aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNIIBE Yutaka <[email protected]>2022-03-29 16:17:17 +0900
committerNIIBE Yutaka <[email protected]>2022-03-29 16:17:17 +0900
commit564739a58426d89db2f0c9334659949e503d2c59 (patch)
tree66028d7a110f4a620f077f89ce3334c8d1df26ae
parent5d6a1c396396ba7b44f11af10a9c51b1b573e03c (diff)
downloadlibgcrypt-564739a58426d89db2f0c9334659949e503d2c59.tar.gz
libgcrypt-564739a58426d89db2f0c9334659949e503d2c59.tar.bz2
libgcrypt-564739a58426d89db2f0c9334659949e503d2c59.zip
kdf:argon2: Fix for the case output > 64.
* cipher/blake2.c (blake2b_vl_hash): Fix the last step. * cipher/kdf.c (argon2_open): Check the value. -- Reported-by: Guido Vranken <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
-rw-r--r--cipher/blake2.c12
-rw-r--r--cipher/kdf.c3
2 files changed, 12 insertions, 3 deletions
diff --git a/cipher/blake2.c b/cipher/blake2.c
index a5926b95..d7f9a7e4 100644
--- a/cipher/blake2.c
+++ b/cipher/blake2.c
@@ -496,7 +496,7 @@ blake2b_vl_hash (const void *in, size_t inlen, size_t outputlen, void *output)
memcpy (output, ctx.buf, outputlen);
else
{
- int r = (outputlen-1)/32;
+ int r = (outputlen-1)/32 - 1;
unsigned int remained = outputlen - 32*r;
int i;
unsigned char d[64];
@@ -518,8 +518,14 @@ blake2b_vl_hash (const void *in, size_t inlen, size_t outputlen, void *output)
blake2b_final (&ctx);
}
- if (remained)
- memcpy ((unsigned char *)output+r*32, d+32, remained);
+ ec = blake2b_init_ctx (&ctx, 0, NULL, 0, remained*8);
+ if (ec)
+ return ec;
+
+ blake2b_write (&ctx, d, 64);
+ blake2b_final (&ctx);
+
+ memcpy ((unsigned char *)output+r*32, ctx.buf, remained);
}
wipememory (buf, sizeof (buf));
diff --git a/cipher/kdf.c b/cipher/kdf.c
index 3a47bed8..0e196432 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -843,6 +843,9 @@ argon2_open (gcry_kdf_hd_t *hd, int subalgo,
parallelism = (unsigned int)param[3];
}
+ if (parallelism == 0)
+ return GPG_ERR_INV_VALUE;
+
n = offsetof (struct argon2_context, out) + taglen;
a = xtrymalloc (n);
if (!a)