[Swan-dev] [libreswan/libreswan] `make rpm` in FIPS mode on Fedora 32 fails (#351) (fwd)

[Andrew Cagney]

This provides more info:

diff --git a/programs/cavp/Makefile b/programs/cavp/Makefile
index 90b724ee1c..ca4a8a7120 100644
--- a/programs/cavp/Makefile
+++ b/programs/cavp/Makefile
@@ -67,7 +67,7 @@ test.cavp.%.fax: | $(builddir)

 .PRECIOUS: %.out
 test.cavp.%.out: test.cavp.%.fax $(PROGRAM)
-       $(builddir)/cavp \
+       $(builddir)/cavp -fips -v \
                $(builddir)/test.cavp.$*.fax \
                > $(builddir)/test.cavp.$*.tmp
        mv  $(builddir)/test.cavp.$*.tmp  $(builddir)/test.cavp.$*.out

I see:

cavp: NSS: SKEYSEED = prf(Ni | Nr, g^ir)
create HMAC_SHA2_384 context from key Ni | Nr(0x55b829d968d0) failed
(SECERR: 40 (0x28): The key does not support the requested operation.)
cavp: failed to create IKEv2 PRF for computing SKEYSEED = prf(Ni | Nr, g^ir)

so it died trying to use Ni|Nr.

>From memory, the key needs to be >= digest size when fips.  128 bits
falls short of 384 and 512.

> [g^ir length = 256]
> [SHA-384]
> [Ni length = 64]
> [Nr length = 64]
> [DKM length = 1056]
> [Child SA DKM length = 1056]
>
> COUNT = 0
> Ni = fd1b572a8e735591
> Nr = 6013b0ef88dacd3d
> g^ir = d3288cd87565101e88fe3bad918f31939d8dd26ff1071f8b2d7f447524e58d7c
> g^ir (new) = 3358f620539473aee8d07e779764c4c6a9aabddc79a28e136b3bac021dbde44a
> SPIi = 2116ad07ce61f749
> SPIr = 24880e55f11a65b7
> SKEYSEED =
> failure in SKEYSEED = prf(Ni | Nr, g^ir)
>
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub, or
> unsubscribe.[AAW5L6KEYWKS6THJ7WMIG5TR2ITXPA5CNFSM4OR5KHYKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4JWZM5PQ.gif]
>
>
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev