proposal: x/crypto/argon2: Check if the parameters and the key length are valid #65717
Description
Proposal Details
According to RFC 9106, the valid values for the parameters and the key length are:
-
$1 \leq t \leq 2^{32} - 1$ (number of passes,time) -
$8p \leq m \leq 2^{32} - 1$ (memory size,memory) -
$1 \leq p \leq 2^{24} - 1$ (degree of parallelism,threads) -
$4 \leq T \leq 2^{32} - 1$ (tag length,keyLen)
No need to check maximum values of time, memory and keyLen, since these are math.MaxUint32. Also, since threads is uint8, there is no need to check the maximum value.
The minimum values of time and threads are already checked. However, the minimum values of memory and keyLen seem not to be checked. So, I would suggest checking for these minimum values and either panic or return an error if they are invalid.
Examples
import "golang.org/x/crypto/argon2"
// `memory` is invalid
idKey := argon2.IDKey([]byte("passphrase"), salt, 3, 24, 4, 4)
// `keyLen` is invalid
key := argon2.Key([]byte("passphrase"), salt, 3, 32, 4, 3)