From 4413fe3520da3ad42c417828b1785eeedcde50d3 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 10 Mar 2022 18:41:30 +0100 Subject: [PATCH] evp_test: Add testcases for DH KEX with X9.42 KDF Reviewed-by: Shane Lontis Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17859) --- test/evp_test.c | 48 ++++++++++++++++++- .../30-test_evp_data/evppkey_ffdhe.txt | 21 ++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) diff --git a/test/evp_test.c b/test/evp_test.c index 5c9b9fea86..8b1e96b89d 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -1876,6 +1876,51 @@ static int pderive_test_parse(EVP_TEST *t, return parse_bin(value, &kdata->output, &kdata->output_len); if (strcmp(keyword, "Ctrl") == 0) return pkey_test_ctrl(t, kdata->ctx, value); + if (strcmp(keyword, "KDFType") == 0) { + OSSL_PARAM params[2]; + + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, + (char *)value, 0); + params[1] = OSSL_PARAM_construct_end(); + if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0) + return -1; + return 1; + } + if (strcmp(keyword, "KDFDigest") == 0) { + OSSL_PARAM params[2]; + + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, + (char *)value, 0); + params[1] = OSSL_PARAM_construct_end(); + if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0) + return -1; + return 1; + } + if (strcmp(keyword, "CEKAlg") == 0) { + OSSL_PARAM params[2]; + + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG, + (char *)value, 0); + params[1] = OSSL_PARAM_construct_end(); + if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0) + return -1; + return 1; + } + if (strcmp(keyword, "KDFOutlen") == 0) { + OSSL_PARAM params[2]; + char *endptr; + size_t outlen = (size_t)strtoul(value, &endptr, 0); + + if (endptr[0] != '\0') + return -1; + + params[0] = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, + &outlen); + params[1] = OSSL_PARAM_construct_end(); + if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0) + return -1; + return 1; + } return 0; } @@ -1891,7 +1936,8 @@ static int pderive_test_run(EVP_TEST *t) goto err; } - if (EVP_PKEY_derive(dctx, NULL, &got_len) <= 0) { + if (EVP_PKEY_derive(dctx, NULL, &got_len) <= 0 + || !TEST_size_t_ne(got_len, 0)) { t->err = "DERIVE_ERROR"; goto err; } diff --git a/test/recipes/30-test_evp_data/evppkey_ffdhe.txt b/test/recipes/30-test_evp_data/evppkey_ffdhe.txt index 183a11b1ef..3d729aded6 100644 --- a/test/recipes/30-test_evp_data/evppkey_ffdhe.txt +++ b/test/recipes/30-test_evp_data/evppkey_ffdhe.txt @@ -93,6 +93,27 @@ PeerKey=ffdhe2048-2-pub Ctrl = dh_pad:1 SharedSecret=00006620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF +# The following two testcases check that the padding is implicitly enabled +# with X942KDF-ASN1 KDF. +# The plain shared secret for these keys needs padding as seen above. +Derive=ffdhe2048-1 +PeerKey=ffdhe2048-2-pub +KDFType=X942KDF-ASN1 +KDFOutlen=32 +KDFDigest=SHA-256 +CEKAlg=id-aes128-wrap +Ctrl = dh_pad:1 +SharedSecret=89A249DF4EE9033B89C2B4E52072A736D94F51143A1ED5C8F1E91FCBEBE09654 + +Derive=ffdhe2048-2 +PeerKey=ffdhe2048-1-pub +KDFType=X942KDF-ASN1 +KDFOutlen=32 +KDFDigest=SHA-256 +CEKAlg=id-aes128-wrap +Ctrl = dh_pad:0 +SharedSecret=89A249DF4EE9033B89C2B4E52072A736D94F51143A1ED5C8F1E91FCBEBE09654 + PrivateKey=ffdhe3072-1 -----BEGIN PRIVATE KEY----- MIIByQIBADCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv -- 2.34.1