Revert "kdf:pkdf2: Require longer input when FIPS mode."

* cipher/kdf.c (_gcry_kdf_pkdf2): Remove the length limitation of passphrase input length. -- Cherry-picked from master commit of: 47db7fe3a0c36523d2ccec31705cffff9a2337bc This reverts commit d09d3d33c79daa2f8d385dfedf3f20ad205b0fba Signed-off-by: Jakub Jelen <jjelen@redhat.com>
author: Jakub Jelen <jjelen@redhat.com> 2022-10-26 15:17:03 +0900
committer: NIIBE Yutaka <gniibe@fsij.org> 2022-10-27 10:17:39 +0900
commit: 7f4fafb5564dec6fe65f0e93a1125cb6ddb4d1ed (patch)
tree: 84f08359c7949e56d4a80d1b3db74581718ba9e3 /cipher/kdf.c
parent: e2c0920fd7dea6e254badd12958982c66080b7db (diff)
download: libgcrypt-7f4fafb5564dec6fe65f0e93a1125cb6ddb4d1ed.tar.gz
1 files changed, 0 insertions, 4 deletions
diff --git a/cipher/kdf.c b/cipher/kdf.c
index dd741397..ff13e6e8 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -164,10 +164,6 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen,
   if (fips_mode () && dklen < 14)
     return GPG_ERR_INV_VALUE;
 
-  /* HMAC requires longer input for approved use case.  */
-  if (fips_mode () && passphraselen < 14)
-    return GPG_ERR_INV_VALUE;
-
   /* Step 2 */
   l = ((dklen - 1)/ hlen) + 1;
   r = dklen - (l - 1) * hlen;
author	Jakub Jelen <jjelen@redhat.com>	2022-10-26 15:17:03 +0900
committer	NIIBE Yutaka <gniibe@fsij.org>	2022-10-27 10:17:39 +0900
commit	7f4fafb5564dec6fe65f0e93a1125cb6ddb4d1ed (patch)
tree	84f08359c7949e56d4a80d1b3db74581718ba9e3 /cipher/kdf.c
parent	e2c0920fd7dea6e254badd12958982c66080b7db (diff)
download	libgcrypt-7f4fafb5564dec6fe65f0e93a1125cb6ddb4d1ed.tar.gz