[PATCH] kdf: Allow empty password for Argon2
Jussi Kivilinna
jussi.kivilinna at iki.fi
Thu Aug 18 07:21:46 CEST 2022
Hello,
On 11.8.2022 22.54, Milan Broz via Gcrypt-devel wrote:
> * cipher/kdf.c (_gcry_kdf_open) allow empty password for Argon2.
> --
>
> This patch fixes libcryptsetup requirement to support empty
> passwords for PBKDF (and passes Argon2 test vectors there now).
Patch looks good to me. It would be nice if patch would also add same empty password test vector to gcrypt's "tests/t-kdf.c".
-Jussi
>
> Signed-off-by: Milan Broz <gmazyland at gmail.com>
> ---
> cipher/kdf.c | 13 ++++++++-----
> 1 file changed, 8 insertions(+), 5 deletions(-)
>
> diff --git a/cipher/kdf.c b/cipher/kdf.c
> index d371bdd7..3e51e115 100644
> --- a/cipher/kdf.c
> +++ b/cipher/kdf.c
> @@ -402,10 +402,13 @@ argon2_fill_first_blocks (argon2_ctx_t a)
> iov[iov_count].len = 4 * 7;
> iov[iov_count].off = 0;
> iov_count++;
> - iov[iov_count].data = (void *)a->password;
> - iov[iov_count].len = a->passwordlen;
> - iov[iov_count].off = 0;
> - iov_count++;
> + if (a->passwordlen)
> + {
> + iov[iov_count].data = (void *)a->password;
> + iov[iov_count].len = a->passwordlen;
> + iov[iov_count].off = 0;
> + iov_count++;
> + }
>
> buf_put_le32 (buf[7], a->saltlen);
> iov[iov_count].data = buf[7];
> @@ -1861,7 +1864,7 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int subalgo,
> switch (algo)
> {
> case GCRY_KDF_ARGON2:
> - if (!inputlen || !saltlen)
> + if (!saltlen)
> ec = GPG_ERR_INV_VALUE;
> else
> ec = argon2_open (hd, subalgo, param, paramlen,
More information about the Gcrypt-devel
mailing list