From: Pauli Date: Tue, 6 May 2025 03:40:55 +0000 (+1000) Subject: ec: add security category checks to evp_test data X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ae36afee1157dd1f9fdffa99ef14791e07f97d94;p=thirdparty%2Fopenssl.git ec: add security category checks to evp_test data Reviewed-by: Shane Lontis Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/27571) --- diff --git a/test/recipes/30-test_evp_data/evppkey_ecc.txt b/test/recipes/30-test_evp_data/evppkey_ecc.txt index e6a2c9eb595..8729642a980 100644 --- a/test/recipes/30-test_evp_data/evppkey_ecc.txt +++ b/test/recipes/30-test_evp_data/evppkey_ecc.txt @@ -52,6 +52,7 @@ Availablein = default Derive=BOB_cf_c2pnb163v1 PeerKey=ALICE_cf_c2pnb163v1_PUB SharedSecret=065dd38fb6de7f394778e1bf65d840a2c0e7219acd +Security-Category = 0 # ECC CDH Alice with Bob peer Availablein = default @@ -280,6 +281,7 @@ Availablein = default Derive=ALICE_cf_c2pnb176v1 PeerKey=BOB_cf_c2pnb176v1_PUB SharedSecret=3a8021848ee0b2c1c377404267a515225781c181e6ab +Security-Category = 0 # ECDH Bob with Alice peer Availablein = default @@ -1991,6 +1993,7 @@ Availablein = default Derive=ALICE_cf_secp256k1 PeerKey=BOB_cf_secp256k1_PUB SharedSecret=a4745cc4d19cabb9e5cb0abdd5c604cab2846a4638ad844ed9175f3cadda2da1 +Security-Category = 0 # ECDH Bob with Alice peer Availablein = default @@ -2031,6 +2034,7 @@ Availablein = default Derive=ALICE_cf_sect113r1 PeerKey=BOB_cf_sect113r1_PUB SharedSecret=01ed16f1948dcb368a54004237842d +Security-Category = 0 # ECDH Bob with Alice peer Availablein = default @@ -3542,6 +3546,7 @@ Availablein = default Derive=ALICE_zero_wap-wsg-idm-ecid-wtls7 PeerKey=BOB_zero_wap-wsg-idm-ecid-wtls7_PUB SharedSecret=6582fc03bbb340fcf24a5fe8fcdf722655efa8b9 +Security-Category = 0 # tests: 14 @@ -3580,6 +3585,7 @@ Availablein = default Derive=ALICE_cf_prime192v1 PeerKey=BOB_cf_prime192v1_PUB SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354 +Security-Category = 0 # ECDH Bob with Alice peer Availablein = default @@ -3654,6 +3660,12 @@ Derive=ALICE_cf_prime256v1 PeerKey=BOB_cf_prime256v1_PUB SharedSecret=ee63690b553dcd9bccb066137725f0489395a83f4d280f309339d606c969734a +FIPSversion = >=3.6.0 +Derive=ALICE_cf_prime256v1 +PeerKey=BOB_cf_prime256v1_PUB +SharedSecret=ee63690b553dcd9bccb066137725f0489395a83f4d280f309339d606c969734a +Security-Category = 0 + # ECDH Bob with Alice peer Derive=BOB_cf_prime256v1 PeerKey=ALICE_cf_prime256v1_PUB diff --git a/test/recipes/30-test_evp_data/evppkey_ecdh.txt b/test/recipes/30-test_evp_data/evppkey_ecdh.txt index 44a560dca1f..c0aad7eba5e 100644 --- a/test/recipes/30-test_evp_data/evppkey_ecdh.txt +++ b/test/recipes/30-test_evp_data/evppkey_ecdh.txt @@ -479,6 +479,7 @@ Availablein = default Derive=ALICE_secp256k1 PeerKey=BOB_secp256k1_PUB SharedSecret=af43b52790082fd87afb1d14b883c12d12bb9e554080d1f8e527920676e31f3e +Security-Category = 0 # ECDH Bob with Alice peer @@ -2657,6 +2658,13 @@ PrivPubKeyPair = BOB_secp521r1:BOB_secp521r1_PUB Derive=ALICE_secp521r1 PeerKey=BOB_secp521r1_PUB SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be +# ECDH Alice with Bob peer + +FIPSversion = >=3.6.0 +Derive=ALICE_secp521r1 +PeerKey=BOB_secp521r1_PUB +SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be +Security-Category = 0 # ECDH Bob with Alice peer diff --git a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt index 54b143beada..e2b7d553887 100644 --- a/test/recipes/30-test_evp_data/evppkey_ecdsa.txt +++ b/test/recipes/30-test_evp_data/evppkey_ecdsa.txt @@ -42,6 +42,13 @@ Ctrl = digest:SHA1 Input = "0123456789ABCDEF1234" Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 +FIPSversion = >=3.6.0 +Verify = P-256-PUBLIC +Ctrl = digest:SHA1 +Input = "0123456789ABCDEF1234" +Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 +Security-Category = 0 + # Digest too long Verify = P-256-PUBLIC Ctrl = digest:SHA1 diff --git a/test/recipes/30-test_evp_data/evppkey_ecx_kem.txt b/test/recipes/30-test_evp_data/evppkey_ecx_kem.txt index 30f064a7051..fef2eb145ac 100644 --- a/test/recipes/30-test_evp_data/evppkey_ecx_kem.txt +++ b/test/recipes/30-test_evp_data/evppkey_ecx_kem.txt @@ -13,19 +13,23 @@ EncodedPublicKey = b3e32493b4aa40ecccbe92bbf8ce2c78f3ae7c95c747bf0b03cfb06999af0 Entropy = 0000000000000000000000000000000000000000000000000000000000000000 Ciphertext = 70a736978971281065765948fb66006c898c25acd789169223ca7336cf62146f Output = 9b96deacd3b9603908696361a774a0b7066da87e909eb8085d7725fb9b925e05 +Security-Category = 0 Kem = X25519 EncodedPrivateKey = 88f7d1a45ab4f9cc0570537a3fc71d5eba01b45b24692d8468b50a42066c5074 Input = 70a736978971281065765948fb66006c898c25acd789169223ca7336cf62146f Output = 9b96deacd3b9603908696361a774a0b7066da87e909eb8085d7725fb9b925e05 +Security-Category = 0 Kem = X448 EncodedPublicKey = 62519c19b6b8b48c596a0aa61d964b33785aeefb719649c0a623cd5b1361c12a251e17bb0cc5ecd9ae8f53851e99c9d103a56861016aff14 Entropy = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Ciphertext = 50d21b50b265f047de91bfbd0b41c0554c0581adc414711d48664b409e94dc1483739a3e4b29c87e2fb0a967068f7af094453c3f44018c4f Output = 3fbf9f0a5af4f9e7a0cac9eb0fb69896a820eb83f5f17404434ab078cb5d239c37c8e4711b0b5f84de6fed0dfdce8221ccc2d10567707f2fe9f7c10b7738745e +Security-Category = 0 Kem = X448 EncodedPrivateKey = b8ce45ae0458ae9e16009f438730b2c44e7e8c799eb1b8fc94a9ea944bd10d5b9cfb789f608bb28e9be55d00c95a6c35c902674c5c35d6fc Input = 50d21b50b265f047de91bfbd0b41c0554c0581adc414711d48664b409e94dc1483739a3e4b29c87e2fb0a967068f7af094453c3f44018c4f Output = 3fbf9f0a5af4f9e7a0cac9eb0fb69896a820eb83f5f17404434ab078cb5d239c37c8e4711b0b5f84de6fed0dfdce8221ccc2d10567707f2fe9f7c10b7738745e +Security-Category = 0