cosmos · mergify · Feb 20, 2023 · Feb 20, 2023 · Feb 20, 2023 · Feb 20, 2023
@@ -255,6 +255,7 @@ extension interfaces. `module.Manager.Modules` is now of type `map[string]interf
 * (x/staking) [#14590](https://github.com/cosmos/cosmos-sdk/pull/14590) `MsgUndelegateResponse` now includes undelegated amount. `x/staking` module's `keeper.Undelegate` now returns 3 values (completionTime,undelegateAmount,error)  instead of 2.
 * (x/feegrant) [14649](https://github.com/cosmos/cosmos-sdk/pull/14649) Extract Feegrant in its own go.mod and rename the package to `cosmossdk.io/x/feegrant`.
 * (x/bank) [#14894](https://github.com/cosmos/cosmos-sdk/pull/14894) Return a human readable denomination for IBC vouchers when querying bank balances. Added a `ResolveDenom` parameter to `types.QueryAllBalancesRequest`.
+* (crypto) [#15070](https://github.com/cosmos/cosmos-sdk/pull/15070) `GenerateFromPassword` and `Cost` from `bcrypt.go` now take a `uint32` instead of a `int` type.  
 
 ### Client Breaking Changes
 

@@ -42,7 +42,7 @@ const (
 // than what they see, which is a significantly cheaper attack then breaking
 // a bcrypt hash. (Recall that the nonce still exists to break rainbow tables)
 // For further notes on security parameter choice, see README.md
-var BcryptSecurityParameter = 12
+var BcryptSecurityParameter uint32 = 12
 
 //-----------------------------------------------------------------
 // add armor

@@ -169,7 +169,7 @@ func TestUnarmorInfoBytesErrors(t *testing.T) {
 
 func BenchmarkBcryptGenerateFromPassword(b *testing.B) {
 	passphrase := []byte("passphrase")
-	for securityParam := 9; securityParam < 16; securityParam++ {
+	for securityParam := uint32(9); securityParam < 16; securityParam++ {
 		param := securityParam
 		b.Run(fmt.Sprintf("benchmark-security-param-%d", param), func(b *testing.B) {
 			b.ReportAllocs()

@@ -18,9 +18,9 @@ import (
 )
 
 const (
-	MinCost     int = 4  // the minimum allowable cost as passed in to GenerateFromPassword
-	MaxCost     int = 31 // the maximum allowable cost as passed in to GenerateFromPassword
-	DefaultCost int = 10 // the cost that will actually be set if a cost below MinCost is passed into GenerateFromPassword
+	MinCost     uint32 = 4  // the minimum allowable cost as passed in to GenerateFromPassword
+	MaxCost     uint32 = 31 // the maximum allowable cost as passed in to GenerateFromPassword
+	DefaultCost uint32 = 10 // the cost that will actually be set if a cost below MinCost is passed into GenerateFromPassword
 )
 
 // ErrMismatchedHashAndPassword is returned from CompareHashAndPassword when a password and hash do
@@ -76,7 +76,7 @@ var magicCipherData = []byte{
 type hashed struct {
 	hash  []byte
 	salt  []byte
-	cost  int // allowed range is MinCost to MaxCost
+	cost  uint32 // allowed range is MinCost to MaxCost
 	major byte
 	minor byte
 }
@@ -85,7 +85,7 @@ type hashed struct {
 // cost. If the cost given is less than MinCost, the cost will be set to
 // DefaultCost, instead. Use CompareHashAndPassword, as defined in this package,
 // to compare the returned hashed password with its cleartext version.
-func GenerateFromPassword(salt []byte, password []byte, cost int) ([]byte, error) {
+func GenerateFromPassword(salt []byte, password []byte, cost uint32) ([]byte, error) {
 	if len(salt) != maxSaltSize {
 		return nil, fmt.Errorf("salt len must be %v", maxSaltSize)
 	}
@@ -121,15 +121,15 @@ func CompareHashAndPassword(hashedPassword, password []byte) error {
 // password. When, in the future, the hashing cost of a password system needs
 // to be increased in order to adjust for greater computational power, this
 // function allows one to establish which passwords need to be updated.
-func Cost(hashedPassword []byte) (int, error) {
+func Cost(hashedPassword []byte) (uint32, error) {
 	p, err := newFromHash(hashedPassword)
 	if err != nil {
 		return 0, err
 	}
 	return p.cost, nil
 }
 
-func newFromPassword(salt []byte, password []byte, cost int) (*hashed, error) {
+func newFromPassword(salt []byte, password []byte, cost uint32) (*hashed, error) {
 	if cost < MinCost {
 		cost = DefaultCost
 	}
@@ -180,11 +180,11 @@ func newFromHash(hashedSecret []byte) (*hashed, error) {
 	return p, nil
 }
 
-func bcrypt(password []byte, cost int, salt []byte) ([]byte, error) {
+func bcrypt(password []byte, cost uint32, salt []byte) ([]byte, error) {
 	cipherData := make([]byte, len(magicCipherData))
 	copy(cipherData, magicCipherData)
 
-	c, err := expensiveBlowfishSetup(password, uint32(cost), salt)
+	c, err := expensiveBlowfishSetup(password, cost, salt)
 	if err != nil {
 		return nil, err
 	}
@@ -271,19 +271,19 @@ func (p *hashed) decodeCost(sbytes []byte) (int, error) {
 	if err != nil {
 		return -1, err
 	}
-	err = checkCost(cost)
+	err = checkCost(uint32(cost))
 	if err != nil {
 		return -1, err
 	}
-	p.cost = cost
+	p.cost = uint32(cost)
 	return 3, nil
 }
 
 func (p *hashed) String() string {
 	return fmt.Sprintf("&{hash: %#v, salt: %#v, cost: %d, major: %c, minor: %c}", string(p.hash), p.salt, p.cost, p.major, p.minor)
 }
 
-func checkCost(cost int) error {
+func checkCost(cost uint32) error {
 	if cost < MinCost || cost > MaxCost {
 		return InvalidCostError(cost)
 	}