Set PBKDF2 limit in PKCS#12 to 100M.

The previous limit was |UINT_MAX|. Windows limits to 600K, but that's already causing issues. This seems like a balance between being completely crazy and still large enough not to have to worry for a long time. It's still probably too large for backend systems wanting to process arbitrary PKCS#12, but I don't think any fixed value will satisfy all desires. Change-Id: I01a3f78d5f2df086f8dbc0e8bacfb95153738f55 Reviewed-on: https://boringssl-review.googlesource.com/30424 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-08-08 09:25:36 -07:00 · 2018-08-08 09:25:36 -07:00 · c81965a8ad
commit c81965a8ad
parent 2bcb315138
1 changed files with 6 additions and 1 deletions
--- a/crypto/pkcs8/pkcs8_x509.c
+++ b/crypto/pkcs8/pkcs8_x509.c
@ -672,7 +672,12 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs,
 #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
    static const uint64_t kIterationsLimit = 1024;
 #else
-    static const uint64_t kIterationsLimit = UINT_MAX;
+    // Windows imposes a limit of 600K. Mozilla say: “so them increasing
+    // maximum to something like 100M or 1G (to have few decades of breathing
+    // room) would be very welcome”[1]. So here we set the limit to 100M.
+    //
+    // [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1436873#c14
+    static const uint64_t kIterationsLimit = 100 * 1000000;
 #endif

    // The iteration count is optional and the default is one.