Add additional test cases for Single Step KDF.

SSKDF KMAC tests added.
Added FIPS indicator tests for SSKDF Hash, HMAC, and KMAC cases.
Added short salt length tests for SSKDF HMAC and KMAC.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25049)

diff --git a/providers/common/include/prov/fipscommon.h b/providers/common/include/prov/fipscommon.h
index 2d4e685400e352d6362deafd5acb1b7652500306..2fd97bade846762af5062fd77a159083d64329d5 100644 (file)
--- a/providers/common/include/prov/fipscommon.h
+++ b/providers/common/include/prov/fipscommon.h
@@ -14,7 +14,7 @@ int FIPS_security_check_enabled(OSSL_LIB_CTX *libctx);
 int FIPS_tls_prf_ems_check(OSSL_LIB_CTX *libctx);
 int FIPS_no_short_mac(OSSL_LIB_CTX *libctx);
 int FIPS_hmac_key_check(OSSL_LIB_CTX *libctx);
-int FIPS_kmac_key_check(OSSL_LIB_CTX *libctx);s
+int FIPS_kmac_key_check(OSSL_LIB_CTX *libctx);
 int FIPS_restricted_drbg_digests_enabled(OSSL_LIB_CTX *libctx);
 int FIPS_fips_signature_digest_check(OSSL_LIB_CTX *libctx);
 int FIPS_hkdf_digest_check(OSSL_LIB_CTX *libctx);

diff --git a/test/recipes/30-test_evp_data/evpkdf_ss.txt b/test/recipes/30-test_evp_data/evpkdf_ss.txt
index 011ddabc2ae4e0bea3c539173c530fc50769da29..eb94707a8a2be5228447bf1cf9efe2c89f872755 100644 (file)
--- a/test/recipes/30-test_evp_data/evpkdf_ss.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_ss.txt
@@ -1153,6 +1153,32 @@ Ctrl.hexinfo = hexinfo:b117255ab5f1b6b96fc434b0
 Result = KDF_CTRL_ERROR
 Reason = xof digests not allowed
 
+Title = ACVP Server Tests
+# Test vectors extracted from https://github.com/usnistgov/ACVP-Server/blob/master/gen-val/json-files/KDA-OneStep-Sp800-56Cr*
+# The info field is composed of multiple fields concatenated together which includes l = 1024 bits (00000400)
+
+KDF = SSKDF
+Ctrl.digest = digest:SHA2-224
+Ctrl.hexsecret = hexsecret:B88A5DBAB00483107C1839742A0E0EEE128EE83F715AE23E15C7CED18133754B095917F99C2EE421FE9EEE3B3E0F8D74F791B6EA930E2CD083F9E9952581AE6B537784B7820680C9797C4E9E2B6638FE5CF452309FC9C28D109AFF1CF75E9D4D3C1AA276
+Ctrl.hexinfo = hexinfo:0EEA684AC156B3569C3C6B8316E0F3C339BE2C9458FFFAC5A5261082744805D24E12FC795D54D8109EE1101F313F56F5BF1AD8B58E103FC30269CAFBF1B830BBBBFF898DCF9DD81BCA9F01CE8D3B99848DF2FF1EA0AFDBD89FCB17366FA3AFA0B09E5BCAC4E3E8BF39796469E8DE8F1A9F3A9FA158E05A16CA4D70B75D12952F09EAAD1C421511F18FCA3830B9910047EEE4F3DB00000400
+Output = 4F0F153EF1DC7F9B832A9403FD68BCEB4F32B608003EA429FF28D46235166C2D4E28DF8776DCDB34A984AA643A8D8E112CAD6674705B0D7B24CB15039F210DCEE13A8EDD52135B253CB56C3EA5B314651C1C40EDAFEBF7ED017CC8A24E232811ADD28592D26A07CC331807618316E6D21B860BC35F418F67AC17534F45FE8A3B
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA224
+Ctrl.salt = hexsalt:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexsecret = hexsecret:40B6E03711EBEBA14011ACE96CB056DEBAEB6E5E706F99435257C6A068E78C1369C5AD7FC42D3FCCA2EC9EAA
+Ctrl.hexinfo = hexinfo:5D437C2F1035A4F1F751E59CF10650171EF5769FCFBE438DFBC5BD8EA724100076447AB804F91DFA680E592FE2621A45DAB4C6A77B678059FC29E572DE4424EB5459F53523002ED38AAB1D9DD96C3523D1907C5EFBAE93DFFE680F716498720110D2A3B9CE9B66DB2884C83E9BEB546754874C0CA1967AF000000400
+Output = 428979EA52175DC833C04215AC6B4BA89BA4FCAA0E0FA3B4E2C0E264C5746F0A5C788F2907A2C2B90719E396B35A14C4B583C51B9911125D34100FADDC4D94C0D936263CC1EF0B0D526E3891FE1F67BCB94DEA2525B84A8E7949A4CA34F36AEEC55099BF0EC5DE24B86428F4E6E6E23FE9AA443E2BDCF25A77ECD22BF758D554
+
+KDF = SSKDF
+Ctrl.mac = mac:KMAC-128
+Ctrl.hexsecret = hexsecret:EAD54AE33FFAFFE7875610390ADBA9DFB291EE8C1920CB13452FDF851E0A6DBBB862FD8811F8CB29CDEC13591D8C047065FCD2
+Ctrl.hexinfo = hexinfo:A2641090E75D5BDC0B23CCD49BB02DC63B41D3F38E0947D491DFDDC734A8582DF5C961EFE586378317AB7E5821DE3146EA26C823EE4FA48C22D7142E5BDEF50DE8BD9940E6E5AC58A6441DFCD9D5C8F6199D05BEBE1394C706F2354AC902EB5C4533EB00000400
+Output = 4460D885F11A2E173F65FD89A5CE6668075C2592A2D9C356B977EF39C09D3A00DFFCB56687F053397ADD00D873C2E8A89A3A43C6D7A6AFC8A6AD08E2700B899DD4808771FC36E4E46075009F13D39237F3E815A4B8A3DC439727AA814082077E4544D2B65805EC122973B48097861591DF0F9A8048BCF945702EA7578D2B481C
+
+Title = Secret length < 112 bits is not allowed in FIPS
+
 Title = FIPS indicator tests
 
 # Test that the key whose length is shorter than 112 bits is rejected
@@ -1164,6 +1190,28 @@ Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
 Result = KDF_CTRL_ERROR
 Reason = invalid key length
 
+Availablein = fips
+FIPSversion = >=3.4.0
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA224
+Ctrl.salt = hexsalt:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexsecret = hexsecret:40B6E03711EBEBA14011ACE96C
+Ctrl.hexinfo = hexinfo:5D437C2F1035A4F1F751E59CF10650171EF5769FCFBE438DFBC5BD8EA724100076447AB804F91DFA680E592FE2621A45DAB4C6A77B678059FC29E572DE4424EB5459F53523002ED38AAB1D9DD96C3523D1907C5EFBAE93DFFE680F716498720110D2A3B9CE9B66DB2884C83E9BEB546754874C0CA1967AF000000400
+Result = KDF_CTRL_ERROR
+Reason = invalid key length
+
+Availablein = fips
+FIPSversion = >=3.4.0
+KDF = SSKDF
+Ctrl.mac = mac:KMAC-128
+Ctrl.hexsecret = hexsecret:EAD54AE33FFAFFE7875610390A
+Ctrl.hexinfo = hexinfo:A2641090E75D5BDC0B23CCD49BB02DC63B41D3F38E0947D491DFDDC734A8582DF5C961EFE586378317AB7E5821DE3146EA26C823EE4FA48C22D7142E5BDEF50DE8BD9940E6E5AC58A6441DFCD9D5C8F6199D05BEBE1394C706F2354AC902EB5C4533EB00000400
+Result = KDF_CTRL_ERROR
+Reason = invalid key length
+
+Title = Secret length < 112 is not approved in FIPS
+
 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
 FIPSversion = >=3.4.0
@@ -1174,3 +1222,42 @@ Ctrl.digest = digest:SHA1
 Ctrl.hexsecret = hexsecret:d7e6
 Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
 Output = 31e798e9931b612a3ad1b9b1008faa8c
+
+Availablein = fips
+FIPSversion = >=3.4.0
+KDF = SSKDF
+Unapproved = 1
+Ctrl.key-check = key-check:0
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA224
+Ctrl.salt = hexsalt:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Ctrl.hexsecret = hexsecret:40B6E03711EBEBA14011ACE96C
+Ctrl.hexinfo = hexinfo:5D437C2F1035A4F1F751E59CF10650171EF5769FCFBE438DFBC5BD8EA724100076447AB804F91DFA680E592FE2621A45DAB4C6A77B678059FC29E572DE4424EB5459F53523002ED38AAB1D9DD96C3523D1907C5EFBAE93DFFE680F716498720110D2A3B9CE9B66DB2884C83E9BEB546754874C0CA1967AF000000400
+Output = 55ce7dc6234c66ffbdc3cbcf79bf6bfb2d4773ed37caf936d878fa1581f8b872
+
+Availablein = fips
+FIPSversion = >=3.4.0
+KDF = SSKDF
+Unapproved = 1
+Ctrl.key-check = key-check:0
+Ctrl.mac = mac:KMAC-128
+Ctrl.hexsecret = hexsecret:EAD54AE33FFAFFE7875610390A
+Ctrl.hexinfo = hexinfo:A2641090E75D5BDC0B23CCD49BB02DC63B41D3F38E0947D491DFDDC734A8582DF5C961EFE586378317AB7E5821DE3146EA26C823EE4FA48C22D7142E5BDEF50DE8BD9940E6E5AC58A6441DFCD9D5C8F6199D05BEBE1394C706F2354AC902EB5C4533EB00000400
+Output = b160ca853957becf10f4edd06b24cff412b6ca85cff76490afb53ce2f81081ef
+
+Title = Test Small salt is allowed
+
+KDF = SSKDF
+Ctrl.mac = mac:HMAC
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:6ee6c00d70a6cd14bd5a4e8fcfec8386
+Ctrl.hexsalt = hexsalt:00
+Ctrl.hexinfo = hexinfo:861aa2886798231259bd0314
+Output = 02cfca07797566285b38982b86762abd
+
+KDF = SSKDF
+Ctrl.mac = mac:KMAC-128
+Ctrl.hexsalt = hexsalt:00000000
+Ctrl.hexsecret = hexsecret:EAD54AE33FFAFFE7875610390ADBA9DFB291EE8C1920CB13452FDF851E0A6DBBB862FD8811F8CB29CDEC13591D8C047065FCD2
+Ctrl.hexinfo = hexinfo:A2641090E75D5BDC0B23CCD49BB02DC63B41D3F38E0947D491DFDDC734A8582DF5C961EFE586378317AB7E5821DE3146EA26C823EE4FA48C22D7142E5BDEF50DE8BD9940E6E5AC58A6441DFCD9D5C8F6199D05BEBE1394C706F2354AC902EB5C4533EB00000400
+Output = 41782b11ba2e19c98d1dea6f859e30defcf5380cbc586fd7b8f9ffe8ddedf9da