error object |
| * |
| * Time the PBKDF2 algorithm to determine how many |
| * iterations are required to derive an encryption |
| * key from a user password provided in @key in 1 |
| * second of compute time. The result of this can |
| * be used as a the @iterations parameter of a later |
| * call to qcrypto_pbkdf2(). The value of @nout should |
| * match that value that will later be provided with |
| * a call to qcrypto_pbkdf2(). |
| * |
| * Returns: number of iterations in 1 second, -1 on error |
| */ |
| uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgo hash, |
| const uint8_t *key, size_t nkey, |
| const uint8_t *salt, size_t nsalt, |
| size_t nout, |
| Error **errp); |
| |
| #endif /* QCRYPTO_PBKDF_H */ |