tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CRYPTO_MAX_MAC_LEN too short?



In message <mtu4qeaa6ep.fsf%contents-vnder-pressvre.mit.edu@localhost>, "Nathan 
J. Willia
ms" writes:
>
>In opencrypto/cryptodev.h, CRYPTO_MAX_MAC_LEN is defined as 20.  This
>value is used in cryptodev.c to set the size of the tmp_mac[] array,
>which is passed down to into crypto engines for them to deposit the
>computed MAC or hash. However, we've got SHA-2 (256 bits), SHA-2-384,
>and SHA-2-512, all of which produce more than 20 bytes of result, so
>using those hashes runs some risk of stomping on the other data
>structures following it.
>
>Any reason not to bump up CRYPTO_MAX_MAC_LEN to 64?
>

It certainly wouldn't hurt, but is the field for a hash function output 
or for an HMAC output?  The latter, even for SHA-512, is unlikely to be 
longer than 20 bytes.

                --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb





Home | Main Index | Thread Index | Old Index