[PATCH] kdf: Allow empty password for Argon2
Milan Broz
gmazyland at gmail.com
Thu Aug 11 21:54:26 CEST 2022
* cipher/kdf.c (_gcry_kdf_open) allow empty password for Argon2.
--
This patch fixes libcryptsetup requirement to support empty
passwords for PBKDF (and passes Argon2 test vectors there now).
Signed-off-by: Milan Broz <gmazyland at gmail.com>
---
cipher/kdf.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/cipher/kdf.c b/cipher/kdf.c
index d371bdd7..3e51e115 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -402,10 +402,13 @@ argon2_fill_first_blocks (argon2_ctx_t a)
iov[iov_count].len = 4 * 7;
iov[iov_count].off = 0;
iov_count++;
- iov[iov_count].data = (void *)a->password;
- iov[iov_count].len = a->passwordlen;
- iov[iov_count].off = 0;
- iov_count++;
+ if (a->passwordlen)
+ {
+ iov[iov_count].data = (void *)a->password;
+ iov[iov_count].len = a->passwordlen;
+ iov[iov_count].off = 0;
+ iov_count++;
+ }
buf_put_le32 (buf[7], a->saltlen);
iov[iov_count].data = buf[7];
@@ -1861,7 +1864,7 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int subalgo,
switch (algo)
{
case GCRY_KDF_ARGON2:
- if (!inputlen || !saltlen)
+ if (!saltlen)
ec = GPG_ERR_INV_VALUE;
else
ec = argon2_open (hd, subalgo, param, paramlen,
--
2.36.1
More information about the Gcrypt-devel
mailing list