[hmac,rtl] Flag error for invalid digest size/key length configuration

lowRISC / opentitan

OpenTitan: Open source silicon root of trust

https://www.opentitan.org

Apache License 2.0

2.55k stars 760 forks source link

[hmac,rtl] Flag error for invalid digest size/key length configuration #22312

Closed gdessouky closed 5 months ago

gdessouky commented 6 months ago

Description

Unsupported/invalid digest sizes and key lengths are now mapped to SHA-2 256 and 256-bit key. We should instead flag an error to SW and not start the HMAC/SHA-2 operation; this is the most conservative and secure approach.

andreaskurth commented 5 months ago

@gdessouky I think you're working on this in #22580, right?