libsodium/test/default/kdf.c
Frank Denis 70c2796ae5 + crypto_kdf high-level API
This is a common need, and people end up reimplementing HKDF.

So, add a crypto_kdf() API similiar to libhydrogen's. The later has a
higher limit for the output length using BLAKE2X if required.

We can implement the same strategy later in libsodium if needed.
2017-02-19 18:13:10 +01:00

51 lines
1.5 KiB
C

#define TEST_NAME "kdf"
#include "cmptest.h"
static void
tv_kdf(void)
{
unsigned char *master_key;
unsigned char *subkey;
char *context;
char hex[crypto_kdf_BYTES_MAX * 2 + 1];
uint64_t i;
context = (char *) sodium_malloc(crypto_kdf_CONTEXTBYTES);
memcpy(context, "KDF test", strlen("KDF test"));
master_key = (unsigned char *) sodium_malloc(crypto_kdf_KEYBYTES);
for (i = 0; i < crypto_kdf_KEYBYTES; i++) {
master_key[i] = i;
}
subkey = (unsigned char *) sodium_malloc(crypto_kdf_BYTES_MAX);
for (i = 0; i < 10; i++) {
assert(crypto_kdf_blake2b_derive_from_key(subkey, crypto_kdf_BYTES_MAX,
i, context, master_key) == 0);
sodium_bin2hex(hex, sizeof hex, subkey, crypto_kdf_BYTES_MAX);
printf("%s\n", hex);
}
sodium_free(subkey);
for (i = 0; i < crypto_kdf_BYTES_MAX + 2; i++) {
subkey = (unsigned char *) sodium_malloc(crypto_kdf_BYTES_MAX);
if (crypto_kdf_blake2b_derive_from_key(subkey, (size_t) i,
i, context, master_key) == 0) {
sodium_bin2hex(hex, sizeof hex, subkey, (size_t) i);
printf("%s\n", hex);
} else {
printf("Failure -- probably expected for output length=%u\n",
(unsigned int) i);
}
sodium_free(subkey);
}
printf("tv_kdf: ok\n");
}
int
main(void)
{
tv_kdf();
return 0;
}