1 // Copyright 2015 Brian Smith.
2 //
3 // Permission to use, copy, modify, and/or distribute this software for any
4 // purpose with or without fee is hereby granted, provided that the above
5 // copyright notice and this permission notice appear in all copies.
6 //
7 // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
8 // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
10 // SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14
15 use ring::{digest, error, hkdf, test, test_file};
16
17 #[cfg(target_arch = "wasm32")]
18 use wasm_bindgen_test::{wasm_bindgen_test as test, wasm_bindgen_test_configure};
19
20 #[cfg(target_arch = "wasm32")]
21 wasm_bindgen_test_configure!(run_in_browser);
22
23 #[test]
hkdf_tests()24 fn hkdf_tests() {
25 test::run(test_file!("hkdf_tests.txt"), |section, test_case| {
26 assert_eq!(section, "");
27 let alg = {
28 let digest_alg = test_case
29 .consume_digest_alg("Hash")
30 .ok_or(error::Unspecified)?;
31 if digest_alg == &digest::SHA256 {
32 hkdf::HKDF_SHA256
33 } else {
34 // TODO: add test vectors for other algorithms
35 panic!("unsupported algorithm: {:?}", digest_alg);
36 }
37 };
38 let secret = test_case.consume_bytes("IKM");
39 let salt = test_case.consume_bytes("salt");
40 let info = test_case.consume_bytes("info");
41 let _ = test_case.consume_bytes("PRK");
42 let expected_out = test_case.consume_bytes("OKM");
43
44 let salt = hkdf::Salt::new(alg, &salt);
45
46 // TODO: test multi-part info, especially with empty parts.
47 let My(out) = salt
48 .extract(&secret)
49 .expand(&[&info], My(expected_out.len()))
50 .unwrap()
51 .into();
52 assert_eq!(out, expected_out);
53
54 Ok(())
55 });
56 }
57
58 #[test]
hkdf_output_len_tests()59 fn hkdf_output_len_tests() {
60 for &alg in &[hkdf::HKDF_SHA256, hkdf::HKDF_SHA384, hkdf::HKDF_SHA512] {
61 const MAX_BLOCKS: usize = 255;
62
63 let salt = hkdf::Salt::new(alg, &[]);
64 let prk = salt.extract(&[]); // TODO: enforce minimum length.
65
66 {
67 // Test zero length.
68 let okm = prk.expand(&[b"info"], My(0)).unwrap();
69 let result: My<Vec<u8>> = okm.into();
70 assert_eq!(&result.0, &[]);
71 }
72
73 let max_out_len = MAX_BLOCKS * alg.hmac_algorithm().digest_algorithm().output_len();
74
75 {
76 // Test maximum length output succeeds.
77 let okm = prk.expand(&[b"info"], My(max_out_len)).unwrap();
78 let result: My<Vec<u8>> = okm.into();
79 assert_eq!(result.0.len(), max_out_len);
80 }
81
82 {
83 // Test too-large output fails.
84 assert!(prk.expand(&[b"info"], My(max_out_len + 1)).is_err());
85 }
86
87 {
88 // Test length mismatch (smaller).
89 let okm = prk.expand(&[b"info"], My(2)).unwrap();
90 let mut buf = [0u8; 1];
91 assert_eq!(okm.fill(&mut buf), Err(error::Unspecified));
92 }
93
94 {
95 // Test length mismatch (larger).
96 let okm = prk.expand(&[b"info"], My(2)).unwrap();
97 let mut buf = [0u8; 3];
98 assert_eq!(okm.fill(&mut buf), Err(error::Unspecified));
99 }
100
101 {
102 // Control for above two tests.
103 let okm = prk.expand(&[b"info"], My(2)).unwrap();
104 let mut buf = [0u8; 2];
105 assert_eq!(okm.fill(&mut buf), Ok(()));
106 }
107 }
108 }
109
110 /// Generic newtype wrapper that lets us implement traits for externally-defined
111 /// types.
112 #[derive(Debug, PartialEq)]
113 struct My<T: core::fmt::Debug + PartialEq>(T);
114
115 impl hkdf::KeyType for My<usize> {
len(&self) -> usize116 fn len(&self) -> usize {
117 self.0
118 }
119 }
120
121 impl From<hkdf::Okm<'_, My<usize>>> for My<Vec<u8>> {
from(okm: hkdf::Okm<My<usize>>) -> Self122 fn from(okm: hkdf::Okm<My<usize>>) -> Self {
123 let mut r = vec![0u8; okm.len().0];
124 okm.fill(&mut r).unwrap();
125 Self(r)
126 }
127 }
128