[PATCH] pbkdf2: allow empty password
Werner Koch
wk at gnupg.org
Mon Oct 29 16:40:13 CET 2012
On Fri, 26 Oct 2012 13:51, mbroz at redhat.com said:
> While it is insecure, the PBKDF2 implementations usually
> allows to derive password only from salt.
Please revise your patch so that it allows an empty passphrase only for
PBKDF2. I doubt that we should do this for OpenPGP or future KDFs.
You should also write ChnageLog entries. See doc/HACKING. Example
commit message would be:
=====
pbkdf2: allow empty password
* cipher/kdf.c (gcry_kdf_derive): Allow empty passphrase for PBKDF2.
* tests/t-kdf.c (check_pbkdf2): Add test case for above.
--
Everything after the above tear off line won't go in the tarball's
ChangeLog. Use this for comments which don't make sense in a
ChangeLog. It is optional of course. For typo corrections you may use
the tear off line directly after the first empty line - in this case no
ChangeLog entry will be created.
=====
Thanks,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gcrypt-devel
mailing list