Hi, According to NIST SP800-131A Table 9, HMAC generation in FIPS must have a keylen of 14 bytes minimum. I've noticed that in the crypto algorithm testing framework, the HMAC test vectors from RFC 4231 all have a test case that utilizes a 4 byte key. Is this permissible when operating the kernel in FIPS mode and if so how is the 14 byte minimum keysize enforced?
Thanks, Peter
