1 files changed, 58 insertions, 2 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
index 0681054f41..18c77f07b8 100644
--- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go
+++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
-/* $OpenBSD: wycheproof.go,v 1.192 2025/09/15 09:43:42 tb Exp $ */
+/* $OpenBSD: wycheproof.go,v 1.193 2025/09/16 15:45:34 tb Exp $ */
 /*
 * Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org>
@@ -520,6 +520,27 @@ type wycheproofTestGroupMLKEM struct {
        Tests        []*wycheproofTestMLKEM `json:"tests"`
 }
+type wycheproofTestPbkdf struct {
+        TCID           int      `json:"tcId"`
+        Comment        string   `json:"comment"`
+        Flags          []string `json:"string"`
+        Password       string   `json:"password"`
+        Salt           string   `json:"salt"`
+        IterationCount int      `json:"iterationCount"`
+        DkLen          int      `json:"dkLen"`
+        Dk             string   `json:"dk"`
+        Result         string   `json:"result"`
+}
+func (wt *wycheproofTestPbkdf) String() string {
+        return wycheproofFormatTestCase(wt.TCID, wt.Comment, wt.Flags, wt.Result)
+}
+type wycheproofTestGroupPbkdf2HmacSha struct {
+        Type  string                 `json:"type"`
+        Tests []*wycheproofTestPbkdf `json:"tests"`
+}
 type wycheproofTestPrimality struct {
        TCID    int      `json:"tcId"`
        Comment string   `json:"comment"`
@@ -2463,6 +2484,41 @@ func (wtg *wycheproofTestGroupMLKEM) run(algorithm string, variant testVariant)
        return success
 }
+func runPbkdfTest(md *C.EVP_MD, wt *wycheproofTestPbkdf) bool {
+        pw, pwLen := mustDecodeHexString(wt.Password, "password")
+        salt, saltLen := mustDecodeHexString(wt.Salt, "salt")
+        dk, _ := mustDecodeHexString(wt.Dk, "dk")
+        out := make([]byte, wt.DkLen)
+        ret := C.PKCS5_PBKDF2_HMAC((*C.char)(unsafe.Pointer(&pw[0])), C.int(pwLen), (*C.uchar)(unsafe.Pointer(&salt[0])), C.int(saltLen), C.int(wt.IterationCount), md, C.int(wt.DkLen), (*C.uchar)(unsafe.Pointer(&out[0])))
+        success := true
+        if ret != 1 || !bytes.Equal(dk, out) || wt.Result != "valid" {
+                fmt.Printf("%s - %d\n", wt, int(ret))
+                success = false
+        }
+        return success
+}
+func (wtg *wycheproofTestGroupPbkdf2HmacSha) run(algorithm string, variant testVariant) bool {
+        fmt.Printf("Running %v test group of type %v...\n", algorithm, wtg.Type)
+        md, err := hashEvpMdFromString("SHA-" + strings.TrimPrefix(algorithm, "PBKDF2-HMACSHA"))
+        if err != nil {
+                log.Fatalf("Failed to get hash: %v", err)
+        }
+        success := true
+        for _, wt := range wtg.Tests {
+                if !runPbkdfTest(md, wt) {
+                        success = false
+                }
+        }
+        return success
+}
 func runPrimalityTest(wt *wycheproofTestPrimality) bool {
        bnValue := mustConvertBigIntToBigNum(wt.Value)
        defer C.BN_free(bnValue)
@@ -2960,7 +3016,7 @@ func testGroupFromTestVector(wtv *wycheproofTestVectorsV1) (wycheproofTestGroupR
        case "PbeWithHmacSha1AndAes_128", "PbeWithHmacSha1AndAes_192", "PbeWithHmacSha1AndAes_256", "PbeWithHmacSha224AndAes_128", "PbeWithHmacSha224AndAes_192", "PbeWithHmacSha224AndAes_256", "PbeWithHmacSha256AndAes_128", "PbeWithHmacSha256AndAes_192", "PbeWithHmacSha256AndAes_256", "PbeWithHmacSha384AndAes_128", "PbeWithHmacSha384AndAes_192", "PbeWithHmacSha384AndAes_256", "PbeWithHmacSha512AndAes_128", "PbeWithHmacSha512AndAes_192", "PbeWithHmacSha512AndAes_256":
                return nil, Skip
        case "PBKDF2-HMACSHA1", "PBKDF2-HMACSHA224", "PBKDF2-HMACSHA256", "PBKDF2-HMACSHA384", "PBKDF2-HMACSHA512":
-                return nil, Skip
+                return &wycheproofTestGroupPbkdf2HmacSha{}, Skip
        case "PrimalityTest":
                return &wycheproofTestGroupPrimality{}, variant
        case "RSAES-OAEP":

diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 0681054f41..18c77f07b8 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
1	/* $OpenBSD: wycheproof.go,v 1.192 2025/09/15 09:43:42 tb Exp $ */	1	/* $OpenBSD: wycheproof.go,v 1.193 2025/09/16 15:45:34 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org>
@@ -520,6 +520,27 @@ type wycheproofTestGroupMLKEM struct {
520	Tests []*wycheproofTestMLKEM `json:"tests"`	520	Tests []*wycheproofTestMLKEM `json:"tests"`
521	}	521	}
522		522
		523	type wycheproofTestPbkdf struct {
		524	TCID int `json:"tcId"`
		525	Comment string `json:"comment"`
		526	Flags []string `json:"string"`
		527	Password string `json:"password"`
		528	Salt string `json:"salt"`
		529	IterationCount int `json:"iterationCount"`
		530	DkLen int `json:"dkLen"`
		531	Dk string `json:"dk"`
		532	Result string `json:"result"`
		533	}
		534
		535	func (wt *wycheproofTestPbkdf) String() string {
		536	return wycheproofFormatTestCase(wt.TCID, wt.Comment, wt.Flags, wt.Result)
		537	}
		538
		539	type wycheproofTestGroupPbkdf2HmacSha struct {
		540	Type string `json:"type"`
		541	Tests []*wycheproofTestPbkdf `json:"tests"`
		542	}
		543
523	type wycheproofTestPrimality struct {	544	type wycheproofTestPrimality struct {
524	TCID int `json:"tcId"`	545	TCID int `json:"tcId"`
525	Comment string `json:"comment"`	546	Comment string `json:"comment"`
@@ -2463,6 +2484,41 @@ func (wtg *wycheproofTestGroupMLKEM) run(algorithm string, variant testVariant)
2463	return success	2484	return success
2464	}	2485	}
2465		2486
		2487	func runPbkdfTest(md C.EVP_MD, wt wycheproofTestPbkdf) bool {
		2488	pw, pwLen := mustDecodeHexString(wt.Password, "password")
		2489	salt, saltLen := mustDecodeHexString(wt.Salt, "salt")
		2490	dk, _ := mustDecodeHexString(wt.Dk, "dk")
		2491
		2492	out := make([]byte, wt.DkLen)
		2493
		2494	ret := C.PKCS5_PBKDF2_HMAC((C.char)(unsafe.Pointer(&pw[0])), C.int(pwLen), (C.uchar)(unsafe.Pointer(&salt[0])), C.int(saltLen), C.int(wt.IterationCount), md, C.int(wt.DkLen), (*C.uchar)(unsafe.Pointer(&out[0])))
		2495
		2496	success := true
		2497	if ret != 1 \|\| !bytes.Equal(dk, out) \|\| wt.Result != "valid" {
		2498	fmt.Printf("%s - %d\n", wt, int(ret))
		2499	success = false
		2500	}
		2501
		2502	return success
		2503	}
		2504
		2505	func (wtg *wycheproofTestGroupPbkdf2HmacSha) run(algorithm string, variant testVariant) bool {
		2506	fmt.Printf("Running %v test group of type %v...\n", algorithm, wtg.Type)
		2507
		2508	md, err := hashEvpMdFromString("SHA-" + strings.TrimPrefix(algorithm, "PBKDF2-HMACSHA"))
		2509	if err != nil {
		2510	log.Fatalf("Failed to get hash: %v", err)
		2511	}
		2512
		2513	success := true
		2514	for _, wt := range wtg.Tests {
		2515	if !runPbkdfTest(md, wt) {
		2516	success = false
		2517	}
		2518	}
		2519	return success
		2520	}
		2521
2466	func runPrimalityTest(wt *wycheproofTestPrimality) bool {	2522	func runPrimalityTest(wt *wycheproofTestPrimality) bool {
2467	bnValue := mustConvertBigIntToBigNum(wt.Value)	2523	bnValue := mustConvertBigIntToBigNum(wt.Value)
2468	defer C.BN_free(bnValue)	2524	defer C.BN_free(bnValue)
@@ -2960,7 +3016,7 @@ func testGroupFromTestVector(wtv *wycheproofTestVectorsV1) (wycheproofTestGroupR
2960	case "PbeWithHmacSha1AndAes_128", "PbeWithHmacSha1AndAes_192", "PbeWithHmacSha1AndAes_256", "PbeWithHmacSha224AndAes_128", "PbeWithHmacSha224AndAes_192", "PbeWithHmacSha224AndAes_256", "PbeWithHmacSha256AndAes_128", "PbeWithHmacSha256AndAes_192", "PbeWithHmacSha256AndAes_256", "PbeWithHmacSha384AndAes_128", "PbeWithHmacSha384AndAes_192", "PbeWithHmacSha384AndAes_256", "PbeWithHmacSha512AndAes_128", "PbeWithHmacSha512AndAes_192", "PbeWithHmacSha512AndAes_256":	3016	case "PbeWithHmacSha1AndAes_128", "PbeWithHmacSha1AndAes_192", "PbeWithHmacSha1AndAes_256", "PbeWithHmacSha224AndAes_128", "PbeWithHmacSha224AndAes_192", "PbeWithHmacSha224AndAes_256", "PbeWithHmacSha256AndAes_128", "PbeWithHmacSha256AndAes_192", "PbeWithHmacSha256AndAes_256", "PbeWithHmacSha384AndAes_128", "PbeWithHmacSha384AndAes_192", "PbeWithHmacSha384AndAes_256", "PbeWithHmacSha512AndAes_128", "PbeWithHmacSha512AndAes_192", "PbeWithHmacSha512AndAes_256":
2961	return nil, Skip	3017	return nil, Skip
2962	case "PBKDF2-HMACSHA1", "PBKDF2-HMACSHA224", "PBKDF2-HMACSHA256", "PBKDF2-HMACSHA384", "PBKDF2-HMACSHA512":	3018	case "PBKDF2-HMACSHA1", "PBKDF2-HMACSHA224", "PBKDF2-HMACSHA256", "PBKDF2-HMACSHA384", "PBKDF2-HMACSHA512":
2963	return nil, Skip	3019	return &wycheproofTestGroupPbkdf2HmacSha{}, Skip
2964	case "PrimalityTest":	3020	case "PrimalityTest":
2965	return &wycheproofTestGroupPrimality{}, variant	3021	return &wycheproofTestGroupPrimality{}, variant
2966	case "RSAES-OAEP":	3022	case "RSAES-OAEP":