Add FIPS Self test kats for digests

Added an API to optionally set a self test callback. The callback has the following 2 purposes (1) Output information about the KAT tests. (2) Allow the ability to corrupt one of the KAT's The fipsinstall program uses the API. Some KATS are not included in this PR since the required functionality did not yet exist in the provider. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10374)
author: Shane Lontis <shane.lontis@oracle.com> 2020-01-15 10:48:01 +1000
committer: Shane Lontis <shane.lontis@oracle.com> 2020-01-15 10:48:01 +1000
commit: 36fc5fc6bd5ca53fb30aabc38e3fefbab0005b2c (patch)
tree: 16e416a148ab7e40d416977ab971e315f7b034f1 /providers/fips/self_test_data.inc
parent: 76123661a1db136b9ef368dc296a628818e7a4cc (diff)
1 files changed, 191 insertions, 0 deletions
diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc
new file mode 100644
index 0000000000..28616a0079
--- /dev/null
+++ b/providers/fips/self_test_data.inc
@@ -0,0 +1,191 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+typedef struct st_kat_st {
+    const char *desc;
+    const char *algorithm;
+    const unsigned char *pt;
+    size_t pt_len;
+    const unsigned char *expected;
+    size_t expected_len;
+} ST_KAT;
+
+typedef ST_KAT ST_KAT_DIGEST;
+typedef struct st_kat_cipher_st {
+    ST_KAT base;
+    const unsigned char *key;
+    size_t key_len;
+    const unsigned char *iv;
+    size_t iv_len;
+    const unsigned char *aad;
+    size_t aad_len;
+    const unsigned char *tag;
+    size_t tag_len;
+} ST_KAT_CIPHER;
+
+typedef struct st_kat_nvp_st {
+    const char *name;
+    const char *value;
+} ST_KAT_NVP;
+
+typedef struct st_kat_kdf_st {
+    const char *desc;
+    const char *algorithm;
+    const ST_KAT_NVP *ctrls;
+    const unsigned char *expected;
+    size_t expected_len;
+} ST_KAT_KDF;
+
+/* Macros to build Self test data */
+#define ITM(x) x, sizeof(x)
+#define ITM_STR(x) x, sizeof(x) - 1
+
+/*- DIGEST TEST DATA */
+static const unsigned char sha1_pt[] = "abc";
+static const unsigned char sha1_digest[] = {
+    0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
+    0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
+};
+
+static const unsigned char sha512_pt[] = "abc";
+static const unsigned char sha512_digest[] = {
+    0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
+    0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
+    0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
+    0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
+    0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
+    0xA5, 0x4C, 0xA4, 0x9F
+};
+static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
+static const unsigned char sha3_256_digest[] = {
+    0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
+    0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
+    0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
+};
+
+static const ST_KAT_DIGEST st_kat_digest_tests[] =
+{
+    {
+         OSSL_SELF_TEST_DESC_MD_SHA1,
+         "SHA1",
+         ITM_STR(sha1_pt),
+         ITM(sha1_digest),
+    },
+    {
+         OSSL_SELF_TEST_DESC_MD_SHA2,
+         "SHA512",
+         ITM_STR(sha512_pt),
+         ITM(sha512_digest),
+    },
+    {
+         OSSL_SELF_TEST_DESC_MD_SHA3,
+         "SHA3-256",
+         ITM(sha3_256_pt),
+         ITM(sha3_256_digest),
+    },
+};
+
+
+/*- CIPHER TEST DATA */
+
+/* DES3 test data */
+static const unsigned char des_ede3_cbc_pt[] = {
+    0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, 0xE9, 0x3D, 0x7E, 0x11,
+    0x73, 0x93, 0x17, 0x2A, 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+    0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
+};
+
+static const unsigned char des_ede3_cbc_key[] = {
+    0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+    0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
+    0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
+};
+static const unsigned char des_ede3_cbc_iv[] = {
+    0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
+};
+static const unsigned char des_ede3_cbc_ct[] = {
+    0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1, 0x93, 0xB7, 0x9E, 0x25,
+    0x69, 0xAB, 0x52, 0x62, 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
+    0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
+};
+
+static const unsigned char aes_256_gcm_key[] = {
+    0x92,0xe1,0x1d,0xcd,0xaa,0x86,0x6f,0x5c,0xe7,0x90,0xfd,0x24,
+    0x50,0x1f,0x92,0x50,0x9a,0xac,0xf4,0xcb,0x8b,0x13,0x39,0xd5,
+    0x0c,0x9c,0x12,0x40,0x93,0x5d,0xd0,0x8b
+};
+static const unsigned char aes_256_gcm_iv[] = {
+    0xac,0x93,0xa1,0xa6,0x14,0x52,0x99,0xbd,0xe9,0x02,0xf2,0x1a
+};
+static const unsigned char aes_256_gcm_pt[] = {
+    0x2d,0x71,0xbc,0xfa,0x91,0x4e,0x4a,0xc0,0x45,0xb2,0xaa,0x60,
+    0x95,0x5f,0xad,0x24
+};
+static const unsigned char aes_256_gcm_aad[] = {
+    0x1e,0x08,0x89,0x01,0x6f,0x67,0x60,0x1c,0x8e,0xbe,0xa4,0x94,
+    0x3b,0xc2,0x3a,0xd6
+};
+static const unsigned char aes_256_gcm_ct[] = {
+    0x89,0x95,0xae,0x2e,0x6d,0xf3,0xdb,0xf9,0x6f,0xac,0x7b,0x71,
+    0x37,0xba,0xe6,0x7f
+};
+static const unsigned char aes_256_gcm_tag[] = {
+    0xec,0xa5,0xaa,0x77,0xd5,0x1d,0x4a,0x0a,0x14,0xd9,0xc5,0x1e,
+    0x1d,0xa4,0x74,0xab
+};
+
+static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
+    {
+        {
+            OSSL_SELF_TEST_DESC_CIPHER_TDES,
+            "DES-EDE3-CBC",
+            ITM(des_ede3_cbc_pt),
+            ITM(des_ede3_cbc_ct)
+        },
+        ITM(des_ede3_cbc_key),
+        ITM(des_ede3_cbc_iv),
+    },
+    {
+        {
+            OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
+            "AES-256-GCM",
+            ITM(aes_256_gcm_pt),
+            ITM(aes_256_gcm_ct),
+        },
+        ITM(aes_256_gcm_key),
+        ITM(aes_256_gcm_iv),
+        ITM(aes_256_gcm_aad),
+        ITM(aes_256_gcm_tag)
+    }
+};
+
+/*- KDF TEST DATA */
+
+static const ST_KAT_NVP hkdf_ctrl[] =
+{
+    { "digest", "SHA256" },
+    { "key", "secret" },
+    { "salt", "salt" },
+    { "info", "label" },
+    { NULL, NULL }
+};
+static const unsigned char hkdf_expected[] = {
+    0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
+};
+
+static const ST_KAT_KDF st_kat_kdf_tests[] =
+{
+    {
+        OSSL_SELF_TEST_DESC_KDF_HKDF,
+        "HKDF",
+        hkdf_ctrl,
+        ITM(hkdf_expected)
+    }
+};
+
author	Shane Lontis <shane.lontis@oracle.com>	2020-01-15 10:48:01 +1000
committer	Shane Lontis <shane.lontis@oracle.com>	2020-01-15 10:48:01 +1000
commit	36fc5fc6bd5ca53fb30aabc38e3fefbab0005b2c (patch)
tree	16e416a148ab7e40d416977ab971e315f7b034f1 /providers/fips/self_test_data.inc
parent	76123661a1db136b9ef368dc296a628818e7a4cc (diff)