Re: [PATCH RFC] crypto/hkdf: Skip tests with keys too short in FIPS mode

From: Eric Biggers
Date: Tue Dec 16 2025 - 23:13:22 EST

Next message: Andrew Morton: "Re: [PATCH v6 14/14] mm: Add basic tests for lazy_mmu"
Previous message: kernel test robot: "Re: [PATCH v6 5/5] mmc: sdhci-msm: Rectify DLL programming sequence for SDCC"
In reply to: Li Tian: "Re: [PATCH RFC] crypto/hkdf: Skip tests with keys too short in FIPS mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Dec 17, 2025 at 08:08:48AM +0800, Li Tian wrote:
> On Wed, Dec 10, 2025 at 6:54 AM Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
> > What problem are you trying to solve?
>
> Eric, as you've said "keylen < 14 check in the new version in
> crypto/sha256.c." was forgotten.
> IMHO, it deserves recovery in terms of FIPS. And by the time the check
> is restored, the hkdf_test
> cases failure will likely surface again. Hence the skipping in this proposal.
>
> Li Tian

Sure, but there's no reason to consider this patch unless the incorrect
and problematic keylen check is added back in.

- Eric

Next message: Andrew Morton: "Re: [PATCH v6 14/14] mm: Add basic tests for lazy_mmu"
Previous message: kernel test robot: "Re: [PATCH v6 5/5] mmc: sdhci-msm: Rectify DLL programming sequence for SDCC"
In reply to: Li Tian: "Re: [PATCH RFC] crypto/hkdf: Skip tests with keys too short in FIPS mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]