Add note to HMAC test vectors from NIST

All the test vectors testing key length greater than the block length
were mislabelled as key length being equal to the block length. Add a
note to these test vectors indicating they are directly from the NIST
tests with the misleading input intact.

Change-Id: I9fe87971265ad48e9b835fccbe92306e1670b4d6
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49705
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

crypto/hmac_extra/hmac_tests.txt

@@ -33,6 +33,7 @@ Input = "Sample message for keylen<blocklen"
 Key = 000102030405060708090A0B0C0D0E0F10111213
 Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
 
+# This is actually keylen>blocklen, but the NIST test vectors have a misleading input.
 HMAC = SHA1
 Input = "Sample message for keylen=blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
@@ -48,6 +49,7 @@ Input = "Sample message for keylen<blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B
 Output = E3D249A8CFB67EF8B7A169E9A0A599714A2CECBA65999A51BEB8FBBE
 
+# This is actually keylen>blocklen, but the NIST test vectors have a misleading input.
 HMAC = SHA224
 Input = "Sample message for keylen=blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
@@ -63,6 +65,7 @@ Input = "Sample message for keylen<blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
 Output = A28CF43130EE696A98F14A37678B56BCFCBDD9E5CF69717FECF5480F0EBDF790
 
+# This is actually keylen>blocklen, but the NIST test vectors have a misleading input.
 HMAC = SHA256
 Input = "Sample message for keylen=blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
@@ -78,6 +81,7 @@ Input = "Sample message for keylen<blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F
 Output = 6EB242BDBB582CA17BEBFA481B1E23211464D2B7F8C20B9FF2201637B93646AF5AE9AC316E98DB45D9CAE773675EEED0
 
+# This is actually keylen>blocklen, but the NIST test vectors have a misleading input.
 HMAC = SHA384
 Input = "Sample message for keylen=blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
@@ -93,6 +97,7 @@ Input = "Sample message for keylen<blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
 Output = FD44C18BDA0BB0A6CE0E82B031BF2818F6539BD56EC00BDC10A8A2D730B3634DE2545D639B0F2CF710D0692C72A1896F1F211C2B922D1A96C392E07E7EA9FEDC
 
+# This is actually keylen>blocklen, but the NIST test vectors have a misleading input.
 HMAC = SHA512
 Input = "Sample message for keylen=blocklen"
 Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7