[thirdparty/openssl.git] / test / pkey_meth_kdf_test.c

/*
 * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/* Tests of the EVP_PKEY_CTX_set_* macro family */

#include <stdio.h>
#include <string.h>

#include <openssl/evp.h>
#include <openssl/kdf.h>
#include "testutil.h"

static int test_kdf_tls1_prf(void)
{
    int ret = 0;
    EVP_PKEY_CTX *pctx;
    unsigned char out[16];
    size_t outlen = sizeof(out);

    if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL)) == NULL) {
        TEST_error("EVP_PKEY_TLS1_PRF");
        goto err;
    }
    if (EVP_PKEY_derive_init(pctx) <= 0) {
        TEST_error("EVP_PKEY_derive_init");
        goto err;
    }
    if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) {
        TEST_error("EVP_PKEY_CTX_set_tls1_prf_md");
        goto err;
    }
    if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx,
                                          (unsigned char *)"secret", 6) <= 0) {
        TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret");
        goto err;
    }
    if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx,
                                        (unsigned char *)"seed", 4) <= 0) {
        TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed");
        goto err;
    }
    if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
        TEST_error("EVP_PKEY_derive");
        goto err;
    }

    {
        const unsigned char expected[sizeof(out)] = {
            0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
            0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
        };
        if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
            goto err;
        }
    }
    ret = 1;
err:
    EVP_PKEY_CTX_free(pctx);
    return ret;
}

static int test_kdf_hkdf(void)
{
    int ret = 0;
    EVP_PKEY_CTX *pctx;
    unsigned char out[10];
    size_t outlen = sizeof(out);

    if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) {
        TEST_error("EVP_PKEY_HKDF");
        goto err;
    }
    if (EVP_PKEY_derive_init(pctx) <= 0) {
        TEST_error("EVP_PKEY_derive_init");
        goto err;
    }
    if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) {
        TEST_error("EVP_PKEY_CTX_set_hkdf_md");
        goto err;
    }
    if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, (const unsigned char *)"salt", 4)
            <= 0) {
        TEST_error("EVP_PKEY_CTX_set1_hkdf_salt");
        goto err;
    }
    if (EVP_PKEY_CTX_set1_hkdf_key(pctx, (const unsigned char *)"secret", 6)
            <= 0) {
        TEST_error("EVP_PKEY_CTX_set1_hkdf_key");
        goto err;
    }
    if (EVP_PKEY_CTX_add1_hkdf_info(pctx, (const unsigned char *)"label", 5)
            <= 0) {
        TEST_error("EVP_PKEY_CTX_set1_hkdf_info");
        goto err;
    }
    if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
        TEST_error("EVP_PKEY_derive");
        goto err;
    }

    {
        const unsigned char expected[sizeof(out)] = {
            0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
        };
        if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
            goto err;
        }
    }
    ret = 1;
err:
    EVP_PKEY_CTX_free(pctx);
    return ret;
}

#ifndef OPENSSL_NO_SCRYPT
static int test_kdf_scrypt(void)
{
    int ret = 0;
    EVP_PKEY_CTX *pctx;
    unsigned char out[64];
    size_t outlen = sizeof(out);

    if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL)) == NULL) {
        TEST_error("EVP_PKEY_SCRYPT");
        goto err;
    }
    if (EVP_PKEY_derive_init(pctx) <= 0) {
        TEST_error("EVP_PKEY_derive_init");
        goto err;
    }
    if (EVP_PKEY_CTX_set1_pbe_pass(pctx, "password", 8) <= 0) {
        TEST_error("EVP_PKEY_CTX_set1_pbe_pass");
        goto err;
    }
    if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, (unsigned char *)"NaCl", 4) <= 0) {
        TEST_error("EVP_PKEY_CTX_set1_scrypt_salt");
        goto err;
    }
    if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) <= 0) {
        TEST_error("EVP_PKEY_CTX_set_scrypt_N");
        goto err;
    }
    if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) <= 0) {
        TEST_error("EVP_PKEY_CTX_set_scrypt_r");
        goto err;
    }
    if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) <= 0) {
        TEST_error("EVP_PKEY_CTX_set_scrypt_p");
        goto err;
    }
    if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 16) <= 0) {
        TEST_error("EVP_PKEY_CTX_set_maxmem_bytes");
        goto err;
    }
    if (EVP_PKEY_derive(pctx, out, &outlen) > 0) {
        TEST_error("EVP_PKEY_derive should have failed");
        goto err;
    }
    if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 10 * 1024 * 1024) <= 0) {
        TEST_error("EVP_PKEY_CTX_set_maxmem_bytes");
        goto err;
    }
    if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
        TEST_error("EVP_PKEY_derive");
        goto err;
    }

    {
        const unsigned char expected[sizeof(out)] = {
            0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
            0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
            0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
            0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
            0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
            0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
            0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
            0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
        };
        if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
            goto err;
        }
    }
    ret = 1;
err:
    EVP_PKEY_CTX_free(pctx);
    return ret;
}
#endif

int setup_tests(void)
{
    ADD_TEST(test_kdf_tls1_prf);
    ADD_TEST(test_kdf_hkdf);
#ifndef OPENSSL_NO_SCRYPT
    ADD_TEST(test_kdf_scrypt);
#endif
    return 1;
}
Commit	Line	Data
6aa907a6	1	/*
eec0ad10	2	* Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
6aa907a6	3	*
909f1a2e	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
6aa907a6 JB	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	/* Tests of the EVP_PKEY_CTX_set_* macro family */
	11
	12	#include <stdio.h>
	13	#include <string.h>
	14
	15	#include <openssl/evp.h>
	16	#include <openssl/kdf.h>
	17	#include "testutil.h"
	18
b73b4d73 JB	19	static int test_kdf_tls1_prf(void)
b73b4d73 JB	20	{
5a285add	21	int ret = 0;
b73b4d73 JB	22	EVP_PKEY_CTX *pctx;
	23	unsigned char out[16];
	24	size_t outlen = sizeof(out);
b73b4d73	25
5a285add DM	26	if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL)) == NULL) {
	27	TEST_error("EVP_PKEY_TLS1_PRF");
	28	goto err;
	29	}
b73b4d73 JB	30	if (EVP_PKEY_derive_init(pctx) <= 0) {
b73b4d73 JB	31	TEST_error("EVP_PKEY_derive_init");
5a285add	32	goto err;
b73b4d73 JB	33	}
	34	if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) {
	35	TEST_error("EVP_PKEY_CTX_set_tls1_prf_md");
5a285add	36	goto err;
b73b4d73	37	}
ac2d58c7 MC	38	if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx,
ac2d58c7 MC	39	(unsigned char *)"secret", 6) <= 0) {
b73b4d73	40	TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret");
5a285add	41	goto err;
b73b4d73	42	}
ac2d58c7 MC	43	if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx,
ac2d58c7 MC	44	(unsigned char *)"seed", 4) <= 0) {
b73b4d73	45	TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed");
5a285add	46	goto err;
b73b4d73 JB	47	}
	48	if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
	49	TEST_error("EVP_PKEY_derive");
5a285add	50	goto err;
b73b4d73 JB	51	}
	52
	53	{
	54	const unsigned char expected[sizeof(out)] = {
	55	0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
	56	0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
	57	};
	58	if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
5a285add	59	goto err;
b73b4d73 JB	60	}
b73b4d73 JB	61	}
5a285add DM	62	ret = 1;
5a285add DM	63	err:
b73b4d73	64	EVP_PKEY_CTX_free(pctx);
5a285add	65	return ret;
b73b4d73 JB	66	}
b73b4d73 JB	67
6aa907a6 JB	68	static int test_kdf_hkdf(void)
6aa907a6 JB	69	{
5a285add	70	int ret = 0;
6aa907a6 JB	71	EVP_PKEY_CTX *pctx;
	72	unsigned char out[10];
	73	size_t outlen = sizeof(out);
6aa907a6	74
5a285add DM	75	if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) {
	76	TEST_error("EVP_PKEY_HKDF");
	77	goto err;
	78	}
6aa907a6 JB	79	if (EVP_PKEY_derive_init(pctx) <= 0) {
6aa907a6 JB	80	TEST_error("EVP_PKEY_derive_init");
5a285add	81	goto err;
6aa907a6 JB	82	}
	83	if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) {
	84	TEST_error("EVP_PKEY_CTX_set_hkdf_md");
5a285add	85	goto err;
6aa907a6	86	}
05d2f72e MC	87	if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, (const unsigned char *)"salt", 4)
05d2f72e MC	88	<= 0) {
6aa907a6	89	TEST_error("EVP_PKEY_CTX_set1_hkdf_salt");
5a285add	90	goto err;
6aa907a6	91	}
05d2f72e MC	92	if (EVP_PKEY_CTX_set1_hkdf_key(pctx, (const unsigned char *)"secret", 6)
05d2f72e MC	93	<= 0) {
6aa907a6	94	TEST_error("EVP_PKEY_CTX_set1_hkdf_key");
5a285add	95	goto err;
6aa907a6	96	}
05d2f72e MC	97	if (EVP_PKEY_CTX_add1_hkdf_info(pctx, (const unsigned char *)"label", 5)
05d2f72e MC	98	<= 0) {
6aa907a6	99	TEST_error("EVP_PKEY_CTX_set1_hkdf_info");
5a285add	100	goto err;
6aa907a6 JB	101	}
	102	if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
	103	TEST_error("EVP_PKEY_derive");
5a285add	104	goto err;
6aa907a6 JB	105	}
	106
	107	{
	108	const unsigned char expected[sizeof(out)] = {
	109	0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
	110	};
	111	if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
5a285add	112	goto err;
6aa907a6 JB	113	}
6aa907a6 JB	114	}
5a285add DM	115	ret = 1;
5a285add DM	116	err:
6aa907a6	117	EVP_PKEY_CTX_free(pctx);
5a285add	118	return ret;
6aa907a6 JB	119	}
6aa907a6 JB	120
402f26e6	121	#ifndef OPENSSL_NO_SCRYPT
6aa907a6 JB	122	static int test_kdf_scrypt(void)
6aa907a6 JB	123	{
5a285add	124	int ret = 0;
6aa907a6 JB	125	EVP_PKEY_CTX *pctx;
	126	unsigned char out[64];
	127	size_t outlen = sizeof(out);
6aa907a6	128
5a285add DM	129	if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL)) == NULL) {
	130	TEST_error("EVP_PKEY_SCRYPT");
	131	goto err;
	132	}
6aa907a6 JB	133	if (EVP_PKEY_derive_init(pctx) <= 0) {
6aa907a6 JB	134	TEST_error("EVP_PKEY_derive_init");
5a285add	135	goto err;
6aa907a6 JB	136	}
	137	if (EVP_PKEY_CTX_set1_pbe_pass(pctx, "password", 8) <= 0) {
	138	TEST_error("EVP_PKEY_CTX_set1_pbe_pass");
5a285add	139	goto err;
6aa907a6	140	}
194de849	141	if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, (unsigned char *)"NaCl", 4) <= 0) {
6aa907a6	142	TEST_error("EVP_PKEY_CTX_set1_scrypt_salt");
5a285add	143	goto err;
6aa907a6 JB	144	}
	145	if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) <= 0) {
	146	TEST_error("EVP_PKEY_CTX_set_scrypt_N");
5a285add	147	goto err;
6aa907a6 JB	148	}
	149	if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) <= 0) {
	150	TEST_error("EVP_PKEY_CTX_set_scrypt_r");
5a285add	151	goto err;
6aa907a6 JB	152	}
	153	if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) <= 0) {
	154	TEST_error("EVP_PKEY_CTX_set_scrypt_p");
5a285add	155	goto err;
6aa907a6 JB	156	}
	157	if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 16) <= 0) {
	158	TEST_error("EVP_PKEY_CTX_set_maxmem_bytes");
5a285add	159	goto err;
6aa907a6 JB	160	}
	161	if (EVP_PKEY_derive(pctx, out, &outlen) > 0) {
	162	TEST_error("EVP_PKEY_derive should have failed");
5a285add	163	goto err;
6aa907a6 JB	164	}
	165	if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 10 * 1024 * 1024) <= 0) {
	166	TEST_error("EVP_PKEY_CTX_set_maxmem_bytes");
5a285add	167	goto err;
6aa907a6 JB	168	}
	169	if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
	170	TEST_error("EVP_PKEY_derive");
5a285add	171	goto err;
6aa907a6 JB	172	}
	173
	174	{
	175	const unsigned char expected[sizeof(out)] = {
	176	0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
	177	0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
	178	0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
	179	0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
	180	0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
	181	0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
	182	0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
	183	0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
	184	};
	185	if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
5a285add	186	goto err;
6aa907a6 JB	187	}
6aa907a6 JB	188	}
5a285add DM	189	ret = 1;
5a285add DM	190	err:
6aa907a6	191	EVP_PKEY_CTX_free(pctx);
5a285add	192	return ret;
6aa907a6	193	}
402f26e6	194	#endif
6aa907a6	195
3cb7c5cf	196	int setup_tests(void)
6aa907a6	197	{
b73b4d73	198	ADD_TEST(test_kdf_tls1_prf);
6aa907a6	199	ADD_TEST(test_kdf_hkdf);
402f26e6	200	#ifndef OPENSSL_NO_SCRYPT
6aa907a6	201	ADD_TEST(test_kdf_scrypt);
402f26e6	202	#endif
6aa907a6 JB	203	return 1;
6aa907a6 JB	204	}