Fix use of MaxDerivedKeyLength (GH #874)

Also fix memcpy with NULL buffer
weidai11 · Aug 16, 2019 · c0a5a06 · c0a5a06
1 parent 2ba9d3d
commit c0a5a06
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 17 deletions.
diff --git a/cryptlib.cpp b/cryptlib.cpp
@@ -334,12 +334,12 @@ void RandomNumberGenerator::GenerateIntoBufferedTransformation(BufferedTransform
 	}
 }
 
-size_t KeyDerivationFunction::MinDerivedLength() const
+size_t KeyDerivationFunction::MinDerivedKeyLength() const
 {
 	return 0;
 }
 
-size_t KeyDerivationFunction::MaxDerivedLength() const
+size_t KeyDerivationFunction::MaxDerivedKeyLength() const
 {
 	return static_cast<size_t>(-1);
 }

diff --git a/cryptlib.h b/cryptlib.h
@@ -1477,11 +1477,11 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE KeyDerivationFunction : public Algorithm
 
 	/// \brief Determine minimum number of bytes
 	/// \returns Minimum number of bytes which can be derived
-	virtual size_t MinDerivedLength() const;
+	virtual size_t MinDerivedKeyLength() const;
 
 	/// \brief Determine maximum number of bytes
 	/// \returns Maximum number of bytes which can be derived
-	virtual size_t MaxDerivedLength() const;
+	virtual size_t MaxDerivedKeyLength() const;
 
 	/// \brief Returns a valid key length for the derivation function
 	/// \param keylength the size of the derived key, in bytes

diff --git a/pwdbased.h b/pwdbased.h
@@ -82,8 +82,8 @@ class PKCS5_PBKDF1 : public PasswordBasedKeyDerivationFunction
 template <class T>
 size_t PKCS5_PBKDF1<T>::GetValidDerivedLength(size_t keylength) const
 {
-	if (keylength > MaxDerivedLength())
-		return MaxDerivedLength();
+	if (keylength > MaxDerivedKeyLength())
+		return MaxDerivedKeyLength();
 	return keylength;
 }
 
@@ -93,7 +93,7 @@ size_t PKCS5_PBKDF1<T>::DeriveKey(byte *derived, size_t derivedLen,
 {
 	CRYPTOPP_ASSERT(secret /*&& secretLen*/);
 	CRYPTOPP_ASSERT(derived && derivedLen);
-	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 
 	byte purpose = (byte)params.GetIntValueWithDefault("Purpose", 0);
 	unsigned int iterations = (unsigned int)params.GetIntValueWithDefault("Iterations", 1);
@@ -112,7 +112,7 @@ size_t PKCS5_PBKDF1<T>::DeriveKey(byte *derived, size_t derivedLen, byte purpose
 {
 	CRYPTOPP_ASSERT(secret /*&& secretLen*/);
 	CRYPTOPP_ASSERT(derived && derivedLen);
-	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 	CRYPTOPP_ASSERT(iterations > 0 || timeInSeconds > 0);
 	CRYPTOPP_UNUSED(purpose);
 
@@ -137,7 +137,8 @@ size_t PKCS5_PBKDF1<T>::DeriveKey(byte *derived, size_t derivedLen, byte purpose
 	for (i=1; i<iterations || (timeInSeconds && (i%128!=0 || timer.ElapsedTimeAsDouble() < timeInSeconds)); i++)
 		hash.CalculateDigest(buffer, buffer, buffer.size());
 
-	memcpy(derived, buffer, derivedLen);
+	if (derived)
+		memcpy(derived, buffer, derivedLen);
 	return i;
 }
 
@@ -206,8 +207,8 @@ class PKCS5_PBKDF2_HMAC : public PasswordBasedKeyDerivationFunction
 template <class T>
 size_t PKCS5_PBKDF2_HMAC<T>::GetValidDerivedLength(size_t keylength) const
 {
-	if (keylength > MaxDerivedLength())
-		return MaxDerivedLength();
+	if (keylength > MaxDerivedKeyLength())
+		return MaxDerivedKeyLength();
 	return keylength;
 }
 
@@ -217,7 +218,7 @@ size_t PKCS5_PBKDF2_HMAC<T>::DeriveKey(byte *derived, size_t derivedLen,
 {
 	CRYPTOPP_ASSERT(secret /*&& secretLen*/);
 	CRYPTOPP_ASSERT(derived && derivedLen);
-	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 
 	byte purpose = (byte)params.GetIntValueWithDefault("Purpose", 0);
 	unsigned int iterations = (unsigned int)params.GetIntValueWithDefault("Iterations", 1);
@@ -236,7 +237,7 @@ size_t PKCS5_PBKDF2_HMAC<T>::DeriveKey(byte *derived, size_t derivedLen, byte pu
 {
 	CRYPTOPP_ASSERT(secret /*&& secretLen*/);
 	CRYPTOPP_ASSERT(derived && derivedLen);
-	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 	CRYPTOPP_ASSERT(iterations > 0 || timeInSeconds > 0);
 	CRYPTOPP_UNUSED(purpose);
 
@@ -363,8 +364,8 @@ class PKCS12_PBKDF : public PasswordBasedKeyDerivationFunction
 template <class T>
 size_t PKCS12_PBKDF<T>::GetValidDerivedLength(size_t keylength) const
 {
-	if (keylength > MaxDerivedLength())
-		return MaxDerivedLength();
+	if (keylength > MaxDerivedKeyLength())
+		return MaxDerivedKeyLength();
 	return keylength;
 }
 
@@ -374,7 +375,7 @@ size_t PKCS12_PBKDF<T>::DeriveKey(byte *derived, size_t derivedLen,
 {
 	CRYPTOPP_ASSERT(secret /*&& secretLen*/);
 	CRYPTOPP_ASSERT(derived && derivedLen);
-	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 
 	byte purpose = (byte)params.GetIntValueWithDefault("Purpose", 0);
 	unsigned int iterations = (unsigned int)params.GetIntValueWithDefault("Iterations", 1);
@@ -394,7 +395,7 @@ size_t PKCS12_PBKDF<T>::DeriveKey(byte *derived, size_t derivedLen, byte purpose
 {
 	CRYPTOPP_ASSERT(secret /*&& secretLen*/);
 	CRYPTOPP_ASSERT(derived && derivedLen);
-	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+	CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 	CRYPTOPP_ASSERT(iterations > 0 || timeInSeconds > 0);
 
 	ThrowIfInvalidDerivedLength(derivedLen);