aboutsummaryrefslogtreecommitdiffstats
path: root/SoftHSMv2/src/lib/data_mgr/RFC4880.h
diff options
context:
space:
mode:
Diffstat (limited to 'SoftHSMv2/src/lib/data_mgr/RFC4880.h')
-rw-r--r--SoftHSMv2/src/lib/data_mgr/RFC4880.h54
1 files changed, 54 insertions, 0 deletions
diff --git a/SoftHSMv2/src/lib/data_mgr/RFC4880.h b/SoftHSMv2/src/lib/data_mgr/RFC4880.h
new file mode 100644
index 0000000..7967ef6
--- /dev/null
+++ b/SoftHSMv2/src/lib/data_mgr/RFC4880.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2010 SURFnet bv
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+ * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*****************************************************************************
+ RFC4880.h
+
+ Implements a secure password-based key derivation scheme. It is not a generic
+ implementation of the RFC but only generates 256-bit AES keys according to
+ the "iterated and salted" scheme.
+ *****************************************************************************/
+
+#ifndef _SOFTHSM_V2_RFC4880_H
+#define _SOFTHSM_V2_RFC4880_H
+
+#include "config.h"
+#include "ByteString.h"
+#include "log.h"
+#include "AESKey.h"
+
+// This define sets the base PBE iteration count; the lowest byte of the salt is added
+// to this value as a form of jitter
+#define PBE_ITERATION_BASE_COUNT 1500
+
+namespace RFC4880
+{
+ // This function derives a 256-bit AES key from the supplied password data
+ bool PBEDeriveKey(const ByteString& password, ByteString& salt, AESKey** ppKey);
+}
+
+#endif // !_SOFTHSM_V2_RFC4880_H
+