luajitos

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

PBKDF2.h (2833B)

      1 /*
      2  * PBKDF2 - Password-Based Key Derivation Function 2
      3  *
      4  * Compliant with:
      5  * - RFC 2898 (PKCS #5)
      6  * - NIST SP 800-132
      7  *
      8  * Features:
      9  * - HMAC-SHA256 based
     10  * - Configurable iterations (recommend ≥100,000)
     11  * - Derives keys from passwords
     12  * - Salt support
     13  * - Suitable for password hashing and key derivation
     14  *
     15  * Security Notes:
     16  * - Use high iteration counts (≥100,000 for 2024)
     17  * - Use unique random salt for each password
     18  * - Not memory-hard (consider Argon2 for newer applications)
     19  */
     20 
     21 #ifndef PBKDF2_H
     22 #define PBKDF2_H
     23 
     24 #include <stdint.h>
     25 #include <stdlib.h>
     26 #include <string.h>
     27 
     28 #ifdef __cplusplus
     29 extern "C" {
     30 #endif
     31 
     32 /* Recommended iteration counts (as of 2024) */
     33 #define PBKDF2_ITERATIONS_MIN 100000      /* Minimum for password storage */
     34 #define PBKDF2_ITERATIONS_RECOMMENDED 600000  /* Recommended for 2024 */
     35 #define PBKDF2_ITERATIONS_HIGH 1000000    /* High security */
     36 
     37 #define PBKDF2_SALT_SIZE 16               /* Recommended salt size */
     38 
     39 /**
     40  * PBKDF2-HMAC-SHA256
     41  *
     42  * @param password Password/passphrase
     43  * @param password_len Password length
     44  * @param salt Random salt (recommend 16+ bytes)
     45  * @param salt_len Salt length
     46  * @param iterations Number of iterations (recommend ≥100,000)
     47  * @param output Output buffer for derived key
     48  * @param output_len Desired key length (typically 32 bytes)
     49  * @return 0 on success, -1 on error
     50  *
     51  * Security Notes:
     52  * - Higher iterations = slower but more secure
     53  * - Use unique random salt for each password
     54  * - Salt should be stored with hash (not secret)
     55  * - Minimum 100,000 iterations for 2024
     56  * - Consider 600,000+ iterations for sensitive data
     57  *
     58  * Example:
     59  *   uint8_t salt[16], key[32];
     60  *   random_bytes(salt, 16);
     61  *   pbkdf2_hmac_sha256("password", 8, salt, 16,
     62  *                      PBKDF2_ITERATIONS_RECOMMENDED, key, 32);
     63  */
     64 int pbkdf2_hmac_sha256(const uint8_t *password, size_t password_len,
     65                        const uint8_t *salt, size_t salt_len,
     66                        uint32_t iterations,
     67                        uint8_t *output, size_t output_len);
     68 
     69 /**
     70  * Convenience function: Derive encryption key from password
     71  *
     72  * @param password Password string
     73  * @param password_len Password length
     74  * @param salt Salt (16 bytes)
     75  * @param key Output key (32 bytes for AES-256/ChaCha20)
     76  * @return 0 on success, -1 on error
     77  *
     78  * Uses recommended iteration count (600,000)
     79  */
     80 static inline int derive_key_from_password(const char *password,
     81                                           const uint8_t *salt,
     82                                           uint8_t *key) {
     83     return pbkdf2_hmac_sha256((const uint8_t*)password, strlen(password),
     84                              salt, 16,
     85                              PBKDF2_ITERATIONS_RECOMMENDED,
     86                              key, 32);
     87 }
     88 
     89 #ifdef __cplusplus
     90 }
     91 #endif
     92 
     93 #endif /* PBKDF2_H */