crypto: Allow up to 10 fragments for hmac_sha*_vector()

This increases the limit of how many data fragments can be supported
with the internal HMAC implementation. The previous limit was hit with
some FT use cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2020-01-26 17:04:54 +02:00
parent 07dd83dd77
commit 12da39b389
3 changed files with 9 additions and 9 deletions

View file

@ -28,10 +28,10 @@ int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem,
{ {
unsigned char k_pad[64]; /* padding - key XORd with ipad/opad */ unsigned char k_pad[64]; /* padding - key XORd with ipad/opad */
unsigned char tk[32]; unsigned char tk[32];
const u8 *_addr[6]; const u8 *_addr[11];
size_t _len[6], i; size_t _len[11], i;
if (num_elem > 5) { if (num_elem > 10) {
/* /*
* Fixed limit on the number of fragments to avoid having to * Fixed limit on the number of fragments to avoid having to
* allocate memory (which could fail). * allocate memory (which could fail).

View file

@ -28,10 +28,10 @@ int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem,
{ {
unsigned char k_pad[128]; /* padding - key XORd with ipad/opad */ unsigned char k_pad[128]; /* padding - key XORd with ipad/opad */
unsigned char tk[48]; unsigned char tk[48];
const u8 *_addr[6]; const u8 *_addr[11];
size_t _len[6], i; size_t _len[11], i;
if (num_elem > 5) { if (num_elem > 10) {
/* /*
* Fixed limit on the number of fragments to avoid having to * Fixed limit on the number of fragments to avoid having to
* allocate memory (which could fail). * allocate memory (which could fail).

View file

@ -28,10 +28,10 @@ int hmac_sha512_vector(const u8 *key, size_t key_len, size_t num_elem,
{ {
unsigned char k_pad[128]; /* padding - key XORd with ipad/opad */ unsigned char k_pad[128]; /* padding - key XORd with ipad/opad */
unsigned char tk[64]; unsigned char tk[64];
const u8 *_addr[6]; const u8 *_addr[11];
size_t _len[6], i; size_t _len[11], i;
if (num_elem > 5) { if (num_elem > 10) {
/* /*
* Fixed limit on the number of fragments to avoid having to * Fixed limit on the number of fragments to avoid having to
* allocate memory (which could fail). * allocate memory (which could fail).