CAVP/DRBG Results with multiple block lengths

[John Craft]

I am tasked with running CAVP test vectors for OpenSSL.  I have 
encountered an issue with DRBG and am wondering if anyone has advice.

When OpenSSL was originally validated, the DRBG test only required 1
blocksize of output.  Now, the default length is 4 blocks unless otherwise
requested.  I have modified the drbgvs code as follows:

r = FIPS_drbg_generate(dctx, randout, randoutlen, 1, adin, adinlen);
to 
r = FIPS_drbg_generate(dctx, randout, numBlocks*blockSize, 1, adin, adinlen);

where blockSize is set to the same value as randoutlen, i.e.
FIPS_drbg_get_blocklength(dctx);

I'm using the DRBG vectors from the CAVP website.  The Hash vectors work
correctly (excepting SHA-512T, of course), but none of the others do. 
Here's one test case from HMAC and the results:

[SHA-1]
[PredictionResistance = True]
[EntropyInputLen = 128]
[NonceLen = 64]
[PersonalizationStringLen = 0]
[AdditionalInputLen = 0]
[ReturnedBitsLen = 640]

COUNT = 0
EntropyInput = a0c9ab58f1e2e5a4de3ebd4ff73e9c5b
Nonce = 64efd8ca028cf811
PersonalizationString = 
AdditionalInput = 
EntropyInputPR = 48a584fe69ab5aee42aa4d42176099d4
AdditionalInput = 
EntropyInputPR = 5e1397dc404d86a37bf55954756951e4
ReturnedBits =
17f3656c7e328817dee7ee36d588d72f14514daa
30f71ea20a9687501f4471976f302b636829a6fc
4706b7782fea20d768179d670ccc2e618f1d9727
1128aab2756fe079f3ed92e805515b481f20de2b

Results should be:
ReturnedBits =
9a00a2d00ed59bfe31ecb1399b608148d1969d25
0d3c1e94101098129325cab8fccc2d54731970c0
107aa4892519955e4bc6001d7f4e6a2bf8a301ab
46055c09a67188f1a740eef3e15c029b44af0344

I would expect that at least the first block length would be correct, 
but here all bytes are wrong.  All results for all test for HMAC, CTR, 
and DualEC are wrong, but all results for Hash are correct.

Can anyone shed some light on why these results are coming back wrong, 
and how I might remediate them?  Is it simply impossible to return correct
results when BS>1?

Thanks,
John
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org