Remove MAC truncation from FIPS interface. This is only valid in ACVP if the truncation occurs within the FIPS module. But that's not a useful service: the caller can always discard a few bytes and is better positioned to do so. Change-Id: Id5e6459c9fa6d8b1b8f7a398feab6c4816adf8ab Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/78247 Commit-Queue: Adam Langley <agl@google.com> Auto-Submit: Adam Langley <agl@google.com> Reviewed-by: Bob Beck <bbe@google.com>

diff --git a/util/fipstools/acvp/acvptool/subprocess/hmac.go b/util/fipstools/acvp/acvptool/subprocess/hmac.go
index 3273f3c..e4d5e40 100644
--- a/util/fipstools/acvp/acvptool/subprocess/hmac.go
+++ b/util/fipstools/acvp/acvptool/subprocess/hmac.go

@@ -119,14 +119,14 @@
 			}
 
 			m.TransactAsync(h.algo, 1, [][]byte{msg, key}, func(result [][]byte) error {
-				if l := len(result[0]); l < outBytes {
-					return fmt.Errorf("HMAC result too short: %d bytes but wanted %d", l, outBytes)
+				if l := len(result[0]); l != outBytes {
+					return fmt.Errorf("incorrect HMAC length: %d bytes but wanted %d", l, outBytes)
 				}
 
 				// https://pages.nist.gov/ACVP/draft-fussell-acvp-mac.html#name-test-vectors
 				response.Tests = append(response.Tests, hmacTestResponse{
 					ID:     test.ID,
-					MACHex: hex.EncodeToString(result[0][:outBytes]),
+					MACHex: hex.EncodeToString(result[0]),
 				})
 				return nil
 			})

diff --git a/util/fipstools/acvp/modulewrapper/modulewrapper.cc b/util/fipstools/acvp/modulewrapper/modulewrapper.cc
index 7f4d9fa..018aceb 100644
--- a/util/fipstools/acvp/modulewrapper/modulewrapper.cc
+++ b/util/fipstools/acvp/modulewrapper/modulewrapper.cc

@@ -442,9 +442,7 @@
         "keyLen": [{
           "min": 8, "max": 524288, "increment": 8
         }],
-        "macLen": [{
-          "min": 32, "max": 160, "increment": 8
-        }]
+        "macLen": [160]
       },
       {
         "algorithm": "HMAC-SHA2-224",
@@ -452,9 +450,7 @@
         "keyLen": [{
           "min": 8, "max": 524288, "increment": 8
         }],
-        "macLen": [{
-          "min": 32, "max": 224, "increment": 8
-        }]
+        "macLen": [224]
       },
       {
         "algorithm": "HMAC-SHA2-256",
@@ -462,9 +458,7 @@
         "keyLen": [{
           "min": 8, "max": 524288, "increment": 8
         }],
-        "macLen": [{
-          "min": 32, "max": 256, "increment": 8
-        }]
+        "macLen": [256]
       },
       {
         "algorithm": "HMAC-SHA2-384",
@@ -472,9 +466,7 @@
         "keyLen": [{
           "min": 8, "max": 524288, "increment": 8
         }],
-        "macLen": [{
-          "min": 32, "max": 384, "increment": 8
-        }]
+        "macLen": [384]
       },
       {
         "algorithm": "HMAC-SHA2-512",
@@ -482,9 +474,7 @@
         "keyLen": [{
           "min": 8, "max": 524288, "increment": 8
         }],
-        "macLen": [{
-          "min": 32, "max": 512, "increment": 8
-        }]
+        "macLen": [512]
       },
       {
         "algorithm": "HMAC-SHA2-512/256",
@@ -492,9 +482,7 @@
         "keyLen": [{
           "min": 8, "max": 524288, "increment": 8
         }],
-        "macLen": [{
-          "min": 32, "max": 256, "increment": 8
-        }]
+        "macLen": [256]
       },
       {
         "algorithm": "ctrDRBG",
@@ -848,11 +836,7 @@
             "increment": 8
           }],
           "keyLen": [128, 256],
-          "macLen": [{
-            "min": 8,
-            "max": 128,
-            "increment": 8
-          }]
+          "macLen": [128]
         }]
       },
       {
@@ -1966,11 +1950,11 @@
     return false;
   }
   memcpy(&mac_len, args[0].data(), sizeof(mac_len));
-  if (mac_len > sizeof(mac)) {
+  if (mac_len != sizeof(mac)) {
     return false;
   }
 
-  return write_reply({Span<const uint8_t>(mac, mac_len)});
+  return write_reply({Span<const uint8_t>(mac, sizeof(mac))});
 }
 
 static bool CMAC_AESVerify(const Span<const uint8_t> args[],