tests/keyctl/dh_compute/valid/runtest.sh - linux/kernel/git/dhowells/keyutils - Git at Google

 #!/bin/bash

 . ../../../prepare.inc.sh
 . ../../../toolbox.inc.sh


 # ---- do the actual testing ----

 if [ $have_dh_compute = 0 ]
 then
     toolbox_skip_test $TEST "SKIPPING DUE TO LACK OF DIFFIE-HELLMAN"
     exit 0
 fi

 result=PASS
 echo "++++ BEGINNING TEST" >$OUTPUTFILE

 # Prime, generator, and key values created with:
 #   openssl dhparam 2048 -check -out dh.pem
 #   openssl genpkey -paramfile dh.pem -text
 prime="00b6894d8ff7af56d446c950c7e91d"
 prime+="298a078daea77966f11fc16f229211"
 prime+="737f1f39cef3dad7872a538f6c8f9a"
 prime+="276a7cf77bb2d63a872a4db9ed12ae"
 prime+="0f1c69af9bf2f2e3691d3615a1d7d5"
 prime+="77a87d1cb4aba0494bae0c249b0cce"
 prime+="ef6b7ab9a7be70b5b45e4cf7cb71ad"
 prime+="8feb7a4d6c7ccb96d5298f0feeb478"
 prime+="77605e80a0338691e35862f0f4cbb2"
 prime+="09e17dd9febcce4c21577006ceb115"
 prime+="7b181592d2f784ba44e006c314df53"
 prime+="06bdbb17a010b3660d479356d8d52c"
 prime+="5af014536c20897e7653218e2c7a65"
 prime+="0a73dc27584598de92de5c62706771"
 prime+="fa2d67f625441d911ca03f2149b6d4"
 prime+="c76b5ecd9896e9d799a3a500ececc5"
 prime+="19e31b71154d7b361bd0dd15f7ce8d"
 prime+="fc63"

 generator="02"

 private="40949da2ca2b7c353de38fefb06ddd"
 private+="0d67479a6361c89e77b980d2486c4d"
 private+="31971eb88f6572069973e3ae5a43ce"
 private+="76bccb35ea05ac6538eb0ea6adee49"
 private+="37600435dd7940885d2e3f78c72808"
 private+="34f878d3d550cc9305330bb8f02085"
 private+="ee6c230d42d84eb67a245b92817fd1"
 private+="54bcb1394a289d11afb5a1e50e1395"
 private+="0908af70756704e9bf03dff0e5d490"
 private+="743841c534cb7e2cf4b9f0493a730b"
 private+="0d71096a16bdc0e852f175755134b2"
 private+="b41112280a88212728afbe16d417f3"
 private+="1893cbe442e06d212d8efe227aa003"
 private+="9a65ce998107fae278511c6bf4d599"
 private+="32534ae9fc39db80635163c0546657"
 private+="500866d5461c5fa3540238324a29f3"
 private+="16e068f3ba1737d042cb51a8971bc7"
 private+="a2"

 read -d '' public <<"EOF"
 a4cf1f93 95fce03f d02aaece da1f86bd d8d77b69 29039fcc bd138c98 2483bf9c
 7e4406c1 4f3cea24 6cafb29e 95095d0c 6768f13b 31babb24 6c590d92 6c343e69
 59dbd47f 65982a3b b1baa7a3 05a72054 89b6cd0d 78397962 fc834fc9 3ec0517e
 c218396f 9cff860e 29078aee 6b8598b6 79325014 bb84597d f031e149 edbe1c5a
 2a55fe4e bbc64a52 6da59e71 1c7ae5e0 954ba23b 9d58c423 17d84841 815708c8
 b9059987 48773eac 2244b286 cd118277 48b7ed3a 5af5cc0f 8f254190 5e16f998
 a328e894 acc343f4 66a95281 86cea6a3 93eb4fee f83c0e2e f4a00ce6 fcc9ef81
 cc4624d5 ba659411 d1ba7b5f 14a3e286 d42e6ac8 afa9f846 41cb7cb5 66965725
 EOF

 marker "LOAD SOURCE KEYS"
 create_key --new=primeid     -x user dh:prime     $prime @s
 create_key --new=generatorid -x user dh:generator $generator @s
 create_key --new=privateid   -x user dh:private   $private @s

 marker "COMPUTE DH PUBLIC KEY"
 dh_compute $privateid $primeid $generatorid
 expect_multiline payload "$public"

 echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE


 ################################################################
 # Testing DH compute with KDF according to SP800-56A
 #
 # test vectors from http://csrc.nist.gov/groups/STM/cavp/documents/keymgmt/KASTestVectorsFFC2014.zip
 ################################################################

 # SHA-256
 marker "LOAD SHA-256 SOURCE KEYS"

 # XephemCAVS
 private="81b2c65f5cbac00b1353ac38bd77a25a"
 private+="8650ed485e413eac1d6c4885"

 # P
 prime="a3cc6223e50c6e3f7bb0581dcb9e9ff0"
 prime+="2c580768328a15207b1c32317fb78496"
 prime+="815e3cf7f9d09ccb9fa840ff4798511a"
 prime+="17b55928721e5dfbccc54147e0f05f85"
 prime+="b3ac410b6ae3f59b796f3feac7fc5249"
 prime+="217eb2a04588293a5ade227879f46ceb"
 prime+="56457b5c431293e5e104d1b964bd2cdf"
 prime+="deffa04049a91e67ee8c86e944f04f94"
 prime+="4a30e361f8d15d17e5010cabb4ef40c0"
 prime+="eba5f4a252d4fd6cf9dae60e86e4b300"
 prime+="9b1dfc926670357261587ad05c00a6c6"
 prime+="f0106cec8fc59131515084a870594165"
 prime+="b49390db2d00e7538f230d532f4a4eca"
 prime+="8309d707c0b3835cee04f3ca558a22c6"
 prime+="b520fe25de6ffa90efda4927d018594c"
 prime+="0c0b77067393b7f1e0fc7cf216aff39f"

 # YephemIUT
 xa="9a70822d3f06123d0e518ee11651e5f6"
 xa+="b119dc3b97d5b1c0a2a6f6de942564ba"
 xa+="10061eecdeb7369ca537499e04b036e9"
 xa+="7f445a956f6369ae6e63fd27eae3e347"
 xa+="855447d3bac1c60c10e7350772c6c0c6"
 xa+="fbf9ca3e38f0e8658825d3b20f1f028f"
 xa+="35e34d1235103df2339b5b099d3fe3e5"
 xa+="346a691642bac5b0bb03cd5d04d75626"
 xa+="21493ff1c4273b6a45c5ecb0b5e908a0"
 xa+="f9f562282e853efc9a7ea112e9474ff6"
 xa+="9418f7c47ae966d4524ca1701b60a4be"
 xa+="15c75e27b405806468156e02cbc58ff4"
 xa+="663c96ac0c87368135fa9b0bb6337ae2"
 xa+="58521d7d60c2a91b4ed772ad65034049"
 xa+="97f6799df663a8999cfd747fa067b905"
 xa+="8ab33bc14594366f28f5a2d900b6467a"

 # Z
 read -d '' shared <<"EOF"
 0fdbd9a2 ebf50cba 489b4e4d 7cd6924a 42ee6324 a26988b2 22bc38e6 9cc445f1
 eb47c1a4 62eca39f 39bcd7b8 19dede51 30bc38da ec99c16f 40a4e5c1 9c97b796
 8b41823d a0650e37 13c73e6f 5f2a9dff 2e67dbf5 40ee66f4 e694c28f ba1d604b
 71b57b8a eeb67a35 ba425a38 490b6fb9 f713db22 6f893b7a 8962f426 ba3046fb
 cff8538c 16f583e8 ae947672 0ba55ff9 75b440d0 c4565cc7 5837d23a fea61a39
 e0b7f6c4 e24c2154 7eb19fce f8dbed10 b06a9cce 971c0f0f ba7c1d5c b5035eaa
 4fddd3ba fe757339 e3321e3e 4ebfe9e7 9c6c0401 4df63cf9 28d0a2c0 5b2d5521
 030c35f1 c84c97fe 64cad509 8012a003 d52d24c4 1a1f9348 b7575251 3facb02f
 EOF

 # OI
 otherinfo="a1b2c3d4e54341565369640d64c1b2"
 otherinfo+="3361b261de78688ea865fcff113c84"

 # DKM
 read -d '' derived <<"EOF"
 8284e313 02c8a26b 393ec52d 9f9e0882
 EOF

 create_key --update=primeid   -x user dh:prime   $prime @s
 create_key --new=xaid         -x user dh:xa      $xa @s
 create_key --update=privateid -x user dh:private $private @s

 marker "COMPUTE DH SHARED SECRET"
 dh_compute $privateid $primeid $xaid
 expect_multiline payload "$shared"

 marker "COMPUTE DERIVED KEY FROM DH SHARED SECRET (SHA-256)"
 echo -e -n $otherinfo | dh_compute_kdf_oi -x $privateid $primeid $xaid 16 "sha256"
 expect_multiline payload "$derived"

 create_key --new=lzid -x user dh:leadingzero "01" @s

 read -d '' derived2 <<"EOF"
 0066207b cdab1d64 bbf489b3 d6a0dadc
 EOF

 marker "COMPUTE DERIVED KEY WITH LEADING ZEROS"
 echo -e -n $otherinfo | dh_compute_kdf_oi -x $privateid $primeid $lzid 16 "sha256"
 expect_multiline payload "$derived2"

 # SHA-224
 marker "LOAD SHA-224 SOURCE KEYS"

 # XephemCAVS
 private="861ba259aba6aa577de22f508ecbbc26"
 private+="c5acfccb9ea23b434d6d2b79"

 # P
 prime="a5b1764e13c81699aba38f0dc0d15e15"
 prime+="f50fcd5cf7c22372cafc5ed762941bd9"
 prime+="e0fb9aabee7466d2c829aab031db7b1b"
 prime+="5a64e68ed53bafb283ba0f018beb3edc"
 prime+="957fe453be0daab61b3228763e80758c"
 prime+="6d8c283cf630edd9d70a8af330dd0af6"
 prime+="a8d594c23cdd24c8ad3fcfea41757772"
 prime+="ceed921e63862f246e6f49d8747e44ae"
 prime+="f01e309b6dcc80d450383bb1f94dd590"
 prime+="84f8e96f856ec7c8335edb055f8ec6c4"
 prime+="81520b3f28e80b6209b8ae61cc860e24"
 prime+="c822b66c4f97804993bcd0a972b35354"
 prime+="01330ebe4b2e923f189b633562e468eb"
 prime+="99a4bc88ccbff8df0fd5afcfe6ae1918"
 prime+="4214ab3fefb7f0668b8b2683bebd5651"
 prime+="a4c63843b9b14bc738d520b1b7212c69"

 # YephemIUT
 xa="17d71af4353c22122aeb2a0619cc2cf7"
 xa+="3553f28e9fb191fdb286b115b9fda866"
 xa+="2de5173b1aff70488d9bc848e537d7e5"
 xa+="021649d37dc78c94369db90c2784c94d"
 xa+="970ac9b5e35efd22d418d31b68d9550b"
 xa+="aa7716e98ea6783bb3a845059fbaa4a6"
 xa+="720a6a23c56ba52b4d9b726e0068e9eb"
 xa+="4d175bff4369f3d2a4af66eecd62ef7b"
 xa+="23c337d470952b1767c8bf782f0b58b4"
 xa+="fc8245f840787170f4b0a51b5eb46075"
 xa+="8addc9f44a73a3f607603bd35073d1a6"
 xa+="9a203a0494a8c2021ba0da1f0495f560"
 xa+="c0ba81794eeeeb825d1bd34316a52ae1"
 xa+="c900100c0d6fa02546ed7a9c38a6a343"
 xa+="d68659eeb59cf38104a96bb25a6dbbf0"
 xa+="cbc0ede73a7bba675181e0cd2e7b9f89"

 # Z
 read -d '' shared <<"EOF"
 057c22b8 c5872fef 08ebe852 fafab4b7 c2c2ffbb 376d71bd a941b16e 32614adf
 ebb82aeb d50f29d3 cec63d10 77f50e21 cf381b87 a818c614 52c5cce2 af85f40c
 06615b97 fe8c3a80 68990ac5 83957b52 8dd6d52d a3b51e84 aec355fd 4a3fe5ce
 faa3b17c 9e71cb4d 28ecab6d 21297280 e52397b7 ccb1b62d 8d5d3ce4 1d26b2a3
 bdbf880b b39e8b02 8a745ff2 9f0984da efe97084 5d850884 525403ca d2a52956
 f55b9a89 b2d801f1 710333c0 479c5955 b54c8163 83c65ad9 c78b8c67 cc1b211b
 208b9fab b9c99a68 18293e6a 8da069e6 75eb4317 668a7d4b 6f235533 f3ff4ed0
 4f8ad579 f9ad14e7 f68ae183 41d603d9 d6297123 00716c98 bbbf16eb 2a2cc92f
 EOF

 # OI
 otherinfo="a1b2c3d4e5434156536964aa27e249"
 otherinfo+="bf0a1276468d808259f3b8e2687851"

 # DKM
 read -d '' derived <<"EOF"
 88bf39c0 08eec33a dc3b4430 054ba262
 EOF

 create_key --update=primeid   -x user dh:prime   $prime @s
 create_key --update=xaid      -x user dh:xa      $xa @s
 create_key --update=privateid -x user dh:private $private @s

 marker "COMPUTE DH SHARED SECRET"
 dh_compute $privateid $primeid $xaid
 expect_multiline payload "$shared"

 marker "COMPUTE DERIVED KEY FROM DH SHARED SECRET (SHA-224)"
 echo -e -n $otherinfo | dh_compute_kdf_oi -x $privateid $primeid $xaid 16 "sha224"
 expect_multiline payload "$derived"

 # --- then report the results in the database ---
 toolbox_report_result $TEST $result
	#!/bin/bash

	. ../../../prepare.inc.sh
	. ../../../toolbox.inc.sh


	# ---- do the actual testing ----

	if [ $have_dh_compute = 0 ]
	then
	toolbox_skip_test $TEST "SKIPPING DUE TO LACK OF DIFFIE-HELLMAN"
	exit 0
	fi

	result=PASS
	echo "++++ BEGINNING TEST" >$OUTPUTFILE

	# Prime, generator, and key values created with:
	# openssl dhparam 2048 -check -out dh.pem
	# openssl genpkey -paramfile dh.pem -text
	prime="00b6894d8ff7af56d446c950c7e91d"
	prime+="298a078daea77966f11fc16f229211"
	prime+="737f1f39cef3dad7872a538f6c8f9a"
	prime+="276a7cf77bb2d63a872a4db9ed12ae"
	prime+="0f1c69af9bf2f2e3691d3615a1d7d5"
	prime+="77a87d1cb4aba0494bae0c249b0cce"
	prime+="ef6b7ab9a7be70b5b45e4cf7cb71ad"
	prime+="8feb7a4d6c7ccb96d5298f0feeb478"
	prime+="77605e80a0338691e35862f0f4cbb2"
	prime+="09e17dd9febcce4c21577006ceb115"
	prime+="7b181592d2f784ba44e006c314df53"
	prime+="06bdbb17a010b3660d479356d8d52c"
	prime+="5af014536c20897e7653218e2c7a65"
	prime+="0a73dc27584598de92de5c62706771"
	prime+="fa2d67f625441d911ca03f2149b6d4"
	prime+="c76b5ecd9896e9d799a3a500ececc5"
	prime+="19e31b71154d7b361bd0dd15f7ce8d"
	prime+="fc63"

	generator="02"

	private="40949da2ca2b7c353de38fefb06ddd"
	private+="0d67479a6361c89e77b980d2486c4d"
	private+="31971eb88f6572069973e3ae5a43ce"
	private+="76bccb35ea05ac6538eb0ea6adee49"
	private+="37600435dd7940885d2e3f78c72808"
	private+="34f878d3d550cc9305330bb8f02085"
	private+="ee6c230d42d84eb67a245b92817fd1"
	private+="54bcb1394a289d11afb5a1e50e1395"
	private+="0908af70756704e9bf03dff0e5d490"
	private+="743841c534cb7e2cf4b9f0493a730b"
	private+="0d71096a16bdc0e852f175755134b2"
	private+="b41112280a88212728afbe16d417f3"
	private+="1893cbe442e06d212d8efe227aa003"
	private+="9a65ce998107fae278511c6bf4d599"
	private+="32534ae9fc39db80635163c0546657"
	private+="500866d5461c5fa3540238324a29f3"
	private+="16e068f3ba1737d042cb51a8971bc7"
	private+="a2"

	read -d '' public <<"EOF"
	a4cf1f93 95fce03f d02aaece da1f86bd d8d77b69 29039fcc bd138c98 2483bf9c
	7e4406c1 4f3cea24 6cafb29e 95095d0c 6768f13b 31babb24 6c590d92 6c343e69
	59dbd47f 65982a3b b1baa7a3 05a72054 89b6cd0d 78397962 fc834fc9 3ec0517e
	c218396f 9cff860e 29078aee 6b8598b6 79325014 bb84597d f031e149 edbe1c5a
	2a55fe4e bbc64a52 6da59e71 1c7ae5e0 954ba23b 9d58c423 17d84841 815708c8
	b9059987 48773eac 2244b286 cd118277 48b7ed3a 5af5cc0f 8f254190 5e16f998
	a328e894 acc343f4 66a95281 86cea6a3 93eb4fee f83c0e2e f4a00ce6 fcc9ef81
	cc4624d5 ba659411 d1ba7b5f 14a3e286 d42e6ac8 afa9f846 41cb7cb5 66965725
	EOF

	marker "LOAD SOURCE KEYS"
	create_key --new=primeid -x user dh:prime $prime @s
	create_key --new=generatorid -x user dh:generator $generator @s
	create_key --new=privateid -x user dh:private $private @s

	marker "COMPUTE DH PUBLIC KEY"
	dh_compute $privateid $primeid $generatorid
	expect_multiline payload "$public"

	echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE


	################################################################
	# Testing DH compute with KDF according to SP800-56A
	#
	# test vectors from http://csrc.nist.gov/groups/STM/cavp/documents/keymgmt/KASTestVectorsFFC2014.zip
	################################################################

	# SHA-256
	marker "LOAD SHA-256 SOURCE KEYS"

	# XephemCAVS
	private="81b2c65f5cbac00b1353ac38bd77a25a"
	private+="8650ed485e413eac1d6c4885"

	# P
	prime="a3cc6223e50c6e3f7bb0581dcb9e9ff0"
	prime+="2c580768328a15207b1c32317fb78496"
	prime+="815e3cf7f9d09ccb9fa840ff4798511a"
	prime+="17b55928721e5dfbccc54147e0f05f85"
	prime+="b3ac410b6ae3f59b796f3feac7fc5249"
	prime+="217eb2a04588293a5ade227879f46ceb"
	prime+="56457b5c431293e5e104d1b964bd2cdf"
	prime+="deffa04049a91e67ee8c86e944f04f94"
	prime+="4a30e361f8d15d17e5010cabb4ef40c0"
	prime+="eba5f4a252d4fd6cf9dae60e86e4b300"
	prime+="9b1dfc926670357261587ad05c00a6c6"
	prime+="f0106cec8fc59131515084a870594165"
	prime+="b49390db2d00e7538f230d532f4a4eca"
	prime+="8309d707c0b3835cee04f3ca558a22c6"
	prime+="b520fe25de6ffa90efda4927d018594c"
	prime+="0c0b77067393b7f1e0fc7cf216aff39f"

	# YephemIUT
	xa="9a70822d3f06123d0e518ee11651e5f6"
	xa+="b119dc3b97d5b1c0a2a6f6de942564ba"
	xa+="10061eecdeb7369ca537499e04b036e9"
	xa+="7f445a956f6369ae6e63fd27eae3e347"
	xa+="855447d3bac1c60c10e7350772c6c0c6"
	xa+="fbf9ca3e38f0e8658825d3b20f1f028f"
	xa+="35e34d1235103df2339b5b099d3fe3e5"
	xa+="346a691642bac5b0bb03cd5d04d75626"
	xa+="21493ff1c4273b6a45c5ecb0b5e908a0"
	xa+="f9f562282e853efc9a7ea112e9474ff6"
	xa+="9418f7c47ae966d4524ca1701b60a4be"
	xa+="15c75e27b405806468156e02cbc58ff4"
	xa+="663c96ac0c87368135fa9b0bb6337ae2"
	xa+="58521d7d60c2a91b4ed772ad65034049"
	xa+="97f6799df663a8999cfd747fa067b905"
	xa+="8ab33bc14594366f28f5a2d900b6467a"

	# Z
	read -d '' shared <<"EOF"
	0fdbd9a2 ebf50cba 489b4e4d 7cd6924a 42ee6324 a26988b2 22bc38e6 9cc445f1
	eb47c1a4 62eca39f 39bcd7b8 19dede51 30bc38da ec99c16f 40a4e5c1 9c97b796
	8b41823d a0650e37 13c73e6f 5f2a9dff 2e67dbf5 40ee66f4 e694c28f ba1d604b
	71b57b8a eeb67a35 ba425a38 490b6fb9 f713db22 6f893b7a 8962f426 ba3046fb
	cff8538c 16f583e8 ae947672 0ba55ff9 75b440d0 c4565cc7 5837d23a fea61a39
	e0b7f6c4 e24c2154 7eb19fce f8dbed10 b06a9cce 971c0f0f ba7c1d5c b5035eaa
	4fddd3ba fe757339 e3321e3e 4ebfe9e7 9c6c0401 4df63cf9 28d0a2c0 5b2d5521
	030c35f1 c84c97fe 64cad509 8012a003 d52d24c4 1a1f9348 b7575251 3facb02f
	EOF

	# OI
	otherinfo="a1b2c3d4e54341565369640d64c1b2"
	otherinfo+="3361b261de78688ea865fcff113c84"

	# DKM
	read -d '' derived <<"EOF"
	8284e313 02c8a26b 393ec52d 9f9e0882
	EOF

	create_key --update=primeid -x user dh:prime $prime @s
	create_key --new=xaid -x user dh:xa $xa @s
	create_key --update=privateid -x user dh:private $private @s

	marker "COMPUTE DH SHARED SECRET"
	dh_compute $privateid $primeid $xaid
	expect_multiline payload "$shared"

	marker "COMPUTE DERIVED KEY FROM DH SHARED SECRET (SHA-256)"
	echo -e -n $otherinfo \| dh_compute_kdf_oi -x $privateid $primeid $xaid 16 "sha256"
	expect_multiline payload "$derived"

	create_key --new=lzid -x user dh:leadingzero "01" @s

	read -d '' derived2 <<"EOF"
	0066207b cdab1d64 bbf489b3 d6a0dadc
	EOF

	marker "COMPUTE DERIVED KEY WITH LEADING ZEROS"
	echo -e -n $otherinfo \| dh_compute_kdf_oi -x $privateid $primeid $lzid 16 "sha256"
	expect_multiline payload "$derived2"

	# SHA-224
	marker "LOAD SHA-224 SOURCE KEYS"

	# XephemCAVS
	private="861ba259aba6aa577de22f508ecbbc26"
	private+="c5acfccb9ea23b434d6d2b79"

	# P
	prime="a5b1764e13c81699aba38f0dc0d15e15"
	prime+="f50fcd5cf7c22372cafc5ed762941bd9"
	prime+="e0fb9aabee7466d2c829aab031db7b1b"
	prime+="5a64e68ed53bafb283ba0f018beb3edc"
	prime+="957fe453be0daab61b3228763e80758c"
	prime+="6d8c283cf630edd9d70a8af330dd0af6"
	prime+="a8d594c23cdd24c8ad3fcfea41757772"
	prime+="ceed921e63862f246e6f49d8747e44ae"
	prime+="f01e309b6dcc80d450383bb1f94dd590"
	prime+="84f8e96f856ec7c8335edb055f8ec6c4"
	prime+="81520b3f28e80b6209b8ae61cc860e24"
	prime+="c822b66c4f97804993bcd0a972b35354"
	prime+="01330ebe4b2e923f189b633562e468eb"
	prime+="99a4bc88ccbff8df0fd5afcfe6ae1918"
	prime+="4214ab3fefb7f0668b8b2683bebd5651"
	prime+="a4c63843b9b14bc738d520b1b7212c69"

	# YephemIUT
	xa="17d71af4353c22122aeb2a0619cc2cf7"
	xa+="3553f28e9fb191fdb286b115b9fda866"
	xa+="2de5173b1aff70488d9bc848e537d7e5"
	xa+="021649d37dc78c94369db90c2784c94d"
	xa+="970ac9b5e35efd22d418d31b68d9550b"
	xa+="aa7716e98ea6783bb3a845059fbaa4a6"
	xa+="720a6a23c56ba52b4d9b726e0068e9eb"
	xa+="4d175bff4369f3d2a4af66eecd62ef7b"
	xa+="23c337d470952b1767c8bf782f0b58b4"
	xa+="fc8245f840787170f4b0a51b5eb46075"
	xa+="8addc9f44a73a3f607603bd35073d1a6"
	xa+="9a203a0494a8c2021ba0da1f0495f560"
	xa+="c0ba81794eeeeb825d1bd34316a52ae1"
	xa+="c900100c0d6fa02546ed7a9c38a6a343"
	xa+="d68659eeb59cf38104a96bb25a6dbbf0"
	xa+="cbc0ede73a7bba675181e0cd2e7b9f89"

	# Z
	read -d '' shared <<"EOF"
	057c22b8 c5872fef 08ebe852 fafab4b7 c2c2ffbb 376d71bd a941b16e 32614adf
	ebb82aeb d50f29d3 cec63d10 77f50e21 cf381b87 a818c614 52c5cce2 af85f40c
	06615b97 fe8c3a80 68990ac5 83957b52 8dd6d52d a3b51e84 aec355fd 4a3fe5ce
	faa3b17c 9e71cb4d 28ecab6d 21297280 e52397b7 ccb1b62d 8d5d3ce4 1d26b2a3
	bdbf880b b39e8b02 8a745ff2 9f0984da efe97084 5d850884 525403ca d2a52956
	f55b9a89 b2d801f1 710333c0 479c5955 b54c8163 83c65ad9 c78b8c67 cc1b211b
	208b9fab b9c99a68 18293e6a 8da069e6 75eb4317 668a7d4b 6f235533 f3ff4ed0
	4f8ad579 f9ad14e7 f68ae183 41d603d9 d6297123 00716c98 bbbf16eb 2a2cc92f
	EOF

	# OI
	otherinfo="a1b2c3d4e5434156536964aa27e249"
	otherinfo+="bf0a1276468d808259f3b8e2687851"

	# DKM
	read -d '' derived <<"EOF"
	88bf39c0 08eec33a dc3b4430 054ba262
	EOF

	create_key --update=primeid -x user dh:prime $prime @s
	create_key --update=xaid -x user dh:xa $xa @s
	create_key --update=privateid -x user dh:private $private @s

	marker "COMPUTE DH SHARED SECRET"
	dh_compute $privateid $primeid $xaid
	expect_multiline payload "$shared"

	marker "COMPUTE DERIVED KEY FROM DH SHARED SECRET (SHA-224)"
	echo -e -n $otherinfo \| dh_compute_kdf_oi -x $privateid $primeid $xaid 16 "sha224"
	expect_multiline payload "$derived"

	# --- then report the results in the database ---
	toolbox_report_result $TEST $result