[gnutls-devel] GnuTLS | Library becomes unusable after XTS key check fails (#1408)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Thu Sep 29 15:46:49 CEST 2022
Zoltán Fridrich created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1408
Assignee: Zoltán Fridrich
With FIPS mode enabled, if a `key = key1|key2` given to the XTS setkey functions is such that `key1 = key2` the library is put into an error state and becomes unusable.
`
if (_gnutls_fips_mode_enabled() &&
gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0)
_gnutls_switch_lib_state(LIB_STATE_ERROR);
`
**Expectation**:
Setkey fails but the library is still usable.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1408
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220929/47120334/attachment.html>
More information about the Gnutls-devel
mailing list