diff options
| author | Greg Hudson <ghudson@mit.edu> | 2010-11-20 00:31:46 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2010-11-20 00:31:46 +0000 |
| commit | 41acda8ebd3517c3d0f2184c09741cd10d061182 (patch) | |
| tree | dcc9695ff569763cfa96eff1c895d88d27721d12 /src/lib/crypto/krb/dk/stringtokey.c | |
| parent | 52bae3736c1835b8d7ba6b2e8bda370fe58f044b (diff) | |
| download | krb5-41acda8ebd3517c3d0f2184c09741cd10d061182.tar.gz krb5-41acda8ebd3517c3d0f2184c09741cd10d061182.tar.xz krb5-41acda8ebd3517c3d0f2184c09741cd10d061182.zip | |
Implement Camellia-CTS-CMAC instead of Camellia-CCM
Replace the Camellia-CCM enctypes with Camellia-CTS-CMAC. Still not
compiled in by default since we don't have enctype assignments yet.
ticket: 6822
target_verion: 1.9
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24524 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/krb/dk/stringtokey.c')
| -rw-r--r-- | src/lib/crypto/krb/dk/stringtokey.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/src/lib/crypto/krb/dk/stringtokey.c b/src/lib/crypto/krb/dk/stringtokey.c index 12ef67a01..779f51bdf 100644 --- a/src/lib/crypto/krb/dk/stringtokey.c +++ b/src/lib/crypto/krb/dk/stringtokey.c @@ -101,14 +101,13 @@ cleanup: } -#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */ #define MAX_ITERATION_COUNT 0x1000000L static krb5_error_code pbkdf2_string_to_key(const struct krb5_keytypes *ktp, const krb5_data *string, const krb5_data *salt, const krb5_data *pepper, const krb5_data *params, krb5_keyblock *key, - enum deriv_alg deriv_alg) + enum deriv_alg deriv_alg, unsigned long def_iter_count) { unsigned long iter_count; krb5_data out; @@ -129,7 +128,7 @@ pbkdf2_string_to_key(const struct krb5_keytypes *ktp, const krb5_data *string, return KRB5_ERR_BAD_S2K_PARAMS; } } else - iter_count = DEFAULT_ITERATION_COUNT; + iter_count = def_iter_count; /* This is not a protocol specification constraint; this is an implementation limit, which should eventually be controlled by @@ -182,20 +181,20 @@ krb5int_aes_string_to_key(const struct krb5_keytypes *ktp, krb5_keyblock *key) { return pbkdf2_string_to_key(ktp, string, salt, NULL, params, key, - DERIVE_RFC3961); + DERIVE_RFC3961, 4096); } -#ifdef CAMELLIA_CCM +#ifdef CAMELLIA krb5_error_code -krb5int_camellia_ccm_string_to_key(const struct krb5_keytypes *ktp, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key) +krb5int_camellia_string_to_key(const struct krb5_keytypes *ktp, + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key) { krb5_data pepper = string2data(ktp->name); return pbkdf2_string_to_key(ktp, string, salt, &pepper, params, key, - DERIVE_SP800_108_CMAC); + DERIVE_SP800_108_CMAC, 32768); } #endif |