Re: [PATCH v3 2/3] crypto: rsa_helper - add raw integer parser actions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> +int rsa_check_key_length(unsigned int len)
> +{
> +       switch (len) {
> +       case 512:
> +       case 1024:
> +       case 1536:
> +       case 2048:
> +       case 3072:
> +       case 4096:
> +               return 0;
> +       }
> +
> +       return -EINVAL;
> +}

That's an unusual restriction.

> +       key->n_sz = vlen;
> +       /* In FIPS mode only allow key size 2K & 3K */
> +       if (fips_enabled && (key->n_sz != 256 && key->n_sz != 384)) {
> +               dev_err(ctx->dev, "RSA: key size not allowed in FIPS mode\n");
> +               goto err;
> +       }

That's an unusual restriction, too. As far as I know, FIPS does not
place that restriction.

Jeff
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux