diff --git a/src/CryptoDerivation.ts b/src/CryptoDerivation.ts index 80b07a9..60447fe 100644 --- a/src/CryptoDerivation.ts +++ b/src/CryptoDerivation.ts @@ -42,18 +42,22 @@ export class CryptoDerivation implements ICryptoDerivation { memlimit = 8192 ): Promise { const sodium: any = (await SodiumWrapper.ready()) as any; - if (salt.buffer.byteLength !== 16) { + if (salt.buffer.byteLength !== sodium.crypto_pwhash_SALTBYTES) { throw new Error(`The salt must be exactly ${sodium.crypto_pwhash_SALTBYTES} bytes long!`); } + if (opslimit < sodium.crypto_pwhash_OPSLIMIT_MIN) { throw new Error(`The opslimit must be higher than ${sodium.crypto_pwhash_OPSLIMIT_MIN}.`); } + if (sodium.crypto_pwhash_OPSLIMIT_MAX > 0 && opslimit > sodium.crypto_pwhash_OPSLIMIT_MAX) { throw new Error(`The opslimit must be lower than ${sodium.crypto_pwhash_OPSLIMIT_MAX}.`); } + if (memlimit < sodium.crypto_pwhash_MEMLIMIT_MIN) { throw new Error(`The memlimit must be higher than ${sodium.crypto_pwhash_MEMLIMIT_MIN}.`); } + if (sodium.crypto_pwhash_MEMLIMIT_MAX > 0 && memlimit > sodium.crypto_pwhash_MEMLIMIT_MAX) { throw new Error(`The memlimit must be lower than ${sodium.crypto_pwhash_MEMLIMIT_MAX}.`); } diff --git a/test/crypto/CryptoDerivationTest.test.ts b/test/crypto/CryptoDerivationTest.test.ts index f2afb57..ee00daa 100644 --- a/test/crypto/CryptoDerivationTest.test.ts +++ b/test/crypto/CryptoDerivationTest.test.ts @@ -6,7 +6,6 @@ import { CryptoHash, CryptoHashAlgorithm, CryptoSecretKey, - Encoding, ICoreBuffer } from "@nmshd/crypto"; import { expect } from "chai"; @@ -19,7 +18,7 @@ export class CryptoDerivationTest { before(async function () { // Create 256bit entropy keybuffer = await CryptoHash.hash( - CoreBuffer.fromString("test", Encoding.Utf8), + CoreBuffer.fromUtf8("test"), CryptoHashAlgorithm.SHA256 ); }); @@ -48,7 +47,7 @@ export class CryptoDerivationTest { ); const keybuffer2 = await CryptoHash.hash( - CoreBuffer.fromString("test2", Encoding.Utf8), + CoreBuffer.fromUtf8("test2"), CryptoHashAlgorithm.SHA256 ); const derivedComparison = await CryptoDerivation.deriveKeyFromBase(keybuffer2, 0, "12345678"); @@ -102,7 +101,7 @@ export class CryptoDerivationTest { salt = CoreBuffer.from( ( await CryptoHash.hash( - CoreBuffer.fromString("test", Encoding.Utf8), + CoreBuffer.fromUtf8("test"), CryptoHashAlgorithm.SHA256 ) ).buffer.subarray(0, 16) @@ -150,7 +149,7 @@ export class CryptoDerivationTest { "eyJrZXkiOiI5ck1uY2NOODlsRVpXNVJuQWdpWWk4Tm9xY21vOWIyMmFYQmpuMTlRV0ZRIiwiYWxnIjozLCJAdHlwZSI6IkNyeXB0b1NlY3JldEtleSJ9" ); - const master2 = CoreBuffer.fromString("test2", Encoding.Utf8); + const master2 = CoreBuffer.fromUtf8("test2"); const derivedComparison = await CryptoDerivation.deriveKeyFromPassword( master2, salt, @@ -182,7 +181,7 @@ export class CryptoDerivationTest { const salt2 = CoreBuffer.from( ( await CryptoHash.hash( - CoreBuffer.fromString("test2", Encoding.Utf8), + CoreBuffer.fromUtf8("test2"), CryptoHashAlgorithm.SHA256 ) ).buffer.subarray(0, 16)