Have a shared work buffer and derive the number of KDF round from size of buffer
This commit is contained in:
parent
741c0d0bb5
commit
4ec4a06776
14
puer.c
14
puer.c
|
@ -268,9 +268,9 @@ void hmac(unsigned char output[32], unsigned char key[], size_t keylen, unsigned
|
||||||
finalize_hash(&state, output);
|
finalize_hash(&state, output);
|
||||||
}
|
}
|
||||||
|
|
||||||
// KDF_ROUNDS must be at least 2
|
unsigned char workbuf[8 * 1024 * 1024];
|
||||||
#define KDF_ROUNDS 100000
|
#define KDF_ROUNDS (sizeof(workbuf) / 32)
|
||||||
unsigned char kdf_buf[KDF_ROUNDS * 32];
|
|
||||||
void kdf(unsigned char key[16], unsigned char salt[32], unsigned char passphrase[], size_t passphraselen) {
|
void kdf(unsigned char key[16], unsigned char salt[32], unsigned char passphrase[], size_t passphraselen) {
|
||||||
// This is based on the design of PBKDF2 but aims to be memory hard
|
// This is based on the design of PBKDF2 but aims to be memory hard
|
||||||
// This is achieved by storing all the hashes in a buffer and the
|
// This is achieved by storing all the hashes in a buffer and the
|
||||||
|
@ -288,20 +288,20 @@ void kdf(unsigned char key[16], unsigned char salt[32], unsigned char passphrase
|
||||||
// include the counter i from PBKDF2 since we will ever only
|
// include the counter i from PBKDF2 since we will ever only
|
||||||
// produce one block of output
|
// produce one block of output
|
||||||
size_t index = KDF_ROUNDS*32 - 32;
|
size_t index = KDF_ROUNDS*32 - 32;
|
||||||
hmac(&kdf_buf[index], passphrase, passphraselen, salt, 32);
|
hmac(&workbuf[index], passphrase, passphraselen, salt, 32);
|
||||||
index -= 32;
|
index -= 32;
|
||||||
|
|
||||||
// Walk back along the buffer, at each step hashing the previous
|
// Walk back along the buffer, at each step hashing the previous
|
||||||
// hashes
|
// hashes
|
||||||
while (index > 0) {
|
while (index > 0) {
|
||||||
hmac(&kdf_buf[index], passphrase, passphraselen, &kdf_buf[index+32], 32);
|
hmac(&workbuf[index], passphrase, passphraselen, &workbuf[index+32], 32);
|
||||||
index -= 32;
|
index -= 32;
|
||||||
}
|
}
|
||||||
hmac(kdf_buf, passphrase, passphraselen, &kdf_buf[32], 32);
|
hmac(workbuf, passphrase, passphraselen, &workbuf[32], 32);
|
||||||
|
|
||||||
// Perform the final hash
|
// Perform the final hash
|
||||||
unsigned char final_hash[32];
|
unsigned char final_hash[32];
|
||||||
hmac(final_hash, passphrase, passphraselen, kdf_buf, KDF_ROUNDS * 32);
|
hmac(final_hash, passphrase, passphraselen, workbuf, KDF_ROUNDS * 32);
|
||||||
|
|
||||||
// Use first 128 bits of final hash as the key
|
// Use first 128 bits of final hash as the key
|
||||||
memcpy(key, final_hash, 16);
|
memcpy(key, final_hash, 16);
|
||||||
|
|
Loading…
Reference in New Issue