From a3c62426b9c056af802ab7988f217e55eaf2b213 Mon Sep 17 00:00:00 2001 From: Shane Lontis Date: Sun, 24 Mar 2019 19:11:42 +1000 Subject: [PATCH] coverity fixes for SSKDF + mac_app + kdf test cleanup Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8566) --- apps/mac.c | 3 +- crypto/kdf/sskdf.c | 7 +- test/evp_kdf_test.c | 374 ++++++++++++++------------------------------ 3 files changed, 125 insertions(+), 259 deletions(-) diff --git a/apps/mac.c b/apps/mac.c index a02779b29f..946c3c7aa1 100644 --- a/apps/mac.c +++ b/apps/mac.c @@ -76,8 +76,7 @@ int mac_main(int argc, char **argv) buf = app_malloc(BUFSIZE, "I/O buffer"); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: - case OPT_ERR: + default: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); goto err; diff --git a/crypto/kdf/sskdf.c b/crypto/kdf/sskdf.c index 935428f77f..89e4e5b484 100644 --- a/crypto/kdf/sskdf.c +++ b/crypto/kdf/sskdf.c @@ -247,10 +247,13 @@ static int SSKDF_mac_kdm(const EVP_MAC *kdf_mac, const EVP_MD *hmac_md, } ret = 1; end: - OPENSSL_free(kmac_buffer); + if (kmac_buffer != NULL) + OPENSSL_clear_free(kmac_buffer, kmac_out_len); + else + OPENSSL_cleanse(mac_buf, sizeof(mac_buf)); + EVP_MAC_CTX_free(ctx); EVP_MAC_CTX_free(ctx_init); - OPENSSL_cleanse(mac, sizeof(mac)); return ret; } diff --git a/test/evp_kdf_test.c b/test/evp_kdf_test.c index a664995457..4215fe3524 100644 --- a/test/evp_kdf_test.c +++ b/test/evp_kdf_test.c @@ -19,137 +19,76 @@ static int test_kdf_tls1_prf(void) { - int ret = 0; + int ret; EVP_KDF_CTX *kctx; unsigned char out[16]; + const unsigned char expected[sizeof(out)] = { + 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0, + 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc + }; - if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF)) == NULL) { - TEST_error("EVP_KDF_TLS1_PRF"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MD"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET, - "secret", (size_t)6) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_TLS_SECRET"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", (size_t)4) <= 0) { - TEST_error("EVP_KDF_CTRL_ADD_TLS_SEED"); - goto err; - } - if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { - TEST_error("EVP_KDF_derive"); - goto err; - } + ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF)) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), + 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET, + "secret", (size_t)6), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", + (size_t)4), 0) + && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) + && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); - { - const unsigned char expected[sizeof(out)] = { - 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0, - 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc - }; - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { - goto err; - } - } - ret = 1; -err: EVP_KDF_CTX_free(kctx); return ret; } static int test_kdf_hkdf(void) { - int ret = 0; + int ret; EVP_KDF_CTX *kctx; unsigned char out[10]; + const unsigned char expected[sizeof(out)] = { + 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 + }; - if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF)) == NULL) { - TEST_error("EVP_KDF_HKDF"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MD"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_SALT"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_KEY"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, - "label", (size_t)5) <= 0) { - TEST_error("EVP_KDF_CTRL_ADD_HKDF_INFO"); - goto err; - } - if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { - TEST_error("EVP_KDF_derive"); - goto err; - } + ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF)) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), + 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", + (size_t)4), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", + (size_t)6), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, + "label", (size_t)5), 0) + && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) + && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); - { - const unsigned char expected[sizeof(out)] = { - 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 - }; - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { - goto err; - } - } - ret = 1; -err: EVP_KDF_CTX_free(kctx); return ret; } static int test_kdf_pbkdf2(void) { - int ret = 0; + int ret; EVP_KDF_CTX *kctx; unsigned char out[32]; + const unsigned char expected[sizeof(out)] = { + 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3, + 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0, + 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf, + 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43 + }; - if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) { - TEST_error("EVP_KDF_PBKDF2"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_PASS"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_SALT"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_ITER"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MD"); - goto err; - } - if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { - TEST_error("EVP_KDF_derive"); - goto err; - } + ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", + (size_t)8), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", + (size_t)4), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), + 0) + && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) + && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); - { - const unsigned char expected[sizeof(out)] = { - 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3, - 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0, - 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf, - 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43 - }; - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { - goto err; - } - } - ret = 1; -err: EVP_KDF_CTX_free(kctx); return ret; } @@ -157,77 +96,49 @@ err: #ifndef OPENSSL_NO_SCRYPT static int test_kdf_scrypt(void) { - int ret = 0; + int ret; EVP_KDF_CTX *kctx; unsigned char out[64]; + const unsigned char expected[sizeof(out)] = { + 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, + 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, + 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, + 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, + 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, + 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, + 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, + 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 + }; - if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT)) == NULL) { - TEST_error("EVP_KDF_SCRYPT"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_PASS"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", (size_t)4) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_SALT"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, (uint64_t)1024) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_SCRYPT_N"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)8) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_SCRYPT_R"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)16) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_SCRYPT_P"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, (uint64_t)16) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES"); - goto err; - } - if (EVP_KDF_derive(kctx, out, sizeof(out)) > 0) { - TEST_error("EVP_KDF_derive should have failed"); - goto err; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, - (uint64_t)(10 * 1024 * 1024)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES"); - goto err; - } - if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { - TEST_error("EVP_KDF_derive"); - goto err; - } + ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT)) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", + (size_t)8), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", + (size_t)4), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, + (uint64_t)1024), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, + (uint32_t)8), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, + (uint32_t)16), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, + (uint64_t)16), 0) + /* failure test */ + && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out)), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, + (uint64_t)(10 * 1024 * 1024)), 0) + && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) + && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); - { - const unsigned char expected[sizeof(out)] = { - 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, - 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, - 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, - 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, - 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, - 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, - 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, - 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 - }; - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { - goto err; - } - } - ret = 1; -err: EVP_KDF_CTX_free(kctx); return ret; } -#endif +#endif /* OPENSSL_NO_SCRYPT */ static int test_kdf_ss_hash(void) { - EVP_KDF_CTX *kctx; + int ret; + EVP_KDF_CTX *kctx = NULL; const unsigned char z[] = { 0x6d,0xbd,0xc2,0x3f,0x04,0x54,0x88,0xe4,0x06,0x27,0x57,0xb0,0x6b,0x9e, 0xba,0xe1,0x83,0xfc,0x5a,0x59,0x46,0xd8,0x0d,0xb9,0x3f,0xec,0x6f,0x62, @@ -245,35 +156,23 @@ static int test_kdf_ss_hash(void) }; unsigned char out[14]; - kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); - - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MD"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_KEY"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, - sizeof(other)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_OTHER"); - return 0; - } - if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { - TEST_error("EVP_KDF_derive"); - return 0; - } - - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) - return 0; + ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS)) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()), + 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), + 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, + sizeof(other)), 0) + && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) + && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); EVP_KDF_CTX_free(kctx); - return 1; + return ret; } static int test_kdf_ss_hmac(void) { + int ret; EVP_KDF_CTX *kctx; const EVP_MAC *mac; @@ -293,44 +192,27 @@ static int test_kdf_ss_hmac(void) }; unsigned char out[16]; - kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); - mac = EVP_get_macbyname("HMAC"); - - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MAC"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MD"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_KEY"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, - sizeof(other)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_OTHER"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt, sizeof(salt)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_SALT"); - return 0; - } - if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { - TEST_error("EVP_KDF_derive"); - return 0; - } - - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) - return 0; + ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS)) + && TEST_ptr(mac = EVP_get_macbyname("HMAC")) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), + 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), + 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, + sizeof(other)), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt, + sizeof(salt)), 0) + && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) + && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); EVP_KDF_CTX_free(kctx); - return 1; + return ret; } static int test_kdf_ss_kmac(void) { + int ret; EVP_KDF_CTX *kctx; unsigned char out[64]; const EVP_MAC *mac; @@ -353,40 +235,22 @@ static int test_kdf_ss_kmac(void) 0xae,0x15,0x7e,0x1d,0xe8,0x14,0x98,0x03 }; - kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); - mac = EVP_get_macbyname("KMAC128"); - - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MAC"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_KEY"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, - sizeof(other)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_OTHER"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt, sizeof(salt)) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_SALT"); - return 0; - } - if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC_SIZE, (size_t)20) <= 0) { - TEST_error("EVP_KDF_CTRL_SET_MACSIZE"); - return 0; - } - if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { - TEST_error("EVP_KDF_derive"); - return 0; - } - - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) - return 0; + ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS)) + && TEST_ptr(mac = EVP_get_macbyname("KMAC128")) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, + sizeof(z)), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, + sizeof(other)), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt, + sizeof(salt)), 0) + && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC_SIZE, + (size_t)20), 0) + && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) + && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); EVP_KDF_CTX_free(kctx); - return 1; + return ret; } int setup_tests(void) -- 2.34.1