Subject: Re: CRYPTO_MAX_MAC_LEN too short?
To: Nathan J. Williams <>
From: Steven M. Bellovin <>
List: tech-crypto
Date: 04/13/2005 21:56:15
In message <>, "Nathan J. Willia
ms" writes:
>In opencrypto/cryptodev.h, CRYPTO_MAX_MAC_LEN is defined as 20.  This
>value is used in cryptodev.c to set the size of the tmp_mac[] array,
>which is passed down to into crypto engines for them to deposit the
>computed MAC or hash. However, we've got SHA-2 (256 bits), SHA-2-384,
>and SHA-2-512, all of which produce more than 20 bytes of result, so
>using those hashes runs some risk of stomping on the other data
>structures following it.
>Any reason not to bump up CRYPTO_MAX_MAC_LEN to 64?

It certainly wouldn't hurt, but is the field for a hash function output 
or for an HMAC output?  The latter, even for SHA-512, is unlikely to be 
longer than 20 bytes.

		--Prof. Steven M. Bellovin,