arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update documentation 

Add asserts to Scrypt ValidateParameters
pull/627/head
Jeffrey Walton 2018-03-31 21:26:38 -04:00
parent 129d65d987
commit 2e8ccc7777
No known key found for this signature in database
GPG Key ID: B36AB348921B1838
2 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
scrypt.cpp
View File

@ -4,6 +4,7 @@
#include "pch.h" #include "pch.h"
#include "scrypt.h" #include "scrypt.h"
#include "algparam.h"
#include "argnames.h" #include "argnames.h"
#include "pwdbased.h" #include "pwdbased.h"
#include "stdcpp.h" #include "stdcpp.h"
@ -11,12 +12,12 @@
#include "misc.h" #include "misc.h"
#include "sha.h" #include "sha.h"
#include <sstream>
#ifdef _OPENMP #ifdef _OPENMP
# include <omp.h> # include <omp.h>
#endif #endif
#include <sstream>
ANONYMOUS_NAMESPACE_BEGIN ANONYMOUS_NAMESPACE_BEGIN
using CryptoPP::byte; using CryptoPP::byte;
@ -197,6 +198,7 @@ static inline void Smix(byte * B, size_t r, word64 N, byte * V, byte * XY)
// 10: B' <-- X // 10: B' <-- X
BlockCopy(B, X, 128 * r); BlockCopy(B, X, 128 * r);
} }
ANONYMOUS_NAMESPACE_END ANONYMOUS_NAMESPACE_END
NAMESPACE_BEGIN(CryptoPP) NAMESPACE_BEGIN(CryptoPP)
@ -242,17 +244,16 @@ void Scrypt::ValidateParameters(size_t derivedLen, word64 cost, word64 blockSize
bool bLimit = (maxElems >= static_cast<word128>(cost) * blockSize * 128U); bool bLimit = (maxElems >= static_cast<word128>(cost) * blockSize * 128U);
bool xyLimit = (maxElems >= static_cast<word128>(parallelization) * blockSize * 128U); bool xyLimit = (maxElems >= static_cast<word128>(parallelization) * blockSize * 128U);
bool vLimit = (maxElems >= static_cast<word128>(blockSize) * 256U + 64U); bool vLimit = (maxElems >= static_cast<word128>(blockSize) * 256U + 64U);
if (!bLimit || !xyLimit || !vLimit)
throw std::bad_alloc();
#else #else
const word64 maxElems = static_cast<word64>(SIZE_MAX); const word64 maxElems = static_cast<word64>(SIZE_MAX);
bool bLimit = (blockSize < maxElems / 128U / cost); bool bLimit = (blockSize < maxElems / 128U / cost);
bool xyLimit = (blockSize < maxElems / 128U / parallelization); bool xyLimit = (blockSize < maxElems / 128U / parallelization);
bool vLimit = (blockSize < (maxElems - 64U) / 256U); bool vLimit = (blockSize < (maxElems - 64U) / 256U);
#endif
CRYPTOPP_ASSERT(bLimit); CRYPTOPP_ASSERT(xyLimit); CRYPTOPP_ASSERT(vLimit);
if (!bLimit || !xyLimit || !vLimit) if (!bLimit || !xyLimit || !vLimit)
throw std::bad_alloc(); throw std::bad_alloc();
#endif
} }
size_t Scrypt::DeriveKey(byte *derived, size_t derivedLen, size_t Scrypt::DeriveKey(byte *derived, size_t derivedLen,

8
scrypt.h
View File

@ -15,12 +15,13 @@
#include "cryptlib.h" #include "cryptlib.h"
#include "secblock.h" #include "secblock.h"
#include "algparam.h"
NAMESPACE_BEGIN(CryptoPP) NAMESPACE_BEGIN(CryptoPP)
/// \brief Scrypt key derivation function /// \brief Scrypt key derivation function
/// \sa <A HREF="https://www.tarsnap.com/scrypt.html">The scrypt key derivation function</A> /// \sa <A HREF="https://www.tarsnap.com/scrypt/scrypt.pdf">Stronger Key Derivation via
/// Sequential Memory-Hard Functions</a>,
/// <A HREF="https://www.tarsnap.com/scrypt.html">The scrypt key derivation function</A>
/// and <A HREF="https://tools.ietf.org/html/rfc7914">RFC 7914, The scrypt Password-Based /// and <A HREF="https://tools.ietf.org/html/rfc7914">RFC 7914, The scrypt Password-Based
/// Key Derivation Function</A> /// Key Derivation Function</A>
/// \since Crypto++ 6.2 /// \since Crypto++ 6.2
@ -71,9 +72,6 @@ public:
/// size. /// size.
/// \details The <tt>parallelization</tt> parameter ("p" in the documents) is a positive /// \details The <tt>parallelization</tt> parameter ("p" in the documents) is a positive
/// integer less than or equal to <tt>((2^32-1) * 32) / (128 * r)</tt>. /// integer less than or equal to <tt>((2^32-1) * 32) / (128 * r)</tt>.
/// \details Crypto++ uses <tt>size_t</tt> for its size datatype, and limits are
/// based on the 32-bit version of <tt>size_t</tt>. For example, <tt>cost</tt> is
/// limited to <tt>0xffffffff</tt> instead of <tt>2^(128 * r / 8)</tt>.
/// \details Scrypt always returns 1 because it only performs 1 iteration. Other /// \details Scrypt always returns 1 because it only performs 1 iteration. Other
/// derivation functions, like PBKDF's, will return more interesting values. /// derivation functions, like PBKDF's, will return more interesting values.
size_t DeriveKey(byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, size_t DeriveKey(byte *derived, size_t derivedLen, const byte *secret, size_t secretLen,