libgcrypt self tests for FIPS 140
Closed, ResolvedPublic

Description

For FIPS 140, we need to add more tests:

  • CMAC (CMAC-AES, CMAC-TDES)
  • PBKDF2
  • possibly, more
gniibe created this task.Dec 15 2020, 6:30 AM

For CMAC tests, we would need to use newer test vectors.

There are two versions of SP 800-38B

  • (05/01/2005)
  • (10/6/2016)

RFC4493 (June 2006) https://tools.ietf.org/html/rfc4493 has the test vectors from the older one.

New test vectors are available here:
https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/AES_CMAC.pdf
https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/TDES_CMAC.pdf

gniibe added a comment.EditedDec 15 2020, 6:36 AM

Our tests are now in tests/basic.c.

We will extend src/fips.c to have run_cmac_selftests which calsl _gcry_cmac_selftest.
_gcry_cmac_selftest should be written in cipher/cipher-cmac.c.

gniibe renamed this task from libgcrypt tests for FIPS 140 to libgcrypt self tests for FIPS 140.Dec 15 2020, 6:50 AM
werner added a subscriber: werner.Dec 15 2020, 11:23 AM

I cannot find good test vectors for PBKDF2 with HMAC-SHA-2.

This one: https://tools.ietf.org/html/rfc7914#section-11 (but the length of salt is too small).
Or, indirectly, there is one example in https://tools.ietf.org/html/rfc7677 (SCRAM-SHA-256).

Two articles:
https://www.reddit.com/r/crypto/comments/abv007/where_can_i_find_test_vectors_for_rfc8018_pbkdf2/
https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors

werner triaged this task as High priority.Tue, Jan 5, 9:13 AM

Flagged as high becuase this is RC for Libgcrypt 1.9

werner moved this task from Backlog to For 1.9 on the libgcrypt board.Thu, Jan 7, 11:41 AM
gniibe claimed this task.Fri, Jan 15, 7:47 AM
gniibe removed a parent task: T4294: Release Libgcrypt 1.9.0.
werner moved this task from For 1.9 to For 1.10 on the libgcrypt board.Mon, Jan 18, 7:08 PM
gniibe closed this task as Resolved.Tue, Jan 19, 6:35 AM