Am Samstag, 8. Januar 2022, 00:28:31 CET schrieb Eric Biggers: Hi Eric, > Hi Stephan, > > On Fri, Jan 07, 2022 at 08:25:24PM +0100, Stephan Müller wrote: > > FIPS 140 requires a minimum security strength of 112 bits. This implies > > that the HMAC key must not be smaller than 112 in FIPS mode. > > > > This restriction implies that the test vectors for HMAC that have a key > > that is smaller than 112 bits must be disabled when FIPS support is > > compiled. > > > > Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx> > > This could make sense, but the weird thing is that the HMAC code has been > like this from the beginning, yet many companies have already gotten this > exact same HMAC implementation FIPS-certified. What changed? FIPS 140-3 (which is now mandatory) requires this based on SP800-131A. > > - Eric Ciao Stephan
