Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: ghudson@mit.edu
Subject: git commit
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 1166


Enable PBKDF2 with SHA-256 and SHA-384

Rename krb5int_pbkdf2_hmac_sha1() to krb5int_pbkdf2_hmac() and add a
hash parameter.  In the OpenSSL implementation, look up the
corresponding PBKDF2 parameter based on the hash pointer.  In
pbkdf2_string_to_key(), pass the hash function for the key type if one
is present, and use SHA-1 if it does not (as for the Camellia
enctypes).

In the builtin implementation, use the hash provider instead of
assuming SHA-1.  Remove the functional parameterization of the PRF and
turn it into an hmac() helper function.  Use krb5int_hmac_keyblock()
to remove the need for a krb5_key object containing the password.
Rename the internal function from krb5int_pbkdf2() to pbkdf2().

https://github.com/krb5/krb5/commit/dc967ce5c4a03201b2a6ff477f6c4e33b07e90f0
Author: Greg Hudson <ghudson@mit.edu>
Commit: dc967ce5c4a03201b2a6ff477f6c4e33b07e90f0
Branch: master
 src/lib/crypto/builtin/pbkdf2.c |   93 +++++++++++++++++----------------------
 src/lib/crypto/krb/crypto_int.h |   12 +++---
 src/lib/crypto/krb/s2k_pbkdf2.c |    4 +-
 src/lib/crypto/openssl/pbkdf2.c |   27 ++++++++----
 4 files changed, 68 insertions(+), 68 deletions(-)