1 files changed, 67 insertions, 6 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
index 8d01b5d8b0..bd45a733b4 100644
--- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go
+++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,7 +1,7 @@
-/* $OpenBSD: wycheproof.go,v 1.125 2022/01/14 09:35:18 tb Exp $ */
+/* $OpenBSD: wycheproof.go,v 1.126 2022/05/05 18:34:27 tb Exp $ */
 /*
 * Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
- * Copyright (c) 2018, 2019 Theo Buehler <tb@openbsd.org>
+ * Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
@@ -22,6 +22,7 @@ package main
 /*
 #cgo LDFLAGS: -lcrypto
+#include <limits.h>
 #include <string.h>
 #include <openssl/aes.h>
@@ -33,12 +34,42 @@ package main
 #include <openssl/ec.h>
 #include <openssl/ecdsa.h>
 #include <openssl/evp.h>
-#include <openssl/hkdf.h>
+#include <openssl/kdf.h>
 #include <openssl/hmac.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 #include <openssl/rsa.h>
+int
+wp_EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md)
+{
+        return EVP_PKEY_CTX_set_hkdf_md(pctx, md);
+}
+int
+wp_EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *pctx, const unsigned char *salt, size_t salt_len)
+{
+        if (salt_len > INT_MAX)
+                return 0;
+        return EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len);
+}
+int
+wp_EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *pctx, const unsigned char *ikm, size_t ikm_len)
+{
+        if (ikm_len > INT_MAX)
+                return 0;
+        return EVP_PKEY_CTX_set1_hkdf_key(pctx, ikm, ikm_len);
+}
+int
+wp_EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *pctx, const unsigned char *info, size_t info_len)
+{
+        if (info_len > INT_MAX)
+                return 0;
+        return EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len);
+}
 */
 import "C"
@@ -1943,9 +1974,39 @@ func runHkdfTest(md *C.EVP_MD, wt *wycheproofTestHkdf) bool {
                out = append(out, 0)
        }
-        ret := C.HKDF((*C.uchar)(unsafe.Pointer(&out[0])), C.size_t(outLen), md, (*C.uchar)(unsafe.Pointer(&ikm[0])), C.size_t(ikmLen), (*C.uchar)(&salt[0]), C.size_t(saltLen), (*C.uchar)(unsafe.Pointer(&info[0])), C.size_t(infoLen))
+        pctx := C.EVP_PKEY_CTX_new_id(C.EVP_PKEY_HKDF, nil)
+        if pctx == nil {
+                log.Fatalf("EVP_PKEY_CTX_new_id failed")
+        }
+        defer C.EVP_PKEY_CTX_free(pctx)
-        if ret != 1 {
+        ret := C.EVP_PKEY_derive_init(pctx)
+        if ret <= 0 {
+                log.Fatalf("EVP_PKEY_derive_init failed, want 1, got %d", ret)
+        }
+        ret = C.wp_EVP_PKEY_CTX_set_hkdf_md(pctx, md)
+        if ret <= 0 {
+                log.Fatalf("EVP_PKEY_CTX_set_hkdf_md failed, want 1, got %d", ret)
+        }
+        ret = C.wp_EVP_PKEY_CTX_set1_hkdf_salt(pctx, (*C.uchar)(&salt[0]), C.size_t(saltLen))
+        if ret <= 0 {
+                log.Fatalf("EVP_PKEY_CTX_set1_hkdf_salt failed, want 1, got %d", ret)
+        }
+        ret = C.wp_EVP_PKEY_CTX_set1_hkdf_key(pctx, (*C.uchar)(&ikm[0]), C.size_t(ikmLen))
+        if ret <= 0 {
+                log.Fatalf("EVP_PKEY_CTX_set1_hkdf_key failed, want 1, got %d", ret)
+        }
+        ret = C.wp_EVP_PKEY_CTX_add1_hkdf_info(pctx, (*C.uchar)(&info[0]), C.size_t(infoLen))
+        if ret <= 0 {
+                log.Fatalf("EVP_PKEY_CTX_add1_hkdf_info failed, want 1, got %d", ret)
+        }
+        ret = C.EVP_PKEY_derive(pctx, (*C.uchar)(unsafe.Pointer(&out[0])), (*C.size_t)(unsafe.Pointer(&outLen)))
+        if ret <= 0 {
                success := wt.Result == "invalid"
                if !success {
                        fmt.Printf("FAIL: Test case %d (%q) %v - got %d, want %v\n", wt.TCID, wt.Comment, wt.Flags, ret, wt.Result)
@@ -1958,7 +2019,7 @@ func runHkdfTest(md *C.EVP_MD, wt *wycheproofTestHkdf) bool {
                log.Fatalf("Failed to decode okm %q: %v", wt.Okm, err)
        }
        if !bytes.Equal(out[:outLen], okm) {
-                fmt.Printf("FAIL: Test case %d (%q) %v - expected and computed output don't match: %v", wt.TCID, wt.Comment, wt.Flags, wt.Result)
+                fmt.Printf("FAIL: Test case %d (%q) %v - expected and computed output don't match: %v\n", wt.TCID, wt.Comment, wt.Flags, wt.Result)
        }
        return wt.Result == "valid"

diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 8d01b5d8b0..bd45a733b4 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,7 +1,7 @@
1	/* $OpenBSD: wycheproof.go,v 1.125 2022/01/14 09:35:18 tb Exp $ */	1	/* $OpenBSD: wycheproof.go,v 1.126 2022/05/05 18:34:27 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2018, 2019 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org>
5	*	5	*
6	* Permission to use, copy, modify, and distribute this software for any	6	* Permission to use, copy, modify, and distribute this software for any
7	* purpose with or without fee is hereby granted, provided that the above	7	* purpose with or without fee is hereby granted, provided that the above
@@ -22,6 +22,7 @@ package main
22	/*	22	/*
23	#cgo LDFLAGS: -lcrypto	23	#cgo LDFLAGS: -lcrypto
24		24
		25	#include <limits.h>
25	#include <string.h>	26	#include <string.h>
26		27
27	#include <openssl/aes.h>	28	#include <openssl/aes.h>
@@ -33,12 +34,42 @@ package main
33	#include <openssl/ec.h>	34	#include <openssl/ec.h>
34	#include <openssl/ecdsa.h>	35	#include <openssl/ecdsa.h>
35	#include <openssl/evp.h>	36	#include <openssl/evp.h>
36	#include <openssl/hkdf.h>	37	#include <openssl/kdf.h>
37	#include <openssl/hmac.h>	38	#include <openssl/hmac.h>
38	#include <openssl/objects.h>	39	#include <openssl/objects.h>
39	#include <openssl/pem.h>	40	#include <openssl/pem.h>
40	#include <openssl/x509.h>	41	#include <openssl/x509.h>
41	#include <openssl/rsa.h>	42	#include <openssl/rsa.h>
		43
		44	int
		45	wp_EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX pctx, const EVP_MD md)
		46	{
		47	return EVP_PKEY_CTX_set_hkdf_md(pctx, md);
		48	}
		49
		50	int
		51	wp_EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX pctx, const unsigned char salt, size_t salt_len)
		52	{
		53	if (salt_len > INT_MAX)
		54	return 0;
		55	return EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len);
		56	}
		57
		58	int
		59	wp_EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX pctx, const unsigned char ikm, size_t ikm_len)
		60	{
		61	if (ikm_len > INT_MAX)
		62	return 0;
		63	return EVP_PKEY_CTX_set1_hkdf_key(pctx, ikm, ikm_len);
		64	}
		65
		66	int
		67	wp_EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX pctx, const unsigned char info, size_t info_len)
		68	{
		69	if (info_len > INT_MAX)
		70	return 0;
		71	return EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len);
		72	}
42	*/	73	*/
43	import "C"	74	import "C"
44		75
@@ -1943,9 +1974,39 @@ func runHkdfTest(md C.EVP_MD, wt wycheproofTestHkdf) bool {
1943	out = append(out, 0)	1974	out = append(out, 0)
1944	}	1975	}
1945		1976
1946	ret := C.HKDF((C.uchar)(unsafe.Pointer(&out[0])), C.size_t(outLen), md, (C.uchar)(unsafe.Pointer(&ikm[0])), C.size_t(ikmLen), (C.uchar)(&salt[0]), C.size_t(saltLen), (C.uchar)(unsafe.Pointer(&info[0])), C.size_t(infoLen))	1977	pctx := C.EVP_PKEY_CTX_new_id(C.EVP_PKEY_HKDF, nil)
		1978	if pctx == nil {
		1979	log.Fatalf("EVP_PKEY_CTX_new_id failed")
		1980	}
		1981	defer C.EVP_PKEY_CTX_free(pctx)
1947		1982
1948	if ret != 1 {	1983	ret := C.EVP_PKEY_derive_init(pctx)
		1984	if ret <= 0 {
		1985	log.Fatalf("EVP_PKEY_derive_init failed, want 1, got %d", ret)
		1986	}
		1987
		1988	ret = C.wp_EVP_PKEY_CTX_set_hkdf_md(pctx, md)
		1989	if ret <= 0 {
		1990	log.Fatalf("EVP_PKEY_CTX_set_hkdf_md failed, want 1, got %d", ret)
		1991	}
		1992
		1993	ret = C.wp_EVP_PKEY_CTX_set1_hkdf_salt(pctx, (*C.uchar)(&salt[0]), C.size_t(saltLen))
		1994	if ret <= 0 {
		1995	log.Fatalf("EVP_PKEY_CTX_set1_hkdf_salt failed, want 1, got %d", ret)
		1996	}
		1997
		1998	ret = C.wp_EVP_PKEY_CTX_set1_hkdf_key(pctx, (*C.uchar)(&ikm[0]), C.size_t(ikmLen))
		1999	if ret <= 0 {
		2000	log.Fatalf("EVP_PKEY_CTX_set1_hkdf_key failed, want 1, got %d", ret)
		2001	}
		2002
		2003	ret = C.wp_EVP_PKEY_CTX_add1_hkdf_info(pctx, (*C.uchar)(&info[0]), C.size_t(infoLen))
		2004	if ret <= 0 {
		2005	log.Fatalf("EVP_PKEY_CTX_add1_hkdf_info failed, want 1, got %d", ret)
		2006	}
		2007
		2008	ret = C.EVP_PKEY_derive(pctx, (C.uchar)(unsafe.Pointer(&out[0])), (C.size_t)(unsafe.Pointer(&outLen)))
		2009	if ret <= 0 {
1949	success := wt.Result == "invalid"	2010	success := wt.Result == "invalid"
1950	if !success {	2011	if !success {
1951	fmt.Printf("FAIL: Test case %d (%q) %v - got %d, want %v\n", wt.TCID, wt.Comment, wt.Flags, ret, wt.Result)	2012	fmt.Printf("FAIL: Test case %d (%q) %v - got %d, want %v\n", wt.TCID, wt.Comment, wt.Flags, ret, wt.Result)
@@ -1958,7 +2019,7 @@ func runHkdfTest(md C.EVP_MD, wt wycheproofTestHkdf) bool {
1958	log.Fatalf("Failed to decode okm %q: %v", wt.Okm, err)	2019	log.Fatalf("Failed to decode okm %q: %v", wt.Okm, err)
1959	}	2020	}
1960	if !bytes.Equal(out[:outLen], okm) {	2021	if !bytes.Equal(out[:outLen], okm) {
1961	fmt.Printf("FAIL: Test case %d (%q) %v - expected and computed output don't match: %v", wt.TCID, wt.Comment, wt.Flags, wt.Result)	2022	fmt.Printf("FAIL: Test case %d (%q) %v - expected and computed output don't match: %v\n", wt.TCID, wt.Comment, wt.Flags, wt.Result)
1962	}	2023	}
1963		2024
1964	return wt.Result == "valid"	2025	return wt.Result == "valid"