[PATCH 4/4] test: lib: add test for key derivation

Simon Glass sjg at chromium.org
Fri Sep 20 18:01:36 CEST 2024 

Hi Philippe,

On Tue, 16 Jul 2024 at 17:06, Philippe Reynes
<philippe.reynes at softathome.com> wrote:
>
> Adds a test for the function sha256_hkdf.
>
> Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com>
> ---
>  test/lib/Makefile           |   2 +-
>  test/lib/test_sha256_hkdf.c | 104 ++++++++++++++++++++++++++++++++++++
>  2 files changed, 105 insertions(+), 1 deletion(-)
>  create mode 100644 test/lib/test_sha256_hkdf.c
>

Reviewed-by: Simon Glass <sjg at chromium.org>

Possible nit below

> diff --git a/test/lib/Makefile b/test/lib/Makefile
> index 170c5a539ca..1b7baa696db 100644
> --- a/test/lib/Makefile
> +++ b/test/lib/Makefile
> @@ -19,7 +19,7 @@ obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
>  obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
>  obj-$(CONFIG_UT_LIB_RSA) += rsa.o
>  obj-$(CONFIG_AES) += test_aes.o
> -obj-$(CONFIG_SHA256) += test_sha256_hmac.o
> +obj-$(CONFIG_SHA256) += test_sha256_hmac.o test_sha256_hkdf.o
>  obj-$(CONFIG_GETOPT) += getopt.o
>  obj-$(CONFIG_CRC8) += test_crc8.o
>  obj-$(CONFIG_UT_LIB_CRYPT) += test_crypt.o
> diff --git a/test/lib/test_sha256_hkdf.c b/test/lib/test_sha256_hkdf.c
> new file mode 100644
> index 00000000000..ca173a13afc
> --- /dev/null
> +++ b/test/lib/test_sha256_hkdf.c
> @@ -0,0 +1,104 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Copyright (c) 2024 Philippe Reynes <philippe.reynes at softathome.com>
> + *
> + * Unit tests for sha256_hkdf functions
> + */
> +
> +#include <command.h>
> +#include <test/lib.h>
> +#include <test/test.h>
> +#include <test/ut.h>
> +#include <u-boot/sha256.h>
> +
> +struct test_sha256_hkdf_s {
> +       unsigned char *salt;
> +       int saltlen;
> +       unsigned char *ikm;
> +       int ikmlen;
> +       unsigned char *info;
> +       int infolen;
> +       unsigned char *expected;
> +       int expectedlen;
> +};
> +
> +/*
> + * data comes from:
> + * https://www.rfc-editor.org/rfc/rfc5869
> + */
> +static unsigned char salt_test1[] = {
> +       0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
> +       0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c };
> +
> +static unsigned char ikm_test1[] = {
> +       0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
> +       0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
> +
> +static unsigned char info_test1[] = {
> +       0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9 };
> +
> +static unsigned char expected_test1[] = {
> +       0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
> +       0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
> +       0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
> +       0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
> +       0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
> +       0x58, 0x65 };
> +
> +static struct test_sha256_hkdf_s test_sha256_hkdf[] = {
> +       {
> +               .salt = salt_test1,
> +               .saltlen = sizeof(salt_test1),
> +               .ikm = ikm_test1,
> +               .ikmlen = sizeof(ikm_test1),
> +               .info = info_test1,
> +               .infolen = sizeof(info_test1),
> +               .expected = expected_test1,
> +               .expectedlen = sizeof(expected_test1),
> +       },
> +};
> +
> +static int _lib_test_sha256_hkdf_run(struct unit_test_state *uts,
> +                                    unsigned char *salt, int saltlen,
> +                                    unsigned char *ikm, int ikmlen,
> +                                    unsigned char *info, int infolen,
> +                                    unsigned char *expected, int expectedlen)
> +{
> +       unsigned char output[64];
> +
> +       sha256_hkdf(salt, saltlen, ikm, ikmlen, info, infolen, output, expectedlen);
> +       ut_asserteq_mem(expected, output, expectedlen);
> +
> +       return 0;
> +}
> +
> +static int lib_test_sha256_hkdf_run(struct unit_test_state *uts,
> +                                   struct test_sha256_hkdf_s *test)
> +{
> +       unsigned char *salt = test->salt;
> +       int saltlen = test->saltlen;
> +       unsigned char *ikm = test->ikm;
> +       int ikmlen = test->ikmlen;
> +       unsigned char *info = test->info;
> +       int infolen = test->infolen;
> +       unsigned char *expected = test->expected;
> +       int expectedlen = test->expectedlen;
> +
> +       return _lib_test_sha256_hkdf_run(uts, salt, saltlen, ikm, ikmlen,
> +                                        info, infolen, expected, expectedlen);

It is common to use ut_assertok() on functions called from tests, so
that any error report shows the full call trace back from the failure.

> +}
> +
> +static int lib_test_sha256_hkdf(struct unit_test_state *uts)
> +{
> +       int i, ret = 0;
> +
> +       for (i = 0; i < ARRAY_SIZE(test_sha256_hkdf); i++) {
> +               ret = lib_test_sha256_hkdf_run(uts, &test_sha256_hkdf[i]);
> +               if (ret)
> +                       break;
> +       }
> +
> +       return ret;
> +}
> +
> +LIB_TEST(lib_test_sha256_hkdf, 0);
> --
> 2.25.1
>
> -- This message and any attachments herein are confidential, intended solely for the addressees and are SoftAtHome’s ownership. Any unauthorized use or dissemination is prohibited. If you are not the intended addressee of this message, please cancel it immediately and inform the sender.

This seems to be incorrect.

Regards,
Simon

More information about the U-Boot mailing list