diff options
| author | Jack Lloyd <[email protected]> | 2019-08-31 08:46:55 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2019-08-31 08:46:55 -0400 |
| commit | 453054494d614d09b5c3fd428b755d9d0478504b (patch) | |
| tree | 9a0e512a6d8aab1d6affdddcf3590126f45fcf8e /src | |
| parent | baac1a8497533c1f2f0e699cc6ddc5f8b263adfc (diff) | |
Fix PBKDF2 with zero iterations
It would go into a very long loop.
OpenSSL treats iterations==0 same as iterations==1 but this seems
confusing. Instead just reject it.
Unrelated, fix a divide by zero if asked to tune with 0 byte output.
Closes GH #2088
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/pbkdf/pbkdf2/pbkdf2.cpp | 6 | ||||
| -rw-r--r-- | src/tests/data/pbkdf/pbkdf2.vec | 6 |
2 files changed, 12 insertions, 0 deletions
diff --git a/src/lib/pbkdf/pbkdf2/pbkdf2.cpp b/src/lib/pbkdf/pbkdf2/pbkdf2.cpp index aa0081917..122d0fae3 100644 --- a/src/lib/pbkdf/pbkdf2/pbkdf2.cpp +++ b/src/lib/pbkdf/pbkdf2/pbkdf2.cpp @@ -60,6 +60,9 @@ size_t tune_pbkdf2(MessageAuthenticationCode& prf, size_t output_length, uint32_t msec) { + if(output_length == 0) + output_length = 1; + const size_t prf_sz = prf.output_length(); BOTAN_ASSERT_NOMSG(prf_sz > 0); secure_vector<uint8_t> U(prf_sz); @@ -109,6 +112,9 @@ void pbkdf2(MessageAuthenticationCode& prf, size_t salt_len, size_t iterations) { + if(iterations == 0) + throw Invalid_Argument("PBKDF2: Invalid iteration count"); + clear_mem(out, out_len); if(out_len == 0) diff --git a/src/tests/data/pbkdf/pbkdf2.vec b/src/tests/data/pbkdf/pbkdf2.vec index d4af333b8..60d250f39 100644 --- a/src/tests/data/pbkdf/pbkdf2.vec +++ b/src/tests/data/pbkdf/pbkdf2.vec @@ -49,6 +49,12 @@ Iterations = 1000 Passphrase = gwrxpqxumsdsmbmhfhmfdcvlcvngzkig Output = 4C9DB7BA24955225D5B845F65EF24EF1B0C6E86F2E39C8DDAA4B8ABD26082D1F350381FADEAEB560DC447AFC68A6B47E6EA1E7412F6CF7B2D82342FCCD11D3B4 +# Generated by OpenSSL +Passphrase = pass +Salt = 01020304 +Iterations = 1 +Output = D54FC7B6916F7AF26115B80BA435E66293BF935EE8CF3C0D6FB954B986E68A48 + [PBKDF2(HMAC(SHA-256))] Salt = 0001020304050607 Iterations = 10000 |