Home GnuPG
Diffusion libgcrypt 8528f1ba40e5

PBKDF2: Allow empty passphrase.
8528f1ba40e5Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

PBKDF2: Allow empty passphrase.

* cipher/kdf.c (gcry_kdf_derive): Allow empty passphrase for PBKDF2.
* tests/t-kdf.c (check_pbkdf2): Add test case for above.

While it is insecure, the PBKDF2 implementations usually
allows to derive key only from salt.

This particular case is used e.g. in cryptsetup when
you use empty file as keyfile for LUKS keyslot.

Test vector is compared with two independent implementations.

  • Signed-off-by: Milan Broz <mbroz@redhat.com>

Details

Provenance
gmazylandAuthored on Oct 29 2012, 5:18 PM
wernerCommitted on Oct 30 2012, 10:10 AM
Parents
rC2c54c4da19d3: Replace deliberate division by zero with _gcry_divide_by_zero.
Branches
Unknown
Tags
Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rC8528f1ba40e5: PBKDF2: Allow empty passphrase. (authored by Milan Broz <mbroz@redhat.com>).Oct 30 2012, 10:10 AM

Changes (2)

PathSize
cipher/
tests/

rC8528f1ba40e5

View Options

cipher/kdf.c

Loading...
View Options

tests/t-kdf.c

Loading...