crypto: use uint64_t for pbkdf iteration count parameters

The qcrypto_pbkdf_count_iters method uses a 64 bit int but then checks its value against INT32_MAX before returning it. This bounds check is premature, because the calling code may well scale the iteration count by some value. It is thus better to return a 64-bit integer and let the caller do range checking. For consistency the qcrypto_pbkdf method is also changed to accept a 64bit int, though this is somewhat academic since nettle is limited to taking an 'int' while gcrypt is limited to taking a 'long int'. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
author: Daniel P. Berrange <berrange@redhat.com> 2016-09-12 12:50:12 +0100
committer: Daniel P. Berrange <berrange@redhat.com> 2016-09-19 16:30:42 +0100
commit: 59b060be184aff59cfa101c937c8139e66f452f2 (patch)
tree: 13d4ef9afbe1339633ecb47b64794d6da8a2a525 /crypto/pbkdf-stub.c
parent: 0f2fa73ba0ca19ebdaccf0d1785583d6601411b6 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/pbkdf-stub.c b/crypto/pbkdf-stub.c
index 266a5051b7..a15044da42 100644
--- a/crypto/pbkdf-stub.c
+++ b/crypto/pbkdf-stub.c
@@ -32,7 +32,7 @@ int qcrypto_pbkdf2(QCryptoHashAlgorithm hash G_GNUC_UNUSED,
                    size_t nkey G_GNUC_UNUSED,
                    const uint8_t *salt G_GNUC_UNUSED,
                    size_t nsalt G_GNUC_UNUSED,
-                   unsigned int iterations G_GNUC_UNUSED,
+                   uint64_t iterations G_GNUC_UNUSED,
                    uint8_t *out G_GNUC_UNUSED,
                    size_t nout G_GNUC_UNUSED,
                    Error **errp)
author	Daniel P. Berrange <berrange@redhat.com>	2016-09-12 12:50:12 +0100
committer	Daniel P. Berrange <berrange@redhat.com>	2016-09-19 16:30:42 +0100
commit	59b060be184aff59cfa101c937c8139e66f452f2 (patch)
tree	13d4ef9afbe1339633ecb47b64794d6da8a2a525 /crypto/pbkdf-stub.c
parent	0f2fa73ba0ca19ebdaccf0d1785583d6601411b6 (diff)