1
+ require 'spec_helper'
2
+ require 'rex/crypto/key_derivation/nist_sp_800_108'
3
+
4
+ RSpec . describe Rex ::Crypto ::KeyDerivation ::NIST_SP_800_108 do
5
+ describe '.counter' do
6
+ let ( :secret ) { [ '000102030405060708090A0B0C0D0E0F' ] . pack ( 'H*' ) }
7
+ let ( :prf ) { RSpec ::Mocks ::Double . new ( 'prf' ) }
8
+ let ( :length ) { 32 }
9
+ let ( :label ) { "RSpec Test Label\0 " }
10
+ let ( :context ) { "RSpec Test Context\0 " }
11
+
12
+ it 'builds the context block correctly for the prf' do
13
+ info = [ 1 ] . pack ( 'L>' ) + label + "\x00 " . b + context + [ length * 8 ] . pack ( 'L>' )
14
+ expect ( prf ) . to receive ( :call ) . with ( info ) . and_return ( OpenSSL ::HMAC . digest ( 'SHA256' , secret , info ) )
15
+ described_class . counter ( length , prf , label : label , context : context )
16
+ end
17
+ end
18
+
19
+ describe '.counter_hmac' do
20
+ let ( :secret ) { [ '000102030405060708090A0B0C0D0E0F' ] . pack ( 'H*' ) }
21
+ let ( :length ) { 32 }
22
+ let ( :label ) { "RSpec Test Label\0 " }
23
+ let ( :context ) { "RSpec Test Context\0 " }
24
+
25
+ context 'when the algorithm is invalid' do
26
+ let ( :algorithm ) { 'InvalidAlgorithm' }
27
+
28
+ it 'raises an error' do
29
+ expect { described_class . counter_hmac ( secret , length , algorithm , label : label , context : context ) } . to raise_error ( RuntimeError , /digest algorithm/ )
30
+ end
31
+ end
32
+
33
+ context 'when the algorithm is SHA256' do
34
+ let ( :algorithm ) { 'SHA256' }
35
+ before ( :each ) { expect ( OpenSSL ::HMAC ) . to receive ( :digest ) . at_least ( :once ) . with ( algorithm , secret , anything ) . and_call_original }
36
+ before ( :each ) { expect ( described_class ) . to receive ( :counter ) . with ( length , anything , context : context , label : label , keys : instance_of ( Integer ) ) . and_call_original }
37
+
38
+ it 'uses SHA256 to calculate 1 key' do
39
+ keys = described_class . counter_hmac ( secret , length , algorithm , label : label , context : context )
40
+ expect ( keys . length ) . to eq 1
41
+ expect ( keys [ 0 ] ) . to eq [ '5889a9fe18d9d51b5eb95272088acbe38bd2ea82517f1956b919dc549a945aa0' ] . pack ( 'H*' )
42
+ end
43
+
44
+ it 'uses SHA256 to calculate 2 keys' do
45
+ keys = described_class . counter_hmac ( secret , length , algorithm , label : label , context : context , keys : 2 )
46
+ expect ( keys . length ) . to eq 2
47
+ expect ( keys [ 0 ] ) . to eq [ '2060ea190b9ac147ccfbe2c094c49be04dcac80db6d05b1c32c54529caf24d43' ] . pack ( 'H*' )
48
+ expect ( keys [ 1 ] ) . to eq [ 'f66a460fc1d03451c1ef669ee10953815460d368668be13301d6314878ed771d' ] . pack ( 'H*' )
49
+ end
50
+ end
51
+ end
52
+ end
0 commit comments