commit cf73838061df78f57f68f466c0b8dcbad1080abd
parent 2ad29d8bf07bc72234ed66c66317fe0ef7678507
Author: Nihal Jere <nihal@nihaljere.xyz>
Date: Mon, 15 Mar 2021 22:44:29 -0500
account for fixed-length salt
Diffstat:
3 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/common.h b/common.h
@@ -0,0 +1,10 @@
+#define PASSWORD_MAX_LEN 512
+#define PASSPHRASE_MAX_LEN 512
+#define KEY_LEN 32
+#define NONCE_LEN 12
+#define SALT_LEN 8
+#define ROUNDS 2000
+
+#if SALT_LEN == 0 || SALT_LEN > SIZE_MAX - 4
+#error Invalid salt size
+#endif
diff --git a/npwm.c b/npwm.c
@@ -9,16 +9,10 @@
#include <unistd.h>
#include "chacha20.h"
+#include "common.h"
#include "pkcs5_pbkdf2.h"
#include "util.h"
-#define PASSWORD_MAX_LEN 512
-#define PASSPHRASE_MAX_LEN 512
-#define KEY_LEN 32
-#define NONCE_LEN 12
-#define SALT_LEN 8
-#define ROUNDS 2000
-
char *valid;
int len;
diff --git a/pkcs5_pbkdf2.c b/pkcs5_pbkdf2.c
@@ -21,6 +21,7 @@
#include <stdint.h>
#include <stdlib.h>
+#include "common.h"
#include "pkcs5_pbkdf2.h"
#include "sha1.h"
@@ -76,7 +77,7 @@ int
pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt,
size_t salt_len, uint8_t *key, size_t key_len, unsigned int rounds)
{
- uint8_t *asalt, obuf[SHA1_DIGEST_LENGTH];
+ uint8_t asalt[SALT_LEN + 4], obuf[SHA1_DIGEST_LENGTH];
uint8_t d1[SHA1_DIGEST_LENGTH], d2[SHA1_DIGEST_LENGTH];
unsigned int i, j;
unsigned int count;
@@ -84,10 +85,6 @@ pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt,
if (rounds < 1 || key_len == 0)
goto bad;
- if (salt_len == 0 || salt_len > SIZE_MAX - 4)
- goto bad;
- if ((asalt = malloc(salt_len + 4)) == NULL)
- goto bad;
memcpy(asalt, salt, salt_len);
@@ -112,7 +109,6 @@ pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt,
key_len -= r;
};
explicit_bzero(asalt, salt_len + 4);
- free(asalt);
explicit_bzero(d1, sizeof(d1));
explicit_bzero(d2, sizeof(d2));
explicit_bzero(obuf, sizeof(obuf));
