diff options
| author | Jon Spillett <jon.spillett@oracle.com> | 2021-02-26 15:21:47 +1000 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2021-05-24 15:21:25 +1000 |
| commit | 0f183675b8ea2490ca5e0b4e66baa27a3e6478ba (patch) | |
| tree | 50e289519dfd4ba6036ec70acc84d8f09d13c07e /test | |
| parent | d136db212ecaeb65e399de8d6b30e8b5ecc044d9 (diff) | |
Add PBKDF1 to the legacy provider
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14326)
Diffstat (limited to 'test')
| -rw-r--r-- | test/evp_kdf_test.c | 186 | ||||
| -rw-r--r-- | test/helpers/pkcs12.c | 2 | ||||
| -rw-r--r-- | test/recipes/30-test_evp.t | 1 | ||||
| -rw-r--r-- | test/recipes/30-test_evp_data/evpkdf_pbkdf1.txt | 136 |
4 files changed, 276 insertions, 49 deletions
diff --git a/test/evp_kdf_test.c b/test/evp_kdf_test.c index 1bed159227..1dea980f00 100644 --- a/test/evp_kdf_test.c +++ b/test/evp_kdf_test.c @@ -34,6 +34,9 @@ static OSSL_PARAM *construct_tls1_prf_params(const char *digest, const char *sec OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 4); OSSL_PARAM *p = params; + if (params == NULL) + return NULL; + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, (char *)digest, 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET, @@ -60,8 +63,8 @@ static int test_kdf_tls1_prf(void) params = construct_tls1_prf_params("sha256", "secret", "seed"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0) && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); @@ -78,8 +81,8 @@ static int test_kdf_tls1_prf_invalid_digest(void) params = construct_tls1_prf_params("blah", "secret", "seed"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) && TEST_false(EVP_KDF_CTX_set_params(kctx, params)); EVP_KDF_CTX_free(kctx); @@ -97,8 +100,8 @@ static int test_kdf_tls1_prf_zero_output_size(void) params = construct_tls1_prf_params("sha256", "secret", "seed"); /* Negative test - derive should fail */ - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) && TEST_true(EVP_KDF_CTX_set_params(kctx, params)) && TEST_int_eq(EVP_KDF_derive(kctx, out, 0, NULL), 0); @@ -116,8 +119,8 @@ static int test_kdf_tls1_prf_empty_secret(void) params = construct_tls1_prf_params("sha256", "", "seed"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0); EVP_KDF_CTX_free(kctx); @@ -134,8 +137,8 @@ static int test_kdf_tls1_prf_1byte_secret(void) params = construct_tls1_prf_params("sha256", "1", "seed"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0); EVP_KDF_CTX_free(kctx); @@ -153,8 +156,8 @@ static int test_kdf_tls1_prf_empty_seed(void) params = construct_tls1_prf_params("sha256", "secret", ""); /* Negative test - derive should fail */ - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) && TEST_true(EVP_KDF_CTX_set_params(kctx, params)) && TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0); @@ -172,8 +175,8 @@ static int test_kdf_tls1_prf_1byte_seed(void) params = construct_tls1_prf_params("sha256", "secret", "1"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF)) && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0); EVP_KDF_CTX_free(kctx); @@ -187,6 +190,9 @@ static OSSL_PARAM *construct_hkdf_params(char *digest, char *key, OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5); OSSL_PARAM *p = params; + if (params == NULL) + return NULL; + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, @@ -203,7 +209,7 @@ static OSSL_PARAM *construct_hkdf_params(char *digest, char *key, static int test_kdf_hkdf(void) { int ret; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[10]; OSSL_PARAM *params; static const unsigned char expected[sizeof(out)] = { @@ -212,8 +218,8 @@ static int test_kdf_hkdf(void) params = construct_hkdf_params("sha256", "secret", 6, "salt", "label"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0) && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); @@ -225,13 +231,13 @@ static int test_kdf_hkdf(void) static int test_kdf_hkdf_invalid_digest(void) { int ret; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; OSSL_PARAM *params; params = construct_hkdf_params("blah", "secret", 6, "salt", "label"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) && TEST_false(EVP_KDF_CTX_set_params(kctx, params)); EVP_KDF_CTX_free(kctx); @@ -242,15 +248,15 @@ static int test_kdf_hkdf_invalid_digest(void) static int test_kdf_hkdf_zero_output_size(void) { int ret; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[10]; OSSL_PARAM *params; params = construct_hkdf_params("sha256", "secret", 6, "salt", "label"); /* Negative test - derive should fail */ - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) && TEST_true(EVP_KDF_CTX_set_params(kctx, params)) && TEST_int_eq(EVP_KDF_derive(kctx, out, 0, NULL), 0); @@ -262,14 +268,14 @@ static int test_kdf_hkdf_zero_output_size(void) static int test_kdf_hkdf_empty_key(void) { int ret; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[10]; OSSL_PARAM *params; params = construct_hkdf_params("sha256", "", 0, "salt", "label"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0); EVP_KDF_CTX_free(kctx); @@ -280,14 +286,14 @@ static int test_kdf_hkdf_empty_key(void) static int test_kdf_hkdf_1byte_key(void) { int ret; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[10]; OSSL_PARAM *params; params = construct_hkdf_params("sha256", "1", 1, "salt", "label"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0); EVP_KDF_CTX_free(kctx); @@ -298,14 +304,14 @@ static int test_kdf_hkdf_1byte_key(void) static int test_kdf_hkdf_empty_salt(void) { int ret; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[10]; OSSL_PARAM *params; params = construct_hkdf_params("sha256", "secret", 6, "", "label"); - ret = - TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) + ret = TEST_ptr(params) + && TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF)) && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0); EVP_KDF_CTX_free(kctx); @@ -313,12 +319,74 @@ static int test_kdf_hkdf_empty_salt(void) return ret; } +static OSSL_PARAM *construct_pbkdf1_params(char *pass, char *digest, char *salt, + unsigned int *iter) +{ + OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5); + OSSL_PARAM *p = params; + + if (params == NULL) + return NULL; + + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, + (unsigned char *)pass, strlen(pass)); + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, + (unsigned char *)salt, strlen(salt)); + *p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_ITER, iter); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, + digest, 0); + *p = OSSL_PARAM_construct_end(); + + return params; +} + +static int test_kdf_pbkdf1(void) +{ + int ret = 0; + EVP_KDF_CTX *kctx = NULL; + unsigned char out[25]; + unsigned int iterations = 4096; + OSSL_PARAM *params; + OSSL_PROVIDER *prov = NULL; + const unsigned char expected[sizeof(out)] = { + 0xfb, 0x83, 0x4d, 0x36, 0x6d, 0xbc, 0x53, 0x87, 0x35, 0x1b, 0x34, 0x75, + 0x95, 0x88, 0x32, 0x4f, 0x3e, 0x82, 0x81, 0x01, 0x21, 0x93, 0x64, 0x00, + 0xcc + }; + + /* PBKDF1 only available in the legacy provider */ + prov = OSSL_PROVIDER_load(NULL, "legacy"); + if (prov == NULL) + return TEST_skip("PBKDF1 only available in legacy provider"); + + params = construct_pbkdf1_params("passwordPASSWORDpassword", "sha256", + "saltSALTsaltSALTsaltSALTsaltSALTsalt", + &iterations); + + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF1)) + || !TEST_true(EVP_KDF_CTX_set_params(kctx, params)) + || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0) + || !TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) + goto err; + + ret = 1; +err: + EVP_KDF_CTX_free(kctx); + OPENSSL_free(params); + OSSL_PROVIDER_unload(prov); + return ret; +} + static OSSL_PARAM *construct_pbkdf2_params(char *pass, char *digest, char *salt, unsigned int *iter, int *mode) { OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 6); OSSL_PARAM *p = params; + if (params == NULL) + return NULL; + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, (unsigned char *)pass, strlen(pass)); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, @@ -335,7 +403,7 @@ static OSSL_PARAM *construct_pbkdf2_params(char *pass, char *digest, char *salt, static int test_kdf_pbkdf2(void) { int ret = 0; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[25]; unsigned int iterations = 4096; int mode = 0; @@ -351,7 +419,8 @@ static int test_kdf_pbkdf2(void) "saltSALTsaltSALTsaltSALTsaltSALTsalt", &iterations, &mode); - if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0) || !TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) goto err; @@ -366,7 +435,7 @@ err: static int test_kdf_pbkdf2_small_output(void) { int ret = 0; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[25]; unsigned int iterations = 4096; int mode = 0; @@ -376,7 +445,8 @@ static int test_kdf_pbkdf2_small_output(void) "saltSALTsaltSALTsaltSALTsaltSALTsalt", &iterations, &mode); - if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) || !TEST_true(EVP_KDF_CTX_set_params(kctx, params)) /* A key length that is too small should fail */ || !TEST_int_eq(EVP_KDF_derive(kctx, out, 112 / 8 - 1, NULL), 0)) @@ -392,7 +462,7 @@ err: static int test_kdf_pbkdf2_large_output(void) { int ret = 0; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[25]; size_t len = 0; unsigned int iterations = 4096; @@ -406,7 +476,8 @@ static int test_kdf_pbkdf2_large_output(void) "saltSALTsaltSALTsaltSALTsaltSALTsalt", &iterations, &mode); - if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) /* A key length that is too large should fail */ || !TEST_true(EVP_KDF_CTX_set_params(kctx, params)) || (len != 0 && !TEST_int_eq(EVP_KDF_derive(kctx, out, len, NULL), 0))) @@ -422,7 +493,7 @@ err: static int test_kdf_pbkdf2_small_salt(void) { int ret = 0; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned int iterations = 4096; int mode = 0; OSSL_PARAM *params; @@ -431,7 +502,8 @@ static int test_kdf_pbkdf2_small_salt(void) "saltSALT", &iterations, &mode); - if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) /* A salt that is too small should fail */ || !TEST_false(EVP_KDF_CTX_set_params(kctx, params))) goto err; @@ -446,7 +518,7 @@ err: static int test_kdf_pbkdf2_small_iterations(void) { int ret = 0; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned int iterations = 1; int mode = 0; OSSL_PARAM *params; @@ -455,7 +527,8 @@ static int test_kdf_pbkdf2_small_iterations(void) "saltSALTsaltSALTsaltSALTsaltSALTsalt", &iterations, &mode); - if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) /* An iteration count that is too small should fail */ || !TEST_false(EVP_KDF_CTX_set_params(kctx, params))) goto err; @@ -470,7 +543,7 @@ err: static int test_kdf_pbkdf2_small_salt_pkcs5(void) { int ret = 0; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[25]; unsigned int iterations = 4096; int mode = 1; @@ -481,7 +554,8 @@ static int test_kdf_pbkdf2_small_salt_pkcs5(void) "saltSALT", &iterations, &mode); - if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) /* A salt that is too small should pass in pkcs5 mode */ || !TEST_true(EVP_KDF_CTX_set_params(kctx, params)) || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0)) @@ -506,7 +580,7 @@ err: static int test_kdf_pbkdf2_small_iterations_pkcs5(void) { int ret = 0; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned char out[25]; unsigned int iterations = 1; int mode = 1; @@ -517,7 +591,8 @@ static int test_kdf_pbkdf2_small_iterations_pkcs5(void) "saltSALTsaltSALTsaltSALTsaltSALTsalt", &iterations, &mode); - if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) /* An iteration count that is too small will pass in pkcs5 mode */ || !TEST_true(EVP_KDF_CTX_set_params(kctx, params)) || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0)) @@ -542,7 +617,7 @@ err: static int test_kdf_pbkdf2_invalid_digest(void) { int ret = 0; - EVP_KDF_CTX *kctx; + EVP_KDF_CTX *kctx = NULL; unsigned int iterations = 4096; int mode = 0; OSSL_PARAM *params; @@ -551,7 +626,8 @@ static int test_kdf_pbkdf2_invalid_digest(void) "saltSALTsaltSALTsaltSALTsaltSALTsalt", &iterations, &mode); - if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) + if (!TEST_ptr(params) + || !TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2)) /* Unknown digest should fail */ || !TEST_false(EVP_KDF_CTX_set_params(kctx, params))) goto err; @@ -831,6 +907,9 @@ static OSSL_PARAM *construct_kbkdf_params(char *digest, char *mac, unsigned char OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 7); OSSL_PARAM *p = params; + if (params == NULL) + return NULL; + *p++ = OSSL_PARAM_construct_utf8_string( OSSL_KDF_PARAM_DIGEST, digest, 0); *p++ = OSSL_PARAM_construct_utf8_string( @@ -857,6 +936,8 @@ static int test_kdf_kbkdf_invalid_digest(void) static unsigned char key[] = {0x01}; params = construct_kbkdf_params("blah", "HMAC", key, 1, "prf", "test"); + if (!TEST_ptr(params)) + return 0; /* Negative test case - set_params should fail */ kctx = get_kdfbyname("KBKDF"); @@ -877,6 +958,8 @@ static int test_kdf_kbkdf_invalid_mac(void) static unsigned char key[] = {0x01}; params = construct_kbkdf_params("sha256", "blah", key, 1, "prf", "test"); + if (!TEST_ptr(params)) + return 0; /* Negative test case - set_params should fail */ kctx = get_kdfbyname("KBKDF"); @@ -898,6 +981,8 @@ static int test_kdf_kbkdf_empty_key(void) unsigned char result[32] = { 0 }; params = construct_kbkdf_params("sha256", "HMAC", key, 0, "prf", "test"); + if (!TEST_ptr(params)) + return 0; /* Negative test case - derive should fail */ kctx = get_kdfbyname("KBKDF"); @@ -920,6 +1005,8 @@ static int test_kdf_kbkdf_1byte_key(void) unsigned char result[32] = { 0 }; params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test"); + if (!TEST_ptr(params)) + return 0; kctx = get_kdfbyname("KBKDF"); ret = TEST_ptr(kctx) @@ -940,6 +1027,8 @@ static int test_kdf_kbkdf_zero_output_size(void) unsigned char result[32] = { 0 }; params = construct_kbkdf_params("sha256", "HMAC", key, 1, "prf", "test"); + if (!TEST_ptr(params)) + return 0; /* Negative test case - derive should fail */ kctx = get_kdfbyname("KBKDF"); @@ -1394,6 +1483,7 @@ int setup_tests(void) ADD_TEST(test_kdf_hkdf_empty_key); ADD_TEST(test_kdf_hkdf_1byte_key); ADD_TEST(test_kdf_hkdf_empty_salt); + ADD_TEST(test_kdf_pbkdf1); ADD_TEST(test_kdf_pbkdf2); ADD_TEST(test_kdf_pbkdf2_small_output); ADD_TEST(test_kdf_pbkdf2_large_output); diff --git a/test/helpers/pkcs12.c b/test/helpers/pkcs12.c index ab877bca00..c90c6dd1bb 100644 --- a/test/helpers/pkcs12.c +++ b/test/helpers/pkcs12.c @@ -688,7 +688,7 @@ void start_check_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) if (!pb->success) return; - p12 = from_bio_p12(pb->p12bio, mac); + p12 = from_bio_p12(pb->p12bio, mac); if (!TEST_ptr(p12)) { pb->success = 0; return; diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t index 8a5c26629c..73077142cd 100644 --- a/test/recipes/30-test_evp.t +++ b/test/recipes/30-test_evp.t @@ -44,6 +44,7 @@ my @files = qw( evpciph_aes_wrap.txt evpciph_des3_common.txt evpkdf_hkdf.txt + evpkdf_pbkdf1.txt evpkdf_pbkdf2.txt evpkdf_ss.txt evpkdf_ssh.txt diff --git a/test/recipes/30-test_evp_data/evpkdf_pbkdf1.txt b/test/recipes/30-test_evp_data/evpkdf_pbkdf1.txt new file mode 100644 index 0000000000..1e362fdeb9 --- /dev/null +++ b/test/recipes/30-test_evp_data/evpkdf_pbkdf1.txt @@ -0,0 +1,136 @@ +# +# Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Tests start with one of these keywords +# Cipher Decrypt Derive Digest Encoding KDF MAC PBE +# PrivPubKeyPair Sign Verify VerifyRecover +# and continue until a blank line. Lines starting with a pound sign are ignored. + +Title = PBKDF1 tests + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:1 +Ctrl.digest = digest:md2 +Output = 2C5DAEBD49984F34642ACC09BAD696D7 + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:1 +Ctrl.digest = digest:md5 +Output = FDBDF3419FFF98BDB0241390F62A9DB3 + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:1 +Ctrl.digest = digest:sha1 +Output = CAB86DD6261710891E8CB56EE3625691 + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:2 +Ctrl.digest = digest:md2 +Output = FD7999A1AB54B01B4FC39389A5FE820D + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:2 +Ctrl.digest = digest:md5 +Output = 3D4A8D4FB4C6E8686B21D36142902966 + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:2 +Ctrl.digest = digest:sha1 +Output = E3A8DFCF2EEA6DC81D2AD154274FAAE9 + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:4096 +Ctrl.digest = digest:md2 +Output = 94E4671F438BD6C441C5B120C6CC79CA + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:4096 +Ctrl.digest = digest:md5 +Output = 3283ED8F8D037045157DA055BFF84A02 + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:password +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:4096 +Ctrl.digest = digest:sha1 +Output = 3CB0C21E81127F5BFF2EEA2B5DC3F31D + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:passwordPASSWORDpassword +Ctrl.salt = salt:saltSALT +Ctrl.iter = iter:65537 +Ctrl.digest = digest:md2 +Output = 36DAA8DEB8B471B26AA8CE064A81E54F + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:passwordPASSWORDpassword +Ctrl.salt = salt:saltSALT +Ctrl.iter = iter:65537 +Ctrl.digest = digest:md5 +Output = 763F3BA457E3F9ED088B04B5361D7CCA + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass:passwordPASSWORDpassword +Ctrl.salt = salt:saltSALT +Ctrl.iter = iter:65537 +Ctrl.digest = digest:sha1 +Output = B2B4635718AAAD9FEF23FE328EB83ECF + +Title = PBKDF1 tests for empty inputs + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass: +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:1 +Ctrl.digest = digest:md2 +Output = 8ECD1C4C1D57C415295784CCD4686905 + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass: +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:1 +Ctrl.digest = digest:md5 +Output = F3D07DE5EFB5E2C3EAFC16B0CF7E07FA + +Availablein = legacy +KDF = PBKDF1 +Ctrl.pass = pass: +Ctrl.salt = salt:saltsalt +Ctrl.iter = iter:1 +Ctrl.digest = digest:sha1 +Output = 2C2ABACE4BD8BB19F67113DA146DBB8C |