1*fa64de43Stedu /* $OpenBSD: bcrypt_pbkdf_test.c,v 1.7 2014/08/10 16:36:13 tedu Exp $ */
2*fa64de43Stedu /*
3*fa64de43Stedu * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
4*fa64de43Stedu *
5*fa64de43Stedu * Permission to use, copy, modify, and distribute this software for any
6*fa64de43Stedu * purpose with or without fee is hereby granted, provided that the above
7*fa64de43Stedu * copyright notice and this permission notice appear in all copies.
8*fa64de43Stedu *
9*fa64de43Stedu * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10*fa64de43Stedu * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11*fa64de43Stedu * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12*fa64de43Stedu * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13*fa64de43Stedu * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14*fa64de43Stedu * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15*fa64de43Stedu * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16*fa64de43Stedu */
17*fa64de43Stedu
18fd424f55Sguenther #include <stdint.h>
19612d827bStedu #include <stdio.h>
206ae09622Stedu #include <string.h>
21612d827bStedu
22612d827bStedu #include <util.h>
23612d827bStedu
24612d827bStedu struct test {
25612d827bStedu int rounds;
26612d827bStedu size_t passlen;
27612d827bStedu const char *password;
28612d827bStedu size_t saltlen;
29612d827bStedu const uint8_t *salt;
30612d827bStedu size_t keylen;
31612d827bStedu const uint8_t *key;
32612d827bStedu };
33612d827bStedu
34612d827bStedu struct test tests[] = {
35612d827bStedu /* basic */
36612d827bStedu { 4, 8, "password", 4, "salt", 32,
37e6a52cd9Stedu "\x5b\xbf\x0c\xc2\x93\x58\x7f\x1c\x36\x35\x55\x5c\x27\x79\x65\x98"
38e6a52cd9Stedu "\xd4\x7e\x57\x90\x71\xbf\x42\x7e\x9d\x8f\xbe\x84\x2a\xba\x34\xd9"
39612d827bStedu },
40612d827bStedu { 4, 8, "password", 1, "", 16,
41e6a52cd9Stedu "\xc1\x2b\x56\x62\x35\xee\xe0\x4c\x21\x25\x98\x97\x0a\x57\x9a\x67"
42612d827bStedu },
43612d827bStedu { 4, 1, "", 4, "salt", 16,
44e6a52cd9Stedu "\x60\x51\xbe\x18\xc2\xf4\xf8\x2c\xbf\x0e\xfe\xe5\x47\x1b\x4b\xb9"
45612d827bStedu },
46612d827bStedu /* nul bytes in password and string */
47612d827bStedu { 4, 9, "password", 5, "salt", 32,
48e6a52cd9Stedu "\x74\x10\xe4\x4c\xf4\xfa\x07\xbf\xaa\xc8\xa9\x28\xb1\x72\x7f\xac"
49e6a52cd9Stedu "\x00\x13\x75\xe7\xbf\x73\x84\x37\x0f\x48\xef\xd1\x21\x74\x30\x50"
50612d827bStedu },
51612d827bStedu { 4, 8, "pass\0word", 4, "sa\0lt", 16,
52e6a52cd9Stedu "\xc2\xbf\xfd\x9d\xb3\x8f\x65\x69\xef\xef\x43\x72\xf4\xde\x83\xc0"
53612d827bStedu },
54612d827bStedu { 4, 9, "pass\0word", 5, "sa\0lt", 16,
55e6a52cd9Stedu "\x4b\xa4\xac\x39\x25\xc0\xe8\xd7\xf0\xcd\xb6\xbb\x16\x84\xa5\x6f"
56612d827bStedu },
57612d827bStedu /* bigger key */
58612d827bStedu { 8, 8, "password", 4, "salt", 64,
59e6a52cd9Stedu "\xe1\x36\x7e\xc5\x15\x1a\x33\xfa\xac\x4c\xc1\xc1\x44\xcd\x23\xfa"
60e6a52cd9Stedu "\x15\xd5\x54\x84\x93\xec\xc9\x9b\x9b\x5d\x9c\x0d\x3b\x27\xbe\xc7"
61e6a52cd9Stedu "\x62\x27\xea\x66\x08\x8b\x84\x9b\x20\xab\x7a\xa4\x78\x01\x02\x46"
62e6a52cd9Stedu "\xe7\x4b\xba\x51\x72\x3f\xef\xa9\xf9\x47\x4d\x65\x08\x84\x5e\x8d"
63612d827bStedu },
64612d827bStedu /* more rounds */
65612d827bStedu { 42, 8, "password", 4, "salt", 16,
66e6a52cd9Stedu "\x83\x3c\xf0\xdc\xf5\x6d\xb6\x56\x08\xe8\xf0\xdc\x0c\xe8\x82\xbd"
67612d827bStedu },
68612d827bStedu /* longer password */
69c4607e8bStedu { 8, 446,
70612d827bStedu "Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do "
71612d827bStedu "eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut "
72612d827bStedu "enim ad minim veniam, quis nostrud exercitation ullamco laboris "
73612d827bStedu "nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor "
74612d827bStedu "in reprehenderit in voluptate velit esse cillum dolore eu fugiat "
75612d827bStedu "nulla pariatur. Excepteur sint occaecat cupidatat non proident, "
76612d827bStedu "sunt in culpa qui officia deserunt mollit anim id est laborum.",
77612d827bStedu 6, "salis", 16,
78e6a52cd9Stedu "\x10\x97\x8b\x07\x25\x3d\xf5\x7f\x71\xa1\x62\xeb\x0e\x8a\xd3\x0a"
79612d827bStedu },
80612d827bStedu /* "unicode" */
81612d827bStedu { 8,
82612d827bStedu 16, "\x0d\xb3\xac\x94\xb3\xee\x53\x28\x4f\x4a\x22\x89\x3b\x3c\x24\xae",
83612d827bStedu 16, "\x3a\x62\xf0\xf0\xdb\xce\xf8\x23\xcf\xcc\x85\x48\x56\xea\x10\x28",
84e6a52cd9Stedu 16, "\x20\x44\x38\x17\x5e\xee\x7c\xe1\x36\xc9\x1b\x49\xa6\x79\x23\xff"
85612d827bStedu },
86612d827bStedu /* very large key */
87612d827bStedu { 8,
88612d827bStedu 16, "\x0d\xb3\xac\x94\xb3\xee\x53\x28\x4f\x4a\x22\x89\x3b\x3c\x24\xae",
89612d827bStedu 16, "\x3a\x62\xf0\xf0\xdb\xce\xf8\x23\xcf\xcc\x85\x48\x56\xea\x10\x28",
90612d827bStedu 256,
91e6a52cd9Stedu "\x20\x54\xb9\xff\xf3\x4e\x37\x21\x44\x03\x34\x74\x68\x28\xe9\xed"
92e6a52cd9Stedu "\x38\xde\x4b\x72\xe0\xa6\x9a\xdc\x17\x0a\x13\xb5\xe8\xd6\x46\x38"
93e6a52cd9Stedu "\x5e\xa4\x03\x4a\xe6\xd2\x66\x00\xee\x23\x32\xc5\xed\x40\xad\x55"
94e6a52cd9Stedu "\x7c\x86\xe3\x40\x3f\xbb\x30\xe4\xe1\xdc\x1a\xe0\x6b\x99\xa0\x71"
95e6a52cd9Stedu "\x36\x8f\x51\x8d\x2c\x42\x66\x51\xc9\xe7\xe4\x37\xfd\x6c\x91\x5b"
96e6a52cd9Stedu "\x1b\xbf\xc3\xa4\xce\xa7\x14\x91\x49\x0e\xa7\xaf\xb7\xdd\x02\x90"
97e6a52cd9Stedu "\xa6\x78\xa4\xf4\x41\x12\x8d\xb1\x79\x2e\xab\x27\x76\xb2\x1e\xb4"
98e6a52cd9Stedu "\x23\x8e\x07\x15\xad\xd4\x12\x7d\xff\x44\xe4\xb3\xe4\xcc\x4c\x4f"
99e6a52cd9Stedu "\x99\x70\x08\x3f\x3f\x74\xbd\x69\x88\x73\xfd\xf6\x48\x84\x4f\x75"
100e6a52cd9Stedu "\xc9\xbf\x7f\x9e\x0c\x4d\x9e\x5d\x89\xa7\x78\x39\x97\x49\x29\x66"
101e6a52cd9Stedu "\x61\x67\x07\x61\x1c\xb9\x01\xde\x31\xa1\x97\x26\xb6\xe0\x8c\x3a"
102e6a52cd9Stedu "\x80\x01\x66\x1f\x2d\x5c\x9d\xcc\x33\xb4\xaa\x07\x2f\x90\xdd\x0b"
103e6a52cd9Stedu "\x3f\x54\x8d\x5e\xeb\xa4\x21\x13\x97\xe2\xfb\x06\x2e\x52\x6e\x1d"
104e6a52cd9Stedu "\x68\xf4\x6a\x4c\xe2\x56\x18\x5b\x4b\xad\xc2\x68\x5f\xbe\x78\xe1"
105e6a52cd9Stedu "\xc7\x65\x7b\x59\xf8\x3a\xb9\xab\x80\xcf\x93\x18\xd6\xad\xd1\xf5"
106e6a52cd9Stedu "\x93\x3f\x12\xd6\xf3\x61\x82\xc8\xe8\x11\x5f\x68\x03\x0a\x12\x44"
107612d827bStedu },
108612d827bStedu };
109612d827bStedu
110612d827bStedu void
printkey(const uint8_t * key,size_t keylen)111a3b92c26Stedu printkey(const uint8_t *key, size_t keylen)
112612d827bStedu {
113612d827bStedu int k;
114612d827bStedu
115612d827bStedu for (k = 0; k < keylen; k++) {
116612d827bStedu printf("\\x%.2x", key[k]);
117612d827bStedu if (k % 16 == 15)
118612d827bStedu printf("\n");
119612d827bStedu }
120612d827bStedu printf("\n");
121612d827bStedu }
122612d827bStedu
123612d827bStedu int
main()124612d827bStedu main()
125612d827bStedu {
126612d827bStedu uint8_t key[1024];
127612d827bStedu char *password = "password";
128612d827bStedu char *salt = "salt";
129612d827bStedu int i, fails;
130612d827bStedu struct test *t;
131612d827bStedu
132612d827bStedu fails = 0;
1336ae09622Stedu
1346ae09622Stedu memset(key, 0, 1024);
1356ae09622Stedu bcrypt_pbkdf("password", 8, "salt", 4, key, 88, 4);
1366ae09622Stedu if (key[88] || key[89] || key[90]) {
1376ae09622Stedu printf("OVERWRITE\n");
1386ae09622Stedu fails++;
1396ae09622Stedu }
1406ae09622Stedu
141612d827bStedu for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) {
142612d827bStedu t = &tests[i];
143612d827bStedu bcrypt_pbkdf(t->password, t->passlen, t->salt, t->saltlen,
144612d827bStedu key, t->keylen, t->rounds);
145612d827bStedu if (memcmp(key, t->key, t->keylen) != 0) {
146612d827bStedu printf("test %d FAILED\n", i);
147612d827bStedu printf("expected:\n");
148612d827bStedu printkey(t->key, t->keylen);
149612d827bStedu printf("result:\n");
150612d827bStedu printkey(key, t->keylen);
151612d827bStedu fails++;
152612d827bStedu }
153612d827bStedu }
154612d827bStedu return fails;
155612d827bStedu }
156