Google Git
Sign in
boringssl / boringssl / ba80c5ef1af7d79c265db0e8f9b672b23b6e85ef^! / .
commitba80c5ef1af7d79c265db0e8f9b672b23b6e85ef[log] [tgz]
authorDaniel McCarney <daniel@binaryparadox.net>Tue Feb 04 14:27:50 2025 -0500
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>Fri Feb 07 09:34:03 2025 -0800
tree0503e1a4c8617b659932a55b5625c03fa4cf61cd
parent91eb0750a344113f88d4d24139acfa6d9267f579 [diff]
util/fipstools: generalize hkdf KDA subprocess

Previously the only KDA ACVP algorithm mode supported by the acvptool
was HKDF mode, and so the file was called hkdf.go and didn't interrogate
the vector set mode.

In preparation for supporting the OneStepNoCounter KDA mode we need to
generalize the subprocess handler as both it and HKDF KDA are advertised
as "KDA" algorithms and must be multiplexed on the "mode".

To simplify review this commit moves the existing HKDF code, and adds
the small bit of multi-plexing required to dispatch by mode, but doesn't
introduce any other changes.

Change-Id: I3ad640d6b3fa93483c8fac6cadcfb88cf9da5430
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/75927
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>

diff --git a/util/fipstools/acvp/acvptool/subprocess/hkdf.go b/util/fipstools/acvp/acvptool/subprocess/kda.go
similarity index 91%
rename from util/fipstools/acvp/acvptool/subprocess/hkdf.go
rename to util/fipstools/acvp/acvptool/subprocess/kda.go
index 2de187f..9841786 100644
--- a/util/fipstools/acvp/acvptool/subprocess/hkdf.go
+++ b/util/fipstools/acvp/acvptool/subprocess/kda.go

@@ -24,6 +24,24 @@
 // The following structures reflect the JSON of ACVP KAS KDF tests. See
 // https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-kdf-hkdf.html
 
+type multiModeKda struct {
+	modes map[string]primitive
+}
+
+func (k multiModeKda) Process(vectorSet []byte, m Transactable) (any, error) {
+	var vector struct {
+		Mode string `json:"mode"`
+	}
+	if err := json.Unmarshal(vectorSet, &vector); err != nil {
+		return nil, fmt.Errorf("invalid KDA test vector: %w", err)
+	}
+	mode, ok := k.modes[vector.Mode]
+	if !ok {
+		return nil, fmt.Errorf("unsupported KDA mode %q", vector.Mode)
+	}
+	return mode.Process(vectorSet, m)
+}
+
 type hkdfTestVectorSet struct {
 	Groups []hkdfTestGroup `json:"testGroups"`
 }

diff --git a/util/fipstools/acvp/acvptool/subprocess/subprocess.go b/util/fipstools/acvp/acvptool/subprocess/subprocess.go
index 0b0eb1a..6a7bf30 100644
--- a/util/fipstools/acvp/acvptool/subprocess/subprocess.go
+++ b/util/fipstools/acvp/acvptool/subprocess/subprocess.go

@@ -138,7 +138,7 @@
 		"ctrDRBG":           &drbg{"ctrDRBG", map[string]bool{"AES-128": true, "AES-192": true, "AES-256": true}},
 		"hmacDRBG":          &drbg{"hmacDRBG", map[string]bool{"SHA-1": true, "SHA2-224": true, "SHA2-256": true, "SHA2-384": true, "SHA2-512": true, "SHA2-512/224": true, "SHA2-512/256": true, "SHA3-224": true, "SHA3-256": true, "SHA3-384": true, "SHA3-512": true}},
 		"KDF":               &kdfPrimitive{},
-		"KDA":               &hkdf{},
+		"KDA":               &multiModeKda{modes: map[string]primitive{"HKDF": &hkdf{}}},
 		"TLS-v1.2":          &tlsKDF{},
 		"TLS-v1.3":          &tls13{},
 		"CMAC-AES":          &keyedMACPrimitive{"CMAC-AES"},