Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2026-06-18 02:26:07 -05:00
Code Activity

Merge commit from fork

Browse Source 
* Fix wolfCrypt PBKDF2 key derivation

* Document wolfSSL PBKDF2 build option

* Handle wolfCrypt PBKDF2 failures
This commit is contained in:
VastBlast
2026-06-02 06:03:54 +00:00
committed by GitHub
parent bc84aa8c1e
commit 39f9391007
2 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Crypto/wolfCrypt.c
+24 -7
View File
@@ -3,7 +3,8 @@
#include "Aes.h" #include "Aes.h"
#include "Sha2.h" #include "Sha2.h"
#include "../Common/Crypto.h" #include "../Common/Crypto.h"
#include <wolfssl/wolfcrypt/hmac.h> #include "../Common/Pkcs5.h"
#include <wolfssl/wolfcrypt/pwdbased.h>
AES_RETURN aes_init() AES_RETURN aes_init()
@@ -232,12 +233,28 @@ void sha512(unsigned char * result, const unsigned char* source, uint_64t source
wc_Sha512Free(&sha512); wc_Sha512Free(&sha512);
} }
void derive_key_sha512 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen) { void derive_key_sha512 (const unsigned char *pwd, int pwd_len, const unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen
(void) iterations; #ifndef TC_WINDOWS_BOOT
wc_HKDF(WC_SHA512, (uint8*)pwd, (word32)pwd_len, (uint8*)salt, (word32)salt_len, NULL, 0, (uint8*)dk, (word32)dklen); , long volatile *pAbortKeyDerivation
#endif
)
{
#ifndef TC_WINDOWS_BOOT
(void) pAbortKeyDerivation;
#endif
if (wc_PBKDF2 ((byte*) dk, (const byte*) pwd, pwd_len, (const byte*) salt, salt_len, (int) iterations, dklen, WC_SHA512) != 0)
burn (dk, dklen);
} }
void derive_key_sha256 (unsigned char *pwd, int pwd_len, unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen) { void derive_key_sha256 (const unsigned char *pwd, int pwd_len, const unsigned char *salt, int salt_len, uint32 iterations, unsigned char *dk, int dklen
(void) iterations; #ifndef TC_WINDOWS_BOOT
wc_HKDF(WC_SHA256, (uint8*)pwd, (word32)pwd_len, (uint8*)salt, (word32)salt_len, NULL, 0, (uint8*)dk, (word32)dklen); , long volatile *pAbortKeyDerivation
#endif
)
{
#ifndef TC_WINDOWS_BOOT
(void) pAbortKeyDerivation;
#endif
if (wc_PBKDF2 ((byte*) dk, (const byte*) pwd, pwd_len, (const byte*) salt, salt_len, (int) iterations, dklen, WC_SHA256) != 0)
burn (dk, dklen);
} }
src/Crypto/wolfCrypt.md
+1 -1
View File
@@ -10,7 +10,7 @@ Clone wolfSSL and build it as shown below.
``` ```
git clone https://github.com/wolfssl/wolfssl && cd wolfssl git clone https://github.com/wolfssl/wolfssl && cd wolfssl
./autogen.sh ./autogen.sh
./configure --enable-xts CFLAGS="-DNO_OLD_WC_NAMES" ./configure --enable-xts --enable-pwdbased CFLAGS="-DNO_OLD_WC_NAMES"
make make
sudo make install sudo make install
``` ```