aboutsummaryrefslogtreecommitdiff
path: root/pbkdf2.c
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2015-06-05 15:23:31 -0400
committerRob Austein <sra@hactrn.net>2015-06-05 15:23:31 -0400
commite1029f9213ba3df2b3b1774c4085df9df67352de (patch)
treedc84beba322d0a1d0785761de7651e9a0bb24894 /pbkdf2.c
parentce372c37127c1b8199ca1732d58b623664250e7e (diff)
This time for sure, Rocky!
Diffstat (limited to 'pbkdf2.c')
-rw-r--r--pbkdf2.c29
1 files changed, 14 insertions, 15 deletions
diff --git a/pbkdf2.c b/pbkdf2.c
index 1ed8332..24d986f 100644
--- a/pbkdf2.c
+++ b/pbkdf2.c
@@ -86,7 +86,7 @@ hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
uint8_t * derived_key, size_t derived_key_length,
unsigned iterations_desired)
{
- uint8_t ac[HAL_MAX_HASH_DIGEST_LENGTH], mac[HAL_MAX_HASH_DIGEST_LENGTH];
+ uint8_t result[HAL_MAX_HASH_DIGEST_LENGTH], mac[HAL_MAX_HASH_DIGEST_LENGTH];
uint8_t statebuf[1024];
unsigned iteration;
hal_error_t err;
@@ -99,15 +99,15 @@ hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
return HAL_ERROR_BAD_ARGUMENTS;
assert(sizeof(statebuf) >= descriptor->hmac_state_length);
- assert(sizeof(ac) >= descriptor->digest_length);
+ assert(sizeof(result) >= descriptor->digest_length);
assert(sizeof(mac) >= descriptor->digest_length);
/* Output length check per RFC 2989 5.2. */
if ((uint64_t) derived_key_length > ((uint64_t) 0xFFFFFFFF) * descriptor->block_length)
return HAL_ERROR_UNSUPPORTED_KEY;
- memset(ac, 0, sizeof(ac));
- memset(mac, 0, sizeof(mac));
+ memset(result, 0, sizeof(result));
+ memset(mac, 0, sizeof(mac));
/*
* We probably should check here to see whether the password is
@@ -126,43 +126,42 @@ hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
/*
* Initial HMAC is of the salt concatenated with the block count.
- * This seeds the accumulator, and constitutes iteration one.
+ * This seeds the result, and constitutes iteration one.
*/
if ((err = do_hmac(descriptor, password, password_length, salt, salt_length,
block, mac, sizeof(mac))) != HAL_OK)
return err;
- memcpy(ac, mac, descriptor->digest_length);
+ memcpy(result, mac, descriptor->digest_length);
/*
* Now iterate however many times the caller requested, XORing the
- * result back into the accumulator on each iteration.
+ * HMAC back into the result on each iteration.
*/
for (iteration = 2; iteration <= iterations_desired; iteration++) {
if ((err = do_hmac(descriptor, password, password_length,
- ac, descriptor->digest_length,
+ mac, descriptor->digest_length,
0, mac, sizeof(mac))) != HAL_OK)
return err;
for (i = 0; i < descriptor->digest_length; i++)
- ac[i] ^= mac[i];
+ result[i] ^= mac[i];
}
/*
- * Accumulator holds the generated block. Save it, then exit or
- * loop for another block.
+ * Save result block, then exit or loop for another block.
*/
if (derived_key_length > descriptor->digest_length) {
- memcpy(derived_key, ac, descriptor->digest_length);
- derived_key += descriptor->digest_length;
- derived_key_length -= descriptor->digest_length;
+ memcpy(derived_key, result, descriptor->digest_length);
+ derived_key += descriptor->digest_length;
+ derived_key_length -= descriptor->digest_length;
}
else {
- memcpy(derived_key, ac, derived_key_length);
+ memcpy(derived_key, result, derived_key_length);
return HAL_OK;
}
}