crypto/kex_unittest.cc - chromium/src - Git at Google

 // Copyright 2025 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "crypto/kex.h"

 #include "crypto/keypair.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "third_party/boringssl/src/include/openssl/ec_key.h"
 #include "third_party/boringssl/src/include/openssl/evp.h"

 namespace {

 TEST(Kex, EcdhP256KnownAnswer) {
   // This is from RFC 5903 8.1 (which calls P-256 "256-bit Random ECP Group").
   // clang-format off
   // Their public key in X9.62 format: the 04 octet, then the x and y points as
   // big-endian byte strings.
   constexpr std::array<uint8_t, 65> kTheirPublic{
     0x04,
     0xda, 0xd0, 0xb6, 0x53, 0x94, 0x22, 0x1c, 0xf9,
     0xb0, 0x51, 0xe1, 0xfe, 0xca, 0x57, 0x87, 0xd0,
     0x98, 0xdf, 0xe6, 0x37, 0xfc, 0x90, 0xb9, 0xef,
     0x94, 0x5d, 0x0c, 0x37, 0x72, 0x58, 0x11, 0x80,
     0x52, 0x71, 0xa0, 0x46, 0x1c, 0xdb, 0x82, 0x52,
     0xd6, 0x1f, 0x1c, 0x45, 0x6f, 0xa3, 0xe5, 0x9a,
     0xb1, 0xf4, 0x5b, 0x33, 0xac, 0xcf, 0x5f, 0x58,
     0x38, 0x9e, 0x05, 0x77, 0xb8, 0x99, 0x0b, 0xb3,
   };

   constexpr std::array<uint8_t, 32> kOurPrivate{
     0xc6, 0xef, 0x9c, 0x5d, 0x78, 0xae, 0x01, 0x2a,
     0x01, 0x11, 0x64, 0xac, 0xb3, 0x97, 0xce, 0x20,
     0x88, 0x68, 0x5d, 0x8f, 0x06, 0xbf, 0x9b, 0xe0,
     0xb2, 0x83, 0xab, 0x46, 0x47, 0x6b, 0xee, 0x53,
   };

   constexpr std::array<uint8_t, 32> kExpectedResult{
     0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf,
     0xd1, 0x31, 0x16, 0xe0, 0xe1, 0x25, 0x65, 0x20,
     0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03,
     0x81, 0x24, 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde,
   };
   // clang-format on

   auto their_key = *crypto::keypair::PublicKey::FromEcP256Point(kTheirPublic);

   // crypto/keypair doesn't expose a way to directly create a private key from a
   // raw EC key, so we build one by hand here:
   bssl::UniquePtr<EC_KEY> our_ec_key(
       EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
   CHECK(EC_KEY_oct2priv(our_ec_key.get(), kOurPrivate.data(),
                         kOurPrivate.size()));
   bssl::UniquePtr<EVP_PKEY> our_pkey(EVP_PKEY_new());
   EVP_PKEY_assign_EC_KEY(our_pkey.get(), our_ec_key.release());
   crypto::keypair::PrivateKey our_key(std::move(our_pkey),
                                       crypto::SubtlePassKey::ForTesting());

   std::array<uint8_t, 32> result;
   crypto::kex::EcdhP256(their_key, our_key, result);
   EXPECT_EQ(kExpectedResult, result);
 }

 }  // namespace
	// Copyright 2025 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "crypto/kex.h"

	#include "crypto/keypair.h"
	#include "testing/gtest/include/gtest/gtest.h"
	#include "third_party/boringssl/src/include/openssl/ec_key.h"
	#include "third_party/boringssl/src/include/openssl/evp.h"

	namespace {

	TEST(Kex, EcdhP256KnownAnswer) {
	// This is from RFC 5903 8.1 (which calls P-256 "256-bit Random ECP Group").
	// clang-format off
	// Their public key in X9.62 format: the 04 octet, then the x and y points as
	// big-endian byte strings.
	constexpr std::array<uint8_t, 65> kTheirPublic{
	0x04,
	0xda, 0xd0, 0xb6, 0x53, 0x94, 0x22, 0x1c, 0xf9,
	0xb0, 0x51, 0xe1, 0xfe, 0xca, 0x57, 0x87, 0xd0,
	0x98, 0xdf, 0xe6, 0x37, 0xfc, 0x90, 0xb9, 0xef,
	0x94, 0x5d, 0x0c, 0x37, 0x72, 0x58, 0x11, 0x80,
	0x52, 0x71, 0xa0, 0x46, 0x1c, 0xdb, 0x82, 0x52,
	0xd6, 0x1f, 0x1c, 0x45, 0x6f, 0xa3, 0xe5, 0x9a,
	0xb1, 0xf4, 0x5b, 0x33, 0xac, 0xcf, 0x5f, 0x58,
	0x38, 0x9e, 0x05, 0x77, 0xb8, 0x99, 0x0b, 0xb3,
	};

	constexpr std::array<uint8_t, 32> kOurPrivate{
	0xc6, 0xef, 0x9c, 0x5d, 0x78, 0xae, 0x01, 0x2a,
	0x01, 0x11, 0x64, 0xac, 0xb3, 0x97, 0xce, 0x20,
	0x88, 0x68, 0x5d, 0x8f, 0x06, 0xbf, 0x9b, 0xe0,
	0xb2, 0x83, 0xab, 0x46, 0x47, 0x6b, 0xee, 0x53,
	};

	constexpr std::array<uint8_t, 32> kExpectedResult{
	0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf,
	0xd1, 0x31, 0x16, 0xe0, 0xe1, 0x25, 0x65, 0x20,
	0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03,
	0x81, 0x24, 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde,
	};
	// clang-format on

	auto their_key = *crypto::keypair::PublicKey::FromEcP256Point(kTheirPublic);

	// crypto/keypair doesn't expose a way to directly create a private key from a
	// raw EC key, so we build one by hand here:
	bssl::UniquePtr<EC_KEY> our_ec_key(
	EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
	CHECK(EC_KEY_oct2priv(our_ec_key.get(), kOurPrivate.data(),
	kOurPrivate.size()));
	bssl::UniquePtr<EVP_PKEY> our_pkey(EVP_PKEY_new());
	EVP_PKEY_assign_EC_KEY(our_pkey.get(), our_ec_key.release());
	crypto::keypair::PrivateKey our_key(std::move(our_pkey),
	crypto::SubtlePassKey::ForTesting());

	std::array<uint8_t, 32> result;
	crypto::kex::EcdhP256(their_key, our_key, result);
	EXPECT_EQ(kExpectedResult, result);
	}

	} // namespace