Simon Josefsson simon@josefsson.org writes:
+void +pbkdf2_hmac (unsigned Plen, const uint8_t * P,
unsigned Slen, const uint8_t * S,const struct nettle_hash *hash,unsigned int c, unsigned dkLen, uint8_t * DK);
Maybe it would make more sense for pbkdf2 to use an arbitrary mac? The caller would provide the mac an dinitialize it with the password. And then the pbkdf2 functions takes the mac, the salt, count, and generates the key. Like
void pbkdf2 (void *mac_ctx, unsigned digest_size, nettle_hash_update_func *update, nettle_hash_digest_func *digest, unsigned length, uint8_t *dst, unsigned iterations, unsigned salt_length, const uint8_t *salt);
Example usage:
hmac_sha1_ctx ctx; uint8_t key[57];
hmac_sha1_set_key (&ctx, 8, "password"); pbkdf2 (&ctx, SHA1_DIGEST_SIZE, hmac_sha1_update, hmac_sha1_digest, sizeof(key), key, 4711, 6, "pepper");
Would that make sense? I guess one may also want some convenience macros/functions for using hmac-sha1 etc.
I think that design would even make the implementation more natural.
Regards, /Niels