jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

OpenSSL: Fix pbkdf2_sha1() wrapper

Browse source 
This was supposed to use the iterations parameter from the caller
instead of the hardcoded 4096. In practice, this did not have problems
for normal uses since that 4096 value was used in all cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-01-05 17:27:08 +02:00
parent 896e1b836f
commit a90c7d91a0
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/crypto/crypto_openssl.c
View file

@ -693,11 +693,11 @@ int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len,
#if OPENSSL_VERSION_NUMBER < 0x00908000
if (PKCS5_PBKDF2_HMAC_SHA1(passphrase, os_strlen(passphrase),
(unsigned char *) ssid,
ssid_len, 4096, buflen, buf) != 1)
ssid_len, iterations, buflen, buf) != 1)
return -1;
#else /* openssl < 0.9.8 */
if (PKCS5_PBKDF2_HMAC_SHA1(passphrase, os_strlen(passphrase), ssid,
ssid_len, 4096, buflen, buf) != 1)
ssid_len, iterations, buflen, buf) != 1)
return -1;
#endif /* openssl < 0.9.8 */
return 0;