bcrypt: key expansion gets skipped if cost has a value of 31

[gopherbot]

by shreds-of-sanity@gmx.net:

Reference:
http://code.google.com/p/go/source/browse/bcrypt/bcrypt.go?spec=svn.crypto.75e869cbf335427fa8d03e0943662b56b1318ee8&;repo=crypto&r=fa541a5bd620ceb0b7c3c237c3a4f4840cc87fda#206

Description:
Calling GenerateFromPassword() with a "cost" of 31 results in an integer
overflow in expensiveBlowfishSetup(): the value of "rounds" becomes negative
(line 223) and the key expansion loop (line 224) won't be entered.

[minux]

Comment 1:

https://golang.org/cl/7329043

Labels changed: added priority-asap, go1.1, removed priority-triage, go1.1maybe.

Status changed to Accepted.

[rsc]

Comment 2:

Anything in a subrepo is not a Go1.1 bug.

Labels changed: removed go1.1.

[minux]

Comment 3:

This issue was closed by revision golang/crypto@eccdd12.

Status changed to Fixed.