Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / b19f27a5f93698b46844b82b348575afc99bc79d / . / rtc_base / openssl_key_derivation_hkdf_unittest.cc
blob: 92df42ffd30d6b4fd359c14b13d3883dea9af4db [file] [log] [blame]
Benjamin Wrightb3f887b2018-10-30 13:53:30 -0700[diff] [blame]1/*
2 * Copyright 2018 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11#include "rtc_base/openssl_key_derivation_hkdf.h"
12
13#include <utility>
14
15#include "test/gmock.h"
16
17namespace rtc {
18namespace {
19
20// Validates that a basic valid call works correctly.
21TEST(OpenSSLKeyDerivationHKDF, DerivationBasicTest) {
22 rtc::Buffer secret(32);
23 rtc::Buffer salt(32);
24 rtc::Buffer label(32);
25 const size_t derived_key_byte_size = 16;
26
27 OpenSSLKeyDerivationHKDF hkdf;
28 auto key_or = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
29 EXPECT_TRUE(key_or.has_value());
30 ZeroOnFreeBuffer<uint8_t> key = std::move(key_or.value());
31 EXPECT_EQ(derived_key_byte_size, key.size());
32}
33
34// Derivation fails if output is too small.
35TEST(OpenSSLKeyDerivationHKDF, DerivationFailsIfOutputIsTooSmall) {
36 rtc::Buffer secret(32);
37 rtc::Buffer salt(32);
38 rtc::Buffer label(32);
39 const size_t derived_key_byte_size = 15;
40
41 OpenSSLKeyDerivationHKDF hkdf;
42 auto key_or = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
43 EXPECT_FALSE(key_or.has_value());
44}
45
46// Derivation fails if output is too large.
47TEST(OpenSSLKeyDerivationHKDF, DerivationFailsIfOutputIsTooLarge) {
48 rtc::Buffer secret(32);
49 rtc::Buffer salt(32);
50 rtc::Buffer label(32);
51 const size_t derived_key_byte_size = 256 * 32;
52
53 OpenSSLKeyDerivationHKDF hkdf;
54 auto key_or = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
55 EXPECT_FALSE(key_or.has_value());
56}
57
58// Validates that too little key material causes a failure.
59TEST(OpenSSLKeyDerivationHKDF, DerivationFailsWithInvalidSecret) {
60 rtc::Buffer secret(15);
61 rtc::Buffer salt(32);
62 rtc::Buffer label(32);
63 const size_t derived_key_byte_size = 16;
64
65 OpenSSLKeyDerivationHKDF hkdf;
66 auto key_or_0 = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
67 EXPECT_FALSE(key_or_0.has_value());
68
69 auto key_or_1 = hkdf.DeriveKey(nullptr, salt, label, derived_key_byte_size);
70 EXPECT_FALSE(key_or_1.has_value());
71
72 rtc::Buffer secret_empty;
73 auto key_or_2 =
74 hkdf.DeriveKey(secret_empty, salt, label, derived_key_byte_size);
75 EXPECT_FALSE(key_or_2.has_value());
76}
77
78// Validates that HKDF works without a salt being set.
79TEST(OpenSSLKeyDerivationHKDF, DerivationWorksWithNoSalt) {
80 rtc::Buffer secret(32);
81 rtc::Buffer label(32);
82 const size_t derived_key_byte_size = 16;
83
84 OpenSSLKeyDerivationHKDF hkdf;
85 auto key_or = hkdf.DeriveKey(secret, nullptr, label, derived_key_byte_size);
86 EXPECT_TRUE(key_or.has_value());
87}
88
89// Validates that a label is required to work correctly.
90TEST(OpenSSLKeyDerivationHKDF, DerivationRequiresLabel) {
91 rtc::Buffer secret(32);
92 rtc::Buffer salt(32);
93 rtc::Buffer label(1);
94 const size_t derived_key_byte_size = 16;
95
96 OpenSSLKeyDerivationHKDF hkdf;
97 auto key_or_0 = hkdf.DeriveKey(secret, salt, label, derived_key_byte_size);
98 EXPECT_TRUE(key_or_0.has_value());
99 ZeroOnFreeBuffer<uint8_t> key = std::move(key_or_0.value());
100 EXPECT_EQ(key.size(), derived_key_byte_size);
101
102 auto key_or_1 = hkdf.DeriveKey(secret, salt, nullptr, derived_key_byte_size);
103 EXPECT_FALSE(key_or_1.has_value());
104}
105
106} // namespace
107} // namespace rtc