Add test vectors for TLS 1.3 traffic key generation
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 257e3cf..a14925c 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -10454,6 +10454,18 @@
depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":"6b6579":"":16:"dbfaa693d1762c5b666af5d950258d01"
+SSL TLS 1.3 Key schedule: Traffic key generation #1
+# Vector from TLS 1.3 Byte by Byte ((https://tls13.ulfheim.net/)
+# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
+
+SSL TLS 1.3 Key schedule: Traffic key generation #2 (RFC 8448)
+# Vector RFC 8448
+# Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
+
SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE
ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 8f5c9ed..36f10ca 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -3696,6 +3696,52 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+void ssl_tls1_3_traffic_key_generation( int hash_alg,
+ data_t *server_secret,
+ data_t *client_secret,
+ int desired_iv_len,
+ int desired_key_len,
+ data_t *expected_server_write_key,
+ data_t *expected_server_write_iv,
+ data_t *expected_client_write_key,
+ data_t *expected_client_write_iv )
+{
+ mbedtls_ssl_key_set keys;
+
+ /* Check sanity of test parameters. */
+ TEST_ASSERT( client_secret->len == server_secret->len );
+ TEST_ASSERT( expected_client_write_iv->len == expected_server_write_iv->len &&
+ expected_client_write_iv->len == (size_t) desired_iv_len );
+ TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len &&
+ expected_client_write_key->len == (size_t) desired_key_len );
+
+ TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys(
+ (mbedtls_md_type_t) hash_alg,
+ client_secret->x,
+ server_secret->x,
+ client_secret->len /* == server_secret->len */,
+ desired_key_len, desired_iv_len,
+ &keys ) == 0 );
+
+ TEST_ASSERT( keys.keyLen == (size_t) desired_key_len );
+ TEST_ASSERT( keys.ivLen == (size_t) desired_iv_len );
+
+ TEST_ASSERT( memcmp( keys.client_write_key,
+ expected_client_write_key->x,
+ desired_key_len ) == 0 );
+ TEST_ASSERT( memcmp( keys.server_write_key,
+ expected_server_write_key->x,
+ desired_key_len ) == 0 );
+ TEST_ASSERT( memcmp( keys.client_write_iv,
+ expected_client_write_iv->x,
+ desired_iv_len ) == 0 );
+ TEST_ASSERT( memcmp( keys.server_write_iv,
+ expected_server_write_iv->x,
+ desired_iv_len ) == 0 );
+}
+/* END_CASE */
+
/* BEGIN_CASE */
void ssl_tls_prf( int type, data_t * secret, data_t * random,
char *label, data_t *result_hex_str, int exp_ret )