Re: [PATCH] PKCS #5 PBKDF2

And a couple of comments on the implementation.

Simon Josefsson simon@josefsson.org writes:

• for (i = 1; i <= l; i++)
• {

•  memset (T, 0, hLen);
  

•  for (u = 1; u <= c; u++)
  

• {

•  hmac_set_key (outer, inner, state, hash, Plen, P);
  

•  if (u == 1)
  

•    {
  

•      tmp[0] = (i & 0xff000000) >> 24;
  

•      tmp[1] = (i & 0x00ff0000) >> 16;
  

•      tmp[2] = (i & 0x0000ff00) >> 8;
  

•      tmp[3] = (i & 0x000000ff) >> 0;
  

•      hmac_update (state, hash, Slen, S);
  

•      hmac_update (state, hash, 4, tmp);
  

•    }
  

•  else
  

•    {
  

•      hmac_set_key (outer, inner, state, hash, Plen, P);
  

•      hmac_update (state, hash, hLen, U);
  

•    }
  

•  hmac_digest (outer, inner, state, hash, hLen, U);
  

There's no need for all those hmac_set_key. You can set it once, and compute several macs usign the same key, each with a sequence of update, update, ..., update, digest.

If documentation or implementation doesn't agree, patches are appreciated.

•  for (k = 0; k < hLen; k++)
  

•    T[k] ^= U[k];
  

• }

And that's what memxor is for ;-)

Regards, /Niels