diff options
| author | Daiki Ueno <dueno@redhat.com> | 2020-02-02 17:57:37 +0100 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2020-02-04 10:29:37 +0100 |
| commit | e974f7136e5317fddc16e8f0088969f6c3a3b254 (patch) | |
| tree | 334a5017ac00b46bf9e8a10a0c0387e46738fcad | |
| parent | 0f414467320cd3fa65b233a11abd3258b858477e (diff) | |
| download | gnutls-e974f7136e5317fddc16e8f0088969f6c3a3b254.tar.gz | |
pkcs7-crypt: refactor using gnutls_pbkdf2
Signed-off-by: Daiki Ueno <dueno@redhat.com>
| -rw-r--r-- | lib/x509/pkcs7-crypt.c | 46 |
1 files changed, 9 insertions, 37 deletions
diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c index 1a4f0370f3..274ac14248 100644 --- a/lib/x509/pkcs7-crypt.c +++ b/lib/x509/pkcs7-crypt.c @@ -36,10 +36,6 @@ #include <num.h> #include <random.h> #include <pk.h> -#include <nettle/pbkdf2.h> -#if ENABLE_GOST -#include "../nettle/gost/pbkdf2-gost.h" -#endif #define PBES1_DES_MD5_OID "1.2.840.113549.1.5.3" @@ -1112,40 +1108,16 @@ _gnutls_pbes2_string_to_key(unsigned int pass_len, const char *password, const struct pbkdf2_params *kdf_params, int key_size, uint8_t *key) { - int result = 0; - - if (kdf_params->mac == GNUTLS_MAC_SHA1) - pbkdf2_hmac_sha1(pass_len, (uint8_t *) password, - kdf_params->iter_count, - kdf_params->salt_size, - kdf_params->salt, key_size, key); - else if (kdf_params->mac == GNUTLS_MAC_SHA256) - pbkdf2_hmac_sha256(pass_len, (uint8_t *) password, - kdf_params->iter_count, - kdf_params->salt_size, - kdf_params->salt, key_size, key); -#if ENABLE_GOST - else if (kdf_params->mac == GNUTLS_MAC_GOSTR_94) - pbkdf2_hmac_gosthash94cp(pass_len, (uint8_t *) password, - kdf_params->iter_count, - kdf_params->salt_size, - kdf_params->salt, key_size, key); - else if (kdf_params->mac == GNUTLS_MAC_STREEBOG_256) - pbkdf2_hmac_streebog256(pass_len, (uint8_t *) password, - kdf_params->iter_count, - kdf_params->salt_size, - kdf_params->salt, key_size, key); - else if (kdf_params->mac == GNUTLS_MAC_STREEBOG_512) - pbkdf2_hmac_streebog512(pass_len, (uint8_t *) password, - kdf_params->iter_count, - kdf_params->salt_size, - kdf_params->salt, key_size, key); -#endif - else - result = - gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + gnutls_datum_t _key; + gnutls_datum_t salt; - return result; + _key.data = (void *)password; + _key.size = pass_len; + salt.data = (void *)kdf_params->salt; + salt.size = kdf_params->salt_size; + + return gnutls_pbkdf2(kdf_params->mac, &_key, &salt, + kdf_params->iter_count, key, key_size); } int |