1 // Copyright 2015 Brian Smith.
2 //
3 // Permission to use, copy, modify, and/or distribute this software for any
4 // purpose with or without fee is hereby granted, provided that the above
5 // copyright notice and this permission notice appear in all copies.
6 //
7 // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
8 // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
10 // SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14 
15 #![forbid(
16     anonymous_parameters,
17     box_pointers,
18     missing_copy_implementations,
19     missing_debug_implementations,
20     missing_docs,
21     trivial_casts,
22     trivial_numeric_casts,
23     unsafe_code,
24     unstable_features,
25     unused_extern_crates,
26     unused_import_braces,
27     unused_results,
28     variant_size_differences,
29     warnings
30 )]
31 
32 use ring::{digest, error, hkdf, test, test_file};
33 
34 #[cfg(target_arch = "wasm32")]
35 use wasm_bindgen_test::{wasm_bindgen_test, wasm_bindgen_test_configure};
36 
37 #[cfg(target_arch = "wasm32")]
38 wasm_bindgen_test_configure!(run_in_browser);
39 
40 #[test]
41 #[cfg_attr(target_arch = "wasm32", wasm_bindgen_test)]
hkdf_tests()42 fn hkdf_tests() {
43     test::run(test_file!("hkdf_tests.txt"), |section, test_case| {
44         assert_eq!(section, "");
45         let alg = {
46             let digest_alg = test_case
47                 .consume_digest_alg("Hash")
48                 .ok_or(error::Unspecified)?;
49             if digest_alg == &digest::SHA256 {
50                 hkdf::HKDF_SHA256
51             } else {
52                 // TODO: add test vectors for other algorithms
53                 panic!("unsupported algorithm: {:?}", digest_alg);
54             }
55         };
56         let secret = test_case.consume_bytes("IKM");
57         let salt = test_case.consume_bytes("salt");
58         let info = test_case.consume_bytes("info");
59         let _ = test_case.consume_bytes("PRK");
60         let expected_out = test_case.consume_bytes("OKM");
61 
62         let salt = hkdf::Salt::new(alg, &salt);
63 
64         // TODO: test multi-part info, especially with empty parts.
65         let My(out) = salt
66             .extract(&secret)
67             .expand(&[&info], My(expected_out.len()))
68             .unwrap()
69             .into();
70         assert_eq!(out, expected_out);
71 
72         Ok(())
73     });
74 }
75 
76 #[test]
77 #[cfg_attr(target_arch = "wasm32", wasm_bindgen_test)]
hkdf_output_len_tests()78 fn hkdf_output_len_tests() {
79     for &alg in &[hkdf::HKDF_SHA256, hkdf::HKDF_SHA384, hkdf::HKDF_SHA512] {
80         const MAX_BLOCKS: usize = 255;
81 
82         let salt = hkdf::Salt::new(alg, &[]);
83         let prk = salt.extract(&[]); // TODO: enforce minimum length.
84 
85         {
86             // Test zero length.
87             let okm = prk.expand(&[b"info"], My(0)).unwrap();
88             let result: My<Vec<u8>> = okm.into();
89             assert_eq!(&result.0, &[]);
90         }
91 
92         let max_out_len = MAX_BLOCKS * alg.hmac_algorithm().digest_algorithm().output_len;
93 
94         {
95             // Test maximum length output succeeds.
96             let okm = prk.expand(&[b"info"], My(max_out_len)).unwrap();
97             let result: My<Vec<u8>> = okm.into();
98             assert_eq!(result.0.len(), max_out_len);
99         }
100 
101         {
102             // Test too-large output fails.
103             assert!(prk.expand(&[b"info"], My(max_out_len + 1)).is_err());
104         }
105 
106         {
107             // Test length mismatch (smaller).
108             let okm = prk.expand(&[b"info"], My(2)).unwrap();
109             let mut buf = [0u8; 1];
110             assert_eq!(okm.fill(&mut buf), Err(error::Unspecified));
111         }
112 
113         {
114             // Test length mismatch (larger).
115             let okm = prk.expand(&[b"info"], My(2)).unwrap();
116             let mut buf = [0u8; 3];
117             assert_eq!(okm.fill(&mut buf), Err(error::Unspecified));
118         }
119 
120         {
121             // Control for above two tests.
122             let okm = prk.expand(&[b"info"], My(2)).unwrap();
123             let mut buf = [0u8; 2];
124             assert_eq!(okm.fill(&mut buf), Ok(()));
125         }
126     }
127 }
128 
129 /// Generic newtype wrapper that lets us implement traits for externally-defined
130 /// types.
131 #[derive(Debug, PartialEq)]
132 struct My<T: core::fmt::Debug + PartialEq>(T);
133 
134 impl hkdf::KeyType for My<usize> {
len(&self) -> usize135     fn len(&self) -> usize {
136         self.0
137     }
138 }
139 
140 impl From<hkdf::Okm<'_, My<usize>>> for My<Vec<u8>> {
from(okm: hkdf::Okm<My<usize>>) -> Self141     fn from(okm: hkdf::Okm<My<usize>>) -> Self {
142         let mut r = vec![0u8; okm.len().0];
143         okm.fill(&mut r).unwrap();
144         My(r)
145     }
146 }
147