2 * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
11 /* Tests of the EVP_KDF_CTX APIs */
16 #include <openssl/evp.h>
17 #include <openssl/kdf.h>
20 static int test_kdf_tls1_prf(void)
23 EVP_KDF_CTX *kctx = NULL;
25 unsigned char out[16];
26 static const unsigned char expected[sizeof(out)] = {
27 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
28 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
32 TEST_ptr(kdf = EVP_get_kdfbyname(SN_tls1_prf))
33 && TEST_ptr(kctx = EVP_KDF_CTX_new(kdf))
34 && TEST_ptr_eq(EVP_KDF_CTX_kdf(kctx), kdf)
35 && TEST_str_eq(EVP_KDF_name(kdf), SN_tls1_prf)
36 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
37 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET,
38 "secret", (size_t)6), 0)
39 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed",
41 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
42 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
44 EVP_KDF_CTX_free(kctx);
48 static int test_kdf_hkdf(void)
52 unsigned char out[10];
53 static const unsigned char expected[sizeof(out)] = {
54 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
58 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF))
59 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
60 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt",
62 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret",
64 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, "label",
66 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
67 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
69 EVP_KDF_CTX_free(kctx);
73 static int test_kdf_pbkdf2(void)
77 unsigned char out[25];
79 const unsigned char expected[sizeof(out)] = {
80 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f,
81 0x32, 0xd8, 0x14, 0xb8, 0x11, 0x6e, 0x84, 0xcf,
82 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
89 ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2))
90 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS,
91 "passwordPASSWORDpassword",
93 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
94 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
96 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 4096), 0)
97 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()),
99 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
101 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
102 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))
103 /* A key length that is too small should fail */
104 && TEST_int_eq(EVP_KDF_derive(kctx, out, 112 / 8 - 1), 0)
105 /* A key length that is too large should fail */
106 && (len == 0 || TEST_int_eq(EVP_KDF_derive(kctx, out, len), 0))
107 /* Salt length less than 128 bits should fail */
108 && TEST_int_eq(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
111 /* A small iteration count should fail */
112 && TEST_int_eq(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 1), 0)
113 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
115 /* Small salts will pass if the "pkcs5" mode is enabled */
116 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
119 /* A small iteration count will pass if "pkcs5" mode is enabled */
120 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 1), 0)
122 * If the "pkcs5" mode is disabled then the small salt and iter will
123 * fail when the derive gets called.
125 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
127 && TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
129 EVP_KDF_CTX_free(kctx);
133 #ifndef OPENSSL_NO_SCRYPT
134 static int test_kdf_scrypt(void)
138 unsigned char out[64];
139 static const unsigned char expected[sizeof(out)] = {
140 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
141 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
142 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
143 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
144 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
145 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
146 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
147 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
151 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT))
152 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password",
154 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl",
156 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N,
158 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R,
160 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P,
162 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
165 && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
166 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
167 (uint64_t)(10 * 1024 * 1024)), 0)
168 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
169 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
171 EVP_KDF_CTX_free(kctx);
174 #endif /* OPENSSL_NO_SCRYPT */
176 static int test_kdf_ss_hash(void)
179 EVP_KDF_CTX *kctx = NULL;
180 unsigned char out[14];
181 static const unsigned char z[] = {
182 0x6d,0xbd,0xc2,0x3f,0x04,0x54,0x88,0xe4,0x06,0x27,0x57,0xb0,0x6b,0x9e,
183 0xba,0xe1,0x83,0xfc,0x5a,0x59,0x46,0xd8,0x0d,0xb9,0x3f,0xec,0x6f,0x62,
184 0xec,0x07,0xe3,0x72,0x7f,0x01,0x26,0xae,0xd1,0x2c,0xe4,0xb2,0x62,0xf4,
185 0x7d,0x48,0xd5,0x42,0x87,0xf8,0x1d,0x47,0x4c,0x7c,0x3b,0x18,0x50,0xe9
187 static const unsigned char other[] = {
188 0xa1,0xb2,0xc3,0xd4,0xe5,0x43,0x41,0x56,0x53,0x69,0x64,0x3c,0x83,0x2e,
189 0x98,0x49,0xdc,0xdb,0xa7,0x1e,0x9a,0x31,0x39,0xe6,0x06,0xe0,0x95,0xde,
190 0x3c,0x26,0x4a,0x66,0xe9,0x8a,0x16,0x58,0x54,0xcd,0x07,0x98,0x9b,0x1e,
191 0xe0,0xec,0x3f,0x8d,0xbe
193 static const unsigned char expected[sizeof(out)] = {
194 0xa4,0x62,0xde,0x16,0xa8,0x9d,0xe8,0x46,0x6e,0xf5,0x46,0x0b,0x47,0xb8
198 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
199 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()), 0)
200 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
201 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
203 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
204 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
206 EVP_KDF_CTX_free(kctx);
210 static int test_kdf_x963(void)
213 EVP_KDF_CTX *kctx = NULL;
214 unsigned char out[1024 / 8];
216 * Test data from https://csrc.nist.gov/CSRC/media/Projects/
217 * Cryptographic-Algorithm-Validation-Program/documents/components/
218 * 800-135testvectors/ansx963_2001.zip
220 static const unsigned char z[] = {
221 0x00, 0xaa, 0x5b, 0xb7, 0x9b, 0x33, 0xe3, 0x89, 0xfa, 0x58, 0xce, 0xad,
222 0xc0, 0x47, 0x19, 0x7f, 0x14, 0xe7, 0x37, 0x12, 0xf4, 0x52, 0xca, 0xa9,
223 0xfc, 0x4c, 0x9a, 0xdb, 0x36, 0x93, 0x48, 0xb8, 0x15, 0x07, 0x39, 0x2f,
224 0x1a, 0x86, 0xdd, 0xfd, 0xb7, 0xc4, 0xff, 0x82, 0x31, 0xc4, 0xbd, 0x0f,
225 0x44, 0xe4, 0x4a, 0x1b, 0x55, 0xb1, 0x40, 0x47, 0x47, 0xa9, 0xe2, 0xe7,
226 0x53, 0xf5, 0x5e, 0xf0, 0x5a, 0x2d
228 static const unsigned char shared[] = {
229 0xe3, 0xb5, 0xb4, 0xc1, 0xb0, 0xd5, 0xcf, 0x1d, 0x2b, 0x3a, 0x2f, 0x99,
230 0x37, 0x89, 0x5d, 0x31
232 static const unsigned char expected[sizeof(out)] = {
233 0x44, 0x63, 0xf8, 0x69, 0xf3, 0xcc, 0x18, 0x76, 0x9b, 0x52, 0x26, 0x4b,
234 0x01, 0x12, 0xb5, 0x85, 0x8f, 0x7a, 0xd3, 0x2a, 0x5a, 0x2d, 0x96, 0xd8,
235 0xcf, 0xfa, 0xbf, 0x7f, 0xa7, 0x33, 0x63, 0x3d, 0x6e, 0x4d, 0xd2, 0xa5,
236 0x99, 0xac, 0xce, 0xb3, 0xea, 0x54, 0xa6, 0x21, 0x7c, 0xe0, 0xb5, 0x0e,
237 0xef, 0x4f, 0x6b, 0x40, 0xa5, 0xc3, 0x02, 0x50, 0xa5, 0xa8, 0xee, 0xee,
238 0x20, 0x80, 0x02, 0x26, 0x70, 0x89, 0xdb, 0xf3, 0x51, 0xf3, 0xf5, 0x02,
239 0x2a, 0xa9, 0x63, 0x8b, 0xf1, 0xee, 0x41, 0x9d, 0xea, 0x9c, 0x4f, 0xf7,
240 0x45, 0xa2, 0x5a, 0xc2, 0x7b, 0xda, 0x33, 0xca, 0x08, 0xbd, 0x56, 0xdd,
241 0x1a, 0x59, 0xb4, 0x10, 0x6c, 0xf2, 0xdb, 0xbc, 0x0a, 0xb2, 0xaa, 0x8e,
242 0x2e, 0xfa, 0x7b, 0x17, 0x90, 0x2d, 0x34, 0x27, 0x69, 0x51, 0xce, 0xcc,
243 0xab, 0x87, 0xf9, 0x66, 0x1c, 0x3e, 0x88, 0x16
247 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_X963))
248 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha512()), 0)
249 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
250 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SHARED_INFO, shared,
252 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
253 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
255 EVP_KDF_CTX_free(kctx);
259 static int test_kdf_ss_hmac(void)
264 unsigned char out[16];
265 static const unsigned char z[] = {
266 0xb7,0x4a,0x14,0x9a,0x16,0x15,0x46,0xf8,0xc2,0x0b,0x06,0xac,0x4e,0xd4
268 static const unsigned char other[] = {
269 0x34,0x8a,0x37,0xa2,0x7e,0xf1,0x28,0x2f,0x5f,0x02,0x0d,0xcc
271 static const unsigned char salt[] = {
272 0x36,0x38,0x27,0x1c,0xcd,0x68,0xa2,0x5d,0xc2,0x4e,0xcd,0xdd,0x39,0xef,
275 static const unsigned char expected[sizeof(out)] = {
276 0x44,0xf6,0x76,0xe8,0x5c,0x1b,0x1a,0x8b,0xbc,0x3d,0x31,0x92,0x18,0x63,
281 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
282 && TEST_ptr(mac = EVP_get_macbyname("HMAC"))
283 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac), 0)
284 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
285 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
286 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
288 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
290 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
291 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
293 EVP_KDF_CTX_free(kctx);
297 static int test_kdf_ss_kmac(void)
301 unsigned char out[64];
303 static const unsigned char z[] = {
304 0xb7,0x4a,0x14,0x9a,0x16,0x15,0x46,0xf8,0xc2,0x0b,0x06,0xac,0x4e,0xd4
306 static const unsigned char other[] = {
307 0x34,0x8a,0x37,0xa2,0x7e,0xf1,0x28,0x2f,0x5f,0x02,0x0d,0xcc
309 static const unsigned char salt[] = {
310 0x36,0x38,0x27,0x1c,0xcd,0x68,0xa2,0x5d,0xc2,0x4e,0xcd,0xdd,0x39,0xef,
313 static const unsigned char expected[sizeof(out)] = {
314 0xe9,0xc1,0x84,0x53,0xa0,0x62,0xb5,0x3b,0xdb,0xfc,0xbb,0x5a,0x34,0xbd,
315 0xb8,0xe5,0xe7,0x07,0xee,0xbb,0x5d,0xd1,0x34,0x42,0x43,0xd8,0xcf,0xc2,
316 0xc2,0xe6,0x33,0x2f,0x91,0xbd,0xa5,0x86,0xf3,0x7d,0xe4,0x8a,0x65,0xd4,
317 0xc5,0x14,0xfd,0xef,0xaa,0x1e,0x67,0x54,0xf3,0x73,0xd2,0x38,0xe1,0x95,
318 0xae,0x15,0x7e,0x1d,0xe8,0x14,0x98,0x03
322 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
323 && TEST_ptr(mac = EVP_get_macbyname("KMAC128"))
324 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac), 0)
325 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z,
327 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
329 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
331 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC_SIZE,
333 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
334 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
336 EVP_KDF_CTX_free(kctx);
340 static int test_kdf_sshkdf(void)
344 unsigned char out[8];
345 /* Test data from NIST CAVS 14.1 test vectors */
346 static const unsigned char key[] = {
347 0x00, 0x00, 0x00, 0x81, 0x00, 0x87, 0x5c, 0x55, 0x1c, 0xef, 0x52, 0x6a,
348 0x4a, 0x8b, 0xe1, 0xa7, 0xdf, 0x27, 0xe9, 0xed, 0x35, 0x4b, 0xac, 0x9a,
349 0xfb, 0x71, 0xf5, 0x3d, 0xba, 0xe9, 0x05, 0x67, 0x9d, 0x14, 0xf9, 0xfa,
350 0xf2, 0x46, 0x9c, 0x53, 0x45, 0x7c, 0xf8, 0x0a, 0x36, 0x6b, 0xe2, 0x78,
351 0x96, 0x5b, 0xa6, 0x25, 0x52, 0x76, 0xca, 0x2d, 0x9f, 0x4a, 0x97, 0xd2,
352 0x71, 0xf7, 0x1e, 0x50, 0xd8, 0xa9, 0xec, 0x46, 0x25, 0x3a, 0x6a, 0x90,
353 0x6a, 0xc2, 0xc5, 0xe4, 0xf4, 0x8b, 0x27, 0xa6, 0x3c, 0xe0, 0x8d, 0x80,
354 0x39, 0x0a, 0x49, 0x2a, 0xa4, 0x3b, 0xad, 0x9d, 0x88, 0x2c, 0xca, 0xc2,
355 0x3d, 0xac, 0x88, 0xbc, 0xad, 0xa4, 0xb4, 0xd4, 0x26, 0xa3, 0x62, 0x08,
356 0x3d, 0xab, 0x65, 0x69, 0xc5, 0x4c, 0x22, 0x4d, 0xd2, 0xd8, 0x76, 0x43,
357 0xaa, 0x22, 0x76, 0x93, 0xe1, 0x41, 0xad, 0x16, 0x30, 0xce, 0x13, 0x14,
360 static const unsigned char xcghash[] = {
361 0x0e, 0x68, 0x3f, 0xc8, 0xa9, 0xed, 0x7c, 0x2f, 0xf0, 0x2d, 0xef, 0x23,
362 0xb2, 0x74, 0x5e, 0xbc, 0x99, 0xb2, 0x67, 0xda, 0xa8, 0x6a, 0x4a, 0xa7,
363 0x69, 0x72, 0x39, 0x08, 0x82, 0x53, 0xf6, 0x42
365 static const unsigned char sessid[] = {
366 0x0e, 0x68, 0x3f, 0xc8, 0xa9, 0xed, 0x7c, 0x2f, 0xf0, 0x2d, 0xef, 0x23,
367 0xb2, 0x74, 0x5e, 0xbc, 0x99, 0xb2, 0x67, 0xda, 0xa8, 0x6a, 0x4a, 0xa7,
368 0x69, 0x72, 0x39, 0x08, 0x82, 0x53, 0xf6, 0x42
370 static const unsigned char expected[sizeof(out)] = {
371 0x41, 0xff, 0x2e, 0xad, 0x16, 0x83, 0xf1, 0xe6
375 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF))
376 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
377 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key,
379 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
380 xcghash, sizeof(xcghash)), 0)
381 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
382 sessid, sizeof(sessid)), 0)
384 EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE,
385 (int)EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV), 0)
386 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
387 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
389 EVP_KDF_CTX_free(kctx);
393 static int test_kdf_get_kdf(void)
395 const EVP_KDF *kdf1, *kdf2;
399 TEST_ptr(obj = OBJ_nid2obj(NID_id_pbkdf2))
400 && TEST_ptr(kdf1 = EVP_get_kdfbyname(LN_id_pbkdf2))
401 && TEST_ptr(kdf2 = EVP_get_kdfbyobj(obj))
402 && TEST_ptr_eq(kdf1, kdf2)
403 && TEST_ptr(kdf1 = EVP_get_kdfbyname(SN_tls1_prf))
404 && TEST_ptr(kdf2 = EVP_get_kdfbyname(LN_tls1_prf))
405 && TEST_ptr_eq(kdf1, kdf2)
406 && TEST_ptr(kdf2 = EVP_get_kdfbynid(NID_tls1_prf))
407 && TEST_ptr_eq(kdf1, kdf2);
410 #ifndef OPENSSL_NO_CMS
411 static int test_kdf_x942_asn1(void)
414 EVP_KDF_CTX *kctx = NULL;
415 unsigned char out[24];
416 /* RFC2631 Section 2.1.6 Test data */
417 static const unsigned char z[] = {
418 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,
419 0x0e,0x0f,0x10,0x11,0x12,0x13
421 static const unsigned char expected[sizeof(out)] = {
422 0xa0,0x96,0x61,0x39,0x23,0x76,0xf7,0x04,
423 0x4d,0x90,0x52,0xa3,0x97,0x88,0x32,0x46,
424 0xb6,0x7f,0x5f,0x1e,0xf6,0x3e,0xb5,0xfb
428 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_X942))
429 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha1()), 0)
430 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
431 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CEK_ALG,
432 SN_id_smime_alg_CMS3DESwrap), 0)
433 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
434 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
436 EVP_KDF_CTX_free(kctx);
439 #endif /* OPENSSL_NO_CMS */
441 int setup_tests(void)
443 ADD_TEST(test_kdf_get_kdf);
444 ADD_TEST(test_kdf_tls1_prf);
445 ADD_TEST(test_kdf_hkdf);
446 ADD_TEST(test_kdf_pbkdf2);
447 #ifndef OPENSSL_NO_SCRYPT
448 ADD_TEST(test_kdf_scrypt);
450 ADD_TEST(test_kdf_ss_hash);
451 ADD_TEST(test_kdf_ss_hmac);
452 ADD_TEST(test_kdf_ss_kmac);
453 ADD_TEST(test_kdf_sshkdf);
454 ADD_TEST(test_kdf_x963);
455 #ifndef OPENSSL_NO_CMS
456 ADD_TEST(test_kdf_x942_asn1);
projects / openssl.git / blob