main.mx raw
1 package main
2
3 // RFC 5869 HKDF-SHA256 test vector harness.
4 // Proves that hkdf.Expand produces byte-identical output to the published
5 // vectors — i.e. that the realloc-leak refactor in web/common/crypto/hkdf
6 // did not alter observable behaviour.
7
8 import (
9 "smesh.lol/web/common/crypto/hkdf"
10 "smesh.lol/web/common/helpers"
11 )
12
13 type vec struct {
14 name string
15 ikm string
16 salt string
17 info string
18 length int
19 expectPRK string
20 expectOKM string
21 }
22
23 var vectors = []vec{
24 {
25 name: "RFC5869 #1",
26 ikm: "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
27 salt: "000102030405060708090a0b0c",
28 info: "f0f1f2f3f4f5f6f7f8f9",
29 length: 42,
30 expectPRK: "077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5",
31 expectOKM: "3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865",
32 },
33 {
34 name: "RFC5869 #2 (82-byte OKM, 3 HMAC blocks)",
35 ikm: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f",
36 salt: "606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
37 info: "b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
38 length: 82,
39 expectPRK: "06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244",
40 expectOKM: "b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87",
41 },
42 {
43 name: "RFC5869 #3 (no salt, no info)",
44 ikm: "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
45 salt: "",
46 info: "",
47 length: 42,
48 expectPRK: "19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04",
49 expectOKM: "8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8",
50 },
51 }
52
53 func main() {
54 pass := 0
55 fail := 0
56 for i := 0; i < len(vectors); i++ {
57 v := vectors[i]
58 ikm := helpers.HexDecode(v.ikm)
59 salt := helpers.HexDecode(v.salt)
60 info := helpers.HexDecode(v.info)
61
62 prk := hkdf.Extract(salt, ikm)
63 prkHex := helpers.HexEncode(prk[:])
64 if prkHex != v.expectPRK {
65 println("FAIL", v.name, "PRK:")
66 println(" got ", prkHex)
67 println(" expected", v.expectPRK)
68 fail++
69 continue
70 }
71
72 okm := hkdf.Expand(prk[:], info, v.length)
73 okmHex := helpers.HexEncode(okm)
74 if okmHex != v.expectOKM {
75 println("FAIL", v.name, "OKM:")
76 println(" got ", okmHex)
77 println(" expected", v.expectOKM)
78 fail++
79 continue
80 }
81 if len(okm) != v.length {
82 println("FAIL", v.name, "length mismatch:", len(okm), "vs", v.length)
83 fail++
84 continue
85 }
86 println("PASS", v.name)
87 pass++
88 }
89 println("---")
90 println("total pass:", pass, "fail:", fail)
91 if fail > 0 {
92 panic("hkdf test vectors failed")
93 }
94 }
95