diff --git a/gtests/common/testvectors/ike-aesxcbc-vectors.h b/gtests/common/testvectors/ike-aesxcbc-vectors.h new file mode 100644 index 0000000000..cb92f02eed --- /dev/null +++ b/gtests/common/testvectors/ike-aesxcbc-vectors.h @@ -0,0 +1,101 @@ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* This file is generated from sources in nss/gtests/common/wycheproof + * automatically and should not be touched manually. + * Generation is trigged by calling python3 genTestVectors.py */ + +#ifndef ike_aesxcbc_vectors_h__ +#define ike_aesxcbc_vectors_h__ + +#include "testvectors_base/test-structs.h" + +const IkeTestVector kIkeAesXcbcProofVectors[] = { + // these vectors are self generated. + {1, IkeTestType::ikeGxy, + "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb", "", "", + "ef41a18b8c1ece71d74fedb292fd0f00", "69a62284195f1680", "80c94ba25c8abda5", + "", 0, 0, true}, + {2, IkeTestType::ikeV1, "ef41a18b8c1ece71d74fedb292fd0f00", + "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb", "", + "13525f37f9db53a65d1945b9af2c94f4", "8c3bcd3a69831d7f", "d2d9a7ff4fbe95a7", + "", 0, 0, true}, + {3, IkeTestType::ikeV1, "ef41a18b8c1ece71d74fedb292fd0f00", + "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb", + "13525f37f9db53a65d1945b9af2c94f4", "39d0712a1a96d1afaddbc35de86bc404", + "8c3bcd3a69831d7f", "d2d9a7ff4fbe95a7", "", 1, 0, true}, + {4, IkeTestType::ikeV1, "ef41a18b8c1ece71d74fedb292fd0f00", + "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb", + "39d0712a1a96d1afaddbc35de86bc404", "691cc90e93feb1cc06c8d376d3188293", + "8c3bcd3a69831d7f", "d2d9a7ff4fbe95a7", "", 2, 0, true}, + {5, IkeTestType::ikeV1Psk, "c0", "", "", "8963b0c6057c347c4ddec448f1779e2a", + "03a6f25a83c8c2a3", "9d958a6618f77e7f", "", 0, 0, true}, + {6, IkeTestType::ikeGxy, + "4b2c1f971981a8ad8d0abeafabf38cf75fc8349c148142465ed9c8b516b8be52", "", "", + "08b95345c9557240ddc98d6e1dfda875", "32b50d5f4a3763f3", "9206a04b26564cb1", + "", 0, 0, true}, + {7, IkeTestType::ikeV2Rekey, "efa38ecee9fd05062f64b655105436d54", + "863f3c9d06efd39d2b907b97f8699e5dd5251ef64a2a176f36ee40c87d4f9330", "", + "a881d193f5140415586a2839e1cacb91", "32b50d5f4a3763f3", "9206a04b26564cb1", + "", 0, 0, true}, + {8, IkeTestType::ikePlus, "08b95345c9557240ddc98d6e1dfda875", "", "", + "efa38ecee9fd05062f64b655105436d54b4728da66f3bc5768636170ff5017ab082342a68" + "3e7144a58d549c53d4575a2897d14c7c687040e86384065456b8dcd8aaea88b85b5e4d8ab" + "2f61c015859337000550cda1750a15c1f90af0ddd296e0a7f291afe46295dd3108078bd8e" + "adf09bc614c205a7c283907c3e6a384ad3f5373887e83", + "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "32b50d5f4a3763f3" // Ni + "9206a04b26564cb1" // Nr + "34c9e7c188868785" // SPIi + "3ff77d760d2b2199", // SPIr + 0, + 132, true}, + {9, IkeTestType::ikePlus, "08b95345c9557240ddc98d6e1dfda875", "", "", + "efa38ecee9fd05062f64b655105436d5", "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "32b50d5f4a3763f3" // Ni + "9206a04b26564cb1" // Nr + "34c9e7c188868785" // SPIi + "3ff77d760d2b2199", // SPIr + 0, + 16, true}, + {10, IkeTestType::ikePlus, "08b95345c9557240ddc98d6e1dfda875", "", "", + "efa38ecee9fd05062f64b655105436", "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "32b50d5f4a3763f3" // Ni + "9206a04b26564cb1" // Nr + "34c9e7c188868785" // SPIi + "3ff77d760d2b2199", // SPIr + 0, + 15, true}, + // these vectors are self-generated + {11, IkeTestType::ikeV1AppB, "08b95345c9557240ddc98d6e1dfda875", "", "", + "9203190ea765285c14ec496acdb73f99479ee08f3e3b5f277a516439888f74a2ddb5023f2" + "92c629e7194b3673632ff96bccd7de7ae68a90952fec65301c89d3a32981d5bb9d68b677e" + "96703f34ed6474deee2d8aa5c5cee8997ec223a24cd537042b74d1b5274eebe76520481a7" + "5a6d083b004819ea9359ffacef3ac6076cbbb0b80faab", + "", "", "", 0, 132, true}, + {12, IkeTestType::ikeV1AppB, "08b95345c9557240ddc98d6e1dfda875", "", "", + "08b95345c9557240ddc98d6e1dfda875", "", "", "", 0, 16, true}, + {13, IkeTestType::ikeV1AppB, "08b95345c9557240ddc98d6e1dfda875", "", "", + "08b95345c9557240ddc98d6e1dfda8", "", "", "", 0, 15, true}, + {14, IkeTestType::ikeV1AppBQuick, "08b95345c9557240ddc98d6e1dfda875", "", + "", + "9203190ea765285c14ec496acdb73f99a2358c44449799788d589fc426405bd0d9bc42758" + "04e2946d3cfd6072db257e2da4b9fecca10f23b271f793e7f66d19db446245e6cdd9446a8" + "e2ca27439c6692ce3f15cbcafc40c5879adb98310a4f8a5de14fe502d2c4e2b35f7054974" + "9a95f9510ac2d02a470973ca91931f1a82bf944935f76", + "", "", "0", 0, 132, true}, + {12, IkeTestType::ikeV1AppBQuick, "08b95345c9557240ddc98d6e1dfda875", "", + "", "9203190ea765285c14ec496acdb73f99", "", "", "0", 0, 16, true}, + {16, IkeTestType::ikeV1AppBQuick, "08b95345c9557240ddc98d6e1dfda875", "", + "", "9203190ea765285c14ec496acdb73f", "", "", "0", 0, 15, true}, +}; + +#endif // ike_aesxcbc_vectors_h__ diff --git a/gtests/common/testvectors/ike-sha1-vectors.h b/gtests/common/testvectors/ike-sha1-vectors.h new file mode 100644 index 0000000000..fd8dd75359 --- /dev/null +++ b/gtests/common/testvectors/ike-sha1-vectors.h @@ -0,0 +1,116 @@ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* This file is generated from sources in nss/gtests/common/wycheproof + * automatically and should not be touched manually. + * Generation is trigged by calling python3 genTestVectors.py */ + +#ifndef ike_sha1_vectors_h__ +#define ike_sha1_vectors_h__ + +#include "testvectors_base/test-structs.h" + +const IkeTestVector kIkeSha1ProofVectors[] = { + // these vectors are from this NIST samples + {1, IkeTestType::ikeGxy, + "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb", "", "", + "707197817fb2d90cf54d1842606bdea59b9f4823", "69a62284195f1680", + "80c94ba25c8abda5", "", 0, 0, true}, + {2, IkeTestType::ikeV1, "707197817fb2d90cf54d1842606bdea59b9f4823", + "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb", "", + "384be709a8a5e63c3ed160cfe3921c4b37d5b32d", "8c3bcd3a69831d7f", + "d2d9a7ff4fbe95a7", "", 0, 0, true}, + {3, IkeTestType::ikeV1, "707197817fb2d90cf54d1842606bdea59b9f4823", + "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb", + "384be709a8a5e63c3ed160cfe3921c4b37d5b32d", + "48b327575abe3adba0f279849e289022a13e2b47", "8c3bcd3a69831d7f", + "d2d9a7ff4fbe95a7", "", 1, 0, true}, + {4, IkeTestType::ikeV1, "707197817fb2d90cf54d1842606bdea59b9f4823", + "8ba4cbc73c0187301dc19a975823854dbd641c597f637f8d053a83b9514673eb", + "48b327575abe3adba0f279849e289022a13e2b47", + "a4a415c8e0c38c0da847c356cc61c24df8025560", "8c3bcd3a69831d7f", + "d2d9a7ff4fbe95a7", "", 2, 0, true}, + {5, IkeTestType::ikeV1Psk, "c0", "", "", + "ab3be41bc62f2ef0c41a3076d58768be77fadd2e", "03a6f25a83c8c2a3", + "9d958a6618f77e7f", "", 0, 0, true}, + {6, IkeTestType::ikeGxy, + "4b2c1f971981a8ad8d0abeafabf38cf75fc8349c148142465ed9c8b516b8be52", "", "", + "a9a7b222b59f8f48645f28a1db5b5f5d7479cba7", "32b50d5f4a3763f3", + "9206a04b26564cb1", "", 0, 0, true}, + {7, IkeTestType::ikeV2Rekey, "a14293677cc80ff8f9cc0eee30d895da9d8f4056", + "863f3c9d06efd39d2b907b97f8699e5dd5251ef64a2a176f36ee40c87d4f9330", "", + "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "32b50d5f4a3763f3", + "9206a04b26564cb1", "", 0, 0, true}, + {8, IkeTestType::ikePlus, "a9a7b222b59f8f48645f28a1db5b5f5d7479cba7", "", + "", + "a14293677cc80ff8f9cc0eee30d895da9d8f405666e30ef0dfcb63c634a46002a2a63080e" + "514a062768b76606f9fa5e992204fc5a670bde3f10d6b027113936a5c55b648a194ae587b" + "0088d52204b702c979fa280870d2ed41efa9c549fd11198af1670b143d384bd275c5f594c" + "f266b05ebadca855e4249520a441a81157435a7a56cc4", + "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "32b50d5f4a3763f3" // Ni + "9206a04b26564cb1" // Nr + "34c9e7c188868785" // SPIi + "3ff77d760d2b2199", // SPIr + 0, + 132, true}, + {9, IkeTestType::ikePlus, "a9a7b222b59f8f48645f28a1db5b5f5d7479cba7", "", + "", + "a14293677cc80ff8f9cc0eee30d895da9d8f405666e30ef0dfcb63c634a46002a2a63080e" + "514a062", + "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "32b50d5f4a3763f3" // Ni + "9206a04b26564cb1" // Nr + "34c9e7c188868785" // SPIi + "3ff77d760d2b2199", // SPIr + 0, + 40, true}, + {10, IkeTestType::ikePlus, "a9a7b222b59f8f48645f28a1db5b5f5d7479cba7", "", + "", "a14293677cc80ff8f9cc0eee30d895", "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "32b50d5f4a3763f3" // Ni + "9206a04b26564cb1" // Nr + "34c9e7c188868785" // SPIi + "3ff77d760d2b2199", // SPIr + 0, + 15, true}, + // these vectors are self-generated + {11, IkeTestType::ikeV1AppB, "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", + "", + "933347a07de5782247dd36d1562ffe0eecade1eb4134165257e3af1000af8ae3f16506382" + "8cbb60d910b7db38fa3c7f62c4afaaf3203da065c841729853edb23e9e7ac8286ae65c8cb" + "6c667d79268c0bd6705abb9131698eb822b1c1f9dd142fc7be2c1010ee0152e10195add98" + "999c6b6d42c8fe9c1b134d56ad5f2c6f20e815bd25c52", + "", "", "", 0, 132, true}, + {12, IkeTestType::ikeV1AppB, "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", + "", + "933347a07de5782247dd36d1562ffe0eecade1eb4134165257e3af1000af8ae3f16506382" + "8cbb60d", + "", "", "", 0, 40, true}, + {13, IkeTestType::ikeV1AppB, "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", + "", "63e81194946ebd05df7df5ebf5d875", "", "", "", 0, 15, true}, + {14, IkeTestType::ikeV1AppBQuick, + "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "", + "933347a07de5782247dd36d1562ffe0eecade1ebaeaa476a5f578c34a9b2b7101a621202f" + "61db924c5ef9efa3bb2698095841603b7ac8a880329a927ecd4ad53a944b607a5ac2f3d15" + "4e2748c188d7370d76be83fc204fdacf0f66b99dd760ba619ffac65eda1420c8a936dac5a" + "599afaf4043b29ef2b65dc042724355b550875316c6fd", + "", "", "0", 0, 132, true}, + {15, IkeTestType::ikeV1AppBQuick, + "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "", + "933347a07de5782247dd36d1562ffe0eecade1ebaeaa476a5f578c34a9b2b7101a621202f" + "61db924", + "", "", "0", 0, 40, true}, + {16, IkeTestType::ikeV1AppBQuick, + "63e81194946ebd05df7df5ebf5d8750056bf1f1d", "", "", + "933347a07de5782247dd36d1562ffe", "", "", "0", 0, 15, true}, +}; + +#endif // ike_sha1_vectors_h__ diff --git a/gtests/common/testvectors/ike-sha256-vectors.h b/gtests/common/testvectors/ike-sha256-vectors.h new file mode 100644 index 0000000000..e7c32b7c1d --- /dev/null +++ b/gtests/common/testvectors/ike-sha256-vectors.h @@ -0,0 +1,134 @@ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* This file is generated from sources in nss/gtests/common/wycheproof + * automatically and should not be touched manually. + * Generation is trigged by calling python3 genTestVectors.py */ + +#ifndef ike_sha256_vectors_h__ +#define ike_sha256_vectors_h__ + +#include "testvectors_base/test-structs.h" + +const IkeTestVector kIkeSha256ProofVectors[] = { + // these vectors are from this NIST samples + {1, IkeTestType::ikeGxy, + "a1ff3dc6cf9b4c04709943cb4ca1f1789bcf360b03f1d027de3ae8ee039e9155", "", "", + "750c5c94b9c2ec20b68033e024dadf0fa87e8b48c6561b21c72478451a06583d", + "b1dee62505b47b223bae14ce7a5b757402ad1587511618d09f94950d47f1d8d4ce86aca12" + "d78db9854d86019ad735757ae79d8932ac0c7db842c85060150ca875ea5d47e3cfcb2a059" + "22ebb7959d49b9797a2289676ee79a1d9a18b790f87e4771ddaf4be3376057a553162f68f" + "e429aca73b07234543801ba2122b1bde82251770d05df813cf556a11ca4dc43ffcb85a97d" + "bed16e2fda6985e07e31be6364899e63c507c7c616e5eb7765a53560f76772de43918ba07" + "badfe85244dcdcd917cb065afb60e3b7e68b54dd94bfc7c31c8b752892781ed3cc4b7f28f" + "bc0ab9af908f5ae1f09f893f80100a7b3135993161b51fbba3bbb24b9f88c6147de82cd6f" + "0", + "f0acfef2ad1f7add0eaafda78c1cf1097d9fc91cb04a7c145069ac426fd164cbe661b1dd2" + "df0fb84e19512181f0d8ea50b7860845f332757a8e56d2a3b7be436b5718a2d49baa996a4" + "616684a208c2d611cd65e605dca6e3d3f116859b4410fe13679696bb2e23c08a40c7e1316" + "d54b4c9c0286701c221151b3642cb4112ca1a53e0e597a7e29c634caed86ca3c31973d37b" + "4c346134fd6784cd99913feedf3d29d89a0a02a5a750f02f5738109dcc670bb27701fb59f" + "78e83b76860c3fec079a1fc8c937ddb58ae7500422b7e49ce63759c65b6bc439381d56bcc" + "159edede894b073841036ebfa050a5b3e7c876a3f18def26b1768a263ac66c9d83b680eb5" + "e", + "", 0, 0, true}, + {2, IkeTestType::ikeV1, + "750c5c94b9c2ec20b68033e024dadf0fa87e8b48c6561b21c72478451a06583d", + "a1ff3dc6cf9b4c04709943cb4ca1f1789bcf360b03f1d027de3ae8ee039e9155", "", + "a4f7ca7de913814813e3312099e7c943bd293483f387532330237f1b20957310", + "6c6beb72631ddc3d", "b84e24b22cffbd14", "", 0, 0, true}, + {3, IkeTestType::ikeV1, + "750c5c94b9c2ec20b68033e024dadf0fa87e8b48c6561b21c72478451a06583d", + "a1ff3dc6cf9b4c04709943cb4ca1f1789bcf360b03f1d027de3ae8ee039e9155", + "a4f7ca7de913814813e3312099e7c943bd293483f387532330237f1b20957310", + "1d4b705746c43b0a6fcbb8db33983c0f24ff6f8b6543e3779fed227c6067f004", + "6c6beb72631ddc3d", "b84e24b22cffbd14", "", 1, 0, true}, + {4, IkeTestType::ikeV1, + "750c5c94b9c2ec20b68033e024dadf0fa87e8b48c6561b21c72478451a06583d", + "a1ff3dc6cf9b4c04709943cb4ca1f1789bcf360b03f1d027de3ae8ee039e9155", + "1d4b705746c43b0a6fcbb8db33983c0f24ff6f8b6543e3779fed227c6067f004", + "03e6f16cd9ce9f64b5cdc5b34cca7163483ba5389a30afebef3d14640b0a815e", + "6c6beb72631ddc3d", "b84e24b22cffbd14", "", 2, 0, true}, + {5, IkeTestType::ikeV1Psk, "a0", "", "", + "558a99b299773d267cf7c8ef073bf3b7af362c206c75a538403c5ef884d4cace", + "ead9ced494868f41", "f1aff4f425a94f18", "", 0, 0, true}, + {6, IkeTestType::ikeGxy, + "0f4d257d7a58fc4545c7d7a88119eee5d5c9690c5b4c989171d3abbfd99d1d29", "", "", + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", + "3f302be1abcb28e1", "8c332ee006064c9b", "", 0, 0, true}, + {7, IkeTestType::ikeV2Rekey, + "0b137d669b0947d7d026d593f0305ad401ff0c471357d695778a9c7f4b4869ec", + "25f3b12d6f282739256e39bf54eda53b60ffcf379bb7bcc90c27b4c4c578616c", "", + "2d63f6debc92048b4fef3889c4c99ca67d6496e0fac14a2bca9a2d6566ff2398", + "3f302be1abcb28e1", "8c332ee006064c9b", "", 0, 0, true}, + {8, IkeTestType::ikePlus, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "0b137d669b0947d7d026d593f0305ad401ff0c471357d695778a9c7f4b4869ece98aca531" + "188d16041b3bb936d2dbb3b4993a6e768a809160de45d0283f273a6cdf6854379e31be72b" + "8d3d1fa990cf9c5b015ca9f918a7df6253c958114a09d4e1c19bdcd4db14b29d98db1a74a" + "d405c588662c14a04d0d36aa4ab55e90f8986d12d4aad", + "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "3f302be1abcb28e1" // Ni + "8c332ee006064c9b" // Nr + "40dac39e1e1a8640" // SPIi + "8619a1cf9a6e4c07", // SPIr + 0, + 132, true}, + {9, IkeTestType::ikePlus, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "0b137d669b0947d7d026d593f0305ad401ff0c471357d695778a9c7f4b4869ec", "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "3f302be1abcb28e1" // Ni + "8c332ee006064c9b" // Nr + "40dac39e1e1a8640" // SPIi + "8619a1cf9a6e4c07", // SPIr + 0, + 32, true}, + {10, IkeTestType::ikePlus, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "0b137d669b0947d7d026d593f0305a", "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "3f302be1abcb28e1" // Ni + "8c332ee006064c9b" // Nr + "40dac39e1e1a8640" // SPIi + "8619a1cf9a6e4c07", // SPIr + 0, + 15, true}, + // these vectors are self-generated + {11, IkeTestType::ikeV1AppB, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "b10fff32cbeaa1e7afe6ab0b191e0bd63cd524849a4b56019146d232a24cf9af6b89494d2" + "a360b06825db8bb0324c15cecf47fc0bc99e39bf1171a7f4bf1733dc49ef64c642e73b054" + "b2e82456e34fa3c822da475e27e403b3da3929da50e6aa9e7f9252c68fa069b4b0edd374e" + "80d35378c4f5e8ec285a1b169c92bbb5353d05ba94165", + "", "", "", 0, 132, true}, + {12, IkeTestType::ikeV1AppB, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "", 0, 32, true}, + {13, IkeTestType::ikeV1AppB, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "5f00d1bd2c58ec224b1e6b71fa0f19", "", "", "", 0, 15, true}, + {14, IkeTestType::ikeV1AppBQuick, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "b10fff32cbeaa1e7afe6ab0b191e0bd63cd524849a4b56019146d232a24cf9af59f18ed9a" + "abbb2dbbafecf48d72a34a8f72fab2ff4f37e5c917288a78ce00933612e9531a7469995c7" + "f7cc33c7627cac3efbc819330c4fe3bfa3788799630f37bcb74800d82bbebd17b1906e304" + "a786f4f810c266c15be1a30576039c293272748d65966", + "", "", "0", 0, 132, true}, + {15, IkeTestType::ikeV1AppBQuick, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "b10fff32cbeaa1e7afe6ab0b191e0bd63cd524849a4b56019146d232a24cf9af", "", "", + "0", 0, 32, true}, + {16, IkeTestType::ikeV1AppBQuick, + "5f00d1bd2c58ec224b1e6b71fa0f19a1faa7a193952c444411b47c1a9d8ba6fe", "", "", + "b10fff32cbeaa1e7afe6ab0b191e0b", "", "", "0", 0, 15, true}, +}; + +#endif // ike_sha256_vectors_h__ diff --git a/gtests/common/testvectors/ike-sha384-vectors.h b/gtests/common/testvectors/ike-sha384-vectors.h new file mode 100644 index 0000000000..d1efd94ff5 --- /dev/null +++ b/gtests/common/testvectors/ike-sha384-vectors.h @@ -0,0 +1,150 @@ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* This file is generated from sources in nss/gtests/common/wycheproof + * automatically and should not be touched manually. + * Generation is trigged by calling python3 genTestVectors.py */ + +#ifndef ike_sha384_vectors_h__ +#define ike_sha384_vectors_h__ + +#include "testvectors_base/test-structs.h" + +const IkeTestVector kIkeSha384ProofVectors[] = { + // these vectors are from this NIST samples + {1, IkeTestType::ikeGxy, + "1724dbd893523764bfef8c6fa927856fccfb77ae254358cce29c2769a32915c1", "", "", + "6e4514610bf82d0ab7bf0260096f6146a153c712071abb633ced813c572156c783e36874a" + "65a64690ca701d40d56ea18", + "cec89d845add83ef", "cebd43ab71d17db9", "", 0, 0, true}, + {2, IkeTestType::ikeV1, + "6e4514610bf82d0ab7bf0260096f6146a153c712071abb633ced813c572156c783e36874a" + "65a64690ca701d40d56ea18", + "1724dbd893523764bfef8c6fa927856fccfb77ae254358cce29c2769a32915c1", "", + "b083234e9ed7745911f93eb31faa66fcf88906266830eb17ef166d295cb1f86a3543b8b8e" + "fa5df918533df537e9c809c", + "1c8aba986a00af0f", "b049d9672f73c920", "", 0, 0, true}, + {3, IkeTestType::ikeV1, + "6e4514610bf82d0ab7bf0260096f6146a153c712071abb633ced813c572156c783e36874a" + "65a64690ca701d40d56ea18", + "1724dbd893523764bfef8c6fa927856fccfb77ae254358cce29c2769a32915c1", + "b083234e9ed7745911f93eb31faa66fcf88906266830eb17ef166d295cb1f86a3543b8b8e" + "fa5df918533df537e9c809c", + "938295a374aceb4147a8024c9a007dd313403fd8fd7070dbd0cfbe1ccd308dbfbb7b9e9c6" + "4049e4df44ff551016cb7b5", + "1c8aba986a00af0f", "b049d9672f73c920", "", 1, 0, true}, + {4, IkeTestType::ikeV1, + "6e4514610bf82d0ab7bf0260096f6146a153c712071abb633ced813c572156c783e36874a" + "65a64690ca701d40d56ea18", + "1724dbd893523764bfef8c6fa927856fccfb77ae254358cce29c2769a32915c1", + "938295a374aceb4147a8024c9a007dd313403fd8fd7070dbd0cfbe1ccd308dbfbb7b9e9c6" + "4049e4df44ff551016cb7b5", + "8595b249dc1fa8599729f87eb6b9dd13bfbfdfd4f9ebd78929bab6ecc402539ad32cb6e7e" + "f4ba6a0f53da14e4df07ed4", + "1c8aba986a00af0f", "b049d9672f73c920", "", 2, 0, true}, + {5, IkeTestType::ikeV1Psk, "9e", "", "", + "b54fa27cb4251051e44a659d73591845691d11f1874bf4e4088e5df6462d28e57a3a2af3a" + "b4f9b746a8f5766f8785f2b", + "d6596b7e5b398534", "136fbdfa8d0ceb8e", "", 0, 0, true}, + {6, IkeTestType::ikeGxy, + "d3288cd87565101e88fe3bad918f31939d8dd26ff1071f8b2d7f447524e58d7c", "", "", + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "fd1b572a8e735591", "6013b0ef88dacd3d", "", 0, 0, true}, + {7, IkeTestType::ikeV2Rekey, + "4f904c2025c90c817ea5ff9b662a6fdb445a73b57cdf09eacd379b95e1f03cacb04cd6dee" + "da4f952191dd9bc1f7a9502", + "3358f620539473aee8d07e779764c4c6a9aabddc79a28e136b3bac021dbde44a", "", + "e0548c1682e13bce454026b3b1bdf42985b24e4e7408095a7c529de38c3d1fcb04c9fe686" + "8042a34c9614c6c99e3fcea", + "fd1b572a8e735591", "6013b0ef88dacd3d", "", 0, 0, true}, + {8, IkeTestType::ikePlus, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", + "4f904c2025c90c817ea5ff9b662a6fdb445a73b57cdf09eacd379b95e1f03cacb04cd6dee" + "da4f952191dd9bc1f7a9502471a648d74dc06d38112de48a42501f6b1a3ad55c2099cd9a6" + "48e5f17e5bf3e34bf9b5953decb768a34f875fe2b78dca0c2fcca81ec1a412006dfaed38f" + "a06882e61f4c148105fb8e231fdb33c4d484c001721d4", + "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "fd1b572a8e735591" // Ni + "6013b0ef88dacd3d" // Nr + "2116ad07ce61f749" // SPIi + "24880e55f11a65b7", // SPIr + 0, + 132, true}, + {9, IkeTestType::ikePlus, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", + "4f904c2025c90c817ea5ff9b662a6fdb445a73b57cdf09eacd379b95e1f03cacb04cd6dee" + "da4f952191dd9bc1f7a9502", + "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "fd1b572a8e735591" // Ni + "6013b0ef88dacd3d" // Nr + "2116ad07ce61f749" // SPIi + "24880e55f11a65b7", // SPIr + 0, + 48, true}, + {10, IkeTestType::ikePlus, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", "4f904c2025c90c817ea5ff9b662a6f", "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "fd1b572a8e735591" // Ni + "6013b0ef88dacd3d" // Nr + "2116ad07ce61f749" // SPIi + "24880e55f11a65b7", // SPIr + 0, + 15, true}, + // these vectors are self-generated + {11, IkeTestType::ikeV1AppB, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", + "9b9a56a512cc2c5d5bcee66d03974f2701d4634b3241df132b1d2fd31fb23f003969dd787" + "3425f771aae298871672cbfc908596c4d18165331b9fdff350cff787e700a140e123f2066" + "d8d8527f53e701d23abdb3b0bc713109e33dc233c6989fa64b95720495c859505c5c7a748" + "7778aab59365dafe60c7264ccde55829f60143a4bb095", + "", "", "", 0, 132, true}, + {12, IkeTestType::ikeV1AppB, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", "", 0, 48, true}, + {13, IkeTestType::ikeV1AppB, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", "69fe7a1ac94adaeb711295f5fe004b", "", "", "", 0, 15, true}, + {14, IkeTestType::ikeV1AppBQuick, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", + "9b9a56a512cc2c5d5bcee66d03974f2701d4634b3241df132b1d2fd31fb23f003969dd787" + "3425f771aae298871672cbf0e0b966f3e961d3d94c2205decc285afae5aad6abe9ca6f5fb" + "8420fb940bc7760c63c45bd577f561f3643fc98bff8e26663f40f225865e79cca504f527f" + "abcfc24bd1ba8e2dbd022120f0fd9fb2caa28b031607b", + "", "", "0", 0, 132, true}, + {15, IkeTestType::ikeV1AppBQuick, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", + "9b9a56a512cc2c5d5bcee66d03974f2701d4634b3241df132b1d2fd31fb23f003969dd787" + "3425f771aae298871672cbf", + "", "", "0", 0, 48, true}, + {16, IkeTestType::ikeV1AppBQuick, + "69fe7a1ac94adaeb711295f5fe004b1a8d6a0b65d05692758ce8ad2f7a45f59d7d0b596f5" + "1f7dfcf3330061888f6a94f", + "", "", "9b9a56a512cc2c5d5bcee66d03974f", "", "", "0", 0, 15, true}, +}; + +#endif // ike_sha384_vectors_h__ diff --git a/gtests/common/testvectors/ike-sha512-vectors.h b/gtests/common/testvectors/ike-sha512-vectors.h new file mode 100644 index 0000000000..62982e877b --- /dev/null +++ b/gtests/common/testvectors/ike-sha512-vectors.h @@ -0,0 +1,148 @@ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* This file is generated by hand from a subset of NIST ike sample CAVs test */ + +#ifndef ike_sha512_vectors_h__ +#define ike_sha512_vectors_h__ + +#include "testvectors_base/test-structs.h" + +const IkeTestVector kIkeSha512ProofVectors[] = { + // these vectors are from this NIST samples + {1, IkeTestType::ikeGxy, + "b15a9cfce8c8d7eab879d6243029d40188d3b740875a6ac62f56cac4377e2edd", "", "", + "f05aa036dfce45a558d40418dea98096e519bc7841e3db3dd93658d118c3e83b502f398ec" + "b1361ec77d38a8855efff407f6f772e5d65b58eb1134096e8478d2b", + "acadc6314a69cfcd", "4e4ad17718fea7ce", "", 0, 0, true}, + {2, IkeTestType::ikeV1, + "f05aa036dfce45a558d40418dea98096e519bc7841e3db3dd93658d118c3e83b502f398ec" + "b1361ec77d38a8855efff407f6f772e5d65b58eb1134096e8478d2b", + "b15a9cfce8c8d7eab879d6243029d40188d3b740875a6ac62f56cac4377e2edd", "", + "3c4be16a631aa49018fa6740745a61ab1f1a2455a96e91f159a134ccfe30303d687216961" + "95e95bfd530510ef2f9532491878710944db7854f00ad13c68fca01", + "1ff4d76565b3151a", "1f11b8eb20d57a16", "", 0, 0, true}, + {3, IkeTestType::ikeV1, + "f05aa036dfce45a558d40418dea98096e519bc7841e3db3dd93658d118c3e83b502f398ec" + "b1361ec77d38a8855efff407f6f772e5d65b58eb1134096e8478d2b", + "b15a9cfce8c8d7eab879d6243029d40188d3b740875a6ac62f56cac4377e2edd", + "3c4be16a631aa49018fa6740745a61ab1f1a2455a96e91f159a134ccfe30303d687216961" + "95e95bfd530510ef2f9532491878710944db7854f00ad13c68fca01", + "15ecf5c80b675585e10c4388f6f9c37e8b63269a0a99851f08ba617e28c561f43eaf41122" + "23ff97525bf0b3897f514fce7a3acee10a61ae088c01efc5f643587", + "1ff4d76565b3151a", "1f11b8eb20d57a16", "", 1, 0, true}, + {4, IkeTestType::ikeV1, + "f05aa036dfce45a558d40418dea98096e519bc7841e3db3dd93658d118c3e83b502f398ec" + "b1361ec77d38a8855efff407f6f772e5d65b58eb1134096e8478d2b", + "b15a9cfce8c8d7eab879d6243029d40188d3b740875a6ac62f56cac4377e2edd", + "15ecf5c80b675585e10c4388f6f9c37e8b63269a0a99851f08ba617e28c561f43eaf41122" + "23ff97525bf0b3897f514fce7a3acee10a61ae088c01efc5f643587", + "60f6b6c10c2b6bedc085ad6546d993c9ce1f86918d1c935c89d6631170a5dab0e37298f21" + "ca3b7901a53bde55a15fad39f782039ce26fc8c2ba8cbd9d4287669", + "1ff4d76565b3151a", "1f11b8eb20d57a16", "", 2, 0, true}, + {5, IkeTestType::ikeV1Psk, "4c", "", "", + "5bcb5499ae4c1437ce6c195392bf26bf7980a59bcb787a0b58671771a3d4b06dc1eb78092" + "41b7e5931740b05bf8a9873bb493c5f067e28e4f58ab65c3dbe44cd", + "482a05eca86fba51", "84ee19d02272de2e", "", 0, 0, true}, + {6, IkeTestType::ikeGxy, + "276255c3eaace5c6db32b609aa86c0ef07bba4bf2dc4c262995efd95ca607c3f", "", "", + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "97c41a9b0a03e74c", "a659fd06e1746600", "", 0, 0, true}, + {7, IkeTestType::ikeV2Rekey, + "22259105314717dc73c210919ee9cb3ded774dc087e866aa3960404c0ed7b8e78e79b9938" + "88388e2e5cb238d4bfcb4cdee9da074a26e329d6c2f2f660cc9c711", + "bb4015f7727b35532021336a9e4a6370ac8729b01fbb8f15d52236820fac4709", "", + "ecdaf3ccb990abc898a453b03fd56f9975275f150e1e571b0560b3cb2ee67289e82b899cd" + "c2129fd821fe8aebea796f190765c25798f5883f923526551f16a4b", + "97c41a9b0a03e74c", "a659fd06e1746600", "", 0, 0, true}, + {8, IkeTestType::ikePlus, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", + "22259105314717dc73c210919ee9cb3ded774dc087e866aa3960404c0ed7b8e78e79b9938" + "88388e2e5cb238d4bfcb4cdee9da074a26e329d6c2f2f660cc9c711c941a2fb3d85a2e5d0" + "1e579c8f2c9d00fa6fabe76a137b00c7ff1b291899906588c26f073d819063238c4c844f0" + "f8d221b65b76dbc9ed6f6368e5dba86b3e81b60eb44a1", + "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "97c41a9b0a03e74c" // Ni + "a659fd06e1746600" // Nr + "ff43c5c689b95481" // SPIi + "e2ba607f30079bb7", // SPIr + 0, + 132, true}, + {9, IkeTestType::ikePlus, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", + "22259105314717dc73c210919ee9cb3ded774dc087e866aa3960404c0ed7b8e78e79b9938" + "88388e2e5cb238d4bfcb4cdee9da074a26e329d6c2f2f660cc9c711", + "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "97c41a9b0a03e74c" // Ni + "a659fd06e1746600" // Nr + "ff43c5c689b95481" // SPIi + "e2ba607f30079bb7", // SPIr + 0, + 64, true}, + {10, IkeTestType::ikePlus, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", "22259105314717dc73c210919ee9cb", "", "", + // seed_data is Ni || Nr || SPIi || SPIr + // NOTE: there is no comma so the strings are concatenated together. + "97c41a9b0a03e74c" // Ni + "a659fd06e1746600" // Nr + "ff43c5c689b95481" // SPIi + "e2ba607f30079bb7", // SPIr + 0, + 15, true}, + // These vectors are self-generated + {11, IkeTestType::ikeV1AppB, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", + "05e3de273d8a611667894a8aed01bb41984f18dc539028fa0f5252e6f05e15891faa75dfd" + "c1f76b745d34a4820b0068efa93c176f8cd00a7ed5745d6cffe78a76603cdcf2ebb482b12" + "c8fddbaf942827891b7c423b6a3675ec62e2dcf92e96eb743ae58cfd7bf188a142626ea5c" + "15325c1862fffc3889fc38e379f68552556c2232de5fb", + "", "", "", 0, 132, true}, + {12, IkeTestType::ikeV1AppB, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", "", 0, 64, true}, + {13, IkeTestType::ikeV1AppB, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", "d6e74966b75fd2afab48be319d63d9", "", "", "", 0, 15, true}, + {14, IkeTestType::ikeV1AppBQuick, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", + "05e3de273d8a611667894a8aed01bb41984f18dc539028fa0f5252e6f05e15891faa75dfd" + "c1f76b745d34a4820b0068efa93c176f8cd00a7ed5745d6cffe78a71de07d41ab9eb3fef7" + "64886c6edd39b32bc05943b089adda8ceed3de5160c936600e4b171a96172569fc4410f0d" + "d913bfa9719cb368ffedd78d78a404749ca03c16e72c8", + "", "", "0", 0, 132, true}, + {15, IkeTestType::ikeV1AppBQuick, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", + "05e3de273d8a611667894a8aed01bb41984f18dc539028fa0f5252e6f05e15891faa75dfd" + "c1f76b745d34a4820b0068efa93c176f8cd00a7ed5745d6cffe78a7", + "", "", "0", 0, 64, true}, + {16, IkeTestType::ikeV1AppBQuick, + "d6e74966b75fd2afab48be319d63d97c8a5d2ffe2e320763a462c664b36c3a944067d867c" + "3a55fd8a7e5cca64b22e24415987e15549f09a81b455adaa5303df8", + "", "", "05e3de273d8a611667894a8aed01bb", "", "", "0", 0, 15, true}, +}; + +#endif // ike_sha512_vectors_h__ diff --git a/gtests/common/testvectors_base/test-structs.h b/gtests/common/testvectors_base/test-structs.h index 1f1a7ed3ac..2d3d981639 100644 --- a/gtests/common/testvectors_base/test-structs.h +++ b/gtests/common/testvectors_base/test-structs.h @@ -88,6 +88,31 @@ typedef struct HkdfTestVectorStr { bool valid; } HkdfTestVector; +enum class IkeTestType { + ikeGxy, /* CKM_NSS_IKE_PRF_DERIVE case 1 */ + ikeV1Psk, /* CKM_NSS_IKE_PRF_DERIVE case 2 */ + ikeV2Rekey, /* CKM_NSS_IKE_PRF_DERIVE case 3 */ + ikeV1, /* CKM_NSS_IKE1_PRF_DERIVE */ + ikeV1AppB, /* CKM_NSS_IKE1_PRF_APP_B_DERIVE base mode */ + ikeV1AppBQuick, /* CKM_NSS_IKE1_PRF_APP_B_DERIVE quick mode */ + ikePlus /* CKM_NSS_IKE_PRF_DERIVE */ +}; + +typedef struct IkeTestVectorStr { + uint32_t id; + IkeTestType test_type; + std::string ikm; + std::string gxykm; + std::string prevkm; + std::string okm; + std::string Ni; + std::string Nr; + std::string seed_data; + uint8_t key_number; + uint32_t size; + bool valid; +} IkeTestVector; + typedef struct RsaSignatureTestVectorStr { SECOidTag hash_oid; uint32_t id; diff --git a/gtests/pk11_gtest/manifest.mn b/gtests/pk11_gtest/manifest.mn index f560d9eb1c..80530675b3 100644 --- a/gtests/pk11_gtest/manifest.mn +++ b/gtests/pk11_gtest/manifest.mn @@ -25,6 +25,7 @@ CPPSRCS = \ pk11_hkdf_unittest.cc \ pk11_hmac_unittest.cc \ pk11_hpke_unittest.cc \ + pk11_ike_unittest.cc \ pk11_import_unittest.cc \ pk11_kbkdf.cc \ pk11_keygen.cc \ diff --git a/gtests/pk11_gtest/pk11_gtest.gyp b/gtests/pk11_gtest/pk11_gtest.gyp index 1982fb484a..4171ea3828 100644 --- a/gtests/pk11_gtest/pk11_gtest.gyp +++ b/gtests/pk11_gtest/pk11_gtest.gyp @@ -30,6 +30,7 @@ 'pk11_hkdf_unittest.cc', 'pk11_hmac_unittest.cc', 'pk11_hpke_unittest.cc', + 'pk11_ike_unittest.cc', 'pk11_import_unittest.cc', 'pk11_kbkdf.cc', 'pk11_keygen.cc', diff --git a/gtests/pk11_gtest/pk11_ike_unittest.cc b/gtests/pk11_gtest/pk11_ike_unittest.cc new file mode 100644 index 0000000000..9a8c1d1a3c --- /dev/null +++ b/gtests/pk11_gtest/pk11_ike_unittest.cc @@ -0,0 +1,197 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include +#include "blapi.h" +#include "gtest/gtest.h" +#include "nss.h" +#include "nss_scoped_ptrs.h" +#include "pk11pub.h" +#include "secerr.h" +#include "sechash.h" +#include "util.h" +#include "databuffer.h" + +#include "testvectors/ike-sha1-vectors.h" +#include "testvectors/ike-sha256-vectors.h" +#include "testvectors/ike-sha384-vectors.h" +#include "testvectors/ike-sha512-vectors.h" +#include "testvectors/ike-aesxcbc-vectors.h" + +namespace nss_test { + +class Pkcs11IkeTest : public ::testing::TestWithParam< + std::tuple> { + protected: + ScopedPK11SymKey ImportKey(SECItem &ikm_item) { + ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); + if (!slot) { + ADD_FAILURE() << "Can't get slot"; + return nullptr; + } + ScopedPK11SymKey ikm( + PK11_ImportSymKey(slot.get(), CKM_GENERIC_SECRET_KEY_GEN, + PK11_OriginUnwrap, CKA_DERIVE, &ikm_item, nullptr)); + return ikm; + } + + void RunVectorTest(const IkeTestVector &vec, CK_MECHANISM_TYPE prf_mech) { + std::string msg = "Test #" + std::to_string(vec.id) + " failed"; + std::vector vec_ikm = hex_string_to_bytes(vec.ikm); + std::vector vec_okm = hex_string_to_bytes(vec.okm); + std::vector vec_gxykm = hex_string_to_bytes(vec.gxykm); + std::vector vec_prevkm = hex_string_to_bytes(vec.prevkm); + std::vector vec_Ni = hex_string_to_bytes(vec.Ni); + std::vector vec_Nr = hex_string_to_bytes(vec.Nr); + std::vector vec_seed_data = hex_string_to_bytes(vec.seed_data); + SECItem ikm_item = {siBuffer, vec_ikm.data(), + static_cast(vec_ikm.size())}; + SECItem okm_item = {siBuffer, vec_okm.data(), + static_cast(vec_okm.size())}; + SECItem prevkm_item = {siBuffer, vec_prevkm.data(), + static_cast(vec_prevkm.size())}; + SECItem gxykm_item = {siBuffer, vec_gxykm.data(), + static_cast(vec_gxykm.size())}; + CK_MECHANISM_TYPE derive_mech = CKM_NSS_IKE_PRF_DERIVE; + ScopedPK11SymKey gxy_key = nullptr; + ScopedPK11SymKey prev_key = nullptr; + ScopedPK11SymKey ikm = ImportKey(ikm_item); + + // IKE_PRF structure (used in cases 1, 2 and 3) + CK_NSS_IKE_PRF_DERIVE_PARAMS nss_ike_prf_params = { + prf_mech, + CK_FALSE, + CK_FALSE, + vec_Ni.data(), + static_cast(vec_Ni.size()), + vec_Nr.data(), + static_cast(vec_Nr.size()), + CK_INVALID_HANDLE}; + + // IKE_V1_PRF, used to derive session keys. + CK_NSS_IKE1_PRF_DERIVE_PARAMS nss_ike_v1_prf_params = { + prf_mech, false, + CK_INVALID_HANDLE, CK_INVALID_HANDLE, + vec_Ni.data(), static_cast(vec_Ni.size()), + vec_Nr.data(), static_cast(vec_Nr.size()), + vec.key_number}; + + // IKE_V1_APP_B, do quick mode (all session keys in one call). + CK_NSS_IKE1_APP_B_PRF_DERIVE_PARAMS nss_ike_app_b_prf_params_quick = { + prf_mech, CK_FALSE, CK_INVALID_HANDLE, vec_seed_data.data(), + static_cast(vec_seed_data.size())}; + + // IKE_V1_APP_B, used for long session keys in ike_v1 + CK_MECHANISM_TYPE nss_ike_app_b_prf_params = prf_mech; + + // IKE_PRF_PLUS, used to generate session keys in ike v2 + CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS nss_ike_prf_plus_params = { + prf_mech, CK_FALSE, CK_INVALID_HANDLE, vec_seed_data.data(), + static_cast(vec_seed_data.size())}; + + SECItem params_item = {siBuffer, (unsigned char *)&nss_ike_prf_params, + sizeof(nss_ike_prf_params)}; + + switch (vec.test_type) { + case IkeTestType::ikeGxy: + nss_ike_prf_params.bDataAsKey = true; + break; + case IkeTestType::ikeV1Psk: + break; + case IkeTestType::ikeV2Rekey: + nss_ike_prf_params.bRekey = true; + gxy_key = ImportKey(gxykm_item); + nss_ike_prf_params.hNewKey = PK11_GetSymKeyHandle(gxy_key.get()); + break; + case IkeTestType::ikeV1: + derive_mech = CKM_NSS_IKE1_PRF_DERIVE; + params_item.data = (unsigned char *)&nss_ike_v1_prf_params; + params_item.len = sizeof(nss_ike_v1_prf_params); + gxy_key = ImportKey(gxykm_item); + nss_ike_v1_prf_params.hKeygxy = PK11_GetSymKeyHandle(gxy_key.get()); + if (prevkm_item.len != 0) { + prev_key = ImportKey(prevkm_item); + nss_ike_v1_prf_params.bHasPrevKey = true; + nss_ike_v1_prf_params.hPrevKey = PK11_GetSymKeyHandle(prev_key.get()); + } + break; + case IkeTestType::ikeV1AppB: + derive_mech = CKM_NSS_IKE1_APP_B_PRF_DERIVE; + params_item.data = (unsigned char *)&nss_ike_app_b_prf_params; + params_item.len = sizeof(nss_ike_app_b_prf_params); + break; + case IkeTestType::ikeV1AppBQuick: + derive_mech = CKM_NSS_IKE1_APP_B_PRF_DERIVE; + params_item.data = (unsigned char *)&nss_ike_app_b_prf_params_quick; + params_item.len = sizeof(nss_ike_app_b_prf_params_quick); + if (gxykm_item.len != 0) { + gxy_key = ImportKey(gxykm_item); + nss_ike_app_b_prf_params_quick.bHasKeygxy = true; + nss_ike_app_b_prf_params_quick.hKeygxy = + PK11_GetSymKeyHandle(gxy_key.get()); + } + break; + case IkeTestType::ikePlus: + derive_mech = CKM_NSS_IKE_PRF_PLUS_DERIVE; + params_item.data = (unsigned char *)&nss_ike_prf_plus_params; + params_item.len = sizeof(nss_ike_prf_plus_params); + break; + default: + ADD_FAILURE() << msg; + return; + } + ASSERT_NE(nullptr, ikm) << msg; + + ScopedPK11SymKey okm = ScopedPK11SymKey( + PK11_Derive(ikm.get(), derive_mech, ¶ms_item, + CKM_GENERIC_SECRET_KEY_GEN, CKA_DERIVE, vec.size)); + if (vec.valid) { + ASSERT_NE(nullptr, okm.get()) << msg; + ASSERT_EQ(SECSuccess, PK11_ExtractKeyValue(okm.get())) << msg; + SECItem *outItem = PK11_GetKeyData(okm.get()); + SECItem nullItem = {siBuffer, NULL, 0}; + if (outItem == NULL) { + outItem = &nullItem; + } + ASSERT_EQ(0, SECITEM_CompareItem(&okm_item, PK11_GetKeyData(okm.get()))) + << msg << std::endl + << " expect:" << DataBuffer(okm_item.data, okm_item.len) << std::endl + << " calc'd:" << DataBuffer(outItem->data, outItem->len) << std::endl; + } else { + ASSERT_EQ(nullptr, okm.get()) << msg; + } + } +}; + +TEST_P(Pkcs11IkeTest, IkeproofVectors) { + RunVectorTest(std::get<0>(GetParam()), std::get<1>(GetParam())); +} + +INSTANTIATE_TEST_SUITE_P( + IkeSha1, Pkcs11IkeTest, + ::testing::Combine(::testing::ValuesIn(kIkeSha1ProofVectors), + ::testing::Values(CKM_SHA_1_HMAC))); +INSTANTIATE_TEST_SUITE_P( + IkeSha256, Pkcs11IkeTest, + ::testing::Combine(::testing::ValuesIn(kIkeSha256ProofVectors), + ::testing::Values(CKM_SHA256_HMAC))); + +INSTANTIATE_TEST_SUITE_P( + IkeSha384, Pkcs11IkeTest, + ::testing::Combine(::testing::ValuesIn(kIkeSha384ProofVectors), + ::testing::Values(CKM_SHA384_HMAC))); + +INSTANTIATE_TEST_SUITE_P( + IkeSha512, Pkcs11IkeTest, + ::testing::Combine(::testing::ValuesIn(kIkeSha512ProofVectors), + ::testing::Values(CKM_SHA512_HMAC))); + +INSTANTIATE_TEST_SUITE_P( + IkeAESXCBC, Pkcs11IkeTest, + ::testing::Combine(::testing::ValuesIn(kIkeAesXcbcProofVectors), + ::testing::Values(CKM_AES_XCBC_MAC))); + +} // namespace nss_test diff --git a/lib/softoken/sftkike.c b/lib/softoken/sftkike.c index 27eacc0878..049675ff84 100644 --- a/lib/softoken/sftkike.c +++ b/lib/softoken/sftkike.c @@ -720,6 +720,7 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HANDLE hSession, const SFTKAttribute *inKey, unsigned int macSize; unsigned int outKeySize; unsigned int genKeySize; + PRBool quickMode = PR_FALSE; CK_RV crv; prfContext context; @@ -748,6 +749,11 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HANDLE hSession, const SFTKAttribute *inKey, crv = CKR_KEY_HANDLE_INVALID; goto fail; } + quickMode = PR_TRUE; + } + + if (params->ulExtraDataLen != 0) { + quickMode = PR_TRUE; } macSize = prf_length(&context); @@ -756,10 +762,16 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HANDLE hSession, const SFTKAttribute *inKey, keySize = macSize; } - if (keySize <= inKey->attrib.ulValueLen) { + /* In appendix B, we are just expanding or contracting a single key. + * If the input key is less than or equal to the the key size we want, + * just subset the original key. In quick mode we are actually getting + * new keys (salted with our seed data and our gxy key), so we want to + * run through our algorithm */ + if ((!quickMode) && (keySize <= inKey->attrib.ulValueLen)) { return sftk_forceAttribute(outKey, CKA_VALUE, inKey->attrib.pValue, keySize); } + outKeySize = PR_ROUNDUP(keySize, macSize); outKeyData = PORT_Alloc(outKeySize); if (outKeyData == NULL) { @@ -774,7 +786,7 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HANDLE hSession, const SFTKAttribute *inKey, * key is inKey */ thisKey = outKeyData; - for (genKeySize = 0; genKeySize <= keySize; genKeySize += macSize) { + for (genKeySize = 0; genKeySize < keySize; genKeySize += macSize) { PRBool hashedData = PR_FALSE; crv = prf_init(&context, inKey->attrib.pValue, inKey->attrib.ulValueLen); if (crv != CKR_OK) {