mirror of
https://github.com/openssl/openssl.git
synced 2025-01-18 13:44:20 +08:00
PBKDF2 should be efficient. Contributed by Christian Heimes
<christian@python.org>.
This commit is contained in:
Ben Laurie
parent
d519f0831c
commit
c10e3f0cff
@ -85,7 +85,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
|||||||
unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
|
unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
|
||||||
int cplen, j, k, tkeylen, mdlen;
|
int cplen, j, k, tkeylen, mdlen;
|
||||||
unsigned long i = 1;
|
unsigned long i = 1;
|
||||||
HMAC_CTX hctx;
|
HMAC_CTX hctx_tpl, hctx;
|
||||||
|
|
||||||
mdlen = EVP_MD_size(digest);
|
mdlen = EVP_MD_size(digest);
|
||||||
if (mdlen < 0)
|
if (mdlen < 0)
|
||||||
@ -98,6 +98,11 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
|||||||
passlen = 0;
|
passlen = 0;
|
||||||
else if(passlen == -1)
|
else if(passlen == -1)
|
||||||
passlen = strlen(pass);
|
passlen = strlen(pass);
|
||||||
|
if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL))
|
||||||
|
{
|
||||||
|
HMAC_CTX_cleanup(&hctx_tpl);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
while(tkeylen)
|
while(tkeylen)
|
||||||
{
|
{
|
||||||
if(tkeylen > mdlen)
|
if(tkeylen > mdlen)
|
||||||
@ -111,19 +116,35 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
|||||||
itmp[1] = (unsigned char)((i >> 16) & 0xff);
|
itmp[1] = (unsigned char)((i >> 16) & 0xff);
|
||||||
itmp[2] = (unsigned char)((i >> 8) & 0xff);
|
itmp[2] = (unsigned char)((i >> 8) & 0xff);
|
||||||
itmp[3] = (unsigned char)(i & 0xff);
|
itmp[3] = (unsigned char)(i & 0xff);
|
||||||
if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
|
if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
|
||||||
|| !HMAC_Update(&hctx, salt, saltlen)
|
|
||||||
|| !HMAC_Update(&hctx, itmp, 4)
|
|
||||||
|| !HMAC_Final(&hctx, digtmp, NULL))
|
|
||||||
{
|
{
|
||||||
|
HMAC_CTX_cleanup(&hctx_tpl);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (!HMAC_Update(&hctx, salt, saltlen)
|
||||||
|
|| !HMAC_Update(&hctx, itmp, 4)
|
||||||
|
|| !HMAC_Final(&hctx, digtmp, NULL))
|
||||||
|
{
|
||||||
|
HMAC_CTX_cleanup(&hctx_tpl);
|
||||||
HMAC_CTX_cleanup(&hctx);
|
HMAC_CTX_cleanup(&hctx);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
memcpy(p, digtmp, cplen);
|
memcpy(p, digtmp, cplen);
|
||||||
for(j = 1; j < iter; j++)
|
for(j = 1; j < iter; j++)
|
||||||
{
|
{
|
||||||
HMAC(digest, pass, passlen,
|
if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
|
||||||
digtmp, mdlen, digtmp, NULL);
|
{
|
||||||
|
HMAC_CTX_cleanup(&hctx_tpl);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (!HMAC_Update(&hctx, digtmp, mdlen)
|
||||||
|
|| !HMAC_Final(&hctx, digtmp, NULL))
|
||||||
|
{
|
||||||
|
HMAC_CTX_cleanup(&hctx_tpl);
|
||||||
|
HMAC_CTX_cleanup(&hctx);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
HMAC_CTX_cleanup(&hctx);
|
||||||
for(k = 0; k < cplen; k++)
|
for(k = 0; k < cplen; k++)
|
||||||
p[k] ^= digtmp[k];
|
p[k] ^= digtmp[k];
|
||||||
}
|
}
|
||||||
@ -131,7 +152,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
|||||||
i++;
|
i++;
|
||||||
p+= cplen;
|
p+= cplen;
|
||||||
}
|
}
|
||||||
HMAC_CTX_cleanup(&hctx);
|
HMAC_CTX_cleanup(&hctx_tpl);
|
||||||
#ifdef DEBUG_PKCS5V2
|
#ifdef DEBUG_PKCS5V2
|
||||||
fprintf(stderr, "Password:\n");
|
fprintf(stderr, "Password:\n");
|
||||||
h__dump (pass, passlen);
|
h__dump (pass, passlen);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user