diff options
author | pohsingwu <pohsingwu@synology.com> | 2024-03-13 14:42:14 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-04-02 18:25:14 +0200 |
commit | 23fd48da04a4e906848199fddab2dc2b4f81d874 (patch) | |
tree | 9754619d0ea12ba2aa6c00cf79d43e54a3bdf5d2 /providers | |
parent | 294782f3b5c4b81d682e6e8608bb6e851177494d (diff) |
Use RFC 5869 test case for HKDF self-test
According to NIST SP 800-131Ar2 section 8, the length of the
key-derivation key shall be at least 112 bits.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23833)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/fips/self_test_data.inc | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc index afff3ba4df..6962fb9b6b 100644 --- a/providers/fips/self_test_data.inc +++ b/providers/fips/self_test_data.inc @@ -267,10 +267,32 @@ static const ST_KAT_CIPHER st_kat_cipher_tests[] = { }; static const char hkdf_digest[] = "SHA256"; -static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' }; -static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' }; -static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' }; - +/* + * Input parameters and expected result are from RFC 5869 test case 1, which is + * with a key-derivation key >= 112 bits required by NIST SP 800-131Ar2 + * section 8. + */ +static const unsigned char hkdf_secret[] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b +}; +static const unsigned char hkdf_salt[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c +}; +static const unsigned char hkdf_info[] = { + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9 +}; +static const unsigned char hkdf_expected[] = { + 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, + 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, + 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, + 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, + 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, + 0x58, 0x65 +}; static const ST_KAT_PARAM hkdf_params[] = { ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest), ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret), @@ -278,10 +300,6 @@ static const ST_KAT_PARAM hkdf_params[] = { ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info), ST_KAT_PARAM_END() }; -static const unsigned char hkdf_expected[] = { - 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, - 0xde, 0x13 -}; static const char sskdf_digest[] = "SHA224"; static const unsigned char sskdf_secret[] = { |