diff options
| author | Simon Josefsson <simon@josefsson.org> | 2020-01-15 23:10:58 +0100 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2020-01-15 23:26:56 +0100 |
| commit | df2bd909b3ec63c2aa8d60f47c8fda3a7c9044d8 (patch) | |
| tree | 4d9dbe321142d5ff296082ff78b05f0519e73034 /lib/gc-pbkdf2-sha1.c | |
| parent | 611869be9f1083e53305446d90a2909fc89914ef (diff) | |
| download | gnulib-df2bd909b3ec63c2aa8d60f47c8fda3a7c9044d8.tar.gz | |
crypto/gc-pbkdf2: New module.
* MODULES.html.sh (func_all_modules): Add gc-pbkdf2.
* NEWS: Deprecated gc-pbkdf2-sha1 in favor of gc-pbkdf2.
* lib/gc-pbkdf2.c: New file.
* lib/gc-pbkdf2-sha1.c: Use new interface.
* lib/gc.h (GC_MAX_DIGEST_SIZE, gc_pbkdf2_hmac): Add.
* modules/crypto/gc-pbkdf2: New file.
* modules/crypto/gc-pbkdf2-tests: New file.
* tests/test-gc-pbkdf2.c: New file.
Diffstat (limited to 'lib/gc-pbkdf2-sha1.c')
| -rw-r--r-- | lib/gc-pbkdf2-sha1.c | 71 |
1 files changed, 1 insertions, 70 deletions
diff --git a/lib/gc-pbkdf2-sha1.c b/lib/gc-pbkdf2-sha1.c index 9d625766f7..7c17c80fb7 100644 --- a/lib/gc-pbkdf2-sha1.c +++ b/lib/gc-pbkdf2-sha1.c @@ -23,80 +23,11 @@ #include <stdlib.h> #include <string.h> -/* Implement PKCS#5 PBKDF2 as per RFC 2898. The PRF to use is hard - coded to be HMAC-SHA1. Inputs are the password P of length PLEN, - the salt S of length SLEN, the iteration counter C (> 0), and the - desired derived output length DKLEN. Output buffer is DK which - must have room for at least DKLEN octets. The output buffer will - be filled with the derived data. */ Gc_rc gc_pbkdf2_sha1 (const char *P, size_t Plen, const char *S, size_t Slen, unsigned int c, char *DK, size_t dkLen) { - unsigned int hLen = 20; - char U[20]; - char T[20]; - unsigned int u; - unsigned int l; - unsigned int r; - unsigned int i; - unsigned int k; - int rc; - char *tmp; - size_t tmplen = Slen + 4; - - if (c == 0) - return GC_PKCS5_INVALID_ITERATION_COUNT; - - if (dkLen == 0) - return GC_PKCS5_INVALID_DERIVED_KEY_LENGTH; - - if (dkLen > 4294967295U) - return GC_PKCS5_DERIVED_KEY_TOO_LONG; - - l = ((dkLen - 1) / hLen) + 1; - r = dkLen - (l - 1) * hLen; - - tmp = malloc (tmplen); - if (tmp == NULL) - return GC_MALLOC_ERROR; - - memcpy (tmp, S, Slen); - - for (i = 1; i <= l; i++) - { - memset (T, 0, hLen); - - for (u = 1; u <= c; u++) - { - if (u == 1) - { - tmp[Slen + 0] = (i & 0xff000000) >> 24; - tmp[Slen + 1] = (i & 0x00ff0000) >> 16; - tmp[Slen + 2] = (i & 0x0000ff00) >> 8; - tmp[Slen + 3] = (i & 0x000000ff) >> 0; - - rc = gc_hmac_sha1 (P, Plen, tmp, tmplen, U); - } - else - rc = gc_hmac_sha1 (P, Plen, U, hLen, U); - - if (rc != GC_OK) - { - free (tmp); - return rc; - } - - for (k = 0; k < hLen; k++) - T[k] ^= U[k]; - } - - memcpy (DK + (i - 1) * hLen, T, i == l ? r : hLen); - } - - free (tmp); - - return GC_OK; + return gc_pbkdf2_hmac (GC_SHA1, P, Plen, S, Slen, c, DK, dkLen); } |