acvptool: KDA replaces KAS-KDF for HKDF.
For unknown reasons, ACVP now tests HKDF differently. This change
updates to reflect what the demo server is currently doing.
Bug: None
Change-Id: I64eec2279765b63ab1296ab6b441d2f7c669c616
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/55525
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
diff --git a/util/fipstools/acvp/acvptool/subprocess/hkdf.go b/util/fipstools/acvp/acvptool/subprocess/hkdf.go
index 21ebca6..3cd4c32 100644
--- a/util/fipstools/acvp/acvptool/subprocess/hkdf.go
+++ b/util/fipstools/acvp/acvptool/subprocess/hkdf.go
@@ -19,11 +19,10 @@
"encoding/hex"
"encoding/json"
"fmt"
- "strings"
)
// The following structures reflect the JSON of ACVP KAS KDF tests. See
-// https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-kdf-twostep.html
+// https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-kdf-hkdf.html
type hkdfTestVectorSet struct {
Groups []hkdfTestGroup `json:"testGroups"`
@@ -46,33 +45,21 @@
type hkdfConfiguration struct {
Type string `json:"kdfType"`
- AdditionalNonce bool `json:"requiresAdditionalNoncePair"`
OutputBits uint32 `json:"l"`
+ HashName string `json:"hmacAlg"`
FixedInfoPattern string `json:"fixedInfoPattern"`
FixedInputEncoding string `json:"fixedInfoEncoding"`
- KDFMode string `json:"kdfMode"`
- MACMode string `json:"macMode"`
- CounterLocation string `json:"counterLocation"`
- CounterBits uint `json:"counterLen"`
}
func (c *hkdfConfiguration) extract() (outBytes uint32, hashName string, err error) {
- if c.Type != "twoStep" ||
- c.AdditionalNonce ||
+ if c.Type != "hkdf" ||
c.FixedInfoPattern != "uPartyInfo||vPartyInfo" ||
c.FixedInputEncoding != "concatenation" ||
- c.KDFMode != "feedback" ||
- c.CounterLocation != "after fixed data" ||
- c.CounterBits != 8 ||
c.OutputBits%8 != 0 {
- return 0, "", fmt.Errorf("KAS-KDF not configured for HKDF: %#v", c)
+ return 0, "", fmt.Errorf("KDA not configured for HKDF: %#v", c)
}
- if !strings.HasPrefix(c.MACMode, "HMAC-") {
- return 0, "", fmt.Errorf("MAC mode %q does't start with 'HMAC-'", c.MACMode)
- }
-
- return c.OutputBits / 8, c.MACMode[5:], nil
+ return c.OutputBits / 8, c.HashName, nil
}
type hkdfParameters struct {
diff --git a/util/fipstools/acvp/acvptool/subprocess/subprocess.go b/util/fipstools/acvp/acvptool/subprocess/subprocess.go
index 158bae3..48d7083 100644
--- a/util/fipstools/acvp/acvptool/subprocess/subprocess.go
+++ b/util/fipstools/acvp/acvptool/subprocess/subprocess.go
@@ -106,7 +106,7 @@
"ctrDRBG": &drbg{"ctrDRBG", map[string]bool{"AES-128": true, "AES-192": true, "AES-256": true}},
"hmacDRBG": &drbg{"hmacDRBG", map[string]bool{"SHA-1": true, "SHA2-224": true, "SHA2-256": true, "SHA2-384": true, "SHA2-512": true}},
"KDF": &kdfPrimitive{},
- "KAS-KDF": &hkdf{},
+ "KDA": &hkdf{},
"CMAC-AES": &keyedMACPrimitive{"CMAC-AES"},
"RSA": &rsa{},
"kdf-components": &tlsKDF{},
diff --git a/util/fipstools/acvp/acvptool/test/expected/KAS-KDF.bz2 b/util/fipstools/acvp/acvptool/test/expected/KAS-KDF.bz2
deleted file mode 100644
index df3edf5..0000000
--- a/util/fipstools/acvp/acvptool/test/expected/KAS-KDF.bz2
+++ /dev/null
Binary files differ
diff --git a/util/fipstools/acvp/acvptool/test/expected/KDA.bz2 b/util/fipstools/acvp/acvptool/test/expected/KDA.bz2
new file mode 100644
index 0000000..c55f602
--- /dev/null
+++ b/util/fipstools/acvp/acvptool/test/expected/KDA.bz2
Binary files differ
diff --git a/util/fipstools/acvp/acvptool/test/tests.json b/util/fipstools/acvp/acvptool/test/tests.json
index 5765de1..d1e8eb5 100644
--- a/util/fipstools/acvp/acvptool/test/tests.json
+++ b/util/fipstools/acvp/acvptool/test/tests.json
@@ -19,7 +19,7 @@
{"Wrapper": "modulewrapper", "In": "vectors/HMAC-SHA2-512.bz2", "Out": "expected/HMAC-SHA2-512.bz2"},
{"Wrapper": "modulewrapper", "In": "vectors/HMAC-SHA2-512-256.bz2", "Out": "expected/HMAC-SHA2-512-256.bz2"},
{"Wrapper": "testmodulewrapper", "In": "vectors/hmacDRBG.bz2", "Out": "expected/hmacDRBG.bz2"},
-{"Wrapper": "testmodulewrapper", "In": "vectors/KAS-KDF.bz2", "Out": "expected/KAS-KDF.bz2"},
+{"Wrapper": "testmodulewrapper", "In": "vectors/KDA.bz2", "Out": "expected/KDA.bz2"},
{"Wrapper": "modulewrapper", "In": "vectors/KAS-ECC-SSC.bz2"},
{"Wrapper": "modulewrapper", "In": "vectors/KAS-FFC-SSC.bz2"},
{"Wrapper": "testmodulewrapper", "In": "vectors/KDF.bz2"},
diff --git a/util/fipstools/acvp/acvptool/test/vectors/KAS-KDF.bz2 b/util/fipstools/acvp/acvptool/test/vectors/KAS-KDF.bz2
deleted file mode 100644
index eadbc7e..0000000
--- a/util/fipstools/acvp/acvptool/test/vectors/KAS-KDF.bz2
+++ /dev/null
Binary files differ
diff --git a/util/fipstools/acvp/acvptool/test/vectors/KDA.bz2 b/util/fipstools/acvp/acvptool/test/vectors/KDA.bz2
new file mode 100644
index 0000000..a5a8aa8
--- /dev/null
+++ b/util/fipstools/acvp/acvptool/test/vectors/KDA.bz2
Binary files differ
diff --git a/util/fipstools/acvp/acvptool/testmodulewrapper/testmodulewrapper.go b/util/fipstools/acvp/acvptool/testmodulewrapper/testmodulewrapper.go
index afb1804..8c4c97a 100644
--- a/util/fipstools/acvp/acvptool/testmodulewrapper/testmodulewrapper.go
+++ b/util/fipstools/acvp/acvptool/testmodulewrapper/testmodulewrapper.go
@@ -91,36 +91,20 @@
"number"
]
}, {
- "algorithm": "KAS-KDF",
- "mode": "TwoStep",
- "revision": "Sp800-56Cr2",
- "capabilities": [{
- "macSaltMethods": [
- "random",
- "default"
- ],
- "fixedInfoPattern": "uPartyInfo||vPartyInfo",
- "encoding": [
- "concatenation"
- ],
- "kdfMode": "feedback",
- "macMode": [
- "HMAC-SHA2-256"
- ],
- "supportedLengths": [{
- "min": 128,
- "max": 512,
- "increment": 64
- }],
- "fixedDataOrder": [
- "after fixed data"
- ],
- "counterLength": [
- 8
- ],
- "requiresEmptyIv": true,
- "supportsEmptyIv": true
- }],
+ "algorithm": "KDA",
+ "mode": "HKDF",
+ "revision": "Sp800-56Cr1",
+ "fixedInfoPattern": "uPartyInfo||vPartyInfo",
+ "encoding": [
+ "concatenation"
+ ],
+ "hmacAlg": [
+ "SHA2-256"
+ ],
+ "macSaltMethods": [
+ "default",
+ "random"
+ ],
"l": 256,
"z": [256, 384]
}, {