eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-06 00:10:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix PBKDF2 for crypto backens which does not support long HMAC keys.

Browse Source 
(Or it rehases key in every iteration.)

- Kernel backens seems not to support >20480 HMAC key
- NSS is slow (without proper key reset)

Add some test vectors (commented out by default).
This commit is contained in:
Milan Broz
2014-04-13 19:34:50 +02:00
parent 6225c901fe
commit 9563aa33c8
9 changed files with 275 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/crypto_backend/crypto_nettle.c
View File

@@ -2,7 +2,7 @@
* Nettle crypto backend implementation
*
* Copyright (C) 2011-2012 Red Hat, Inc. All rights reserved.
* Copyright (C) 2011-2012, Milan Broz
* Copyright (C) 2011-2014, Milan Broz
*
* This file is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -289,5 +289,5 @@ int crypt_pbkdf(const char *kdf, const char *hash,
/* FIXME: switch to internal implementation in Nettle 2.6 */
return pkcs5_pbkdf2(hash, password, password_length, salt, salt_length,
iterations, key_length, key);
iterations, key_length, key, 0);
}