diff options
author | Jakub Jelen <jjelen@redhat.com> | 2023-02-28 12:53:28 +0100 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2023-03-07 15:40:33 +0900 |
commit | 397ff085749e5b47095827d19561332a67007c02 (patch) | |
tree | 893441ff307b23a317aedbb96480da23b788713e | |
parent | 076dd2ffcd953d80172770d8bb98c2c945dad7c9 (diff) | |
download | libgcrypt-397ff085749e5b47095827d19561332a67007c02.tar.gz |
kdf: Update tests in regards to the allowed parameters in FIPS mode.
* cipher/kdf.c (check_one): run selftests for more approved parameters
and check that wrong parameters correctly fail in FIPS mode.
--
Cherry-picked from master commit of:
f5fe94810f3099c9ccc2ca3a5891502922ab0576
Fixes-commit: 535a4d345872aa2cd2ab3a5f9c4411d0a0313328
GnuPG-bug-id: 5512
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
-rw-r--r-- | cipher/kdf.c | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/cipher/kdf.c b/cipher/kdf.c index b13574f8..6e52f66d 100644 --- a/cipher/kdf.c +++ b/cipher/kdf.c @@ -1038,17 +1038,25 @@ check_one (int algo, int hash_algo, { unsigned char key[512]; /* hardcoded to avoid allocation */ size_t keysize = expectlen; - - /* Skip test with shoter passphrase in FIPS mode. */ - if (fips_mode () && passphraselen < 14) - return NULL; + int rv; if (keysize > sizeof(key)) return "invalid tests data"; - if (_gcry_kdf_derive (passphrase, passphraselen, algo, - hash_algo, salt, saltlen, iterations, - keysize, key)) + rv = _gcry_kdf_derive (passphrase, passphraselen, algo, + hash_algo, salt, saltlen, iterations, + keysize, key); + /* In fips mode we have special requirements for the input and + * output parameters */ + if (fips_mode ()) + { + if (rv && (passphraselen < 8 || saltlen < 16 || + iterations < 1000 || expectlen < 14)) + return NULL; + else if (rv) + return "gcry_kdf_derive unexpectedly failed in FIPS Mode"; + } + else if (rv) return "gcry_kdf_derive failed"; if (memcmp (key, expect, expectlen)) |