test/pkey_meth_kdf_test.c

   1 /*
   2  * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 /* Tests of the EVP_PKEY_CTX_set_* macro family */
  11
  12 #include <stdio.h>
  13 #include <string.h>
  14
  15 #include <openssl/evp.h>
  16 #include <openssl/kdf.h>
  17 #include "testutil.h"
  18
  19 static int test_kdf_tls1_prf(void)
  20 {
  21     EVP_PKEY_CTX *pctx;
  22     unsigned char out[16];
  23     size_t outlen = sizeof(out);
  24     pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
  25
  26     if (EVP_PKEY_derive_init(pctx) <= 0) {
  27         TEST_error("EVP_PKEY_derive_init");
  28         return 0;
  29     }
  30     if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) {
  31         TEST_error("EVP_PKEY_CTX_set_tls1_prf_md");
  32         return 0;
  33     }
  34     if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0) {
  35         TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret");
  36         return 0;
  37     }
  38     if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0) {
  39         TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed");
  40         return 0;
  41     }
  42     if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
  43         TEST_error("EVP_PKEY_derive");
  44         return 0;
  45     }
  46
  47     {
  48         const unsigned char expected[sizeof(out)] = {
  49             0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
  50             0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
  51         };
  52         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
  53             return 0;
  54         }
  55     }
  56     EVP_PKEY_CTX_free(pctx);
  57     return 1;
  58 }
  59
  60 static int test_kdf_hkdf(void)
  61 {
  62     EVP_PKEY_CTX *pctx;
  63     unsigned char out[10];
  64     size_t outlen = sizeof(out);
  65     pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
  66
  67     if (EVP_PKEY_derive_init(pctx) <= 0) {
  68         TEST_error("EVP_PKEY_derive_init");
  69         return 0;
  70     }
  71     if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) {
  72         TEST_error("EVP_PKEY_CTX_set_hkdf_md");
  73         return 0;
  74     }
  75     if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, "salt", 4) <= 0) {
  76         TEST_error("EVP_PKEY_CTX_set1_hkdf_salt");
  77         return 0;
  78     }
  79     if (EVP_PKEY_CTX_set1_hkdf_key(pctx, "secret", 6) <= 0) {
  80         TEST_error("EVP_PKEY_CTX_set1_hkdf_key");
  81         return 0;
  82     }
  83     if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 5) <= 0) {
  84         TEST_error("EVP_PKEY_CTX_set1_hkdf_info");
  85         return 0;
  86     }
  87     if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
  88         TEST_error("EVP_PKEY_derive");
  89         return 0;
  90     }
  91
  92     {
  93         const unsigned char expected[sizeof(out)] = {
  94             0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
  95         };
  96         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
  97             return 0;
  98         }
  99     }
 100     EVP_PKEY_CTX_free(pctx);
 101     return 1;
 102 }
 103
 104 #ifndef OPENSSL_NO_SCRYPT
 105 static int test_kdf_scrypt(void)
 106 {
 107     EVP_PKEY_CTX *pctx;
 108     unsigned char out[64];
 109     size_t outlen = sizeof(out);
 110     pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL);
 111
 112     if (EVP_PKEY_derive_init(pctx) <= 0) {
 113         TEST_error("EVP_PKEY_derive_init");
 114         return 0;
 115     }
 116     if (EVP_PKEY_CTX_set1_pbe_pass(pctx, "password", 8) <= 0) {
 117         TEST_error("EVP_PKEY_CTX_set1_pbe_pass");
 118         return 0;
 119     }
 120     if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, "NaCl", 4) <= 0) {
 121         TEST_error("EVP_PKEY_CTX_set1_scrypt_salt");
 122         return 0;
 123     }
 124     if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) <= 0) {
 125         TEST_error("EVP_PKEY_CTX_set_scrypt_N");
 126         return 0;
 127     }
 128     if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) <= 0) {
 129         TEST_error("EVP_PKEY_CTX_set_scrypt_r");
 130         return 0;
 131     }
 132     if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) <= 0) {
 133         TEST_error("EVP_PKEY_CTX_set_scrypt_p");
 134         return 0;
 135     }
 136     if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 16) <= 0) {
 137         TEST_error("EVP_PKEY_CTX_set_maxmem_bytes");
 138         return 0;
 139     }
 140     if (EVP_PKEY_derive(pctx, out, &outlen) > 0) {
 141         TEST_error("EVP_PKEY_derive should have failed");
 142         return 0;
 143     }
 144     if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 10 * 1024 * 1024) <= 0) {
 145         TEST_error("EVP_PKEY_CTX_set_maxmem_bytes");
 146         return 0;
 147     }
 148     if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
 149         TEST_error("EVP_PKEY_derive");
 150         return 0;
 151     }
 152
 153     {
 154         const unsigned char expected[sizeof(out)] = {
 155             0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
 156             0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
 157             0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
 158             0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
 159             0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
 160             0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
 161             0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
 162             0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
 163         };
 164         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
 165             return 0;
 166         }
 167     }
 168     EVP_PKEY_CTX_free(pctx);
 169     return 1;
 170 }
 171 #endif
 172
 173 int setup_tests(void)
 174 {
 175     ADD_TEST(test_kdf_tls1_prf);
 176     ADD_TEST(test_kdf_hkdf);
 177 #ifndef OPENSSL_NO_SCRYPT
 178     ADD_TEST(test_kdf_scrypt);
 179 #endif
 180     return 1;
 181 }