diff options
author | NIIBE Yutaka <gniibe@fsij.org> | 2022-06-24 08:59:31 +0900 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-06-24 08:59:31 +0900 |
commit | 58c92098d053aae7c78cc42bdd7c80c13efc89bb (patch) | |
tree | be9dd3832930970789a04234d14c4e17104b3b72 /src/visibility.c | |
parent | 07722d89bac1a739b084b4412c3ff42e215d5968 (diff) | |
download | libgcrypt-58c92098d053aae7c78cc42bdd7c80c13efc89bb.tar.gz |
hmac,hkdf: Allow use of shorter salt for HKDF.
* cipher/md.c (prepare_macpads): Move the check to...
* src/visibility.c (gcry_mac_setkey): ... here.
* tests/t-kdf.c (check_hkdf): No failure is expected.
--
GnuPG-bug-id: 6039
Fixes-commit: 76aad97dd312e83f2f9b8d086553f2b72ab6546f
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'src/visibility.c')
-rw-r--r-- | src/visibility.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/visibility.c b/src/visibility.c index c98247d8..aee5bffb 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -946,6 +946,9 @@ gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, size_t keylen) if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); + if (fips_mode () && keylen < 14) + return GPG_ERR_INV_VALUE; + return gpg_error (_gcry_mac_setkey (hd, key, keylen)); } |