mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-23 14:42:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

evp_test: Add testcases for DH KEX with X9.42 KDF

Browse Source 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)
This commit is contained in:
Tomas Mraz 2022-03-10 18:41:30 +01:00
parent 76396ebbd7
commit 4413fe3520
2 changed files with 68 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
test/evp_test.c
View File

@ -1876,6 +1876,51 @@ static int pderive_test_parse(EVP_TEST *t,
return parse_bin(value, &kdata->output, &kdata->output_len);
if (strcmp(keyword, "Ctrl") == 0)
return pkey_test_ctrl(t, kdata->ctx, value);
if (strcmp(keyword, "KDFType") == 0) {
OSSL_PARAM params[2];
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,
(char *)value, 0);
params[1] = OSSL_PARAM_construct_end();
if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0)
return -1;
return 1;
}
if (strcmp(keyword, "KDFDigest") == 0) {
OSSL_PARAM params[2];
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,
(char *)value, 0);
params[1] = OSSL_PARAM_construct_end();
if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0)
return -1;
return 1;
}
if (strcmp(keyword, "CEKAlg") == 0) {
OSSL_PARAM params[2];
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG,
(char *)value, 0);
params[1] = OSSL_PARAM_construct_end();
if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0)
return -1;
return 1;
}
if (strcmp(keyword, "KDFOutlen") == 0) {
OSSL_PARAM params[2];
char *endptr;
size_t outlen = (size_t)strtoul(value, &endptr, 0);
if (endptr[0] != '\0')
return -1;
params[0] = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
&outlen);
params[1] = OSSL_PARAM_construct_end();
if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0)
return -1;
return 1;
}
return 0;
}
@ -1891,7 +1936,8 @@ static int pderive_test_run(EVP_TEST *t)
goto err;
}
if (EVP_PKEY_derive(dctx, NULL, &got_len) <= 0) {
if (EVP_PKEY_derive(dctx, NULL, &got_len) <= 0
|| !TEST_size_t_ne(got_len, 0)) {
t->err = "DERIVE_ERROR";
goto err;
}

21
test/recipes/30-test_evp_data/evppkey_ffdhe.txt
View File

@ -93,6 +93,27 @@ PeerKey=ffdhe2048-2-pub
Ctrl = dh_pad:1
SharedSecret=00006620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF
# The following two testcases check that the padding is implicitly enabled
# with X942KDF-ASN1 KDF.
# The plain shared secret for these keys needs padding as seen above.
Derive=ffdhe2048-1
PeerKey=ffdhe2048-2-pub
KDFType=X942KDF-ASN1
KDFOutlen=32
KDFDigest=SHA-256
CEKAlg=id-aes128-wrap
Ctrl = dh_pad:1
SharedSecret=89A249DF4EE9033B89C2B4E52072A736D94F51143A1ED5C8F1E91FCBEBE09654
Derive=ffdhe2048-2
PeerKey=ffdhe2048-1-pub
KDFType=X942KDF-ASN1
KDFOutlen=32
KDFDigest=SHA-256
CEKAlg=id-aes128-wrap
Ctrl = dh_pad:0
SharedSecret=89A249DF4EE9033B89C2B4E52072A736D94F51143A1ED5C8F1E91FCBEBE09654
PrivateKey=ffdhe3072-1
-----BEGIN PRIVATE KEY-----
MIIByQIBADCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv