aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstate/get_enc.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-08-21 20:16:24 +0000
committerlloyd <[email protected]>2010-08-21 20:16:24 +0000
commite7d9701a86658efbc316ccfeaf48cec8c094fc35 (patch)
treefa4a7bb4e91dc0eddaace256b7c18fb41dfa60ca /src/libstate/get_enc.cpp
parentd34c9569af1c230c3ee52cef18aadf7d10bdf563 (diff)
When creating a PBKDF2, first check if the argument name is a known
MAC. If it is, use it as the PRF. Otherwise assume it is a hash function and use it with HMAC. Instead of instantiating the HMAC directly, go through the algorithm factory. Add a test using PBKDF2 with CMAC(Blowfish); Blowfish mainly because it supports arbitrarily large keys, and also the required 4 KiB of sbox tables actually would make it fairly useful in that it would make cracking using hardware or GPUs rather expensive. Have not confirmed this vector against any other implementation because I don't know of any other implementation of PBKDF2 that supports MACs other than HMAC.
Diffstat (limited to 'src/libstate/get_enc.cpp')
-rw-r--r--src/libstate/get_enc.cpp8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/libstate/get_enc.cpp b/src/libstate/get_enc.cpp
index a825a5d24..1176061c2 100644
--- a/src/libstate/get_enc.cpp
+++ b/src/libstate/get_enc.cpp
@@ -15,7 +15,6 @@
#if defined(BOTAN_HAS_PBKDF2)
#include <botan/pbkdf2.h>
- #include <botan/hmac.h>
#endif
#if defined(BOTAN_HAS_PGPS2K)
@@ -96,7 +95,12 @@ PBKDF* get_pbkdf(const std::string& algo_spec)
#if defined(BOTAN_HAS_PBKDF2)
if(request.algo_name() == "PBKDF2" && request.arg_count() == 1)
- return new PKCS5_PBKDF2(new HMAC(af.make_hash_function(request.arg(0))));
+ {
+ if(const MessageAuthenticationCode* mac_proto = af.prototype_mac(request.arg(0)))
+ return new PKCS5_PBKDF2(mac_proto->clone());
+
+ return new PKCS5_PBKDF2(af.make_mac("HMAC(" + request.arg(0) + ")"));
+ }
#endif
#if defined(BOTAN_HAS_PGPS2K)