File libgcrypt-FIPS-pkdf2-Additional-checks.patch of Package libgcrypt.39215
Index: libgcrypt-1.9.4/doc/gcrypt.texi
===================================================================
--- libgcrypt-1.9.4.orig/doc/gcrypt.texi
+++ libgcrypt-1.9.4/doc/gcrypt.texi
@@ -983,13 +983,19 @@ algorithm supports different key sizes).
this function returns @code{GPS_ERR_NO_ERROR}. Otherwise @code{GPG_ERR_NOT_SUPPORTED}
is returned.
-@item GCRYCTL_FIPS_SERVICE_INDICATOR_KDF; Arguments: enum gcry_kdf_algos [, unsigned int]
+@item GCRYCTL_FIPS_SERVICE_INDICATOR_KDF; Arguments: enum gcry_kdf_algos [, unsigned int, unsigned int, unsigned int, unsigned int]
Check if the given KDF is approved under the current FIPS 140-3
-certification. The second parameter provides the keylength in bits.
-Keylength values of less that 112 bits are considered non-approved.
-If the KDF is approved, this function returns @code{GPG_ERR_NO_ERROR}.
-Otherwise @code{GPG_ERR_NOT_SUPPORTED} is returned.
+certification. The second parameter provides the keylength in bits,
+values less that 112 bits are considered non-approved. The third
+parameter provides the salt length in bits, values less than 128 bits
+are considered non-approved. The fourth parameter provides the
+iteration count, values less than 1000 are considered
+non-approved. And the fifth parameter provides the passphrase length
+in number of characters, values less than 20 characters are considered
+non-approved. If the KDF is approved, this function returns
+@code{GPG_ERR_NO_ERROR}. Otherwise @code{GPG_ERR_NOT_SUPPORTED} is
+returned.
@item GCRYCTL_FIPS_SERVICE_INDICATOR_PK; Arguments: enum gcry_pk_algos
[, constants GCRY_PK_USAGE_ENCR or GCRY_PK_USAGE_SIGN, unsigned int (only for GCRY_PK_RSA)]
Index: libgcrypt-1.9.4/src/fips.c
===================================================================
--- libgcrypt-1.9.4.orig/src/fips.c
+++ libgcrypt-1.9.4/src/fips.c
@@ -476,14 +476,33 @@ _gcry_fips_indicator_kdf (va_list arg_pt
{
enum gcry_kdf_algos alg = va_arg (arg_ptr, enum gcry_kdf_algos);
unsigned int keylen = 0;
+ unsigned int saltlen = 0;
+ unsigned int iterations = 0;
+ unsigned int passphraselen = 0;
switch (alg)
{
case GCRY_KDF_PBKDF2:
+ /* FIPS requires minimum key length, see FIPS 140-3 IG D.N */
keylen = va_arg (arg_ptr, unsigned int);
- if (keylen < 112) {
- return GPG_ERR_NOT_SUPPORTED;
- }
+ if (keylen < 112)
+ return GPG_ERR_NOT_SUPPORTED;
+
+ /* FIPS requires minimum salt length of 128 b (SP 800-132 5.1) */
+ saltlen = va_arg (arg_ptr, unsigned int);
+ if (saltlen < 128)
+ return GPG_ERR_NOT_SUPPORTED;
+
+ /* FIPS requires minimum iterations count (SP 800-132 5.2) */
+ iterations = va_arg (arg_ptr, unsigned int);
+ if (iterations < 1000)
+ return GPG_ERR_NOT_SUPPORTED;
+
+ /* FIPS requires minimum passphrase length, see FIPS 140-3 IG D.N */
+ passphraselen = va_arg (arg_ptr, unsigned int);
+ if (passphraselen < 20)
+ return GPG_ERR_NOT_SUPPORTED;
+
return GPG_ERR_NO_ERROR;
default:
return GPG_ERR_NOT_SUPPORTED;
