File: hkdf_test.go

package info (click to toggle)
golang-go.crypto 1%3A0.0~git20201221.eec23a3-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, bullseye-backports
  • size: 4,804 kB
  • sloc: asm: 8,295; ansic: 258; makefile: 5
file content (111 lines) | stat: -rw-r--r-- 3,029 bytes parent folder | download | duplicates (7) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package wycheproof

import (
	"bytes"
	"io"
	"testing"

	"golang.org/x/crypto/hkdf"
)

func TestHkdf(t *testing.T) {

	// HkdfTestVector
	type HkdfTestVector struct {

		// A brief description of the test case
		Comment string `json:"comment,omitempty"`

		// A list of flags
		Flags []string `json:"flags,omitempty"`

		// the key (input key material)
		Ikm string `json:"ikm,omitempty"`

		// additional information used in the key derivation
		Info string `json:"info,omitempty"`

		// the generated bytes (output key material)
		Okm string `json:"okm,omitempty"`

		// Test result
		Result string `json:"result,omitempty"`

		// the salt for the key derivation
		Salt string `json:"salt,omitempty"`

		// the size of the output in bytes
		Size int `json:"size,omitempty"`

		// Identifier of the test case
		TcId int `json:"tcId,omitempty"`
	}

	// Notes a description of the labels used in the test vectors
	type Notes struct {
	}

	// HkdfTestGroup
	type HkdfTestGroup struct {

		// the size of the ikm in bits
		KeySize int               `json:"keySize,omitempty"`
		Tests   []*HkdfTestVector `json:"tests,omitempty"`
		Type    interface{}       `json:"type,omitempty"`
	}

	// Root
	type Root struct {

		// the primitive tested in the test file
		Algorithm string `json:"algorithm,omitempty"`

		// the version of the test vectors.
		GeneratorVersion string `json:"generatorVersion,omitempty"`

		// additional documentation
		Header []string `json:"header,omitempty"`

		// a description of the labels used in the test vectors
		Notes *Notes `json:"notes,omitempty"`

		// the number of test vectors in this test
		NumberOfTests int              `json:"numberOfTests,omitempty"`
		Schema        interface{}      `json:"schema,omitempty"`
		TestGroups    []*HkdfTestGroup `json:"testGroups,omitempty"`
	}

	fileHashAlgorithms := map[string]string{
		"hkdf_sha1_test.json":   "SHA-1",
		"hkdf_sha256_test.json": "SHA-256",
		"hkdf_sha384_test.json": "SHA-384",
		"hkdf_sha512_test.json": "SHA-512",
	}

	for f := range fileHashAlgorithms {
		var root Root
		readTestVector(t, f, &root)
		for _, tg := range root.TestGroups {
			for _, tv := range tg.Tests {
				h := parseHash(fileHashAlgorithms[f]).New
				hkdf := hkdf.New(h, decodeHex(tv.Ikm), decodeHex(tv.Salt), decodeHex(tv.Info))
				key := make([]byte, tv.Size)
				wantPass := shouldPass(tv.Result, tv.Flags, nil)
				_, err := io.ReadFull(hkdf, key)
				if (err == nil) != wantPass {
					t.Errorf("tcid: %d, type: %s, comment: %q, wanted success: %t, got: %v", tv.TcId, tv.Result, tv.Comment, wantPass, err)
				}
				if err != nil {
					continue // don't validate output text if reading failed
				}
				if got, want := key, decodeHex(tv.Okm); !bytes.Equal(got, want) {
					t.Errorf("tcid: %d, type: %s, comment: %q, output bytes don't match", tv.TcId, tv.Result, tv.Comment)
				}
			}
		}
	}
}