Commit `d1b1e542a0`

Frank Denis <github@pureftpd.org>

2021-03-16 18:34:02

crypto/pbkdf2: simplify the check for the max number of iterations

master

1 parent 6787f16

Changed files (1)

lib

std

crypto

pbkdf2.zig

@@ -67,8 +67,8 @@ pub fn pbkdf2(derivedKey: []u8, password: []const u8, salt: []const u8, rounds:
     //   1. If dkLen > maxInt(u32) * hLen, output "derived key too long" and
     //      stop.
     //
-    if (comptime (maxInt(usize) > maxInt(u32) * hLen) and (dkLen > @as(usize, maxInt(u32) * hLen))) {
-        // If maxInt(usize) is less than `maxInt(u32) * hLen` then dkLen is always inbounds
+    if (dkLen / hLen >= maxInt(u32)) {
+        // Counter starts at 1 and is 32 bit, so if we have to return more blocks, we would overflow
         return error.OutputTooLong;
     }

Commit d1b1e542a0

Commit `d1b1e542a0`