mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 00:40:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add test vectors for TLS 1.3 traffic key generation

Browse Source 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit is contained in:
Hanno Becker 2020-08-21 13:37:08 +01:00
parent 3385a4d5cf
commit 19498f8fbd
2 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
tests/suites/test_suite_ssl.data
View File

@ -10454,6 +10454,18 @@ SSL TLS 1.3 Key schedule: HKDF Expand Label #8 (RFC 8448)
depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":"6b6579":"":16:"dbfaa693d1762c5b666af5d950258d01"
SSL TLS 1.3 Key schedule: Traffic key generation #1
# Vector from TLS 1.3 Byte by Byte ((https://tls13.ulfheim.net/)
# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
SSL TLS 1.3 Key schedule: Traffic key generation #2 (RFC 8448)
# Vector RFC 8448
# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE
ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE

46
tests/suites/test_suite_ssl.function
View File

@ -3696,6 +3696,52 @@ void ssl_tls1_3_hkdf_expand_label( int hash_alg,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
void ssl_tls1_3_traffic_key_generation( int hash_alg,
data_t *server_secret,
data_t *client_secret,
int desired_iv_len,
int desired_key_len,
data_t *expected_server_write_key,
data_t *expected_server_write_iv,
data_t *expected_client_write_key,
data_t *expected_client_write_iv )
{
mbedtls_ssl_key_set keys;
/* Check sanity of test parameters. */
TEST_ASSERT( client_secret->len == server_secret->len );
TEST_ASSERT( expected_client_write_iv->len == expected_server_write_iv->len &&
expected_client_write_iv->len == (size_t) desired_iv_len );
TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len &&
expected_client_write_key->len == (size_t) desired_key_len );
TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys(
(mbedtls_md_type_t) hash_alg,
client_secret->x,
server_secret->x,
client_secret->len /* == server_secret->len */,
desired_key_len, desired_iv_len,
&keys ) == 0 );
TEST_ASSERT( keys.keyLen == (size_t) desired_key_len );
TEST_ASSERT( keys.ivLen == (size_t) desired_iv_len );
TEST_ASSERT( memcmp( keys.client_write_key,
expected_client_write_key->x,
desired_key_len ) == 0 );
TEST_ASSERT( memcmp( keys.server_write_key,
expected_server_write_key->x,
desired_key_len ) == 0 );
TEST_ASSERT( memcmp( keys.client_write_iv,
expected_client_write_iv->x,
desired_iv_len ) == 0 );
TEST_ASSERT( memcmp( keys.server_write_iv,
expected_server_write_iv->x,
desired_iv_len ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE */
void ssl_tls_prf( int type, data_t * secret, data_t * random,
char *label, data_t *result_hex_str, int exp_ret )