Refactor TLS PRF self-test to remove panics

simo5 · simo5 · commit f630c8799d5a · 2026-01-29T17:16:51.000-05:00
The TLS PRF Known Answer Test (KAT) is refactored to improve robustness and
readability.

A new `secret_key_object` helper function is introduced to create the secret
key object used in the test. This change, along with converting hex-decoded
test vectors to static byte arrays, removes all `unwrap()` calls from the
test's initialization logic.

This ensures that any potential errors during setup will cause the self-test
to fail gracefully rather than causing a panic.

Signed-off-by: Simo Sorce &lt;simo@redhat.com&gt;
diff --git a/src/fips/kats.rs b/src/fips/kats.rs
@@ -3,8 +3,9 @@
 
 use super::set_fips_error_state;
 use crate::attribute::Attribute;
-use crate::mechanism::Verify;
+use crate::error::Result;
 use crate::hmac::test_get_hmac;
+use crate::mechanism::Verify;
 use crate::native::hmac::HMACOperation;
 use crate::native::tlskdf::TLSPRF;
 use crate::object::Object;
@@ -62,6 +63,19 @@ pub static HMAC_SELFTEST: LazyLock<FIPSSelftest> = LazyLock::new(|| {
     FIPSSelftest::pass()
 });
 
+fn secret_key_object(secret: Vec<u8>) -> Result<Object> {
+    let mut key = Object::new();
+    key.set_attr(Attribute::from_ulong(CKA_CLASS, CKO_SECRET_KEY))?;
+    key.set_attr(Attribute::from_ulong(CKA_KEY_TYPE, CKK_GENERIC_SECRET))?;
+    key.set_attr(Attribute::from_ulong(
+        CKA_VALUE_LEN,
+        secret.len() as CK_ULONG,
+    ))?;
+    key.set_attr(Attribute::from_bytes(CKA_VALUE, secret))?;
+    key.set_attr(Attribute::from_bool(CKA_DERIVE, true))?;
+    Ok(key)
+}
+
 /// Static Lazy variable to run FIPS Known Answer Tests (KATs) for the TLS PRF
 /// on initialization
 ///
@@ -73,44 +87,41 @@ pub static HMAC_SELFTEST: LazyLock<FIPSSelftest> = LazyLock::new(|| {
 pub static TLS_PRF_SELFTEST: LazyLock<FIPSSelftest> = LazyLock::new(|| {
     /* Test vector taken from OpenSSL selftest */
     let prf: CK_MECHANISM_TYPE = CKM_SHA256_HMAC;
-    let secret = hex::decode(
-        "202c88c00f84a17a20027079604787461176455539e705be\
-         730890602c289a5001e34eeb3a043e5d52a65e66125188bf",
-    )
-    .unwrap();
-    let label: &[u8] = b"key expansion";
-    let randoms = hex::decode(
-        "ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868\
-         62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616",
-    )
-    .unwrap();
-    let mut seed = Vec::<u8>::with_capacity(label.len() + randoms.len());
-    seed.extend_from_slice(&label);
-    seed.extend_from_slice(&randoms);
+    let secret: Vec<u8> = vec![
+        0x20, 0x2C, 0x88, 0xC0, 0x0F, 0x84, 0xA1, 0x7A, 0x20, 0x02, 0x70, 0x79,
+        0x60, 0x47, 0x87, 0x46, 0x11, 0x76, 0x45, 0x55, 0x39, 0xE7, 0x05, 0xBE,
+        0x73, 0x08, 0x90, 0x60, 0x2C, 0x28, 0x9A, 0x50, 0x01, 0xE3, 0x4E, 0xEB,
+        0x3A, 0x04, 0x3E, 0x5D, 0x52, 0xA6, 0x5E, 0x66, 0x12, 0x51, 0x88, 0xBF,
+    ];
+    let seed: Vec<u8> = vec![
+        b'k', b'e', b'y', b' ', b'e', b'x', b'p', b'a', b'n', b's', b'i', b'o',
+        b'n', 0xAE, 0x6C, 0x80, 0x6F, 0x8A, 0xD4, 0xD8, 0x07, 0x84, 0x54, 0x9D,
+        0xFF, 0x28, 0xA4, 0xB5, 0x8F, 0xD8, 0x37, 0x68, 0x1A, 0x51, 0xD9, 0x28,
+        0xC3, 0xE3, 0x0E, 0xE5, 0xFF, 0x14, 0xF3, 0x98, 0x68, 0x62, 0xE1, 0xFD,
+        0x91, 0xF2, 0x3F, 0x55, 0x8A, 0x60, 0x5F, 0x28, 0x47, 0x8C, 0x58, 0xCF,
+        0x72, 0x63, 0x7B, 0x89, 0x78, 0x4D, 0x95, 0x9D, 0xF7, 0xE9, 0x46, 0xD3,
+        0xF0, 0x7B, 0xD1, 0xB6, 0x16,
+    ];
 
-    let expect = hex::decode(
-        "d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531\
-         016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f\
-         6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f\
-         1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928",
-    )
-    .unwrap();
+    let expect: Vec<u8> = vec![
+        0xD0, 0x61, 0x39, 0x88, 0x9F, 0xFF, 0xAC, 0x1E, 0x3A, 0x71, 0x86, 0x5F,
+        0x50, 0x4A, 0xA5, 0xD0, 0xD2, 0xA2, 0xE8, 0x95, 0x06, 0xC6, 0xF2, 0x27,
+        0x9B, 0x67, 0x0C, 0x3E, 0x1B, 0x74, 0xF5, 0x31, 0x01, 0x6A, 0x25, 0x30,
+        0xC5, 0x1A, 0x3A, 0x0F, 0x7E, 0x1D, 0x65, 0x90, 0xD0, 0xF0, 0x56, 0x6B,
+        0x2F, 0x38, 0x7F, 0x8D, 0x11, 0xFD, 0x4F, 0x73, 0x1C, 0xDD, 0x57, 0x2D,
+        0x2E, 0xAE, 0x92, 0x7F, 0x6F, 0x2F, 0x81, 0x41, 0x0B, 0x25, 0xE6, 0x96,
+        0x0B, 0xE6, 0x89, 0x85, 0xAD, 0xD6, 0xC3, 0x84, 0x45, 0xAD, 0x9F, 0x8C,
+        0x64, 0xBF, 0x80, 0x68, 0xBF, 0x9A, 0x66, 0x79, 0x48, 0x5D, 0x96, 0x6F,
+        0x1A, 0xD6, 0xF6, 0x8B, 0x43, 0x49, 0x5B, 0x10, 0xA6, 0x83, 0x75, 0x5E,
+        0xA2, 0xB8, 0x58, 0xD7, 0x0C, 0xCA, 0xC7, 0xEC, 0x8B, 0x05, 0x3C, 0x6B,
+        0xD4, 0x1C, 0xA2, 0x99, 0xD4, 0xE5, 0x19, 0x28,
+    ];
 
     /* mock key */
-    let mut key = Object::new();
-    key.set_attr(Attribute::from_ulong(CKA_CLASS, CKO_SECRET_KEY))
-        .unwrap();
-    key.set_attr(Attribute::from_ulong(CKA_KEY_TYPE, CKK_GENERIC_SECRET))
-        .unwrap();
-    key.set_attr(Attribute::from_bytes(CKA_VALUE, secret.clone()))
-        .unwrap();
-    key.set_attr(Attribute::from_ulong(
-        CKA_VALUE_LEN,
-        secret.len() as CK_ULONG,
-    ))
-    .unwrap();
-    key.set_attr(Attribute::from_bool(CKA_DERIVE, true))
-        .unwrap();
+    let key = match secret_key_object(secret) {
+        Ok(s) => s,
+        Err(_) => return FIPSSelftest::fail(),
+    };
 
     let mech = test_get_hmac(prf);
 
