Am 19.09.2012 19:43, schrieb Florian Zeitz:
Am 11.09.2012 20:21, schrieb Timo Sirainen:
On 11.9.2012, at 21.07, Florian Zeitz wrote:
I think we could simply #define the largest allowed context_size, use it for these buffers' sizes and then add i_assert(meth->context_size <= HMAC_MAX_CONTEXT_SIZE)
Well, either that, or we could use a union of all known context structs there.
That annoyingly requires #including in hmac.h all the different .h files that contain hash contexts. When new hashes are added I doubt anyone remembers to update that. And since the hmac_context is rather rarely used I don't think it matters if we just use a somewhat large context size.
Or we could use i_malloc() and i_free() under the assumption hmac_init()
- hmac_final() calls are always matched.
Yeah, that's not too bad either I guess. Although it is different from other hash_init()+final calls which don't require it, and it's also wasting CPU a bit.
Here is an updated version of the patch. It uses the variant defining the largest allowed content size. I choose 1024 bit (128 Byte), since that is what most of the SHA-3 candidates use, so it's hopefully somewhat future proof.
Forget I said that. Unfortunately the MD5 context is already bigger (the SHA-1 one isn't). So 256 Byte it is I guess. Sorry for the lack of thorough testing. I hope I didn't miss another hash function.