Fix use of MaxDerivedKeyLength (GH #874)

cryptlib.cpp

@@ -344,10 +344,10 @@ size_t KeyDerivationFunction::MaxDerivedKeyLength() const
  return static_cast<size_t>(-1);
 }
 
-void KeyDerivationFunction::ThrowIfInvalidDerivedLength(size_t length) const
+void KeyDerivationFunction::ThrowIfInvalidDerivedKeyLength(size_t length) const
 {
  if (!IsValidDerivedLength(length))
- throw InvalidDerivedLength(GetAlgorithm().AlgorithmName(), length);
+ throw InvalidDerivedKeyLength(GetAlgorithm().AlgorithmName(), length);
 }
 
 void KeyDerivationFunction::SetParameters(const NameValuePairs& params) {

cryptlib.h

@@ -1503,7 +1503,7 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE KeyDerivationFunction : public Algorithm
  /// \param secretLen the size of the secret buffer, in bytes
  /// \param params additional initialization parameters to configure this object
  /// \returns the number of iterations performed
- /// \throws InvalidDerivedLength if <tt>derivedLen</tt> is invalid for the scheme
+ /// \throws InvalidDerivedKeyLength if <tt>derivedLen</tt> is invalid for the scheme
  /// \details DeriveKey() provides a standard interface to derive a key from
  /// a secret seed and other parameters. Each class that derives from KeyDerivationFunction
  /// provides an overload that accepts most parameters used by the derivation function.
@@ -1525,7 +1525,7 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE KeyDerivationFunction : public Algorithm
  /// \brief Validates the derived key length
  /// \param length the size of the derived key material, in bytes
  /// \throws InvalidKeyLength if the key length is invalid
- void ThrowIfInvalidDerivedLength(size_t length) const;
+ void ThrowIfInvalidDerivedKeyLength(size_t length) const;
 };
 
 /// \brief Interface for password based key derivation functions

hkdf.h

@@ -39,7 +39,7 @@ class HKDF : public KeyDerivationFunction
  }
 
  // KeyDerivationFunction interface
- size_t MaxDerivedLength() const {
+ size_t MaxDerivedKeyLength() const {
  return static_cast<size_t>(T::DIGESTSIZE) * 255;
  }
 
@@ -60,7 +60,7 @@ class HKDF : public KeyDerivationFunction
  /// \param info the additional input buffer
  /// \param infoLen the size of the info buffer, in bytes
  /// \returns the number of iterations performed
- /// \throws InvalidDerivedLength if <tt>derivedLen</tt> is invalid for the scheme
+ /// \throws InvalidDerivedKeyLength if <tt>derivedLen</tt> is invalid for the scheme
  /// \details DeriveKey() provides a standard interface to derive a key from
  /// a seed and other parameters. Each class that derives from KeyDerivationFunction
  /// provides an overload that accepts most parameters used by the derivation function.
@@ -92,8 +92,8 @@ class HKDF : public KeyDerivationFunction
 template <class T>
 size_t HKDF<T>::GetValidDerivedLength(size_t keylength) const
 {
- if (keylength > MaxDerivedLength())
- return MaxDerivedLength();
+ if (keylength > MaxDerivedKeyLength())
+ return MaxDerivedKeyLength();
  return keylength;
 }
 
@@ -103,7 +103,7 @@ size_t HKDF<T>::DeriveKey(byte *derived, size_t derivedLen,
 {
  CRYPTOPP_ASSERT(secret && secretLen);
  CRYPTOPP_ASSERT(derived && derivedLen);
- CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+ CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 
  ConstByteArrayParameter p;
  SecByteBlock salt, info;
@@ -127,9 +127,9 @@ size_t HKDF<T>::DeriveKey(byte *derived, size_t derivedLen, const byte *secret,
 {
  CRYPTOPP_ASSERT(secret && secretLen);
  CRYPTOPP_ASSERT(derived && derivedLen);
- CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+ CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 
- ThrowIfInvalidDerivedLength(derivedLen);
+ ThrowIfInvalidDerivedKeyLength(derivedLen);
 
  // HKDF business logic. NULL is different than empty.
  if (salt == NULLPTR)

pwdbased.h

@@ -61,7 +61,7 @@ class PKCS5_PBKDF1 : public PasswordBasedKeyDerivationFunction
  /// \param iterations the number of iterations
  /// \param timeInSeconds the in seconds
  /// \returns the number of iterations performed
- /// \throws InvalidDerivedLength if <tt>derivedLen</tt> is invalid for the scheme
+ /// \throws InvalidDerivedKeyLength if <tt>derivedLen</tt> is invalid for the scheme
  /// \details DeriveKey() provides a standard interface to derive a key from
  /// a seed and other parameters. Each class that derives from KeyDerivationFunction
  /// provides an overload that accepts most parameters used by the derivation function.
@@ -116,7 +116,7 @@ size_t PKCS5_PBKDF1<T>::DeriveKey(byte *derived, size_t derivedLen, byte purpose
  CRYPTOPP_ASSERT(iterations > 0 || timeInSeconds > 0);
  CRYPTOPP_UNUSED(purpose);
 
- ThrowIfInvalidDerivedLength(derivedLen);
+ ThrowIfInvalidDerivedKeyLength(derivedLen);
 
  // Business logic
  if (!iterations) { iterations = 1; }
@@ -187,7 +187,7 @@ class PKCS5_PBKDF2_HMAC : public PasswordBasedKeyDerivationFunction
  /// \param iterations the number of iterations
  /// \param timeInSeconds the in seconds
  /// \returns the number of iterations performed
- /// \throws InvalidDerivedLength if <tt>derivedLen</tt> is invalid for the scheme
+ /// \throws InvalidDerivedKeyLength if <tt>derivedLen</tt> is invalid for the scheme
  /// \details DeriveKey() provides a standard interface to derive a key from
  /// a seed and other parameters. Each class that derives from KeyDerivationFunction
  /// provides an overload that accepts most parameters used by the derivation function.
@@ -241,7 +241,7 @@ size_t PKCS5_PBKDF2_HMAC<T>::DeriveKey(byte *derived, size_t derivedLen, byte pu
  CRYPTOPP_ASSERT(iterations > 0 || timeInSeconds > 0);
  CRYPTOPP_UNUSED(purpose);
 
- ThrowIfInvalidDerivedLength(derivedLen);
+ ThrowIfInvalidDerivedKeyLength(derivedLen);
 
  // Business logic
  if (!iterations) { iterations = 1; }
@@ -344,7 +344,7 @@ class PKCS12_PBKDF : public PasswordBasedKeyDerivationFunction
  /// \param iterations the number of iterations
  /// \param timeInSeconds the in seconds
  /// \returns the number of iterations performed
- /// \throws InvalidDerivedLength if <tt>derivedLen</tt> is invalid for the scheme
+ /// \throws InvalidDerivedKeyLength if <tt>derivedLen</tt> is invalid for the scheme
  /// \details DeriveKey() provides a standard interface to derive a key from
  /// a seed and other parameters. Each class that derives from KeyDerivationFunction
  /// provides an overload that accepts most parameters used by the derivation function.
@@ -398,7 +398,7 @@ size_t PKCS12_PBKDF<T>::DeriveKey(byte *derived, size_t derivedLen, byte purpose
  CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
  CRYPTOPP_ASSERT(iterations > 0 || timeInSeconds > 0);
 
- ThrowIfInvalidDerivedLength(derivedLen);
+ ThrowIfInvalidDerivedKeyLength(derivedLen);
 
  // Business logic
  if (!iterations) { iterations = 1; }

scrypt.cpp

@@ -177,8 +177,8 @@ NAMESPACE_BEGIN(CryptoPP)
 
 size_t Scrypt::GetValidDerivedLength(size_t keylength) const
 {
- if (keylength > MaxDerivedLength())
- return MaxDerivedLength();
+ if (keylength > MaxDerivedKeyLength())
+ return MaxDerivedKeyLength();
  return keylength;
 }
 
@@ -261,7 +261,7 @@ size_t Scrypt::DeriveKey(byte*derived, size_t derivedLen,
 {
  CRYPTOPP_ASSERT(secret /*&& secretLen*/);
  CRYPTOPP_ASSERT(derived && derivedLen);
- CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+ CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 
  word64 cost=0, blockSize=0, parallelization=0;
  if(params.GetValue("Cost", cost) == false)
@@ -284,9 +284,9 @@ size_t Scrypt::DeriveKey(byte*derived, size_t derivedLen, const byte*secret, siz
 {
  CRYPTOPP_ASSERT(secret /*&& secretLen*/);
  CRYPTOPP_ASSERT(derived && derivedLen);
- CRYPTOPP_ASSERT(derivedLen <= MaxDerivedLength());
+ CRYPTOPP_ASSERT(derivedLen <= MaxDerivedKeyLength());
 
- ThrowIfInvalidDerivedLength(derivedLen);
+ ThrowIfInvalidDerivedKeyLength(derivedLen);
  ValidateParameters(derivedLen, cost, blockSize, parallel);
 
  AlignedSecByteBlock B(static_cast<size_t>(blockSize * parallel * 128U));

scrypt.h

@@ -45,8 +45,8 @@ class Scrypt : public KeyDerivationFunction
  }
 
  // KeyDerivationFunction interface
- size_t MaxDerivedLength() const {
- return static_cast<size_t>(-1);
+ size_t MaxDerivedKeyLength() const {
+ return static_cast<size_t>(0)-1;
  }
 
  // KeyDerivationFunction interface
@@ -67,7 +67,7 @@ class Scrypt : public KeyDerivationFunction
  /// \param blockSize the block size
  /// \param parallelization the parallelization factor
  /// \returns the number of iterations performed
- /// \throws InvalidDerivedLength if <tt>derivedLen</tt> is invalid for the scheme
+ /// \throws InvalidDerivedKeyLength if <tt>derivedLen</tt> is invalid for the scheme
  /// \details DeriveKey() provides a standard interface to derive a key from
  /// a seed and other parameters. Each class that derives from KeyDerivationFunction
  /// provides an overload that accepts most parameters used by the derivation function.

simple.h

@@ -70,10 +70,10 @@ class CRYPTOPP_DLL InvalidBlockSize : public InvalidArgument
 };
 
 /// \brief Exception thrown when an invalid derived key length is encountered
-class CRYPTOPP_DLL InvalidDerivedLength : public InvalidArgument
+class CRYPTOPP_DLL InvalidDerivedKeyLength : public InvalidArgument
 {
 public:
- explicit InvalidDerivedLength(const std::string &algorithm, size_t length) : InvalidArgument(algorithm + ": " + IntToString(length) + " is not a valid derived key length") {}
+ explicit InvalidDerivedKeyLength(const std::string &algorithm, size_t length) : InvalidArgument(algorithm + ": " + IntToString(length) + " is not a valid derived key length") {}
 };
 
 /// \brief Exception thrown when an invalid personalization string length is encountered