Add tests for pkcs5_pbes2

This commit is contained in:
Manuel Pégourié-Gonnard 2014-06-12 13:14:55 +02:00
parent 2a8afa98e2
commit 66aca931bc
3 changed files with 142 additions and 0 deletions

View file

@ -175,6 +175,10 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode,
if( cipher_info == NULL )
return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );
/*
* The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
* since it is optional and we don't know if it was set or not
*/
keylen = cipher_info->key_length / 8;
if( enc_scheme_params.tag != ASN1_OCTET_STRING ||

View file

@ -17,3 +17,107 @@ pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f726450415353574f524470617373776f7264":
PBKDF2 RFC 6070 Test Vector #6 (SHA1)
depends_on:POLARSSL_SHA1_C
pbkdf2_hmac:POLARSSL_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3"
PBES2 Decrypt (OK)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
PBES2 Decrypt (bad params tag)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_SEQUENCE:"":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
PBES2 Decrypt (bad KDF AlgId: not a sequence)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"31":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
PBES2 Decrypt (bad KDF AlgId: overlong)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"3001":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
PBES2 Decrypt (KDF != PBKDF2)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300B06092A864886F70D01050D":"":"":POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE:""
PBES2 Decrypt (bad PBKDF2 params: not a sequence)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300D06092A864886F70D01050C3100":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
PBES2 Decrypt (bad PBKDF2 params: overlong)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300D06092A864886F70D01050C3001":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
PBES2 Decrypt (bad PBKDF2 params salt: not an octet string)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300E06092A864886F70D01050C30010500":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
PBES2 Decrypt (bad PBKDF2 params salt: overlong)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300E06092A864886F70D01050C30010401":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
PBES2 Decrypt (bad PBKDF2 params iter: not an int)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70300":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
PBES2 Decrypt (bad PBKDF2 params iter: overlong)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70201":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
PBES2 Decrypt (OK, PBKDF2 params explicit keylen)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301E06092A864886F70D01050C301104082ED7F24A1D516DD702020800020118301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
PBES2 Decrypt (bad PBKDF2 params explicit keylen: overlong)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208000201":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
PBES2 Decrypt (OK, PBKDF2 params explicit prf_alg)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0207301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg not a sequence)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003100":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA1)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0208":"":"":POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE:""
PBES2 Decrypt (bad, PBKDF2 params extra data)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"302806092A864886F70D01050C301B04082ED7F24A1D516DD702020800300A06082A864886F70D020700":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH:""
PBES2 Decrypt (bad enc_scheme_alg: not a sequence)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003100":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
PBES2 Decrypt (bad enc_scheme_alg: overlong)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003001":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
PBES2 Decrypt (bad enc_scheme_alg: unkown oid)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300A06082A864886F70D03FF":"":"":POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE:""
PBES2 Decrypt (bad enc_scheme_alg params: not an octet string)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070500":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT:""
PBES2 Decrypt (bad enc_scheme_alg params: overlong)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070401":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
PBES2 Decrypt (bad enc_scheme_alg params: len != iv_len)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT:""
PBES2 Decrypt (bad password)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
PBES2 Decrypt (bad iter value)
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"

View file

@ -43,3 +43,37 @@ void pbkdf2_hmac( int hash, char *hex_password_string,
TEST_ASSERT( strcmp( (char *) dst_str, result_key_string ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE */
void pkcs5_pbes2( int params_tag, char *params_hex, char *pw_hex,
char *data_hex, int ref_ret, char *ref_out_hex )
{
int my_ret;
asn1_buf params;
unsigned char *my_out, *ref_out, *data, *pw;
size_t ref_out_len, data_len, pw_len;
params.tag = params_tag;
params.p = unhexify_alloc( params_hex, &params.len );
data = unhexify_alloc( data_hex, &data_len );
pw = unhexify_alloc( pw_hex, &pw_len );
ref_out = unhexify_alloc( ref_out_hex, &ref_out_len );
my_out = polarssl_malloc( ref_out_len != 0 ? ref_out_len : 1 );
TEST_ASSERT( my_out != NULL );
memset( my_out, 0, ref_out_len );
my_ret = pkcs5_pbes2( &params, PKCS5_DECRYPT,
pw, pw_len, data, data_len, my_out );
TEST_ASSERT( my_ret == ref_ret );
if( ref_ret == 0 )
TEST_ASSERT( memcmp( my_out, ref_out, ref_out_len ) == 0 );
polarssl_free( params.p );
polarssl_free( data );
polarssl_free( pw );
polarssl_free( ref_out );
polarssl_free( my_out );
}
/* END_CASE */