xref: /openbsd-src/regress/lib/libcrypto/pbkdf2/pbkdf2.c (revision 21b7c6ba441a1e5ca9acb392440b151ccd0c21c5) 
1*21b7c6baStb /*	$OpenBSD: pbkdf2.c,v 1.3 2023/11/19 13:11:06 tb Exp $	*/
2dc30d5f3Smiod /* Written by Christian Heimes, 2013 */
3dc30d5f3Smiod /*
4dc30d5f3Smiod  * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
5dc30d5f3Smiod  *
6dc30d5f3Smiod  * Redistribution and use in source and binary forms, with or without
7dc30d5f3Smiod  * modification, are permitted provided that the following conditions
8dc30d5f3Smiod  * are met:
9dc30d5f3Smiod  *
10dc30d5f3Smiod  * 1. Redistributions of source code must retain the above copyright
11dc30d5f3Smiod  *    notice, this list of conditions and the following disclaimer.
12dc30d5f3Smiod  *
13dc30d5f3Smiod  * 2. Redistributions in binary form must reproduce the above copyright
14dc30d5f3Smiod  *    notice, this list of conditions and the following disclaimer in
15dc30d5f3Smiod  *    the documentation and/or other materials provided with the
16dc30d5f3Smiod  *    distribution.
17dc30d5f3Smiod  *
18dc30d5f3Smiod  * 3. All advertising materials mentioning features or use of this
19dc30d5f3Smiod  *    software must display the following acknowledgment:
20dc30d5f3Smiod  *    "This product includes software developed by the OpenSSL Project
21dc30d5f3Smiod  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22dc30d5f3Smiod  *
23dc30d5f3Smiod  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24dc30d5f3Smiod  *    endorse or promote products derived from this software without
25dc30d5f3Smiod  *    prior written permission. For written permission, please contact
26dc30d5f3Smiod  *    openssl-core@openssl.org.
27dc30d5f3Smiod  *
28dc30d5f3Smiod  * 5. Products derived from this software may not be called "OpenSSL"
29dc30d5f3Smiod  *    nor may "OpenSSL" appear in their names without prior written
30dc30d5f3Smiod  *    permission of the OpenSSL Project.
31dc30d5f3Smiod  *
32dc30d5f3Smiod  * 6. Redistributions of any form whatsoever must retain the following
33dc30d5f3Smiod  *    acknowledgment:
34dc30d5f3Smiod  *    "This product includes software developed by the OpenSSL Project
35dc30d5f3Smiod  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36dc30d5f3Smiod  *
37dc30d5f3Smiod  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38dc30d5f3Smiod  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39dc30d5f3Smiod  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40dc30d5f3Smiod  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
41dc30d5f3Smiod  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42dc30d5f3Smiod  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43dc30d5f3Smiod  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44dc30d5f3Smiod  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45dc30d5f3Smiod  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46dc30d5f3Smiod  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47dc30d5f3Smiod  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48dc30d5f3Smiod  * OF THE POSSIBILITY OF SUCH DAMAGE.
49dc30d5f3Smiod  */
50dc30d5f3Smiod 
51dc30d5f3Smiod 
52dc30d5f3Smiod #include <stdio.h>
53dc30d5f3Smiod #include <stdlib.h>
54dc30d5f3Smiod #include <string.h>
55dc30d5f3Smiod #include <errno.h>
56dc30d5f3Smiod 
57dc30d5f3Smiod #include <openssl/opensslconf.h>
58dc30d5f3Smiod #include <openssl/evp.h>
59dc30d5f3Smiod #include <openssl/err.h>
60dc30d5f3Smiod #include <openssl/conf.h>
61dc30d5f3Smiod 
62dc30d5f3Smiod typedef struct {
63dc30d5f3Smiod 	const char *pass;
64dc30d5f3Smiod 	int passlen;
65dc30d5f3Smiod 	const char *salt;
66dc30d5f3Smiod 	int saltlen;
67dc30d5f3Smiod 	int iter;
68dc30d5f3Smiod } testdata;
69dc30d5f3Smiod 
70dc30d5f3Smiod static const testdata test_cases[] = {
71dc30d5f3Smiod 	{"password", 8, "salt", 4, 1},
72dc30d5f3Smiod 	{"password", 8, "salt", 4, 2},
73dc30d5f3Smiod 	{"password", 8, "salt", 4, 4096},
74dc30d5f3Smiod 	{"passwordPASSWORDpassword", 24,
75dc30d5f3Smiod 	 "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36, 4096},
76dc30d5f3Smiod 	{"pass\0word", 9, "sa\0lt", 5, 4096},
77dc30d5f3Smiod 	{NULL},
78dc30d5f3Smiod };
79dc30d5f3Smiod 
80dc30d5f3Smiod static const char *sha1_results[] = {
81dc30d5f3Smiod 	"0c60c80f961f0e71f3a9b524af6012062fe037a6",
82dc30d5f3Smiod 	"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957",
83dc30d5f3Smiod 	"4b007901b765489abead49d926f721d065a429c1",
84dc30d5f3Smiod 	"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038",
85dc30d5f3Smiod 	"56fa6aa75548099dcc37d7f03425e0c3",
86dc30d5f3Smiod };
87dc30d5f3Smiod 
88dc30d5f3Smiod static const char *sha256_results[] = {
89dc30d5f3Smiod 	"120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b",
90dc30d5f3Smiod 	"ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43",
91dc30d5f3Smiod 	"c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a",
92dc30d5f3Smiod 	"348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c63551"
93dc30d5f3Smiod 		"8c7dac47e9",
94dc30d5f3Smiod 	"89b69d0516f829893c696226650a8687",
95dc30d5f3Smiod };
96dc30d5f3Smiod 
97dc30d5f3Smiod static const char *sha512_results[] = {
98dc30d5f3Smiod 	"867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d47"
99dc30d5f3Smiod 		"0a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce",
100dc30d5f3Smiod 	"e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab"
101dc30d5f3Smiod 		"2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e",
102dc30d5f3Smiod 	"d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30"
103dc30d5f3Smiod 		"602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5",
104dc30d5f3Smiod 	"8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59"
105dc30d5f3Smiod 		"f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8",
106dc30d5f3Smiod 	"9d9e9c4cd21fe4be24d5b8244c759665",
107dc30d5f3Smiod };
108dc30d5f3Smiod 
109dc30d5f3Smiod static void
hexdump(FILE * f,const char * title,const unsigned char * s,size_t len)110dc30d5f3Smiod hexdump(FILE *f, const char *title, const unsigned char *s, size_t len)
111dc30d5f3Smiod {
112dc30d5f3Smiod 	fprintf(f, "%s", title);
113dc30d5f3Smiod 	for (; len != 0; len--)
114dc30d5f3Smiod 		fprintf(f, " 0x%02x", *(s++));
115dc30d5f3Smiod 	fprintf(f, "\n");
116dc30d5f3Smiod }
117dc30d5f3Smiod 
118dc30d5f3Smiod static int
convert(unsigned char * dst,const unsigned char * src,size_t len)119dc30d5f3Smiod convert(unsigned char *dst, const unsigned char *src, size_t len)
120dc30d5f3Smiod {
121dc30d5f3Smiod 	unsigned int n;
122dc30d5f3Smiod 
123dc30d5f3Smiod 	for (; len != 0; src += 2, len--) {
124dc30d5f3Smiod 		if (sscanf((char *)src, "%2x", &n) != 1)
125dc30d5f3Smiod 			return EINVAL;
126dc30d5f3Smiod 		*dst++ = (unsigned char)n;
127dc30d5f3Smiod 	}
128dc30d5f3Smiod 	return 0;
129dc30d5f3Smiod }
130dc30d5f3Smiod 
131dc30d5f3Smiod static void
test_p5_pbkdf2(unsigned int n,const char * digestname,const testdata * test,const char * hex)132dc30d5f3Smiod test_p5_pbkdf2(unsigned int n, const char *digestname, const testdata *test,
133dc30d5f3Smiod     const char *hex)
134dc30d5f3Smiod {
135dc30d5f3Smiod 	const EVP_MD *digest;
136dc30d5f3Smiod 	unsigned char *out;
137dc30d5f3Smiod 	unsigned char *expected;
138dc30d5f3Smiod 	size_t keylen;
139dc30d5f3Smiod 	int r;
140dc30d5f3Smiod 
141dc30d5f3Smiod 	digest = EVP_get_digestbyname(digestname);
142dc30d5f3Smiod 	if (digest == NULL) {
143dc30d5f3Smiod 		fprintf(stderr, "unknown digest %s\n", digestname);
144dc30d5f3Smiod 		exit(5);
145dc30d5f3Smiod 	}
146dc30d5f3Smiod 
147dc30d5f3Smiod 	keylen = strlen(hex);
148dc30d5f3Smiod 	if ((keylen % 2) != 0) {
149dc30d5f3Smiod 		fprintf(stderr, "odd hex string %s, digest %u\n", digestname, n);
150dc30d5f3Smiod 		exit(5);
151dc30d5f3Smiod 	}
152dc30d5f3Smiod 	keylen /= 2;
153dc30d5f3Smiod 	expected = malloc(keylen);
154dc30d5f3Smiod 	out = malloc(keylen);
155dc30d5f3Smiod 	if (expected == NULL || out == NULL) {
156dc30d5f3Smiod 		fprintf(stderr, "malloc() failed\n");
157dc30d5f3Smiod 		exit(5);
158dc30d5f3Smiod 	}
159dc30d5f3Smiod 	if (convert(expected, (const unsigned char *)hex, keylen) != 0) {
160dc30d5f3Smiod 		fprintf(stderr, "invalid hex string %s, digest %u\n", hex, n);
161dc30d5f3Smiod 		exit(5);
162dc30d5f3Smiod 	}
163dc30d5f3Smiod 
164dc30d5f3Smiod 	r = PKCS5_PBKDF2_HMAC(test->pass, test->passlen,
165dc30d5f3Smiod 	    (const unsigned char *)test->salt, test->saltlen,
166dc30d5f3Smiod 	    test->iter, digest, keylen, out);
167dc30d5f3Smiod 
168dc30d5f3Smiod 	if (r == 0) {
169dc30d5f3Smiod 		fprintf(stderr, "PKCS5_PBKDF2_HMAC(%s) failure test %u\n",
170dc30d5f3Smiod 		    digestname, n);
171dc30d5f3Smiod 		exit(3);
172dc30d5f3Smiod 	}
173dc30d5f3Smiod 	if (memcmp(expected, out, keylen) != 0) {
174dc30d5f3Smiod 		fprintf(stderr,
175dc30d5f3Smiod 		    "Wrong result for PKCS5_PBKDF2_HMAC(%s) test %u\n",
176dc30d5f3Smiod 		    digestname, n);
177dc30d5f3Smiod 		hexdump(stderr, "expected: ", expected, keylen);
178dc30d5f3Smiod 		hexdump(stderr, "result:   ", out, keylen);
179dc30d5f3Smiod 		exit(2);
180dc30d5f3Smiod 	}
181dc30d5f3Smiod 	free(expected);
182dc30d5f3Smiod 	free(out);
183dc30d5f3Smiod }
184dc30d5f3Smiod 
185dc30d5f3Smiod int
main(int argc,char ** argv)186dc30d5f3Smiod main(int argc,char **argv)
187dc30d5f3Smiod {
188dc30d5f3Smiod 	unsigned int n;
189dc30d5f3Smiod 	const testdata *test = test_cases;
190dc30d5f3Smiod 
191dc30d5f3Smiod 	OpenSSL_add_all_digests();
192dc30d5f3Smiod 
193dc30d5f3Smiod 	for (n = 0; test->pass != NULL; n++, test++) {
194dc30d5f3Smiod 		test_p5_pbkdf2(n, "sha1", test, sha1_results[n]);
195dc30d5f3Smiod 		test_p5_pbkdf2(n, "sha256", test, sha256_results[n]);
196dc30d5f3Smiod 		test_p5_pbkdf2(n, "sha512", test, sha512_results[n]);
197dc30d5f3Smiod 	}
198dc30d5f3Smiod 
199dc30d5f3Smiod 	EVP_cleanup();
200dc30d5f3Smiod 	CRYPTO_cleanup_all_ex_data();
201dc30d5f3Smiod 	ERR_remove_thread_state(NULL);
202dc30d5f3Smiod 	ERR_free_strings();
203dc30d5f3Smiod 	return 0;
204dc30d5f3Smiod }
205