The branch master has been updated via 10d5b415f9e973f44f18eeaf2713868ec813e1d7 (commit) via ca55d70be031746daddd8bd0611db54ed81f1737 (commit) from ecc347f5f53a9f2edc2805d50cba07db64267e8a (commit)
- Log ----------------------------------------------------------------- commit 10d5b415f9e973f44f18eeaf2713868ec813e1d7 Author: Matt Caswell <m...@openssl.org> Date: Fri Oct 26 12:45:27 2018 +0100 Add a test where we reuse the EVP_PKEY_CTX for two HKDF test runs Reviewed-by: Tim Hudson <t...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7501) commit ca55d70be031746daddd8bd0611db54ed81f1737 Author: Matt Caswell <m...@openssl.org> Date: Fri Oct 26 12:19:43 2018 +0100 Reset the HKDF state between operations Fixes #7497 Reviewed-by: Tim Hudson <t...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7501) ----------------------------------------------------------------------- Summary of changes: crypto/kdf/hkdf.c | 14 +++++++++++++- test/evp_extra_test.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c index ec6090a..ae46fad 100644 --- a/crypto/kdf/hkdf.c +++ b/crypto/kdf/hkdf.c @@ -175,6 +175,18 @@ static int pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, return -2; } +static int pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx) +{ + HKDF_PKEY_CTX *kctx = ctx->data; + + OPENSSL_clear_free(kctx->key, kctx->key_len); + OPENSSL_clear_free(kctx->salt, kctx->salt_len); + OPENSSL_cleanse(kctx->info, kctx->info_len); + memset(kctx, 0, sizeof(*kctx)); + + return 1; +} + static int pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) { @@ -236,7 +248,7 @@ const EVP_PKEY_METHOD hkdf_pkey_meth = { 0, 0, - 0, + pkey_hkdf_derive_init, pkey_hkdf_derive, pkey_hkdf_ctrl, pkey_hkdf_ctrl_str diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 7b847ee..e396b07 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -17,6 +17,7 @@ #include <openssl/rsa.h> #include <openssl/x509.h> #include <openssl/pem.h> +#include <openssl/kdf.h> #include "testutil.h" #include "internal/nelem.h" #include "internal/evp_int.h" @@ -918,6 +919,50 @@ static int test_EVP_PKEY_check(int i) return ret; } +static int test_HKDF(void) +{ + EVP_PKEY_CTX *pctx; + unsigned char out[20]; + size_t outlen; + int i, ret = 0; + unsigned char salt[] = "0123456789"; + unsigned char key[] = "012345678901234567890123456789"; + unsigned char info[] = "infostring"; + const unsigned char expected[] = { + 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5, + 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca + }; + size_t expectedlen = sizeof(expected); + + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL))) + goto done; + + /* We do this twice to test reuse of the EVP_PKEY_CTX */ + for (i = 0; i < 2; i++) { + outlen = sizeof(out); + memset(out, 0, outlen); + + if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, + sizeof(salt) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key, + sizeof(key) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info, + sizeof(info) - 1), 0) + || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0) + || !TEST_mem_eq(out, outlen, expected, expectedlen)) + goto done; + } + + ret = 1; + + done: + EVP_PKEY_CTX_free(pctx); + + return ret; +} + int setup_tests(void) { ADD_TEST(test_EVP_DigestSignInit); @@ -941,5 +986,6 @@ int setup_tests(void) if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1)) return 0; ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata)); + ADD_TEST(test_HKDF); return 1; } _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits