[PATCH RFC] crypto/hkdf: Skip tests with keys too short in FIPS mode

Next message: Boris Brezillon: "Re: [PATCH v12 05/10] drm/i915: Use huge tmpfs mountpoint helpers"
Previous message: Konrad Dybcio: "Re: [PATCH v5] crypto: qce - Add runtime PM and interconnect bandwidth scaling support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Li Tian

Date: Fri Dec 05 2025 - 06:31:48 EST

FIPS mode mandates the keys to _setkey should be longer than 14 bytes.
It's up to the callers to not use keys too short.

Signed-off-by: Li Tian <litian@xxxxxxxxxx>
---
crypto/hkdf.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/crypto/hkdf.c b/crypto/hkdf.c
index 82d1b32ca6ce..73d318f3f677 100644
--- a/crypto/hkdf.c
+++ b/crypto/hkdf.c
@@ -10,6 +10,7 @@
#include <crypto/internal/hash.h>
#include <crypto/sha2.h>
#include <crypto/hkdf.h>
+#include <linux/fips.h>
#include <linux/module.h>

/*
@@ -462,7 +463,12 @@ static const struct hkdf_testvec hkdf_sha512_tv[] = {
};

static int hkdf_test(const char *shash, const struct hkdf_testvec *tv)
-{ struct crypto_shash *tfm = NULL;
+{
+ /* Skip the tests with keys too short in FIPS mode */
+ if (fips_enabled && (tv->salt_size < 112 / 8))
+ return 0;
+
+ struct crypto_shash *tfm = NULL;
u8 *prk = NULL, *okm = NULL;
unsigned int prk_size;
const char *driver;
--
2.50.0