]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c6b09ea) | patch
Increase HKDF_MAXBUF from 1024 to 2048
authorBenjamin Kaduk <bkaduk@akamai.com>
Mon, 22 Mar 2021 22:02:04 +0000 (15:02 -0700)
committerBenjamin Kaduk <kaduk@mit.edu>
Tue, 30 Mar 2021 23:40:28 +0000 (16:40 -0700)
commit20c2876f24d0ccf9581ace08c7882d544d2588ea
tree81e068a87166630e280e970221dd61ed9b1af532tree
parentc6b09ea0fe23a572a781681b3c1f436e8b0932fecommit | diff
Increase HKDF_MAXBUF from 1024 to 2048

We've encountered some scenarios that need to use more than 1 kB of
data as the HKDF-Expand() "info" argument (which, per RFC 5869,
contains "optional context and application specific information").

Since HKDF_MAXBUF is used to size an array in the HKDF_PKEY_CTX
structure, this adds 1 kB of memory footprint to each EVP_PKEY_CTX
used for HKDF.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14649)
providers/implementations/kdfs/hkdf.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git