[Cryptech-Commits] [sw/libhal] 02/03: PBKDF2 works better if we generate the right number of output bytes.
git at cryptech.is
git at cryptech.is
Thu May 26 04:11:08 UTC 2016
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch master
in repository sw/libhal.
commit 8e6b461094305f47a1f0145eed636ca95cb5c8e5
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Wed May 25 23:26:36 2016 -0400
PBKDF2 works better if we generate the right number of output bytes.
---
last_gasp_pin_internal.h | 4 ++--
utils/last_gasp_default_pin | 4 ++++
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/last_gasp_pin_internal.h b/last_gasp_pin_internal.h
index 13c3078..62dc1e5 100644
--- a/last_gasp_pin_internal.h
+++ b/last_gasp_pin_internal.h
@@ -4,6 +4,6 @@
static const hal_ks_pin_t hal_last_gasp_pin = {
100000,
- {0xc1, 0xdb, 0xbf, 0x89, 0x5b, 0xd4, 0xa5, 0x64, 0xfb, 0xbc, 0x33, 0xcb, 0xf8, 0x5a, 0xb0, 0xfa, 0xa8, 0x13, 0xd8, 0x9e, 0x28, 0xdf, 0x28, 0x15, 0x21, 0x0d, 0x7e, 0x9d, 0x53, 0xd9, 0xfc, 0x32},
- {0xb3, 0xbf, 0x4d, 0xcd, 0xa2, 0x1a, 0x96, 0x63, 0x2b, 0xc4, 0x0c, 0xdb, 0xa1, 0x5d, 0x34, 0xfa}
+ {0xb0, 0x1a, 0xfb, 0xa8, 0xe9, 0x03, 0x99, 0xd5, 0xf6, 0xff, 0x33, 0x06, 0x7b, 0x64, 0xf2, 0x01, 0x0a, 0x13, 0x21, 0x9a, 0xf9, 0xe3, 0xfd, 0x26, 0x49, 0xe7, 0xbb, 0xca, 0xc0, 0xf0, 0x2e, 0x7d},
+ {0xc1, 0x87, 0x1d, 0xf2, 0x4c, 0xf4, 0xd9, 0xe7, 0x68, 0xfa, 0x62, 0xec, 0xac, 0x2d, 0xb7, 0x10}
};
diff --git a/utils/last_gasp_default_pin b/utils/last_gasp_default_pin
index e0d9839..c2ca965 100755
--- a/utils/last_gasp_default_pin
+++ b/utils/last_gasp_default_pin
@@ -56,6 +56,10 @@ parser.add_argument("-i", "--iterations",
type = int,
default = 100000,
help = "PBKDF2 iteration count")
+parser.add_argument("-d", "--derived-key-length",
+ type = int,
+ default = 64,
+ help = "length of BPKDF2 output (must match libhal)")
args = parser.parse_args()
def HMAC_SHA256(pin, salt):
More information about the Commits
mailing list