diff options
Diffstat (limited to '')
-rw-r--r-- | src/regress/lib/libcrypto/evp/evp_test.c | 82 |
1 files changed, 81 insertions, 1 deletions
diff --git a/src/regress/lib/libcrypto/evp/evp_test.c b/src/regress/lib/libcrypto/evp/evp_test.c index a699832c45..0bd8b4d092 100644 --- a/src/regress/lib/libcrypto/evp/evp_test.c +++ b/src/regress/lib/libcrypto/evp/evp_test.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: evp_test.c,v 1.20 2024/07/09 17:24:12 tb Exp $ */ | 1 | /* $OpenBSD: evp_test.c,v 1.21 2025/05/22 00:13:47 kenjiro Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2017, 2022 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017, 2022 Joel Sing <jsing@openbsd.org> |
4 | * Copyright (c) 2023, 2024 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2023, 2024 Theo Buehler <tb@openbsd.org> |
@@ -802,6 +802,85 @@ kdf_compare_bytes(const char *label, const unsigned char *d1, int len1, | |||
802 | } | 802 | } |
803 | 803 | ||
804 | static int | 804 | static int |
805 | evp_kdf_hkdf_basic(void) | ||
806 | { | ||
807 | EVP_PKEY_CTX *pctx; | ||
808 | unsigned char out[42]; | ||
809 | size_t outlen = sizeof(out); | ||
810 | int failed = 1; | ||
811 | |||
812 | /* Test vector from RFC 5869, Appendix A.1. */ | ||
813 | const unsigned char ikm[] = { | ||
814 | 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, | ||
815 | 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, | ||
816 | 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, | ||
817 | 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, | ||
818 | 0x0b, 0x0b, | ||
819 | }; | ||
820 | const unsigned char salt[] = { | ||
821 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, | ||
822 | 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, | ||
823 | 0x0c, | ||
824 | }; | ||
825 | const unsigned char info[] = { | ||
826 | 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, | ||
827 | 0xf6, 0xf7, 0xf8, 0xf9, | ||
828 | }; | ||
829 | const unsigned char expected[42] = { | ||
830 | 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, | ||
831 | 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, | ||
832 | 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, | ||
833 | 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, | ||
834 | 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, | ||
835 | 0x58, 0x65, | ||
836 | }; | ||
837 | |||
838 | if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) { | ||
839 | fprintf(stderr, "FAIL: EVP_PKEY_CTX_new_id\n"); | ||
840 | goto err; | ||
841 | } | ||
842 | |||
843 | if (EVP_PKEY_derive_init(pctx) <= 0) { | ||
844 | fprintf(stderr, "FAIL: EVP_PKEY_derive_init\n"); | ||
845 | goto err; | ||
846 | } | ||
847 | |||
848 | if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) { | ||
849 | fprintf(stderr, "FAIL: EVP_PKEY_CTX_set_hkdf_md\n"); | ||
850 | goto err; | ||
851 | } | ||
852 | |||
853 | if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, sizeof(salt)) <= 0) { | ||
854 | fprintf(stderr, "FAIL: EVP_PKEY_CTX_set1_hkdf_salt\n"); | ||
855 | goto err; | ||
856 | } | ||
857 | |||
858 | if (EVP_PKEY_CTX_set1_hkdf_key(pctx, ikm, sizeof(ikm)) <= 0) { | ||
859 | fprintf(stderr, "FAIL: EVP_PKEY_CTX_set1_hkdf_key\n"); | ||
860 | goto err; | ||
861 | } | ||
862 | |||
863 | if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, sizeof(info)) <= 0) { | ||
864 | fprintf(stderr, "FAIL: EVP_PKEY_CTX_add1_hkdf_info\n"); | ||
865 | goto err; | ||
866 | } | ||
867 | |||
868 | if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { | ||
869 | fprintf(stderr, "FAIL: EVP_PKEY_derive\n"); | ||
870 | goto err; | ||
871 | } | ||
872 | |||
873 | if (!kdf_compare_bytes("HKDF test", out, outlen, expected, sizeof(expected))) | ||
874 | goto err; | ||
875 | |||
876 | failed = 0; | ||
877 | |||
878 | err: | ||
879 | EVP_PKEY_CTX_free(pctx); | ||
880 | return failed; | ||
881 | } | ||
882 | |||
883 | static int | ||
805 | evp_kdf_tls1_prf_basic(void) | 884 | evp_kdf_tls1_prf_basic(void) |
806 | { | 885 | { |
807 | EVP_PKEY_CTX *pctx; | 886 | EVP_PKEY_CTX *pctx; |
@@ -1038,6 +1117,7 @@ main(int argc, char **argv) | |||
1038 | failed |= obj_name_do_all_test(); | 1117 | failed |= obj_name_do_all_test(); |
1039 | failed |= evp_get_cipherbyname_test(); | 1118 | failed |= evp_get_cipherbyname_test(); |
1040 | failed |= evp_get_digestbyname_test(); | 1119 | failed |= evp_get_digestbyname_test(); |
1120 | failed |= evp_kdf_hkdf_basic(); | ||
1041 | failed |= evp_kdf_tls1_prf_basic(); | 1121 | failed |= evp_kdf_tls1_prf_basic(); |
1042 | failed |= evp_kdf_tls1_prf(); | 1122 | failed |= evp_kdf_tls1_prf(); |
1043 | 1123 | ||