test PSA key derivation: add positive and negative cases for mixed-psk
Mix-PSK-to-MS test vectors are generated using python-tls library:
https://github.com/python-tls/tls
Steps to generate test vectors:
1. git clone git@github.com:python-tls/tls.git
2. cd tls
3. python3 setup.py build
4. sudo python3 setup.py install
5. Use the python script below to generate Master Secret (see description for details):
"""
Script to derive MS using mixed PSK to MS algorithm.
Script can be used to generate expected result for mixed PSK to MS tests.
Script uses python tls library:
https://github.com/python-tls/tls
Example usage:
derive_ms.py <secret> <other_secret> <seed> <label> <hash>
derive_ms.py 01020304 ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7 5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f 6d617374657220736563726574 SHA256
secret : 01020304
other_secret : ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7
pms : 0030ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7000401020304
seed : 5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f
label : 6d617374657220736563726574
output : 168fecea35190f9df34c042f24ecaa5e7825337f2cd82719464df5462f16aae84cb38a65c0d612ca9273f998ad32c05b
"""
from cryptography.hazmat.primitives import hashes
from tls._common.prf import prf
import os
import sys
def build_pms(other_secret: bytes, secret: bytes) -> bytes:
other_secret_size = len(other_secret).to_bytes(2, byteorder='big')
secret_size = len(secret).to_bytes(2, byteorder='big')
return(other_secret_size + other_secret + secret_size + secret)
def derive_ms(secret: bytes, other_secret: bytes, seed: bytes, label: bytes, hash: hashes.HashAlgorithm) -> bytes:
return prf(build_pms(other_secret, secret), label, seed, hash, 48)
def main():
#check args
if len(sys.argv) != 6:
print("Invalid number of arguments. Expected: <secret> <other_secret> <seed> <label> <hash>" )
return
if sys.argv[5] != 'SHA384' and sys.argv[5] != 'SHA256':
print("Invalid hash algorithm. Expected: SHA256 or SHA384" )
return
secret = bytes.fromhex(sys.argv[1])
other_secret = bytes.fromhex(sys.argv[2])
seed = bytes.fromhex(sys.argv[3])
label = bytes.fromhex(sys.argv[4])
hash_func = hashes.SHA384() if sys.argv[5] == 'SHA384' else hashes.SHA256()
pms = build_pms(other_secret, secret)
actual_output = derive_ms(secret, other_secret, seed, label, hash_func)
print('secret : ' + secret.hex())
print('other_secret : ' + other_secret.hex())
print('pms : ' + pms.hex())
print('seed : ' + seed.hex())
print('label : ' + label.hex())
print('output : ' + actual_output.hex())
if __name__ == "__main__":
main()
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
cd00d7f724