"Invalid scrypt params" error message is unnecessarily generic when exceeding `maxmem`

[greguz]

Version

v20.13.1

Platform

Linux lindell 6.9.3-arch1-1 #1 SMP PREEMPT_DYNAMIC Fri, 31 May 2024 15:14:45 +0000 x86_64 GNU/Linux

Subsystem

node:crypto

What steps will reproduce the bug?

Reading the official scrypt docs, I see that the cost parameter should be a power of 2.

Following the OWASP docs, I wanted to use 2 power 17 to feed the cost parameter.

const { scryptSync, randomBytes } = require('node:crypto')

const secret = 'shhh'
const salt = randomBytes(16)

// throws RangeError: Invalid scrypt params, same with scrypt()
scryptSync(secret, salt, 64, {
  blockSize: 8,
  cost: 131072, // 2^17
  parallelization: 1,
})

How often does it reproduce? Is there a required condition?

Always reproduce.

What is the expected behavior? Why is that the expected behavior?

Hash is correctly derived.

What do you see instead?

A RangeError with the "Invalid scrypt params" message.

Additional information

No response

[greguz]

Also reproduces with Node.js v20.14.0.

[panva]

These parameters are exceeding the default memory upper bound option. It is an error when (approximately) 128 * N * r > maxmem, the default maxmem is 32 * 1024 * 1024.

[greguz]

Sorry, my bad. I got confused with the N and r aliases, plus the generic error message. Now I see the Node.js docs are in fact correct. Thank you for the fast answer.

[tniessen]

OpenSSL unfortunately does not consistently report errors during the scrypt parameter validation, but it does if maxmem is insufficient. We might as well forward that error message: #53300