yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 17:05:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'public/pr/1497' into development

Browse Source
This commit is contained in:
Simon Butcher 2018-06-12 16:53:04 +01:00
commit e47d6fd97e
16 changed files with 627 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -73,6 +73,10 @@ API Changes
This function is necessary to determine when it is safe to idle on the This function is necessary to determine when it is safe to idle on the
underlying transport in case event-driven IO is used. underlying transport in case event-driven IO is used.
Features
* Implement the HMAC-based extract-and-expand key derivation function
(HKDF) per RFC 5869. Contributed by Thomas Fossati.
Bugfix Bugfix
* Fix a spurious uninitialized variable warning in cmac.c. Fix independently * Fix a spurious uninitialized variable warning in cmac.c. Fix independently
contributed by Brian J Murray and David Brown. contributed by Brian J Murray and David Brown.

6
include/mbedtls/check_config.h
View File

@ -4,7 +4,7 @@
* \brief Consistency checks for configuration options * \brief Consistency checks for configuration options
*/ */
/* /*
* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may * Licensed under the Apache License, Version 2.0 (the "License"); you may
@ -191,6 +191,10 @@
#error "MBEDTLS_HAVEGE_C defined, but not all prerequisites" #error "MBEDTLS_HAVEGE_C defined, but not all prerequisites"
#endif #endif
#if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_HKDF_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C) #if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites" #error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites"
#endif #endif

17
include/mbedtls/config.h
View File

@ -8,7 +8,7 @@
* memory footprint. * memory footprint.
*/ */
/* /*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may * Licensed under the Apache License, Version 2.0 (the "License"); you may
@ -2156,6 +2156,21 @@
*/ */
//#define MBEDTLS_HAVEGE_C //#define MBEDTLS_HAVEGE_C
/**
* \def MBEDTLS_HKDF_C
*
* Enable the HKDF algorithm (RFC 5869).
*
* Module: library/hkdf.c
* Caller:
*
* Requires: MBEDTLS_MD_C
*
* This module adds support for the Hashed Message Authentication Code
* (HMAC)-based key derivation function (HKDF).
*/
#define MBEDTLS_HKDF_C
/** /**
* \def MBEDTLS_HMAC_DRBG_C * \def MBEDTLS_HMAC_DRBG_C
* *

3
include/mbedtls/error.h
View File

@ -4,7 +4,7 @@
* \brief Error to string translation * \brief Error to string translation
*/ */
/* /*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may * Licensed under the Apache License, Version 2.0 (the "License"); you may
@ -89,6 +89,7 @@
* RSA 4 11 * RSA 4 11
* ECP 4 9 (Started from top) * ECP 4 9 (Started from top)
* MD 5 5 * MD 5 5
* HKDF 5 1 (Started from top)
* CIPHER 6 8 * CIPHER 6 8
* SSL 6 17 (Started from top) * SSL 6 17 (Started from top)
* SSL 7 31 * SSL 7 31

125
include/mbedtls/hkdf.h Normal file
View File

@ -0,0 +1,125 @@
/**
* \file hkdf.h
*
* \brief This file contains the HKDF interface.
*
* The HMAC-based Extract-and-Expand Key Derivation Function (HKDF) is
* specified by RFC 5869.
*/
/*
* Copyright (C) 2016-2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
#ifndef MBEDTLS_HKDF_H
#define MBEDTLS_HKDF_H
#include "md.h"
/**
* \name HKDF Error codes
* \{
*/
#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80 /**< Bad input parameters to function. */
/* \} name */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief This is the HMAC-based Extract-and-Expand Key Derivation Function
* (HKDF).
*
* \param md A hash function; md.size denotes the length of the hash
* function output in bytes.
* \param salt An optional salt value (a non-secret random value);
* if the salt is not provided, a string of all zeros of
* md.size length is used as the salt.
* \param salt_len The length in bytes of the optional \p salt.
* \param ikm The input keying material.
* \param ikm_len The length in bytes of \p ikm.
* \param info An optional context and application specific information
* string. This can be a zero-length string.
* \param info_len The length of \p info in bytes.
* \param okm The output keying material of \p okm_len bytes.
* \param okm_len The length of the output keying material in bytes. This
* must be less than or equal to 255 * md.size bytes.
*
* \return 0 on success.
* \return #MBEDTLS_ERR_HKDF_BAD_INPUT_DATA when the parameters are invalid.
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len );
/**
* \brief Take the input keying material \p ikm and extract from it a
* fixed-length pseudorandom key \p prk.
*
* \param md A hash function; md.size denotes the length of the
* hash function output in bytes.
* \param salt An optional salt value (a non-secret random value);
* if the salt is not provided, a string of all zeros
* of md.size length is used as the salt.
* \param salt_len The length in bytes of the optional \p salt.
* \param ikm The input keying material.
* \param ikm_len The length in bytes of \p ikm.
* \param[out] prk A pseudorandom key of at least md.size bytes.
*
* \return 0 on success.
* \return #MBEDTLS_ERR_HKDF_BAD_INPUT_DATA when the parameters are invalid.
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *prk );
/**
* \brief Expand the supplied \p prk into several additional pseudorandom
* keys, which is the output of the HKDF.
*
* \param md A hash function; md.size denotes the length of the hash
* function output in bytes.
* \param prk A pseudorandom key of at least md.size bytes. \p prk is usually,
* the output from the HKDF extract step.
* \param prk_len The length in bytes of \p prk.
* \param info An optional context and application specific information
* string. This can be a zero-length string.
* \param info_len The length of \p info in bytes.
* \param okm The output keying material of \p okm_len bytes.
* \param okm_len The length of the output keying material in bytes. This
* must be less than or equal to 255 * md.size bytes.
*
* \return 0 on success.
* \return #MBEDTLS_ERR_HKDF_BAD_INPUT_DATA when the parameters are invalid.
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len );
#ifdef __cplusplus
}
#endif
#endif /* hkdf.h */

1
library/CMakeLists.txt
View File

@ -30,6 +30,7 @@ set(src_crypto
error.c error.c
gcm.c gcm.c
havege.c havege.c
hkdf.c
hmac_drbg.c hmac_drbg.c
md.c md.c
md2.c md2.c

1
library/Makefile
View File

@ -57,6 +57,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \
ecjpake.o ecp.o \ ecjpake.o ecp.o \
ecp_curves.o entropy.o entropy_poll.o \ ecp_curves.o entropy.o entropy_poll.o \
error.o gcm.o havege.o \ error.o gcm.o havege.o \
hkdf.o \
hmac_drbg.o md.o md2.o \ hmac_drbg.o md.o md2.o \
md4.o md5.o md_wrap.o \ md4.o md5.o md_wrap.o \
memory_buffer_alloc.o oid.o \ memory_buffer_alloc.o oid.o \

9
library/error.c
View File

@ -105,6 +105,10 @@
#include "mbedtls/gcm.h" #include "mbedtls/gcm.h"
#endif #endif
#if defined(MBEDTLS_HKDF_C)
#include "mbedtls/hkdf.h"
#endif
#if defined(MBEDTLS_HMAC_DRBG_C) #if defined(MBEDTLS_HMAC_DRBG_C)
#include "mbedtls/hmac_drbg.h" #include "mbedtls/hmac_drbg.h"
#endif #endif
@ -715,6 +719,11 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" ); mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" );
#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_HKDF_C)
if( use_ret == -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA) )
mbedtls_snprintf( buf, buflen, "HKDF - Bad input parameters to function" );
#endif /* MBEDTLS_HKDF_C */
#if defined(MBEDTLS_HMAC_DRBG_C) #if defined(MBEDTLS_HMAC_DRBG_C)
if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG) ) if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG) )
mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" ); mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" );

180
library/hkdf.c Normal file
View File

@ -0,0 +1,180 @@
/*
* HKDF implementation -- RFC 5869
*
* Copyright (C) 2016-2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_HKDF_C)
#include <string.h>
#include "mbedtls/hkdf.h"
#include "mbedtls/platform_util.h"
int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len )
{
int ret;
unsigned char prk[MBEDTLS_MD_MAX_SIZE];
ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, prk );
if( ret == 0 )
{
ret = mbedtls_hkdf_expand( md, prk, mbedtls_md_get_size( md ),
info, info_len, okm, okm_len );
}
mbedtls_platform_zeroize( prk, sizeof( prk ) );
return( ret );
}
int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *prk )
{
unsigned char null_salt[MBEDTLS_MD_MAX_SIZE] = { '\0' };
if( salt == NULL )
{
size_t hash_len;
hash_len = mbedtls_md_get_size( md );
if( hash_len == 0 )
{
return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
}
salt = null_salt;
salt_len = hash_len;
}
return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) );
}
int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len )
{
size_t hash_len;
size_t where = 0;
size_t n;
size_t t_len = 0;
size_t i;
int ret = 0;
mbedtls_md_context_t ctx;
unsigned char t[MBEDTLS_MD_MAX_SIZE];
if( okm == NULL )
{
return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
}
hash_len = mbedtls_md_get_size( md );
if( prk_len < hash_len || hash_len == 0 )
{
return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
}
if( info == NULL )
{
info = (const unsigned char *) "";
info_len = 0;
}
n = okm_len / hash_len;
if( (okm_len % hash_len) != 0 )
{
n++;
}
if( n > 255 )
{
return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
}
mbedtls_md_init( &ctx );
if( (ret = mbedtls_md_setup( &ctx, md, 1) ) != 0 )
{
goto exit;
}
/* RFC 5869 Section 2.3. */
for( i = 1; i <= n; i++ )
{
size_t num_to_copy;
unsigned char c = i & 0xff;
ret = mbedtls_md_hmac_starts( &ctx, prk, prk_len );
if( ret != 0 )
{
goto exit;
}
ret = mbedtls_md_hmac_update( &ctx, t, t_len );
if( ret != 0 )
{
goto exit;
}
ret = mbedtls_md_hmac_update( &ctx, info, info_len );
if( ret != 0 )
{
goto exit;
}
/* The constant concatenated to the end of each t(n) is a single octet.
* */
ret = mbedtls_md_hmac_update( &ctx, &c, 1 );
if( ret != 0 )
{
goto exit;
}
ret = mbedtls_md_hmac_finish( &ctx, t );
if( ret != 0 )
{
goto exit;
}
num_to_copy = i != n ? hash_len : okm_len - where;
memcpy( okm + where, t, num_to_copy );
where += hash_len;
t_len = hash_len;
}
exit:
mbedtls_md_free( &ctx );
mbedtls_platform_zeroize( t, sizeof( t ) );
return( ret );
}
#endif /* MBEDTLS_HKDF_C */

3
library/version_features.c
View File

@ -588,6 +588,9 @@ static const char *features[] = {
#if defined(MBEDTLS_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
"MBEDTLS_HAVEGE_C", "MBEDTLS_HAVEGE_C",
#endif /* MBEDTLS_HAVEGE_C */ #endif /* MBEDTLS_HAVEGE_C */
#if defined(MBEDTLS_HKDF_C)
"MBEDTLS_HKDF_C",
#endif /* MBEDTLS_HKDF_C */
#if defined(MBEDTLS_HMAC_DRBG_C) #if defined(MBEDTLS_HMAC_DRBG_C)
"MBEDTLS_HMAC_DRBG_C", "MBEDTLS_HMAC_DRBG_C",
#endif /* MBEDTLS_HMAC_DRBG_C */ #endif /* MBEDTLS_HMAC_DRBG_C */

2
scripts/generate_errors.pl
View File

@ -31,7 +31,7 @@ my $error_format_file = $data_dir.'/error.fmt';
my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
CAMELLIA CCM CMAC CTR_DRBG DES CAMELLIA CCM CMAC CTR_DRBG DES
ENTROPY GCM HMAC_DRBG MD2 MD4 MD5 ENTROPY GCM HKDF HMAC_DRBG MD2 MD4 MD5
NET OID PADLOCK PBKDF2 RIPEMD160 NET OID PADLOCK PBKDF2 RIPEMD160
SHA1 SHA256 SHA512 THREADING XTEA ); SHA1 SHA256 SHA512 THREADING XTEA );
my @high_level_modules = qw( CIPHER DHM ECP MD my @high_level_modules = qw( CIPHER DHM ECP MD

1
tests/CMakeLists.txt
View File

@ -82,6 +82,7 @@ add_test_suite(gcm gcm.aes128_de)
add_test_suite(gcm gcm.aes192_de) add_test_suite(gcm gcm.aes192_de)
add_test_suite(gcm gcm.aes256_de) add_test_suite(gcm gcm.aes256_de)
add_test_suite(gcm gcm.camellia) add_test_suite(gcm gcm.camellia)
add_test_suite(hkdf)
add_test_suite(hmac_drbg hmac_drbg.misc) add_test_suite(hmac_drbg hmac_drbg.misc)
add_test_suite(hmac_drbg hmac_drbg.no_reseed) add_test_suite(hmac_drbg hmac_drbg.no_reseed)
add_test_suite(hmac_drbg hmac_drbg.nopr) add_test_suite(hmac_drbg hmac_drbg.nopr)

9
tests/Makefile
View File

@ -72,6 +72,7 @@ APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \
test_suite_gcm.aes192_en$(EXEXT) \ test_suite_gcm.aes192_en$(EXEXT) \
test_suite_gcm.aes256_en$(EXEXT) \ test_suite_gcm.aes256_en$(EXEXT) \
test_suite_gcm.camellia$(EXEXT) \ test_suite_gcm.camellia$(EXEXT) \
test_suite_hkdf$(EXEXT) \
test_suite_hmac_drbg.misc$(EXEXT) \ test_suite_hmac_drbg.misc$(EXEXT) \
test_suite_hmac_drbg.no_reseed$(EXEXT) \ test_suite_hmac_drbg.no_reseed$(EXEXT) \
test_suite_hmac_drbg.nopr$(EXEXT) \ test_suite_hmac_drbg.nopr$(EXEXT) \
@ -183,6 +184,10 @@ test_suite_gcm.camellia.c : suites/test_suite_gcm.function suites/test_suite_gcm
echo " Gen $@" echo " Gen $@"
perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.camellia perl scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.camellia
test_suite_hkdf.c : suites/test_suite_hkdf.function suites/test_suite_hkdf.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Gen $@"
perl scripts/generate_code.pl suites test_suite_hkdf test_suite_hkdf
test_suite_hmac_drbg.misc.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.misc.data scripts/generate_code.pl suites/helpers.function suites/main_test.function test_suite_hmac_drbg.misc.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.misc.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Gen $@" echo " Gen $@"
perl scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.misc perl scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.misc
@ -351,6 +356,10 @@ test_suite_gcm.camellia$(EXEXT): test_suite_gcm.camellia.c $(DEP)
echo " CC $<" echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
test_suite_hkdf$(EXEXT): test_suite_hkdf.c $(DEP)
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
test_suite_hmac_drbg.misc$(EXEXT): test_suite_hmac_drbg.misc.c $(DEP) test_suite_hmac_drbg.misc$(EXEXT): test_suite_hmac_drbg.misc.c $(DEP)
echo " CC $<" echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@

98
tests/suites/test_suite_hkdf.data Normal file
View File

@ -0,0 +1,98 @@
HKDF extract fails with hash_len of 0
test_hkdf_extract_ret:0:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA
HKDF expand fails with NULL okm
test_hkdf_expand_ret:32:32:0:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA
HKDF expand fails with hash_len of 0
test_hkdf_expand_ret:0:32:32:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA
HKDF expand fails with prk_len < hash_len
test_hkdf_expand_ret:32:16:32:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA
HKDF expand fails with okm_len / hash_len > 255
test_hkdf_expand_ret:32:32:8192:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA
HKDF RFC5869 Test Vector #1
depends_on:MBEDTLS_SHA256_C
test_hkdf:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
HKDF RFC5869 Test Vector #2
depends_on:MBEDTLS_SHA256_C
test_hkdf:6:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
HKDF RFC5869 Test Vector #3
depends_on:MBEDTLS_SHA256_C
test_hkdf:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
HKDF RFC5869 Test Vector #4
depends_on:MBEDTLS_SHA1_C
test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
HKDF RFC5869 Test Vector #5
depends_on:MBEDTLS_SHA1_C
test_hkdf:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
HKDF RFC5869 Test Vector #6
depends_on:MBEDTLS_SHA1_C
test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
HKDF RFC5869 Test Vector #7
depends_on:MBEDTLS_SHA1_C
test_hkdf:4:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
HKDF RFC5869 Test Vector #1 Extract
depends_on:MBEDTLS_SHA256_C
test_hkdf_extract:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5"
HKDF RFC5869 Test Vector #2 Extract
depends_on:MBEDTLS_SHA256_C
test_hkdf_extract:6:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244"
HKDF RFC5869 Test Vector #3 Extract
depends_on:MBEDTLS_SHA256_C
test_hkdf_extract:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04"
HKDF RFC5869 Test Vector #4 Extract
depends_on:MBEDTLS_SHA1_C
test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243"
HKDF RFC5869 Test Vector #5 Extract
depends_on:MBEDTLS_SHA1_C
test_hkdf_extract:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6"
HKDF RFC5869 Test Vector #6 Extract
depends_on:MBEDTLS_SHA1_C
test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01"
HKDF RFC5869 Test Vector #7 Extract
depends_on:MBEDTLS_SHA1_C
test_hkdf_extract:4:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd"
HKDF RFC5869 Test Vector #1 Expand
depends_on:MBEDTLS_SHA256_C
test_hkdf_expand:6:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
HKDF RFC5869 Test Vector #2 Expand
depends_on:MBEDTLS_SHA256_C
test_hkdf_expand:6:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
HKDF RFC5869 Test Vector #3 Expand
depends_on:MBEDTLS_SHA256_C
test_hkdf_expand:6:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
HKDF RFC5869 Test Vector #4 Expand
depends_on:MBEDTLS_SHA1_C
test_hkdf_expand:4:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
HKDF RFC5869 Test Vector #5 Expand
depends_on:MBEDTLS_SHA1_C
test_hkdf_expand:4:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
HKDF RFC5869 Test Vector #6 Expand
depends_on:MBEDTLS_SHA1_C
test_hkdf_expand:4:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
HKDF RFC5869 Test Vector #7 Expand
depends_on:MBEDTLS_SHA1_C
test_hkdf_expand:4:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"

170
tests/suites/test_suite_hkdf.function Normal file
View File

@ -0,0 +1,170 @@
/* BEGIN_HEADER */
#include "mbedtls/hkdf.h"
#include "mbedtls/md_internal.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_HKDF_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string,
char *hex_info_string, char *hex_okm_string )
{
int ret;
size_t ikm_len, salt_len, info_len, okm_len;
unsigned char ikm[1024] = { '\0' };
unsigned char salt[1024] = { '\0' };
unsigned char info[1024] = { '\0' };
unsigned char expected_okm[1024] = { '\0' };
unsigned char okm[1024] = { '\0' };
unsigned char okm_string[1000] = { '\0' };
const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != NULL );
ikm_len = unhexify( ikm, hex_ikm_string );
salt_len = unhexify( salt, hex_salt_string );
info_len = unhexify( info, hex_info_string );
okm_len = unhexify( expected_okm, hex_okm_string );
ret = mbedtls_hkdf( md, salt, salt_len, ikm, ikm_len, info, info_len, okm,
okm_len);
TEST_ASSERT( ret == 0 );
// Run hexify on it so that it looks nicer if the assertion fails
hexify( okm_string, okm, okm_len );
TEST_ASSERT( !strcmp( (char *)okm_string, hex_okm_string ) );
}
/* END_CASE */
/* BEGIN_CASE */
void test_hkdf_extract( int md_alg, char *hex_ikm_string,
char *hex_salt_string, char *hex_prk_string )
{
int ret;
unsigned char *ikm = NULL;
unsigned char *salt = NULL;
unsigned char *prk = NULL;
unsigned char *output_prk = NULL;
size_t ikm_len, salt_len, prk_len, output_prk_len;
const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != NULL );
output_prk_len = mbedtls_md_get_size( md );
output_prk = mbedtls_calloc( 1, output_prk_len );
ikm = unhexify_alloc( hex_ikm_string, &ikm_len );
salt = unhexify_alloc( hex_salt_string, &salt_len );
prk = unhexify_alloc( hex_prk_string, &prk_len );
TEST_ASSERT( prk_len == output_prk_len );
ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, output_prk );
TEST_ASSERT( ret == 0 );
TEST_ASSERT( !memcmp( output_prk, prk, prk_len ) );
exit:
mbedtls_free(ikm);
mbedtls_free(salt);
mbedtls_free(prk);
mbedtls_free(output_prk);
}
/* END_CASE */
/* BEGIN_CASE */
void test_hkdf_expand( int md_alg, char *hex_info_string,
char *hex_prk_string, char *hex_okm_string )
{
enum { OKM_LEN = 1024 };
int ret;
unsigned char *info = NULL;
unsigned char *prk = NULL;
unsigned char *okm = NULL;
unsigned char *output_okm = NULL;
size_t info_len, prk_len, okm_len;
const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != NULL );
output_okm = mbedtls_calloc( OKM_LEN, 1 );
prk = unhexify_alloc( hex_prk_string, &prk_len );
info = unhexify_alloc( hex_info_string, &info_len );
okm = unhexify_alloc( hex_okm_string, &okm_len );
TEST_ASSERT( prk_len == mbedtls_md_get_size( md ) );
TEST_ASSERT( okm_len < OKM_LEN );
ret = mbedtls_hkdf_expand( md, prk, prk_len, info, info_len,
output_okm, OKM_LEN );
TEST_ASSERT( ret == 0 );
TEST_ASSERT( !memcmp( output_okm, okm, okm_len ) );
exit:
mbedtls_free(info);
mbedtls_free(prk);
mbedtls_free(okm);
mbedtls_free(output_okm);
}
/* END_CASE */
/* BEGIN_CASE */
void test_hkdf_extract_ret( int hash_len, int ret )
{
int output_ret;
unsigned char *salt = NULL;
unsigned char *ikm = NULL;
unsigned char *prk = NULL;
size_t salt_len, ikm_len;
struct mbedtls_md_info_t fake_md_info;
memset( &fake_md_info, 0, sizeof( fake_md_info ) );
fake_md_info.type = MBEDTLS_MD_NONE;
fake_md_info.size = hash_len;
prk = mbedtls_calloc( MBEDTLS_MD_MAX_SIZE, 1 );
salt_len = 0;
ikm_len = 0;
output_ret = mbedtls_hkdf_extract( &fake_md_info, salt, salt_len,
ikm, ikm_len, prk );
TEST_ASSERT( output_ret == ret );
exit:
mbedtls_free(prk);
}
/* END_CASE */
/* BEGIN_CASE */
void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret )
{
int output_ret;
unsigned char *info = NULL;
unsigned char *prk = NULL;
unsigned char *okm = NULL;
size_t info_len;
struct mbedtls_md_info_t fake_md_info;
memset( &fake_md_info, 0, sizeof( fake_md_info ) );
fake_md_info.type = MBEDTLS_MD_NONE;
fake_md_info.size = hash_len;
info_len = 0;
if (prk_len > 0)
prk = mbedtls_calloc( prk_len, 1 );
if (okm_len > 0)
okm = mbedtls_calloc( okm_len, 1 );
output_ret = mbedtls_hkdf_expand( &fake_md_info, prk, prk_len,
info, info_len, okm, okm_len );
TEST_ASSERT( output_ret == ret );
exit:
mbedtls_free(prk);
mbedtls_free(okm);
}
/* END_CASE */

2
visualc/VS2010/mbedTLS.vcxproj
View File

@ -179,6 +179,7 @@
<ClInclude Include="..\..\include\mbedtls\error.h" /> <ClInclude Include="..\..\include\mbedtls\error.h" />
<ClInclude Include="..\..\include\mbedtls\gcm.h" /> <ClInclude Include="..\..\include\mbedtls\gcm.h" />
<ClInclude Include="..\..\include\mbedtls\havege.h" /> <ClInclude Include="..\..\include\mbedtls\havege.h" />
<ClInclude Include="..\..\include\mbedtls\hkdf.h" />
<ClInclude Include="..\..\include\mbedtls\hmac_drbg.h" /> <ClInclude Include="..\..\include\mbedtls\hmac_drbg.h" />
<ClInclude Include="..\..\include\mbedtls\md.h" /> <ClInclude Include="..\..\include\mbedtls\md.h" />
<ClInclude Include="..\..\include\mbedtls\md2.h" /> <ClInclude Include="..\..\include\mbedtls\md2.h" />
@ -250,6 +251,7 @@
<ClCompile Include="..\..\library\error.c" /> <ClCompile Include="..\..\library\error.c" />
<ClCompile Include="..\..\library\gcm.c" /> <ClCompile Include="..\..\library\gcm.c" />
<ClCompile Include="..\..\library\havege.c" /> <ClCompile Include="..\..\library\havege.c" />
<ClCompile Include="..\..\library\hkdf.c" />
<ClCompile Include="..\..\library\hmac_drbg.c" /> <ClCompile Include="..\..\library\hmac_drbg.c" />
<ClCompile Include="..\..\library\md.c" /> <ClCompile Include="..\..\library\md.c" />
<ClCompile Include="..\..\library\md2.c" /> <ClCompile Include="..\..\library\md2.c" />