francesco/fml13v01-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
00ff052d0c4e0bcbc9727aed6615a1ddbc44a204
fml13v01-buildroot/package/libkcapi/0001-kcapi-enc.patch
T
Huan.Feng 4dc678226f update libkcapi version to 1.3.1
2022-01-13 18:05:53 +08:00

85 lines
2.3 KiB
Diff
Raw Blame History

diff -Nurp libkcapi-1.3.1/apps/kcapi-enc.c libkcapi-1.3.1_new/apps/kcapi-enc.c
--- libkcapi-1.3.1/apps/kcapi-enc.c 2021-05-17 20:34:44.000000000 +0800
+++ libkcapi-1.3.1_new/apps/kcapi-enc.c 2022-01-13 17:12:03.441098213 +0800
@@ -731,78 +731,9 @@ static int set_key(struct kcapi_handle *
/* Transform password into a key using PBKDF2. */
if (passwdptr && passwdlen) {
- uint8_t *saltbuf = NULL;
- uint32_t saltbuflen = 0;
-
- dolog(KCAPI_LOG_DEBUG, "password %s", passwdptr);
-
- /* Determine the number of PBKDF2 iterations. */
- if (!opts->pbkdf_iterations) {
- opts->pbkdf_iterations =
- kcapi_pbkdf_iteration_count(opts->pbkdf_hash, 0);
-
- dolog(KCAPI_LOG_WARN, "PBKDF2 iterations used: %u",
- opts->pbkdf_iterations);
- }
-
- /* Convert the salt hex representation into binary. */
- if (opts->salt) {
- ret = hex2bin_alloc(opts->salt,
- (uint32_t)strlen(opts->salt),
- &saltbuf, &saltbuflen);
- if (ret)
- goto out;
- } else {
- /* No salt provided, generate a random number. */
- struct kcapi_handle *rng;
- uint32_t j = 0;
-
- ret = kcapi_rng_init(&rng, "stdrng", 0);
- if (ret)
- goto out;
- ret = kcapi_rng_seed(rng, NULL, 0);
- if (ret) {
- kcapi_rng_destroy(rng);
- goto out;
- }
-
- saltbuflen = 32;
- saltbuf = malloc(saltbuflen);
- if (!saltbuf) {
- ret = -ENOMEM;
- kcapi_rng_destroy(rng);
- goto out;
- }
-
- while (j < saltbuflen) {
- ret = kcapi_rng_generate(rng, saltbuf,
- saltbuflen);
- if (ret < 0) {
- kcapi_rng_destroy(rng);
- free(saltbuf);
- goto out;
- }
- j += (uint32_t)ret;
- }
- kcapi_rng_destroy(rng);
-
- dolog_bin(KCAPI_LOG_WARN, saltbuf, saltbuflen,
- "PBKDF2 salt used");
- }
-
- /*
- * PBKDF2 operation: generate a key from password --
- * reading of sizeof(keybuf) implies 256 bit key.
- */
- ret = kcapi_pbkdf(opts->pbkdf_hash, passwdptr, passwdlen,
- saltbuf, saltbuflen, opts->pbkdf_iterations,
- keybuf, sizeof(keybuf));
- free(saltbuf);
- if (ret)
- goto out;
-
have_key = 1;
- keybuflen = sizeof(keybuf);
+ memcpy(keybuf,passwdptr,passwdlen);
+ keybuflen = passwdlen;
dolog(KCAPI_LOG_VERBOSE,
"Data Encryption Key derived from Password using PBKDF2 using %s with %u iterations",
Reference in New Issue View Git Blame Copy Permalink