2 * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
11 /* Tests of the EVP_KDF_CTX APIs */
16 #include <openssl/evp.h>
17 #include <openssl/kdf.h>
20 static int test_kdf_tls1_prf(void)
23 EVP_KDF_CTX *kctx = NULL;
25 unsigned char out[16];
26 static const unsigned char expected[sizeof(out)] = {
27 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
28 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
32 TEST_ptr(kdf = EVP_get_kdfbyname(SN_tls1_prf))
33 && TEST_ptr(kctx = EVP_KDF_CTX_new(kdf))
34 && TEST_ptr_eq(EVP_KDF_CTX_kdf(kctx), kdf)
35 && TEST_str_eq(EVP_KDF_name(kdf), SN_tls1_prf)
36 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
37 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET,
38 "secret", (size_t)6), 0)
39 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed",
41 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
42 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
44 EVP_KDF_CTX_free(kctx);
48 static int test_kdf_hkdf(void)
52 unsigned char out[10];
53 static const unsigned char expected[sizeof(out)] = {
54 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
58 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF))
59 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
60 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt",
62 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret",
64 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, "label",
66 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
67 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
69 EVP_KDF_CTX_free(kctx);
73 static int test_kdf_pbkdf2(void)
77 unsigned char out[25];
79 const unsigned char expected[sizeof(out)] = {
80 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f,
81 0x32, 0xd8, 0x14, 0xb8, 0x11, 0x6e, 0x84, 0xcf,
82 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
89 ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2))
90 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS,
91 "passwordPASSWORDpassword",
93 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
94 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
96 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 4096), 0)
97 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()),
99 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
101 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
102 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))
103 /* A key length that is too small should fail */
104 && TEST_int_eq(EVP_KDF_derive(kctx, out, 112 / 8 - 1), 0)
105 /* A key length that is too large should fail */
106 && (len == 0 || TEST_int_eq(EVP_KDF_derive(kctx, out, len), 0))
107 /* Salt length less than 128 bits should fail */
108 && TEST_int_eq(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
111 /* A small iteration count should fail */
112 && TEST_int_eq(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 1), 0)
113 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
115 /* Small salts will pass if the "pkcs5" mode is enabled */
116 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
119 /* A small iteration count will pass if "pkcs5" mode is enabled */
120 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 1), 0)
122 * If the "pkcs5" mode is disabled then the small salt and iter will
123 * fail when the derive gets called.
125 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
127 && TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
129 EVP_KDF_CTX_free(kctx);
133 #ifndef OPENSSL_NO_SCRYPT
134 static int test_kdf_scrypt(void)
138 unsigned char out[64];
139 static const unsigned char expected[sizeof(out)] = {
140 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
141 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
142 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
143 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
144 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
145 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
146 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
147 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
151 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT))
152 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password",
154 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl",
156 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N,
158 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R,
160 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P,
162 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
165 && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
166 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
167 (uint64_t)(10 * 1024 * 1024)), 0)
168 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
169 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
171 EVP_KDF_CTX_free(kctx);
174 #endif /* OPENSSL_NO_SCRYPT */
176 static int test_kdf_ss_hash(void)
179 EVP_KDF_CTX *kctx = NULL;
180 unsigned char out[14];
181 static const unsigned char z[] = {
182 0x6d,0xbd,0xc2,0x3f,0x04,0x54,0x88,0xe4,0x06,0x27,0x57,0xb0,0x6b,0x9e,
183 0xba,0xe1,0x83,0xfc,0x5a,0x59,0x46,0xd8,0x0d,0xb9,0x3f,0xec,0x6f,0x62,
184 0xec,0x07,0xe3,0x72,0x7f,0x01,0x26,0xae,0xd1,0x2c,0xe4,0xb2,0x62,0xf4,
185 0x7d,0x48,0xd5,0x42,0x87,0xf8,0x1d,0x47,0x4c,0x7c,0x3b,0x18,0x50,0xe9
187 static const unsigned char other[] = {
188 0xa1,0xb2,0xc3,0xd4,0xe5,0x43,0x41,0x56,0x53,0x69,0x64,0x3c,0x83,0x2e,
189 0x98,0x49,0xdc,0xdb,0xa7,0x1e,0x9a,0x31,0x39,0xe6,0x06,0xe0,0x95,0xde,
190 0x3c,0x26,0x4a,0x66,0xe9,0x8a,0x16,0x58,0x54,0xcd,0x07,0x98,0x9b,0x1e,
191 0xe0,0xec,0x3f,0x8d,0xbe
193 static const unsigned char expected[sizeof(out)] = {
194 0xa4,0x62,0xde,0x16,0xa8,0x9d,0xe8,0x46,0x6e,0xf5,0x46,0x0b,0x47,0xb8
198 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
199 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()), 0)
200 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
201 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
203 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
204 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
206 EVP_KDF_CTX_free(kctx);
210 static int test_kdf_x963(void)
213 EVP_KDF_CTX *kctx = NULL;
214 unsigned char out[1024 / 8];
216 * Test data from https://csrc.nist.gov/CSRC/media/Projects/
217 * Cryptographic-Algorithm-Validation-Program/documents/components/
218 * 800-135testvectors/ansx963_2001.zip
220 static const unsigned char z[] = {
221 0x00, 0xaa, 0x5b, 0xb7, 0x9b, 0x33, 0xe3, 0x89, 0xfa, 0x58, 0xce, 0xad,
222 0xc0, 0x47, 0x19, 0x7f, 0x14, 0xe7, 0x37, 0x12, 0xf4, 0x52, 0xca, 0xa9,
223 0xfc, 0x4c, 0x9a, 0xdb, 0x36, 0x93, 0x48, 0xb8, 0x15, 0x07, 0x39, 0x2f,
224 0x1a, 0x86, 0xdd, 0xfd, 0xb7, 0xc4, 0xff, 0x82, 0x31, 0xc4, 0xbd, 0x0f,
225 0x44, 0xe4, 0x4a, 0x1b, 0x55, 0xb1, 0x40, 0x47, 0x47, 0xa9, 0xe2, 0xe7,
226 0x53, 0xf5, 0x5e, 0xf0, 0x5a, 0x2d
228 static const unsigned char shared[] = {
229 0xe3, 0xb5, 0xb4, 0xc1, 0xb0, 0xd5, 0xcf, 0x1d, 0x2b, 0x3a, 0x2f, 0x99,
230 0x37, 0x89, 0x5d, 0x31
232 static const unsigned char expected[sizeof(out)] = {
233 0x44, 0x63, 0xf8, 0x69, 0xf3, 0xcc, 0x18, 0x76, 0x9b, 0x52, 0x26, 0x4b,
234 0x01, 0x12, 0xb5, 0x85, 0x8f, 0x7a, 0xd3, 0x2a, 0x5a, 0x2d, 0x96, 0xd8,
235 0xcf, 0xfa, 0xbf, 0x7f, 0xa7, 0x33, 0x63, 0x3d, 0x6e, 0x4d, 0xd2, 0xa5,
236 0x99, 0xac, 0xce, 0xb3, 0xea, 0x54, 0xa6, 0x21, 0x7c, 0xe0, 0xb5, 0x0e,
237 0xef, 0x4f, 0x6b, 0x40, 0xa5, 0xc3, 0x02, 0x50, 0xa5, 0xa8, 0xee, 0xee,
238 0x20, 0x80, 0x02, 0x26, 0x70, 0x89, 0xdb, 0xf3, 0x51, 0xf3, 0xf5, 0x02,
239 0x2a, 0xa9, 0x63, 0x8b, 0xf1, 0xee, 0x41, 0x9d, 0xea, 0x9c, 0x4f, 0xf7,
240 0x45, 0xa2, 0x5a, 0xc2, 0x7b, 0xda, 0x33, 0xca, 0x08, 0xbd, 0x56, 0xdd,
241 0x1a, 0x59, 0xb4, 0x10, 0x6c, 0xf2, 0xdb, 0xbc, 0x0a, 0xb2, 0xaa, 0x8e,
242 0x2e, 0xfa, 0x7b, 0x17, 0x90, 0x2d, 0x34, 0x27, 0x69, 0x51, 0xce, 0xcc,
243 0xab, 0x87, 0xf9, 0x66, 0x1c, 0x3e, 0x88, 0x16
247 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_X963))
248 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha512()), 0)
249 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
250 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SHARED_INFO, shared,
252 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
253 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
255 EVP_KDF_CTX_free(kctx);
259 static int test_kdf_ss_hmac(void)
263 unsigned char out[16];
264 static const unsigned char z[] = {
265 0xb7,0x4a,0x14,0x9a,0x16,0x15,0x46,0xf8,0xc2,0x0b,0x06,0xac,0x4e,0xd4
267 static const unsigned char other[] = {
268 0x34,0x8a,0x37,0xa2,0x7e,0xf1,0x28,0x2f,0x5f,0x02,0x0d,0xcc
270 static const unsigned char salt[] = {
271 0x36,0x38,0x27,0x1c,0xcd,0x68,0xa2,0x5d,0xc2,0x4e,0xcd,0xdd,0x39,0xef,
274 static const unsigned char expected[sizeof(out)] = {
275 0x44,0xf6,0x76,0xe8,0x5c,0x1b,0x1a,0x8b,0xbc,0x3d,0x31,0x92,0x18,0x63,
280 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
281 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, "HMAC"), 0)
282 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
283 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
284 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
286 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
288 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
289 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
291 EVP_KDF_CTX_free(kctx);
295 static int test_kdf_ss_kmac(void)
299 unsigned char out[64];
300 static const unsigned char z[] = {
301 0xb7,0x4a,0x14,0x9a,0x16,0x15,0x46,0xf8,0xc2,0x0b,0x06,0xac,0x4e,0xd4
303 static const unsigned char other[] = {
304 0x34,0x8a,0x37,0xa2,0x7e,0xf1,0x28,0x2f,0x5f,0x02,0x0d,0xcc
306 static const unsigned char salt[] = {
307 0x36,0x38,0x27,0x1c,0xcd,0x68,0xa2,0x5d,0xc2,0x4e,0xcd,0xdd,0x39,0xef,
310 static const unsigned char expected[sizeof(out)] = {
311 0xe9,0xc1,0x84,0x53,0xa0,0x62,0xb5,0x3b,0xdb,0xfc,0xbb,0x5a,0x34,0xbd,
312 0xb8,0xe5,0xe7,0x07,0xee,0xbb,0x5d,0xd1,0x34,0x42,0x43,0xd8,0xcf,0xc2,
313 0xc2,0xe6,0x33,0x2f,0x91,0xbd,0xa5,0x86,0xf3,0x7d,0xe4,0x8a,0x65,0xd4,
314 0xc5,0x14,0xfd,0xef,0xaa,0x1e,0x67,0x54,0xf3,0x73,0xd2,0x38,0xe1,0x95,
315 0xae,0x15,0x7e,0x1d,0xe8,0x14,0x98,0x03
319 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
320 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, "KMAC128"), 0)
321 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z,
323 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
325 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
327 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC_SIZE,
329 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
330 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
332 EVP_KDF_CTX_free(kctx);
336 static int test_kdf_sshkdf(void)
340 unsigned char out[8];
341 /* Test data from NIST CAVS 14.1 test vectors */
342 static const unsigned char key[] = {
343 0x00, 0x00, 0x00, 0x81, 0x00, 0x87, 0x5c, 0x55, 0x1c, 0xef, 0x52, 0x6a,
344 0x4a, 0x8b, 0xe1, 0xa7, 0xdf, 0x27, 0xe9, 0xed, 0x35, 0x4b, 0xac, 0x9a,
345 0xfb, 0x71, 0xf5, 0x3d, 0xba, 0xe9, 0x05, 0x67, 0x9d, 0x14, 0xf9, 0xfa,
346 0xf2, 0x46, 0x9c, 0x53, 0x45, 0x7c, 0xf8, 0x0a, 0x36, 0x6b, 0xe2, 0x78,
347 0x96, 0x5b, 0xa6, 0x25, 0x52, 0x76, 0xca, 0x2d, 0x9f, 0x4a, 0x97, 0xd2,
348 0x71, 0xf7, 0x1e, 0x50, 0xd8, 0xa9, 0xec, 0x46, 0x25, 0x3a, 0x6a, 0x90,
349 0x6a, 0xc2, 0xc5, 0xe4, 0xf4, 0x8b, 0x27, 0xa6, 0x3c, 0xe0, 0x8d, 0x80,
350 0x39, 0x0a, 0x49, 0x2a, 0xa4, 0x3b, 0xad, 0x9d, 0x88, 0x2c, 0xca, 0xc2,
351 0x3d, 0xac, 0x88, 0xbc, 0xad, 0xa4, 0xb4, 0xd4, 0x26, 0xa3, 0x62, 0x08,
352 0x3d, 0xab, 0x65, 0x69, 0xc5, 0x4c, 0x22, 0x4d, 0xd2, 0xd8, 0x76, 0x43,
353 0xaa, 0x22, 0x76, 0x93, 0xe1, 0x41, 0xad, 0x16, 0x30, 0xce, 0x13, 0x14,
356 static const unsigned char xcghash[] = {
357 0x0e, 0x68, 0x3f, 0xc8, 0xa9, 0xed, 0x7c, 0x2f, 0xf0, 0x2d, 0xef, 0x23,
358 0xb2, 0x74, 0x5e, 0xbc, 0x99, 0xb2, 0x67, 0xda, 0xa8, 0x6a, 0x4a, 0xa7,
359 0x69, 0x72, 0x39, 0x08, 0x82, 0x53, 0xf6, 0x42
361 static const unsigned char sessid[] = {
362 0x0e, 0x68, 0x3f, 0xc8, 0xa9, 0xed, 0x7c, 0x2f, 0xf0, 0x2d, 0xef, 0x23,
363 0xb2, 0x74, 0x5e, 0xbc, 0x99, 0xb2, 0x67, 0xda, 0xa8, 0x6a, 0x4a, 0xa7,
364 0x69, 0x72, 0x39, 0x08, 0x82, 0x53, 0xf6, 0x42
366 static const unsigned char expected[sizeof(out)] = {
367 0x41, 0xff, 0x2e, 0xad, 0x16, 0x83, 0xf1, 0xe6
371 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF))
372 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
373 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key,
375 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
376 xcghash, sizeof(xcghash)), 0)
377 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
378 sessid, sizeof(sessid)), 0)
380 EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE,
381 (int)EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV), 0)
382 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
383 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
385 EVP_KDF_CTX_free(kctx);
389 static int test_kdf_get_kdf(void)
391 const EVP_KDF *kdf1, *kdf2;
395 TEST_ptr(obj = OBJ_nid2obj(NID_id_pbkdf2))
396 && TEST_ptr(kdf1 = EVP_get_kdfbyname(LN_id_pbkdf2))
397 && TEST_ptr(kdf2 = EVP_get_kdfbyobj(obj))
398 && TEST_ptr_eq(kdf1, kdf2)
399 && TEST_ptr(kdf1 = EVP_get_kdfbyname(SN_tls1_prf))
400 && TEST_ptr(kdf2 = EVP_get_kdfbyname(LN_tls1_prf))
401 && TEST_ptr_eq(kdf1, kdf2)
402 && TEST_ptr(kdf2 = EVP_get_kdfbynid(NID_tls1_prf))
403 && TEST_ptr_eq(kdf1, kdf2);
406 #ifndef OPENSSL_NO_CMS
407 static int test_kdf_x942_asn1(void)
410 EVP_KDF_CTX *kctx = NULL;
411 unsigned char out[24];
412 /* RFC2631 Section 2.1.6 Test data */
413 static const unsigned char z[] = {
414 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,
415 0x0e,0x0f,0x10,0x11,0x12,0x13
417 static const unsigned char expected[sizeof(out)] = {
418 0xa0,0x96,0x61,0x39,0x23,0x76,0xf7,0x04,
419 0x4d,0x90,0x52,0xa3,0x97,0x88,0x32,0x46,
420 0xb6,0x7f,0x5f,0x1e,0xf6,0x3e,0xb5,0xfb
424 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_X942))
425 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha1()), 0)
426 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
427 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CEK_ALG,
428 SN_id_smime_alg_CMS3DESwrap), 0)
429 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
430 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
432 EVP_KDF_CTX_free(kctx);
435 #endif /* OPENSSL_NO_CMS */
437 int setup_tests(void)
439 ADD_TEST(test_kdf_get_kdf);
440 ADD_TEST(test_kdf_tls1_prf);
441 ADD_TEST(test_kdf_hkdf);
442 ADD_TEST(test_kdf_pbkdf2);
443 #ifndef OPENSSL_NO_SCRYPT
444 ADD_TEST(test_kdf_scrypt);
446 ADD_TEST(test_kdf_ss_hash);
447 ADD_TEST(test_kdf_ss_hmac);
448 ADD_TEST(test_kdf_ss_kmac);
449 ADD_TEST(test_kdf_sshkdf);
450 ADD_TEST(test_kdf_x963);
451 #ifndef OPENSSL_NO_CMS
452 ADD_TEST(test_kdf_x942_asn1);