github.com/rsc/go@v0.0.0-20150416155037-e040fd465409/src/crypto/tls/prf_test.go (about) 1 // Copyright 2009 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package tls 6 7 import ( 8 "crypto" 9 "encoding/hex" 10 "testing" 11 ) 12 13 type testSplitPreMasterSecretTest struct { 14 in, out1, out2 string 15 } 16 17 var testSplitPreMasterSecretTests = []testSplitPreMasterSecretTest{ 18 {"", "", ""}, 19 {"00", "00", "00"}, 20 {"0011", "00", "11"}, 21 {"001122", "0011", "1122"}, 22 {"00112233", "0011", "2233"}, 23 } 24 25 func TestSplitPreMasterSecret(t *testing.T) { 26 for i, test := range testSplitPreMasterSecretTests { 27 in, _ := hex.DecodeString(test.in) 28 out1, out2 := splitPreMasterSecret(in) 29 s1 := hex.EncodeToString(out1) 30 s2 := hex.EncodeToString(out2) 31 if s1 != test.out1 || s2 != test.out2 { 32 t.Errorf("#%d: got: (%s, %s) want: (%s, %s)", i, s1, s2, test.out1, test.out2) 33 } 34 } 35 } 36 37 type testKeysFromTest struct { 38 version uint16 39 hash crypto.Hash 40 preMasterSecret string 41 clientRandom, serverRandom string 42 masterSecret string 43 clientMAC, serverMAC string 44 clientKey, serverKey string 45 macLen, keyLen int 46 } 47 48 func TestKeysFromPreMasterSecret(t *testing.T) { 49 for i, test := range testKeysFromTests { 50 in, _ := hex.DecodeString(test.preMasterSecret) 51 clientRandom, _ := hex.DecodeString(test.clientRandom) 52 serverRandom, _ := hex.DecodeString(test.serverRandom) 53 54 masterSecret := masterFromPreMasterSecret(test.version, test.hash, in, clientRandom, serverRandom) 55 if s := hex.EncodeToString(masterSecret); s != test.masterSecret { 56 t.Errorf("#%d: bad master secret %s, want %s", i, s, test.masterSecret) 57 continue 58 } 59 60 clientMAC, serverMAC, clientKey, serverKey, _, _ := keysFromMasterSecret(test.version, test.hash, masterSecret, clientRandom, serverRandom, test.macLen, test.keyLen, 0) 61 clientMACString := hex.EncodeToString(clientMAC) 62 serverMACString := hex.EncodeToString(serverMAC) 63 clientKeyString := hex.EncodeToString(clientKey) 64 serverKeyString := hex.EncodeToString(serverKey) 65 if clientMACString != test.clientMAC || 66 serverMACString != test.serverMAC || 67 clientKeyString != test.clientKey || 68 serverKeyString != test.serverKey { 69 t.Errorf("#%d: got: (%s, %s, %s, %s) want: (%s, %s, %s, %s)", i, clientMACString, serverMACString, clientKeyString, serverKeyString, test.clientMAC, test.serverMAC, test.clientKey, test.serverKey) 70 } 71 } 72 } 73 74 // These test vectors were generated from GnuTLS using `gnutls-cli --insecure -d 9 ` 75 var testKeysFromTests = []testKeysFromTest{ 76 { 77 VersionTLS10, 78 crypto.SHA1, 79 "0302cac83ad4b1db3b9ab49ad05957de2a504a634a386fc600889321e1a971f57479466830ac3e6f468e87f5385fa0c5", 80 "4ae66303755184a3917fcb44880605fcc53baa01912b22ed94473fc69cebd558", 81 "4ae663020ec16e6bb5130be918cfcafd4d765979a3136a5d50c593446e4e44db", 82 "3d851bab6e5556e959a16bc36d66cfae32f672bfa9ecdef6096cbb1b23472df1da63dbbd9827606413221d149ed08ceb", 83 "805aaa19b3d2c0a0759a4b6c9959890e08480119", 84 "2d22f9fe519c075c16448305ceee209fc24ad109", 85 "d50b5771244f850cd8117a9ccafe2cf1", 86 "e076e33206b30507a85c32855acd0919", 87 20, 88 16, 89 }, 90 { 91 VersionTLS10, 92 crypto.SHA1, 93 "03023f7527316bc12cbcd69e4b9e8275d62c028f27e65c745cfcddc7ce01bd3570a111378b63848127f1c36e5f9e4890", 94 "4ae66364b5ea56b20ce4e25555aed2d7e67f42788dd03f3fee4adae0459ab106", 95 "4ae66363ab815cbf6a248b87d6b556184e945e9b97fbdf247858b0bdafacfa1c", 96 "7d64be7c80c59b740200b4b9c26d0baaa1c5ae56705acbcf2307fe62beb4728c19392c83f20483801cce022c77645460", 97 "97742ed60a0554ca13f04f97ee193177b971e3b0", 98 "37068751700400e03a8477a5c7eec0813ab9e0dc", 99 "207cddbc600d2a200abac6502053ee5c", 100 "df3f94f6e1eacc753b815fe16055cd43", 101 20, 102 16, 103 }, 104 { 105 VersionTLS10, 106 crypto.SHA1, 107 "832d515f1d61eebb2be56ba0ef79879efb9b527504abb386fb4310ed5d0e3b1f220d3bb6b455033a2773e6d8bdf951d278a187482b400d45deb88a5d5a6bb7d6a7a1decc04eb9ef0642876cd4a82d374d3b6ff35f0351dc5d411104de431375355addc39bfb1f6329fb163b0bc298d658338930d07d313cd980a7e3d9196cac1", 108 "4ae663b2ee389c0de147c509d8f18f5052afc4aaf9699efe8cb05ece883d3a5e", 109 "4ae664d503fd4cff50cfc1fb8fc606580f87b0fcdac9554ba0e01d785bdf278e", 110 "1aff2e7a2c4279d0126f57a65a77a8d9d0087cf2733366699bec27eb53d5740705a8574bb1acc2abbe90e44f0dd28d6c", 111 "3c7647c93c1379a31a609542aa44e7f117a70085", 112 "0d73102994be74a575a3ead8532590ca32a526d4", 113 "ac7581b0b6c10d85bbd905ffbf36c65e", 114 "ff07edde49682b45466bd2e39464b306", 115 20, 116 16, 117 }, 118 { 119 VersionSSL30, 120 crypto.SHA1, 121 "832d515f1d61eebb2be56ba0ef79879efb9b527504abb386fb4310ed5d0e3b1f220d3bb6b455033a2773e6d8bdf951d278a187482b400d45deb88a5d5a6bb7d6a7a1decc04eb9ef0642876cd4a82d374d3b6ff35f0351dc5d411104de431375355addc39bfb1f6329fb163b0bc298d658338930d07d313cd980a7e3d9196cac1", 122 "4ae663b2ee389c0de147c509d8f18f5052afc4aaf9699efe8cb05ece883d3a5e", 123 "4ae664d503fd4cff50cfc1fb8fc606580f87b0fcdac9554ba0e01d785bdf278e", 124 "a614863e56299dcffeea2938f22c2ba023768dbe4b3f6877bc9c346c6ae529b51d9cb87ff9695ea4d01f2205584405b2", 125 "2c450d5b6f6e2013ac6bea6a0b32200d4e1ffb94", 126 "7a7a7438769536f2fb1ae49a61f0703b79b2dc53", 127 "f8f6b26c10f12855c9aafb1e0e839ccf", 128 "2b9d4b4a60cb7f396780ebff50650419", 129 20, 130 16, 131 }, 132 }