Hi,

According to NIST SP800-131A Table 9, HMAC generation in FIPS must
have a keylen of 14 bytes minimum. I've noticed that in the crypto
algorithm testing framework, the HMAC test vectors from RFC 4231 all
have a test case that utilizes a 4 byte key.
Is this permissible when operating the kernel in FIPS mode and if so
how is the 14 byte minimum keysize enforced?

Thanks,

Peter

Reply via email to