lib/crypto-selftests.c: Add a selftest for PBKDF2 that complies with FIPS 140-3. The KAT for the PBKDF2 does not meet the requirements included in IG 10.3.A. Specifically, IG 10.3.A and SP800-132 requires some minimum parameters for the salt length, password length and iteration count. These parameters should be also used in the KAT:
- salt must be at least 128 bits.
- password should be at least 14 bytes, which represents the minimum approved key length used for the underlying HMAC (112 bits).
- the iteration count must be >= 2
These are the values that the PBKDF KAT uses for this module:
- GnuTLS (not OK)
- ! Plen=8 bytes
- ! Slen=32 bits
- IterCount=1, 80000