From b0f538525a2a6a55f0aeaf75fba33bb75d9170c7 Mon Sep 17 00:00:00 2001 From: Oscar Mira Date: Sun, 9 Feb 2020 12:46:49 +0100 Subject: [PATCH] Fix MemoryCost minimum value according to specs --- .../org/signal/argon2/Argon2BuilderTest.java | 20 ++++++++++++++++++- .../java/org/signal/argon2/Argon2Test.java | 12 ----------- .../main/java/org/signal/argon2/Argon2.java | 4 ++-- 3 files changed, 21 insertions(+), 15 deletions(-) diff --git a/android/argon2/src/androidTest/java/org/signal/argon2/Argon2BuilderTest.java b/android/argon2/src/androidTest/java/org/signal/argon2/Argon2BuilderTest.java index b2af77f..9a77268 100644 --- a/android/argon2/src/androidTest/java/org/signal/argon2/Argon2BuilderTest.java +++ b/android/argon2/src/androidTest/java/org/signal/argon2/Argon2BuilderTest.java @@ -16,7 +16,7 @@ import static org.signal.argon2.Type.Argon2id; public final class Argon2BuilderTest { @Test - public void memory_too_low() { + public void memory_negative() { Argon2.Builder builder = new Argon2.Builder(Version.LATEST) .type(Argon2id); @@ -24,6 +24,24 @@ public final class Argon2BuilderTest { .isExactlyInstanceOf(IllegalArgumentException.class); } + @Test + public void memory_too_low() { + Argon2.Builder builder = new Argon2.Builder(Version.LATEST) + .type(Argon2id); + + assertThatThrownBy(() -> builder.memoryCostKiB(7)) + .isExactlyInstanceOf(IllegalArgumentException.class); + + } + + @Test + public void memory_too_low_for_parallelism() { + Argon2.Builder builder = new Argon2.Builder(Version.LATEST) + .type(Argon2id); + assertThatThrownBy(() -> builder.memoryCostKiB(8).parallelism(2).build()) + .isExactlyInstanceOf(IllegalArgumentException.class); + } + @Test public void memory_too_high() { Argon2.Builder builder = new Argon2.Builder(Version.LATEST) diff --git a/android/argon2/src/androidTest/java/org/signal/argon2/Argon2Test.java b/android/argon2/src/androidTest/java/org/signal/argon2/Argon2Test.java index ba8a4df..3203026 100644 --- a/android/argon2/src/androidTest/java/org/signal/argon2/Argon2Test.java +++ b/android/argon2/src/androidTest/java/org/signal/argon2/Argon2Test.java @@ -222,18 +222,6 @@ public final class Argon2Test { ascii("password"), Argon2i)); } - @Test - public void memory_too_little() { - Argon2 argon2 = new Argon2.Builder(Version.LATEST) - .type(Argon2id) - .memoryCostOrder(2) - .build(); - - assertThatThrownBy(() -> argon2.hash(ascii("password"), ascii("diffsalt"))) - .isExactlyInstanceOf(Argon2Exception.class) - .hasMessageContaining("Memory cost is too small"); - } - @Test public void salt_too_short() { Argon2 argon2 = new Argon2.Builder(Version.LATEST) diff --git a/android/argon2/src/main/java/org/signal/argon2/Argon2.java b/android/argon2/src/main/java/org/signal/argon2/Argon2.java index 4a64d9d..4ee3756 100644 --- a/android/argon2/src/main/java/org/signal/argon2/Argon2.java +++ b/android/argon2/src/main/java/org/signal/argon2/Argon2.java @@ -92,8 +92,7 @@ public final class Argon2 { * Sets the memory usage of {@param kib} KiB. */ public Builder memoryCostKiB(int kib) { - if (kib < 4) throw new IllegalArgumentException("kib too small, minimum 4"); - if (kib % 4 != 0) throw new IllegalArgumentException("kib must be multiple of 4"); + if (kib < 8) throw new IllegalArgumentException("kib too small, minimum 8"); this.mCostKiB = kib; return this; } @@ -130,6 +129,7 @@ public final class Argon2 { } public Argon2 build() { + if (mCostKiB < (8 * parallelism)) throw new IllegalArgumentException("memory cost too small for given value of parallelism"); return new Argon2(this); } }