| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251205113136.17920-1-litian@redhat.com>
Date: Fri, 5 Dec 2025 19:31:36 +0800
From: Li Tian <litian@...hat.com>
To: linux-kernel@...r.kernel.org
Cc: linux-crypto@...r.kernel.org,
Herbert Xu <herbert@...dor.apana.org.au>,
Eric Biggers <ebiggers@...nel.org>,
"David S . Miller" <davem@...emloft.net>,
Vitaly Kuznetsov <vkuznets@...hat.com>
Subject: [PATCH RFC] crypto/hkdf: Skip tests with keys too short in FIPS mode
FIPS mode mandates the keys to _setkey should be longer than 14 bytes.
It's up to the callers to not use keys too short.
Signed-off-by: Li Tian <litian@...hat.com>
---
crypto/hkdf.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/crypto/hkdf.c b/crypto/hkdf.c
index 82d1b32ca6ce..73d318f3f677 100644
--- a/crypto/hkdf.c
+++ b/crypto/hkdf.c
@@ -10,6 +10,7 @@
#include <crypto/internal/hash.h>
#include <crypto/sha2.h>
#include <crypto/hkdf.h>
+#include <linux/fips.h>
#include <linux/module.h>
/*
@@ -462,7 +463,12 @@ static const struct hkdf_testvec hkdf_sha512_tv[] = {
};
static int hkdf_test(const char *shash, const struct hkdf_testvec *tv)
-{ struct crypto_shash *tfm = NULL;
+{
+ /* Skip the tests with keys too short in FIPS mode */
+ if (fips_enabled && (tv->salt_size < 112 / 8))
+ return 0;
+
+ struct crypto_shash *tfm = NULL;
u8 *prk = NULL, *okm = NULL;
unsigned int prk_size;
const char *driver;
--
2.50.0
Powered by blists - more mailing lists