From 3592f3da11ba6d830d700c2c987165ddc86345d8 Mon Sep 17 00:00:00 2001 From: wangzhiqiang Date: Mon, 30 Jan 2023 16:36:29 +0800 Subject: [PATCH] check whether the forced iteration count is out of range struct crypt_pbkdf_type has a uint32_t variable iterations, but PKCS5_PBKDF2_HMAC interface of openssl accept int variable, so return fail when it greater than INT_MAX. Signed-off-by: wangzhiqiang --- lib/crypto_backend/crypto_openssl.c | 2 +- lib/luks2/luks2_keyslot_luks2.c | 1 + man/cryptsetup.8 | 3 ++- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c index 0dbcb75..db400e4 100644 --- a/lib/crypto_backend/crypto_openssl.c +++ b/lib/crypto_backend/crypto_openssl.c @@ -541,7 +541,7 @@ int crypt_pbkdf(const char *kdf, const char *hash, uint32_t iterations, uint32_t memory, uint32_t parallel) { - if (!kdf) + if (!kdf || iterations > INT_MAX) return -EINVAL; if (!strcmp(kdf, "pbkdf2")) { diff --git a/lib/luks2/luks2_keyslot_luks2.c b/lib/luks2/luks2_keyslot_luks2.c index ea58112..509a391 100644 --- a/lib/luks2/luks2_keyslot_luks2.c +++ b/lib/luks2/luks2_keyslot_luks2.c @@ -254,6 +254,7 @@ static int luks2_keyslot_set_key(struct crypt_device *cd, pbkdf.iterations, pbkdf.max_memory_kb, pbkdf.parallel_threads); if (r < 0) { + log_err(cd, "Invalid parameter."); crypt_free_volume_key(derived_key); return r; } diff --git a/man/cryptsetup.8 b/man/cryptsetup.8 index c54480a..70d1f23 100644 --- a/man/cryptsetup.8 +++ b/man/cryptsetup.8 @@ -1132,7 +1132,8 @@ be used on some small embedded system. \fBMINIMAL AND MAXIMAL PBKDF COSTS:\fR For \fBPBKDF2\fR, the minimum iteration count is 1000 and -maximum is 4294967295 (maximum for 32bit unsigned integer). +maximum is 4294967295 (maximum for 32bit unsigned integer), +except openssl, which supports only 2147483647 (maximum for 32bit integer). Memory and parallel costs are unused for PBKDF2. For \fBArgon2i\fR and \fBArgon2id\fR, minimum iteration count (CPU cost) is 4 and maximum is 4294967295 (maximum for 32bit unsigned integer). -- 2.33.0