Fix PBKDF2 with zero iterations

It would go into a very long loop. OpenSSL treats iterations==0 same as iterations==1 but this seems confusing. Instead just reject it. Unrelated, fix a divide by zero if asked to tune with 0 byte output. Closes GH #2088
author: Jack Lloyd <[email protected]> 2019-08-31 08:46:55 -0400
committer: Jack Lloyd <[email protected]> 2019-08-31 08:46:55 -0400
commit: 453054494d614d09b5c3fd428b755d9d0478504b (patch)
tree: 9a0e512a6d8aab1d6affdddcf3590126f45fcf8e /src/lib/pbkdf
parent: baac1a8497533c1f2f0e699cc6ddc5f8b263adfc (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/src/lib/pbkdf/pbkdf2/pbkdf2.cpp b/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
index aa0081917..122d0fae3 100644
--- a/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
+++ b/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
@@ -60,6 +60,9 @@ size_t tune_pbkdf2(MessageAuthenticationCode& prf,
                    size_t output_length,
                    uint32_t msec)
    {
+   if(output_length == 0)
+      output_length = 1;
+
    const size_t prf_sz = prf.output_length();
    BOTAN_ASSERT_NOMSG(prf_sz > 0);
    secure_vector<uint8_t> U(prf_sz);
@@ -109,6 +112,9 @@ void pbkdf2(MessageAuthenticationCode& prf,
             size_t salt_len,
             size_t iterations)
    {
+   if(iterations == 0)
+      throw Invalid_Argument("PBKDF2: Invalid iteration count");
+
    clear_mem(out, out_len);
 
    if(out_len == 0)
author	Jack Lloyd <[email protected]>	2019-08-31 08:46:55 -0400
committer	Jack Lloyd <[email protected]>	2019-08-31 08:46:55 -0400
commit	453054494d614d09b5c3fd428b755d9d0478504b (patch)
tree	9a0e512a6d8aab1d6affdddcf3590126f45fcf8e /src/lib/pbkdf
parent	baac1a8497533c1f2f0e699cc6ddc5f8b263adfc (diff)