Hi Philippe,
On Mon, 9 Dec 2024 at 04:42, Philippe Reynes <philippe.rey...@softathome.com>
wrote:
> Adds a test for the function sha256_hkdf.
>
> Signed-off-by: Philippe Reynes <philippe.rey...@softathome.com>
> ---
> test/lib/Makefile | 1 +
> test/lib/test_sha256_hkdf.c | 104 ++++++++++++++++++++++++++++++++++++
> 2 files changed, 105 insertions(+)
> create mode 100644 test/lib/test_sha256_hkdf.c
>
> diff --git a/test/lib/Makefile b/test/lib/Makefile
> index 4c0abcba81a..24ce6ed8f00 100644
> --- a/test/lib/Makefile
> +++ b/test/lib/Makefile
> @@ -25,6 +25,7 @@ obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
> obj-$(CONFIG_UT_LIB_RSA) += rsa.o
> obj-$(CONFIG_AES) += test_aes.o
> obj-$(CONFIG_SHA256) += test_sha256_hmac.o
> +obj-$(CONFIG_HKDF_MBEDTLS) += test_sha256_hkdf.o
> obj-$(CONFIG_GETOPT) += getopt.o
> obj-$(CONFIG_CRC8) += test_crc8.o
> obj-$(CONFIG_UT_LIB_CRYPT) += test_crypt.o
> diff --git a/test/lib/test_sha256_hkdf.c b/test/lib/test_sha256_hkdf.c
> new file mode 100644
> index 00000000000..ca173a13afc
> --- /dev/null
> +++ b/test/lib/test_sha256_hkdf.c
> @@ -0,0 +1,104 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Copyright (c) 2024 Philippe Reynes <philippe.rey...@softathome.com>
> + *
> + * Unit tests for sha256_hkdf functions
> + */
> +
> +#include <command.h>
> +#include <test/lib.h>
> +#include <test/test.h>
> +#include <test/ut.h>
> +#include <u-boot/sha256.h>
> +
> +struct test_sha256_hkdf_s {
> + unsigned char *salt;
> + int saltlen;
> + unsigned char *ikm;
> + int ikmlen;
> + unsigned char *info;
> + int infolen;
> + unsigned char *expected;
> + int expectedlen;
> +};
> +
> +/*
> + * data comes from:
> + * https://www.rfc-editor.org/rfc/rfc5869
> + */
> +static unsigned char salt_test1[] = {
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
> + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c };
> +
> +static unsigned char ikm_test1[] = {
> + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
> + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
> +
> +static unsigned char info_test1[] = {
> + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9 };
> +
> +static unsigned char expected_test1[] = {
> + 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
> + 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
> + 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
> + 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
> + 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
> + 0x58, 0x65 };
> +
> +static struct test_sha256_hkdf_s test_sha256_hkdf[] = {
> + {
> + .salt = salt_test1,
> + .saltlen = sizeof(salt_test1),
> + .ikm = ikm_test1,
> + .ikmlen = sizeof(ikm_test1),
> + .info = info_test1,
> + .infolen = sizeof(info_test1),
> + .expected = expected_test1,
> + .expectedlen = sizeof(expected_test1),
> + },
> +};
> +
> +static int _lib_test_sha256_hkdf_run(struct unit_test_state *uts,
> + unsigned char *salt, int saltlen,
> + unsigned char *ikm, int ikmlen,
> + unsigned char *info, int infolen,
> + unsigned char *expected, int
> expectedlen)
> +{
> + unsigned char output[64];
> +
> + sha256_hkdf(salt, saltlen, ikm, ikmlen, info, infolen, output,
> expectedlen);
>
I think we can add a few checkers here:
ut_assert(expectedlen <= sizeof(output));
int ret = sha256_hkdf(salt, saltlen, ikm, ikmlen, info, infolen, output,
expectedlen);
ut_assert(!ret);
[snip]
Regards,
Raymond
