From 2c6fb87708e3de20ff7dafeecd2aa3cd7f264afb Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sun, 19 Feb 2017 12:31:05 +0100 Subject: [PATCH] Set crypto_pwhash_scryptsalsa208sha256_BYTES_MIN to 128 bits --- .../pwhash_scryptsalsa208sha256.c | 11 +++++++---- .../sodium/crypto_pwhash_scryptsalsa208sha256.h | 8 ++++---- test/default/pwhash_scrypt.exp | 3 ++- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c index 3f9ac58c..b5e5f43d 100644 --- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c +++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c @@ -155,11 +155,13 @@ crypto_pwhash_scryptsalsa208sha256(unsigned char * const out, uint32_t r; memset(out, 0, outlen); - if (passwdlen > SIZE_MAX || outlen > SIZE_MAX) { + if (passwdlen > crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX || + outlen > crypto_pwhash_scryptsalsa208sha256_BYTES_MAX) { errno = EFBIG; /* LCOV_EXCL_LINE */ return -1; /* LCOV_EXCL_LINE */ } - if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) { + if (outlen < crypto_pwhash_scryptsalsa208sha256_BYTES_MIN || + pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) { errno = EINVAL; /* LCOV_EXCL_LINE */ return -1; /* LCOV_EXCL_LINE */ } @@ -186,11 +188,12 @@ crypto_pwhash_scryptsalsa208sha256_str(char out[crypto_pwhash_scryptsalsa208sha2 uint32_t r; memset(out, 0, crypto_pwhash_scryptsalsa208sha256_STRBYTES); - if (passwdlen > SIZE_MAX) { + if (passwdlen > crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX) { errno = EFBIG; /* LCOV_EXCL_LINE */ return -1; /* LCOV_EXCL_LINE */ } - if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) { + if (passwdlen < crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN || + pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) { errno = EINVAL; /* LCOV_EXCL_LINE */ return -1; /* LCOV_EXCL_LINE */ } diff --git a/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h b/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h index 3053ab34..bcef2703 100644 --- a/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h +++ b/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h @@ -14,7 +14,7 @@ extern "C" { #endif -#define crypto_pwhash_scryptsalsa208sha256_BYTES_MIN 1 +#define crypto_pwhash_scryptsalsa208sha256_BYTES_MIN 16ULL SODIUM_EXPORT size_t crypto_pwhash_scryptsalsa208sha256_bytes_min(void); @@ -22,7 +22,7 @@ size_t crypto_pwhash_scryptsalsa208sha256_bytes_min(void); SODIUM_EXPORT size_t crypto_pwhash_scryptsalsa208sha256_bytes_max(void); -#define crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN 0 +#define crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN 0ULL SODIUM_EXPORT size_t crypto_pwhash_scryptsalsa208sha256_passwd_min(void); @@ -30,11 +30,11 @@ size_t crypto_pwhash_scryptsalsa208sha256_passwd_min(void); SODIUM_EXPORT size_t crypto_pwhash_scryptsalsa208sha256_passwd_max(void); -#define crypto_pwhash_scryptsalsa208sha256_SALTBYTES 32U +#define crypto_pwhash_scryptsalsa208sha256_SALTBYTES 32ULL SODIUM_EXPORT size_t crypto_pwhash_scryptsalsa208sha256_saltbytes(void); -#define crypto_pwhash_scryptsalsa208sha256_STRBYTES 102U +#define crypto_pwhash_scryptsalsa208sha256_STRBYTES 102ULL SODIUM_EXPORT size_t crypto_pwhash_scryptsalsa208sha256_strbytes(void); diff --git a/test/default/pwhash_scrypt.exp b/test/default/pwhash_scrypt.exp index 5c58d530..e0e892a2 100644 --- a/test/default/pwhash_scrypt.exp +++ b/test/default/pwhash_scrypt.exp @@ -1,7 +1,8 @@ 8d40f5f8c6a1791204f03e19a98cd74f918b6e331b39cfc2415e5014d7738b7bb0a83551fb14a035e07fdd4dc0c60c1a6822ac253918979f6324ff0c87cba75d3b91f88f41ca5414a0f152bdc4d636f42ab2250afd058c19ec31a3374d1bd7133289bf21513ff67cbf8482e626aee9864c58fd05f9ea02e508a10182b7d838157119866f072004987ef6c56683ed207705923921af9d76444a331a d985d4c278343a46d82af0c4268b7ae6b6d1d2dd289675ef45bfb6d0648bffe5bab8c91228f3a31b091154a9c1142670a07b92e70a298333066de07db9300e046fd7cacc99780804683df7babdfc9d019047178400b2875bde0a1ad824dda7a422d9ed48475af9a3876378dd3a2f206e34984e223afb82c0c1e4644c9a458f4666379fdd3e2d9206d87e3c32c3977f35826a27590baaa1ec1a3bd7d15a92bc84c95dcfc56c14fca7c4c9810162dfdf9dc08a191e79fe40250b7e07d3a9317d9a5cb56e1062c419a6cd6a9b73128e8ad79ab7efffbb3cc52c1f49f86d2ebb46e6e4846aecdb14c2d046f5380517ff8cc794e4a772a58b93083dad ee7e9e1369267ec555981f0ea088ff6f93953abfcb767d88ec3c46393d24cfbaba5e4e26e0f35b5d5259647748476d65cd8881c96f8cda049d9c877b2d33d932e67f4c0df2cb434b4b4900e0c49c3f8ba9663795420577e65d0b456201ad9162fbc485c7b44f2b34e6673aa3692c123021ee3b624c3bb22b808b89613d8ecc7b87da47f57152eb3f7b10ad206f6b09cb6935b347b5e42bc3b8c9c9bcd8d7b7c44929b367fc279dec48ea78e6ee3e2620d7459700bd0aedb1c9aa5a323ca94403927f5e5c2b73bda7c5c3287b62fe51874cfeb1dc3151cd886b26d83ece68833229d2d432798c602d85b0505947207d8430febbe901164b12ce -1828b82997 +pwhash failure +0000000000 bcc5c2fd785e4781d1201ed43d84925537e2a540d3de55f5812f29e9dd0a4a00451a5c8ddbb4862c03d45c75bf91b7fb49265feb667ad5c899fdbf2ca19eac67aa5e48595d5b02f8183ab07f71b1ce0d76e5df54919f63810ad0893ded7d1ca18fc956ec06ffd4c3d1f77a00ed53608947b25eea5df6bea02272be15815f974c321a2a9208674fdf59d1d798c2a12f1889df68b0c222b37ee9ef0d6391fc160b0281ec53073cb3a3706ce1d71c3af2f5237a1b3d8545d99012eecc0b4abb 82765c040c58c1810f8c053ef5c248556299385476bde44bdd91a0d9a239f24e9b1717fd8b23209ffa45b7aa7937296c601b79e77da99e8d2fda0ea4459be2d0900f5bc5a269b5488d873d4632d1baf75965e509ee24b12501a9ce3bbbd8b7d759987d545a1c221a363195e5802d768b3b9e00ebe5ac0ed8ad2362c1c4157b910a40f94adf2561a2b0d3e65dbb06f244e5ac44d362103df54c9b9175777b3db1cdadb03e977ab8a79baf1e1e18ec9f5d0f25c487ddc53d7e81910f83576b44e9caeece26e2eb376569ad3a8cdccbde8bc355210e ca9216d4127e2e4a6ee3584b49be106217bb61cc807016d46d0cfbb1fd722e2bbac33541386bdfeac41a299ead22790993fcaa8e1d23bd1c8426afa5ff4c08e731dc476ef834f142c32dfb2c1be12b9978802e63b2cd6f226b1a8df59f0c79154d7ef4296a68ec654538d987104f9a11aca1b7c83ab2ed8fd69da6b88f0bcbd27d3fea01329cecf10c57ec3ba163d57b38801bd6c3b31ce527b33717bb56a46f78fb96be9f2424a21b3284232388cbba6a74