So this is the code I am using as an example
Aes128KeyLength = 128/8;
//
// Allocate Key buffer
//
Aes128Key = (PBYTE) HeapAlloc( GetProcessHeap(), 0, Aes128KeyLength);
if( NULL == Aes128Key )
{
Status = STATUS_NO_MEMORY;
ReportError(Status);
goto cleanup;
}
//
// Derive the AES 128 key from the password
// Using PBKDF2
//
//
// Open an algorithm handle
//
Status = BCryptOpenAlgorithmProvider(
&KdfAlgHandle, // Alg Handle pointer
BCRYPT_PBKDF2_ALGORITHM, // Cryptographic Algorithm name (null terminated unicode string)
NULL, // Provider name; if null, the default provider is loaded
0); // Flags
if( !NT_SUCCESS(Status) )
{
ReportError(Status);
goto cleanup;
}
//
// Create a key handle to the password
//
Status = BCryptGenerateSymmetricKey(
KdfAlgHandle, // Algorithm Handle
&Aes128PasswordKeyHandle, // A pointer to a key handle
NULL, // Buffer that recieves the key object;NULL implies memory is allocated and freed by the function
0, // Size of the buffer in bytes
(PBYTE)Aes128Password, // Buffer that contains the key material
sizeof (Aes128Password), // Size of the buffer in bytes
0); // Flags
if( !NT_SUCCESS(Status) )
{
ReportError(Status);
goto cleanup;
}
//
// Derive AES key from the password
//
Status = BCryptKeyDerivation(
Aes128PasswordKeyHandle, // Handle to the password key
&PBKDF2Parameters, // Parameters to the KDF algorithm
Aes128Key, // Address of the buffer which recieves the derived bytes
Aes128KeyLength, // Size of the buffer in bytes
&ResultLength, // Variable that recieves number of bytes copied to above buffer
0); // Flags
if( !NT_SUCCESS(Status) )
{
ReportError(Status);
goto cleanup;
}
I am using hash_pbkdf2
function for the same thing on the PHP side.
in PHP i added echo hash_pbkdf2("sha256","PASSWORD", $salt,1000, 16, TRUE);
what is the reason for this? I have tried various standard tests I found online but still the output is not the same. I cannot see where I am possibly messing up. For the C code from the the number of iterations is 1000 along with the same value on the PHP side. All the values I am passing to the function are the same on the PHP and C side. yet the output on the C and PHP side the derived key is not the same? What am I doing wrong or Is there some capability issue I should be aware of?