From 0b12188d06d12d42a12ba6cb18360a85838173d1 Mon Sep 17 00:00:00 2001 From: marbar3778 Date: Mon, 20 Feb 2023 12:07:32 +0100 Subject: [PATCH 1/2] fix conversion lint --- crypto/armor.go | 2 +- crypto/armor_test.go | 2 +- crypto/keys/bcrypt/bcrypt.go | 24 ++++++++++++------------ 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/crypto/armor.go b/crypto/armor.go index 83215bf8765b..b65854262387 100644 --- a/crypto/armor.go +++ b/crypto/armor.go @@ -42,7 +42,7 @@ const ( // than what they see, which is a significantly cheaper attack then breaking // a bcrypt hash. (Recall that the nonce still exists to break rainbow tables) // For further notes on security parameter choice, see README.md -var BcryptSecurityParameter = 12 +var BcryptSecurityParameter uint32 = 12 //----------------------------------------------------------------- // add armor diff --git a/crypto/armor_test.go b/crypto/armor_test.go index e31a91141792..60ed5a495aee 100644 --- a/crypto/armor_test.go +++ b/crypto/armor_test.go @@ -169,7 +169,7 @@ func TestUnarmorInfoBytesErrors(t *testing.T) { func BenchmarkBcryptGenerateFromPassword(b *testing.B) { passphrase := []byte("passphrase") - for securityParam := 9; securityParam < 16; securityParam++ { + for securityParam := uint32(9); securityParam < 16; securityParam++ { param := securityParam b.Run(fmt.Sprintf("benchmark-security-param-%d", param), func(b *testing.B) { b.ReportAllocs() diff --git a/crypto/keys/bcrypt/bcrypt.go b/crypto/keys/bcrypt/bcrypt.go index 4093f8cdb192..ab0ad4708eae 100644 --- a/crypto/keys/bcrypt/bcrypt.go +++ b/crypto/keys/bcrypt/bcrypt.go @@ -18,9 +18,9 @@ import ( ) const ( - MinCost int = 4 // the minimum allowable cost as passed in to GenerateFromPassword - MaxCost int = 31 // the maximum allowable cost as passed in to GenerateFromPassword - DefaultCost int = 10 // the cost that will actually be set if a cost below MinCost is passed into GenerateFromPassword + MinCost uint32 = 4 // the minimum allowable cost as passed in to GenerateFromPassword + MaxCost uint32 = 31 // the maximum allowable cost as passed in to GenerateFromPassword + DefaultCost uint32 = 10 // the cost that will actually be set if a cost below MinCost is passed into GenerateFromPassword ) // ErrMismatchedHashAndPassword is returned from CompareHashAndPassword when a password and hash do @@ -76,7 +76,7 @@ var magicCipherData = []byte{ type hashed struct { hash []byte salt []byte - cost int // allowed range is MinCost to MaxCost + cost uint32 // allowed range is MinCost to MaxCost major byte minor byte } @@ -85,7 +85,7 @@ type hashed struct { // cost. If the cost given is less than MinCost, the cost will be set to // DefaultCost, instead. Use CompareHashAndPassword, as defined in this package, // to compare the returned hashed password with its cleartext version. -func GenerateFromPassword(salt []byte, password []byte, cost int) ([]byte, error) { +func GenerateFromPassword(salt []byte, password []byte, cost uint32) ([]byte, error) { if len(salt) != maxSaltSize { return nil, fmt.Errorf("salt len must be %v", maxSaltSize) } @@ -121,7 +121,7 @@ func CompareHashAndPassword(hashedPassword, password []byte) error { // password. When, in the future, the hashing cost of a password system needs // to be increased in order to adjust for greater computational power, this // function allows one to establish which passwords need to be updated. -func Cost(hashedPassword []byte) (int, error) { +func Cost(hashedPassword []byte) (uint32, error) { p, err := newFromHash(hashedPassword) if err != nil { return 0, err @@ -129,7 +129,7 @@ func Cost(hashedPassword []byte) (int, error) { return p.cost, nil } -func newFromPassword(salt []byte, password []byte, cost int) (*hashed, error) { +func newFromPassword(salt []byte, password []byte, cost uint32) (*hashed, error) { if cost < MinCost { cost = DefaultCost } @@ -180,11 +180,11 @@ func newFromHash(hashedSecret []byte) (*hashed, error) { return p, nil } -func bcrypt(password []byte, cost int, salt []byte) ([]byte, error) { +func bcrypt(password []byte, cost uint32, salt []byte) ([]byte, error) { cipherData := make([]byte, len(magicCipherData)) copy(cipherData, magicCipherData) - c, err := expensiveBlowfishSetup(password, uint32(cost), salt) + c, err := expensiveBlowfishSetup(password, cost, salt) if err != nil { return nil, err } @@ -271,11 +271,11 @@ func (p *hashed) decodeCost(sbytes []byte) (int, error) { if err != nil { return -1, err } - err = checkCost(cost) + err = checkCost(uint32(cost)) if err != nil { return -1, err } - p.cost = cost + p.cost = uint32(cost) return 3, nil } @@ -283,7 +283,7 @@ func (p *hashed) String() string { return fmt.Sprintf("&{hash: %#v, salt: %#v, cost: %d, major: %c, minor: %c}", string(p.hash), p.salt, p.cost, p.major, p.minor) } -func checkCost(cost int) error { +func checkCost(cost uint32) error { if cost < MinCost || cost > MaxCost { return InvalidCostError(cost) } From 8fe172180013208641c1f4b7c5836eff305addc1 Mon Sep 17 00:00:00 2001 From: marbar3778 Date: Mon, 20 Feb 2023 12:56:47 +0100 Subject: [PATCH 2/2] add changelog entry --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 59fccaa8f99d..157b57da334f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -254,6 +254,7 @@ extension interfaces. `module.Manager.Modules` is now of type `map[string]interf * (x/staking) [#14590](https://github.com/cosmos/cosmos-sdk/pull/14590) `MsgUndelegateResponse` now includes undelegated amount. `x/staking` module's `keeper.Undelegate` now returns 3 values (completionTime,undelegateAmount,error) instead of 2. * (x/feegrant) [14649](https://github.com/cosmos/cosmos-sdk/pull/14649) Extract Feegrant in its own go.mod and rename the package to `cosmossdk.io/x/feegrant`. * (x/bank) [#14894](https://github.com/cosmos/cosmos-sdk/pull/14894) Return a human readable denomination for IBC vouchers when querying bank balances. Added a `ResolveDenom` parameter to `types.QueryAllBalancesRequest`. +* (crypto) [#15070](https://github.com/cosmos/cosmos-sdk/pull/15070) `GenerateFromPassword` and `Cost` from `bcrypt.go` now take a `uint32` instead of a `int` type. ### Client Breaking Changes