pwdbased.h 7.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166
  1. /*!
  2. \ingroup Password
  3. \brief This function implements the Password Based Key Derivation
  4. Function 1 (PBKDF1), converting an input password with a concatenated salt
  5. into a more secure key, which it stores in output. It allows the user to
  6. select between SHA and MD5 as hash functions.
  7. \return 0 Returned on successfully deriving a key from the input password
  8. \return BAD_FUNC_ARG Returned if there is an invalid hash type given
  9. (valid type are: MD5 and SHA), iterations is less than 1, or the key
  10. length (kLen) requested is greater than the hash length of the provided hash
  11. \return MEMORY_E Returned if there is an error allocating memory for a
  12. SHA or MD5 object
  13. \param output pointer to the buffer in which to store the generated key.
  14. Should be at least kLen long
  15. \param passwd pointer to the buffer containing the password to use for
  16. the key derivation
  17. \param pLen length of the password to use for key derivation
  18. \param salt pointer to the buffer containing the salt to use for
  19. key derivation
  20. \param sLen length of the salt
  21. \param iterations number of times to process the hash
  22. \param kLen desired length of the derived key. Should not be longer
  23. than the digest size of the hash chosen
  24. \param hashType the hashing algorithm to use. Valid choices are MD5 and SHA
  25. _Example_
  26. \code
  27. int ret;
  28. byte key[MD5_DIGEST_SIZE];
  29. byte pass[] = { }; // initialize with password
  30. byte salt[] = { }; // initialize with salt
  31. ret = wc_PBKDF1(key, pass, sizeof(pass), salt, sizeof(salt), 1000,
  32. sizeof(key), MD5);
  33. if ( ret != 0 ) {
  34. // error deriving key from password
  35. }
  36. \endcode
  37. \sa wc_PBKDF2
  38. \sa wc_PKCS12_PBKDF
  39. */
  40. WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
  41. const byte* salt, int sLen, int iterations, int kLen,
  42. int typeH);
  43. /*!
  44. \ingroup Password
  45. \brief This function implements the Password Based Key Derivation
  46. Function 2 (PBKDF2), converting an input password with a concatenated
  47. salt into a more secure key, which it stores in output. It allows the user
  48. to select any of the supported HMAC hash functions, including: MD5, SHA,
  49. SHA256, SHA384, SHA512, and BLAKE2B
  50. \return 0 Returned on successfully deriving a key from the input password
  51. \return BAD_FUNC_ARG Returned if there is an invalid hash type given or
  52. iterations is less than 1
  53. \return MEMORY_E Returned if there is an allocating memory for
  54. the HMAC object
  55. \param output pointer to the buffer in which to store the generated key.
  56. Should be kLen long
  57. \param passwd pointer to the buffer containing the password to use for
  58. the key derivation
  59. \param pLen length of the password to use for key derivation
  60. \param salt pointer to the buffer containing the salt to use for
  61. key derivation
  62. \param sLen length of the salt
  63. \param iterations number of times to process the hash
  64. \param kLen desired length of the derived key
  65. \param hashType the hashing algorithm to use. Valid choices are: MD5,
  66. SHA, SHA256, SHA384, SHA512, and BLAKE2B
  67. _Example_
  68. \code
  69. int ret;
  70. byte key[64];
  71. byte pass[] = { }; // initialize with password
  72. byte salt[] = { }; // initialize with salt
  73. ret = wc_PBKDF2(key, pass, sizeof(pass), salt, sizeof(salt), 2048, sizeof(key),
  74. SHA512);
  75. if ( ret != 0 ) {
  76. // error deriving key from password
  77. }
  78. \endcode
  79. \sa wc_PBKDF1
  80. \sa wc_PKCS12_PBKDF
  81. */
  82. WOLFSSL_API int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
  83. const byte* salt, int sLen, int iterations, int kLen,
  84. int typeH);
  85. /*!
  86. \ingroup Password
  87. \brief This function implements the Password Based Key Derivation Function
  88. (PBKDF) described in RFC 7292 Appendix B. This function converts an input
  89. password with a concatenated salt into a more secure key, which it stores
  90. in output. It allows the user to select any of the supported HMAC hash
  91. functions, including: MD5, SHA, SHA256, SHA384, SHA512, and BLAKE2B.
  92. \return 0 Returned on successfully deriving a key from the input password
  93. \return BAD_FUNC_ARG Returned if there is an invalid hash type given,
  94. iterations is less than 1, or the key length (kLen) requested is greater
  95. than the hash length of the provided hash
  96. \return MEMORY_E Returned if there is an allocating memory
  97. \return MP_INIT_E may be returned if there is an error during key generation
  98. \return MP_READ_E may be returned if there is an error during key generation
  99. \return MP_CMP_E may be returned if there is an error during key generation
  100. \return MP_INVMOD_E may be returned if there is an error during
  101. key generation
  102. \return MP_EXPTMOD_E may be returned if there is an error during
  103. key generation
  104. \return MP_MOD_E may be returned if there is an error during key generation
  105. \return MP_MUL_E may be returned if there is an error during key generation
  106. \return MP_ADD_E may be returned if there is an error during key generation
  107. \return MP_MULMOD_E may be returned if there is an error during
  108. key generation
  109. \return MP_TO_E may be returned if there is an error during key generation
  110. \return MP_MEM may be returned if there is an error during key generation
  111. \param output pointer to the buffer in which to store the generated key.
  112. Should be kLen long
  113. \param passwd pointer to the buffer containing the password to use for
  114. the key derivation
  115. \param pLen length of the password to use for key derivation
  116. \param salt pointer to the buffer containing the salt to use
  117. for key derivation
  118. \param sLen length of the salt
  119. \param iterations number of times to process the hash
  120. \param kLen desired length of the derived key
  121. \param hashType the hashing algorithm to use. Valid choices are: MD5,
  122. SHA, SHA256, SHA384, SHA512, and BLAKE2B
  123. \param id this is a byte indetifier indicating the purpose of key
  124. generation. It is used to diversify the key output, and should be
  125. assigned as follows: ID=1: pseudorandom bits are to be used as key
  126. material for performing encryption or decryption. ID=2: pseudorandom
  127. bits are to be used an IV (Initial Value) for encryption or decryption.
  128. ID=3: pseudorandom bits are to be used as an integrity key for MACing.
  129. _Example_
  130. \code
  131. int ret;
  132. byte key[64];
  133. byte pass[] = { }; // initialize with password
  134. byte salt[] = { }; // initialize with salt
  135. ret = wc_PKCS512_PBKDF(key, pass, sizeof(pass), salt, sizeof(salt), 2048,
  136. sizeof(key), SHA512, 1);
  137. if ( ret != 0 ) {
  138. // error deriving key from password
  139. }
  140. \endcode
  141. \sa wc_PBKDF1
  142. \sa wc_PBKDF2
  143. */
  144. WOLFSSL_API int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int pLen,
  145. const byte* salt, int sLen, int iterations,
  146. int kLen, int typeH, int purpose);