[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Mon Aug 21 09:15:27 UTC 2017 

The branch master has been updated
       via  b73b4d73de328de73c5a74ccc53291cd86a141e9 (commit)
      from  888098304b0a77aee2d5ca5951ee5fccfeb6b1c2 (commit)


- Log -----------------------------------------------------------------
commit b73b4d73de328de73c5a74ccc53291cd86a141e9
Author: Johannes Bauer <joe at johannes-bauer.com>
Date:   Sat Aug 19 18:05:30 2017 +0200

    Add PKEY_CTX setter tests for TLS1-PRF
    
    PKEY_CTX setters tests were previously present for HKDF and scrypt; this
    patch also adds tests for the third currently supported KDF, TLS1-PRF.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4196)

-----------------------------------------------------------------------

Summary of changes:
 test/pkey_meth_kdf_test.c | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

diff --git a/test/pkey_meth_kdf_test.c b/test/pkey_meth_kdf_test.c
index c832e8e..5d4c468 100644
--- a/test/pkey_meth_kdf_test.c
+++ b/test/pkey_meth_kdf_test.c
@@ -16,6 +16,47 @@
 #include <openssl/kdf.h>
 #include "testutil.h"
 
+static int test_kdf_tls1_prf(void)
+{
+    EVP_PKEY_CTX *pctx;
+    unsigned char out[16];
+    size_t outlen = sizeof(out);
+    pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
+
+    if (EVP_PKEY_derive_init(pctx) <= 0) {
+        TEST_error("EVP_PKEY_derive_init");
+        return 0;
+    }
+    if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) {
+        TEST_error("EVP_PKEY_CTX_set_tls1_prf_md");
+        return 0;
+    }
+    if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0) {
+        TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret");
+        return 0;
+    }
+    if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0) {
+        TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed");
+        return 0;
+    }
+    if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) {
+        TEST_error("EVP_PKEY_derive");
+        return 0;
+    }
+
+    {
+        const unsigned char expected[sizeof(out)] = {
+            0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
+            0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
+        };
+        if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) {
+            return 0;
+        }
+    }
+    EVP_PKEY_CTX_free(pctx);
+    return 1;
+}
+
 static int test_kdf_hkdf(void)
 {
     EVP_PKEY_CTX *pctx;
@@ -131,6 +172,7 @@ static int test_kdf_scrypt(void)
 
 int setup_tests()
 {
+    ADD_TEST(test_kdf_tls1_prf);
     ADD_TEST(test_kdf_hkdf);
 #ifndef OPENSSL_NO_SCRYPT
     ADD_TEST(test_kdf_scrypt);

More information about the openssl-commits mailing list