projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9c28ed) | patch
crypto: hmac - disallow keys < 112 bits in FIPS mode
authorStephan Müller <smueller@chronox.de>
Tue, 1 Feb 2022 08:41:32 +0000 (09:41 +0100)
committerHerbert Xu <herbert@gondor.apana.org.au>
Fri, 11 Feb 2022 09:22:01 +0000 (20:22 +1100)
commit37f36e5717869a69775ecb23baedf0f06ea940b4
tree2079a33d7c0c708e353f00b0c14682a6ea729e30tree | snapshot
parentc9c28ed0ab611b6ee3bfab88eba334e272642433commit | diff
crypto: hmac - disallow keys < 112 bits in FIPS mode

FIPS 140 requires a minimum security strength of 112 bits. This implies
that the HMAC key must not be smaller than 112 in FIPS mode.

This restriction implies that the test vectors for HMAC that have a key
that is smaller than 112 bits must be disabled when FIPS support is
compiled.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/hmac.c diff | blob | blame | history
crypto/testmgr.h diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)