Domů Procházet Nápověda
Přihlásit se
OWEALs
/
openssl
zrcadlo git://git.openssl.org/openssl.git
2
0
Rozštěpit 0
Soubory Úkoly 1 Wiki
Strom: 3ea20ce281
Větve Značky
openssl
/
test
/
pkey_meth_kdf_test.c

pkey_meth_kdf_test.c 6.8 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235 
  1. /*
    2. 

  2.  * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. /* Tests of the EVP_PKEY_CTX_set_* macro family */
    11. 

  11. 

  12. #include <stdio.h>
    13. 

  13. #include <string.h>
    14. 

  14. 

  15. #include <openssl/evp.h>
    16. 

  16. #include <openssl/kdf.h>
    17. 

  17. #include "testutil.h"
    18. 

  18. 

  19. static int test_kdf_tls1_prf(int index)
    20. 

  20. {
    21. 

  21.     int ret = 0;
    22. 

  22.     EVP_PKEY_CTX *pctx;
    23. 

  23.     unsigned char out[16];
    24. 

  24.     size_t outlen = sizeof(out);
    25. 

  25. 

  26.     if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL)) == NULL) {
    27. 

  27.         TEST_error("EVP_PKEY_TLS1_PRF");
    28. 

  28.         goto err;
    29. 

  29.     }
    30. 

  30.     if (EVP_PKEY_derive_init(pctx) <= 0) {
    31. 

  31.         TEST_error("EVP_PKEY_derive_init");
    32. 

  32.         goto err;
    33. 

  33.     }
    34. 

  34.     if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) {
    35. 

  35.         TEST_error("EVP_PKEY_CTX_set_tls1_prf_md");
    36. 

  36.         goto err;
    37. 

  37.     }
    38. 

  38.     if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx,
    39. 

  39.                                           (unsigned char *)"secret", 6) <= 0) {
    40. 

  40.         TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret");
    41. 

  41.         goto err;
    42. 

  42.     }
    43. 

  43.     if (index == 0) {
    44. 

  44.         if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx,
    45. 

  45.                                             (unsigned char *)"seed", 4) <= 0) {
    46. 

  46.             TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed");
    47. 

  47.             goto err;
    48. 

  48.         }
    49. 

  49.     } else {
    50. 

  50.         if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx,
    51. 

  51.                                             (unsigned char *)"se", 2) <= 0) {
    52. 

  52.             TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed");
    53. 

  53.             goto err;
    54. 

  54.         }
    55. 

  55.         if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx,
    56. 

  56.                                             (unsigned char *)"ed", 2) <= 0) {
    57. 

  57.             TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed");
    58. 

  58.             goto err;
    59. 

  59.         }
    60. 

  60.     }
    61. 

  61.     if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
    62. 

  62.         TEST_error("EVP_PKEY_derive");
    63. 

  63.         goto err;
    64. 

  64.     }
    65. 

  65. 

  66.     {
    67. 

  67.         const unsigned char expected[sizeof(out)] = {
    68. 

  68.             0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
    69. 

  69.             0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
    70. 

  70.         };
    71. 

  71.         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
    72. 

  72.             goto err;
    73. 

  73.         }
    74. 

  74.     }
    75. 

  75.     ret = 1;
    76. 

  76. err:
    77. 

  77.     EVP_PKEY_CTX_free(pctx);
    78. 

  78.     return ret;
    79. 

  79. }
    80. 

  80. 

  81. static int test_kdf_hkdf(int index)
    82. 

  82. {
    83. 

  83.     int ret = 0;
    84. 

  84.     EVP_PKEY_CTX *pctx;
    85. 

  85.     unsigned char out[10];
    86. 

  86.     size_t outlen = sizeof(out);
    87. 

  87. 

  88.     if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) {
    89. 

  89.         TEST_error("EVP_PKEY_HKDF");
    90. 

  90.         goto err;
    91. 

  91.     }
    92. 

  92.     if (EVP_PKEY_derive_init(pctx) <= 0) {
    93. 

  93.         TEST_error("EVP_PKEY_derive_init");
    94. 

  94.         goto err;
    95. 

  95.     }
    96. 

  96.     if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) {
    97. 

  97.         TEST_error("EVP_PKEY_CTX_set_hkdf_md");
    98. 

  98.         goto err;
    99. 

  99.     }
    100. 

  100.     if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, (const unsigned char *)"salt", 4)
    101. 

  101.             <= 0) {
    102. 

  102.         TEST_error("EVP_PKEY_CTX_set1_hkdf_salt");
    103. 

  103.         goto err;
    104. 

  104.     }
    105. 

  105.     if (EVP_PKEY_CTX_set1_hkdf_key(pctx, (const unsigned char *)"secret", 6)
    106. 

  106.             <= 0) {
    107. 

  107.         TEST_error("EVP_PKEY_CTX_set1_hkdf_key");
    108. 

  108.         goto err;
    109. 

  109.     }
    110. 

  110.     if (index == 0) {
    111. 

  111.         if (EVP_PKEY_CTX_add1_hkdf_info(pctx, (const unsigned char *)"label", 5)
    112. 

  112.             <= 0) {
    113. 

  113.             TEST_error("EVP_PKEY_CTX_add1_hkdf_info");
    114. 

  114.             goto err;
    115. 

  115.         }
    116. 

  116.     } else {
    117. 

  117.         if (EVP_PKEY_CTX_add1_hkdf_info(pctx, (const unsigned char *)"lab", 3)
    118. 

  118.             <= 0) {
    119. 

  119.             TEST_error("EVP_PKEY_CTX_add1_hkdf_info");
    120. 

  120.             goto err;
    121. 

  121.         }
    122. 

  122.         if (EVP_PKEY_CTX_add1_hkdf_info(pctx, (const unsigned char *)"el", 2)
    123. 

  123.             <= 0) {
    124. 

  124.             TEST_error("EVP_PKEY_CTX_add1_hkdf_info");
    125. 

  125.             goto err;
    126. 

  126.         }
    127. 

  127.     }
    128. 

  128.     if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
    129. 

  129.         TEST_error("EVP_PKEY_derive");
    130. 

  130.         goto err;
    131. 

  131.     }
    132. 

  132. 

  133.     {
    134. 

  134.         const unsigned char expected[sizeof(out)] = {
    135. 

  135.             0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
    136. 

  136.         };
    137. 

  137.         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
    138. 

  138.             goto err;
    139. 

  139.         }
    140. 

  140.     }
    141. 

  141.     ret = 1;
    142. 

  142. err:
    143. 

  143.     EVP_PKEY_CTX_free(pctx);
    144. 

  144.     return ret;
    145. 

  145. }
    146. 

  146. 

  147. #ifndef OPENSSL_NO_SCRYPT
    148. 

  148. static int test_kdf_scrypt(void)
    149. 

  149. {
    150. 

  150.     int ret = 0;
    151. 

  151.     EVP_PKEY_CTX *pctx;
    152. 

  152.     unsigned char out[64];
    153. 

  153.     size_t outlen = sizeof(out);
    154. 

  154. 

  155.     if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL)) == NULL) {
    156. 

  156.         TEST_error("EVP_PKEY_SCRYPT");
    157. 

  157.         goto err;
    158. 

  158.     }
    159. 

  159.     if (EVP_PKEY_derive_init(pctx) <= 0) {
    160. 

  160.         TEST_error("EVP_PKEY_derive_init");
    161. 

  161.         goto err;
    162. 

  162.     }
    163. 

  163.     if (EVP_PKEY_CTX_set1_pbe_pass(pctx, "password", 8) <= 0) {
    164. 

  164.         TEST_error("EVP_PKEY_CTX_set1_pbe_pass");
    165. 

  165.         goto err;
    166. 

  166.     }
    167. 

  167.     if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, (unsigned char *)"NaCl", 4) <= 0) {
    168. 

  168.         TEST_error("EVP_PKEY_CTX_set1_scrypt_salt");
    169. 

  169.         goto err;
    170. 

  170.     }
    171. 

  171.     if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) <= 0) {
    172. 

  172.         TEST_error("EVP_PKEY_CTX_set_scrypt_N");
    173. 

  173.         goto err;
    174. 

  174.     }
    175. 

  175.     if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) <= 0) {
    176. 

  176.         TEST_error("EVP_PKEY_CTX_set_scrypt_r");
    177. 

  177.         goto err;
    178. 

  178.     }
    179. 

  179.     if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) <= 0) {
    180. 

  180.         TEST_error("EVP_PKEY_CTX_set_scrypt_p");
    181. 

  181.         goto err;
    182. 

  182.     }
    183. 

  183.     if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 16) <= 0) {
    184. 

  184.         TEST_error("EVP_PKEY_CTX_set_maxmem_bytes");
    185. 

  185.         goto err;
    186. 

  186.     }
    187. 

  187.     if (EVP_PKEY_derive(pctx, out, &outlen) > 0) {
    188. 

  188.         TEST_error("EVP_PKEY_derive should have failed");
    189. 

  189.         goto err;
    190. 

  190.     }
    191. 

  191.     if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 10 * 1024 * 1024) <= 0) {
    192. 

  192.         TEST_error("EVP_PKEY_CTX_set_maxmem_bytes");
    193. 

  193.         goto err;
    194. 

  194.     }
    195. 

  195.     if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
    196. 

  196.         TEST_error("EVP_PKEY_derive");
    197. 

  197.         goto err;
    198. 

  198.     }
    199. 

  199. 

  200.     {
    201. 

  201.         const unsigned char expected[sizeof(out)] = {
    202. 

  202.             0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
    203. 

  203.             0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
    204. 

  204.             0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
    205. 

  205.             0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
    206. 

  206.             0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
    207. 

  207.             0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
    208. 

  208.             0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
    209. 

  209.             0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
    210. 

  210.         };
    211. 

  211.         if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
    212. 

  212.             goto err;
    213. 

  213.         }
    214. 

  214.     }
    215. 

  215.     ret = 1;
    216. 

  216. err:
    217. 

  217.     EVP_PKEY_CTX_free(pctx);
    218. 

  218.     return ret;
    219. 

  219. }
    220. 

  220. #endif
    221. 

  221. 

  222. int setup_tests(void)
    223. 

  223. {
    224. 

  224.     int tests = 1;
    225. 

  225. 

  226.     if (fips_provider_version_ge(NULL, 3, 3, 1))
    227. 

  227.         tests = 2;
    228. 

  228. 

  229.     ADD_ALL_TESTS(test_kdf_tls1_prf, tests);
    230. 

  230.     ADD_ALL_TESTS(test_kdf_hkdf, tests);
    231. 

  231. #ifndef OPENSSL_NO_SCRYPT
    232. 

  232.     ADD_TEST(test_kdf_scrypt);
    233. 

  233. #endif
    234. 

  234.     return 1;
    235. 

  235. }
    236.