diff options
author | NIIBE Yutaka <gniibe@fsij.org> | 2022-06-21 15:38:56 +0900 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-06-21 15:38:56 +0900 |
commit | 07722d89bac1a739b084b4412c3ff42e215d5968 (patch) | |
tree | e7e9a9920edac3bfcecc6d86d993fa5dc2a114e5 /tests | |
parent | e0f0c788dc0f268965c0f63eb33d9f98c0575d58 (diff) | |
download | libgcrypt-07722d89bac1a739b084b4412c3ff42e215d5968.tar.gz |
kdf,fips: Modify HKDF test for FIPS mode.
* tests/t-kdf.c (check_hkdf): Check if shorter salts are rejected
correctly when FIPS mode.
--
Fixes-commit: fbddfb964f0b1c1ec131194b2273c3f834041c84
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/t-kdf.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/tests/t-kdf.c b/tests/t-kdf.c index 508e4bbe..4596c5c7 100644 --- a/tests/t-kdf.c +++ b/tests/t-kdf.c @@ -1875,7 +1875,17 @@ check_hkdf (void) info, infolen, expectedlen, out); if (err) - fail ("HKDF test %d failed: %s\n", count, gpg_strerror (err)); + { + if (in_fips_mode && saltlen < 14) + { + if (verbose) + fprintf (stderr, + " shorter salt (%lu) rejected correctly in fips mode\n", + saltlen); + } + else + fail ("HKDF test %d failed: %s\n", count, gpg_strerror (err)); + } else if (memcmp (out, expected, expectedlen)) { fail ("HKDF test %d failed: mismatch\n", count); |