Extend NSData+Crypto to support PBKDF2 with SHA1 HMAC as dovecot is using it since v2.3.0. The format hashed passwords is {PBKDF2}$1$<salt>$<rounds>$<hashed value in hex> The implementation of pkcs#5 PBKDF2 is taken from openbsd (with minor adjustments) as OpenSSL and GnuTLS would require quite new versions to support this hash.
15 lines
365 B
C
15 lines
365 B
C
#ifndef PKCS5_PBKDF2_H
|
|
#define PKCS5_PBKDF2_H
|
|
|
|
#include <stddef.h>
|
|
#include <stdint.h>
|
|
|
|
#define PBKDF2_KEY_SIZE_SHA1 (20)
|
|
#define PBKDF2_SALT_LEN (16)
|
|
#define PBKDF2_DEFAULT_ROUNDS (5000)
|
|
|
|
int
|
|
pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt,
|
|
size_t salt_len, uint8_t *key, size_t key_len, unsigned int rounds);
|
|
|
|
#endif /* ! PKCS5_PBKDF2_H */ |