Cypherpunks repositories - gostls13.git/commit

author	Daniel McCarney <daniel@binaryparadox.net>
	Sun, 15 Dec 2024 22:33:48 +0000 (17:33 -0500)
committer	Gopher Robot <gobot@golang.org>
	Mon, 10 Feb 2025 21:29:40 +0000 (13:29 -0800)
commit	86aca8778871c02eae6a7c4164ef1f004cd72814
tree	83633e5a2fb682ae05c2d11725ef682add0d2be6	tree
parent	072eea9b3b8e3c871707b5661948edd4090fc56a	commit \| diff

crypto/internal/fips140test: add SSH KDF ACVP tests

Adds ACVP test coverage for the SP 800-135rev1 SSH KDF based on the NIST
spec:

https://pages.nist.gov/ACVP/draft-celi-acvp-kdf-ssh.html

Only SHA1, SHA2-224, SHA2-256, SHA2-384, and SHA2-512 are valid hash
algorithms for the SSH KDF algorithm. We do not include SHA-1 since it
is out of scope for our FIPS module.

Similarly only TDES, AES-128, AES-192 and AES-256 are valid ciphers, and
we do not include TDES.

Updates #69642

Change-Id: I70e45b77a91bd8aa631da30fab54c97e974f433c
Reviewed-on: https://go-review.googlesource.com/c/go/+/636355
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>

src/crypto/internal/fips140test/acvp_capabilities.json		diff \| blob \| history
src/crypto/internal/fips140test/acvp_test.config.json		diff \| blob \| history
src/crypto/internal/fips140test/acvp_test.go		diff \| blob \| history