Add additional test cases for Single Step KDF.

SSKDF KMAC tests added. Added FIPS indicator tests for SSKDF Hash, HMAC, and KMAC cases. Added short salt length tests for SSKDF HMAC and KMAC. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25049)
2024-08-07 10:58:10 +10:00 · 2024-08-07 10:58:10 +10:00 · 95994ded95
commit 95994ded95
parent ea396c7024
2 changed files with 88 additions and 1 deletions
--- a/providers/common/include/prov/fipscommon.h
+++ b/providers/common/include/prov/fipscommon.h
@ -14,7 +14,7 @@ int FIPS_security_check_enabled(OSSL_LIB_CTX *libctx);
 int FIPS_tls_prf_ems_check(OSSL_LIB_CTX *libctx);
 int FIPS_no_short_mac(OSSL_LIB_CTX *libctx);
 int FIPS_hmac_key_check(OSSL_LIB_CTX *libctx);
-int FIPS_kmac_key_check(OSSL_LIB_CTX *libctx);s
+int FIPS_kmac_key_check(OSSL_LIB_CTX *libctx);
 int FIPS_restricted_drbg_digests_enabled(OSSL_LIB_CTX *libctx);
 int FIPS_fips_signature_digest_check(OSSL_LIB_CTX *libctx);
 int FIPS_hkdf_digest_check(OSSL_LIB_CTX *libctx);
--- a/test/recipes/30-test_evp_data/evpkdf_ss.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_ss.txt
@ -1153,6 +1153,32 @@ Ctrl.hexinfo = hexinfo:b117255ab5f1b6b96fc434b0
 Result = KDF_CTRL_ERROR
 Reason = xof digests not allowed

+Title = ACVP Server Tests
+# Test vectors extracted from https://github.com/usnistgov/ACVP-Server/blob/master/gen-val/json-files/KDA-OneStep-Sp800-56Cr*
+# The info field is composed of multiple fields concatenated together which includes l = 1024 bits (00000400)
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA2-224
+Ctrl.hexsecret = hexsecret:B88A5DBAB00483107C1839742A0E0EEE128EE83F715AE23E15C7CED18133754B095917F99C2EE421FE9EEE3B3E0F8D74F791B6EA930E2CD083F9E9952581AE6B537784B7820680C9797C4E9E2B6638FE5CF452309FC9C28D109AFF1CF75E9D4D3C1AA276
+Ctrl.hexinfo = hexinfo:0EEA684AC156B3569C3C6B8316E0F3C339BE2C9458FFFAC5A5261082744805D24E12FC795D54D8109EE1101F313F56F5BF1AD8B58E103FC30269CAFBF1B830BBBBFF898DCF9DD81BCA9F01CE8D3B99848DF2FF1EA0AFDBD89FCB17366FA3AFA0B09E5BCAC4E3E8BF39796469E8DE8F1A9F3A9FA158E05A16CA4D70B75D12952F09EAAD1C421511F18FCA3830B9910047EEE4F3DB00000400
+Output = 4F0F153EF1DC7F9B832A9403FD68BCEB4F32B608003EA429FF28D46235166C2D4E28DF8776DCDB34A984AA643A8D8E112CAD6674705B0D7B24CB15039F210DCEE13A8EDD52135B253CB56C3EA5B314651C1C40EDAFEBF7ED017CC8A24E232811ADD28592D26A07CC331807618316E6D21B860BC35F418F67AC17534F45FE8A3B
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA224
+Ctrl.salt = hexsalt:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexsecret = hexsecret:40B6E03711EBEBA14011ACE96CB056DEBAEB6E5E706F99435257C6A068E78C1369C5AD7FC42D3FCCA2EC9EAA
+Ctrl.hexinfo = hexinfo:5D437C2F1035A4F1F751E59CF10650171EF5769FCFBE438DFBC5BD8EA724100076447AB804F91DFA680E592FE2621A45DAB4C6A77B678059FC29E572DE4424EB5459F53523002ED38AAB1D9DD96C3523D1907C5EFBAE93DFFE680F716498720110D2A3B9CE9B66DB2884C83E9BEB546754874C0CA1967AF000000400
+Output = 428979EA52175DC833C04215AC6B4BA89BA4FCAA0E0FA3B4E2C0E264C5746F0A5C788F2907A2C2B90719E396B35A14C4B583C51B9911125D34100FADDC4D94C0D936263CC1EF0B0D526E3891FE1F67BCB94DEA2525B84A8E7949A4CA34F36AEEC55099BF0EC5DE24B86428F4E6E6E23FE9AA443E2BDCF25A77ECD22BF758D554
+
+KDF = SSKDF
+Ctrl.mac = mac:KMAC-128
+Ctrl.hexsecret = hexsecret:EAD54AE33FFAFFE7875610390ADBA9DFB291EE8C1920CB13452FDF851E0A6DBBB862FD8811F8CB29CDEC13591D8C047065FCD2
+Ctrl.hexinfo = hexinfo:A2641090E75D5BDC0B23CCD49BB02DC63B41D3F38E0947D491DFDDC734A8582DF5C961EFE586378317AB7E5821DE3146EA26C823EE4FA48C22D7142E5BDEF50DE8BD9940E6E5AC58A6441DFCD9D5C8F6199D05BEBE1394C706F2354AC902EB5C4533EB00000400
+Output = 4460D885F11A2E173F65FD89A5CE6668075C2592A2D9C356B977EF39C09D3A00DFFCB56687F053397ADD00D873C2E8A89A3A43C6D7A6AFC8A6AD08E2700B899DD4808771FC36E4E46075009F13D39237F3E815A4B8A3DC439727AA814082077E4544D2B65805EC122973B48097861591DF0F9A8048BCF945702EA7578D2B481C
+
+Title = Secret length < 112 bits is not allowed in FIPS
+
 Title = FIPS indicator tests

 # Test that the key whose length is shorter than 112 bits is rejected
@ -1164,6 +1190,28 @@ Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
 Result = KDF_CTRL_ERROR
 Reason = invalid key length

+Availablein = fips
+FIPSversion = >=3.4.0
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA224
+Ctrl.salt = hexsalt:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexsecret = hexsecret:40B6E03711EBEBA14011ACE96C
+Ctrl.hexinfo = hexinfo:5D437C2F1035A4F1F751E59CF10650171EF5769FCFBE438DFBC5BD8EA724100076447AB804F91DFA680E592FE2621A45DAB4C6A77B678059FC29E572DE4424EB5459F53523002ED38AAB1D9DD96C3523D1907C5EFBAE93DFFE680F716498720110D2A3B9CE9B66DB2884C83E9BEB546754874C0CA1967AF000000400
+Result = KDF_CTRL_ERROR
+Reason = invalid key length
+
+Availablein = fips
+FIPSversion = >=3.4.0
+KDF = SSKDF
+Ctrl.mac = mac:KMAC-128
+Ctrl.hexsecret = hexsecret:EAD54AE33FFAFFE7875610390A
+Ctrl.hexinfo = hexinfo:A2641090E75D5BDC0B23CCD49BB02DC63B41D3F38E0947D491DFDDC734A8582DF5C961EFE586378317AB7E5821DE3146EA26C823EE4FA48C22D7142E5BDEF50DE8BD9940E6E5AC58A6441DFCD9D5C8F6199D05BEBE1394C706F2354AC902EB5C4533EB00000400
+Result = KDF_CTRL_ERROR
+Reason = invalid key length
+
+Title = Secret length < 112 is not approved in FIPS
+
 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
 FIPSversion = >=3.4.0
@ -1174,3 +1222,42 @@ Ctrl.digest = digest:SHA1
 Ctrl.hexsecret = hexsecret:d7e6
 Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
 Output = 31e798e9931b612a3ad1b9b1008faa8c
+
+Availablein = fips
+FIPSversion = >=3.4.0
+KDF = SSKDF
+Unapproved = 1
+Ctrl.key-check = key-check:0
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA224
+Ctrl.salt = hexsalt:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexsecret = hexsecret:40B6E03711EBEBA14011ACE96C
+Ctrl.hexinfo = hexinfo:5D437C2F1035A4F1F751E59CF10650171EF5769FCFBE438DFBC5BD8EA724100076447AB804F91DFA680E592FE2621A45DAB4C6A77B678059FC29E572DE4424EB5459F53523002ED38AAB1D9DD96C3523D1907C5EFBAE93DFFE680F716498720110D2A3B9CE9B66DB2884C83E9BEB546754874C0CA1967AF000000400
+Output = 55ce7dc6234c66ffbdc3cbcf79bf6bfb2d4773ed37caf936d878fa1581f8b872
+
+Availablein = fips
+FIPSversion = >=3.4.0
+KDF = SSKDF
+Unapproved = 1
+Ctrl.key-check = key-check:0
+Ctrl.mac = mac:KMAC-128
+Ctrl.hexsecret = hexsecret:EAD54AE33FFAFFE7875610390A
+Ctrl.hexinfo = hexinfo:A2641090E75D5BDC0B23CCD49BB02DC63B41D3F38E0947D491DFDDC734A8582DF5C961EFE586378317AB7E5821DE3146EA26C823EE4FA48C22D7142E5BDEF50DE8BD9940E6E5AC58A6441DFCD9D5C8F6199D05BEBE1394C706F2354AC902EB5C4533EB00000400
+Output = b160ca853957becf10f4edd06b24cff412b6ca85cff76490afb53ce2f81081ef
+
+Title = Test Small salt is allowed
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:6ee6c00d70a6cd14bd5a4e8fcfec8386
+Ctrl.hexsalt = hexsalt:00
+Ctrl.hexinfo = hexinfo:861aa2886798231259bd0314
+Output = 02cfca07797566285b38982b86762abd
+
+KDF = SSKDF
+Ctrl.mac = mac:KMAC-128
+Ctrl.hexsalt = hexsalt:00000000
+Ctrl.hexsecret = hexsecret:EAD54AE33FFAFFE7875610390ADBA9DFB291EE8C1920CB13452FDF851E0A6DBBB862FD8811F8CB29CDEC13591D8C047065FCD2
+Ctrl.hexinfo = hexinfo:A2641090E75D5BDC0B23CCD49BB02DC63B41D3F38E0947D491DFDDC734A8582DF5C961EFE586378317AB7E5821DE3146EA26C823EE4FA48C22D7142E5BDEF50DE8BD9940E6E5AC58A6441DFCD9D5C8F6199D05BEBE1394C706F2354AC902EB5C4533EB00000400
+Output = 41782b11ba2e19c98d1dea6f859e30defcf5380cbc586fd7b8f9ffe8ddedf9da