For 1) aesXCBCmac is an exported function thus it could get a broken
AESstate from the caller.
For 2) you are right... thanks!


Giacomo

2017-01-17 22:36 GMT+01:00 <cinap_lenrek@felloff.net>:

> on 1), the comment says right here that it does not deal with keys
> bigger than 128 bits. which is implied by s->keybytes == 16. so rounds
> is 10 here as of aes_setupEnc(). given 4*(10+1) == 48, so the buffer
> size holds.
>
> --
> cinap
>