public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/providers/fips/include/fips_indicator_params.inc
Dimitri John Ledkov fc68cf21b5 kdfs: implement key length check in X9.42 
Similar to other KDFs, the input key should be 112 bits long.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25529)
2024-09-30 20:03:49 +02:00

28 lines
1.6 KiB
SQL
Raw Blame History

OSSL_FIPS_PARAM(security_checks, SECURITY_CHECKS, 1)
OSSL_FIPS_PARAM(tls1_prf_ems_check, TLS1_PRF_EMS_CHECK, 0)
OSSL_FIPS_PARAM(no_short_mac, NO_SHORT_MAC, 1)
OSSL_FIPS_PARAM(hmac_key_check, HMAC_KEY_CHECK, 0)
OSSL_FIPS_PARAM(kmac_key_check, KMAC_KEY_CHECK, 0)
OSSL_FIPS_PARAM(restricted_drbg_digests, DRBG_TRUNC_DIGEST, 0)
OSSL_FIPS_PARAM(signature_digest_check, SIGNATURE_DIGEST_CHECK, 0)
OSSL_FIPS_PARAM(hkdf_digest_check, HKDF_DIGEST_CHECK, 0)
OSSL_FIPS_PARAM(tls13_kdf_digest_check, TLS13_KDF_DIGEST_CHECK, 0)
OSSL_FIPS_PARAM(tls1_prf_digest_check, TLS1_PRF_DIGEST_CHECK, 0)
OSSL_FIPS_PARAM(sshkdf_digest_check, SSHKDF_DIGEST_CHECK, 0)
OSSL_FIPS_PARAM(sskdf_digest_check, SSKDF_DIGEST_CHECK, 0)
OSSL_FIPS_PARAM(x963kdf_digest_check, X963KDF_DIGEST_CHECK, 0)
OSSL_FIPS_PARAM(dsa_sign_disallowed, DSA_SIGN_DISABLED, 0)
OSSL_FIPS_PARAM(tdes_encrypt_disallowed, TDES_ENCRYPT_DISABLED, 0)
OSSL_FIPS_PARAM(rsa_pkcs15_padding_disabled, RSA_PKCS15_PAD_DISABLED, 0)
OSSL_FIPS_PARAM(rsa_pss_saltlen_check, RSA_PSS_SALTLEN_CHECK, 0)
OSSL_FIPS_PARAM(rsa_sign_x931_disallowed, RSA_SIGN_X931_PAD_DISABLED, 0)
OSSL_FIPS_PARAM(hkdf_key_check, HKDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(kbkdf_key_check, KBKDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(tls13_kdf_key_check, TLS13_KDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(tls1_prf_key_check, TLS1_PRF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(sshkdf_key_check, SSHKDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(sskdf_key_check, SSKDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(x963kdf_key_check, X963KDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(x942kdf_key_check, X942KDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(pbkdf2_lower_bound_check, PBKDF2_LOWER_BOUND_CHECK, 1)
OSSL_FIPS_PARAM(ecdh_cofactor_check, ECDH_COFACTOR_CHECK, 0)
Reference in a new issue View git blame Copy permalink