Modified use of PBKDF as per advice from CryptoPP mailing list.

maidsafe-archive · Oct 3, 2011 · d86127a · d86127a
1 parent f26aa22
commit d86127a
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 13 deletions.
diff --git a/maidsafe_common_lib/src/maidsafe/common/crypto.cc b/maidsafe_common_lib/src/maidsafe/common/crypto.cc
@@ -85,17 +85,20 @@ std::string XOR(const std::string &first, const std::string &second) {
 
 std::string SecurePassword(const std::string &password,
                            const std::string &salt,
-                           const uint32_t &pin) {
-  if (password.empty() || salt.empty() || pin == 0)
+                           const uint32_t &pin,
+                           const std::string &label) {
+  if (password.empty() || salt.empty() || pin == 0 || label.empty())
     return "";
-  byte purpose = 0;  // unused in this pbkdf implementation
-  uint16_t iter = (pin % 1000) + 1000;
+  uint16_t iter = (pin % 10000) + 10000;
   CryptoPP::PKCS5_PBKDF2_HMAC<CryptoPP::SHA512> pbkdf;
   CryptoPP::SecByteBlock derived(AES256_KeySize + AES256_IVSize);
+  byte purpose = 0;  // unused in this pbkdf implementation
+  CryptoPP::SecByteBlock context(salt.size() + label.size());
+  memcpy(&context[0], salt.data(), salt.size());
+  memcpy(&context[salt.size()], label.data(), label.size());
   pbkdf.DeriveKey(derived, derived.size(), purpose,
                   reinterpret_cast<const byte*>(password.data()),
-                  password.size(), reinterpret_cast<const byte*>(salt.data()),
-                  salt.size(), iter);
+                  password.size(), context.data(), context.size(), iter);
   std::string derived_password;
   CryptoPP::StringSink string_sink(derived_password);
   string_sink.Put(derived, derived.size());

diff --git a/maidsafe_common_lib/src/maidsafe/common/crypto.h b/maidsafe_common_lib/src/maidsafe/common/crypto.h
@@ -79,6 +79,10 @@ const uint16_t AES256_KeySize = 32;  /**< size in bytes. */
 const uint16_t  AES256_IVSize = 16;  /**< size in bytes. */
 const uint16_t  kMaxCompressionLevel = 9;
 
+static const std::string kMaidSafeVersionLabel1 =
+    "MaidSafe Version 1 Key Derivation";
+static const std::string kMaidSafeVersionLabel = kMaidSafeVersionLabel1;
+
 /** XOR one string with another.
  *  The function performs an bitwise XOR on each char of first with the
  *  corresponding char of second.  first and second must have identical size.
@@ -93,10 +97,12 @@ std::string XOR(const std::string &first, const std::string &second);
  *  @param password password.
  *  @param salt salt.
  *  @param pin PIN from which the number of iterations is derived.
+ *  @param label additional data to provide distinct input data to PBKDF
  *  @return The derived key. */
 std::string SecurePassword(const std::string &password,
                            const std::string &salt,
-                           const uint32_t &pin);
+                           const uint32_t &pin,
+                           const std::string &label = kMaidSafeVersionLabel);
 
 /** Hash function operating on a string.
  *  @tparam HashType type of hash function to use (e.g. SHA512)

diff --git a/maidsafe_common_lib/src/maidsafe/common/tests/crypto_test.cc b/maidsafe_common_lib/src/maidsafe/common/tests/crypto_test.cc
@@ -68,19 +68,17 @@ TEST(CryptoTest, BEH_SecurePasswordGeneration) {
   const std::string kKnownPassword1(DecodeFromHex("70617373776f7264"));
   const std::string kKnownSalt1(DecodeFromHex("1234567878563412"));
   const uint32_t kKnownIterations1(5);
-  const std::string kKnownDerived1(DecodeFromHex("0a89927670e292af98080a3"
-      "c3e2bdee4289b768de74570f9f470282756390fe36de6da2cbc407f4ecf6a9f62ef6249c"
-      "c"));
+  const std::string kKnownDerived1(DecodeFromHex("4391697b647773d2ac29693853dc6"
+      "6c21f036d36256a8b1e617b2364af10aee1e53d7d4ef0c237f40c539769e4f162e0"));
   EXPECT_EQ(kKnownDerived1, SecurePassword(kKnownPassword1,
             kKnownSalt1, kKnownIterations1));
   const std::string kKnownPassword2(DecodeFromHex("416c6c206e2d656e746974"
       "696573206d75737420636f6d6d756e69636174652077697468206f74686572206e2d656e"
       "74697469657320766961206e2d3120656e746974656568656568656573"));
   const std::string kKnownSalt2(DecodeFromHex("1234567878563412"));
   const uint32_t kKnownIterations2(500);
-  const std::string kKnownDerived2(DecodeFromHex("ecae5ed132d15bac4c67cc5"
-      "de7c4a5559ca448334bdf9dc8f2b9aa86a363ddaaf7b431a8456e51582508c74405dba27"
-      "9"));
+  const std::string kKnownDerived2(DecodeFromHex("c1999230ef5e0196b71598bb94524"
+      "7391fa3d53ca46e5bcf9c697256c7b131d3bcf310b523e05c3ffc14d7fd8511c840"));
   EXPECT_EQ(kKnownDerived2, SecurePassword(kKnownPassword2,
             kKnownSalt2, kKnownIterations2));
 }