[PATCH 2/2] kdf: Allow empty password for Argon2

Milan Broz gmazyland at gmail.com
Thu Aug 18 16:18:42 CEST 2022 

* cipher/kdf.c (_gcry_kdf_open) allow empty password for Argon2.
--

This patch fixes libcryptsetup requirement to support empty
passwords for PBKDF (and passes Argon2 test vectors there now).

Signed-off-by: Milan Broz <gmazyland at gmail.com>
---
 cipher/kdf.c  | 13 ++++++++-----
 tests/t-kdf.c | 26 ++++++++++++++++++++++++++
 2 files changed, 34 insertions(+), 5 deletions(-)

diff --git a/cipher/kdf.c b/cipher/kdf.c
index d371bdd7..3e51e115 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -402,10 +402,13 @@ argon2_fill_first_blocks (argon2_ctx_t a)
   iov[iov_count].len = 4 * 7;
   iov[iov_count].off = 0;
   iov_count++;
-  iov[iov_count].data = (void *)a->password;
-  iov[iov_count].len = a->passwordlen;
-  iov[iov_count].off = 0;
-  iov_count++;
+  if (a->passwordlen)
+    {
+      iov[iov_count].data = (void *)a->password;
+      iov[iov_count].len = a->passwordlen;
+      iov[iov_count].off = 0;
+      iov_count++;
+    }
 
   buf_put_le32 (buf[7], a->saltlen);
   iov[iov_count].data = buf[7];
@@ -1861,7 +1864,7 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int subalgo,
   switch (algo)
     {
     case GCRY_KDF_ARGON2:
-      if (!inputlen || !saltlen)
+      if (!saltlen)
         ec = GPG_ERR_INV_VALUE;
       else
         ec = argon2_open (hd, subalgo, param, paramlen,
diff --git a/tests/t-kdf.c b/tests/t-kdf.c
index 17402762..c0192d7b 100644
--- a/tests/t-kdf.c
+++ b/tests/t-kdf.c
@@ -1471,6 +1471,32 @@ check_argon2 (void)
       "\x0d\x64\x0d\xf5\x8d\x78\x76\x6c\x08\xc0\x37\xa3\x4a\x8b\x53\xc9"
       "\xd0\x1e\xf0\x45\x2d\x75\xb6\x5e\xb5\x25\x20\xe9\x6b\x01\xe6\x59"
     },
+    {
+      /* empty password */
+      GCRY_KDF_ARGON2I,
+      { 32, 3, 128, 1 },
+      0, NULL,
+      16,
+      "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+      0, NULL,
+      0, NULL,
+      32,
+      "\xbb\x1f\xf2\xb9\x9f\xd4\x4a\xd9\xdf\x7f\xb9\x54\x55\x9e\xb8\xeb"
+      "\xb5\x9d\xab\xce\x2e\x62\x9f\x9b\x89\x09\xfe\xde\x57\xcc\x63\x86"
+    },
+    {
+      /* empty password */
+      GCRY_KDF_ARGON2ID,
+      { 32, 3, 128, 1 },
+      0, NULL,
+      16,
+      "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+      0, NULL,
+      0, NULL,
+      32,
+      "\x09\x2f\x38\x35\xac\xb2\x43\x92\x93\xeb\xcd\xe8\x04\x16\x6a\x31"
+      "\xce\x14\xd4\x55\xdb\xd8\xf7\xe6\xb4\xf5\x9d\x64\x8e\xd0\x3a\xdb"
+    },
   };
   unsigned char out[32];
   int i;
-- 
2.37.2

More information about the Gcrypt-devel mailing list