test/evp_kdf_test.c

   1 /*
   2  * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
   3  * Copyright (c) 2018-2019, Oracle and/or its affiliates.  All rights reserved.
   4  *
   5  * Licensed under the Apache License 2.0 (the "License").  You may not use
   6  * this file except in compliance with the License.  You can obtain a copy
   7  * in the file LICENSE in the source distribution or at
   8  * https://www.openssl.org/source/license.html
   9  */
  10
  11 /* Tests of the EVP_KDF_CTX APIs */
  12
  13 #include <stdio.h>
  14 #include <string.h>
  15
  16 #include <openssl/evp.h>
  17 #include <openssl/kdf.h>
  18 #include "testutil.h"
  19
  20 static int test_kdf_tls1_prf(void)
  21 {
  22     int ret = 0;
  23     EVP_KDF_CTX *kctx;
  24     unsigned char out[16];
  25
  26     if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF)) == NULL) {
  27         TEST_error("EVP_KDF_TLS1_PRF");
  28         goto err;
  29     }
  30     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
  31         TEST_error("EVP_KDF_CTRL_SET_MD");
  32         goto err;
  33     }
  34     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET,
  35                      "secret", (size_t)6) <= 0) {
  36         TEST_error("EVP_KDF_CTRL_SET_TLS_SECRET");
  37         goto err;
  38     }
  39     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", (size_t)4) <= 0) {
  40         TEST_error("EVP_KDF_CTRL_ADD_TLS_SEED");
  41         goto err;
  42     }
  43     if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
  44         TEST_error("EVP_KDF_derive");
  45         goto err;
  46     }
  47
  48     {
  49         const unsigned char expected[sizeof(out)] = {
  50             0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
  51             0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
  52         };
  53         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
  54             goto err;
  55         }
  56     }
  57     ret = 1;
  58 err:
  59     EVP_KDF_CTX_free(kctx);
  60     return ret;
  61 }
  62
  63 static int test_kdf_hkdf(void)
  64 {
  65     int ret = 0;
  66     EVP_KDF_CTX *kctx;
  67     unsigned char out[10];
  68
  69     if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF)) == NULL) {
  70         TEST_error("EVP_KDF_HKDF");
  71         goto err;
  72     }
  73     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
  74         TEST_error("EVP_KDF_CTRL_SET_MD");
  75         goto err;
  76     }
  77     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) {
  78         TEST_error("EVP_KDF_CTRL_SET_SALT");
  79         goto err;
  80     }
  81     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) {
  82         TEST_error("EVP_KDF_CTRL_SET_KEY");
  83         goto err;
  84     }
  85     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO,
  86                      "label", (size_t)5) <= 0) {
  87         TEST_error("EVP_KDF_CTRL_ADD_HKDF_INFO");
  88         goto err;
  89     }
  90     if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
  91         TEST_error("EVP_KDF_derive");
  92         goto err;
  93     }
  94
  95     {
  96         const unsigned char expected[sizeof(out)] = {
  97             0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
  98         };
  99         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
 100             goto err;
 101         }
 102     }
 103     ret = 1;
 104 err:
 105     EVP_KDF_CTX_free(kctx);
 106     return ret;
 107 }
 108
 109 static int test_kdf_pbkdf2(void)
 110 {
 111     int ret = 0;
 112     EVP_KDF_CTX *kctx;
 113     unsigned char out[32];
 114
 115     if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) {
 116         TEST_error("EVP_KDF_PBKDF2");
 117         goto err;
 118     }
 119     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) {
 120         TEST_error("EVP_KDF_CTRL_SET_PASS");
 121         goto err;
 122     }
 123     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) {
 124         TEST_error("EVP_KDF_CTRL_SET_SALT");
 125         goto err;
 126     }
 127     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) {
 128         TEST_error("EVP_KDF_CTRL_SET_ITER");
 129         goto err;
 130     }
 131     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
 132         TEST_error("EVP_KDF_CTRL_SET_MD");
 133         goto err;
 134     }
 135     if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
 136         TEST_error("EVP_KDF_derive");
 137         goto err;
 138     }
 139
 140     {
 141         const unsigned char expected[sizeof(out)] = {
 142             0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
 143             0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
 144             0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf,
 145             0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43
 146         };
 147         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
 148             goto err;
 149         }
 150     }
 151     ret = 1;
 152 err:
 153     EVP_KDF_CTX_free(kctx);
 154     return ret;
 155 }
 156
 157 #ifndef OPENSSL_NO_SCRYPT
 158 static int test_kdf_scrypt(void)
 159 {
 160     int ret = 0;
 161     EVP_KDF_CTX *kctx;
 162     unsigned char out[64];
 163
 164     if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT)) == NULL) {
 165         TEST_error("EVP_KDF_SCRYPT");
 166         goto err;
 167     }
 168     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) {
 169         TEST_error("EVP_KDF_CTRL_SET_PASS");
 170         goto err;
 171     }
 172     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", (size_t)4) <= 0) {
 173         TEST_error("EVP_KDF_CTRL_SET_SALT");
 174         goto err;
 175     }
 176     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, (uint64_t)1024) <= 0) {
 177         TEST_error("EVP_KDF_CTRL_SET_SCRYPT_N");
 178         goto err;
 179     }
 180     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)8) <= 0) {
 181         TEST_error("EVP_KDF_CTRL_SET_SCRYPT_R");
 182         goto err;
 183     }
 184     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)16) <= 0) {
 185         TEST_error("EVP_KDF_CTRL_SET_SCRYPT_P");
 186         goto err;
 187     }
 188     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, (uint64_t)16) <= 0) {
 189         TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES");
 190         goto err;
 191     }
 192     if (EVP_KDF_derive(kctx, out, sizeof(out)) > 0) {
 193         TEST_error("EVP_KDF_derive should have failed");
 194         goto err;
 195     }
 196     if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
 197                      (uint64_t)(10 * 1024 * 1024)) <= 0) {
 198         TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES");
 199         goto err;
 200     }
 201     if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
 202         TEST_error("EVP_KDF_derive");
 203         goto err;
 204     }
 205
 206     {
 207         const unsigned char expected[sizeof(out)] = {
 208             0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
 209             0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
 210             0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
 211             0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
 212             0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
 213             0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
 214             0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
 215             0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
 216         };
 217         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
 218             goto err;
 219         }
 220     }
 221     ret = 1;
 222 err:
 223     EVP_KDF_CTX_free(kctx);
 224     return ret;
 225 }
 226 #endif
 227
 228 int setup_tests(void)
 229 {
 230     ADD_TEST(test_kdf_tls1_prf);
 231     ADD_TEST(test_kdf_hkdf);
 232     ADD_TEST(test_kdf_pbkdf2);
 233 #ifndef OPENSSL_NO_SCRYPT
 234     ADD_TEST(test_kdf_scrypt);
 235 #endif
 236     return 1;
 237 }