mirrors
/
enchive
mirror of https://github.com/skeeto/enchive.git
1
0
Fork 0
Code Issues Releases Wiki Activity

In key derivation, mix passphrase second. 

This prevents the shortcut of pre-initializing the hash with the
passphrase. PBKDF2 doesn't have this feature.
pull/2/head
Christopher Wellons 2017-03-06 09:51:37 -05:00
parent 36909699f1
commit f426735681
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -44,9 +44,9 @@ and output.
### Key management
One of the core features of Enchive is the ability to derive an
asymmetric key pair from a passphrase (PBKDF2). This means you can
store your archive key in your brain! To access this feature, use the
`--derive` (`-d`) option with the `keygen` command.
asymmetric key pair from a passphrase (PBKDF2-like). This means you
can store your archive key in your brain! To access this feature, use
the `--derive` (`-d`) option with the `keygen` command.
$ enchive keygen --derive

2
src/enchive.c
View File

@ -341,8 +341,8 @@ key_derive(const char *passphrase,
sha256_final(ctx, buf);
for (i = 0; i < iterations; i++) {
sha256_init(ctx);
sha256_update(ctx, (u8 *)passphrase, len);
sha256_update(ctx, buf, sizeof(buf));
sha256_update(ctx, (u8 *)passphrase, len);
sha256_final(ctx, buf);
}
}