[PATCH 1/2] kdf: Restructure KDF test vectors
Milan Broz
gmazyland at gmail.com
Thu Aug 18 16:18:41 CEST 2022
* cipher/kdf.c Restructure KDF test vectors to allow easy addition
new vectors. Also remove some ugly C code like goto again.
--
Signed-off-by: Milan Broz <gmazyland at gmail.com>
---
tests/t-kdf.c | 766 +++++++++++++++++++++++---------------------------
1 file changed, 351 insertions(+), 415 deletions(-)
diff --git a/tests/t-kdf.c b/tests/t-kdf.c
index d9d57778..17402762 100644
--- a/tests/t-kdf.c
+++ b/tests/t-kdf.c
@@ -1341,10 +1341,10 @@ static gcry_error_t
my_kdf_derive (int parallel,
int algo, int subalgo,
const unsigned long *params, unsigned int paramslen,
- const unsigned char *pass, size_t passlen,
- const unsigned char *salt, size_t saltlen,
- const unsigned char *key, size_t keylen,
- const unsigned char *ad, size_t adlen,
+ const char *pass, size_t passlen,
+ const char *salt, size_t saltlen,
+ const char *key, size_t keylen,
+ const char *ad, size_t adlen,
size_t outlen, unsigned char *out)
{
gcry_error_t err;
@@ -1405,98 +1405,127 @@ my_kdf_derive (int parallel,
return err;
}
-
static void
check_argon2 (void)
{
gcry_error_t err;
- const unsigned long param[4] = { 32, 3, 32, 4 };
- const unsigned char pass[32] = {
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1
- };
- const unsigned char salt[16] = {
- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ static struct {
+ int subalgo;
+ unsigned long param[4];
+ size_t passlen;
+ const char *pass;
+ size_t saltlen;
+ const char *salt;
+ size_t keylen;
+ const char *key;
+ size_t adlen;
+ const char *ad;
+ size_t dklen;
+ const char *dk;
+ } tv[] = {
+ {
+ GCRY_KDF_ARGON2D,
+ { 32, 3, 32, 4 },
+ 32,
+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01",
+ 16,
+ "\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02",
+ 8,
+ "\x03\x03\x03\x03\x03\x03\x03\x03",
+ 12,
+ "\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04",
+ 32,
+ "\x51\x2b\x39\x1b\x6f\x11\x62\x97\x53\x71\xd3\x09\x19\x73\x42\x94"
+ "\xf8\x68\xe3\xbe\x39\x84\xf3\xc1\xa1\x3a\x4d\xb9\xfa\xbe\x4a\xcb"
+ },
+ {
+ GCRY_KDF_ARGON2I,
+ { 32, 3, 32, 4 },
+ 32,
+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01",
+ 16,
+ "\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02",
+ 8,
+ "\x03\x03\x03\x03\x03\x03\x03\x03",
+ 12,
+ "\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04",
+ 32,
+ "\xc8\x14\xd9\xd1\xdc\x7f\x37\xaa\x13\xf0\xd7\x7f\x24\x94\xbd\xa1"
+ "\xc8\xde\x6b\x01\x6d\xd3\x88\xd2\x99\x52\xa4\xc4\x67\x2b\x6c\xe8"
+ },
+ {
+ GCRY_KDF_ARGON2ID,
+ { 32, 3, 32, 4 },
+ 32,
+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01",
+ 16,
+ "\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02",
+ 8,
+ "\x03\x03\x03\x03\x03\x03\x03\x03",
+ 12,
+ "\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04\x04",
+ 32,
+ "\x0d\x64\x0d\xf5\x8d\x78\x76\x6c\x08\xc0\x37\xa3\x4a\x8b\x53\xc9"
+ "\xd0\x1e\xf0\x45\x2d\x75\xb6\x5e\xb5\x25\x20\xe9\x6b\x01\xe6\x59"
+ },
};
- const unsigned char key[8] = { 3, 3, 3, 3, 3, 3, 3, 3 };
- const unsigned char ad[12] = { 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4 };
unsigned char out[32];
- unsigned char expected[3][32] = {
- { /* GCRY_KDF_ARGON2D */
- 0x51, 0x2b, 0x39, 0x1b, 0x6f, 0x11, 0x62, 0x97,
- 0x53, 0x71, 0xd3, 0x09, 0x19, 0x73, 0x42, 0x94,
- 0xf8, 0x68, 0xe3, 0xbe, 0x39, 0x84, 0xf3, 0xc1,
- 0xa1, 0x3a, 0x4d, 0xb9, 0xfa, 0xbe, 0x4a, 0xcb
- },
- { /* GCRY_KDF_ARGON2I */
- 0xc8, 0x14, 0xd9, 0xd1, 0xdc, 0x7f, 0x37, 0xaa,
- 0x13, 0xf0, 0xd7, 0x7f, 0x24, 0x94, 0xbd, 0xa1,
- 0xc8, 0xde, 0x6b, 0x01, 0x6d, 0xd3, 0x88, 0xd2,
- 0x99, 0x52, 0xa4, 0xc4, 0x67, 0x2b, 0x6c, 0xe8
- },
- { /* GCRY_KDF_ARGON2ID */
- 0x0d, 0x64, 0x0d, 0xf5, 0x8d, 0x78, 0x76, 0x6c,
- 0x08, 0xc0, 0x37, 0xa3, 0x4a, 0x8b, 0x53, 0xc9,
- 0xd0, 0x1e, 0xf0, 0x45, 0x2d, 0x75, 0xb6, 0x5e,
- 0xb5, 0x25, 0x20, 0xe9, 0x6b, 0x01, 0xe6, 0x59
- }
- };
int i;
- int subalgo = GCRY_KDF_ARGON2D;
- int count = 0;
-
- again:
+ int count;
- if (verbose)
- fprintf (stderr, "checking ARGON2 test vector %d\n", count);
-
- err = my_kdf_derive (0,
- GCRY_KDF_ARGON2, subalgo, param, 4,
- pass, 32, salt, 16, key, 8, ad, 12,
- 32, out);
- if (err)
- fail ("argon2 test %d failed: %s\n", count*2+0, gpg_strerror (err));
- else if (memcmp (out, expected[count], 32))
- {
- fail ("argon2 test %d failed: mismatch\n", count*2+0);
- fputs ("got:", stderr);
- for (i=0; i < 32; i++)
- fprintf (stderr, " %02x", out[i]);
- putc ('\n', stderr);
- }
+ for (count = 0; count < DIM(tv); count++)
+ {
+ if (verbose)
+ fprintf (stderr, "checking ARGON2 test vector %d\n", count);
+
+ err = my_kdf_derive (0, GCRY_KDF_ARGON2,
+ tv[count].subalgo, tv[count].param, 4,
+ tv[count].pass, tv[count].passlen,
+ tv[count].salt, tv[count].saltlen,
+ tv[count].key, tv[count].keylen,
+ tv[count].ad, tv[count].adlen,
+ tv[count].dklen, out);
+ if (err)
+ fail ("argon2 test %d failed: %s\n", count*2+0, gpg_strerror (err));
+ else if (memcmp (out, tv[count].dk, tv[count].dklen))
+ {
+ fail ("argon2 test %d failed: mismatch\n", count*2+0);
+ fputs ("got:", stderr);
+ for (i=0; i < tv[count].dklen; i++)
+ fprintf (stderr, " %02x", out[i]);
+ putc ('\n', stderr);
+ }
#ifdef HAVE_PTHREAD
- err = my_kdf_derive (1,
- GCRY_KDF_ARGON2, subalgo, param, 4,
- pass, 32, salt, 16, key, 8, ad, 12,
- 32, out);
- if (err)
- fail ("argon2 test %d failed: %s\n", count*2+1, gpg_strerror (err));
- else if (memcmp (out, expected[count], 32))
- {
- fail ("argon2 test %d failed: mismatch\n", count*2+1);
- fputs ("got:", stderr);
- for (i=0; i < 32; i++)
- fprintf (stderr, " %02x", out[i]);
- putc ('\n', stderr);
- }
+ err = my_kdf_derive (1, GCRY_KDF_ARGON2,
+ tv[count].subalgo, tv[count].param, 4,
+ tv[count].pass, tv[count].passlen,
+ tv[count].salt, tv[count].saltlen,
+ tv[count].key, tv[count].keylen,
+ tv[count].ad, tv[count].adlen,
+ tv[count].dklen, out);
+ if (err)
+ fail ("argon2 test %d failed: %s\n", count*2+1, gpg_strerror (err));
+ else if (memcmp (out, tv[count].dk, tv[count].dklen))
+ {
+ fail ("argon2 test %d failed: mismatch\n", count*2+1);
+ fputs ("got:", stderr);
+ for (i=0; i < tv[count].dklen; i++)
+ fprintf (stderr, " %02x", out[i]);
+ putc ('\n', stderr);
+ }
#endif
-
- /* Next algo */
- if (subalgo == GCRY_KDF_ARGON2D)
- subalgo = GCRY_KDF_ARGON2I;
- else if (subalgo == GCRY_KDF_ARGON2I)
- subalgo = GCRY_KDF_ARGON2ID;
-
- count++;
- if (count < 3)
- goto again;
+ }
}
static void
check_balloon (void)
{
+ gcry_error_t err;
/* Two test vectors generated by the research prototype implementation.
$ balloon abcdefghijklmno
t_cost = 1
@@ -1519,91 +1548,84 @@ check_balloon (void)
$8Yor74EqTwBrrdaeYeSVx0VXVAgDrsILAnJWdVUy93s=
$FaNb9ofeWEggzhW9BUSODgZH5/awzNz5Adoub48+BgQ=
*/
- gcry_error_t err;
- const unsigned long param[2][4] = {
- { 1024, 1, 1 },
- { 4096, 12, 4 }
- };
- const unsigned char *pass[2] = {
- (const unsigned char *)"abcdefghijklmno",
- (const unsigned char *)"Long_sentence_used_as_passphrase"
- };
- const unsigned char salt[2][32] = {
- {
- 0x15, 0x1c, 0xea, 0x3a, 0x22, 0x2e, 0x3e, 0xfb,
- 0xa8, 0xcb, 0x9e, 0x6f, 0x19, 0xf2, 0xb3, 0xca,
- 0xc7, 0xbe, 0xd9, 0xfd, 0xbc, 0x17, 0xb9, 0xbd,
- 0x88, 0x51, 0xc2, 0x72, 0xd9, 0xc4, 0x07, 0x08
- },
- {
- 0xf1, 0x8a, 0x2b, 0xef, 0x81, 0x2a, 0x4f, 0x00,
- 0x6b, 0xad, 0xd6, 0x9e, 0x61, 0xe4, 0x95, 0xc7,
- 0x45, 0x57, 0x54, 0x08, 0x03, 0xae, 0xc2, 0x0b,
- 0x02, 0x72, 0x56, 0x75, 0x55, 0x32, 0xf7, 0x7b
- }
- };
- const unsigned char expected[2][32] = {
+ static struct {
+ int subalgo;
+ unsigned long param[3];
+ size_t passlen;
+ const char *pass;
+ size_t saltlen;
+ const char *salt;
+ size_t dklen;
+ const char *dk;
+ } tv[] = {
{
- 0x37, 0x13, 0x86, 0x34, 0xfc, 0x93, 0x3d, 0x9c,
- 0xca, 0x88, 0x98, 0xe0, 0x8f, 0xb1, 0xfa, 0xa4,
- 0x90, 0xcb, 0x22, 0x04, 0x74, 0xe4, 0x72, 0x3b,
- 0x55, 0xac, 0x49, 0xa7, 0x11, 0x1a, 0xa3, 0x94
+ GCRY_MD_SHA256,
+ { 1024, 1, 1 },
+ 15,
+ "abcdefghijklmno",
+ 32,
+ "\x15\x1c\xea\x3a\x22\x2e\x3e\xfb\xa8\xcb\x9e\x6f\x19\xf2\xb3\xca"
+ "\xc7\xbe\xd9\xfd\xbc\x17\xb9\xbd\x88\x51\xc2\x72\xd9\xc4\x07\x08",
+ 32,
+ "\x37\x13\x86\x34\xfc\x93\x3d\x9c\xca\x88\x98\xe0\x8f\xb1\xfa\xa4"
+ "\x90\xcb\x22\x04\x74\xe4\x72\x3b\x55\xac\x49\xa7\x11\x1a\xa3\x94"
},
{
- 0x15, 0xa3, 0x5b, 0xf6, 0x87, 0xde, 0x58, 0x48,
- 0x20, 0xce, 0x15, 0xbd, 0x05, 0x44, 0x8e, 0x0e,
- 0x06, 0x47, 0xe7, 0xf6, 0xb0, 0xcc, 0xdc, 0xf9,
- 0x01, 0xda, 0x2e, 0x6f, 0x8f, 0x3e, 0x06, 0x04
+ GCRY_MD_SHA256,
+ { 4096, 12, 4 },
+ 32,
+ "Long_sentence_used_as_passphrase",
+ 32,
+ "\xf1\x8a\x2b\xef\x81\x2a\x4f\x00\x6b\xad\xd6\x9e\x61\xe4\x95\xc7"
+ "\x45\x57\x54\x08\x03\xae\xc2\x0b\x02\x72\x56\x75\x55\x32\xf7\x7b",
+ 32,
+ "\x15\xa3\x5b\xf6\x87\xde\x58\x48\x20\xce\x15\xbd\x05\x44\x8e\x0e"
+ "\x06\x47\xe7\xf6\xb0\xcc\xdc\xf9\x01\xda\x2e\x6f\x8f\x3e\x06\x04"
}
};
unsigned char out[32];
int i;
- int subalgo = GCRY_MD_SHA256;
- int count = 0;
-
- again:
+ int count;
- if (verbose)
- fprintf (stderr, "checking Balloon test vector %d\n", count);
+ for (count = 0; count < DIM(tv); count++)
+ {
+ if (verbose)
+ fprintf (stderr, "checking Balloon test vector %d\n", count);
- err = my_kdf_derive (0,
- GCRY_KDF_BALLOON, subalgo, param[count], 3,
- pass[count], strlen ((char *)pass[count]),
- salt[count], 32, NULL, 0, NULL, 0,
- 32, out);
- if (err)
- fail ("balloon test %d failed: %s\n", count*2+0, gpg_strerror (err));
- else if (memcmp (out, expected[count], 32))
- {
- fail ("balloon test %d failed: mismatch\n", count*2+0);
- fputs ("got:", stderr);
- for (i=0; i < 32; i++)
- fprintf (stderr, " %02x", out[i]);
- putc ('\n', stderr);
- }
+ err = my_kdf_derive (0, GCRY_KDF_BALLOON,
+ tv[count].subalgo, tv[count].param, 3,
+ tv[count].pass, tv[count].passlen,
+ tv[count].salt, tv[count].saltlen,
+ NULL, 0, NULL, 0, tv[count].dklen, out);
+ if (err)
+ fail ("balloon test %d failed: %s\n", count*2+0, gpg_strerror (err));
+ else if (memcmp (out, tv[count].dk, tv[count].dklen))
+ {
+ fail ("balloon test %d failed: mismatch\n", count*2+0);
+ fputs ("got:", stderr);
+ for (i=0; i < tv[count].dklen; i++)
+ fprintf (stderr, " %02x", out[i]);
+ putc ('\n', stderr);
+ }
#ifdef HAVE_PTHREAD
- err = my_kdf_derive (1,
- GCRY_KDF_BALLOON, subalgo, param[count], 3,
- pass[count], strlen ((char *)pass[count]),
- salt[count], 32, NULL, 0, NULL, 0,
- 32, out);
- if (err)
- fail ("balloon test %d failed: %s\n", count*2+1, gpg_strerror (err));
- else if (memcmp (out, expected[count], 32))
- {
- fail ("balloon test %d failed: mismatch\n", count*2+1);
- fputs ("got:", stderr);
- for (i=0; i < 32; i++)
- fprintf (stderr, " %02x", out[i]);
- putc ('\n', stderr);
- }
+ err = my_kdf_derive (1, GCRY_KDF_BALLOON,
+ tv[count].subalgo, tv[count].param, 3,
+ tv[count].pass, tv[count].passlen,
+ tv[count].salt, tv[count].saltlen,
+ NULL, 0, NULL, 0, tv[count].dklen, out);
+ if (err)
+ fail ("balloon test %d failed: %s\n", count*2+1, gpg_strerror (err));
+ else if (memcmp (out, tv[count].dk, tv[count].dklen))
+ {
+ fail ("balloon test %d failed: mismatch\n", count*2+1);
+ fputs ("got:", stderr);
+ for (i=0; i < tv[count].dklen; i++)
+ fprintf (stderr, " %02x", out[i]);
+ putc ('\n', stderr);
+ }
#endif
-
- /* Next test vector */
- count++;
- if (count < 2)
- goto again;
+ }
}
@@ -1611,128 +1633,103 @@ static void
check_onestep_kdf (void)
{
gcry_error_t err;
- const unsigned long param[4] = { 38, 68, 44, 56 };
- unsigned char out[68];
- const unsigned char input[4][16] = {
- {
- 0x3f, 0x89, 0x2b, 0xd8, 0xb8, 0x4d, 0xae, 0x64,
- 0xa7, 0x82, 0xa3, 0x5f, 0x6e, 0xaa, 0x8f, 0x00
- },
- {
- 0xe6, 0x5b, 0x19, 0x05, 0x87, 0x8b, 0x95, 0xf6,
- 0x8b, 0x55, 0x35, 0xbd, 0x3b, 0x2b, 0x10, 0x13
- },
- {
- 0x02, 0xb4, 0x0d, 0x33, 0xe3, 0xf6, 0x85, 0xae,
- 0xae, 0x67, 0x7a, 0xc3, 0x44, 0xee, 0xaf, 0x77
- },
- {
- 0x8e, 0x5c, 0xd5, 0xf6, 0xae, 0x55, 0x8f, 0xfa,
- 0x04, 0xcd, 0xa2, 0xfa, 0xd9, 0x4d, 0xd6, 0x16
- }
- };
- const unsigned char other[4][12] = {
- {
- 0xec, 0x3f, 0x1c, 0xd8, 0x73, 0xd2, 0x88, 0x58,
- 0xa5, 0x8c, 0xc3, 0x9e
- },
+ static struct {
+ int algo;
+ int subalgo;
+ unsigned long param[1];
+ size_t inputlen;
+ const char *input;
+ size_t otherlen;
+ const char *other;
+ size_t keylen;
+ const char *key;
+ size_t dklen;
+ const char *dk;
+ } tv[] = {
{
- 0x83, 0x02, 0x21, 0xb1, 0x73, 0x0d, 0x91, 0x76,
- 0xf8, 0x07, 0xd4, 0x07
+ GCRY_KDF_ONESTEP_KDF, GCRY_MD_SHA256,
+ { 38 },
+ 16,
+ "\x3f\x89\x2b\xd8\xb8\x4d\xae\x64\xa7\x82\xa3\x5f\x6e\xaa\x8f\x00",
+ 12,
+ "\xec\x3f\x1c\xd8\x73\xd2\x88\x58\xa5\x8c\xc3\x9e",
+ 0, NULL,
+ 38,
+ "\xa7\xc0\x66\x52\x98\x25\x25\x31\xe0\xdb\x37\x73\x7a\x37\x46\x51"
+ "\xb3\x68\x27\x5f\x20\x48\x28\x4d\x16\xa1\x66\xc6\xd8\xa9\x0a\x91"
+ "\xa4\x91\xc1\x6f\x49\x64"
+ },
+ {
+ GCRY_KDF_ONESTEP_KDF, GCRY_MD_SHA512,
+ { 68 },
+ 16,
+ "\xe6\x5b\x19\x05\x87\x8b\x95\xf6\x8b\x55\x35\xbd\x3b\x2b\x10\x13",
+ 12,
+ "\x83\x02\x21\xb1\x73\x0d\x91\x76\xf8\x07\xd4\x07",
+ 0, NULL,
+ 68,
+ "\xb8\xc4\x4b\xdf\x0b\x85\xa6\x4b\x6a\x51\xc1\x2a\x06\x71\x0e\x37"
+ "\x3d\x82\x9b\xb1\xfd\xa5\xb4\xe1\xa2\x07\x95\xc6\x19\x95\x94\xf6"
+ "\xfa\x65\x19\x8a\x72\x12\x57\xf7\xd5\x8c\xb2\xf6\xf6\xdb\x9b\xb5"
+ "\x69\x9f\x73\x86\x30\x45\x90\x90\x54\xb2\x38\x9e\x06\xec\x00\xfe"
+ "\x31\x8c\xab\xd9"
+ },
+ {
+ GCRY_KDF_ONESTEP_KDF_MAC, GCRY_MAC_HMAC_SHA256,
+ { 44 },
+ 16,
+ "\x02\xb4\x0d\x33\xe3\xf6\x85\xae\xae\x67\x7a\xc3\x44\xee\xaf\x77",
+ 12,
+ "\xc6\x7c\x38\x95\x80\x12\x8f\x18\xf6\xcf\x85\x92",
+ 16,
+ "\x0a\xd5\x2c\x93\x57\xc8\x5e\x47\x81\x29\x6a\x36\xca\x72\x03\x9c",
+ 44,
+ "\xbe\x32\xe7\xd3\x06\xd8\x91\x02\x8b\xe0\x88\xf2\x13\xf9\xf9\x47"
+ "\xc5\x04\x20\xd9\xb5\xa1\x2c\xa6\x98\x18\xdd\x99\x95\xde\xdd\x8e"
+ "\x61\x37\xc7\x10\x4d\x67\xf2\xca\x90\x91\x5d\xda"
},
{
- 0xc6, 0x7c, 0x38, 0x95, 0x80, 0x12, 0x8f, 0x18,
- 0xf6, 0xcf, 0x85, 0x92
+ GCRY_KDF_ONESTEP_KDF_MAC, GCRY_MAC_HMAC_SHA512,
+ { 56 },
+ 16,
+ "\x8e\x5c\xd5\xf6\xae\x55\x8f\xfa\x04\xcd\xa2\xfa\xd9\x4d\xd6\x16",
+ 12,
+ "\x4a\x43\x30\x18\xe5\x1c\x09\xbb\xd6\x13\x26\xbb",
+ 16,
+ "\x6e\xd9\x3b\x6f\xe5\xb3\x50\x2b\xb4\x2b\x4c\x0f\xcb\x13\x36\x62",
+ 56,
+ "\x29\x5d\xfb\xeb\x54\xec\x0f\xe2\x4e\xce\x32\xf5\xb8\x7c\x85\x3e"
+ "\x69\x9a\x62\xe3\x9d\x9c\x9e\xe6\xee\x78\xf8\xb9\xa0\xee\x50\xa3"
+ "\x6a\x82\xe6\x06\x2c\x95\xed\x53\xbc\x36\x67\x00\xe2\xd0\xe0\x93"
+ "\xbf\x75\x2e\xea\x42\x99\x47\x2e"
},
- {
- 0x4a, 0x43, 0x30, 0x18, 0xe5, 0x1c, 0x09, 0xbb,
- 0xd6, 0x13, 0x26, 0xbb
- }
- };
- const unsigned char key0[16] = {
- 0x0a, 0xd5, 0x2c, 0x93, 0x57, 0xc8, 0x5e, 0x47,
- 0x81, 0x29, 0x6a, 0x36, 0xca, 0x72, 0x03, 0x9c
- };
- const unsigned char key1[16] = {
- 0x6e, 0xd9, 0x3b, 0x6f, 0xe5, 0xb3, 0x50, 0x2b,
- 0xb4, 0x2b, 0x4c, 0x0f, 0xcb, 0x13, 0x36, 0x62
- };
- const unsigned char *key[4] = {
- NULL, NULL, key0, key1
- };
- const unsigned char expected[4][68] = {
- {
- 0xa7, 0xc0, 0x66, 0x52, 0x98, 0x25, 0x25, 0x31,
- 0xe0, 0xdb, 0x37, 0x73, 0x7a, 0x37, 0x46, 0x51,
- 0xb3, 0x68, 0x27, 0x5f, 0x20, 0x48, 0x28, 0x4d,
- 0x16, 0xa1, 0x66, 0xc6, 0xd8, 0xa9, 0x0a, 0x91,
- 0xa4, 0x91, 0xc1, 0x6f, 0x49, 0x64
- },
- {
- 0xb8, 0xc4, 0x4b, 0xdf, 0x0b, 0x85, 0xa6, 0x4b,
- 0x6a, 0x51, 0xc1, 0x2a, 0x06, 0x71, 0x0e, 0x37,
- 0x3d, 0x82, 0x9b, 0xb1, 0xfd, 0xa5, 0xb4, 0xe1,
- 0xa2, 0x07, 0x95, 0xc6, 0x19, 0x95, 0x94, 0xf6,
- 0xfa, 0x65, 0x19, 0x8a, 0x72, 0x12, 0x57, 0xf7,
- 0xd5, 0x8c, 0xb2, 0xf6, 0xf6, 0xdb, 0x9b, 0xb5,
- 0x69, 0x9f, 0x73, 0x86, 0x30, 0x45, 0x90, 0x90,
- 0x54, 0xb2, 0x38, 0x9e, 0x06, 0xec, 0x00, 0xfe,
- 0x31, 0x8c, 0xab, 0xd9
- },
- {
- 0xbe, 0x32, 0xe7, 0xd3, 0x06, 0xd8, 0x91, 0x02,
- 0x8b, 0xe0, 0x88, 0xf2, 0x13, 0xf9, 0xf9, 0x47,
- 0xc5, 0x04, 0x20, 0xd9, 0xb5, 0xa1, 0x2c, 0xa6,
- 0x98, 0x18, 0xdd, 0x99, 0x95, 0xde, 0xdd, 0x8e,
- 0x61, 0x37, 0xc7, 0x10, 0x4d, 0x67, 0xf2, 0xca,
- 0x90, 0x91, 0x5d, 0xda
- },
- {
- 0x29, 0x5d, 0xfb, 0xeb, 0x54, 0xec, 0x0f, 0xe2,
- 0x4e, 0xce, 0x32, 0xf5, 0xb8, 0x7c, 0x85, 0x3e,
- 0x69, 0x9a, 0x62, 0xe3, 0x9d, 0x9c, 0x9e, 0xe6,
- 0xee, 0x78, 0xf8, 0xb9, 0xa0, 0xee, 0x50, 0xa3,
- 0x6a, 0x82, 0xe6, 0x06, 0x2c, 0x95, 0xed, 0x53,
- 0xbc, 0x36, 0x67, 0x00, 0xe2, 0xd0, 0xe0, 0x93,
- 0xbf, 0x75, 0x2e, 0xea, 0x42, 0x99, 0x47, 0x2e
- }
};
+ unsigned char out[68];
int i;
- int algo[4] = {
- GCRY_MD_SHA256, GCRY_MD_SHA512,
- GCRY_MAC_HMAC_SHA256, GCRY_MAC_HMAC_SHA512,
- };
- int count = 0;
-
- again:
+ int count;
- if (verbose)
- fprintf (stderr, "checking OneStepKDF test vector %d\n", count);
-
- err = my_kdf_derive (0,
- count < 2 ? GCRY_KDF_ONESTEP_KDF
- : GCRY_KDF_ONESTEP_KDF_MAC,
- algo[count], ¶m[count], 1,
- input[count], 16, NULL, 0,
- key[count],
- key[count] == NULL? 0 : 16,
- other[count], 12,
- param[count], out);
- if (err)
- fail ("OneStepKDF test %d failed: %s\n", count, gpg_strerror (err));
- else if (memcmp (out, expected[count], param[count]))
- {
- fail ("OneStepKDF test %d failed: mismatch\n", count);
- fputs ("got:", stderr);
- for (i=0; i < param[count]; i++)
- fprintf (stderr, " %02x", out[i]);
- putc ('\n', stderr);
+ for (count = 0; count < DIM(tv); count++)
+ {
+ if (verbose)
+ fprintf (stderr, "checking OneStepKDF test vector %d\n", count);
+
+ err = my_kdf_derive (0, tv[count].algo, tv[count].subalgo,
+ tv[count].param, 1,
+ tv[count].input, tv[count].inputlen, NULL, 0,
+ tv[count].key, tv[count].keylen,
+ tv[count].other, tv[count].otherlen,
+ tv[count].dklen, out);
+ if (err)
+ fail ("OneStepKDF test %d failed: %s\n", count, gpg_strerror (err));
+ else if (memcmp (out, tv[count].dk, tv[count].dklen))
+ {
+ fail ("OneStepKDF test %d failed: mismatch\n", count);
+ fputs ("got:", stderr);
+ for (i=0; i < tv[count].dklen; i++)
+ fprintf (stderr, " %02x", out[i]);
+ putc ('\n', stderr);
+ }
}
-
- /* Next test vector */
- count++;
- if (count < 4)
- goto again;
}
@@ -1740,159 +1737,98 @@ static void
check_hkdf (void)
{
gcry_error_t err;
- unsigned long param[1];
- unsigned char out[82];
- const unsigned char input0[] = {
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
- };
- const unsigned char input1[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
- 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
- 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
- 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
- 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
- 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
- 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
- 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
- };
- const unsigned char salt0[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c
- };
- const unsigned char salt1[] = {
- 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
- 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
- 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
- 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
- 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
- 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
- 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
- 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
- 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
- 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf
- };
- const unsigned char info0[] = {
- 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
- 0xf8, 0xf9
- };
- const unsigned char info1[] = {
- 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
- 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
- 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
- 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
- 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
- 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
- 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
- 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
- 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
- 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
- };
- const unsigned char expected0[] = {
- 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
- 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
- 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
- 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
- 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
- 0x58, 0x65
- };
- const unsigned char expected1[] = {
- 0xb1, 0x1e, 0x39, 0x8d, 0xc8, 0x03, 0x27, 0xa1,
- 0xc8, 0xe7, 0xf7, 0x8c, 0x59, 0x6a, 0x49, 0x34,
- 0x4f, 0x01, 0x2e, 0xda, 0x2d, 0x4e, 0xfa, 0xd8,
- 0xa0, 0x50, 0xcc, 0x4c, 0x19, 0xaf, 0xa9, 0x7c,
- 0x59, 0x04, 0x5a, 0x99, 0xca, 0xc7, 0x82, 0x72,
- 0x71, 0xcb, 0x41, 0xc6, 0x5e, 0x59, 0x0e, 0x09,
- 0xda, 0x32, 0x75, 0x60, 0x0c, 0x2f, 0x09, 0xb8,
- 0x36, 0x77, 0x93, 0xa9, 0xac, 0xa3, 0xdb, 0x71,
- 0xcc, 0x30, 0xc5, 0x81, 0x79, 0xec, 0x3e, 0x87,
- 0xc1, 0x4c, 0x01, 0xd5, 0xc1, 0xf3, 0x43, 0x4f,
- 0x1d, 0x87
- };
- const unsigned char expected2[] = {
- 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f,
- 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31,
- 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e,
- 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d,
- 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a,
- 0x96, 0xc8
+ static struct {
+ unsigned long param[1];
+ size_t inputlen;
+ const char *input;
+ size_t saltlen;
+ const char *salt;
+ size_t infolen;
+ const char *info;
+ size_t dklen;
+ const char *dk;
+ } tv[] = {
+ {
+ { 42 },
+ 22,
+ "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+ "\x0b\x0b\x0b\x0b\x0b\x0b",
+ 13,
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c",
+ 10,
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9",
+ 42,
+ "\x3c\xb2\x5f\x25\xfa\xac\xd5\x7a\x90\x43\x4f\x64\xd0\x36\x2f\x2a"
+ "\x2d\x2d\x0a\x90\xcf\x1a\x5a\x4c\x5d\xb0\x2d\x56\xec\xc4\xc5\xbf"
+ "\x34\x00\x72\x08\xd5\xb8\x87\x18\x58\x65"
+ },
+ {
+ { 82 },
+ 80,
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f",
+ 80,
+ "\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf",
+ 80,
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ 82,
+ "\xb1\x1e\x39\x8d\xc8\x03\x27\xa1\xc8\xe7\xf7\x8c\x59\x6a\x49\x34"
+ "\x4f\x01\x2e\xda\x2d\x4e\xfa\xd8\xa0\x50\xcc\x4c\x19\xaf\xa9\x7c"
+ "\x59\x04\x5a\x99\xca\xc7\x82\x72\x71\xcb\x41\xc6\x5e\x59\x0e\x09"
+ "\xda\x32\x75\x60\x0c\x2f\x09\xb8\x36\x77\x93\xa9\xac\xa3\xdb\x71"
+ "\xcc\x30\xc5\x81\x79\xec\x3e\x87\xc1\x4c\x01\xd5\xc1\xf3\x43\x4f"
+ "\x1d\x87"
+ },
+ {
+ { 42 },
+ 22,
+ "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+ "\x0b\x0b\x0b\x0b\x0b\x0b",
+ 0, NULL,
+ 0, NULL,
+ 42,
+ "\x8d\xa4\xe7\x75\xa5\x63\xc1\x8f\x71\x5f\x80\x2a\x06\x3c\x5a\x31"
+ "\xb8\xa1\x1f\x5c\x5e\xe1\x87\x9e\xc3\x45\x4e\x5f\x3c\x73\x8d\x2d"
+ "\x9d\x20\x13\x95\xfa\xa4\xb6\x1a\x96\xc8"
+ },
};
-
+ unsigned char out[82];
int i;
- int count = 0;
- const unsigned char *input;
- const unsigned char *salt;
- const unsigned char *info;
- const unsigned char *expected;
- size_t inputlen;
- size_t saltlen;
- size_t infolen;
- size_t expectedlen;
-
- again:
-
- if (verbose)
- fprintf (stderr, "checking HKDF test vector %d\n", count);
-
- switch (count)
- {
- case 0:
- input = input0;
- inputlen = sizeof (input0);
- salt = salt0;
- saltlen = sizeof (salt0);
- info = info0;
- infolen = sizeof (info0);
- expected = expected0;
- expectedlen = sizeof (expected0);
- break;
- case 1:
- input = input1;
- inputlen = sizeof (input1);
- salt = salt1;
- saltlen = sizeof (salt1);
- info = info1;
- infolen = sizeof (info1);
- expected = expected1;
- expectedlen = sizeof (expected1);
- break;
- case 2:
- input = input0;
- inputlen = sizeof (input0);
- salt = NULL;
- saltlen = 0;
- info = NULL;
- infolen = 0;
- expected = expected2;
- expectedlen = sizeof (expected2);
- break;
- }
+ int count;
- param[0] = expectedlen;
- err = my_kdf_derive (0, GCRY_KDF_HKDF, GCRY_MAC_HMAC_SHA256,
- param, 1,
- input, inputlen, NULL, 0,
- salt, saltlen,
- info, infolen,
- expectedlen, out);
- if (err)
- fail ("HKDF test %d failed: %s\n", count, gpg_strerror (err));
- else if (memcmp (out, expected, expectedlen))
- {
- fail ("HKDF test %d failed: mismatch\n", count);
- fputs ("got:", stderr);
- for (i=0; i < expectedlen; i++)
- fprintf (stderr, " %02x", out[i]);
- putc ('\n', stderr);
+ for (count = 0; count < DIM(tv); count++)
+ {
+ if (verbose)
+ fprintf (stderr, "checking HKDF test vector %d\n", count);
+
+ err = my_kdf_derive (0, GCRY_KDF_HKDF, GCRY_MAC_HMAC_SHA256,
+ tv[count].param, 1,
+ tv[count].input, tv[count].inputlen, NULL, 0,
+ tv[count].salt, tv[count].saltlen,
+ tv[count].info, tv[count].infolen,
+ tv[count].dklen, out);
+ if (err)
+ fail ("HKDF test %d failed: %s\n", count, gpg_strerror (err));
+ else if (memcmp (out, tv[count].dk, tv[count].dklen))
+ {
+ fail ("HKDF test %d failed: mismatch\n", count);
+ fputs ("got:", stderr);
+ for (i=0; i < tv[count].dklen; i++)
+ fprintf (stderr, " %02x", out[i]);
+ putc ('\n', stderr);
+ }
}
-
- /* Next test vector */
- count++;
- if (count < 3)
- goto again;
}
static void
--
2.37.2
More information about the Gcrypt-devel
mailing list