1 files changed, 110 insertions, 0 deletions

diff --git a/test/evp_kdf_test.c b/test/evp_kdf_test.c
index 173d8cb8b8..b9131b69ab 100644
--- a/test/evp_kdf_test.c
+++ b/test/evp_kdf_test.c
@@ -1649,6 +1649,114 @@ static int test_kdf_krb5kdf(void)
     return ret;
 }
 
+static int test_kdf_hmac_drbg_settables(void)
+{
+    int ret = 0, i = 0, j = 0;
+    EVP_KDF_CTX *kctx = NULL;
+    const OSSL_PARAM *settableparams;
+    OSSL_PARAM params[5];
+    static const unsigned char ent[32] = { 0 };
+    unsigned char out[32];
+    char digestname[32];
+    char macname[32];
+    EVP_MD *shake256 = NULL;
+
+    /* Test there are settables */
+    if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HMACDRBGKDF))
+            || !TEST_ptr(settableparams = EVP_KDF_CTX_settable_params(kctx)))
+        goto err;
+
+    /* Fail if no params have been set when doing a derive */
+    if (!TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0))
+        goto err;
+
+    /* Fail if we pass the wrong type for params */
+    params[1] = OSSL_PARAM_construct_end();
+    for (i = 0; settableparams[i].key != NULL; ++i) {
+        /* Skip "properties" key since it returns 1 unless the digest is also set */
+        if (OPENSSL_strcasecmp(settableparams[i].key,
+                               OSSL_KDF_PARAM_PROPERTIES) != 0) {
+            TEST_note("Testing set int into %s fails", settableparams[i].key);
+            params[0] = OSSL_PARAM_construct_int(settableparams[i].key, &j);
+            if (!TEST_int_le(EVP_KDF_CTX_set_params(kctx, params), 0))
+                goto err;
+        }
+    }
+    /* Test that we can set values multiple times */
+    params[0] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_HMACDRBG_ENTROPY,
+                                                  (char *)ent, sizeof(ent));
+    params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_HMACDRBG_NONCE,
+                                                  (char *)ent, sizeof(ent));
+    params[2] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_DIGEST, "SHA256",
+                                                 0);
+    params[3] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_PROPERTIES, "",
+                                                 0);
+    params[4] = OSSL_PARAM_construct_end();
+    if (!TEST_int_eq(EVP_KDF_CTX_set_params(kctx, params), 1))
+        goto err;
+    if (!TEST_int_eq(EVP_KDF_CTX_set_params(kctx, params), 1))
+        goto err;
+    /* Test we can retrieve values back */
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_DIGEST,
+                                                 digestname, sizeof(digestname));
+    params[1] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_MAC,
+                                                 macname, sizeof(macname));
+    params[2] = OSSL_PARAM_construct_end();
+    if (!TEST_int_eq(EVP_KDF_CTX_get_params(kctx, params), 1)
+            || !TEST_mem_eq(digestname, params[0].return_size, "SHA2-256", 8)
+            || !TEST_mem_eq(macname, params[1].return_size, "HMAC", 4))
+        goto err;
+
+    /* Test the derive */
+    if (!TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 1))
+        goto err;
+
+    /* test that XOF digests are not allowed */
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_DIGEST,
+                                                 "shake256", 0);
+    params[1] = OSSL_PARAM_construct_end();
+    if (!TEST_int_le(EVP_KDF_CTX_set_params(kctx, params), 0))
+        goto err;
+
+    ret = 1;
+err:
+    EVP_MD_free(shake256);
+    EVP_KDF_CTX_free(kctx);
+    return ret;
+}
+
+static int test_kdf_hmac_drbg_gettables(void)
+{
+    int ret = 0, i, j = 0;
+    EVP_KDF_CTX *kctx = NULL;
+    const OSSL_PARAM *gettableparams;
+    OSSL_PARAM params[3];
+    char buf[64];
+
+    /* Test there are gettables */
+    if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HMACDRBGKDF))
+            || !TEST_ptr(gettableparams = EVP_KDF_CTX_gettable_params(kctx)))
+        goto err;
+    /* Fail if we pass the wrong type for params */
+    params[1] = OSSL_PARAM_construct_end();
+    for (i = 0; gettableparams[i].key != NULL; ++i) {
+        params[0] = OSSL_PARAM_construct_int(gettableparams[i].key, &j);
+        if (!TEST_int_le(EVP_KDF_CTX_get_params(kctx, params), 0))
+            goto err;
+    }
+    /* fail to get params if they are not set yet */
+    for (i = 0; gettableparams[i].key != NULL; ++i) {
+        params[0] = OSSL_PARAM_construct_utf8_string(gettableparams[i].key,
+                                                     buf, sizeof(buf));
+        if (!TEST_int_le(EVP_KDF_CTX_get_params(kctx, params), 0))
+            goto err;
+    }
+    ret = 1;
+err:
+    EVP_KDF_CTX_free(kctx);
+    return ret;
+}
+
 int setup_tests(void)
 {
     ADD_TEST(test_kdf_pbkdf1);
@@ -1707,5 +1815,7 @@ int setup_tests(void)
     ADD_TEST(test_kdf_x942_asn1);
 #endif
     ADD_TEST(test_kdf_krb5kdf);
+    ADD_TEST(test_kdf_hmac_drbg_settables);
+    ADD_TEST(test_kdf_hmac_drbg_gettables);
     return 1;
 }