void kdf_decryption_key(const char *username, const char *password, int iterations, unsigned char hash[KDF_HASH_LEN])
{
_cleanup_free_ char *user_lower = xstrlower(username);
if (iterations < 1)
iterations = 1;
if (iterations == 1)
sha256_hash(user_lower, strlen(user_lower), password, strlen(password), hash);
else
pbkdf2_hash(user_lower, strlen(user_lower), password, strlen(password), iterations, hash);
mlock(hash, KDF_HASH_LEN);
}
unsigned int lastpass_iterations(const char *username)
{
_cleanup_free_ char *reply = NULL;
_cleanup_free_ char *user_lower = NULL;
user_lower = xstrlower(username);
reply = http_post_lastpass("iterations.php", NULL, NULL, "email", user_lower, NULL);
if (!reply)
return 0;
return strtoul(reply, NULL, 10);
}
void kdf_login_key(const char *username, const char *password, int iterations, char hex[KDF_HEX_LEN])
{
unsigned char hash[KDF_HASH_LEN];
size_t password_len;
_cleanup_free_ char *user_lower = xstrlower(username);
password_len = strlen(password);
if (iterations < 1)
iterations = 1;
if (iterations == 1) {
sha256_hash(user_lower, strlen(user_lower), password, password_len, hash);
bytes_to_hex(hash, &hex, KDF_HASH_LEN);
sha256_hash(hex, KDF_HEX_LEN - 1, password, password_len, hash);
} else {
pbkdf2_hash(user_lower, strlen(user_lower), password, password_len, iterations, hash);
pbkdf2_hash(password, password_len, (char *)hash, KDF_HASH_LEN, 1, hash);
}
bytes_to_hex(hash, &hex, KDF_HASH_LEN);
mlock(hex, KDF_HEX_LEN);
}
