Home GnuPG
Diffusion libgcrypt 542d354b902c

PBKDF2: Allow empty passphrase.
542d354b902cUnpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

PBKDF2: Allow empty passphrase.

* cipher/kdf.c (gcry_kdf_derive): Allow empty passphrase for PBKDF2.
* tests/t-kdf.c (check_pbkdf2): Add test case for above.

While it is insecure, the PBKDF2 implementations usually
allows to derive key only from salt.

This particular case is used e.g. in cryptsetup when
you use empty file as keyfile for LUKS keyslot.

Test vector is compared with two independent implementations.

  • Signed-off-by: Milan Broz <mbroz@redhat.com>

Details

Provenance
gmazylandAuthored on Oct 29 2012, 5:18 PM
wernerCommitted on Nov 5 2012, 7:53 PM
Parents
rCd02014379201: Avoid dereferencing pointer right after the end
Branches
Unknown
Tags
Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rC542d354b902c: PBKDF2: Allow empty passphrase. (authored by Milan Broz <mbroz@redhat.com>).Nov 5 2012, 7:53 PM

Changes (2)

PathSize
cipher/
tests/

rC542d354b902c

View Options

cipher/kdf.c

Loading...
View Options

tests/t-kdf.c

Loading...