diff options
| author | Simon Josefsson <simon@josefsson.org> | 2020-01-15 23:10:58 +0100 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2020-01-15 23:26:56 +0100 |
| commit | df2bd909b3ec63c2aa8d60f47c8fda3a7c9044d8 (patch) | |
| tree | 4d9dbe321142d5ff296082ff78b05f0519e73034 /lib/gc.h | |
| parent | 611869be9f1083e53305446d90a2909fc89914ef (diff) | |
| download | gnulib-df2bd909b3ec63c2aa8d60f47c8fda3a7c9044d8.tar.gz | |
crypto/gc-pbkdf2: New module.
* MODULES.html.sh (func_all_modules): Add gc-pbkdf2.
* NEWS: Deprecated gc-pbkdf2-sha1 in favor of gc-pbkdf2.
* lib/gc-pbkdf2.c: New file.
* lib/gc-pbkdf2-sha1.c: Use new interface.
* lib/gc.h (GC_MAX_DIGEST_SIZE, gc_pbkdf2_hmac): Add.
* modules/crypto/gc-pbkdf2: New file.
* modules/crypto/gc-pbkdf2-tests: New file.
* tests/test-gc-pbkdf2.c: New file.
Diffstat (limited to 'lib/gc.h')
| -rw-r--r-- | lib/gc.h | 23 |
1 files changed, 16 insertions, 7 deletions
@@ -72,6 +72,8 @@ typedef void *gc_hash_handle; #define GC_SHA224_DIGEST_SIZE 24 #define GC_SM3_DIGEST_SIZE 32 +#define GC_MAX_DIGEST_SIZE 64 + /* Cipher types. */ enum Gc_cipher { @@ -171,13 +173,20 @@ extern Gc_rc gc_hmac_sha256 (const void *key, size_t keylen, extern Gc_rc gc_hmac_sha512 (const void *key, size_t keylen, const void *in, size_t inlen, char *resbuf); -/* Derive cryptographic keys from a password P of length PLEN, with - salt S of length SLEN, placing the result in pre-allocated buffer - DK of length DKLEN. An iteration count is specified in C, where a - larger value means this function take more time (typical iteration - counts are 1000-20000). This function "stretches" the key to be - exactly dkLen bytes long. GC_OK is returned on success, otherwise - a Gc_rc error code is returned. */ +/* Derive cryptographic keys using PKCS#5 PBKDF2 (RFC 2898) from a + password P of length PLEN, with salt S of length SLEN, placing the + result in pre-allocated buffer DK of length DKLEN. The PRF is hard + coded to be HMAC with HASH. An iteration count is specified in C + (> 0), where a larger value means this function take more time + (typical iteration counts are 1000-20000). This function + "stretches" the key to be exactly dkLen bytes long. GC_OK is + returned on success, otherwise a Gc_rc error code is returned. */ +extern Gc_rc +gc_pbkdf2_hmac (Gc_hash hash, + const char *P, size_t Plen, + const char *S, size_t Slen, + unsigned int c, char *DK, size_t dkLen); + extern Gc_rc gc_pbkdf2_sha1 (const char *P, size_t Plen, const char *S, size_t Slen, |