EXTRA_DIST = suppressions.valgrind eagain-common.h cert-common.h test-chains.h \
certs/ca-cert-ecc.pem certs/cert-ecc256.pem certs/cert-ecc521.pem \
- certs/cert-rsa-2432.pem certs/ecc384.pem certs/ecc.pem \
+ certs/cert-rsa-2432.pem certs/ecc384.pem certs/ecc.pem hex.h \
certs/ca-ecc.pem certs/cert-ecc384.pem certs/cert-ecc.pem certs/ecc256.pem \
certs/ecc521.pem certs/rsa-2432.pem x509cert-dir/ca.pem psk.passwd \
system.prio pkcs11/softhsm.h pkcs11/pkcs11-pubkey-import.c gnutls-asan.supp \
if HAVE_CMOCKA
CMOCKA_LDADD = $(COMMON_LDADD) $(CMOCKA_LIBS)
-ctests += dtls-sliding-window ip-utils name-constraints-ip conv-utf8 str-unicode str-idna
+ctests += dtls-sliding-window ip-utils name-constraints-ip conv-utf8 str-unicode str-idna \
+ tls10-prf tls12-prf
dtls_sliding_window_LDADD = $(CMOCKA_LDADD)
ip_utils_LDADD = $(CMOCKA_LDADD)
conv_utf8_LDADD = $(CMOCKA_LDADD)
str_unicode_LDADD = $(CMOCKA_LDADD)
str_idna_LDADD = $(CMOCKA_LDADD)
+tls10_prf_LDADD = $(CMOCKA_LDADD)
+tls12_prf_LDADD = $(CMOCKA_LDADD)
endif
--- /dev/null
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ */
+
+#ifndef HEX_H
+#define HEX_H
+
+#include <stdio.h>
+#include <string.h>
+#include <gnutls/gnutls.h>
+
+inline static gnutls_datum_t SHEX(const char *hex)
+{
+ gnutls_datum_t input, output;
+ int ret;
+
+ input.data = (void*)hex;
+ input.size = strlen(hex);
+
+ ret = gnutls_hex_decode2(&input, &output);
+ assert_int_equal(ret, 0);
+ return output;
+}
+
+inline static gnutls_datum_t SDATA(const char *txt)
+{
+ gnutls_datum_t output;
+ output.data = (void*)gnutls_strdup(txt);
+ output.size = strlen(txt);
+ return output;
+}
+
+#endif
--- /dev/null
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Authors: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ */
+
+#include <config.h>
+#include <stdarg.h>
+#include <stddef.h>
+#include <setjmp.h>
+#include <limits.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <gnutls/gnutls.h>
+#include <cmocka.h>
+#include "hex.h"
+
+int
+_gnutls_prf_raw(gnutls_mac_algorithm_t mac,
+ size_t master_size, const void *master,
+ size_t label_size, const char *label,
+ size_t seed_size, const uint8_t *seed, size_t outsize,
+ char *out);
+
+#define MATCH_FUNC(fname, dsecret, dseed, dlabel, doutput) \
+static void fname(void **glob_state) \
+{ \
+ char tmp[512]; \
+ gnutls_datum_t secret = dsecret; \
+ gnutls_datum_t seed = dseed; \
+ gnutls_datum_t label = dlabel; \
+ gnutls_datum_t output = doutput; \
+ int _rval; \
+ _rval = _gnutls_prf_raw(GNUTLS_MAC_MD5_SHA1, secret.size, secret.data, \
+ label.size, (char*)label.data, seed.size, seed.data, output.size, tmp); \
+ assert_int_equal(_rval, 0); \
+ assert_int_equal(memcmp(tmp, output.data, output.size), 0); \
+ gnutls_free(secret.data); \
+ gnutls_free(label.data); \
+ gnutls_free(seed.data); \
+ gnutls_free(output.data); \
+}
+
+
+MATCH_FUNC(test1, SHEX("263bdbbb6f6d4c664e058d0aa9d321be"), SHEX("b920573b199601024f04d6dc61966e65"),
+ SDATA("test label"), SHEX("6617993765fa6ca703d19ec70dd5dd160ffcc07725fafb714a9f815a2a30bfb7e3bbfb7eee574b3b613eb7fe80eec9691d8c1b0e2d9b3c8b4b02b6b6d6db88e2094623ef6240607eda7abe3c846e82a3"));
+MATCH_FUNC(test2, SHEX("bf31fe6c78ebf0ff9ce8bb5dd9d1f83d"), SHEX("7fc4583d19871d962760f358a18696c8"),
+ SDATA("test label"), SHEX("8318f382c49fd5af7d6fdb4cbb31dfef"));
+MATCH_FUNC(test3, SHEX("0addfc84435b9ac1ef523ef44791a784bf55757dea17837c1a72beec1bdb1850"),
+ SHEX("74e849d11ad8a98d9bc2291dbceec26ff9"),
+ SDATA("test label"), SHEX("3c221520c48bcb3a0eb3734a"));
+MATCH_FUNC(test4, SHEX("4074939b440a08a285bc7208485c531f0bbd4c101d71bdba33ec066791e4678c"),
+ SHEX("8aff0c770c1d60455ee48f220c9adb471e5fee27c88c1f33"),
+ SDATA("test label"), SHEX("3a9aee040bbf3cf7009210e64bbdad1775ccf1b46b3a965d5f15168e9ddaa7cc6a7c0c117848"));
+
+int main(void)
+{
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test(test1),
+ cmocka_unit_test(test2),
+ cmocka_unit_test(test3),
+ cmocka_unit_test(test4),
+ };
+ return cmocka_run_group_tests(tests, NULL, NULL);
+}
--- /dev/null
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Authors: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ */
+
+#include <config.h>
+#include <stdarg.h>
+#include <stddef.h>
+#include <setjmp.h>
+#include <limits.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <gnutls/gnutls.h>
+#include <cmocka.h>
+#include "hex.h"
+
+int
+_gnutls_prf_raw(gnutls_mac_algorithm_t mac,
+ size_t master_size, const void *master,
+ size_t label_size, const char *label,
+ size_t seed_size, const uint8_t *seed, size_t outsize,
+ char *out);
+
+#define MATCH_FUNC_SHA256(fname, dsecret, dseed, dlabel, doutput) \
+static void fname(void **glob_state) \
+{ \
+ char tmp[512]; \
+ gnutls_datum_t secret = dsecret; \
+ gnutls_datum_t seed = dseed; \
+ gnutls_datum_t label = dlabel; \
+ gnutls_datum_t output = doutput; \
+ int _rval; \
+ _rval = _gnutls_prf_raw(GNUTLS_MAC_SHA256, secret.size, secret.data, \
+ label.size, (char*)label.data, seed.size, seed.data, output.size, tmp); \
+ assert_int_equal(_rval, 0); \
+ assert_int_equal(memcmp(tmp, output.data, output.size), 0); \
+ gnutls_free(secret.data); \
+ gnutls_free(label.data); \
+ gnutls_free(seed.data); \
+ gnutls_free(output.data); \
+}
+
+#define MATCH_FUNC_SHA384(fname, dsecret, dseed, dlabel, doutput) \
+static void fname(void **glob_state) \
+{ \
+ char tmp[512]; \
+ gnutls_datum_t secret = dsecret; \
+ gnutls_datum_t seed = dseed; \
+ gnutls_datum_t label = dlabel; \
+ gnutls_datum_t output = doutput; \
+ int _rval; \
+ _rval = _gnutls_prf_raw(GNUTLS_MAC_SHA384, secret.size, secret.data, \
+ label.size, (char*)label.data, seed.size, seed.data, output.size, tmp); \
+ assert_int_equal(_rval, 0); \
+ assert_int_equal(memcmp(tmp, output.data, output.size), 0); \
+ gnutls_free(secret.data); \
+ gnutls_free(label.data); \
+ gnutls_free(seed.data); \
+ gnutls_free(output.data); \
+}
+
+MATCH_FUNC_SHA256(sha256_test1, SHEX("0450b0ea9ecd3602ee0d76c5c3c86f4a"),
+ SHEX("207acc0254b867f5b925b45a33601d8b"),
+ SDATA("test label"), SHEX("ae679e0e714f5975763768b166979e1d"));
+
+MATCH_FUNC_SHA256(sha256_test2, SHEX("34204a9df0be6eb4e925a8027cf6c602"),
+ SHEX("98b2c40bcd664c83bb920c18201a6395"),
+ SDATA("test label"), SHEX("afa9312453c22fa83d2b511b372d73a402a2a62873239a51fade45082faf3fd2bb7ffb3e9bf36e28b3141aaba484005332a9f9e388a4d329f1587a4b317da07708ea1ba95a53f8786724bd83ce4b03af"));
+
+MATCH_FUNC_SHA256(sha256_test3, SHEX("a3691aa1f6814b80592bf1cf2acf1697"),
+ SHEX("5523d41e320e694d0c1ff5734d830b933e46927071c92621"),
+ SDATA("test label"), SHEX("6ad0984fa06f78fe161bd46d7c261de43340d728dddc3d0ff0dd7e0d"));
+
+MATCH_FUNC_SHA256(sha256_test4, SHEX("210ec937069707e5465bc46bf779e104108b18fdb793be7b218dbf145c8641f3"), SHEX("1e351a0baf35c79945924394b881cfe31dae8f1c1ed54d3b"),
+ SDATA("test label"), SHEX("7653fa809cde3b553c4a17e2cdbcc918f36527f22219a7d7f95d97243ff2d5dee8265ef0af03"));
+
+/* https://www.ietf.org/mail-archive/web/tls/current/msg03416.html */
+MATCH_FUNC_SHA384(sha384_test1, SHEX("b80b733d6ceefcdc71566ea48e5567df"), SHEX("cd665cf6a8447dd6ff8b27555edb7465"),
+ SDATA("test label"), SHEX("7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"));
+
+
+int main(void)
+{
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test(sha256_test1),
+ cmocka_unit_test(sha256_test2),
+ cmocka_unit_test(sha256_test3),
+ cmocka_unit_test(sha256_test4),
+ cmocka_unit_test(sha384_test1),
+ };
+ return cmocka_run_group_tests(tests, NULL, NULL);
+}
projects / thirdparty / gnutls.git / commitdiff
