Nest: Allow MAC algorithms to specify min/max key length

Add min/max key length fields to the MAC algorithm description and validate configured keys before they are used.
author: Toke Høiland-Jørgensen <toke@toke.dk> 2021-04-15 04:38:49 +0200
committer: Ondrej Zajicek (work) <santiago@crfreenet.org> 2021-06-06 16:28:18 +0200
commit: 589f7d1e4f3aaca3fec6c38474bb962a9c578ebe (patch)
tree: 8c7ed1d80769f9fea6a1189c5577eebf24dbc460 /lib
parent: 35f88b305ab6a0e27b5ff1b445f63f544986e14e (diff)
2 files changed, 3 insertions, 1 deletions
diff --git a/lib/mac.c b/lib/mac.c
index f07d38df..6c9cc743 100644
--- a/lib/mac.c
+++ b/lib/mac.c
@@ -173,7 +173,7 @@ hmac_final(struct mac_context *ctx)
   {									\
     name, size/8, sizeof(struct vx##_context),				\
     vx##_mac_init, vx##_mac_update, vx##_mac_final,			\
-    size/8, VX##_BLOCK_SIZE, NULL, NULL, NULL				\
+    size/8, VX##_BLOCK_SIZE, NULL, NULL, NULL, 0, VX##_SIZE		\
   }
 
 const struct mac_desc mac_table[ALG_MAX] = {
diff --git a/lib/mac.h b/lib/mac.h
index a03e0546..99a56eed 100644
--- a/lib/mac.h
+++ b/lib/mac.h
@@ -94,6 +94,8 @@ struct mac_desc {
   void (*hash_init)(struct hash_context *ctx);
   void (*hash_update)(struct hash_context *ctx, const byte *data, uint datalen);
   byte *(*hash_final)(struct hash_context *ctx);
+  uint min_key_length;			/* Minimum allowed key length */
+  uint max_key_length;			/* Maximum allowed key length */
 };
 
 extern const struct mac_desc mac_table[ALG_MAX];
author	Toke Høiland-Jørgensen <toke@toke.dk>	2021-04-15 04:38:49 +0200
committer	Ondrej Zajicek (work) <santiago@crfreenet.org>	2021-06-06 16:28:18 +0200
commit	589f7d1e4f3aaca3fec6c38474bb962a9c578ebe (patch)
tree	8c7ed1d80769f9fea6a1189c5577eebf24dbc460 /lib
parent	35f88b305ab6a0e27b5ff1b445f63f544986e14e (diff)