scrypt: increase default memory limit. The default memory maximum exists to protect clients who call scrypt with untrusted paramters. However, the old default is now too low for recommended scrypt parameters so this change increases it to cover that case. Change-Id: I2d38cba0924267bde09b72113e1bdbf0d7413325 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/74007 Reviewed-by: David Benjamin <davidben@google.com> Auto-Submit: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com>

commit: 8ec2350fdd4ba8a9f07b8f8e5c0a08d1b62c4719 [log] [tgz]
author: Adam Langley <agl@chromium.org> Thu Dec 05 12:16:45 2024 -0800
committer: Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Thu Dec 05 21:06:20 2024 +0000
tree: 7967ca50fefe9962764fd815e582533a2e186954
parent: 5dda522dc82f07a6302602075231c13cf3b4044c [diff]
diff --git a/crypto/evp/scrypt.cc b/crypto/evp/scrypt.cc
index e11cce5..4853761 100644
--- a/crypto/evp/scrypt.cc
+++ b/crypto/evp/scrypt.cc

@@ -140,7 +140,7 @@
 
 // SCRYPT_MAX_MEM is the default maximum memory that may be allocated by
 // |EVP_PBE_scrypt|.
-#define SCRYPT_MAX_MEM (1024 * 1024 * 32)
+#define SCRYPT_MAX_MEM (1024 * 1024 * 65)
 
 int EVP_PBE_scrypt(const char *password, size_t password_len,
                    const uint8_t *salt, size_t salt_len, uint64_t N, uint64_t r,
commit	8ec2350fdd4ba8a9f07b8f8e5c0a08d1b62c4719	[log] [tgz]
author	Adam Langley <agl@chromium.org>	Thu Dec 05 12:16:45 2024 -0800
committer	Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>	Thu Dec 05 21:06:20 2024 +0000
tree	7967ca50fefe9962764fd815e582533a2e186954
parent	5dda522dc82f07a6302602075231c13cf3b4044c [diff]