zzy/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use RFC 5869 test case for HKDF self-test

Browse Source 
According to NIST SP 800-131Ar2 section 8, the length of the
key-derivation key shall be at least 112 bits.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23833)
This commit is contained in:
pohsingwu 2024-03-13 14:42:14 +08:00 committed by Tomas Mraz
parent 294782f3b5
commit 23fd48da04
1 changed files with 26 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
providers/fips/self_test_data.inc
View File

@ -267,10 +267,32 @@ static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
};
static const char hkdf_digest[] = "SHA256";
static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
/*
* Input parameters and expected result are from RFC 5869 test case 1, which is
* with a key-derivation key >= 112 bits required by NIST SP 800-131Ar2
* section 8.
*/
static const unsigned char hkdf_secret[] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
};
static const unsigned char hkdf_salt[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c
};
static const unsigned char hkdf_info[] = {
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9
};
static const unsigned char hkdf_expected[] = {
0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
0x58, 0x65
};
static const ST_KAT_PARAM hkdf_params[] = {
ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
@ -278,10 +300,6 @@ static const ST_KAT_PARAM hkdf_params[] = {
ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
ST_KAT_PARAM_END()
};
static const unsigned char hkdf_expected[] = {
0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
0xde, 0x13
};
static const char sskdf_digest[] = "SHA224";
static const unsigned char sskdf_secret[] = {