Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2023-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_crypt_lib.h"
8 : #include "internal/libspdm_common_lib.h"
9 : #include "internal/libspdm_fips_lib.h"
10 :
11 : #if LIBSPDM_FIPS_MODE
12 :
13 : /**
14 : * HKDF KAT test
15 : **/
16 1 : bool libspdm_fips_selftest_hkdf(void *fips_selftest_context)
17 : {
18 1 : bool result = true;
19 :
20 : #if LIBSPDM_SHA256_SUPPORT
21 1 : libspdm_fips_selftest_context_t *context = fips_selftest_context;
22 1 : LIBSPDM_ASSERT(fips_selftest_context != NULL);
23 :
24 : /* any test fail cause the FIPS fail*/
25 1 : if (context->tested_algo != context->self_test_result) {
26 0 : return false;
27 : }
28 :
29 : /* check if run before.*/
30 1 : if ((context->tested_algo & LIBSPDM_FIPS_SELF_TEST_HKDF) != 0) {
31 0 : return true;
32 : }
33 :
34 : uint8_t prk_out[32];
35 : uint8_t out[42];
36 :
37 : /* Test Vectors https://www.rfc-editor.org/rfc/rfc5869.html */
38 1 : uint8_t hkdf_sha256_ikm[] = {
39 : 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
40 : 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
41 : 0x0b, 0x0b
42 : };
43 :
44 1 : uint8_t hkdf_sha256_salt[] = {
45 : 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
46 : 0x0a, 0x0b, 0x0c,
47 : };
48 :
49 1 : uint8_t hkdf_sha256_info[] = {
50 : 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9,
51 : };
52 :
53 1 : uint8_t hkdf_sha256_prk[] = {
54 : 0x07, 0x77, 0x09, 0x36, 0x2c, 0x2e, 0x32, 0xdf, 0x0d, 0xdc,
55 : 0x3f, 0x0d, 0xc4, 0x7b, 0xba, 0x63, 0x90, 0xb6, 0xc7, 0x3b,
56 : 0xb5, 0x0f, 0x9c, 0x31, 0x22, 0xec, 0x84, 0x4a, 0xd7, 0xc2,
57 : 0xb3, 0xe5,
58 : };
59 :
60 1 : uint8_t hkdf_sha256_okm[] = {
61 : 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, 0x90, 0x43,
62 : 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, 0x2d, 0x2d, 0x0a, 0x90,
63 : 0xcf, 0x1a, 0x5a, 0x4c, 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4,
64 : 0xc5, 0xbf, 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
65 : 0x58, 0x65,
66 : };
67 :
68 1 : libspdm_zero_mem(prk_out, sizeof(prk_out));
69 1 : result = libspdm_hkdf_sha256_extract (
70 : hkdf_sha256_ikm, sizeof(hkdf_sha256_ikm),
71 : hkdf_sha256_salt, sizeof(hkdf_sha256_salt),
72 : prk_out, sizeof(prk_out)
73 : );
74 1 : if (!result) {
75 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HKDF extract failed \n"));
76 0 : result = false;
77 0 : goto update;
78 : }
79 :
80 1 : if (!libspdm_consttime_is_mem_equal(prk_out, hkdf_sha256_prk, sizeof(hkdf_sha256_prk))) {
81 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HKDF KAT failed \n"));
82 0 : result = false;
83 0 : goto update;
84 : }
85 :
86 1 : libspdm_zero_mem(out, sizeof(out));
87 1 : result = libspdm_hkdf_sha256_expand (hkdf_sha256_prk, sizeof(hkdf_sha256_prk),
88 : hkdf_sha256_info, sizeof(hkdf_sha256_info),
89 : out, sizeof(out));
90 1 : if (!result) {
91 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HKDF expand failed \n"));
92 0 : result = false;
93 0 : goto update;
94 : }
95 :
96 1 : if (!libspdm_consttime_is_mem_equal(out, hkdf_sha256_okm, sizeof(hkdf_sha256_okm))) {
97 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "HKDF KAT failed \n"));
98 0 : result = false;
99 0 : goto update;
100 : }
101 :
102 1 : update:
103 : /* mark it as tested*/
104 1 : context->tested_algo |= LIBSPDM_FIPS_SELF_TEST_HKDF;
105 :
106 : /* record test result*/
107 1 : if (result) {
108 1 : context->self_test_result |= LIBSPDM_FIPS_SELF_TEST_HKDF;
109 : } else {
110 0 : context->self_test_result &= ~LIBSPDM_FIPS_SELF_TEST_HKDF;
111 : }
112 :
113 : #endif/*LIBSPDM_SHA256_SUPPORT*/
114 :
115 1 : return result;
116 : }
117 :
118 : #endif/*LIBSPDM_FIPS_MODE*/
|
