arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add additional asserts in Scrypt::ValidateParameters (GH #842) 

We still need to figure out what to do, but we can start warning users immediately.
pull/853/head
Jeffrey Walton 2019-05-19 18:52:37 -04:00
parent e3788aacc5
commit 2c0455edf8
No known key found for this signature in database
GPG Key ID: B36AB348921B1838
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
scrypt.cpp
View File

@ -184,6 +184,12 @@ size_t Scrypt::GetValidDerivedLength(size_t keylength) const
void Scrypt::ValidateParameters(size_t derivedLen, word64 cost, word64 blockSize, word64 parallelization) const void Scrypt::ValidateParameters(size_t derivedLen, word64 cost, word64 blockSize, word64 parallelization) const
{ {
// https://github.com/weidai11/cryptopp/issues/842
CRYPTOPP_ASSERT(derivedLen != 0);
CRYPTOPP_ASSERT(cost != 0);
CRYPTOPP_ASSERT(blockSize != 0);
CRYPTOPP_ASSERT(parallelization != 0);
// Optimizer should remove this on 32-bit platforms // Optimizer should remove this on 32-bit platforms
if (std::numeric_limits<size_t>::max() > std::numeric_limits<word32>::max()) if (std::numeric_limits<size_t>::max() > std::numeric_limits<word32>::max())
{ {
@ -274,7 +280,7 @@ size_t Scrypt::DeriveKey(byte*derived, size_t derivedLen, const byte*secret, siz
ThrowIfInvalidDerivedLength(derivedLen); ThrowIfInvalidDerivedLength(derivedLen);
ValidateParameters(derivedLen, cost, blockSize, parallel); ValidateParameters(derivedLen, cost, blockSize, parallel);
AlignedSecByteBlock B(static_cast<size_t>(blockSize * parallel * 128U)); AlignedSecByteBlock B(static_cast<size_t>(blockSize * parallel * 128U));
// 1: (B_0 ... B_{p-1}) <-- PBKDF2(P, S, 1, p * MFLen) // 1: (B_0 ... B_{p-1}) <-- PBKDF2(P, S, 1, p * MFLen)
PBKDF2_SHA256(B, B.size(), secret, secretLen, salt, saltLen, 1); PBKDF2_SHA256(B, B.size(), secret, secretLen, salt, saltLen, 1);