From: Shane Lontis <shane.lontis@oracle.com>
Date: Sat, 26 Sep 2020 02:41:41 +0000 (+1000)
Subject: Remove TODO comment from sskdf.c
X-Git-Tag: openssl-3.0.0-alpha7~100
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7339547d455046e14b50fe64d71d45c6786ac960;p=thirdparty%2Fopenssl.git

Remove TODO comment from sskdf.c

Fixes #12993

The implementation follows the standards/recommendations specified by https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12999)
---

diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c
index 22c65d26ba7..04c1fb6f541 100644
--- a/providers/implementations/kdfs/sskdf.c
+++ b/providers/implementations/kdfs/sskdf.c
@@ -371,11 +371,6 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen)
         int default_salt_len;
         EVP_MAC *mac = EVP_MAC_CTX_mac(ctx->macctx);
 
-        /*
-         * TODO(3.0) investigate the necessity to have all these controls.
-         * Why does KMAC require a salt length that's shorter than the MD
-         * block size?
-         */
         if (EVP_MAC_is_a(mac, OSSL_MAC_NAME_HMAC)) {
             /* H(x) = HMAC(x, salt, hash) */
             if (md == NULL) {