2 * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
11 /* Tests of the EVP_KDF_CTX APIs */
16 #include <openssl/evp.h>
17 #include <openssl/kdf.h>
18 #include <openssl/core_names.h>
21 static int test_kdf_tls1_prf(void)
24 EVP_KDF_CTX *kctx = NULL;
26 unsigned char out[16];
27 static const unsigned char expected[sizeof(out)] = {
28 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
29 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
33 TEST_ptr(kdf = EVP_get_kdfbyname(SN_tls1_prf))
34 && TEST_ptr(kctx = EVP_KDF_CTX_new(kdf))
35 && TEST_ptr_eq(EVP_KDF_CTX_kdf(kctx), kdf)
36 && TEST_str_eq(EVP_KDF_name(kdf), SN_tls1_prf)
37 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
38 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET,
39 "secret", (size_t)6), 0)
40 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed",
42 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
43 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
45 EVP_KDF_CTX_free(kctx);
49 static int test_kdf_hkdf(void)
53 unsigned char out[10];
54 static const unsigned char expected[sizeof(out)] = {
55 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
59 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF))
60 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
61 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt",
63 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret",
65 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, "label",
67 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
68 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
70 EVP_KDF_CTX_free(kctx);
74 static int test_kdf_pbkdf2(void)
78 unsigned char out[25];
80 const unsigned char expected[sizeof(out)] = {
81 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f,
82 0x32, 0xd8, 0x14, 0xb8, 0x11, 0x6e, 0x84, 0xcf,
83 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
90 ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2))
91 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS,
92 "passwordPASSWORDpassword",
94 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
95 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
97 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 4096), 0)
98 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()),
100 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
102 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
103 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))
104 /* A key length that is too small should fail */
105 && TEST_int_eq(EVP_KDF_derive(kctx, out, 112 / 8 - 1), 0)
106 /* A key length that is too large should fail */
107 && (len == 0 || TEST_int_eq(EVP_KDF_derive(kctx, out, len), 0))
108 /* Salt length less than 128 bits should fail */
109 && TEST_int_eq(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
112 /* A small iteration count should fail */
113 && TEST_int_eq(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 1), 0)
114 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
116 /* Small salts will pass if the "pkcs5" mode is enabled */
117 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
120 /* A small iteration count will pass if "pkcs5" mode is enabled */
121 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 1), 0)
123 * If the "pkcs5" mode is disabled then the small salt and iter will
124 * fail when the derive gets called.
126 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE,
128 && TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
130 EVP_KDF_CTX_free(kctx);
134 #ifndef OPENSSL_NO_SCRYPT
135 static int test_kdf_scrypt(void)
139 unsigned char out[64];
140 static const unsigned char expected[sizeof(out)] = {
141 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
142 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
143 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
144 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
145 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
146 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
147 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
148 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
152 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT))
153 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password",
155 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl",
157 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N,
159 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R,
161 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P,
163 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
166 && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
167 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
168 (uint64_t)(10 * 1024 * 1024)), 0)
169 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
170 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
172 EVP_KDF_CTX_free(kctx);
175 #endif /* OPENSSL_NO_SCRYPT */
177 static int test_kdf_ss_hash(void)
180 EVP_KDF_CTX *kctx = NULL;
181 unsigned char out[14];
182 static const unsigned char z[] = {
183 0x6d,0xbd,0xc2,0x3f,0x04,0x54,0x88,0xe4,0x06,0x27,0x57,0xb0,0x6b,0x9e,
184 0xba,0xe1,0x83,0xfc,0x5a,0x59,0x46,0xd8,0x0d,0xb9,0x3f,0xec,0x6f,0x62,
185 0xec,0x07,0xe3,0x72,0x7f,0x01,0x26,0xae,0xd1,0x2c,0xe4,0xb2,0x62,0xf4,
186 0x7d,0x48,0xd5,0x42,0x87,0xf8,0x1d,0x47,0x4c,0x7c,0x3b,0x18,0x50,0xe9
188 static const unsigned char other[] = {
189 0xa1,0xb2,0xc3,0xd4,0xe5,0x43,0x41,0x56,0x53,0x69,0x64,0x3c,0x83,0x2e,
190 0x98,0x49,0xdc,0xdb,0xa7,0x1e,0x9a,0x31,0x39,0xe6,0x06,0xe0,0x95,0xde,
191 0x3c,0x26,0x4a,0x66,0xe9,0x8a,0x16,0x58,0x54,0xcd,0x07,0x98,0x9b,0x1e,
192 0xe0,0xec,0x3f,0x8d,0xbe
194 static const unsigned char expected[sizeof(out)] = {
195 0xa4,0x62,0xde,0x16,0xa8,0x9d,0xe8,0x46,0x6e,0xf5,0x46,0x0b,0x47,0xb8
199 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
200 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()), 0)
201 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
202 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
204 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
205 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
207 EVP_KDF_CTX_free(kctx);
211 static int test_kdf_x963(void)
214 EVP_KDF_CTX *kctx = NULL;
215 unsigned char out[1024 / 8];
217 * Test data from https://csrc.nist.gov/CSRC/media/Projects/
218 * Cryptographic-Algorithm-Validation-Program/documents/components/
219 * 800-135testvectors/ansx963_2001.zip
221 static const unsigned char z[] = {
222 0x00, 0xaa, 0x5b, 0xb7, 0x9b, 0x33, 0xe3, 0x89, 0xfa, 0x58, 0xce, 0xad,
223 0xc0, 0x47, 0x19, 0x7f, 0x14, 0xe7, 0x37, 0x12, 0xf4, 0x52, 0xca, 0xa9,
224 0xfc, 0x4c, 0x9a, 0xdb, 0x36, 0x93, 0x48, 0xb8, 0x15, 0x07, 0x39, 0x2f,
225 0x1a, 0x86, 0xdd, 0xfd, 0xb7, 0xc4, 0xff, 0x82, 0x31, 0xc4, 0xbd, 0x0f,
226 0x44, 0xe4, 0x4a, 0x1b, 0x55, 0xb1, 0x40, 0x47, 0x47, 0xa9, 0xe2, 0xe7,
227 0x53, 0xf5, 0x5e, 0xf0, 0x5a, 0x2d
229 static const unsigned char shared[] = {
230 0xe3, 0xb5, 0xb4, 0xc1, 0xb0, 0xd5, 0xcf, 0x1d, 0x2b, 0x3a, 0x2f, 0x99,
231 0x37, 0x89, 0x5d, 0x31
233 static const unsigned char expected[sizeof(out)] = {
234 0x44, 0x63, 0xf8, 0x69, 0xf3, 0xcc, 0x18, 0x76, 0x9b, 0x52, 0x26, 0x4b,
235 0x01, 0x12, 0xb5, 0x85, 0x8f, 0x7a, 0xd3, 0x2a, 0x5a, 0x2d, 0x96, 0xd8,
236 0xcf, 0xfa, 0xbf, 0x7f, 0xa7, 0x33, 0x63, 0x3d, 0x6e, 0x4d, 0xd2, 0xa5,
237 0x99, 0xac, 0xce, 0xb3, 0xea, 0x54, 0xa6, 0x21, 0x7c, 0xe0, 0xb5, 0x0e,
238 0xef, 0x4f, 0x6b, 0x40, 0xa5, 0xc3, 0x02, 0x50, 0xa5, 0xa8, 0xee, 0xee,
239 0x20, 0x80, 0x02, 0x26, 0x70, 0x89, 0xdb, 0xf3, 0x51, 0xf3, 0xf5, 0x02,
240 0x2a, 0xa9, 0x63, 0x8b, 0xf1, 0xee, 0x41, 0x9d, 0xea, 0x9c, 0x4f, 0xf7,
241 0x45, 0xa2, 0x5a, 0xc2, 0x7b, 0xda, 0x33, 0xca, 0x08, 0xbd, 0x56, 0xdd,
242 0x1a, 0x59, 0xb4, 0x10, 0x6c, 0xf2, 0xdb, 0xbc, 0x0a, 0xb2, 0xaa, 0x8e,
243 0x2e, 0xfa, 0x7b, 0x17, 0x90, 0x2d, 0x34, 0x27, 0x69, 0x51, 0xce, 0xcc,
244 0xab, 0x87, 0xf9, 0x66, 0x1c, 0x3e, 0x88, 0x16
248 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_X963))
249 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha512()), 0)
250 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
251 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SHARED_INFO, shared,
253 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
254 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
256 EVP_KDF_CTX_free(kctx);
260 static int test_kdf_ss_hmac(void)
264 unsigned char out[16];
265 static const unsigned char z[] = {
266 0xb7,0x4a,0x14,0x9a,0x16,0x15,0x46,0xf8,0xc2,0x0b,0x06,0xac,0x4e,0xd4
268 static const unsigned char other[] = {
269 0x34,0x8a,0x37,0xa2,0x7e,0xf1,0x28,0x2f,0x5f,0x02,0x0d,0xcc
271 static const unsigned char salt[] = {
272 0x36,0x38,0x27,0x1c,0xcd,0x68,0xa2,0x5d,0xc2,0x4e,0xcd,0xdd,0x39,0xef,
275 static const unsigned char expected[sizeof(out)] = {
276 0x44,0xf6,0x76,0xe8,0x5c,0x1b,0x1a,0x8b,0xbc,0x3d,0x31,0x92,0x18,0x63,
281 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
282 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC,
283 OSSL_MAC_NAME_HMAC), 0)
284 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
285 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
286 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
288 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
290 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
291 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
293 EVP_KDF_CTX_free(kctx);
297 static int test_kdf_ss_kmac(void)
301 unsigned char out[64];
302 static const unsigned char z[] = {
303 0xb7,0x4a,0x14,0x9a,0x16,0x15,0x46,0xf8,0xc2,0x0b,0x06,0xac,0x4e,0xd4
305 static const unsigned char other[] = {
306 0x34,0x8a,0x37,0xa2,0x7e,0xf1,0x28,0x2f,0x5f,0x02,0x0d,0xcc
308 static const unsigned char salt[] = {
309 0x36,0x38,0x27,0x1c,0xcd,0x68,0xa2,0x5d,0xc2,0x4e,0xcd,0xdd,0x39,0xef,
312 static const unsigned char expected[sizeof(out)] = {
313 0xe9,0xc1,0x84,0x53,0xa0,0x62,0xb5,0x3b,0xdb,0xfc,0xbb,0x5a,0x34,0xbd,
314 0xb8,0xe5,0xe7,0x07,0xee,0xbb,0x5d,0xd1,0x34,0x42,0x43,0xd8,0xcf,0xc2,
315 0xc2,0xe6,0x33,0x2f,0x91,0xbd,0xa5,0x86,0xf3,0x7d,0xe4,0x8a,0x65,0xd4,
316 0xc5,0x14,0xfd,0xef,0xaa,0x1e,0x67,0x54,0xf3,0x73,0xd2,0x38,0xe1,0x95,
317 0xae,0x15,0x7e,0x1d,0xe8,0x14,0x98,0x03
321 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
322 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC,
323 OSSL_MAC_NAME_KMAC128), 0)
324 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z,
326 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
328 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
330 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC_SIZE,
332 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
333 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
335 EVP_KDF_CTX_free(kctx);
339 static int test_kdf_sshkdf(void)
343 unsigned char out[8];
344 /* Test data from NIST CAVS 14.1 test vectors */
345 static const unsigned char key[] = {
346 0x00, 0x00, 0x00, 0x81, 0x00, 0x87, 0x5c, 0x55, 0x1c, 0xef, 0x52, 0x6a,
347 0x4a, 0x8b, 0xe1, 0xa7, 0xdf, 0x27, 0xe9, 0xed, 0x35, 0x4b, 0xac, 0x9a,
348 0xfb, 0x71, 0xf5, 0x3d, 0xba, 0xe9, 0x05, 0x67, 0x9d, 0x14, 0xf9, 0xfa,
349 0xf2, 0x46, 0x9c, 0x53, 0x45, 0x7c, 0xf8, 0x0a, 0x36, 0x6b, 0xe2, 0x78,
350 0x96, 0x5b, 0xa6, 0x25, 0x52, 0x76, 0xca, 0x2d, 0x9f, 0x4a, 0x97, 0xd2,
351 0x71, 0xf7, 0x1e, 0x50, 0xd8, 0xa9, 0xec, 0x46, 0x25, 0x3a, 0x6a, 0x90,
352 0x6a, 0xc2, 0xc5, 0xe4, 0xf4, 0x8b, 0x27, 0xa6, 0x3c, 0xe0, 0x8d, 0x80,
353 0x39, 0x0a, 0x49, 0x2a, 0xa4, 0x3b, 0xad, 0x9d, 0x88, 0x2c, 0xca, 0xc2,
354 0x3d, 0xac, 0x88, 0xbc, 0xad, 0xa4, 0xb4, 0xd4, 0x26, 0xa3, 0x62, 0x08,
355 0x3d, 0xab, 0x65, 0x69, 0xc5, 0x4c, 0x22, 0x4d, 0xd2, 0xd8, 0x76, 0x43,
356 0xaa, 0x22, 0x76, 0x93, 0xe1, 0x41, 0xad, 0x16, 0x30, 0xce, 0x13, 0x14,
359 static const unsigned char xcghash[] = {
360 0x0e, 0x68, 0x3f, 0xc8, 0xa9, 0xed, 0x7c, 0x2f, 0xf0, 0x2d, 0xef, 0x23,
361 0xb2, 0x74, 0x5e, 0xbc, 0x99, 0xb2, 0x67, 0xda, 0xa8, 0x6a, 0x4a, 0xa7,
362 0x69, 0x72, 0x39, 0x08, 0x82, 0x53, 0xf6, 0x42
364 static const unsigned char sessid[] = {
365 0x0e, 0x68, 0x3f, 0xc8, 0xa9, 0xed, 0x7c, 0x2f, 0xf0, 0x2d, 0xef, 0x23,
366 0xb2, 0x74, 0x5e, 0xbc, 0x99, 0xb2, 0x67, 0xda, 0xa8, 0x6a, 0x4a, 0xa7,
367 0x69, 0x72, 0x39, 0x08, 0x82, 0x53, 0xf6, 0x42
369 static const unsigned char expected[sizeof(out)] = {
370 0x41, 0xff, 0x2e, 0xad, 0x16, 0x83, 0xf1, 0xe6
374 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF))
375 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
376 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key,
378 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
379 xcghash, sizeof(xcghash)), 0)
380 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
381 sessid, sizeof(sessid)), 0)
383 EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE,
384 (int)EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV), 0)
385 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
386 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
388 EVP_KDF_CTX_free(kctx);
392 static int test_kdf_get_kdf(void)
394 const EVP_KDF *kdf1, *kdf2;
398 TEST_ptr(obj = OBJ_nid2obj(NID_id_pbkdf2))
399 && TEST_ptr(kdf1 = EVP_get_kdfbyname(LN_id_pbkdf2))
400 && TEST_ptr(kdf2 = EVP_get_kdfbyobj(obj))
401 && TEST_ptr_eq(kdf1, kdf2)
402 && TEST_ptr(kdf1 = EVP_get_kdfbyname(SN_tls1_prf))
403 && TEST_ptr(kdf2 = EVP_get_kdfbyname(LN_tls1_prf))
404 && TEST_ptr_eq(kdf1, kdf2)
405 && TEST_ptr(kdf2 = EVP_get_kdfbynid(NID_tls1_prf))
406 && TEST_ptr_eq(kdf1, kdf2);
409 #ifndef OPENSSL_NO_CMS
410 static int test_kdf_x942_asn1(void)
413 EVP_KDF_CTX *kctx = NULL;
414 unsigned char out[24];
415 /* RFC2631 Section 2.1.6 Test data */
416 static const unsigned char z[] = {
417 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,
418 0x0e,0x0f,0x10,0x11,0x12,0x13
420 static const unsigned char expected[sizeof(out)] = {
421 0xa0,0x96,0x61,0x39,0x23,0x76,0xf7,0x04,
422 0x4d,0x90,0x52,0xa3,0x97,0x88,0x32,0x46,
423 0xb6,0x7f,0x5f,0x1e,0xf6,0x3e,0xb5,0xfb
427 TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_X942))
428 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha1()), 0)
429 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
430 && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CEK_ALG,
431 SN_id_smime_alg_CMS3DESwrap), 0)
432 && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
433 && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
435 EVP_KDF_CTX_free(kctx);
438 #endif /* OPENSSL_NO_CMS */
440 int setup_tests(void)
442 ADD_TEST(test_kdf_get_kdf);
443 ADD_TEST(test_kdf_tls1_prf);
444 ADD_TEST(test_kdf_hkdf);
445 ADD_TEST(test_kdf_pbkdf2);
446 #ifndef OPENSSL_NO_SCRYPT
447 ADD_TEST(test_kdf_scrypt);
449 ADD_TEST(test_kdf_ss_hash);
450 ADD_TEST(test_kdf_ss_hmac);
451 ADD_TEST(test_kdf_ss_kmac);
452 ADD_TEST(test_kdf_sshkdf);
453 ADD_TEST(test_kdf_x963);
454 #ifndef OPENSSL_NO_CMS
455 ADD_TEST(test_kdf_x942_asn1);