[Cryptech-Commits] [sw/libhal] 27/58: This time for sure, Rocky!

[git at cryptech.is]

This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch master
in repository sw/libhal.

commit e1029f9213ba3df2b3b1774c4085df9df67352de
Author: Rob Austein <sra at hactrn.net>
Date:   Fri Jun 5 15:23:31 2015 -0400

    This time for sure, Rocky!
---
 pbkdf2.c | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/pbkdf2.c b/pbkdf2.c
index 1ed8332..24d986f 100644
--- a/pbkdf2.c
+++ b/pbkdf2.c
@@ -86,7 +86,7 @@ hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
                        uint8_t       * derived_key,          size_t derived_key_length,
                        unsigned iterations_desired)
 {
-  uint8_t ac[HAL_MAX_HASH_DIGEST_LENGTH], mac[HAL_MAX_HASH_DIGEST_LENGTH];
+  uint8_t result[HAL_MAX_HASH_DIGEST_LENGTH], mac[HAL_MAX_HASH_DIGEST_LENGTH];
   uint8_t statebuf[1024];
   unsigned iteration;
   hal_error_t err;
@@ -99,15 +99,15 @@ hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
     return HAL_ERROR_BAD_ARGUMENTS;
 
   assert(sizeof(statebuf) >= descriptor->hmac_state_length);
-  assert(sizeof(ac)       >= descriptor->digest_length);
+  assert(sizeof(result)   >= descriptor->digest_length);
   assert(sizeof(mac)      >= descriptor->digest_length);
 
   /* Output length check per RFC 2989 5.2. */
   if ((uint64_t) derived_key_length > ((uint64_t) 0xFFFFFFFF) * descriptor->block_length)
     return HAL_ERROR_UNSUPPORTED_KEY;
 
-  memset(ac,  0, sizeof(ac));
-  memset(mac, 0, sizeof(mac));
+  memset(result, 0, sizeof(result));
+  memset(mac,    0, sizeof(mac));
 
   /*
    * We probably should check here to see whether the password is
@@ -126,43 +126,42 @@ hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
 
     /*
      * Initial HMAC is of the salt concatenated with the block count.
-     * This seeds the accumulator, and constitutes iteration one.
+     * This seeds the result, and constitutes iteration one.
      */
 
     if ((err = do_hmac(descriptor, password, password_length, salt, salt_length,
                        block, mac, sizeof(mac))) != HAL_OK)
       return err;
 
-    memcpy(ac, mac, descriptor->digest_length);
+    memcpy(result, mac, descriptor->digest_length);
 
     /*
      * Now iterate however many times the caller requested, XORing the
-     * result back into the accumulator on each iteration.
+     * HMAC back into the result on each iteration.
      */
 
     for (iteration = 2; iteration <= iterations_desired; iteration++) {
 
       if ((err = do_hmac(descriptor, password, password_length,
-                         ac, descriptor->digest_length,
+                         mac, descriptor->digest_length,
                          0, mac, sizeof(mac))) != HAL_OK)
         return err;
 
       for (i = 0; i < descriptor->digest_length; i++)
-        ac[i] ^= mac[i];
+        result[i] ^= mac[i];
     }
 
     /*
-     * Accumulator holds the generated block.  Save it, then exit or
-     * loop for another block.
+     * Save result block, then exit or loop for another block.
      */
 
     if (derived_key_length > descriptor->digest_length) {
-      memcpy(derived_key, ac, descriptor->digest_length);
-      derived_key        += descriptor->digest_length;
-      derived_key_length -= descriptor->digest_length;
+      memcpy(derived_key, result, descriptor->digest_length);
+      derived_key              += descriptor->digest_length;
+      derived_key_length       -= descriptor->digest_length;
     }
     else {
-      memcpy(derived_key, ac, derived_key_length);
+      memcpy(derived_key, result, derived_key_length);
       return HAL_OK;
     }
   }