Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | #include <openssl/hkdf.h> | - |
18 | | - |
19 | #include <assert.h> | - |
20 | #include <string.h> | - |
21 | | - |
22 | #include <openssl/err.h> | - |
23 | #include <openssl/hmac.h> | - |
24 | | - |
25 | | - |
26 | int | - |
27 | HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest, | - |
28 | const uint8_t *secret, size_t secret_len, const uint8_t *salt, | - |
29 | size_t salt_len, const uint8_t *info, size_t info_len) | - |
30 | { | - |
31 | uint8_t prk[EVP_MAX_MD_SIZE]; | - |
32 | size_t prk_len; | - |
33 | | - |
34 | if (!HKDF_extract(prk, &prk_len, digest, secret, secret_len, salt,TRUE | never evaluated | FALSE | evaluated 7 times by 1 test |
| 0-7 |
35 | salt_len))TRUE | never evaluated | FALSE | evaluated 7 times by 1 test |
| 0-7 |
36 | return 0; never executed: return 0; | 0 |
37 | if (!HKDF_expand(out_key, out_len, digest, prk, prk_len, info,TRUE | never evaluated | FALSE | evaluated 7 times by 1 test |
| 0-7 |
38 | info_len))TRUE | never evaluated | FALSE | evaluated 7 times by 1 test |
| 0-7 |
39 | return 0; never executed: return 0; | 0 |
40 | | - |
41 | return 1;executed 7 times by 1 test: return 1; | 7 |
42 | } | - |
43 | | - |
44 | | - |
45 | int | - |
46 | HKDF_extract(uint8_t *out_key, size_t *out_len, | - |
47 | const EVP_MD *digest, const uint8_t *secret, size_t secret_len, | - |
48 | const uint8_t *salt, size_t salt_len) | - |
49 | { | - |
50 | unsigned int len; | - |
51 | | - |
52 | | - |
53 | | - |
54 | | - |
55 | | - |
56 | if (HMAC(digest, salt, salt_len, secret, secret_len, out_key, &len) ==TRUE | never evaluated | FALSE | evaluated 14 times by 1 test |
| 0-14 |
57 | NULL) {TRUE | never evaluated | FALSE | evaluated 14 times by 1 test |
| 0-14 |
58 | CRYPTOerror(ERR_R_CRYPTO_LIB); | - |
59 | return 0; never executed: return 0; | 0 |
60 | } | - |
61 | *out_len = len; | - |
62 | return 1;executed 14 times by 1 test: return 1; | 14 |
63 | } | - |
64 | | - |
65 | | - |
66 | int | - |
67 | HKDF_expand(uint8_t *out_key, size_t out_len, | - |
68 | const EVP_MD *digest, const uint8_t *prk, size_t prk_len, | - |
69 | const uint8_t *info, size_t info_len) | - |
70 | { | - |
71 | const size_t digest_len = EVP_MD_size(digest); | - |
72 | uint8_t previous[EVP_MAX_MD_SIZE]; | - |
73 | size_t n, done = 0; | - |
74 | unsigned int i; | - |
75 | int ret = 0; | - |
76 | HMAC_CTX hmac; | - |
77 | | - |
78 | | - |
79 | n = (out_len + digest_len - 1) / digest_len; | - |
80 | if (out_len + digest_len < out_len || n > 255) {TRUE | never evaluated | FALSE | evaluated 14 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 14 times by 1 test |
| 0-14 |
81 | CRYPTOerror(EVP_R_TOO_LARGE); | - |
82 | return 0; never executed: return 0; | 0 |
83 | } | - |
84 | | - |
85 | HMAC_CTX_init(&hmac); | - |
86 | if (!HMAC_Init_ex(&hmac, prk, prk_len, digest, NULL))TRUE | never evaluated | FALSE | evaluated 14 times by 1 test |
| 0-14 |
87 | goto out; never executed: goto out; | 0 |
88 | | - |
89 | for (i = 0; i < n; i++) {TRUE | evaluated 42 times by 1 test | FALSE | evaluated 14 times by 1 test |
| 14-42 |
90 | uint8_t ctr = i + 1; | - |
91 | size_t todo; | - |
92 | | - |
93 | if (i != 0 && (!HMAC_Init_ex(&hmac, NULL, 0, NULL, NULL) ||TRUE | evaluated 28 times by 1 test | FALSE | evaluated 14 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 28 times by 1 test |
| 0-28 |
94 | !HMAC_Update(&hmac, previous, digest_len)))TRUE | never evaluated | FALSE | evaluated 28 times by 1 test |
| 0-28 |
95 | goto out; never executed: goto out; | 0 |
96 | | - |
97 | if (!HMAC_Update(&hmac, info, info_len) ||TRUE | never evaluated | FALSE | evaluated 42 times by 1 test |
| 0-42 |
98 | !HMAC_Update(&hmac, &ctr, 1) ||TRUE | never evaluated | FALSE | evaluated 42 times by 1 test |
| 0-42 |
99 | !HMAC_Final(&hmac, previous, NULL))TRUE | never evaluated | FALSE | evaluated 42 times by 1 test |
| 0-42 |
100 | goto out; never executed: goto out; | 0 |
101 | | - |
102 | todo = digest_len; | - |
103 | if (done + todo > out_len)TRUE | evaluated 14 times by 1 test | FALSE | evaluated 28 times by 1 test |
| 14-28 |
104 | todo = out_len - done;executed 14 times by 1 test: todo = out_len - done; | 14 |
105 | | - |
106 | memcpy(out_key + done, previous, todo); | - |
107 | done += todo; | - |
108 | }executed 42 times by 1 test: end of block | 42 |
109 | | - |
110 | ret = 1; | - |
111 | | - |
112 | out:code before this statement executed 14 times by 1 test: out: | 14 |
113 | HMAC_CTX_cleanup(&hmac); | - |
114 | if (ret != 1)TRUE | never evaluated | FALSE | evaluated 14 times by 1 test |
| 0-14 |
115 | CRYPTOerror(ERR_R_CRYPTO_LIB); never executed: ERR_put_error(15,(0xfff),(15),__FILE__,115); | 0 |
116 | return ret;executed 14 times by 1 test: return ret; | 14 |
117 | } | - |
| | |