Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Minor
Fix Version/s: None
Affects Version/s: rhel-9.0.0
Component/s: gnutls
Labels:
- MigratedToJIRA
- Triaged

Regression:
None
Severity:
Low

Pool Team:

rhel-sst-security-crypto
Sub-System Group:

ssg_security

Story Points:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

Release Note Type:
If docs needed, set a value

Experience:
Architecture:

Unspecified
Bugzilla Bug:
RHBZ: 2145032

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Description of problem:
RFC 5869 2.3 requires that requested output length of HKDF-Expand to
be equal to or less than 255 times hash output size. However, GnuTLS doesn't enforce this restriction.

Version-Release number of selected component (if applicable):
gnutls-3.7.6-12.el9_0

How reproducible:
always

Steps to Reproduce:
1. call `gnutls_hkdf_expand` with output size larger than 255 * hash length
2.
3.

Actual results:
The function succeeds.

Expected results:
The function should return an error.

Additional info:
From FIPS point of view, this is not a blocker, as the generic use of HKDF is not approved in FIPS mode, and the TLS use doesn't require generating output keying material longer than 255 * hash length.

external trackers

Gitlab gnutls/gnutls/-/merge_requests/1602

Red Hat Issue Tracker CRYPTO-8827

Red Hat Issue Tracker RHELPLAN-140228

Assignee:: Daiki Ueno

Reporter:: Daiki Ueno

Developer:: Daiki Ueno

QA Contact:: SSG Security QE

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/09/20 11:03 AM

Updated:: 2024/09/30 9:31 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates