From 594c616e429755e6a78c49aec78873a3dd17f460 Mon Sep 17 00:00:00 2001 From: Artyom Pavlov Date: Mon, 14 Oct 2024 15:10:37 +0300 Subject: [PATCH] concat-kdf: minor tweaks (#104) --- .github/workflows/concat-kdf.yml | 4 +- README.md | 6 +- concat-kdf/Cargo.toml | 4 +- concat-kdf/LICENSE-APACHE | 201 +++++++++++++++++++++++++++++++ concat-kdf/LICENSE-MIT | 25 ++++ concat-kdf/README.md | 16 ++- concat-kdf/benches/benchmark.rs | 25 ---- concat-kdf/src/lib.rs | 59 ++++----- concat-kdf/tests/tests.rs | 136 +++++++++------------ 9 files changed, 325 insertions(+), 151 deletions(-) create mode 100644 concat-kdf/LICENSE-APACHE create mode 100644 concat-kdf/LICENSE-MIT delete mode 100644 concat-kdf/benches/benchmark.rs diff --git a/.github/workflows/concat-kdf.yml b/.github/workflows/concat-kdf.yml index 1979ebf..7f7d157 100644 --- a/.github/workflows/concat-kdf.yml +++ b/.github/workflows/concat-kdf.yml @@ -22,7 +22,7 @@ jobs: strategy: matrix: rust: - - 1.72.0 # MSRV + - 1.81.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -40,7 +40,7 @@ jobs: strategy: matrix: rust: - - 1.72.0 # MSRV + - 1.81.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/README.md b/README.md index 321a7b1..bc1888e 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,8 @@ Collection of [Key Derivation Functions][KDF] (KDF) written in pure Rust. | Algorithm | Crate | Crates.io | Documentation | MSRV | |--------------|----------------|:---------------------------------------------------------------------------------------------------:|:------------------------------------------------------------------------------------:|:-----------------------:| -| [HKDF] | [`hkdf`] | [![crates.io](https://img.shields.io/crates/v/hkdf.svg)](https://crates.io/crates/hkdf) | [![Documentation](https://docs.rs/hkdf/badge.svg)](https://docs.rs/hkdf) | ![MSRV 1.41][msrv-1.72] | -| [Concat-KDF] | [`concat-kdf`] | [![crates.io](https://img.shields.io/crates/v/concat-kdf.svg)](https://crates.io/crates/concat-kdf) | [![Documentation](https://docs.rs/concat-kdf/badge.svg)](https://docs.rs/concat-kdf) | ![MSRV 1.56][msrv-1.72] | +| [HKDF] | [`hkdf`] | [![crates.io](https://img.shields.io/crates/v/hkdf.svg)](https://crates.io/crates/hkdf) | [![Documentation](https://docs.rs/hkdf/badge.svg)](https://docs.rs/hkdf) | ![MSRV 1.81][msrv-1.81] | +| [Concat-KDF] | [`concat-kdf`] | [![crates.io](https://img.shields.io/crates/v/concat-kdf.svg)](https://crates.io/crates/concat-kdf) | [![Documentation](https://docs.rs/concat-kdf/badge.svg)](https://docs.rs/concat-kdf) | ![MSRV 1.81][msrv-1.81] | | [ANSI-X9.63-KDF] | [`ansi-x963-kdf`] | [![crates.io](https://img.shields.io/crates/v/ansi-x963-kdf.svg)](https://crates.io/crates/ansi-x963-kdf) | [![Documentation](https://docs.rs/ansi-x963-kdf/badge.svg)](https://docs.rs/ansi-x963-kdf) | ![MSRV 1.81][msrv-1.81] | *NOTE: for password-based KDFs (e.g. Argon2, PBKDF2, scrypt), please see [RustCrypto/password-hashes]* @@ -38,7 +38,7 @@ Unless you explicitly state otherwise, any contribution intentionally submitted [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg [deps-image]: https://deps.rs/repo/github/RustCrypto/KDFs/status.svg [deps-link]: https://deps.rs/repo/github/RustCrypto/KDFs -[msrv-1.72]: https://img.shields.io/badge/rustc-1.72+-blue.svg +[msrv-1.81]: https://img.shields.io/badge/rustc-1.81+-blue.svg [//]: # (crates) diff --git a/concat-kdf/Cargo.toml b/concat-kdf/Cargo.toml index 202fbc0..af3bd93 100644 --- a/concat-kdf/Cargo.toml +++ b/concat-kdf/Cargo.toml @@ -10,7 +10,7 @@ documentation = "https://docs.rs/concat-kdf" repository = "https://github.com/RustCrypto/KDFs" keywords = ["crypto", "concat-kdf", "KDF", "NIST"] categories = ["cryptography", "no-std"] -rust-version = "1.72" +rust-version = "1.81" [dependencies] digest = "=0.11.0-pre.9" @@ -20,7 +20,7 @@ hex-literal = "0.4" sha2 = { version = "=0.11.0-pre.4", default-features = false } [features] -std = [] +alloc = [] [package.metadata.docs.rs] all-features = true diff --git a/concat-kdf/LICENSE-APACHE b/concat-kdf/LICENSE-APACHE new file mode 100644 index 0000000..53b7ccd --- /dev/null +++ b/concat-kdf/LICENSE-APACHE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS + +APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + +Copyright [yyyy] [name of copyright owner] + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. \ No newline at end of file diff --git a/concat-kdf/LICENSE-MIT b/concat-kdf/LICENSE-MIT new file mode 100644 index 0000000..521c0fb --- /dev/null +++ b/concat-kdf/LICENSE-MIT @@ -0,0 +1,25 @@ +Copyright (c) 2022-2024 RustCrypto Developers + +Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. diff --git a/concat-kdf/README.md b/concat-kdf/README.md index da00a0d..6631a45 100644 --- a/concat-kdf/README.md +++ b/concat-kdf/README.md @@ -13,17 +13,21 @@ Schemes Using Discrete Logarithm Cryptography](https://nvlpubs.nist.gov/nistpubs # Usage -The most common way to use Concat KDF is as follows: you generate a shared secret with other party (e.g. via Diffie-Hellman algorithm) -and use key derivation function to derive a shared key. +The most common way to use Concat KDF is as follows: you generate a shared secret with other party +(e.g. via Diffie-Hellman algorithm) and use key derivation function to derive a shared key. ```rust -let mut key = [0u8; 32]; -concat_kdf::derive_key_into::(b"shared-secret", b"other-info", &mut key).unwrap(); +use hex_literal::hex; +use sha2::Sha256; + +let mut key = [0u8; 16]; +concat_kdf::derive_key_into::(b"secret", b"shared-info", &mut key).unwrap(); +assert_eq!(key, hex!("960db2c549ab16d71a7b008e005c2bdc")); ``` ## Minimum Supported Rust Version -Rust **1.72** or higher. +Rust **1.81** or higher. Minimum supported Rust version can be changed in the future, but it will be done with a minor version bump. @@ -53,7 +57,7 @@ dual licensed as above, without any additional terms or conditions. [docs-image]: https://docs.rs/concat-kdf/badge.svg [docs-link]: https://docs.rs/concat-kdf/ [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.72+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.81+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260043-KDFs [build-image]: https://github.com/RustCrypto/KDFs/workflows/concat-kdf/badge.svg?branch=master&event=push diff --git a/concat-kdf/benches/benchmark.rs b/concat-kdf/benches/benchmark.rs deleted file mode 100644 index e267264..0000000 --- a/concat-kdf/benches/benchmark.rs +++ /dev/null @@ -1,25 +0,0 @@ -#![feature(test)] -extern crate test; - -use sha2::{Sha224, Sha256, Sha512}; -use test::Bencher; - -macro_rules! define_benchmark { - ($name:ident, $hash:ty) => { - #[bench] - fn $name(b: &mut Bencher) { - let secret = [0u8; 32]; - let info = [0u8; 32]; - let mut key = [0u8; 32]; - b.iter(|| { - let (secret, info, key) = test::black_box((&secret, &info, &mut key)); - concat_kdf::derive_key_into::<$hash>(secret, info, key).unwrap(); - test::black_box(key); - }); - } - }; -} - -define_benchmark!(concat_kdf_sha224, Sha224); -define_benchmark!(concat_kdf_sha256, Sha256); -define_benchmark!(concat_kdf_sha512, Sha512); diff --git a/concat-kdf/src/lib.rs b/concat-kdf/src/lib.rs index 676f64b..a14e222 100644 --- a/concat-kdf/src/lib.rs +++ b/concat-kdf/src/lib.rs @@ -1,29 +1,12 @@ -//! An implementation of Concat KDF, the Concatenation Key Derivation Function. -//! -//! This function is described in the section 5.8.1 of [NIST SP 800-56A, Recommendation -//! for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography][1]. -//! -//! # Usage -//! -//! The most common way to use Concat KDF is as follows: you generate a shared secret -//! with other party (e.g. via Diffie-Hellman algorithm) and use key derivation function -//! to derive a shared key. -//! -//! ```rust -//! let mut key = [0u8; 32]; -//! concat_kdf::derive_key_into::(b"shared-secret", b"other-info", &mut key).unwrap(); -//! ``` -//! -//! [1]: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-56ar.pdf - #![no_std] -#![cfg_attr(docsrs, feature(doc_cfg))] +#![doc = include_str!("../README.md")] +#![cfg_attr(docsrs, feature(doc_auto_cfg))] use core::fmt; use digest::{array::typenum::Unsigned, Digest, FixedOutputReset, Update}; -#[cfg(feature = "std")] -extern crate std; +#[cfg(feature = "alloc")] +extern crate alloc; /// Concat KDF errors. #[derive(Clone, Copy, Debug, PartialEq)] @@ -46,14 +29,18 @@ impl fmt::Display for Error { } } -#[cfg(feature = "std")] -#[cfg_attr(docsrs, doc(cfg(feature = "std")))] -impl ::std::error::Error for Error {} +impl ::core::error::Error for Error {} /// Derives `key` in-place from `secret` and `other_info`. +/// +/// # Example /// ```rust -/// let mut key = [0u8; 42]; -/// concat_kdf::derive_key_into::(b"top-secret", b"info", &mut key).unwrap(); +/// use hex_literal::hex; +/// use sha2::Sha256; +/// +/// let mut key = [0u8; 16]; +/// concat_kdf::derive_key_into::(b"secret", b"shared-info", &mut key).unwrap(); +/// assert_eq!(key, hex!("960db2c549ab16d71a7b008e005c2bdc")); /// ``` pub fn derive_key_into(secret: &[u8], other_info: &[u8], key: &mut [u8]) -> Result<(), Error> where @@ -67,11 +54,8 @@ where return Err(Error::NoOutput); } - // Counter overflow is possible only on architectures with usize bigger than 4 bytes. - const OVERFLOW_IS_POSSIBLE: bool = core::mem::size_of::() > 4; - // Key length shall be less than or equal to hash output length * (2^32 - 1). - if OVERFLOW_IS_POSSIBLE && (key.len() >= D::OutputSize::USIZE * (u32::MAX as usize)) { + if (key.len() as u64) >= D::OutputSize::U64 * (u32::MAX as u64) { return Err(Error::CounterOverflow); } @@ -90,20 +74,25 @@ where } /// Derives and returns `length` bytes key from `secret` and `other_info`. +/// +/// # Example /// ```rust -/// let key = concat_kdf::derive_key::(b"top-secret", b"info", 42).unwrap(); +/// use hex_literal::hex; +/// use sha2::Sha256; +/// +/// let key = concat_kdf::derive_key::(b"secret", b"shared-info", 16).unwrap(); +/// assert_eq!(key[..], hex!("960db2c549ab16d71a7b008e005c2bdc")[..]); /// ``` -#[cfg(feature = "std")] -#[cfg_attr(docsrs, doc(cfg(feature = "std")))] +#[cfg(feature = "alloc")] pub fn derive_key( secret: &[u8], other_info: &[u8], length: usize, -) -> Result, Error> +) -> Result, Error> where D: Digest + FixedOutputReset, { - let mut key = std::vec![0u8; length]; + let mut key = alloc::vec![0u8; length].into_boxed_slice(); derive_key_into::(secret, other_info, &mut key)?; Ok(key) } diff --git a/concat-kdf/tests/tests.rs b/concat-kdf/tests/tests.rs index c813252..210cd47 100644 --- a/concat-kdf/tests/tests.rs +++ b/concat-kdf/tests/tests.rs @@ -12,16 +12,12 @@ fn test_key_derivation(fixtures: &[Fixture]) where D: Digest + FixedOutputReset, { - for Fixture { - secret, - other_info, - expected_key, - } in fixtures.iter() - { - for key_length in 1..expected_key.len() { - let mut key = vec![0u8; key_length]; - assert!(concat_kdf::derive_key_into::(secret, other_info, &mut key).is_ok()); - assert_eq!(&expected_key[..key_length], &key); + for f in fixtures.iter() { + let mut buf = [0u8; 256]; + for key_length in 1..f.expected_key.len() { + let key = &mut buf[..key_length]; + concat_kdf::derive_key_into::(f.secret, f.other_info, key).unwrap(); + assert_eq!(&f.expected_key[..key_length], key); } } } @@ -33,42 +29,42 @@ fn test_input_output_sha224() { secret: &hex!("00"), other_info: &[], expected_key: &hex!( - "5a5f55dc7112b236b7b9e4734bfa2276a565c802b0e704e84d6f3afc19364a9b - a2e6fdfe0d05c792b6ccc1c694efc1d253cc44975d5f7a1dac05745422639850 - 0679a1a65f0586d655ed6e5d62a46d05741ae7133edc866f863fdeeb3b181a5b - b7539309b809fba02c5f036926bcb25cb966683664634de66f4d72b3f1d671c0 - acb28bf4618c5faecc07ecb4bb60cdba51d3c902637fecb0173ab8185bc2939f - d66d35a76ac3644e79166c4445123dfb91aa787e76b91b917e74eefb211a1264 - f0b493a980533252be954681094081628ad7ec9d8c77f3b05254b326e45cfeb2 - 3b5dd5697ae7fe11e44af84c5254ae6d32e8079c442e19a4e0bdad348a8c7d73" + "5a5f55dc7112b236b7b9e4734bfa2276a565c802b0e704e84d6f3afc19364a9b" + "a2e6fdfe0d05c792b6ccc1c694efc1d253cc44975d5f7a1dac05745422639850" + "0679a1a65f0586d655ed6e5d62a46d05741ae7133edc866f863fdeeb3b181a5b" + "b7539309b809fba02c5f036926bcb25cb966683664634de66f4d72b3f1d671c0" + "acb28bf4618c5faecc07ecb4bb60cdba51d3c902637fecb0173ab8185bc2939f" + "d66d35a76ac3644e79166c4445123dfb91aa787e76b91b917e74eefb211a1264" + "f0b493a980533252be954681094081628ad7ec9d8c77f3b05254b326e45cfeb2" + "3b5dd5697ae7fe11e44af84c5254ae6d32e8079c442e19a4e0bdad348a8c7d73" ), }, Fixture { secret: &hex!("00"), other_info: &hex!("00"), expected_key: &hex!( - "8741be040b4a815d358adf598bdabac4293a7e1353967aedbb80bcebfbd11dc0 - 7c520882f90500ac6d9fe6a078e3213d056e9ca7ed7535f11a6417a843a56465 - cf7d67775d3392758d71c233c6611e45a96e2bfdb81ea1d3ccdfed90b768b1b1 - c3518e4c30cf9224af2a55e68f35b496a1239148732ec15e2419b1da97ace8c9 - fb7de3fe03656b7978a5286a1a0e212a65c9fb9b5c8d33cc1995497903492a27 - 3e5be119898695e1872a43f2d32f95ac688816b3d4b344645d525f49859e8a70 - 9d03d0d7ac947057f3eb5c3a830c510db96856fa7206d8a0f784223acf9cd211 - 4d4a9d38c463ebede8ae758d577bf5704d30c5b0bcd225c007c8092bbaa26909" + "8741be040b4a815d358adf598bdabac4293a7e1353967aedbb80bcebfbd11dc0" + "7c520882f90500ac6d9fe6a078e3213d056e9ca7ed7535f11a6417a843a56465" + "cf7d67775d3392758d71c233c6611e45a96e2bfdb81ea1d3ccdfed90b768b1b1" + "c3518e4c30cf9224af2a55e68f35b496a1239148732ec15e2419b1da97ace8c9" + "fb7de3fe03656b7978a5286a1a0e212a65c9fb9b5c8d33cc1995497903492a27" + "3e5be119898695e1872a43f2d32f95ac688816b3d4b344645d525f49859e8a70" + "9d03d0d7ac947057f3eb5c3a830c510db96856fa7206d8a0f784223acf9cd211" + "4d4a9d38c463ebede8ae758d577bf5704d30c5b0bcd225c007c8092bbaa26909" ), }, Fixture { secret: &hex!("ba5eba11bedabb1ebe5077edb0a710adb01dfacecab005eca11ab1eca55e77e011"), other_info: &hex!("f005ba1100ddba11"), expected_key: &hex!( - "3467360b50fee27cfb8e6bdc28ef5252ac0938a2987693a23478bcdbe43a0fe6 - d2de581e4858c544722caf6776d423da3b73b623b4e39dcdd6d2b51685399e99 - 1d53c53afd44cd294b992dccfb37a9cdaf9dee05bd2053fa9f1e0e3b3719e3c4 - 3b0c7ad2aefb0bfb9b69e32c61bf3690d60c74cd7e37b0bf043e873028828a4a - a6efbd8f9aedb1ab858616fe93878c5d815b6fa7cf13a205cced53a6fd8d7685 - 339bb4a0be0f9ccb68419b1e0814acfcf67d2d06a492d429d2e8740ecbd94ceb - cef9696bbf26867a7b192780deb59c7ae7ed97844a359a790a00aaa79f6aadae - 8bfc62ab653a8375de876cb5865e8a60d92b403be34050ac74e5da99787b3357" + "3467360b50fee27cfb8e6bdc28ef5252ac0938a2987693a23478bcdbe43a0fe6" + "d2de581e4858c544722caf6776d423da3b73b623b4e39dcdd6d2b51685399e99" + "1d53c53afd44cd294b992dccfb37a9cdaf9dee05bd2053fa9f1e0e3b3719e3c4" + "3b0c7ad2aefb0bfb9b69e32c61bf3690d60c74cd7e37b0bf043e873028828a4a" + "a6efbd8f9aedb1ab858616fe93878c5d815b6fa7cf13a205cced53a6fd8d7685" + "339bb4a0be0f9ccb68419b1e0814acfcf67d2d06a492d429d2e8740ecbd94ceb" + "cef9696bbf26867a7b192780deb59c7ae7ed97844a359a790a00aaa79f6aadae" + "8bfc62ab653a8375de876cb5865e8a60d92b403be34050ac74e5da99787b3357" ), }, ]; @@ -83,42 +79,42 @@ fn test_input_output_sha256() { secret: &hex!("00"), other_info: &[], expected_key: &hex!( - "060dc63e5595dffbd161c9ec98bc06fcf67cb22e2e75ecdf0003821388aeee4d - 182cf10a4a3cc9c7ed07a46bfc0327a406e14b2e892b62471a523ceea8cb7664 - 598cd1428ca03f178cc23c367994cd739eb3e029f63b3e7079e4df62717f2dd0 - d110457e8900a7bff0e9474ecd94fb6cd001d6928d7e018132678ac22013bdd0 - 5f8b7ad1b5241a8326638b7f596fcc965cc2c81665ad275d0110a9af8fe1d8fb - 69af0678d2e4cd5b3a9dfeee6343496ee4ec37b3d4240954b64364acb9aa47f8 - 49befd6c253f0eb97f3fb0c118542c39519746da27b55f32cca541f9a1a16091 - 6a8814853bd214d9f0faf8d19724d53383fd0084a9471f67b989d47e225aa1a8" + "060dc63e5595dffbd161c9ec98bc06fcf67cb22e2e75ecdf0003821388aeee4d" + "182cf10a4a3cc9c7ed07a46bfc0327a406e14b2e892b62471a523ceea8cb7664" + "598cd1428ca03f178cc23c367994cd739eb3e029f63b3e7079e4df62717f2dd0" + "d110457e8900a7bff0e9474ecd94fb6cd001d6928d7e018132678ac22013bdd0" + "5f8b7ad1b5241a8326638b7f596fcc965cc2c81665ad275d0110a9af8fe1d8fb" + "69af0678d2e4cd5b3a9dfeee6343496ee4ec37b3d4240954b64364acb9aa47f8" + "49befd6c253f0eb97f3fb0c118542c39519746da27b55f32cca541f9a1a16091" + "6a8814853bd214d9f0faf8d19724d53383fd0084a9471f67b989d47e225aa1a8" ), }, Fixture { secret: &hex!("00"), other_info: &hex!("00"), expected_key: &hex!( - "10487d86ce3584e156874ed9b2650e8d772a8d1fdbb1c9111bf7e2fbcab18ccb - e44728408fa247053c017f791d5d2fe87752119c5010006ffc4e098efbaea679 - 52a554d18aa44185bbd82ea8882354ddc5286b9fd1af206bb9c88dbf424e4b1b - 5f54b6ff037cd93f528964739d54d41a837e86c0baa777865a2a48bb15c910a9 - 4e01ccc1186d19c2db4e65bd81dd29c492d88668f6fc70c5fa20855ed535d20e - 5acee3f2b6a0568f4d1048d1ca04e85606e14d0bc48ebb7cf063a780f0096129 - 52da97e695e38843ae3fcc649f301915fc8e7675d0065aabb2c6698daaf494a4 - df6d80b66a8b32c5bdd8ecdb650ae4fc2b47e6f50711eedd42dcbf2864e089cd" + "10487d86ce3584e156874ed9b2650e8d772a8d1fdbb1c9111bf7e2fbcab18ccb" + "e44728408fa247053c017f791d5d2fe87752119c5010006ffc4e098efbaea679" + "52a554d18aa44185bbd82ea8882354ddc5286b9fd1af206bb9c88dbf424e4b1b" + "5f54b6ff037cd93f528964739d54d41a837e86c0baa777865a2a48bb15c910a9" + "4e01ccc1186d19c2db4e65bd81dd29c492d88668f6fc70c5fa20855ed535d20e" + "5acee3f2b6a0568f4d1048d1ca04e85606e14d0bc48ebb7cf063a780f0096129" + "52da97e695e38843ae3fcc649f301915fc8e7675d0065aabb2c6698daaf494a4" + "df6d80b66a8b32c5bdd8ecdb650ae4fc2b47e6f50711eedd42dcbf2864e089cd" ), }, Fixture { secret: &hex!("ba5eba11bedabb1ebe5077edb0a710adb01dfacecab005eca11ab1eca55e77e011"), other_info: &hex!("f005ba1100ddba11"), expected_key: &hex!( - "a400be9935d0c843a1504aa64f6078195b6e20ea3fe64bb8d7f29aaea6a351bf - 7e40cafe54e86c4d502f82a390ab77098e8cccf905b5826d475e8316583eb53f - fc6afda60479492c5142db5896cbd0438e583d64162e448e68a3725944866f3e - 55ea6d4e3eea479b7d0a5c7a78d4425bc3c118a564f078f6dc41439c255e87c9 - be4e3e4a80509f84727ee661b9f04a8da4ece7214328f5180e96a9d641136ae7 - e2c83707106623dd890cc0c8a04a4af628b530da938753e07c4891204014b675 - 1beb080ee8c3391607652411423567b60a56ca9efe5bc858c9a23f87b13cffa6 - bcaf5fab9ad33ff2a284c15c8af0195674b46be2f98fad136eb327a8a60a8f4e" + "a400be9935d0c843a1504aa64f6078195b6e20ea3fe64bb8d7f29aaea6a351bf" + "7e40cafe54e86c4d502f82a390ab77098e8cccf905b5826d475e8316583eb53f" + "fc6afda60479492c5142db5896cbd0438e583d64162e448e68a3725944866f3e" + "55ea6d4e3eea479b7d0a5c7a78d4425bc3c118a564f078f6dc41439c255e87c9" + "be4e3e4a80509f84727ee661b9f04a8da4ece7214328f5180e96a9d641136ae7" + "e2c83707106623dd890cc0c8a04a4af628b530da938753e07c4891204014b675" + "1beb080ee8c3391607652411423567b60a56ca9efe5bc858c9a23f87b13cffa6" + "bcaf5fab9ad33ff2a284c15c8af0195674b46be2f98fad136eb327a8a60a8f4e" ), }, ]; @@ -177,33 +173,17 @@ fn test_input_output_sha512() { } #[test] -fn test_errors() { - // secret has zero length. +fn test_no_secret() { assert_eq!( concat_kdf::derive_key_into::(&[], &[], &mut [0u8; 42]), Err(concat_kdf::Error::NoSecret) ); +} - // key has zero length. +#[test] +fn test_no_output() { assert_eq!( concat_kdf::derive_key_into::(&[0u8; 42], &[], &mut [0u8; 0]), Err(concat_kdf::Error::NoOutput) ); - - // key has a length that causes counter overflow. - #[cfg(target_pointer_width = "64")] - { - let size = Sha224::output_size() * u32::MAX as usize; - let layout = std::alloc::Layout::from_size_align(size, 1).unwrap(); - unsafe { - // We assume that OS will not allocate physicall memory for this buffer - let p = std::alloc::alloc_zeroed(layout); - let buf = std::slice::from_raw_parts_mut(p, size); - assert_eq!( - concat_kdf::derive_key_into::(&[0u8; 42], &[], buf), - Err(concat_kdf::Error::CounterOverflow) - ); - std::alloc::dealloc(p, layout) - }; - } }