Add tests for pkcs5_pbes2
This commit is contained in:
parent
2a8afa98e2
commit
66aca931bc
3 changed files with 142 additions and 0 deletions
|
@ -175,6 +175,10 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode,
|
|||
if( cipher_info == NULL )
|
||||
return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );
|
||||
|
||||
/*
|
||||
* The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
|
||||
* since it is optional and we don't know if it was set or not
|
||||
*/
|
||||
keylen = cipher_info->key_length / 8;
|
||||
|
||||
if( enc_scheme_params.tag != ASN1_OCTET_STRING ||
|
||||
|
|
|
@ -17,3 +17,107 @@ pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f726450415353574f524470617373776f7264":
|
|||
PBKDF2 RFC 6070 Test Vector #6 (SHA1)
|
||||
depends_on:POLARSSL_SHA1_C
|
||||
pbkdf2_hmac:POLARSSL_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3"
|
||||
|
||||
PBES2 Decrypt (OK)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
|
||||
|
||||
PBES2 Decrypt (bad params tag)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_SEQUENCE:"":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
|
||||
|
||||
PBES2 Decrypt (bad KDF AlgId: not a sequence)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"31":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
|
||||
|
||||
PBES2 Decrypt (bad KDF AlgId: overlong)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"3001":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
PBES2 Decrypt (KDF != PBKDF2)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300B06092A864886F70D01050D":"":"":POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE:""
|
||||
|
||||
PBES2 Decrypt (bad PBKDF2 params: not a sequence)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300D06092A864886F70D01050C3100":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
|
||||
|
||||
PBES2 Decrypt (bad PBKDF2 params: overlong)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300D06092A864886F70D01050C3001":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
PBES2 Decrypt (bad PBKDF2 params salt: not an octet string)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300E06092A864886F70D01050C30010500":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
|
||||
|
||||
PBES2 Decrypt (bad PBKDF2 params salt: overlong)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"300E06092A864886F70D01050C30010401":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
PBES2 Decrypt (bad PBKDF2 params iter: not an int)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70300":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
|
||||
|
||||
PBES2 Decrypt (bad PBKDF2 params iter: overlong)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70201":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
PBES2 Decrypt (OK, PBKDF2 params explicit keylen)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301E06092A864886F70D01050C301104082ED7F24A1D516DD702020800020118301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
|
||||
|
||||
PBES2 Decrypt (bad PBKDF2 params explicit keylen: overlong)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208000201":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
PBES2 Decrypt (OK, PBKDF2 params explicit prf_alg)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0207301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
|
||||
|
||||
PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg not a sequence)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003100":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
|
||||
|
||||
PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA1)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0208":"":"":POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE:""
|
||||
|
||||
PBES2 Decrypt (bad, PBKDF2 params extra data)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"302806092A864886F70D01050C301B04082ED7F24A1D516DD702020800300A06082A864886F70D020700":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH:""
|
||||
|
||||
PBES2 Decrypt (bad enc_scheme_alg: not a sequence)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003100":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG:""
|
||||
|
||||
PBES2 Decrypt (bad enc_scheme_alg: overlong)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003001":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
PBES2 Decrypt (bad enc_scheme_alg: unkown oid)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300A06082A864886F70D03FF":"":"":POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE:""
|
||||
|
||||
PBES2 Decrypt (bad enc_scheme_alg params: not an octet string)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070500":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT:""
|
||||
|
||||
PBES2 Decrypt (bad enc_scheme_alg params: overlong)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070401":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA:""
|
||||
|
||||
PBES2 Decrypt (bad enc_scheme_alg params: len != iv_len)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":POLARSSL_ERR_PKCS5_INVALID_FORMAT:""
|
||||
|
||||
PBES2 Decrypt (bad password)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
|
||||
|
||||
PBES2 Decrypt (bad iter value)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_DES_C
|
||||
pkcs5_pbes2:ASN1_CONSTRUCTED | ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
|
||||
|
|
|
@ -43,3 +43,37 @@ void pbkdf2_hmac( int hash, char *hex_password_string,
|
|||
TEST_ASSERT( strcmp( (char *) dst_str, result_key_string ) == 0 );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void pkcs5_pbes2( int params_tag, char *params_hex, char *pw_hex,
|
||||
char *data_hex, int ref_ret, char *ref_out_hex )
|
||||
{
|
||||
int my_ret;
|
||||
asn1_buf params;
|
||||
unsigned char *my_out, *ref_out, *data, *pw;
|
||||
size_t ref_out_len, data_len, pw_len;
|
||||
|
||||
params.tag = params_tag;
|
||||
params.p = unhexify_alloc( params_hex, ¶ms.len );
|
||||
|
||||
data = unhexify_alloc( data_hex, &data_len );
|
||||
pw = unhexify_alloc( pw_hex, &pw_len );
|
||||
ref_out = unhexify_alloc( ref_out_hex, &ref_out_len );
|
||||
my_out = polarssl_malloc( ref_out_len != 0 ? ref_out_len : 1 );
|
||||
TEST_ASSERT( my_out != NULL );
|
||||
memset( my_out, 0, ref_out_len );
|
||||
|
||||
my_ret = pkcs5_pbes2( ¶ms, PKCS5_DECRYPT,
|
||||
pw, pw_len, data, data_len, my_out );
|
||||
TEST_ASSERT( my_ret == ref_ret );
|
||||
|
||||
if( ref_ret == 0 )
|
||||
TEST_ASSERT( memcmp( my_out, ref_out, ref_out_len ) == 0 );
|
||||
|
||||
polarssl_free( params.p );
|
||||
polarssl_free( data );
|
||||
polarssl_free( pw );
|
||||
polarssl_free( ref_out );
|
||||
polarssl_free( my_out );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
|
Loading…
Reference in a new issue