xref: /freebsd/crypto/krb5/src/lib/crypto/crypto_tests/t_pkcs5.c (revision f1c4c3daccbaf3820f0e2224de53df12fc952fcc) 
1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/crypto/crypto_tests/t_pkcs5.c */
3 /*
4  * Copyright 2002 by the Massachusetts Institute of Technology.
5  * All Rights Reserved.
6  *
7  * Export of this software from the United States of America may
8  *   require a specific license from the United States Government.
9  *   It is the responsibility of any person or organization contemplating
10  *   export to obtain such a license before exporting.
11  *
12  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13  * distribute this software and its documentation for any purpose and
14  * without fee is hereby granted, provided that the above copyright
15  * notice appear in all copies and that both that copyright notice and
16  * this permission notice appear in supporting documentation, and that
17  * the name of M.I.T. not be used in advertising or publicity pertaining
18  * to distribution of the software without specific, written prior
19  * permission.  Furthermore if you modify this software you must label
20  * your software as modified software and not distribute it in such a
21  * fashion that it might be confused with the original M.I.T. software.
22  * M.I.T. makes no representations about the suitability of
23  * this software for any purpose.  It is provided "as is" without express
24  * or implied warranty.
25  */
26 
27 /* Test vectors for PBKDF2 (from PKCS #5v2), based on RFC 3211. */
28 
29 #include "k5-int.h"
30 
printhex(size_t len,const char * p)31 static void printhex (size_t len, const char *p)
32 {
33     while (len--)
34         printf (" %02X", 0xff & *p++);
35 }
36 
printdata(krb5_data * d)37 static void printdata (krb5_data *d) {
38     printhex (d->length, d->data);
39 }
40 
test_pbkdf2_rfc3211(void)41 static void test_pbkdf2_rfc3211(void)
42 {
43     char x[100];
44     krb5_error_code err;
45     krb5_data d, pass, salt;
46     int i;
47 
48     /* RFC 3211 test cases.  */
49     static const struct {
50         const char *pass;
51         const char *salt;
52         unsigned int count;
53         size_t len;
54         const unsigned char expected[24];
55     } t[] = {
56         { "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 5, 8,
57           { 0xD1, 0xDA, 0xA7, 0x86, 0x15, 0xF2, 0x87, 0xE6 } },
58         { "All n-entities must communicate with other "
59           "n-entities via n-1 entiteeheehees",
60           "\x12\x34\x56\x78\x78\x56\x34\x12", 500, 24,
61           { 0x6A, 0x89, 0x70, 0xBF, 0x68, 0xC9, 0x2C, 0xAE,
62             0xA8, 0x4A, 0x8D, 0xF2, 0x85, 0x10, 0x85, 0x86,
63             0x07, 0x12, 0x63, 0x80, 0xCC, 0x47, 0xAB, 0x2D } },
64     };
65 
66     d.data = x;
67     printf("RFC 3211 test of PBKDF#2\n");
68 
69     for (i = 0; i < sizeof(t)/sizeof(t[0]); i++) {
70 
71         printf("pkbdf2(iter_count=%d, dklen=%d (%d bytes), salt=12 34 56 78 78 56 34 12,\n"
72                "       pass=%s):\n  ->",
73                t[i].count, t[i].len * 8, t[i].len, t[i].pass);
74 
75         d.length = t[i].len;
76         pass.data = t[i].pass;
77         pass.length = strlen(pass.data);
78         salt.data = t[i].salt;
79         salt.length = strlen(salt.data);
80         err = krb5int_pbkdf2_hmac_sha1 (&d, t[i].count, &pass, &salt);
81         if (err) {
82             printf("error in computing pbkdf2: %s\n", error_message(err));
83             exit(1);
84         }
85         printdata(&d);
86         if (!memcmp(x, t[i].expected, t[i].len))
87             printf("\nTest passed.\n\n");
88         else {
89             printf("\n*** CHECK FAILED!\n");
90             exit(1);
91         }
92     }
93 }
94 
main(void)95 int main(void)
96 {
97     test_pbkdf2_rfc3211();
98     return 0;
99 }
100