From 19498f8fbd0a525edf191355bf4cbeabde5ddd87 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 21 Aug 2020 13:37:08 +0100 Subject: [PATCH] Add test vectors for TLS 1.3 traffic key generation Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 12 ++++++++ tests/suites/test_suite_ssl.function | 46 ++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 257e3cf223..a14925c6e2 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -10454,6 +10454,18 @@ SSL TLS 1.3 Key schedule: HKDF Expand Label #8 (RFC 8448) depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":"6b6579":"":16:"dbfaa693d1762c5b666af5d950258d01" +SSL TLS 1.3 Key schedule: Traffic key generation #1 +# Vector from TLS 1.3 Byte by Byte ((https://tls13.ulfheim.net/) +# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV} +depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268" + +SSL TLS 1.3 Key schedule: Traffic key generation #2 (RFC 8448) +# Vector RFC 8448 +# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV} +depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268" + SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 8f5c9edda0..36f10ca61f 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3696,6 +3696,52 @@ void ssl_tls1_3_hkdf_expand_label( int hash_alg, } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +void ssl_tls1_3_traffic_key_generation( int hash_alg, + data_t *server_secret, + data_t *client_secret, + int desired_iv_len, + int desired_key_len, + data_t *expected_server_write_key, + data_t *expected_server_write_iv, + data_t *expected_client_write_key, + data_t *expected_client_write_iv ) +{ + mbedtls_ssl_key_set keys; + + /* Check sanity of test parameters. */ + TEST_ASSERT( client_secret->len == server_secret->len ); + TEST_ASSERT( expected_client_write_iv->len == expected_server_write_iv->len && + expected_client_write_iv->len == (size_t) desired_iv_len ); + TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len && + expected_client_write_key->len == (size_t) desired_key_len ); + + TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys( + (mbedtls_md_type_t) hash_alg, + client_secret->x, + server_secret->x, + client_secret->len /* == server_secret->len */, + desired_key_len, desired_iv_len, + &keys ) == 0 ); + + TEST_ASSERT( keys.keyLen == (size_t) desired_key_len ); + TEST_ASSERT( keys.ivLen == (size_t) desired_iv_len ); + + TEST_ASSERT( memcmp( keys.client_write_key, + expected_client_write_key->x, + desired_key_len ) == 0 ); + TEST_ASSERT( memcmp( keys.server_write_key, + expected_server_write_key->x, + desired_key_len ) == 0 ); + TEST_ASSERT( memcmp( keys.client_write_iv, + expected_client_write_iv->x, + desired_iv_len ) == 0 ); + TEST_ASSERT( memcmp( keys.server_write_iv, + expected_server_write_iv->x, + desired_iv_len ) == 0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void ssl_tls_prf( int type, data_t * secret, data_t * random, char *label, data_t *result_hex_str, int exp_ret )