Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2023-2026 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_crypt_lib.h"
8 : #include "internal/libspdm_common_lib.h"
9 : #include "internal/libspdm_fips_lib.h"
10 :
11 : #if LIBSPDM_FIPS_MODE
12 :
13 1 : bool libspdm_fips_selftest_hkdf(void *fips_selftest_context)
14 : {
15 1 : bool result = true;
16 :
17 : #if LIBSPDM_SHA256_SUPPORT
18 1 : libspdm_fips_selftest_context_t *context = fips_selftest_context;
19 1 : LIBSPDM_ASSERT(fips_selftest_context != NULL);
20 :
21 : /* any test fail cause the FIPS fail*/
22 1 : if (context->tested_algo != context->self_test_result) {
23 0 : return false;
24 : }
25 :
26 : /* check if run before.*/
27 1 : if ((context->tested_algo & LIBSPDM_FIPS_SELF_TEST_HKDF) != 0) {
28 0 : return true;
29 : }
30 :
31 : uint8_t prk_out[32];
32 : uint8_t out[42];
33 :
34 : /* Test Vectors https://www.rfc-editor.org/rfc/rfc5869.html */
35 1 : uint8_t hkdf_sha256_ikm[] = {
36 : 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
37 : 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
38 : 0x0b, 0x0b
39 : };
40 :
41 1 : uint8_t hkdf_sha256_salt[] = {
42 : 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
43 : 0x0a, 0x0b, 0x0c,
44 : };
45 :
46 1 : uint8_t hkdf_sha256_info[] = {
47 : 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9,
48 : };
49 :
50 1 : uint8_t hkdf_sha256_prk[] = {
51 : 0x07, 0x77, 0x09, 0x36, 0x2c, 0x2e, 0x32, 0xdf, 0x0d, 0xdc,
52 : 0x3f, 0x0d, 0xc4, 0x7b, 0xba, 0x63, 0x90, 0xb6, 0xc7, 0x3b,
53 : 0xb5, 0x0f, 0x9c, 0x31, 0x22, 0xec, 0x84, 0x4a, 0xd7, 0xc2,
54 : 0xb3, 0xe5,
55 : };
56 :
57 1 : uint8_t hkdf_sha256_okm[] = {
58 : 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, 0x90, 0x43,
59 : 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, 0x2d, 0x2d, 0x0a, 0x90,
60 : 0xcf, 0x1a, 0x5a, 0x4c, 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4,
61 : 0xc5, 0xbf, 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
62 : 0x58, 0x65,
63 : };
64 :
65 1 : libspdm_zero_mem(prk_out, sizeof(prk_out));
66 1 : result = libspdm_hkdf_sha256_extract (
67 : hkdf_sha256_ikm, sizeof(hkdf_sha256_ikm),
68 : hkdf_sha256_salt, sizeof(hkdf_sha256_salt),
69 : prk_out, sizeof(prk_out)
70 : );
71 1 : if (!result) {
72 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HKDF extract failed \n"));
73 0 : result = false;
74 0 : goto update;
75 : }
76 :
77 1 : if (!libspdm_consttime_is_mem_equal(prk_out, hkdf_sha256_prk, sizeof(hkdf_sha256_prk))) {
78 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HKDF KAT failed \n"));
79 0 : result = false;
80 0 : goto update;
81 : }
82 :
83 1 : libspdm_zero_mem(out, sizeof(out));
84 1 : result = libspdm_hkdf_sha256_expand (hkdf_sha256_prk, sizeof(hkdf_sha256_prk),
85 : hkdf_sha256_info, sizeof(hkdf_sha256_info),
86 : out, sizeof(out));
87 1 : if (!result) {
88 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HKDF expand failed \n"));
89 0 : result = false;
90 0 : goto update;
91 : }
92 :
93 1 : if (!libspdm_consttime_is_mem_equal(out, hkdf_sha256_okm, sizeof(hkdf_sha256_okm))) {
94 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HKDF KAT failed \n"));
95 0 : result = false;
96 0 : goto update;
97 : }
98 :
99 1 : update:
100 : /* mark it as tested*/
101 1 : context->tested_algo |= LIBSPDM_FIPS_SELF_TEST_HKDF;
102 :
103 : /* record test result*/
104 1 : if (result) {
105 1 : context->self_test_result |= LIBSPDM_FIPS_SELF_TEST_HKDF;
106 : } else {
107 0 : context->self_test_result &= ~LIBSPDM_FIPS_SELF_TEST_HKDF;
108 : }
109 :
110 : #endif/*LIBSPDM_SHA256_SUPPORT*/
111 :
112 1 : return result;
113 : }
114 :
115 : #endif/*LIBSPDM_FIPS_MODE*/
|
