Bug ID 620969: iControl doesn't give correct valid key sizes for FIPS keys on BIG-IP 5250, 7200F, 10200F, and 11050F platforms running the Cavium Nitrox XL FIPS cards.

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Fixed In:
13.0.0

Opened: Oct 06, 2016
Severity: 3-Major

Symptoms

Using the get_valid_key_sizes() for querying the valid key sizes, 1024 is returned, which is not valid when the FIPS firmware is version 2.2 or above.

Impact

Unsupported key-size is returned.

Conditions

FIPS firmware is version 2.2 or above.

Workaround

None

Fix Information

This issue has been fixed to return the supported key-sizes in versions after 12.x.x.

Behavior Change