1 |
From 185fbbfea732588187c81d1b2cafb3e1fae9eb77 Mon Sep 17 00:00:00 2001 |
2 |
From: Clemens Lang <cllang@redhat.com> |
3 |
Date: Thu, 17 Nov 2022 16:38:45 +0100 |
4 |
Subject: [PATCH 2/2] kbkdf: Add explicit FIPS indicator for key length |
5 |
|
6 |
NIST SP 800-131Ar2, section 8 "Deriving Additional Keys from |
7 |
a Cryptographic Key" says that for KDFs defined in SP 800-108, "[t]he |
8 |
length of the key-derivation key shall be at least 112 bits". It further |
9 |
specifies that HMAC-based KDFs "with a key whose length is at least 112 |
10 |
bits" are acceptable. |
11 |
|
12 |
Add an explicit indicator for SP 800-108 KDFs that will mark shorter key |
13 |
lengths as unapproved. The indicator can be queried from the EVP_KDF_CTX |
14 |
object using EVP_KDF_CTX_get_params() with the |
15 |
OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR |
16 |
parameter. |
17 |
|
18 |
Signed-off-by: Clemens Lang <cllang@redhat.com> |
19 |
--- |
20 |
providers/implementations/kdfs/kbkdf.c | 32 +++++++++++++++++++++----- |
21 |
1 file changed, 26 insertions(+), 6 deletions(-) |
22 |
|
23 |
diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c |
24 |
index a542f84dfa..93a8a10537 100644 |
25 |
--- a/providers/implementations/kdfs/kbkdf.c |
26 |
+++ b/providers/implementations/kdfs/kbkdf.c |
27 |
@@ -365,18 +365,38 @@ static int kbkdf_get_ctx_params(void *vctx, OSSL_PARAM params[]) |
28 |
OSSL_PARAM *p; |
29 |
|
30 |
p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE); |
31 |
- if (p == NULL) |
32 |
- return -2; |
33 |
+ if (p != NULL) |
34 |
+ /* KBKDF can produce results as large as you like. */ |
35 |
+ return OSSL_PARAM_set_size_t(p, SIZE_MAX); |
36 |
+ |
37 |
+#ifdef FIPS_MODULE |
38 |
+ p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR); |
39 |
+ if (p != NULL) { |
40 |
+ KBKDF *ctx = (KBKDF *)vctx; |
41 |
+ int fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_APPROVED; |
42 |
+ /* According to NIST Special Publication 800-131Ar2, Section 8: |
43 |
+ * Deriving Additional Keys from a Cryptographic Key, "[t]he length of |
44 |
+ * the key-derivation key [i.e., the input key] shall be at least 112 |
45 |
+ * bits". */ |
46 |
+ if (ctx->ki_len < EVP_KDF_FIPS_MIN_KEY_LEN) |
47 |
+ fips_indicator = EVP_KDF_REDHAT_FIPS_INDICATOR_NOT_APPROVED; |
48 |
+ return OSSL_PARAM_set_int(p, fips_indicator); |
49 |
+ } |
50 |
+#endif |
51 |
|
52 |
- /* KBKDF can produce results as large as you like. */ |
53 |
- return OSSL_PARAM_set_size_t(p, SIZE_MAX); |
54 |
+ return -2; |
55 |
} |
56 |
|
57 |
static const OSSL_PARAM *kbkdf_gettable_ctx_params(ossl_unused void *ctx, |
58 |
ossl_unused void *provctx) |
59 |
{ |
60 |
- static const OSSL_PARAM known_gettable_ctx_params[] = |
61 |
- { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), OSSL_PARAM_END }; |
62 |
+ static const OSSL_PARAM known_gettable_ctx_params[] = { |
63 |
+ OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), |
64 |
+#ifdef FIPS_MODULE |
65 |
+ OSSL_PARAM_int(OSSL_KDF_PARAM_REDHAT_FIPS_INDICATOR, NULL), |
66 |
+#endif /* defined(FIPS_MODULE) */ |
67 |
+ OSSL_PARAM_END |
68 |
+ }; |
69 |
return known_gettable_ctx_params; |
70 |
} |
71 |
|
72 |
-- |
73 |
2.38.1 |
74 |
|