Commit d5a173c7 authored by Niels Möller's avatar Niels Möller

Argument reorder for pbkdf2.

parent 4404dc6d
2012-09-20 Niels Möller <nisse@lysator.liu.se> 2012-09-20 Niels Möller <nisse@lysator.liu.se>
* pbkdf2.c (pbkdf2): Reordered arguments, for consistency.
* pbkdf2.h (PBKDF2): Analogous reordering.
* testsuite/pbkdf2-test.c: Adapted to new argument order. Also use
LDATA for the salt.
* nettle.texinfo (Key derivation functions): Updated documented
pbkdf2 prototype.
* testsuite/Makefile.in (VALGRIND): New variable, to make valgrind * testsuite/Makefile.in (VALGRIND): New variable, to make valgrind
checking easier. checking easier.
......
...@@ -2130,7 +2130,7 @@ uses a pseudorandom function such as @acronym{HMAC-SHA1}. ...@@ -2130,7 +2130,7 @@ uses a pseudorandom function such as @acronym{HMAC-SHA1}.
Nettle's @acronym{PBKDF2} function is defined in @file{<nettle/pbkdf2.h>}. Nettle's @acronym{PBKDF2} function is defined in @file{<nettle/pbkdf2.h>}.
It contains a function: It contains a function:
@deftypefun void pbkdf2 (void *mac_ctx, unsigned digest_size, nettle_hash_update_func *update, nettle_hash_digest_func *digest, unsigned length, uint8_t *dst, unsigned iterations, unsigned salt_length, const uint8_t *salt) @deftypefun void pbkdf2 (void *mac_ctx, nettle_hash_update_func *update, nettle_hash_digest_func *digest, unsigned digest_size, unsigned iterations, unsigned salt_length, const uint8_t *salt, unsigned length, uint8_t *dst)
Derive symmetric key from a password according to PKCS #5 PBKDF2. The Derive symmetric key from a password according to PKCS #5 PBKDF2. The
PRF is assumed to have been initialized and this function will call the PRF is assumed to have been initialized and this function will call the
@var{update} and @var{digest} functions passing the @var{mac_ctx} @var{update} and @var{digest} functions passing the @var{mac_ctx}
......
...@@ -38,12 +38,12 @@ ...@@ -38,12 +38,12 @@
#include "nettle-internal.h" #include "nettle-internal.h"
void void
pbkdf2 (void *mac_ctx, unsigned digest_size, pbkdf2 (void *mac_ctx,
nettle_hash_update_func *update, nettle_hash_update_func *update,
nettle_hash_digest_func *digest, nettle_hash_digest_func *digest,
unsigned length, uint8_t *dst, unsigned digest_size, unsigned iterations,
unsigned iterations, unsigned salt_length, const uint8_t *salt,
unsigned salt_length, const uint8_t *salt) unsigned length, uint8_t *dst)
{ {
TMP_DECL(U, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE); TMP_DECL(U, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
TMP_DECL(T, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE); TMP_DECL(T, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
......
...@@ -37,21 +37,22 @@ extern "C" ...@@ -37,21 +37,22 @@ extern "C"
#define pbkdf2 nettle_pbkdf2 #define pbkdf2 nettle_pbkdf2
void void
pbkdf2 (void *mac_ctx, unsigned digest_size, pbkdf2 (void *mac_ctx,
nettle_hash_update_func *update, nettle_hash_update_func *update,
nettle_hash_digest_func *digest, nettle_hash_digest_func *digest,
unsigned length, uint8_t *dst, unsigned digest_size, unsigned iterations,
unsigned iterations, unsigned salt_length, const uint8_t *salt,
unsigned salt_length, const uint8_t *salt); unsigned length, uint8_t *dst);
#define PBKDF2(ctx, digest_size, update, digest, \ #define PBKDF2(ctx, update, digest, digest_size, \
length, dst, iterations, salt_length, salt) \ iterations, salt_length, salt, length, dst) \
(0 ? ((update)((ctx), 0, (uint8_t *) 0), \ (0 ? ((update)((ctx), 0, (uint8_t *) 0), \
(digest)((ctx), 0, (uint8_t *) 0)) \ (digest)((ctx), 0, (uint8_t *) 0)) \
: pbkdf2 ((ctx), (digest_size), \ : pbkdf2 ((ctx), \
(nettle_hash_update_func *)(update), \ (nettle_hash_update_func *)(update), \
(nettle_hash_digest_func *)(digest), \ (nettle_hash_digest_func *)(digest), \
(length), (dst), (iterations), (salt_length), (salt))) (digest_size), (iterations), \
(salt_length), (salt), (length), (dst)))
#ifdef __cplusplus #ifdef __cplusplus
} }
......
...@@ -3,10 +3,11 @@ ...@@ -3,10 +3,11 @@
#include "sha.h" #include "sha.h"
#include "pbkdf2.h" #include "pbkdf2.h"
#define PBKDF2_TEST(ctx, size, update, digest, slen, s, c, expect) \ /* NOTE: The salt argument is expected to expand to length, data */
#define PBKDF2_TEST(ctx, update, digest, size, c, salt, expect) \
do { \ do { \
dk[expect->length] = 17; \ dk[expect->length] = 17; \
PBKDF2 (ctx, size, update, digest, expect->length, dk, c, slen, s); \ PBKDF2 (ctx, update, digest, size, c, salt, expect->length, dk); \
ASSERT(MEMEQ (expect->length, dk, expect->data)); \ ASSERT(MEMEQ (expect->length, dk, expect->data)); \
ASSERT(dk[expect->length] == 17); \ ASSERT(dk[expect->length] == 17); \
} while (0) } while (0)
...@@ -24,34 +25,34 @@ test_main (void) ...@@ -24,34 +25,34 @@ test_main (void)
hmac_sha1_set_key (&sha1ctx, 8, "password"); hmac_sha1_set_key (&sha1ctx, 8, "password");
PBKDF2_TEST(&sha1ctx, SHA1_DIGEST_SIZE, hmac_sha1_update, hmac_sha1_digest, PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
4, "salt", 1, 1, LDATA("salt"),
SHEX("0c60c80f961f0e71f3a9b524af6012062fe037a6")); SHEX("0c60c80f961f0e71f3a9b524af6012062fe037a6"));
PBKDF2_TEST (&sha1ctx, SHA1_DIGEST_SIZE, hmac_sha1_update, hmac_sha1_digest, PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
4, "salt", 2, 2, LDATA("salt"),
SHEX("ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957")); SHEX("ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"));
PBKDF2_TEST (&sha1ctx, SHA1_DIGEST_SIZE, hmac_sha1_update, hmac_sha1_digest, PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
4, "salt", 4096, 4096, LDATA("salt"),
SHEX("4b007901b765489abead49d926f721d065a429c1")); SHEX("4b007901b765489abead49d926f721d065a429c1"));
#if 0 /* too slow */ #if 0 /* too slow */
PBKDF2_TEST (&sha1ctx, SHA1_DIGEST_SIZE, hmac_sha1_update, hmac_sha1_digest, PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
4, "salt", 16777216, 16777216, LDATA("salt"),
SHEX("eefe3d61cd4da4e4e9945b3d6ba2158c2634e984")); SHEX("eefe3d61cd4da4e4e9945b3d6ba2158c2634e984"));
#endif #endif
hmac_sha1_set_key (&sha1ctx, 24, "passwordPASSWORDpassword"); hmac_sha1_set_key (&sha1ctx, 24, "passwordPASSWORDpassword");
PBKDF2_TEST (&sha1ctx, SHA1_DIGEST_SIZE, hmac_sha1_update, hmac_sha1_digest, PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
36, "saltSALTsaltSALTsaltSALTsaltSALTsalt", 4096, 4096, LDATA("saltSALTsaltSALTsaltSALTsaltSALTsalt"),
SHEX("3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038")); SHEX("3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"));
hmac_sha1_set_key (&sha1ctx, 9, "pass\0word"); hmac_sha1_set_key (&sha1ctx, 9, "pass\0word");
PBKDF2_TEST (&sha1ctx, SHA1_DIGEST_SIZE, hmac_sha1_update, hmac_sha1_digest, PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
5, "sa\0lt", 4096, 4096, LDATA("sa\0lt"),
SHEX("56fa6aa75548099dcc37d7f03425e0c3")); SHEX("56fa6aa75548099dcc37d7f03425e0c3"));
/* PBKDF2-HMAC-SHA-256 test vectors confirmed with another /* PBKDF2-HMAC-SHA-256 test vectors confirmed with another
...@@ -59,15 +60,13 @@ test_main (void) ...@@ -59,15 +60,13 @@ test_main (void)
hmac_sha256_set_key (&sha256ctx, 6, "passwd"); hmac_sha256_set_key (&sha256ctx, 6, "passwd");
PBKDF2_TEST (&sha256ctx, SHA256_DIGEST_SIZE, PBKDF2_TEST (&sha256ctx, hmac_sha256_update, hmac_sha256_digest,
hmac_sha256_update, hmac_sha256_digest, SHA256_DIGEST_SIZE, 1, LDATA("salt"),
4, "salt", 1,
SHEX("55ac046e56e3089fec1691c22544b605")); SHEX("55ac046e56e3089fec1691c22544b605"));
hmac_sha256_set_key (&sha256ctx, 8, "Password"); hmac_sha256_set_key (&sha256ctx, 8, "Password");
PBKDF2_TEST (&sha256ctx, SHA256_DIGEST_SIZE, PBKDF2_TEST (&sha256ctx, hmac_sha256_update, hmac_sha256_digest,
hmac_sha256_update, hmac_sha256_digest, SHA256_DIGEST_SIZE, 80000, LDATA("NaCl"),
4, "NaCl", 80000,
SHEX("4ddcd8f60b98be21830cee5ef22701f9")); SHEX("4ddcd8f60b98be21830cee5ef22701f9"));
} }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment