crypto: hmac - disallow keys < 112 bits in FIPS mode

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

FIPS 140 requires a minimum security strength of 112 bits. This implies
that the HMAC key must not be smaller than 112 in FIPS mode.

This restriction implies that the test vectors for HMAC that have a key
that is smaller than 112 bits must be disabled when FIPS support is
compiled.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Stephan Müller and committed by

Herbert Xu 4 years ago 37f36e57 c9c28ed0

+13

2 changed files

expand all

crypto

hmac.c

testmgr.h

crypto/hmac.c

··· 15 15 #include <crypto/internal/hash.h> 16 16 #include <crypto/scatterwalk.h> 17 17 #include <linux/err.h> 18 + #include <linux/fips.h> 18 19 #include <linux/init.h> 19 20 #include <linux/kernel.h> 20 21 #include <linux/module.h> ··· 51 50 struct crypto_shash *hash = ctx->hash; 52 51 SHASH_DESC_ON_STACK(shash, hash); 53 52 unsigned int i; 53 + 54 + if (fips_enabled && (keylen < 112 / 8)) 55 + return -EINVAL; 54 56 55 57 shash->tfm = hash; 56 58

crypto/testmgr.h

··· 5715 5715 .psize = 28, 5716 5716 .digest = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74" 5717 5717 "\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79", 5718 + .fips_skip = 1, 5718 5719 }, { 5719 5720 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", 5720 5721 .ksize = 20, ··· 5805 5804 "\x45\x69\x0f\x3a\x7e\x9e\x6d\x0f" 5806 5805 "\x8b\xbe\xa2\xa3\x9e\x61\x48\x00" 5807 5806 "\x8f\xd0\x5e\x44", 5807 + .fips_skip = 1, 5808 5808 }, { 5809 5809 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 5810 5810 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" ··· 5949 5947 "\x6a\x04\x24\x26\x08\x95\x75\xc7" 5950 5948 "\x5a\x00\x3f\x08\x9d\x27\x39\x83" 5951 5949 "\x9d\xec\x58\xb9\x64\xec\x38\x43", 5950 + .fips_skip = 1, 5952 5951 }, { 5953 5952 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 5954 5953 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" ··· 6448 6445 "\xe4\x2e\xc3\x73\x63\x22\x44\x5e" 6449 6446 "\x8e\x22\x40\xca\x5e\x69\xe2\xc7" 6450 6447 "\x8b\x32\x39\xec\xfa\xb2\x16\x49", 6448 + .fips_skip = 1, 6451 6449 }, { 6452 6450 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 6453 6451 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" ··· 6549 6545 "\x6d\x03\x4f\x65\xf8\xf0\xe6\xfd" 6550 6546 "\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b" 6551 6547 "\x63\x6e\x07\x0a\x38\xbc\xe7\x37", 6548 + .fips_skip = 1, 6552 6549 }, { 6553 6550 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 6554 6551 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" ··· 6645 6640 "\x1b\x79\x86\x34\xad\x38\x68\x11" 6646 6641 "\xc2\xcf\xc8\x5b\xfa\xf5\xd5\x2b" 6647 6642 "\xba\xce\x5e\x66", 6643 + .fips_skip = 1, 6648 6644 }, { 6649 6645 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 6650 6646 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" ··· 6733 6727 "\x35\x96\xbb\xb0\xda\x73\xb8\x87" 6734 6728 "\xc9\x17\x1f\x93\x09\x5b\x29\x4a" 6735 6729 "\xe8\x57\xfb\xe2\x64\x5e\x1b\xa5", 6730 + .fips_skip = 1, 6736 6731 }, { 6737 6732 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 6738 6733 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" ··· 6825 6818 "\x3c\xa1\x35\x08\xa9\x32\x43\xce" 6826 6819 "\x48\xc0\x45\xdc\x00\x7f\x26\xa2" 6827 6820 "\x1b\x3f\x5e\x0e\x9d\xf4\xc2\x0a", 6821 + .fips_skip = 1, 6828 6822 }, { 6829 6823 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 6830 6824 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" ··· 6925 6917 "\xee\x7a\x0c\x31\xd0\x22\xa9\x5e" 6926 6918 "\x1f\xc9\x2b\xa9\xd7\x7d\xf8\x83" 6927 6919 "\x96\x02\x75\xbe\xb4\xe6\x20\x24", 6920 + .fips_skip = 1, 6928 6921 }, { 6929 6922 .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 6930 6923 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"