fips: add additional pbkdf limit checks as defined in SP 800-132 (!1736) · Merge requests · gnutls / GnuTLS

Tobias Heider requested to merge tobhe/gnutls:pbkdf into master Mar 30, 2023

I noticed that we seem to be missing a few mandatory checks for pbkdf. Currently we are checking the password size and outlen to be < 14 but SP 800-132 also mandates a minimum iteration count and a minimum salt size.

TODO

adjust self test vectors
fix unit tests

Edited Mar 31, 2023 by Tobias Heider

fips: add additional pbkdf limit checks as defined in SP 800-132

TODO

Merge request reports