HKDF: positive tests
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 1113eec..3d7031b 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -749,6 +749,54 @@
PSA key derivation: not a key derivation algorithm
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
PSA generate random: 0 bytes
generate_random:0
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 278554f..cf72e48 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -8,6 +8,8 @@
#include "mbedtls/asn1write.h"
#include "psa/crypto.h"
+#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
+
#if(UINT32_MAX > SIZE_MAX)
#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
#else
@@ -2484,6 +2486,104 @@
/* END_CASE */
/* BEGIN_CASE */
+void derive_output( int alg_arg,
+ data_t *key_data,
+ data_t *salt,
+ data_t *label,
+ int requested_capacity_arg,
+ data_t *expected_output1,
+ data_t *expected_output2 )
+{
+ psa_key_slot_t slot = 1;
+ psa_algorithm_t alg = alg_arg;
+ size_t requested_capacity = requested_capacity_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ uint8_t *expected_outputs[2] =
+ {expected_output1->x, expected_output2->x};
+ size_t output_sizes[2] =
+ {expected_output1->len, expected_output2->len};
+ size_t output_buffer_size = 0;
+ uint8_t *output_buffer = NULL;
+ size_t expected_capacity;
+ size_t current_capacity;
+ psa_key_policy_t policy;
+ psa_status_t status;
+ unsigned i;
+
+ for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ )
+ {
+ if( output_sizes[i] > output_buffer_size )
+ output_buffer_size = output_sizes[i];
+ if( output_sizes[i] == 0 )
+ expected_outputs[i] = NULL;
+ }
+ output_buffer = mbedtls_calloc( 1, output_buffer_size );
+ TEST_ASSERT( output_buffer != NULL );
+ TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+ psa_key_policy_init( &policy );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+ TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE,
+ key_data->x,
+ key_data->len ) == PSA_SUCCESS );
+
+ /* Extraction phase. */
+ TEST_ASSERT( psa_key_derivation( &generator, slot, alg,
+ salt->x, salt->len,
+ label->x, label->len,
+ requested_capacity ) == PSA_SUCCESS );
+ TEST_ASSERT( psa_get_generator_capacity( &generator,
+ ¤t_capacity ) ==
+ PSA_SUCCESS );
+ TEST_ASSERT( current_capacity == requested_capacity );
+ expected_capacity = requested_capacity;
+
+ /* Expansion phase. */
+ for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ )
+ {
+ /* Read some bytes. */
+ status = psa_generator_read( &generator,
+ output_buffer, output_sizes[i] );
+ if( expected_capacity == 0 && output_sizes[i] == 0 )
+ {
+ /* Reading 0 bytes when 0 bytes are available can go either way. */
+ TEST_ASSERT( status == PSA_SUCCESS ||
+ status == PSA_ERROR_INSUFFICIENT_CAPACITY );
+ continue;
+ }
+ else if( expected_capacity == 0 ||
+ output_sizes[i] > expected_capacity )
+ {
+ /* Capacity exceeded. */
+ TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_CAPACITY );
+ expected_capacity = 0;
+ continue;
+ }
+ /* Success. Check the read data. */
+ TEST_ASSERT( status == PSA_SUCCESS );
+ if( output_sizes[i] != 0 )
+ TEST_ASSERT( memcmp( output_buffer, expected_outputs[i],
+ output_sizes[i] ) == 0 );
+ /* Check the generator status. */
+ expected_capacity -= output_sizes[i];
+ TEST_ASSERT( psa_get_generator_capacity( &generator,
+ ¤t_capacity ) ==
+ PSA_SUCCESS );
+ TEST_ASSERT( expected_capacity == current_capacity );
+ }
+ TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+
+exit:
+ mbedtls_free( output_buffer );
+ psa_generator_abort( &generator );
+ psa_destroy_key( slot );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void generate_random( int bytes_arg )
{
size_t bytes = bytes_arg;