release/src/router/nettle/testsuite/pbkdf2-test.c

   1 #include "testutils.h"
   2 #include "hmac.h"
   3 #include "pbkdf2.h"
   4
   5 /* NOTE: The salt argument is expected to expand to length, data */
   6 #define PBKDF2_TEST(ctx, update, digest, size, c, salt, expect) \
   7   do {                                                                  \
   8     dk[expect->length] = 17;                                            \
   9     PBKDF2 (ctx, update, digest, size, c, salt, expect->length, dk); \
  10     ASSERT(MEMEQ (expect->length, dk, expect->data));                   \
  11     ASSERT(dk[expect->length] == 17);                                   \
  12   } while (0)
  13
  14 #define PBKDF2_HMAC_TEST(f, key, c, salt, expect)                       \
  15   do {                                                                  \
  16     dk[expect->length] = 17;                                            \
  17     f (key, c, salt, expect->length, dk);                               \
  18     ASSERT(MEMEQ (expect->length, dk, expect->data));                   \
  19     ASSERT(dk[expect->length] == 17);                                   \
  20   } while (0)
  21
  22 #define MAX_DKLEN SHA512_DIGEST_SIZE
  23
  24 void
  25 test_main (void)
  26 {
  27   uint8_t dk[MAX_DKLEN + 1];
  28   struct hmac_sha1_ctx sha1ctx;
  29   struct hmac_sha256_ctx sha256ctx;
  30   struct hmac_sha512_ctx sha512ctx;
  31
  32   /* Test vectors for PBKDF2 from RFC 6070. */
  33
  34   hmac_sha1_set_key (&sha1ctx, 8, "password");
  35
  36   PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
  37                1, LDATA("salt"),
  38                SHEX("0c60c80f961f0e71f3a9b524af6012062fe037a6"));
  39
  40   PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
  41                2, LDATA("salt"),
  42                SHEX("ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"));
  43
  44   PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
  45                4096, LDATA("salt"),
  46                SHEX("4b007901b765489abead49d926f721d065a429c1"));
  47
  48 #if 0                           /* too slow */
  49   PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
  50                16777216, LDATA("salt"),
  51                SHEX("eefe3d61cd4da4e4e9945b3d6ba2158c2634e984"));
  52 #endif
  53
  54   hmac_sha1_set_key (&sha1ctx, 24, "passwordPASSWORDpassword");
  55
  56   PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
  57                4096, LDATA("saltSALTsaltSALTsaltSALTsaltSALTsalt"),
  58                SHEX("3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"));
  59
  60   hmac_sha1_set_key (&sha1ctx, 9, "pass\0word");
  61
  62   PBKDF2_TEST (&sha1ctx, hmac_sha1_update, hmac_sha1_digest, SHA1_DIGEST_SIZE,
  63                4096, LDATA("sa\0lt"),
  64                SHEX("56fa6aa75548099dcc37d7f03425e0c3"));
  65
  66   /* PBKDF2-HMAC-SHA-256 test vectors confirmed with another
  67      implementation.  */
  68
  69   hmac_sha256_set_key (&sha256ctx, 6, "passwd");
  70
  71   PBKDF2_TEST (&sha256ctx, hmac_sha256_update, hmac_sha256_digest,
  72                SHA256_DIGEST_SIZE, 1, LDATA("salt"),
  73                SHEX("55ac046e56e3089fec1691c22544b605"));
  74
  75   hmac_sha256_set_key (&sha256ctx, 8, "Password");
  76
  77   PBKDF2_TEST (&sha256ctx, hmac_sha256_update, hmac_sha256_digest,
  78                SHA256_DIGEST_SIZE, 80000, LDATA("NaCl"),
  79                SHEX("4ddcd8f60b98be21830cee5ef22701f9"));
  80
  81   /* PBKDF2-HMAC-SHA-512 test vectors confirmed with another
  82      implementation (python-pbkdf2).
  83
  84      >>> from pbkdf2 import PBKDF2
  85      >>> import hmac as HMAC
  86      >>> from hashlib import sha512 as SHA512
  87      >>> PBKDF2("password", "salt", 50, macmodule=HMAC, digestmodule=SHA512).read(64).encode('hex')
  88   */
  89
  90   hmac_sha512_set_key (&sha512ctx, 8, "password");
  91   PBKDF2_TEST (&sha512ctx, hmac_sha512_update, hmac_sha512_digest,
  92                SHA512_DIGEST_SIZE, 1, LDATA("NaCL"),
  93                SHEX("73decfa58aa2e84f94771a75736bb88bd3c7b38270cfb50cb390ed78b305656af8148e52452b2216b2b8098b761fc6336060a09f76415e9f71ea47f9e9064306"));
  94
  95   hmac_sha512_set_key (&sha512ctx, 9, "pass\0word");
  96   PBKDF2_TEST (&sha512ctx, hmac_sha512_update, hmac_sha512_digest,
  97                SHA512_DIGEST_SIZE, 1, LDATA("sa\0lt"),
  98                SHEX("71a0ec842abd5c678bcfd145f09d83522f93361560563c4d0d63b88329871090e76604a49af08fe7c9f57156c8790996b20f06bc535e5ab5440df7e878296fa7"));
  99
 100   hmac_sha512_set_key (&sha512ctx, 24, "passwordPASSWORDpassword");
 101   PBKDF2_TEST (&sha512ctx, hmac_sha512_update, hmac_sha512_digest,
 102                SHA512_DIGEST_SIZE, 50, LDATA("salt\0\0\0"),
 103                SHEX("016871a4c4b75f96857fd2b9f8ca28023b30ee2a39f5adcac8c9375f9bda1ccd1b6f0b2fc3adda505412e79d890056c62e524c7d51154b1a8534575bd02dee39"));
 104
 105   /* Test convenience functions. */
 106
 107   PBKDF2_HMAC_TEST(pbkdf2_hmac_sha1, LDATA("password"), 1, LDATA("salt"),
 108                    SHEX("0c60c80f961f0e71f3a9b524af6012062fe037a6"));
 109
 110   PBKDF2_HMAC_TEST(pbkdf2_hmac_sha256, LDATA("passwd"), 1, LDATA("salt"),
 111                    SHEX("55ac046e56e3089fec1691c22544b605"));
 112
 113 }