Extend KMAC maximal key length to 164 bytes

Used to support the One-Step KDM of NIST.SP.800-56Cr2.
Rohde-Schwarz · Jun 10, 2024 · 01c20cd · 01c20cd
1 parent 1a5cf87
commit 01c20cd
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/src/lib/mac/kmac/kmac.cpp b/src/lib/mac/kmac/kmac.cpp
@@ -38,9 +38,11 @@ Key_Length_Specification KMAC::key_spec() const {
    // KMAC supports key lengths from zero up to 2²⁰⁴⁰ (2^(2040)) bits:
    // https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-185.pdf#page=28
    //
-   // However, we restrict the key length to 64 bytes in order to avoid allocation of overly
-   // large memory stretches when client code works with the maximal key length.
-   return Key_Length_Specification(0, 64);
+   // However, we restrict the key length to 164 bytes in order to avoid allocation of overly
+   // large memory stretches when client code works with the maximal key length. 164 is the
+   // length of the default_salt of the one-step KDM with KMAC128
+   // (see NIST SP 800-56C Rev. 2, Section 4.1, Implementation-Dependent Parameters 3.).
+   return Key_Length_Specification(0, 164);
 }
 
 bool KMAC::has_keying_material() const {