summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/regress/lib/libcrypto/evp/evp_test.c82
1 files changed, 81 insertions, 1 deletions
diff --git a/src/regress/lib/libcrypto/evp/evp_test.c b/src/regress/lib/libcrypto/evp/evp_test.c
index a699832c45..0bd8b4d092 100644
--- a/src/regress/lib/libcrypto/evp/evp_test.c
+++ b/src/regress/lib/libcrypto/evp/evp_test.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_test.c,v 1.20 2024/07/09 17:24:12 tb Exp $ */ 1/* $OpenBSD: evp_test.c,v 1.21 2025/05/22 00:13:47 kenjiro Exp $ */
2/* 2/*
3 * Copyright (c) 2017, 2022 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2017, 2022 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2023, 2024 Theo Buehler <tb@openbsd.org> 4 * Copyright (c) 2023, 2024 Theo Buehler <tb@openbsd.org>
@@ -802,6 +802,85 @@ kdf_compare_bytes(const char *label, const unsigned char *d1, int len1,
802} 802}
803 803
804static int 804static int
805evp_kdf_hkdf_basic(void)
806{
807 EVP_PKEY_CTX *pctx;
808 unsigned char out[42];
809 size_t outlen = sizeof(out);
810 int failed = 1;
811
812 /* Test vector from RFC 5869, Appendix A.1. */
813 const unsigned char ikm[] = {
814 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
815 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
816 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
817 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
818 0x0b, 0x0b,
819 };
820 const unsigned char salt[] = {
821 0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
822 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
823 0x0c,
824 };
825 const unsigned char info[] = {
826 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5,
827 0xf6, 0xf7, 0xf8, 0xf9,
828 };
829 const unsigned char expected[42] = {
830 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
831 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
832 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
833 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
834 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
835 0x58, 0x65,
836 };
837
838 if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) {
839 fprintf(stderr, "FAIL: EVP_PKEY_CTX_new_id\n");
840 goto err;
841 }
842
843 if (EVP_PKEY_derive_init(pctx) <= 0) {
844 fprintf(stderr, "FAIL: EVP_PKEY_derive_init\n");
845 goto err;
846 }
847
848 if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) {
849 fprintf(stderr, "FAIL: EVP_PKEY_CTX_set_hkdf_md\n");
850 goto err;
851 }
852
853 if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, sizeof(salt)) <= 0) {
854 fprintf(stderr, "FAIL: EVP_PKEY_CTX_set1_hkdf_salt\n");
855 goto err;
856 }
857
858 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, ikm, sizeof(ikm)) <= 0) {
859 fprintf(stderr, "FAIL: EVP_PKEY_CTX_set1_hkdf_key\n");
860 goto err;
861 }
862
863 if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, sizeof(info)) <= 0) {
864 fprintf(stderr, "FAIL: EVP_PKEY_CTX_add1_hkdf_info\n");
865 goto err;
866 }
867
868 if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
869 fprintf(stderr, "FAIL: EVP_PKEY_derive\n");
870 goto err;
871 }
872
873 if (!kdf_compare_bytes("HKDF test", out, outlen, expected, sizeof(expected)))
874 goto err;
875
876 failed = 0;
877
878 err:
879 EVP_PKEY_CTX_free(pctx);
880 return failed;
881}
882
883static int
805evp_kdf_tls1_prf_basic(void) 884evp_kdf_tls1_prf_basic(void)
806{ 885{
807 EVP_PKEY_CTX *pctx; 886 EVP_PKEY_CTX *pctx;
@@ -1038,6 +1117,7 @@ main(int argc, char **argv)
1038 failed |= obj_name_do_all_test(); 1117 failed |= obj_name_do_all_test();
1039 failed |= evp_get_cipherbyname_test(); 1118 failed |= evp_get_cipherbyname_test();
1040 failed |= evp_get_digestbyname_test(); 1119 failed |= evp_get_digestbyname_test();
1120 failed |= evp_kdf_hkdf_basic();
1041 failed |= evp_kdf_tls1_prf_basic(); 1121 failed |= evp_kdf_tls1_prf_basic();
1042 failed |= evp_kdf_tls1_prf(); 1122 failed |= evp_kdf_tls1_prf();
1043 1123