Page MenuHome GnuPG
Create Task
Maniphest T6219

Ensure minimum key length for KDF in FIPS mode
Closed, ResolvedPublic
Actions

Description

NIST.SP.800-132 Section 5 mandates a minimum key length of 112 bit for the KDF . The proposed change adds an explicit check when running in FIPS mode to make sure this requirement is met.

0001-Check-minimum-allowed-key-size-when-running-in-FIPS-.patch690 BDownload

Revisions and Commits

rC libgcrypt
rCefdc87b305ff tests: Reproducer for short dklen in FIPS mode
rC3c04b692de1e kdf:pkdf2: Check minimum allowed key size when running in FIPS mode.

Related Objects

Event Timeline

tobhe created this task.Sep 26 2022, 9:08 PM
gniibe changed the task status from Open to Testing.Sep 27 2022, 6:34 AM
gniibe claimed this task.
gniibe triaged this task as Normal priority.
gniibe added a subscriber: gniibe.

Thank you for your report.

Applied and pushed.

gniibe added a commit: rC3c04b692de1e: kdf:pkdf2: Check minimum allowed key size when running in FIPS mode..Sep 27 2022, 6:57 AM
Jakuje added a subscriber: Jakuje.Sep 27 2022, 11:07 AM

The specs https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf page 10 says specifically:

The kLen value shall be at least 112 bits in length.

gniibe added a comment.Oct 4 2022, 11:09 AM

Also applied to 1.10 branch.

werner moved this task from Backlog to Ready for release on the FIPS board.Oct 4 2022, 11:09 AM
gniibe added a commit: rCefdc87b305ff: tests: Reproducer for short dklen in FIPS mode.Oct 6 2022, 7:11 AM
canti59 added a commit: rG8046fcac63db: po: Update Czech translation..Oct 14 2022, 2:10 AM
gniibe removed a commit: rG8046fcac63db: po: Update Czech translation..Oct 14 2022, 2:50 AM
gniibe closed this task as Resolved.Apr 13 2023, 3:31 AM

Fixed in 1.10.2.

werner mentioned this in T5905: Release Libgcrypt 1.10.2.Nov 14 2023, 12:55 PM
werner mentioned this in T7165: Release Libgcrypt 1.11.0.Jun 19 2024, 11:37 AM