diff options
author | Jakub Jelen <jjelen@redhat.com> | 2023-02-28 12:53:28 +0100 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2023-03-07 15:39:26 +0900 |
commit | f5fe94810f3099c9ccc2ca3a5891502922ab0576 (patch) | |
tree | 85f82159cceadbaf7ccd43fe620475bdeccee56d /cipher | |
parent | 3fd3bb31597f80c76a94ea62e42d58d796beabf1 (diff) | |
download | libgcrypt-f5fe94810f3099c9ccc2ca3a5891502922ab0576.tar.gz |
kdf: Update tests in regards to the allowed parameters in FIPS mode.
* cipher/kdf.c (check_one): run selftests for more approved parameters
and check that wrong parameters correctly fail in FIPS mode.
--
Fixes-commit: 535a4d345872aa2cd2ab3a5f9c4411d0a0313328
GnuPG-bug-id: 5512
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'cipher')
-rw-r--r-- | cipher/kdf.c | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/cipher/kdf.c b/cipher/kdf.c index 823c744e..12beec56 100644 --- a/cipher/kdf.c +++ b/cipher/kdf.c @@ -2059,17 +2059,25 @@ check_one (int algo, int hash_algo, { unsigned char key[512]; /* hardcoded to avoid allocation */ size_t keysize = expectlen; - - /* Skip test with shoter passphrase in FIPS mode. */ - if (fips_mode () && passphraselen < 14) - return NULL; + int rv; if (keysize > sizeof(key)) return "invalid tests data"; - if (_gcry_kdf_derive (passphrase, passphraselen, algo, - hash_algo, salt, saltlen, iterations, - keysize, key)) + rv = _gcry_kdf_derive (passphrase, passphraselen, algo, + hash_algo, salt, saltlen, iterations, + keysize, key); + /* In fips mode we have special requirements for the input and + * output parameters */ + if (fips_mode ()) + { + if (rv && (passphraselen < 8 || saltlen < 16 || + iterations < 1000 || expectlen < 14)) + return NULL; + else if (rv) + return "gcry_kdf_derive unexpectedly failed in FIPS Mode"; + } + else if (rv) return "gcry_kdf_derive failed"; if (memcmp (key, expect, expectlen)) |