chore: make deps, go mod vendor

vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k.go

@@ -87,10 +87,10 @@ func decodeCount(c uint8) int {
 // encodeMemory converts the Argon2 "memory" in the range parallelism*8 to
 // 2**31, inclusive, to an encoded memory. The return value is the
 // octet that is actually stored in the GPG file. encodeMemory panics
-// if is not in the above range 
+// if is not in the above range
 // See OpenPGP crypto refresh Section 3.7.1.4.
 func encodeMemory(memory uint32, parallelism uint8) uint8 {
-	if memory < (8 * uint32(parallelism)) || memory > uint32(2147483648) {
+	if memory < (8*uint32(parallelism)) || memory > uint32(2147483648) {
 		panic("Memory argument memory is outside the required range")
 	}
 
@@ -199,8 +199,8 @@ func Generate(rand io.Reader, c *Config) (*Params, error) {
 		}
 
 		params = &Params{
-			mode:      SaltedS2K,
-			hashId:    hashId,
+			mode:   SaltedS2K,
+			hashId: hashId,
 		}
 	} else { // Enforce IteratedSaltedS2K method otherwise
 		hashId, ok := algorithm.HashToHashId(c.hash())
@@ -211,7 +211,7 @@ func Generate(rand io.Reader, c *Config) (*Params, error) {
 			c.S2KMode = IteratedSaltedS2K
 		}
 		params = &Params{
-			mode:      IteratedSaltedS2K, 
+			mode:      IteratedSaltedS2K,
 			hashId:    hashId,
 			countByte: c.EncodedCount(),
 		}
@@ -283,6 +283,9 @@ func ParseIntoParams(r io.Reader) (params *Params, err error) {
 		params.passes = buf[Argon2SaltSize]
 		params.parallelism = buf[Argon2SaltSize+1]
 		params.memoryExp = buf[Argon2SaltSize+2]
+		if err := validateArgon2Params(params); err != nil {
+			return nil, err
+		}
 		return params, nil
 	case GnuS2K:
 		// This is a GNU extension. See
@@ -300,15 +303,22 @@ func ParseIntoParams(r io.Reader) (params *Params, err error) {
 	return nil, errors.UnsupportedError("S2K function")
 }
 
+func (params *Params) Mode() Mode {
+	return params.mode
+}
+
 func (params *Params) Dummy() bool {
 	return params != nil && params.mode == GnuS2K
 }
 
 func (params *Params) salt() []byte {
 	switch params.mode {
-		case SaltedS2K, IteratedSaltedS2K: return params.saltBytes[:8]
-		case Argon2S2K: return params.saltBytes[:Argon2SaltSize]
-		default: return nil
+	case SaltedS2K, IteratedSaltedS2K:
+		return params.saltBytes[:8]
+	case Argon2S2K:
+		return params.saltBytes[:Argon2SaltSize]
+	default:
+		return nil
 	}
 }
 
@@ -405,3 +415,22 @@ func Serialize(w io.Writer, key []byte, rand io.Reader, passphrase []byte, c *Co
 	f(key, passphrase)
 	return nil
 }
+
+// validateArgon2Params checks that the argon2 parameters are valid according to RFC9580.
+func validateArgon2Params(params *Params) error {
+	// The number of passes t and the degree of parallelism p MUST be non-zero.
+	if params.parallelism == 0 {
+		return errors.StructuralError("invalid argon2 params: parallelism is 0")
+	}
+	if params.passes == 0 {
+		return errors.StructuralError("invalid argon2 params: iterations is 0")
+	}
+
+	// The encoded memory size MUST be a value from 3+ceil(log2(p)) to 31,
+	// such that the decoded memory size m is a value from 8*p to 2^31.
+	if params.memoryExp > 31 || decodeMemory(params.memoryExp) < 8*uint32(params.parallelism) {
+		return errors.StructuralError("invalid argon2 params: memory is out of bounds")
+	}
+
+	return nil
+}