Update ACVP documentation (#2960)

Update ACVP documentation with new configuration support.

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license and the ISC license.

Author: samuel40791765

util/fipstools/acvp/ACVP.md

@@ -77,19 +77,40 @@ The other commands are as follows. (Note that you only need to implement the com
 | ECDSA/keyVer         | Curve name, X, Y | Single-byte valid flag |
 | ECDSA/sigGen         | Curve name, private key, hash name, message | R, S |
 | ECDSA/sigVer         | Curve name, hash name, message, X, Y, R, S | Single-byte validity flag |
+| EDDSA/keyGen         | Curve name | private key seed (D), public key (Q) |
+| EDDSA/keyVer         | Curve name, public key (Q) | Single-byte valid flag |
+| EDDSA/sigGen         | Curve name, private key seed (D), message, single-byte prehash flag, prehash context | Signature |
+| EDDSA/sigVer         | Curve name, message, public key (Q), signature, single-byte prehash flag | Single-byte validity flag |
 | FFDH                 | p, q, g, peer public key, local private key (or empty),  local public key (or empty) | Local public key, shared key |
 | HKDF/<HASH>    | key, salt, info, num output bytes | Key |
+| HKDFExpandLabel/<HASH> | Output length, secret, label, transcript hash | Key |
 | HMAC-SHA-1           | Value to hash, key        | Digest  |
 | HMAC-SHA2-224        | Value to hash, key        | Digest  |
 | HMAC-SHA2-256        | Value to hash, key        | Digest  |
 | HMAC-SHA2-384        | Value to hash, key        | Digest  |
 | HMAC-SHA2-512        | Value to hash, key        | Digest  |
 | HMAC-SHA2-512/224    | Value to hash, key        | Digest  |
 | HMAC-SHA2-512/256    | Value to hash, key        | Digest  |
+| HMAC-SHA3-224        | Value to hash, key        | Digest  |
+| HMAC-SHA3-256        | Value to hash, key        | Digest  |
+| HMAC-SHA3-384        | Value to hash, key        | Digest  |
+| HMAC-SHA3-512        | Value to hash, key        | Digest  |
 | hmacDRBG/<HASH>| Output length, entropy, personalisation, ad1, ad2, nonce | Output |
 | hmacDRBG-reseed/<HASH>| Output length, entropy, personalisation, reseedAD, reseedEntropy, ad1, ad2, nonce | Output |
 | hmacDRBG-pr/<HASH>| Output length, entropy, personalisation, ad1, entropy1, ad2, entropy2, nonce | Output |
-| KDF-counter          | Number output bytes, PRF name, counter location string, key, number of counter bits | Counter, output |
+| KDA/OneStep/<HASH> | z, fixedInfo, l | dkm |
+| KDA/OneStep/HMAC-<HASH> | z, salt, fixedInfo, l | dkm |
+| KDF/Counter/HMAC-<HASH> |  output len, keyIn, fixedData | keyOut |
+| KDF/Feedback/HMAC-<HASH> |  output len, keyIn, fixedData | keyOut |
+| ML-DSA-XX/keyGen     | Seed | Public key, private key |
+| ML-DSA-XX/sigGen     | Private key, message, randomizer, context, mu | Signature |
+| ML-DSA-XX/sigVer     | Public key, message, signature, context, mu | Single-byte validity flag |
+| ML-KEM-XX/keyGen     | Seed | Public key, private key |
+| ML-KEM-XX/encap      | Public key, entropy | Ciphertext, shared secret |
+| ML-KEM-XX/decap      | Private key, ciphertext | Shared secret |
+| ML-KEM-XX/encapKeyCheck| Public key | Single-byte validity flag |
+| ML-KEM-XX/decapKeyCheck| Private key | Single-byte validity flag |
+| PBKDF                | HMAC name, key length (bits), salt, password, iteration count | Derived key |
 | RSA/keyGen           | Modulus bit-size | e, p, q, n, d |
 | RSA/sigGen/<HASH>/pkcs1v1.5 | Modulus bit-size | n, e, signature |
 | RSA/sigGen/<HASH>/pss       | Modulus bit-size | n, e, signature |
@@ -102,6 +123,10 @@ The other commands are as follows. (Note that you only need to implement the com
 | SHA2-512             | Value to hash             | Digest  |
 | SHA2-512/224         | Value to hash             | Digest  |
 | SHA2-512/256         | Value to hash             | Digest  |
+| SHA3-224             | Value to hash             | Digest  |
+| SHA3-256             | Value to hash             | Digest  |
+| SHA3-384             | Value to hash             | Digest  |
+| SHA3-512             | Value to hash             | Digest  |
 | SHAKE-128            | Value to hash, output len | Digest  |
 | SHAKE-256            | Value to hash, output len | Digest  |
 | SHA-1/MCT            | Initial seed¹             | Digest  |
@@ -113,6 +138,12 @@ The other commands are as follows. (Note that you only need to implement the com
 | SHA2-512/256/MCT     | Initial seed¹             | Digest  |
 | SHAKE-128/MCT        | Initial seed_, output len | Digest  |
 | SHAKE-256/MCT        | Initial seed_, output len | Digest  |
+| SSHKDF/<HASH>/ivCli | k, h, sessionId, output len | initialIvClient |
+| SSHKDF/<HASH>/ivServ | k, h, sessionId, output len | initialIvServer |
+| SSHKDF/<HASH>/encryptCli | k, h, sessionId, output len | encryptionKeyClient |
+| SSHKDF/<HASH>/encryptServ | k, h, sessionId, output len | encryptionKeyServer |
+| SSHKDF/<HASH>/integCli | k, h, sessionId, output len | integrityKeyClient |
+| SSHKDF/<HASH>/integServ | k, h, sessionId, output len | integrityKeyServer |
 | TLSKDF/<1.0\|1.2>/<HASH> | Number output bytes, secret, label, seed1, seed2 | Output |
 
 ¹ The iterated tests would result in excessive numbers of round trips if the module wrapper handled only basic operations. Thus some ACVP logic is pushed down for these tests so that the inner loop can be handled locally. Either read the NIST documentation ([block-ciphers](https://pages.nist.gov/ACVP/draft-celi-acvp-symmetric.html#name-monte-carlo-tests-for-block) [hashes](https://pages.nist.gov/ACVP/draft-celi-acvp-sha.html#name-monte-carlo-tests-for-sha-1)) to understand the iteration count and return values or, probably more fruitfully, see how these functions are handled in the `modulewrapper` directory.