* Nettle crypto backend implementation
*
* Copyright (C) 2011-2012 Red Hat, Inc. All rights reserved.
- * Copyright (C) 2011-2014, Milan Broz
+ * Copyright (C) 2011-2012, Milan Broz
*
* This file is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
#include <errno.h>
#include <nettle/sha.h>
#include <nettle/hmac.h>
-#include <nettle/pbkdf2.h>
#include "crypto_backend.h"
static char *version = "Nettle";
int crypt_hmac_destroy(struct crypt_hmac *ctx)
{
memset(ctx->key, 0, ctx->key_length);
- free(ctx->key);
memset(ctx, 0, sizeof(*ctx));
+ free(ctx->key);
free(ctx);
return 0;
}
char *key, size_t key_length,
unsigned int iterations)
{
- struct crypt_hmac *h;
- int r;
-
if (!kdf || strncmp(kdf, "pbkdf2", 6))
return -EINVAL;
- r = crypt_hmac_init(&h, hash, password, password_length);
- if (r < 0)
- return r;
-
- nettle_pbkdf2(&h->nettle_ctx, h->hash->nettle_hmac_update,
- h->hash->nettle_hmac_digest, h->hash->length, iterations,
- salt_length, (const uint8_t *)salt, key_length,
- (uint8_t *)key);
- crypt_hmac_destroy(h);
-
- return 0;
+ /* FIXME: switch to internal implementation in Nettle 2.6 */
+ return pkcs5_pbkdf2(hash, password, password_length, salt, salt_length,
+ iterations, key_length, key);
}