Adds ACVP test coverage for the SP 800-90A rev 1 ctrDRBG algorithm based
on the NIST spec:
https://pages.nist.gov/ACVP/draft-vassilev-acvp-drbg.html#section-7.2
The implementation in our FIPS module is a minimal implementation
tailored to the specific needs of stdlib crypto. As a result we
customize the ACVP capability registration so that:
* predResistanceEnabled is false
* only mode AES-256 is supported
* for that mode,
* derFuncEnabled is false
* persoStringLen is 0 to disable personalization
* additionalInputLen is 384 to match the [48]byte argument in our API
Other capability values are chosen based on Table 4's ctrDRBG AES-256
w/o `derFuncEnabled` row:
https://pages.nist.gov/ACVP/draft-vassilev-acvp-drbg.html#section-7.4
We do enable reseed in the capability, necessitating two acvptool
commands: one that expects only 6 args and doesn't reseed
("ctrDRBG/AES-256"), and one that expects 8 args and does
("ctrDRBG-reseed/AES-256").
Updates #69642
Change-Id: I0f01a2f9496f45b130ee7d10916708093236f473
Reviewed-on: https://go-review.googlesource.com/c/go/+/639795 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>