openssl

rpms

openssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Dmitry Belyavskiy	b4e95a5775	Rebasing to OpenSSL 3.2.1	2024-04-17 03:26:00 +00:00
Clemens Lang	438a2c64b7	Add indicator for HMAC with short key lengths NIST SP 800-131Ar2, table 9 "Approval Status of MAC Algorithms" specifies key lengths < 112 bytes are disallowed for HMAC generation and are legacy use for HMAC verification. Add an explicit indicator that will mark shorter key lengths as unsupported. The indicator can be queries from the EVP_MAC_CTX object using EVP_MAC_CTX_get_params() with the OSSL_MAC_PARAM_REDHAT_FIPS_INDICATOR parameter. Signed-off-by: Clemens Lang <cllang@redhat.com> Resolves: rhbz#2144000	2022-11-21 10:42:43 +01:00

Author

SHA1

Message

Date

Dmitry Belyavskiy

b4e95a5775

Rebasing to OpenSSL 3.2.1

2024-04-17 03:26:00 +00:00

Clemens Lang

438a2c64b7

Add indicator for HMAC with short key lengths

NIST SP 800-131Ar2, table 9 "Approval Status of MAC Algorithms"
specifies key lengths < 112 bytes are disallowed for HMAC generation and
are legacy use for HMAC verification.

Add an explicit indicator that will mark shorter key lengths as
unsupported. The indicator can be queries from the EVP_MAC_CTX object
using EVP_MAC_CTX_get_params() with the
  OSSL_MAC_PARAM_REDHAT_FIPS_INDICATOR
parameter.

Signed-off-by: Clemens Lang <cllang@redhat.com>
Resolves: rhbz#2144000

2022-11-21 10:42:43 +01:00

2 Commits