const unsigned char *salt, int saltlen, int iter,
const EVP_MD *digest, int keylen, unsigned char *out)
{
+ const char *empty = "";
unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
int cplen, j, k, tkeylen, mdlen;
unsigned long i = 1;
return 0;
p = out;
tkeylen = keylen;
- if (!pass)
+ if (pass == NULL) {
+ pass = empty;
passlen = 0;
- else if (passlen == -1)
+ } else if (passlen == -1) {
passlen = strlen(pass);
+ }
if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) {
HMAC_CTX_free(hctx_tpl);
return 0;
HMAC_CTX_free(hctx_tpl);
return 0;
}
- HMAC_CTX_reset(hctx);
memcpy(p, digtmp, cplen);
for (j = 1; j < iter; j++) {
if (!HMAC_CTX_copy(hctx, hctx_tpl)) {
HMAC_CTX_free(hctx_tpl);
return 0;
}
- HMAC_CTX_reset(hctx);
for (k = 0; k < cplen; k++)
p[k] ^= digtmp[k];
}
keylen, out);
}
-# ifdef DO_TEST
-main()
-{
- unsigned char out[4];
- unsigned char salt[] = { 0x12, 0x34, 0x56, 0x78 };
- PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
- fprintf(stderr, "Out %02X %02X %02X %02X\n",
- out[0], out[1], out[2], out[3]);
-}
-
-# endif
-
/*
* Now the key derivation function itself. This is a bit evil because it has
* to check the ASN1 parameters are valid: and there are quite a few of