From 112d2fbb15cd6d1dd13ecc542967d2874ad64cf1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Olivier=20Ch=C3=A9ron?= <olivier.cheron@gmail.com>
Date: Sun, 9 Apr 2017 17:18:26 +0200
Subject: [PATCH] Decrease Argon2 maximum output length

Fixes #148.
---
 Crypto/KDF/Argon2.hs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Crypto/KDF/Argon2.hs b/Crypto/KDF/Argon2.hs
index 089fb97..c941f65 100644
--- a/Crypto/KDF/Argon2.hs
+++ b/Crypto/KDF/Argon2.hs
@@ -85,8 +85,10 @@ saltMinLength = 8
 outputMinLength :: Int
 outputMinLength = 4
 
+-- specification allows up to 2^32-1 but this is too big for a signed Int
+-- on a 32-bit architecture, so we limit tag length to 2^31-1 bytes
 outputMaxLength :: Int
-outputMaxLength = 0xffffffff
+outputMaxLength = 0x7fffffff
 
 defaultOptions :: Options
 defaultOptions =