]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0dad4d0) | patch
crypto: hmac - disallow keys < 112 bits in FIPS mode
authorStephan Müller <smueller@chronox.de>
Tue, 1 Feb 2022 08:41:32 +0000 (09:41 +0100)
committerHerbert Xu <herbert@gondor.apana.org.au>
Fri, 11 Feb 2022 09:22:01 +0000 (20:22 +1100)
commita384e2eb9054ac091e9b7dd8c99759ebb200d95a
tree2079a33d7c0c708e353f00b0c14682a6ea729e30tree | snapshot
parent0dad4d053a21125adea030dc8b5c2986bf047e65commit | diff
crypto: hmac - disallow keys < 112 bits in FIPS mode

FIPS 140 requires a minimum security strength of 112 bits. This implies
that the HMAC key must not be smaller than 112 in FIPS mode.

This restriction implies that the test vectors for HMAC that have a key
that is smaller than 112 bits must be disabled when FIPS support is
compiled.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/hmac.c diff | blob | history
crypto/testmgr.h diff | blob | history
Linux Kernel Source Tree.