gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

use a pre-generated test vectors to test hkdfExpandLabel

Browse Source 
The only reason we were using qtls.HkdfExpandLabel was to test our own
implementation of HKDF-Expand-Label. By using a pre-generated test
vector, we won't have to expose this function from qtls any more.
This commit is contained in:
Marten Seemann
2021-05-10 17:04:59 -07:00
parent 50746dbea6
commit 05af55b0c9
3 changed files with 5 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
internal/handshake/hkdf_test.go
View File

@@ -2,30 +2,16 @@ package handshake
import (
"crypto"
"crypto/rand"
mrand "math/rand"
"github.com/lucas-clemente/quic-go/internal/qtls"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
var _ = Describe("Initial AEAD using AES-GCM", func() {
// Result generated by running in qtls:
// cipherSuiteTLS13ByID(TLS_AES_128_GCM_SHA256).expandLabel([]byte("secret"), []byte("context"), "label", 42)
It("gets the same results as qtls", func() {
for i := 0; i < 20; i++ {
secret := make([]byte, 32)
rand.Read(secret)
context := make([]byte, mrand.Intn(100))
rand.Read(context)
labelB := make([]byte, mrand.Intn(100))
rand.Read(labelB)
label := string(labelB)
length := mrand.Intn(100)
expanded := hkdfExpandLabel(crypto.SHA256, secret, context, label, length)
expandedQTLS := qtls.HkdfExpandLabel(crypto.SHA256, secret, context, label, length)
Expect(expanded).To(Equal(expandedQTLS))
}
expanded := hkdfExpandLabel(crypto.SHA256, []byte("secret"), []byte("context"), "label", 42)
Expect(expanded).To(Equal([]byte{0x78, 0x87, 0x6a, 0xb5, 0x84, 0xa2, 0x26, 0xb7, 0x8, 0x5a, 0x7b, 0x3a, 0x4c, 0xbb, 0x1e, 0xbc, 0x2f, 0x9b, 0x67, 0xd0, 0x6a, 0xa2, 0x24, 0xb4, 0x7d, 0x29, 0x3c, 0x7a, 0xce, 0xc7, 0xc3, 0x74, 0xcd, 0x59, 0x7a, 0xa8, 0x21, 0x5e, 0xe7, 0xca, 0x1, 0xda}))
})
})