Home GnuPG

kdf: Add selftest.

Description

kdf: Add selftest.

* src/cipher-proto.h (_gcry_kdf_selftest): New.
* cipher/kdf.c (check_one, selftest_pbkdf2): New.
(_gcry_kdf_selftest): New.
* src/fips.c (run_kdf_selftests): New.
(_gcry_fips_run_selftests): Call run_kdf_selftests.

Original work was libgcrypt-1.8.5-kdf-selftest.patch from Red Hat.

API style of check_one function follows the one in mac-hmac.c and
mac-cmac.c, which originates cipher/hmac-tests.c of libgcrypt 1.8
(copyrighted by Free Software Foundation, Inc., in 2008).

Covering the test vectors of original work, as an initial merge,
I include test vectors from tests/t-kdf.c, since PBKDF2 is defined
in RFC-6070 with those vectors.

Simo Sorce addressed about SHA1 deprecation. I marked the test
vectors with USE_SHA1.

  • GnuPG-bug-id: T5182
  • Co-authored-by: Tomáš Mráz <tm@t8m.info>
  • Suggested-by: Simo Sorce <simo@redhat.com>
  • Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Details

Provenance
gniibeAuthored on Jan 15 2021, 6:26 AM
Parents
rC385a89e35b0b: cmac: Add selftest.
Branches
Unknown
Tags
Unknown
Tasks
T5182: libgcrypt self tests for FIPS 140