wc_scrypt: Code review feedback.

2021-10-28 15:02:53 -07:00
parent 0ecb81e74a
commit 39c9fa96bc
2 changed files with 10 additions and 7 deletions
--- a/wolfcrypt/src/pwdbased.c
+++ b/wolfcrypt/src/pwdbased.c
@ -567,9 +567,9 @@ int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd, int passLen,
 #define R(a, b) rotlFixed(a, b)

 /* (2^32 - 1) */
-#define WORD32_MAX 4294967295
+#define SCRYPT_WORD32_MAX 4294967295U
 /* (2^32 - 1) * 32, used in a couple of scrypt max calculations. */
-#define SCRYPT_MAX 137438953440
+#define SCRYPT_MAX 137438953440UL

 /* One round of Salsa20/8.
 * Code taken from RFC 7914: scrypt PBKDF.
@ -760,14 +760,11 @@ int wc_scrypt(byte* output, const byte* passwd, int passLen,
    if (cost < 1 || cost >= 128 * blockSize / 8 || parallel < 1 || dkLen < 1)
        return BAD_FUNC_ARG;

-    if (parallel > (SCRYPT_MAX / (128 * blockSize)))
-        return BAD_FUNC_ARG;
-
-    if (blockSize > (WORD32_MAX / 128))
+    if ((word32)parallel > (SCRYPT_MAX / (128 * blockSize)))
        return BAD_FUNC_ARG;

    bSz = 128 * blockSize;
-    if (parallel > (WORD32_MAX / bSz))
+    if ((word32)parallel > (SCRYPT_WORD32_MAX / bSz))
        return BAD_FUNC_ARG;
    blocksSz = bSz * parallel;
    blocks = (byte*)XMALLOC(blocksSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@ -20177,6 +20177,12 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
    if (XMEMCMP(derived, verify2, sizeof(verify2)) != 0)
        return -9203;

+    /* Test case with parallel overflowing */
+    ret = wc_scrypt(derived, (byte*)"password", 16, (byte*)"NaCl", 16, 2, 4, 8388608,
+                    sizeof(verify2));
+    if (ret != BAD_FUNC_ARG)
+        return -9210;
+
    /* Don't run these test on embedded, since they use large mallocs */
 #if !defined(BENCH_EMBEDDED) && !defined(WOLFSSL_LINUXKM) && !defined(HAVE_INTEL_QA)
    ret = wc_scrypt(derived, (byte*)"pleaseletmein", 13,