diff options
author | Rob Austein <sra@hactrn.net> | 2017-04-03 22:24:01 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2017-04-03 22:24:01 -0400 |
commit | d246435f4f3ca64ea660e6636d88aa6911fe072d (patch) | |
tree | fdf51c717f0e78d2e0812e1462595442b979a6a5 | |
parent | a3a588361df25e3f1493b3ab880df75a914664f0 (diff) |
PKCS #8 bumps max key buffer size up by a few bytes.
-rw-r--r-- | hal_internal.h | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/hal_internal.h b/hal_internal.h index 40a600c..65f6ae7 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -317,15 +317,16 @@ static inline hal_crc32_t hal_crc32_finalize(hal_crc32_t crc) } /* - * Sizes for ASN.1-encoded keys, this may not be exact due to ASN.1 - * INTEGER encoding rules but should be good enough for buffer sizing: + * Sizes for PKCS #8 encoded private keys. This may not be exact due + * to ASN.1 INTEGER encoding rules, but should be good enough for + * buffer sizing. * - * 2048-bit RSA: 1194 bytes - * 4096-bit RSA: 2351 bytes - * 8192-bit RSA: 4655 bytes - * EC P-256: 121 bytes - * EC P-384: 167 bytes - * EC P-521: 223 bytes + * 2048-bit RSA: 1219 bytes + * 4096-bit RSA: 2373 bytes + * 8192-bit RSA: 4679 bytes + * EC P-256: 138 bytes + * EC P-384: 185 bytes + * EC P-521: 240 bytes * * Plus we need a bit of AES-keywrap overhead, since we're storing the * wrapped form (see hal_aes_keywrap_cyphertext_length()). @@ -338,7 +339,7 @@ static inline hal_crc32_t hal_crc32_finalize(hal_crc32_t crc) * moment we take the easy way out and cap this at 4096-bit RSA. */ -#define HAL_KS_WRAPPED_KEYSIZE ((2351 + 15) & ~7) +#define HAL_KS_WRAPPED_KEYSIZE ((2373 + 15) & ~7) /* * PINs. |