Commit 24d17987 authored by Ondrej Kozina's avatar Ondrej Kozina Committed by Milan Broz

Fix mistakes in pbkdf_type verification.

- hash is currently relevant only for pbkdf2
- time_ms may be unset (zero) if forced iterations
  are set.

Fixes #398.
parent 3e9d603f
......@@ -65,9 +65,15 @@ int verify_pbkdf_params(struct crypt_device *cd,
const char *pbkdf_type;
int r = 0;
if (!pbkdf->type || !pbkdf->hash || !pbkdf->time_ms)
if (!pbkdf->type ||
(!pbkdf->hash && !strcmp(pbkdf->type, "pbkdf2")))
return -EINVAL;
if (!pbkdf->time_ms && !(pbkdf->flags & CRYPT_PBKDF_NO_BENCHMARK)) {
log_err(cd, _("Requested PBKDF target time can not be zero."));
return -EINVAL;
}
/* TODO: initialise crypto and check the hash and pbkdf are both available */
r = crypt_parse_pbkdf(pbkdf->type, &pbkdf_type);
if (r < 0) {
......@@ -127,10 +133,6 @@ int verify_pbkdf_params(struct crypt_device *cd,
log_err(cd, _("Requested PBKDF parallel threads can not be zero."));
r = -EINVAL;
}
if (!pbkdf->time_ms) {
log_err(cd, _("Requested PBKDF target time can not be zero."));
r = -EINVAL;
}
return r;
}
......@@ -165,9 +167,9 @@ int init_pbkdf_type(struct crypt_device *cd,
* It will fail later anyway :-)
*/
type = strdup(pbkdf->type);
hash = strdup(pbkdf->hash);
hash = pbkdf->hash ? strdup(pbkdf->hash) : NULL;
if (!type || !hash) {
if (!type || (!hash && pbkdf->hash)) {
free(CONST_CAST(void*)type);
free(CONST_CAST(void*)hash);
return -ENOMEM;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment