diff options
author | Daniel P. Berrange <berrange@redhat.com> | 2016-09-12 12:50:12 +0100 |
---|---|---|
committer | Daniel P. Berrange <berrange@redhat.com> | 2016-09-19 16:30:42 +0100 |
commit | 59b060be184aff59cfa101c937c8139e66f452f2 (patch) | |
tree | 13d4ef9afbe1339633ecb47b64794d6da8a2a525 /crypto/pbkdf-nettle.c | |
parent | 0f2fa73ba0ca19ebdaccf0d1785583d6601411b6 (diff) | |
download | qemu-59b060be184aff59cfa101c937c8139e66f452f2.zip qemu-59b060be184aff59cfa101c937c8139e66f452f2.tar.gz qemu-59b060be184aff59cfa101c937c8139e66f452f2.tar.bz2 |
crypto: use uint64_t for pbkdf iteration count parameters
The qcrypto_pbkdf_count_iters method uses a 64 bit int
but then checks its value against INT32_MAX before
returning it. This bounds check is premature, because
the calling code may well scale the iteration count
by some value. It is thus better to return a 64-bit
integer and let the caller do range checking.
For consistency the qcrypto_pbkdf method is also changed
to accept a 64bit int, though this is somewhat academic
since nettle is limited to taking an 'int' while gcrypt
is limited to taking a 'long int'.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'crypto/pbkdf-nettle.c')
-rw-r--r-- | crypto/pbkdf-nettle.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/crypto/pbkdf-nettle.c b/crypto/pbkdf-nettle.c index d681a60..db81517 100644 --- a/crypto/pbkdf-nettle.c +++ b/crypto/pbkdf-nettle.c @@ -38,10 +38,16 @@ bool qcrypto_pbkdf2_supports(QCryptoHashAlgorithm hash) int qcrypto_pbkdf2(QCryptoHashAlgorithm hash, const uint8_t *key, size_t nkey, const uint8_t *salt, size_t nsalt, - unsigned int iterations, + uint64_t iterations, uint8_t *out, size_t nout, Error **errp) { + if (iterations > UINT_MAX) { + error_setg_errno(errp, ERANGE, + "PBKDF iterations %llu must be less than %u", + (long long unsigned)iterations, UINT_MAX); + return -1; + } switch (hash) { case QCRYPTO_HASH_ALG_SHA1: pbkdf2_hmac_sha1(nkey, key, |