3
* PKCS #5 password-based key derivation function PBKDF2, see RFC 2898.
6
/* nettle, low-level cryptographics library
8
* Copyright (C) 2012 Simon Josefsson, Niels Möller
10
* The nettle library is free software; you can redistribute it and/or modify
11
* it under the terms of the GNU Lesser General Public License as published by
12
* the Free Software Foundation; either version 2.1 of the License, or (at your
13
* option) any later version.
15
* The nettle library is distributed in the hope that it will be useful, but
16
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
18
* License for more details.
20
* You should have received a copy of the GNU Lesser General Public License
21
* along with the nettle library; see the file COPYING.LIB. If not, write to
22
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
38
#include "nettle-internal.h"
41
pbkdf2 (void *mac_ctx,
42
nettle_hash_update_func *update,
43
nettle_hash_digest_func *digest,
44
unsigned digest_size, unsigned iterations,
45
unsigned salt_length, const uint8_t *salt,
46
unsigned length, uint8_t *dst)
48
TMP_DECL(U, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
49
TMP_DECL(T, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
53
assert (iterations > 0);
58
TMP_ALLOC (U, digest_size);
59
TMP_ALLOC (T, digest_size);
62
i++, dst += digest_size, length -= digest_size)
68
WRITE_UINT32 (tmp, i);
70
update (mac_ctx, salt_length, salt);
71
update (mac_ctx, sizeof(tmp), tmp);
72
digest (mac_ctx, digest_size, T);
76
for (u = 1; u < iterations; u++, prev = U)
78
update (mac_ctx, digest_size, prev);
79
digest (mac_ctx, digest_size, U);
81
memxor (T, U, digest_size);
84
if (length <= digest_size)
86
memcpy (dst, T, length);
89
memcpy (dst, T, digest_size);