]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_kdf_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update copyright year
[thirdparty/openssl.git] / test / evp_kdf_test.c
1 /*
2 * Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2018-2020, Oracle and/or its affiliates. All rights reserved.
4 *
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
9 */
10
11 /* Tests of the EVP_KDF_CTX APIs */
12
13 #include <stdio.h>
14 #include <string.h>
15
16 #include <openssl/evp.h>
17 #include <openssl/kdf.h>
18 #include <openssl/core_names.h>
19 #include "testutil.h"
20
21 static EVP_KDF_CTX *get_kdfbyname(const char *name)
22 {
23 EVP_KDF *kdf = EVP_KDF_fetch(NULL, name, NULL);
24 EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf);
25
26 EVP_KDF_free(kdf);
27 return kctx;
28 }
29
30 static OSSL_PARAM *construct_tls1_prf_params(const char *digest, const char *secret,
31 const char *seed)
32 {
33 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 4);
34 OSSL_PARAM *p = params;
35
36 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
37 (char *)digest, 0);
38 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET,
39 (unsigned char *)secret,
40 strlen(secret));
41 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
42 (unsigned char *)seed,
43 strlen(seed));
44 *p = OSSL_PARAM_construct_end();
45
46 return params;
47 }
48
49 static int test_kdf_tls1_prf(void)
50 {
51 int ret;
52 EVP_KDF_CTX *kctx = NULL;
53 unsigned char out[16];
54 OSSL_PARAM *params;
55 static const unsigned char expected[sizeof(out)] = {
56 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
57 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
58 };
59
60 params = construct_tls1_prf_params("sha256", "secret", "seed");
61
62 ret =
63 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
64 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
65 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
66 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
67
68 EVP_KDF_CTX_free(kctx);
69 OPENSSL_free(params);
70 return ret;
71 }
72
73 static int test_kdf_tls1_prf_invalid_digest(void)
74 {
75 int ret;
76 EVP_KDF_CTX *kctx = NULL;
77 OSSL_PARAM *params;
78
79 params = construct_tls1_prf_params("blah", "secret", "seed");
80
81 ret =
82 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
83 && TEST_false(EVP_KDF_CTX_set_params(kctx, params));
84
85 EVP_KDF_CTX_free(kctx);
86 OPENSSL_free(params);
87 return ret;
88 }
89
90 static int test_kdf_tls1_prf_zero_output_size(void)
91 {
92 int ret;
93 EVP_KDF_CTX *kctx = NULL;
94 unsigned char out[16];
95 OSSL_PARAM *params;
96
97 params = construct_tls1_prf_params("sha256", "secret", "seed");
98
99 /* Negative test - derive should fail */
100 ret =
101 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
102 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
103 && TEST_int_eq(EVP_KDF_derive(kctx, out, 0), 0);
104
105 EVP_KDF_CTX_free(kctx);
106 OPENSSL_free(params);
107 return ret;
108 }
109
110 static int test_kdf_tls1_prf_empty_secret(void)
111 {
112 int ret;
113 EVP_KDF_CTX *kctx = NULL;
114 unsigned char out[16];
115 OSSL_PARAM *params;
116
117 params = construct_tls1_prf_params("sha256", "", "seed");
118
119 ret =
120 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
121 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
122 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
123
124 EVP_KDF_CTX_free(kctx);
125 OPENSSL_free(params);
126 return ret;
127 }
128
129 static int test_kdf_tls1_prf_1byte_secret(void)
130 {
131 int ret;
132 EVP_KDF_CTX *kctx = NULL;
133 unsigned char out[16];
134 OSSL_PARAM *params;
135
136 params = construct_tls1_prf_params("sha256", "1", "seed");
137
138 ret =
139 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
140 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
141 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
142
143 EVP_KDF_CTX_free(kctx);
144 OPENSSL_free(params);
145 return ret;
146 }
147
148 static int test_kdf_tls1_prf_empty_seed(void)
149 {
150 int ret;
151 EVP_KDF_CTX *kctx = NULL;
152 unsigned char out[16];
153 OSSL_PARAM *params;
154
155 params = construct_tls1_prf_params("sha256", "secret", "");
156
157 /* Negative test - derive should fail */
158 ret =
159 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
160 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
161 && TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
162
163 EVP_KDF_CTX_free(kctx);
164 OPENSSL_free(params);
165 return ret;
166 }
167
168 static int test_kdf_tls1_prf_1byte_seed(void)
169 {
170 int ret;
171 EVP_KDF_CTX *kctx = NULL;
172 unsigned char out[16];
173 OSSL_PARAM *params;
174
175 params = construct_tls1_prf_params("sha256", "secret", "1");
176
177 ret =
178 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
179 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
180 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
181
182 EVP_KDF_CTX_free(kctx);
183 OPENSSL_free(params);
184 return ret;
185 }
186
187 static OSSL_PARAM *construct_hkdf_params(char *digest, char *key,
188 size_t keylen, char *salt, char *info)
189 {
190 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5);
191 OSSL_PARAM *p = params;
192
193 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
194 digest, 0);
195 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
196 salt, strlen(salt));
197 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
198 (unsigned char *)key, keylen);
199 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
200 info, strlen(info));
201 *p = OSSL_PARAM_construct_end();
202
203 return params;
204 }
205
206 static int test_kdf_hkdf(void)
207 {
208 int ret;
209 EVP_KDF_CTX *kctx;
210 unsigned char out[10];
211 OSSL_PARAM *params;
212 static const unsigned char expected[sizeof(out)] = {
213 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
214 };
215
216 params = construct_hkdf_params("sha256", "secret", 6, "salt", "label");
217
218 ret =
219 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
220 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
221 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
222 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
223
224 EVP_KDF_CTX_free(kctx);
225 OPENSSL_free(params);
226 return ret;
227 }
228
229 static int test_kdf_hkdf_invalid_digest(void)
230 {
231 int ret;
232 EVP_KDF_CTX *kctx;
233 OSSL_PARAM *params;
234
235 params = construct_hkdf_params("blah", "secret", 6, "salt", "label");
236
237 ret =
238 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
239 && TEST_false(EVP_KDF_CTX_set_params(kctx, params));
240
241 EVP_KDF_CTX_free(kctx);
242 OPENSSL_free(params);
243 return ret;
244 }
245
246 static int test_kdf_hkdf_zero_output_size(void)
247 {
248 int ret;
249 EVP_KDF_CTX *kctx;
250 unsigned char out[10];
251 OSSL_PARAM *params;
252
253 params = construct_hkdf_params("sha256", "secret", 6, "salt", "label");
254
255 /* Negative test - derive should fail */
256 ret =
257 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
258 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
259 && TEST_int_eq(EVP_KDF_derive(kctx, out, 0), 0);
260
261 EVP_KDF_CTX_free(kctx);
262 OPENSSL_free(params);
263 return ret;
264 }
265
266 static int test_kdf_hkdf_empty_key(void)
267 {
268 int ret;
269 EVP_KDF_CTX *kctx;
270 unsigned char out[10];
271 OSSL_PARAM *params;
272
273 params = construct_hkdf_params("sha256", "", 0, "salt", "label");
274
275 ret =
276 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
277 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
278 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
279
280 EVP_KDF_CTX_free(kctx);
281 OPENSSL_free(params);
282 return ret;
283 }
284
285 static int test_kdf_hkdf_1byte_key(void)
286 {
287 int ret;
288 EVP_KDF_CTX *kctx;
289 unsigned char out[10];
290 OSSL_PARAM *params;
291
292 params = construct_hkdf_params("sha256", "1", 1, "salt", "label");
293
294 ret =
295 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
296 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
297 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
298
299 EVP_KDF_CTX_free(kctx);
300 OPENSSL_free(params);
301 return ret;
302 }
303
304 static int test_kdf_hkdf_empty_salt(void)
305 {
306 int ret;
307 EVP_KDF_CTX *kctx;
308 unsigned char out[10];
309 OSSL_PARAM *params;
310
311 params = construct_hkdf_params("sha256", "secret", 6, "", "label");
312
313 ret =
314 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
315 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
316 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
317
318 EVP_KDF_CTX_free(kctx);
319 OPENSSL_free(params);
320 return ret;
321 }
322
323 static OSSL_PARAM *construct_pbkdf2_params(char *pass, char *digest, char *salt,
324 unsigned int *iter, int *mode)
325 {
326 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 6);
327 OSSL_PARAM *p = params;
328
329 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
330 (unsigned char *)pass, strlen(pass));
331 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
332 (unsigned char *)salt, strlen(salt));
333 *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_ITER, iter);
334 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
335 digest, 0);
336 *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_PKCS5, mode);
337 *p = OSSL_PARAM_construct_end();
338
339 return params;
340 }
341
342 static int test_kdf_pbkdf2(void)
343 {
344 int ret = 0;
345 EVP_KDF_CTX *kctx;
346 unsigned char out[25];
347 unsigned int iterations = 4096;
348 int mode = 0;
349 OSSL_PARAM *params;
350 const unsigned char expected[sizeof(out)] = {
351 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f,
352 0x32, 0xd8, 0x14, 0xb8, 0x11, 0x6e, 0x84, 0xcf,
353 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
354 0x1c
355 };
356
357 params = construct_pbkdf2_params("passwordPASSWORDpassword", "sha256",
358 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
359 &iterations, &mode);
360
361 if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
362 || !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
363 || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
364 || !TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)))
365 goto err;
366
367 ret = 1;
368 err:
369 EVP_KDF_CTX_free(kctx);
370 OPENSSL_free(params);
371 return ret;
372 }
373
374 static int test_kdf_pbkdf2_small_output(void)
375 {
376 int ret = 0;
377 EVP_KDF_CTX *kctx;
378 unsigned char out[25];
379 unsigned int iterations = 4096;
380 int mode = 0;
381 OSSL_PARAM *params;
382
383 params = construct_pbkdf2_params("passwordPASSWORDpassword", "sha256",
384 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
385 &iterations, &mode);
386
387 if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
388 || !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
389 /* A key length that is too small should fail */
390 || !TEST_int_eq(EVP_KDF_derive(kctx, out, 112 / 8 - 1), 0))
391 goto err;
392
393 ret = 1;
394 err:
395 EVP_KDF_CTX_free(kctx);
396 OPENSSL_free(params);
397 return ret;
398 }
399
400 static int test_kdf_pbkdf2_large_output(void)
401 {
402 int ret = 0;
403 EVP_KDF_CTX *kctx;
404 unsigned char out[25];
405 size_t len = 0;
406 unsigned int iterations = 4096;
407 int mode = 0;
408 OSSL_PARAM *params;
409
410 if (sizeof(len) > 32)
411 len = SIZE_MAX;
412
413 params = construct_pbkdf2_params("passwordPASSWORDpassword", "sha256",
414 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
415 &iterations, &mode);
416
417 if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
418 || !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
419 /* A key length that is too large should fail */
420 || (len != 0 && !TEST_int_eq(EVP_KDF_derive(kctx, out, len), 0)))
421 goto err;
422
423 ret = 1;
424 err:
425 EVP_KDF_CTX_free(kctx);
426 OPENSSL_free(params);
427 return ret;
428 }
429
430 static int test_kdf_pbkdf2_small_salt(void)
431 {
432 int ret = 0;
433 EVP_KDF_CTX *kctx;
434 unsigned int iterations = 4096;
435 int mode = 0;
436 OSSL_PARAM *params;
437
438 params = construct_pbkdf2_params("passwordPASSWORDpassword", "sha256",
439 "saltSALT",
440 &iterations, &mode);
441
442 if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
443 /* A salt that is too small should fail */
444 || !TEST_false(EVP_KDF_CTX_set_params(kctx, params)))
445 goto err;
446
447 ret = 1;
448 err:
449 EVP_KDF_CTX_free(kctx);
450 OPENSSL_free(params);
451 return ret;
452 }
453
454 static int test_kdf_pbkdf2_small_iterations(void)
455 {
456 int ret = 0;
457 EVP_KDF_CTX *kctx;
458 unsigned int iterations = 1;
459 int mode = 0;
460 OSSL_PARAM *params;
461
462 params = construct_pbkdf2_params("passwordPASSWORDpassword", "sha256",
463 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
464 &iterations, &mode);
465
466 if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
467 /* An iteration count that is too small should fail */
468 || !TEST_false(EVP_KDF_CTX_set_params(kctx, params)))
469 goto err;
470
471 ret = 1;
472 err:
473 EVP_KDF_CTX_free(kctx);
474 OPENSSL_free(params);
475 return ret;
476 }
477
478 static int test_kdf_pbkdf2_small_salt_pkcs5(void)
479 {
480 int ret = 0;
481 EVP_KDF_CTX *kctx;
482 unsigned char out[25];
483 unsigned int iterations = 4096;
484 int mode = 1;
485 OSSL_PARAM *params;
486 OSSL_PARAM mode_params[2];
487
488 params = construct_pbkdf2_params("passwordPASSWORDpassword", "sha256",
489 "saltSALT",
490 &iterations, &mode);
491
492 if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
493 /* A salt that is too small should pass in pkcs5 mode */
494 || !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
495 || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0))
496 goto err;
497
498 mode = 0;
499 mode_params[0] = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_PKCS5, &mode);
500 mode_params[1] = OSSL_PARAM_construct_end();
501
502 /* If the "pkcs5" mode is disabled then the derive will now fail */
503 if (!TEST_true(EVP_KDF_CTX_set_params(kctx, mode_params))
504 || !TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0))
505 goto err;
506
507 ret = 1;
508 err:
509 EVP_KDF_CTX_free(kctx);
510 OPENSSL_free(params);
511 return ret;
512 }
513
514 static int test_kdf_pbkdf2_small_iterations_pkcs5(void)
515 {
516 int ret = 0;
517 EVP_KDF_CTX *kctx;
518 unsigned char out[25];
519 unsigned int iterations = 1;
520 int mode = 1;
521 OSSL_PARAM *params;
522 OSSL_PARAM mode_params[2];
523
524 params = construct_pbkdf2_params("passwordPASSWORDpassword", "sha256",
525 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
526 &iterations, &mode);
527
528 if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
529 /* An iteration count that is too small will pass in pkcs5 mode */
530 || !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
531 || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0))
532 goto err;
533
534 mode = 0;
535 mode_params[0] = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_PKCS5, &mode);
536 mode_params[1] = OSSL_PARAM_construct_end();
537
538 /* If the "pkcs5" mode is disabled then the derive will now fail */
539 if (!TEST_true(EVP_KDF_CTX_set_params(kctx, mode_params))
540 || !TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0))
541 goto err;
542
543 ret = 1;
544 err:
545 EVP_KDF_CTX_free(kctx);
546 OPENSSL_free(params);
547 return ret;
548 }
549
550 static int test_kdf_pbkdf2_invalid_digest(void)
551 {
552 int ret = 0;
553 EVP_KDF_CTX *kctx;
554 unsigned int iterations = 4096;
555 int mode = 0;
556 OSSL_PARAM *params;
557
558 params = construct_pbkdf2_params("passwordPASSWORDpassword", "blah",
559 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
560 &iterations, &mode);
561
562 if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
563 /* Unknown digest should fail */
564 || !TEST_false(EVP_KDF_CTX_set_params(kctx, params)))
565 goto err;
566
567 ret = 1;
568 err:
569 EVP_KDF_CTX_free(kctx);
570 OPENSSL_free(params);
571 return ret;
572 }
573
574 #ifndef OPENSSL_NO_SCRYPT
575 static int test_kdf_scrypt(void)
576 {
577 int ret;
578 EVP_KDF_CTX *kctx;
579 OSSL_PARAM params[7], *p = params;
580 unsigned char out[64];
581 unsigned int nu = 1024, ru = 8, pu = 16, maxmem = 16;
582 static const unsigned char expected[sizeof(out)] = {
583 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
584 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
585 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
586 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
587 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
588 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
589 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
590 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
591 };
592
593 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
594 (char *)"password", 8);
595 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
596 (char *)"NaCl", 4);
597 *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_N, &nu);
598 *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_R, &ru);
599 *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_P, &pu);
600 *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_MAXMEM, &maxmem);
601 *p = OSSL_PARAM_construct_end();
602
603 ret =
604 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SCRYPT))
605 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
606 /* failure test *//*
607 && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out)), 0)*/
608 && TEST_true(OSSL_PARAM_set_uint(p - 1, 10 * 1024 * 1024))
609 && TEST_true(EVP_KDF_CTX_set_params(kctx, p - 1))
610 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
611 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
612
613 EVP_KDF_CTX_free(kctx);
614 return ret;
615 }
616 #endif /* OPENSSL_NO_SCRYPT */
617
618 static int test_kdf_ss_hash(void)
619 {
620 int ret;
621 EVP_KDF_CTX *kctx;
622 OSSL_PARAM params[4], *p = params;
623 unsigned char out[14];
624 static unsigned char z[] = {
625 0x6d,0xbd,0xc2,0x3f,0x04,0x54,0x88,0xe4,0x06,0x27,0x57,0xb0,0x6b,0x9e,
626 0xba,0xe1,0x83,0xfc,0x5a,0x59,0x46,0xd8,0x0d,0xb9,0x3f,0xec,0x6f,0x62,
627 0xec,0x07,0xe3,0x72,0x7f,0x01,0x26,0xae,0xd1,0x2c,0xe4,0xb2,0x62,0xf4,
628 0x7d,0x48,0xd5,0x42,0x87,0xf8,0x1d,0x47,0x4c,0x7c,0x3b,0x18,0x50,0xe9
629 };
630 static unsigned char other[] = {
631 0xa1,0xb2,0xc3,0xd4,0xe5,0x43,0x41,0x56,0x53,0x69,0x64,0x3c,0x83,0x2e,
632 0x98,0x49,0xdc,0xdb,0xa7,0x1e,0x9a,0x31,0x39,0xe6,0x06,0xe0,0x95,0xde,
633 0x3c,0x26,0x4a,0x66,0xe9,0x8a,0x16,0x58,0x54,0xcd,0x07,0x98,0x9b,0x1e,
634 0xe0,0xec,0x3f,0x8d,0xbe
635 };
636 static const unsigned char expected[sizeof(out)] = {
637 0xa4,0x62,0xde,0x16,0xa8,0x9d,0xe8,0x46,0x6e,0xf5,0x46,0x0b,0x47,0xb8
638 };
639
640 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
641 (char *)"sha224", sizeof("sha224"));
642 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z, sizeof(z));
643 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, other,
644 sizeof(other));
645 *p = OSSL_PARAM_construct_end();
646
647 ret =
648 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SSKDF))
649 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
650 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
651 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
652
653 EVP_KDF_CTX_free(kctx);
654 return ret;
655 }
656
657 static int test_kdf_x963(void)
658 {
659 int ret;
660 EVP_KDF_CTX *kctx;
661 OSSL_PARAM params[4], *p = params;
662 unsigned char out[1024 / 8];
663 /*
664 * Test data from https://csrc.nist.gov/CSRC/media/Projects/
665 * Cryptographic-Algorithm-Validation-Program/documents/components/
666 * 800-135testvectors/ansx963_2001.zip
667 */
668 static unsigned char z[] = {
669 0x00, 0xaa, 0x5b, 0xb7, 0x9b, 0x33, 0xe3, 0x89, 0xfa, 0x58, 0xce, 0xad,
670 0xc0, 0x47, 0x19, 0x7f, 0x14, 0xe7, 0x37, 0x12, 0xf4, 0x52, 0xca, 0xa9,
671 0xfc, 0x4c, 0x9a, 0xdb, 0x36, 0x93, 0x48, 0xb8, 0x15, 0x07, 0x39, 0x2f,
672 0x1a, 0x86, 0xdd, 0xfd, 0xb7, 0xc4, 0xff, 0x82, 0x31, 0xc4, 0xbd, 0x0f,
673 0x44, 0xe4, 0x4a, 0x1b, 0x55, 0xb1, 0x40, 0x47, 0x47, 0xa9, 0xe2, 0xe7,
674 0x53, 0xf5, 0x5e, 0xf0, 0x5a, 0x2d
675 };
676 static unsigned char shared[] = {
677 0xe3, 0xb5, 0xb4, 0xc1, 0xb0, 0xd5, 0xcf, 0x1d, 0x2b, 0x3a, 0x2f, 0x99,
678 0x37, 0x89, 0x5d, 0x31
679 };
680 static const unsigned char expected[sizeof(out)] = {
681 0x44, 0x63, 0xf8, 0x69, 0xf3, 0xcc, 0x18, 0x76, 0x9b, 0x52, 0x26, 0x4b,
682 0x01, 0x12, 0xb5, 0x85, 0x8f, 0x7a, 0xd3, 0x2a, 0x5a, 0x2d, 0x96, 0xd8,
683 0xcf, 0xfa, 0xbf, 0x7f, 0xa7, 0x33, 0x63, 0x3d, 0x6e, 0x4d, 0xd2, 0xa5,
684 0x99, 0xac, 0xce, 0xb3, 0xea, 0x54, 0xa6, 0x21, 0x7c, 0xe0, 0xb5, 0x0e,
685 0xef, 0x4f, 0x6b, 0x40, 0xa5, 0xc3, 0x02, 0x50, 0xa5, 0xa8, 0xee, 0xee,
686 0x20, 0x80, 0x02, 0x26, 0x70, 0x89, 0xdb, 0xf3, 0x51, 0xf3, 0xf5, 0x02,
687 0x2a, 0xa9, 0x63, 0x8b, 0xf1, 0xee, 0x41, 0x9d, 0xea, 0x9c, 0x4f, 0xf7,
688 0x45, 0xa2, 0x5a, 0xc2, 0x7b, 0xda, 0x33, 0xca, 0x08, 0xbd, 0x56, 0xdd,
689 0x1a, 0x59, 0xb4, 0x10, 0x6c, 0xf2, 0xdb, 0xbc, 0x0a, 0xb2, 0xaa, 0x8e,
690 0x2e, 0xfa, 0x7b, 0x17, 0x90, 0x2d, 0x34, 0x27, 0x69, 0x51, 0xce, 0xcc,
691 0xab, 0x87, 0xf9, 0x66, 0x1c, 0x3e, 0x88, 0x16
692 };
693
694 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
695 (char *)"sha512", sizeof("sha512"));
696 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z, sizeof(z));
697 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, shared,
698 sizeof(shared));
699 *p = OSSL_PARAM_construct_end();
700
701 ret =
702 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_X963KDF))
703 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
704 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
705 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
706
707 EVP_KDF_CTX_free(kctx);
708 return ret;
709 }
710
711 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_CAMELLIA)
712 /*
713 * KBKDF test vectors from RFC 6803 (Camellia Encryption for Kerberos 5)
714 * section 10.
715 */
716 static int test_kdf_kbkdf_6803_128(void)
717 {
718 int ret = 0, i, p;
719 EVP_KDF_CTX *kctx;
720 OSSL_PARAM params[7];
721 static unsigned char input_key[] = {
722 0x57, 0xD0, 0x29, 0x72, 0x98, 0xFF, 0xD9, 0xD3,
723 0x5D, 0xE5, 0xA4, 0x7F, 0xB4, 0xBD, 0xE2, 0x4B,
724 };
725 static unsigned char constants[][5] = {
726 { 0x00, 0x00, 0x00, 0x02, 0x99 },
727 { 0x00, 0x00, 0x00, 0x02, 0xaa },
728 { 0x00, 0x00, 0x00, 0x02, 0x55 },
729 };
730 static unsigned char outputs[][16] = {
731 {0xD1, 0x55, 0x77, 0x5A, 0x20, 0x9D, 0x05, 0xF0,
732 0x2B, 0x38, 0xD4, 0x2A, 0x38, 0x9E, 0x5A, 0x56},
733 {0x64, 0xDF, 0x83, 0xF8, 0x5A, 0x53, 0x2F, 0x17,
734 0x57, 0x7D, 0x8C, 0x37, 0x03, 0x57, 0x96, 0xAB},
735 {0x3E, 0x4F, 0xBD, 0xF3, 0x0F, 0xB8, 0x25, 0x9C,
736 0x42, 0x5C, 0xB6, 0xC9, 0x6F, 0x1F, 0x46, 0x35}
737 };
738 static unsigned char iv[16] = { 0 };
739 unsigned char result[16] = { 0 };
740
741 for (i = 0; i < 3; i++) {
742 p = 0;
743 params[p++] = OSSL_PARAM_construct_utf8_string(
744 OSSL_KDF_PARAM_CIPHER, "CAMELLIA-128-CBC", 0);
745 params[p++] = OSSL_PARAM_construct_utf8_string(
746 OSSL_KDF_PARAM_MAC, "CMAC", 0);
747 params[p++] = OSSL_PARAM_construct_utf8_string(
748 OSSL_KDF_PARAM_MODE, "FEEDBACK", 0);
749 params[p++] = OSSL_PARAM_construct_octet_string(
750 OSSL_KDF_PARAM_KEY, input_key, sizeof(input_key));
751 params[p++] = OSSL_PARAM_construct_octet_string(
752 OSSL_KDF_PARAM_SALT, constants[i], sizeof(constants[i]));
753 params[p++] = OSSL_PARAM_construct_octet_string(
754 OSSL_KDF_PARAM_SEED, iv, sizeof(iv));
755 params[p] = OSSL_PARAM_construct_end();
756
757 kctx = get_kdfbyname("KBKDF");
758 ret = TEST_ptr(kctx)
759 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
760 && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
761 && TEST_mem_eq(result, sizeof(result), outputs[i],
762 sizeof(outputs[i]));
763 EVP_KDF_CTX_free(kctx);
764 if (ret != 1)
765 return ret;
766 }
767
768 return ret;
769 }
770
771 static int test_kdf_kbkdf_6803_256(void)
772 {
773 int ret = 0, i, p;
774 EVP_KDF_CTX *kctx;
775 OSSL_PARAM params[7];
776 static unsigned char input_key[] = {
777 0xB9, 0xD6, 0x82, 0x8B, 0x20, 0x56, 0xB7, 0xBE,
778 0x65, 0x6D, 0x88, 0xA1, 0x23, 0xB1, 0xFA, 0xC6,
779 0x82, 0x14, 0xAC, 0x2B, 0x72, 0x7E, 0xCF, 0x5F,
780 0x69, 0xAF, 0xE0, 0xC4, 0xDF, 0x2A, 0x6D, 0x2C,
781 };
782 static unsigned char constants[][5] = {
783 { 0x00, 0x00, 0x00, 0x02, 0x99 },
784 { 0x00, 0x00, 0x00, 0x02, 0xaa },
785 { 0x00, 0x00, 0x00, 0x02, 0x55 },
786 };
787 static unsigned char outputs[][32] = {
788 {0xE4, 0x67, 0xF9, 0xA9, 0x55, 0x2B, 0xC7, 0xD3,
789 0x15, 0x5A, 0x62, 0x20, 0xAF, 0x9C, 0x19, 0x22,
790 0x0E, 0xEE, 0xD4, 0xFF, 0x78, 0xB0, 0xD1, 0xE6,
791 0xA1, 0x54, 0x49, 0x91, 0x46, 0x1A, 0x9E, 0x50,
792 },
793 {0x41, 0x2A, 0xEF, 0xC3, 0x62, 0xA7, 0x28, 0x5F,
794 0xC3, 0x96, 0x6C, 0x6A, 0x51, 0x81, 0xE7, 0x60,
795 0x5A, 0xE6, 0x75, 0x23, 0x5B, 0x6D, 0x54, 0x9F,
796 0xBF, 0xC9, 0xAB, 0x66, 0x30, 0xA4, 0xC6, 0x04,
797 },
798 {0xFA, 0x62, 0x4F, 0xA0, 0xE5, 0x23, 0x99, 0x3F,
799 0xA3, 0x88, 0xAE, 0xFD, 0xC6, 0x7E, 0x67, 0xEB,
800 0xCD, 0x8C, 0x08, 0xE8, 0xA0, 0x24, 0x6B, 0x1D,
801 0x73, 0xB0, 0xD1, 0xDD, 0x9F, 0xC5, 0x82, 0xB0,
802 },
803 };
804 static unsigned char iv[16] = { 0 };
805 unsigned char result[32] = { 0 };
806
807 for (i = 0; i < 3; i++) {
808 p = 0;
809 params[p++] = OSSL_PARAM_construct_utf8_string(
810 OSSL_KDF_PARAM_CIPHER, "CAMELLIA-256-CBC", 0);
811 params[p++] = OSSL_PARAM_construct_utf8_string(
812 OSSL_KDF_PARAM_MAC, "CMAC", 0);
813 params[p++] = OSSL_PARAM_construct_utf8_string(
814 OSSL_KDF_PARAM_MODE, "FEEDBACK", 0);
815 params[p++] = OSSL_PARAM_construct_octet_string(
816 OSSL_KDF_PARAM_KEY, input_key, sizeof(input_key));
817 params[p++] = OSSL_PARAM_construct_octet_string(
818 OSSL_KDF_PARAM_SALT, constants[i], sizeof(constants[i]));
819 params[p++] = OSSL_PARAM_construct_octet_string(
820 OSSL_KDF_PARAM_SEED, iv, sizeof(iv));
821 params[p] = OSSL_PARAM_construct_end();
822
823 kctx = get_kdfbyname("KBKDF");
824 ret = TEST_ptr(kctx)
825 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
826 && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
827 && TEST_mem_eq(result, sizeof(result), outputs[i],
828 sizeof(outputs[i]));
829 EVP_KDF_CTX_free(kctx);
830 if (ret != 1)
831 return ret;
832 }
833
834 return ret;
835 }
836 #endif
837
838 static OSSL_PARAM *construct_kbkdf_params(char *digest, char *mac, unsigned char *key,
839 size_t keylen, char *salt, char *info)
840 {
841 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 7);
842 OSSL_PARAM *p = params;
843
844 *p++ = OSSL_PARAM_construct_utf8_string(
845 OSSL_KDF_PARAM_DIGEST, digest, 0);
846 *p++ = OSSL_PARAM_construct_utf8_string(
847 OSSL_KDF_PARAM_MAC, mac, 0);
848 *p++ = OSSL_PARAM_construct_utf8_string(
849 OSSL_KDF_PARAM_MODE, "COUNTER", 0);
850 *p++ = OSSL_PARAM_construct_octet_string(
851 OSSL_KDF_PARAM_KEY, key, keylen);
852 *p++ = OSSL_PARAM_construct_octet_string(
853 OSSL_KDF_PARAM_SALT, salt, strlen(salt));
854 *p++ = OSSL_PARAM_construct_octet_string(
855 OSSL_KDF_PARAM_INFO, info, strlen(info));
856 *p = OSSL_PARAM_construct_end();
857
858 return params;
859 }
860
861 static int test_kdf_kbkdf_invalid_digest(void)
862 {
863 int ret;
864 EVP_KDF_CTX *kctx;
865 OSSL_PARAM *params;
866
867 static unsigned char key[] = {0x01};
868
869 params = construct_kbkdf_params("blah", "HMAC", key, 1, "prf", "test");
870
871 /* Negative test case - set_params should fail */
872 kctx = get_kdfbyname("KBKDF");
873 ret = TEST_ptr(kctx)
874 && TEST_false(EVP_KDF_CTX_set_params(kctx, params));
875
876 EVP_KDF_CTX_free(kctx);
877 OPENSSL_free(params);
878 return ret;
879 }
880
881 static int test_kdf_kbkdf_invalid_mac(void)
882 {
883 int ret;
884 EVP_KDF_CTX *kctx;
885 OSSL_PARAM *params;
886
887 static unsigned char key[] = {0x01};
888
889 params = construct_kbkdf_params("sha256", "blah", key, 1, "prf", "test");
890
891 /* Negative test case - set_params should fail */
892 kctx = get_kdfbyname("KBKDF");
893 ret = TEST_ptr(kctx)
894 && TEST_false(EVP_KDF_CTX_set_params(kctx, params));
895
896 EVP_KDF_CTX_free(kctx);
897 OPENSSL_free(params);
898 return ret;
899 }
900
901 static int test_kdf_kbkdf_empty_key(void)
902 {
903 int ret;
904 EVP_KDF_CTX *kctx;
905 OSSL_PARAM *params;
906
907 static unsigned char key[] = {0x01};
908 unsigned char result[32] = { 0 };
909
910 params = construct_kbkdf_params("sha256", "HMAC", key, 0, "prf", "test");
911
912 /* Negative test case - derive should fail */
913 kctx = get_kdfbyname("KBKDF");
914 ret = TEST_ptr(kctx)
915 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
916 && TEST_int_eq(EVP_KDF_derive(kctx, result, sizeof(result)), 0);
917
918 EVP_KDF_CTX_free(kctx);
919 OPENSSL_free(params);
920 return ret;
921 }
922
923 static int test_kdf_kbkdf_1byte_key(void)
924 {
925 int ret;
926 EVP_KDF_CTX *kctx;
927 OSSL_PARAM *params;
928
929 static unsigned char key[] = {0x01};
930 unsigned char result[32] = { 0 };
931
932 params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test");
933
934 kctx = get_kdfbyname("KBKDF");
935 ret = TEST_ptr(kctx)
936 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
937 && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0);
938
939 EVP_KDF_CTX_free(kctx);
940 OPENSSL_free(params);
941 return ret;
942 }
943
944 static int test_kdf_kbkdf_zero_output_size(void)
945 {
946 int ret;
947 EVP_KDF_CTX *kctx;
948 OSSL_PARAM *params;
949
950 static unsigned char key[] = {0x01};
951 unsigned char result[32] = { 0 };
952
953 params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test");
954
955 /* Negative test case - derive should fail */
956 kctx = get_kdfbyname("KBKDF");
957 ret = TEST_ptr(kctx)
958 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
959 && TEST_int_eq(EVP_KDF_derive(kctx, result, 0), 0);
960
961 EVP_KDF_CTX_free(kctx);
962 OPENSSL_free(params);
963 return ret;
964 }
965
966 /* Two test vectors from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos
967 * 5) appendix A. */
968 static int test_kdf_kbkdf_8009_prf1(void)
969 {
970 int ret, i = 0;
971 EVP_KDF_CTX *kctx;
972 OSSL_PARAM params[6];
973 char *label = "prf", *digest = "sha256", *prf_input = "test",
974 *mac = "HMAC";
975 static unsigned char input_key[] = {
976 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
977 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
978 };
979 static unsigned char output[] = {
980 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
981 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
982 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
983 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
984 };
985 unsigned char result[sizeof(output)] = { 0 };
986
987 params[i++] = OSSL_PARAM_construct_utf8_string(
988 OSSL_KDF_PARAM_DIGEST, digest, 0);
989 params[i++] = OSSL_PARAM_construct_utf8_string(
990 OSSL_KDF_PARAM_MAC, mac, 0);
991 params[i++] = OSSL_PARAM_construct_octet_string(
992 OSSL_KDF_PARAM_KEY, input_key, sizeof(input_key));
993 params[i++] = OSSL_PARAM_construct_octet_string(
994 OSSL_KDF_PARAM_SALT, label, strlen(label));
995 params[i++] = OSSL_PARAM_construct_octet_string(
996 OSSL_KDF_PARAM_INFO, prf_input, strlen(prf_input));
997 params[i] = OSSL_PARAM_construct_end();
998
999 kctx = get_kdfbyname("KBKDF");
1000 ret = TEST_ptr(kctx)
1001 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
1002 && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
1003 && TEST_mem_eq(result, sizeof(result), output, sizeof(output));
1004
1005 EVP_KDF_CTX_free(kctx);
1006 return ret;
1007 }
1008
1009 static int test_kdf_kbkdf_8009_prf2(void)
1010 {
1011 int ret, i = 0;
1012 EVP_KDF_CTX *kctx;
1013 OSSL_PARAM params[6];
1014 char *label = "prf", *digest = "sha384", *prf_input = "test",
1015 *mac = "HMAC";
1016 static unsigned char input_key[] = {
1017 0x6D, 0x40, 0x4D, 0x37, 0xFA, 0xF7, 0x9F, 0x9D,
1018 0xF0, 0xD3, 0x35, 0x68, 0xD3, 0x20, 0x66, 0x98,
1019 0x00, 0xEB, 0x48, 0x36, 0x47, 0x2E, 0xA8, 0xA0,
1020 0x26, 0xD1, 0x6B, 0x71, 0x82, 0x46, 0x0C, 0x52,
1021 };
1022 static unsigned char output[] = {
1023 0x98, 0x01, 0xF6, 0x9A, 0x36, 0x8C, 0x2B, 0xF6,
1024 0x75, 0xE5, 0x95, 0x21, 0xE1, 0x77, 0xD9, 0xA0,
1025 0x7F, 0x67, 0xEF, 0xE1, 0xCF, 0xDE, 0x8D, 0x3C,
1026 0x8D, 0x6F, 0x6A, 0x02, 0x56, 0xE3, 0xB1, 0x7D,
1027 0xB3, 0xC1, 0xB6, 0x2A, 0xD1, 0xB8, 0x55, 0x33,
1028 0x60, 0xD1, 0x73, 0x67, 0xEB, 0x15, 0x14, 0xD2,
1029 };
1030 unsigned char result[sizeof(output)] = { 0 };
1031
1032 params[i++] = OSSL_PARAM_construct_utf8_string(
1033 OSSL_KDF_PARAM_DIGEST, digest, 0);
1034 params[i++] = OSSL_PARAM_construct_utf8_string(
1035 OSSL_KDF_PARAM_MAC, mac, 0);
1036 params[i++] = OSSL_PARAM_construct_octet_string(
1037 OSSL_KDF_PARAM_KEY, input_key, sizeof(input_key));
1038 params[i++] = OSSL_PARAM_construct_octet_string(
1039 OSSL_KDF_PARAM_SALT, label, strlen(label));
1040 params[i++] = OSSL_PARAM_construct_octet_string(
1041 OSSL_KDF_PARAM_INFO, prf_input, strlen(prf_input));
1042 params[i] = OSSL_PARAM_construct_end();
1043
1044 kctx = get_kdfbyname("KBKDF");
1045 ret = TEST_ptr(kctx)
1046 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
1047 && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
1048 && TEST_mem_eq(result, sizeof(result), output, sizeof(output));
1049
1050 EVP_KDF_CTX_free(kctx);
1051 return ret;
1052 }
1053
1054 #if !defined(OPENSSL_NO_CMAC)
1055 /*
1056 * Test vector taken from
1057 * https://csrc.nist.gov/CSRC/media/Projects/
1058 * Cryptographic-Algorithm-Validation-Program/documents/KBKDF800-108/CounterMode.zip
1059 * Note: Only 32 bit counter is supported ([RLEN=32_BITS])
1060 */
1061 static int test_kdf_kbkdf_fixedinfo(void)
1062 {
1063 int ret;
1064 EVP_KDF_CTX *kctx;
1065 OSSL_PARAM params[8], *p = params;
1066 static char *cipher = "AES128";
1067 static char *mac = "CMAC";
1068 static char *mode = "COUNTER";
1069 int use_l = 0;
1070 int use_separator = 0;
1071
1072 static unsigned char input_key[] = {
1073 0xc1, 0x0b, 0x15, 0x2e, 0x8c, 0x97, 0xb7, 0x7e,
1074 0x18, 0x70, 0x4e, 0x0f, 0x0b, 0xd3, 0x83, 0x05,
1075 };
1076 static unsigned char fixed_input[] = {
1077 0x98, 0xcd, 0x4c, 0xbb, 0xbe, 0xbe, 0x15, 0xd1,
1078 0x7d, 0xc8, 0x6e, 0x6d, 0xba, 0xd8, 0x00, 0xa2,
1079 0xdc, 0xbd, 0x64, 0xf7, 0xc7, 0xad, 0x0e, 0x78,
1080 0xe9, 0xcf, 0x94, 0xff, 0xdb, 0xa8, 0x9d, 0x03,
1081 0xe9, 0x7e, 0xad, 0xf6, 0xc4, 0xf7, 0xb8, 0x06,
1082 0xca, 0xf5, 0x2a, 0xa3, 0x8f, 0x09, 0xd0, 0xeb,
1083 0x71, 0xd7, 0x1f, 0x49, 0x7b, 0xcc, 0x69, 0x06,
1084 0xb4, 0x8d, 0x36, 0xc4,
1085
1086 };
1087 static unsigned char output[] = {
1088 0x26, 0xfa, 0xf6, 0x19, 0x08, 0xad, 0x9e, 0xe8,
1089 0x81, 0xb8, 0x30, 0x5c, 0x22, 0x1d, 0xb5, 0x3f,
1090 };
1091 unsigned char result[sizeof(output)] = { 0 };
1092
1093 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, cipher, 0);
1094 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, mac, 0);
1095 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE, mode, 0);
1096 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, input_key,
1097 sizeof(input_key));
1098 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
1099 fixed_input, sizeof(fixed_input));
1100 *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_KBKDF_USE_L, &use_l);
1101 *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR,
1102 &use_separator);
1103 *p = OSSL_PARAM_construct_end();
1104
1105 kctx = get_kdfbyname("KBKDF");
1106 ret = TEST_ptr(kctx)
1107 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
1108 && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
1109 && TEST_mem_eq(result, sizeof(result), output, sizeof(output));
1110
1111 EVP_KDF_CTX_free(kctx);
1112 return ret;
1113 }
1114 #endif /* OPENSSL_NO_CMAC */
1115
1116 static int test_kdf_ss_hmac(void)
1117 {
1118 int ret;
1119 EVP_KDF_CTX *kctx;
1120 OSSL_PARAM params[6], *p = params;
1121 unsigned char out[16];
1122 static unsigned char z[] = {
1123 0xb7,0x4a,0x14,0x9a,0x16,0x15,0x46,0xf8,0xc2,0x0b,0x06,0xac,0x4e,0xd4
1124 };
1125 static unsigned char other[] = {
1126 0x34,0x8a,0x37,0xa2,0x7e,0xf1,0x28,0x2f,0x5f,0x02,0x0d,0xcc
1127 };
1128 static unsigned char salt[] = {
1129 0x36,0x38,0x27,0x1c,0xcd,0x68,0xa2,0x5d,0xc2,0x4e,0xcd,0xdd,0x39,0xef,
1130 0x3f,0x89
1131 };
1132 static const unsigned char expected[sizeof(out)] = {
1133 0x44,0xf6,0x76,0xe8,0x5c,0x1b,0x1a,0x8b,0xbc,0x3d,0x31,0x92,0x18,0x63,
1134 0x1c,0xa3
1135 };
1136
1137 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
1138 (char *)OSSL_MAC_NAME_HMAC,
1139 sizeof(OSSL_MAC_NAME_HMAC));
1140 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
1141 (char *)"sha256", sizeof("sha256"));
1142 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z, sizeof(z));
1143 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, other,
1144 sizeof(other));
1145 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, salt,
1146 sizeof(salt));
1147 *p = OSSL_PARAM_construct_end();
1148
1149 ret =
1150 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SSKDF))
1151 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
1152 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
1153 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
1154
1155 EVP_KDF_CTX_free(kctx);
1156 return ret;
1157 }
1158
1159 static int test_kdf_ss_kmac(void)
1160 {
1161 int ret;
1162 EVP_KDF_CTX *kctx;
1163 OSSL_PARAM params[6], *p = params;
1164 unsigned char out[64];
1165 size_t mac_size = 20;
1166 static unsigned char z[] = {
1167 0xb7,0x4a,0x14,0x9a,0x16,0x15,0x46,0xf8,0xc2,0x0b,0x06,0xac,0x4e,0xd4
1168 };
1169 static unsigned char other[] = {
1170 0x34,0x8a,0x37,0xa2,0x7e,0xf1,0x28,0x2f,0x5f,0x02,0x0d,0xcc
1171 };
1172 static unsigned char salt[] = {
1173 0x36,0x38,0x27,0x1c,0xcd,0x68,0xa2,0x5d,0xc2,0x4e,0xcd,0xdd,0x39,0xef,
1174 0x3f,0x89
1175 };
1176 static const unsigned char expected[sizeof(out)] = {
1177 0xe9,0xc1,0x84,0x53,0xa0,0x62,0xb5,0x3b,0xdb,0xfc,0xbb,0x5a,0x34,0xbd,
1178 0xb8,0xe5,0xe7,0x07,0xee,0xbb,0x5d,0xd1,0x34,0x42,0x43,0xd8,0xcf,0xc2,
1179 0xc2,0xe6,0x33,0x2f,0x91,0xbd,0xa5,0x86,0xf3,0x7d,0xe4,0x8a,0x65,0xd4,
1180 0xc5,0x14,0xfd,0xef,0xaa,0x1e,0x67,0x54,0xf3,0x73,0xd2,0x38,0xe1,0x95,
1181 0xae,0x15,0x7e,0x1d,0xe8,0x14,0x98,0x03
1182 };
1183
1184 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
1185 (char *)OSSL_MAC_NAME_KMAC128,
1186 sizeof(OSSL_MAC_NAME_KMAC128));
1187 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z, sizeof(z));
1188 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, other,
1189 sizeof(other));
1190 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, salt,
1191 sizeof(salt));
1192 *p++ = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_MAC_SIZE, &mac_size);
1193 *p = OSSL_PARAM_construct_end();
1194
1195 ret =
1196 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SSKDF))
1197 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
1198 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
1199 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
1200
1201 EVP_KDF_CTX_free(kctx);
1202 return ret;
1203 }
1204
1205 static int test_kdf_sshkdf(void)
1206 {
1207 int ret;
1208 EVP_KDF_CTX *kctx;
1209 OSSL_PARAM params[6], *p = params;
1210 char kdftype[] = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
1211 unsigned char out[8];
1212 /* Test data from NIST CAVS 14.1 test vectors */
1213 static unsigned char key[] = {
1214 0x00, 0x00, 0x00, 0x81, 0x00, 0x87, 0x5c, 0x55, 0x1c, 0xef, 0x52, 0x6a,
1215 0x4a, 0x8b, 0xe1, 0xa7, 0xdf, 0x27, 0xe9, 0xed, 0x35, 0x4b, 0xac, 0x9a,
1216 0xfb, 0x71, 0xf5, 0x3d, 0xba, 0xe9, 0x05, 0x67, 0x9d, 0x14, 0xf9, 0xfa,
1217 0xf2, 0x46, 0x9c, 0x53, 0x45, 0x7c, 0xf8, 0x0a, 0x36, 0x6b, 0xe2, 0x78,
1218 0x96, 0x5b, 0xa6, 0x25, 0x52, 0x76, 0xca, 0x2d, 0x9f, 0x4a, 0x97, 0xd2,
1219 0x71, 0xf7, 0x1e, 0x50, 0xd8, 0xa9, 0xec, 0x46, 0x25, 0x3a, 0x6a, 0x90,
1220 0x6a, 0xc2, 0xc5, 0xe4, 0xf4, 0x8b, 0x27, 0xa6, 0x3c, 0xe0, 0x8d, 0x80,
1221 0x39, 0x0a, 0x49, 0x2a, 0xa4, 0x3b, 0xad, 0x9d, 0x88, 0x2c, 0xca, 0xc2,
1222 0x3d, 0xac, 0x88, 0xbc, 0xad, 0xa4, 0xb4, 0xd4, 0x26, 0xa3, 0x62, 0x08,
1223 0x3d, 0xab, 0x65, 0x69, 0xc5, 0x4c, 0x22, 0x4d, 0xd2, 0xd8, 0x76, 0x43,
1224 0xaa, 0x22, 0x76, 0x93, 0xe1, 0x41, 0xad, 0x16, 0x30, 0xce, 0x13, 0x14,
1225 0x4e
1226 };
1227 static unsigned char xcghash[] = {
1228 0x0e, 0x68, 0x3f, 0xc8, 0xa9, 0xed, 0x7c, 0x2f, 0xf0, 0x2d, 0xef, 0x23,
1229 0xb2, 0x74, 0x5e, 0xbc, 0x99, 0xb2, 0x67, 0xda, 0xa8, 0x6a, 0x4a, 0xa7,
1230 0x69, 0x72, 0x39, 0x08, 0x82, 0x53, 0xf6, 0x42
1231 };
1232 static unsigned char sessid[] = {
1233 0x0e, 0x68, 0x3f, 0xc8, 0xa9, 0xed, 0x7c, 0x2f, 0xf0, 0x2d, 0xef, 0x23,
1234 0xb2, 0x74, 0x5e, 0xbc, 0x99, 0xb2, 0x67, 0xda, 0xa8, 0x6a, 0x4a, 0xa7,
1235 0x69, 0x72, 0x39, 0x08, 0x82, 0x53, 0xf6, 0x42
1236 };
1237 static const unsigned char expected[sizeof(out)] = {
1238 0x41, 0xff, 0x2e, 0xad, 0x16, 0x83, 0xf1, 0xe6
1239 };
1240
1241 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
1242 (char *)"sha256", sizeof("sha256"));
1243 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, key,
1244 sizeof(key));
1245 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_XCGHASH,
1246 xcghash, sizeof(xcghash));
1247 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_SESSION_ID,
1248 sessid, sizeof(sessid));
1249 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE,
1250 kdftype, sizeof(kdftype));
1251 *p = OSSL_PARAM_construct_end();
1252
1253 ret =
1254 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SSHKDF))
1255 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
1256 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
1257 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
1258
1259 EVP_KDF_CTX_free(kctx);
1260 return ret;
1261 }
1262
1263 static int test_kdfs_same( EVP_KDF *kdf1, EVP_KDF *kdf2)
1264 {
1265 /* Fast path in case the two are the same algorithm pointer */
1266 if (kdf1 == kdf2)
1267 return 1;
1268 /*
1269 * Compare their names and providers instead.
1270 * This is necessary in a non-caching build (or a cache flush during fetch)
1271 * because without the algorithm in the cache, fetching it a second time
1272 * will result in a different pointer.
1273 */
1274 return TEST_ptr_eq(EVP_KDF_provider(kdf1), EVP_KDF_provider(kdf2))
1275 && TEST_str_eq(EVP_KDF_name(kdf1), EVP_KDF_name(kdf2));
1276 }
1277
1278 static int test_kdf_get_kdf(void)
1279 {
1280 EVP_KDF *kdf1 = NULL, *kdf2 = NULL;
1281 ASN1_OBJECT *obj;
1282 int ok = 1;
1283
1284 if (!TEST_ptr(obj = OBJ_nid2obj(NID_id_pbkdf2))
1285 || !TEST_ptr(kdf1 = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_PBKDF2, NULL))
1286 || !TEST_ptr(kdf2 = EVP_KDF_fetch(NULL, OBJ_nid2sn(OBJ_obj2nid(obj)),
1287 NULL))
1288 || !test_kdfs_same(kdf1, kdf2))
1289 ok = 0;
1290 EVP_KDF_free(kdf1);
1291 kdf1 = NULL;
1292 EVP_KDF_free(kdf2);
1293 kdf2 = NULL;
1294
1295 if (!TEST_ptr(kdf1 = EVP_KDF_fetch(NULL, SN_tls1_prf, NULL))
1296 || !TEST_ptr(kdf2 = EVP_KDF_fetch(NULL, LN_tls1_prf, NULL))
1297 || !test_kdfs_same(kdf1, kdf2))
1298 ok = 0;
1299 /* kdf1 is re-used below, so don't free it here */
1300 EVP_KDF_free(kdf2);
1301 kdf2 = NULL;
1302
1303 if (!TEST_ptr(kdf2 = EVP_KDF_fetch(NULL, OBJ_nid2sn(NID_tls1_prf), NULL))
1304 || !test_kdfs_same(kdf1, kdf2))
1305 ok = 0;
1306 EVP_KDF_free(kdf1);
1307 kdf1 = NULL;
1308 EVP_KDF_free(kdf2);
1309 kdf2 = NULL;
1310
1311 return ok;
1312 }
1313
1314 #ifndef OPENSSL_NO_CMS
1315 static int test_kdf_x942_asn1(void)
1316 {
1317 int ret;
1318 EVP_KDF_CTX *kctx = NULL;
1319 OSSL_PARAM params[4], *p = params;
1320 const char *cek_alg = SN_id_smime_alg_CMS3DESwrap;
1321 unsigned char out[24];
1322 /* RFC2631 Section 2.1.6 Test data */
1323 static unsigned char z[] = {
1324 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,
1325 0x0e,0x0f,0x10,0x11,0x12,0x13
1326 };
1327 static const unsigned char expected[sizeof(out)] = {
1328 0xa0,0x96,0x61,0x39,0x23,0x76,0xf7,0x04,
1329 0x4d,0x90,0x52,0xa3,0x97,0x88,0x32,0x46,
1330 0xb6,0x7f,0x5f,0x1e,0xf6,0x3e,0xb5,0xfb
1331 };
1332
1333 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
1334 (char *)"sha1", 0);
1335 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z,
1336 sizeof(z));
1337 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG,
1338 (char *)cek_alg, 0);
1339 *p = OSSL_PARAM_construct_end();
1340
1341 ret =
1342 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_X942KDF_ASN1))
1343 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
1344 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
1345 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
1346
1347 EVP_KDF_CTX_free(kctx);
1348 return ret;
1349 }
1350 #endif /* OPENSSL_NO_CMS */
1351
1352 static int test_kdf_krb5kdf(void)
1353 {
1354 int ret;
1355 EVP_KDF_CTX *kctx;
1356 OSSL_PARAM params[4], *p = params;
1357 unsigned char out[16];
1358 static unsigned char key[] = {
1359 0x42, 0x26, 0x3C, 0x6E, 0x89, 0xF4, 0xFC, 0x28,
1360 0xB8, 0xDF, 0x68, 0xEE, 0x09, 0x79, 0x9F, 0x15
1361 };
1362 static unsigned char constant[] = {
1363 0x00, 0x00, 0x00, 0x02, 0x99
1364 };
1365 static const unsigned char expected[sizeof(out)] = {
1366 0x34, 0x28, 0x0A, 0x38, 0x2B, 0xC9, 0x27, 0x69,
1367 0xB2, 0xDA, 0x2F, 0x9E, 0xF0, 0x66, 0x85, 0x4B
1368 };
1369
1370 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER,
1371 (char *)"AES-128-CBC",
1372 sizeof("AES-128-CBC"));
1373 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, key,
1374 sizeof(key));
1375 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_CONSTANT,
1376 constant, sizeof(constant));
1377 *p = OSSL_PARAM_construct_end();
1378
1379 ret =
1380 TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_KRB5KDF))
1381 && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
1382 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
1383 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
1384
1385 EVP_KDF_CTX_free(kctx);
1386 return ret;
1387 }
1388
1389 int setup_tests(void)
1390 {
1391 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_CAMELLIA)
1392 ADD_TEST(test_kdf_kbkdf_6803_128);
1393 ADD_TEST(test_kdf_kbkdf_6803_256);
1394 #endif
1395 ADD_TEST(test_kdf_kbkdf_invalid_digest);
1396 ADD_TEST(test_kdf_kbkdf_invalid_mac);
1397 ADD_TEST(test_kdf_kbkdf_zero_output_size);
1398 ADD_TEST(test_kdf_kbkdf_empty_key);
1399 ADD_TEST(test_kdf_kbkdf_1byte_key);
1400 ADD_TEST(test_kdf_kbkdf_8009_prf1);
1401 ADD_TEST(test_kdf_kbkdf_8009_prf2);
1402 #if !defined(OPENSSL_NO_CMAC)
1403 ADD_TEST(test_kdf_kbkdf_fixedinfo);
1404 #endif
1405 ADD_TEST(test_kdf_get_kdf);
1406 ADD_TEST(test_kdf_tls1_prf);
1407 ADD_TEST(test_kdf_tls1_prf_invalid_digest);
1408 ADD_TEST(test_kdf_tls1_prf_zero_output_size);
1409 ADD_TEST(test_kdf_tls1_prf_empty_secret);
1410 ADD_TEST(test_kdf_tls1_prf_1byte_secret);
1411 ADD_TEST(test_kdf_tls1_prf_empty_seed);
1412 ADD_TEST(test_kdf_tls1_prf_1byte_seed);
1413 ADD_TEST(test_kdf_hkdf);
1414 ADD_TEST(test_kdf_hkdf_invalid_digest);
1415 ADD_TEST(test_kdf_hkdf_zero_output_size);
1416 ADD_TEST(test_kdf_hkdf_empty_key);
1417 ADD_TEST(test_kdf_hkdf_1byte_key);
1418 ADD_TEST(test_kdf_hkdf_empty_salt);
1419 ADD_TEST(test_kdf_pbkdf2);
1420 ADD_TEST(test_kdf_pbkdf2_small_output);
1421 ADD_TEST(test_kdf_pbkdf2_large_output);
1422 ADD_TEST(test_kdf_pbkdf2_small_salt);
1423 ADD_TEST(test_kdf_pbkdf2_small_iterations);
1424 ADD_TEST(test_kdf_pbkdf2_small_salt_pkcs5);
1425 ADD_TEST(test_kdf_pbkdf2_small_iterations_pkcs5);
1426 ADD_TEST(test_kdf_pbkdf2_invalid_digest);
1427 #ifndef OPENSSL_NO_SCRYPT
1428 ADD_TEST(test_kdf_scrypt);
1429 #endif
1430 ADD_TEST(test_kdf_ss_hash);
1431 ADD_TEST(test_kdf_ss_hmac);
1432 ADD_TEST(test_kdf_ss_kmac);
1433 ADD_TEST(test_kdf_sshkdf);
1434 ADD_TEST(test_kdf_x963);
1435 #ifndef OPENSSL_NO_CMS
1436 ADD_TEST(test_kdf_x942_asn1);
1437 #endif
1438 ADD_TEST(test_kdf_krb5kdf);
1439 return 1;
1440 }
A mirror of the official openssl repository