mirror of
https://github.com/jedisct1/libsodium.git
synced 2025-01-01 22:52:52 -07:00
Relax max sizes in argon2 decoding
This commit is contained in:
parent
17248540e3
commit
a814810a43
@ -177,13 +177,15 @@ int argon2_verify(const char *encoded, const void *pwd, const size_t pwdlen,
|
|||||||
argon2_context ctx;
|
argon2_context ctx;
|
||||||
uint8_t *out;
|
uint8_t *out;
|
||||||
int ret;
|
int ret;
|
||||||
|
uint32_t encoded_len;
|
||||||
|
|
||||||
memset(&ctx, 0, sizeof ctx);
|
memset(&ctx, 0, sizeof ctx);
|
||||||
|
|
||||||
/* max values, to be updated in decode_string */
|
/* max values, to be updated in decode_string */
|
||||||
ctx.adlen = 512;
|
encoded_len = strlen(encoded);
|
||||||
ctx.saltlen = 512;
|
ctx.adlen = encoded_len;
|
||||||
ctx.outlen = 512;
|
ctx.saltlen = encoded_len;
|
||||||
|
ctx.outlen = encoded_len;
|
||||||
|
|
||||||
ctx.ad = (uint8_t *) malloc(ctx.adlen);
|
ctx.ad = (uint8_t *) malloc(ctx.adlen);
|
||||||
ctx.salt = (uint8_t *) malloc(ctx.saltlen);
|
ctx.salt = (uint8_t *) malloc(ctx.saltlen);
|
||||||
|
@ -240,6 +240,7 @@ int argon2_hash(const uint32_t t_cost, const uint32_t m_cost,
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Verifies a password against an encoded string
|
* Verifies a password against an encoded string
|
||||||
|
* Encoded string is restricted as in validate_inputs()
|
||||||
* @param encoded String encoding parameters, salt, hash
|
* @param encoded String encoding parameters, salt, hash
|
||||||
* @param pwd Pointer to password
|
* @param pwd Pointer to password
|
||||||
* @pre Returns ARGON2_OK if successful
|
* @pre Returns ARGON2_OK if successful
|
||||||
|
Loading…
Reference in New Issue
Block a user