1//
2//  CommonHKDF.c
3//  CommonCrypto
4//
5//	Copyright 2014 Apple Inc. All rights reserved.
6//
7
8#include "CCCryptorTestFuncs.h"
9#include "testbyteBuffer.h"
10#include "testmore.h"
11
12#if (CCHKDFTEST == 0)
13entryPoint(CommonHKDF,"CommonHKDF test")
14#else
15#include <CommonCrypto/CommonKeyDerivationSPI.h>
16
17#define type_sha1		1
18#define type_sha256		256
19#define type_sha512		512
20
21typedef struct {
22	int					type;
23	const char *		ikm;
24	const char *		salt;
25	const char *		info;
26	size_t				len;
27	const char *		okm;
28} test_vector_t;
29
30static const test_vector_t	hkdf_sha256_tests[] = {
31	// RFC 5869 Test Case 1
32	{
33	/* Type */	type_sha256,
34	/* IKM */	"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
35	/* Salt */	"000102030405060708090a0b0c",
36	/* Info */	"f0f1f2f3f4f5f6f7f8f9",
37	/* Len */	42,
38	/* OKM */	"3cb25f25faacd57a90434f64d0362f2a"
39				"2d2d0a90cf1a5a4c5db02d56ecc4c5bf"
40				"34007208d5b887185865"
41	},
42	// RFC 5869 Test Case 2
43	{
44	/* Type */	type_sha256,
45	/* IKM */	"000102030405060708090a0b0c0d0e0f"
46				"101112131415161718191a1b1c1d1e1f"
47				"202122232425262728292a2b2c2d2e2f"
48				"303132333435363738393a3b3c3d3e3f"
49				"404142434445464748494a4b4c4d4e4f",
50	/* Salt */	"606162636465666768696a6b6c6d6e6f"
51				"707172737475767778797a7b7c7d7e7f"
52				"808182838485868788898a8b8c8d8e8f"
53				"909192939495969798999a9b9c9d9e9f"
54				"a0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
55	/* Info */	"b0b1b2b3b4b5b6b7b8b9babbbcbdbebf"
56				"c0c1c2c3c4c5c6c7c8c9cacbcccdcecf"
57				"d0d1d2d3d4d5d6d7d8d9dadbdcdddedf"
58				"e0e1e2e3e4e5e6e7e8e9eaebecedeeef"
59				"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
60	/* Len */	82,
61	/* OKM */	"b11e398dc80327a1c8e7f78c596a4934"
62				"4f012eda2d4efad8a050cc4c19afa97c"
63				"59045a99cac7827271cb41c65e590e09"
64				"da3275600c2f09b8367793a9aca3db71"
65				"cc30c58179ec3e87c14c01d5c1f3434f"
66				"1d87"
67	},
68	// RFC 5869 Test Case 3
69	{
70	/* Type */	type_sha256,
71	/* IKM */	"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
72	/* Salt */	"",
73	/* Info */	"",
74	/* Len */	42,
75	/* OKM */	"8da4e775a563c18f715f802a063c5a31"
76				"b8a11f5c5ee1879ec3454e5f3c738d2d"
77				"9d201395faa4b61a96c8"
78	},
79	// RFC 5869 Test Case 4
80	{
81	/* Type */	type_sha1,
82	/* IKM */	"0b0b0b0b0b0b0b0b0b0b0b",
83	/* Salt */	"000102030405060708090a0b0c",
84	/* Info */	"f0f1f2f3f4f5f6f7f8f9",
85	/* Len */	42,
86	/* OKM */	"085a01ea1b10f36933068b56efa5ad81"
87				"a4f14b822f5b091568a9cdd4f155fda2"
88				"c22e422478d305f3f896"
89	},
90	// RFC 5869 Test Case 5
91	{
92	/* Type */	type_sha1,
93	/* IKM */	"000102030405060708090a0b0c0d0e0f"
94				"101112131415161718191a1b1c1d1e1f"
95				"202122232425262728292a2b2c2d2e2f"
96				"303132333435363738393a3b3c3d3e3f"
97				"404142434445464748494a4b4c4d4e4f",
98	/* Salt */	"606162636465666768696a6b6c6d6e6f"
99				"707172737475767778797a7b7c7d7e7f"
100				"808182838485868788898a8b8c8d8e8f"
101				"909192939495969798999a9b9c9d9e9f"
102				"a0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
103	/* Info */	"b0b1b2b3b4b5b6b7b8b9babbbcbdbebf"
104				"c0c1c2c3c4c5c6c7c8c9cacbcccdcecf"
105				"d0d1d2d3d4d5d6d7d8d9dadbdcdddedf"
106				"e0e1e2e3e4e5e6e7e8e9eaebecedeeef"
107				"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
108	/* Len */	82,
109	/* OKM */	"0bd770a74d1160f7c9f12cd5912a06eb"
110				"ff6adcae899d92191fe4305673ba2ffe"
111				"8fa3f1a4e5ad79f3f334b3b202b2173c"
112				"486ea37ce3d397ed034c7f9dfeb15c5e"
113				"927336d0441f4c4300e2cff0d0900b52"
114				"d3b4"
115	},
116	// RFC 5869 Test Case 6
117	{
118	/* Type */	type_sha1,
119	/* IKM */	"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
120	/* Salt */	"",
121	/* Info */	"",
122	/* Len */	42,
123	/* OKM */	"0ac1af7002b3d761d1e55298da9d0506"
124				"b9ae52057220a306e07b6b87e8df21d0"
125				"ea00033de03984d34918"
126	},
127	// RFC 5869 Test Case 7
128	{
129	/* Type */	type_sha1,
130	/* IKM */	"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
131	/* Salt */	"",
132	/* Info */	"",
133	/* Len */	42,
134	/* OKM */	"2c91117204d745f3500d636a62f64f0a"
135				"b3bae548aa53d423b0d1f27ebba6f5e5"
136				"673a081d70cce7acfc48"
137	},
138	// RFC 5869 Test Case 1 (updated for SHA-512)
139	{
140	/* Type */	type_sha512,
141	/* IKM */	"0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B",
142	/* Salt */	"000102030405060708090A0B0C",
143	/* Info */	"F0F1F2F3F4F5F6F7F8F9",
144	/* Len */	42,
145	/* OKM */	"832390086CDA71FB47625BB5CEB168E4"
146				"C8E26A1A16ED34D9FC7FE92C14815793"
147				"38DA362CB8D9F925D7CB"
148	},
149	// RFC 5869 Test Case 2 (updated for SHA-512)
150	{
151	/* Type */	type_sha512,
152	/* IKM */	"000102030405060708090A0B0C0D0E0F"
153				"101112131415161718191A1B1C1D1E1F"
154				"202122232425262728292A2B2C2D2E2F"
155				"303132333435363738393A3B3C3D3E3F"
156				"404142434445464748494A4B4C4D4E4F",
157	/* Salt */	"606162636465666768696A6B6C6D6E6F"
158				"707172737475767778797A7B7C7D7E7F"
159				"808182838485868788898A8B8C8D8E8F"
160				"909192939495969798999A9B9C9D9E9F"
161				"A0A1A2A3A4A5A6A7A8A9AAABACADAEAF",
162	/* Info */	"B0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"
163				"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"
164				"D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF"
165				"E0E1E2E3E4E5E6E7E8E9EAEBECEDEEEF"
166				"F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF",
167	/* Len */	82,
168	/* OKM */	"CE6C97192805B346E6161E821ED16567"
169				"3B84F400A2B514B2FE23D84CD189DDF1"
170				"B695B48CBD1C8388441137B3CE28F16A"
171				"A64BA33BA466B24DF6CFCB021ECFF235"
172				"F6A2056CE3AF1DE44D572097A8505D9E"
173				"7A93"
174	},
175	// RFC 5869 Test Case 3 (updated for SHA-512)
176	{
177	/* Type */	type_sha512,
178	/* IKM */	"0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B",
179	/* Salt */	"",
180	/* Info */	"",
181	/* Len */	42,
182	/* OKM */	"F5FA02B18298A72A8C23898A8703472C"
183				"6EB179DC204C03425C970E3B164BF90F"
184				"FF22D04836D0E2343BAC"
185	},
186};
187
188int CommonHKDF(int argc, char *const *argv)
189{
190	size_t i, n;
191	int err;
192
193	plan_tests(10 * 2);
194
195	n = sizeof(hkdf_sha256_tests) / sizeof(*hkdf_sha256_tests);
196	for(i = 0; i < n; ++i) {
197		const test_vector_t *			tv   = &hkdf_sha256_tests[ i ];
198		byteBuffer						ikm  = hexStringToBytes(tv->ikm);
199		byteBuffer						salt = hexStringToBytes(tv->salt);
200		byteBuffer						info = hexStringToBytes(tv->info);
201		byteBuffer						okmActual = mallocByteBuffer(tv->len);
202		byteBuffer						okmExpected = hexStringToBytes(tv->okm);
203		CCDigestAlgorithm				digestType;
204
205		if(     tv->type == type_sha1)   digestType = kCCDigestSHA1;
206		else if(tv->type == type_sha256) digestType = kCCDigestSHA256;
207		else if(tv->type == type_sha512) digestType = kCCDigestSHA512;
208		else abort();
209
210		err = CCKeyDerivationHMac(kCCKDFAlgorithmHKDF, digestType, 0, ikm->bytes, ikm->len, NULL, 0,
211			info->bytes, info->len, NULL, 0, salt->bytes, salt->len, okmActual->bytes, okmActual->len );
212		ok(!err, "check return value");
213		ok(bytesAreEqual(okmActual, okmExpected), "compare memory of answer");
214
215		free(ikm);
216		free(salt);
217		free(info);
218		free(okmActual);
219		free(okmExpected);
220	}
221	return 0;
222}
223#endif // CCHKDFTEST
224