1 // Copyright 2024 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
4 5 package pbkdf2
6 7 import (
8 "bytes"
9 "crypto/internal/fips140"
10 _ "crypto/internal/fips140/check"
11 "crypto/internal/fips140/sha256"
12 "errors"
13 )
14 15 func init() {
16 // Per IG 10.3.A:
17 // "if the module implements an approved PBKDF (SP 800-132), the module
18 // shall perform a CAST, at minimum, on the derivation of the Master
19 // Key (MK) as specified in Section 5.3 of SP 800-132"
20 // "The Iteration Count parameter does not need to be among those
21 // supported by the module in the approved mode but shall be at least
22 // two."
23 fips140.CAST("PBKDF2", func() error {
24 salt := []byte{
25 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11,
26 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
27 }
28 want := []byte{
29 0xC7, 0x58, 0x76, 0xC0, 0x71, 0x1C, 0x29, 0x75,
30 0x2D, 0x3A, 0xA6, 0xDF, 0x29, 0x96,
31 }
32 33 mk, err := Key(sha256.New, "password", salt, 2, 14)
34 if err != nil {
35 return err
36 }
37 if !bytes.Equal(mk, want) {
38 return errors.New("unexpected result")
39 }
40 41 return nil
42 })
43 }
44