int tls13_advance_key_schedule(SSL *ssl, const uint8_t *in, size_t len) { SSL_HANDSHAKE *hs = ssl->s3->hs; const EVP_MD *digest = ssl_get_handshake_digest(ssl_get_algorithm_prf(ssl)); return HKDF_extract(hs->secret, &hs->hash_len, digest, in, len, hs->secret, hs->hash_len); }
int main(void) { uint8_t buf[82], prk[EVP_MAX_MD_SIZE]; size_t i, prk_len; CRYPTO_library_init(); for (i = 0; i < OPENSSL_ARRAY_SIZE(kTests); i++) { const hkdf_test_vector_t *test = &kTests[i]; if (!HKDF_extract(prk, &prk_len, test->md_func(), test->ikm, test->ikm_len, test->salt, test->salt_len)) { fprintf(stderr, "Call to HKDF_extract failed\n"); ERR_print_errors_fp(stderr); return 1; } if (prk_len != test->prk_len || memcmp(prk, test->prk, test->prk_len) != 0) { fprintf(stderr, "%zu: Resulting PRK does not match test vector\n", i); return 1; } if (!HKDF_expand(buf, test->out_len, test->md_func(), prk, prk_len, test->info, test->info_len)) { fprintf(stderr, "Call to HKDF_expand failed\n"); ERR_print_errors_fp(stderr); return 1; } if (memcmp(buf, test->out, test->out_len) != 0) { fprintf(stderr, "%zu: Resulting key material does not match test vector\n", i); return 1; } if (!HKDF(buf, test->out_len, test->md_func(), test->ikm, test->ikm_len, test->salt, test->salt_len, test->info, test->info_len)) { fprintf(stderr, "Call to HKDF failed\n"); ERR_print_errors_fp(stderr); return 1; } if (memcmp(buf, test->out, test->out_len) != 0) { fprintf(stderr, "%zu: Resulting key material does not match test vector\n", i); return 1; } } printf("PASS\n"); ERR_free_strings(); return 0; }