Google Git
Sign in
cos / mirrors / cros / chromiumos / platform2 / refs/heads/factory-ambassador-14265.B / . / cryptohome / crypto / hkdf_unittest.cc
blob: 6d746abae14d2ebd4871e1ae16e39b336d141393 [file] [log] [blame]
// Copyright 2021 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "cryptohome/crypto/hkdf.h"
#include <brillo/secure_blob.h>
#include <gmock/gmock.h>
#include <gtest/gtest.h>
#include <openssl/sha.h>
namespace cryptohome {
// Tests HKDF using RFC test case for SHA-256 hash:
// https://tools.ietf.org/html/rfc5869#appendix-A
TEST(HkdfTest, Hkdf) {
constexpr HkdfHash kHash = HkdfHash::kSha256;
constexpr size_t kKeyLen = 42;
brillo::SecureBlob ikm, info, salt, prk, okm, expected_prk, expected_okm;
ASSERT_TRUE(brillo::SecureBlob::HexStringToSecureBlob(
"0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B", &ikm));
ASSERT_TRUE(
brillo::SecureBlob::HexStringToSecureBlob("F0F1F2F3F4F5F6F7F8F9", &info));
ASSERT_TRUE(brillo::SecureBlob::HexStringToSecureBlob(
"000102030405060708090A0B0C", &salt));
ASSERT_TRUE(brillo::SecureBlob::HexStringToSecureBlob(
"077709362C2E32DF0DDC3F0DC47BBA6390B6C73BB50F9C3122EC844AD7C2B3E5",
&expected_prk));
ASSERT_TRUE(brillo::SecureBlob::HexStringToSecureBlob(
"3CB25F25FAACD57A90434F64D0362F2A2D2D0A90CF1A5A4C5DB02D56ECC4C5BF34007208"
"D5B887185865",
&expected_okm));
EXPECT_TRUE(HkdfExtract(kHash, ikm, salt, &prk));
EXPECT_EQ(prk, expected_prk);
EXPECT_TRUE(HkdfExpand(kHash, prk, info, kKeyLen, &okm));
EXPECT_EQ(okm, expected_okm);
okm.clear();
EXPECT_TRUE(Hkdf(kHash, ikm, info, salt, kKeyLen, &okm));
EXPECT_EQ(okm, expected_okm);
}
// Tests Hkdf interface with resulting key length equal to SHA-256 hash size.
TEST(HkdfTest, HkdfKeyLengthEqualToHashSize) {
constexpr HkdfHash kHash = HkdfHash::kSha256;
brillo::SecureBlob key("test_key");
brillo::SecureBlob salt("test_salt");
brillo::SecureBlob info("test_info");
brillo::SecureBlob result;
EXPECT_TRUE(HkdfExtract(kHash, key, salt, &result));
EXPECT_EQ(result.size(), SHA256_DIGEST_LENGTH);
result.clear();
EXPECT_TRUE(HkdfExpand(kHash, key, info, /*result_len=*/0, &result));
EXPECT_EQ(result.size(), SHA256_DIGEST_LENGTH);
result.clear();
EXPECT_TRUE(Hkdf(kHash, key, info, salt, /*result_len=*/0, &result));
EXPECT_EQ(result.size(), SHA256_DIGEST_LENGTH);
}
// Tests maximum resulting key length. According to RFC 5869, the length of the
// resulting key cannot exceed 255*hash size.
TEST(HkdfTest, HkdfKeyLengthTooBig) {
constexpr HkdfHash kHash = HkdfHash::kSha256;
constexpr size_t kKeyLen = 255 * SHA256_DIGEST_LENGTH + 1;
brillo::SecureBlob key("test_key");
brillo::SecureBlob salt("test_salt");
brillo::SecureBlob info("test_info");
brillo::SecureBlob result;
EXPECT_FALSE(HkdfExpand(kHash, key, info, kKeyLen, &result));
EXPECT_FALSE(Hkdf(kHash, key, info, salt, kKeyLen, &result));
}
// Tests Hkdf with empty info and salt. It is expected to be successful.
TEST(HkdfTest, HkdfWithEmptyInfoAndSalt) {
constexpr HkdfHash kHash = HkdfHash::kSha256;
constexpr size_t kKeyLen = 42;
brillo::SecureBlob key("test_key");
brillo::SecureBlob salt;
brillo::SecureBlob info;
brillo::SecureBlob result;
EXPECT_TRUE(Hkdf(kHash, key, info, salt, kKeyLen, &result));
EXPECT_EQ(result.size(), kKeyLen);
}
} // namespace cryptohome