diff options
-rw-r--r-- | cipher/kdf.c | 13 | ||||
-rw-r--r-- | tests/t-kdf.c | 26 |
2 files changed, 34 insertions, 5 deletions
diff --git a/cipher/kdf.c b/cipher/kdf.c index d371bdd7..3e51e115 100644 --- a/cipher/kdf.c +++ b/cipher/kdf.c @@ -402,10 +402,13 @@ argon2_fill_first_blocks (argon2_ctx_t a) iov[iov_count].len = 4 * 7; iov[iov_count].off = 0; iov_count++; - iov[iov_count].data = (void *)a->password; - iov[iov_count].len = a->passwordlen; - iov[iov_count].off = 0; - iov_count++; + if (a->passwordlen) + { + iov[iov_count].data = (void *)a->password; + iov[iov_count].len = a->passwordlen; + iov[iov_count].off = 0; + iov_count++; + } buf_put_le32 (buf[7], a->saltlen); iov[iov_count].data = buf[7]; @@ -1861,7 +1864,7 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int subalgo, switch (algo) { case GCRY_KDF_ARGON2: - if (!inputlen || !saltlen) + if (!saltlen) ec = GPG_ERR_INV_VALUE; else ec = argon2_open (hd, subalgo, param, paramlen, diff --git a/tests/t-kdf.c b/tests/t-kdf.c index 17402762..c0192d7b 100644 --- a/tests/t-kdf.c +++ b/tests/t-kdf.c @@ -1471,6 +1471,32 @@ check_argon2 (void) "\x0d\x64\x0d\xf5\x8d\x78\x76\x6c\x08\xc0\x37\xa3\x4a\x8b\x53\xc9" "\xd0\x1e\xf0\x45\x2d\x75\xb6\x5e\xb5\x25\x20\xe9\x6b\x01\xe6\x59" }, + { + /* empty password */ + GCRY_KDF_ARGON2I, + { 32, 3, 128, 1 }, + 0, NULL, + 16, + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + 0, NULL, + 0, NULL, + 32, + "\xbb\x1f\xf2\xb9\x9f\xd4\x4a\xd9\xdf\x7f\xb9\x54\x55\x9e\xb8\xeb" + "\xb5\x9d\xab\xce\x2e\x62\x9f\x9b\x89\x09\xfe\xde\x57\xcc\x63\x86" + }, + { + /* empty password */ + GCRY_KDF_ARGON2ID, + { 32, 3, 128, 1 }, + 0, NULL, + 16, + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + 0, NULL, + 0, NULL, + 32, + "\x09\x2f\x38\x35\xac\xb2\x43\x92\x93\xeb\xcd\xe8\x04\x16\x6a\x31" + "\xce\x14\xd4\x55\xdb\xd8\xf7\xe6\xb4\xf5\x9d\x64\x8e\xd0\x3a\xdb" + }, }; unsigned char out[32]; int i; |