pbkdf2test.c 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138
  1. /*
  2. * Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License, Version 2.0 (the License); you may
  5. * not use this file except in compliance with the License.
  6. *
  7. * http://www.apache.org/licenses/LICENSE-2.0
  8. */
  9. #include <stdio.h>
  10. #include <string.h>
  11. #include <stdlib.h>
  12. #include <gmssl/hex.h>
  13. #include <gmssl/pbkdf2.h>
  14. #include <gmssl/error.h>
  15. struct {
  16. char *pass;
  17. char *salt;
  18. int iter;
  19. int dklen;
  20. char *dk;
  21. } pbkdf2_hmac_sha1_tests[] = {
  22. // rfc 6070 test vectors for pbkdf2-hmac-sha1
  23. {
  24. "password",
  25. "salt",
  26. 1,
  27. 20,
  28. "0c60c80f961f0e71f3a9b524af6012062fe037a6",
  29. },
  30. {
  31. "password",
  32. "salt",
  33. 2,
  34. 20,
  35. "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957",
  36. },
  37. {
  38. "password",
  39. "salt",
  40. 4096,
  41. 20,
  42. "4b007901b765489abead49d926f721d065a429c1",
  43. },
  44. /*
  45. {
  46. "password",
  47. "salt",
  48. 16777216, // very slow
  49. 20,
  50. "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984",
  51. },
  52. */
  53. {
  54. "passwordPASSWORDpassword",
  55. "saltSALTsaltSALTsaltSALTsaltSALTsalt",
  56. 4096,
  57. 25,
  58. "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038",
  59. },
  60. };
  61. /*
  62. void test(void)
  63. {
  64. HMAC_CTX ctx;
  65. uint8_t iter[4] = {0, 0, 0, 1};
  66. uint8_t mac[20];
  67. size_t len;
  68. int i;
  69. hmac_init(&ctx, DIGEST_sha1(), (uint8_t *)"password", 8);
  70. hmac_update(&ctx, (uint8_t *)"salt", 4);
  71. hmac_update(&ctx, iter, 4);
  72. hmac_finish(&ctx, mac, &len);
  73. for (i = 1; i < 4096; i++) {
  74. uint8_t buf[20];
  75. memset(&ctx, 0, sizeof(HMAC_CTX));
  76. hmac_init(&ctx, DIGEST_sha1(), (uint8_t *)"password", 8);
  77. hmac_update(&ctx, mac, len);
  78. hmac_finish(&ctx, buf, &len);
  79. int j;
  80. for (j = 0; j < len; j++) {
  81. mac[j] ^= buf[j];
  82. }
  83. }
  84. for (i = 0; i < len; i++) {
  85. printf("%02x", mac[i]);
  86. }
  87. printf("\n");
  88. }
  89. */
  90. static int test_pbkdf2_genkey(void)
  91. {
  92. // FIXME: currently we only has SHA-1 tests, replace with SHA-256
  93. #ifdef ENABLE_BROKEN_CRYPTO
  94. int i;
  95. uint8_t key[64];
  96. uint8_t buf[64];
  97. size_t len;
  98. for (i = 0; i < sizeof(pbkdf2_hmac_sha1_tests)/sizeof(pbkdf2_hmac_sha1_tests[0]); i++) {
  99. hex_to_bytes(pbkdf2_hmac_sha1_tests[i].dk, strlen(pbkdf2_hmac_sha1_tests[i].dk), buf, &len);
  100. if (pbkdf2_genkey(DIGEST_sha1(),
  101. pbkdf2_hmac_sha1_tests[i].pass, strlen(pbkdf2_hmac_sha1_tests[i].pass),
  102. (uint8_t *)pbkdf2_hmac_sha1_tests[i].salt, strlen(pbkdf2_hmac_sha1_tests[i].salt),
  103. pbkdf2_hmac_sha1_tests[i].iter, pbkdf2_hmac_sha1_tests[i].dklen, key) != 1) {
  104. error_print();
  105. return -1;
  106. }
  107. if (memcmp(key, buf, pbkdf2_hmac_sha1_tests[i].dklen) != 0) {
  108. fprintf(stderr, "test_pbkdf2_genkey test %d failed\n", i);
  109. return -1;
  110. } else {
  111. fprintf(stderr, "test_pbkdf2_genkey test %d ok\n", i);
  112. }
  113. }
  114. #endif
  115. printf("%s() ok\n", __FUNCTION__);
  116. return 0;
  117. }
  118. int main(int argc, char **argv)
  119. {
  120. int err = 0;
  121. err += test_pbkdf2_genkey();
  122. return err;
  123. }