test-sha1: Add test vectors from RFC 6070

The test with very large iterations count is commented out since it
takes quite long to derive (it does pass, though). In addition, the
last test vector is commented out since pbkdf2_sha1() does not support
arbitrary binary passphrases (\0 inside the string).
This commit is contained in:
Jouni Malinen 2011-01-10 20:41:04 +02:00
parent 60ea8187c9
commit 8d806cc2af

View File

@ -291,6 +291,92 @@ static struct passphrase_test passphrase_tests[] =
(sizeof(passphrase_tests) / sizeof(passphrase_tests[0]))
struct rfc6070_test {
char *p;
char *s;
int c;
char dk[32];
size_t dk_len;
};
static struct rfc6070_test rfc6070_tests[] =
{
{
"password",
"salt",
1,
{
0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
0x2f, 0xe0, 0x37, 0xa6
},
20
},
{
"password",
"salt",
2,
{
0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
0xd8, 0xde, 0x89, 0x57
},
20
},
{
"password",
"salt",
4096,
{
0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
0x65, 0xa4, 0x29, 0xc1
},
20
},
#if 0 /* This takes quite long to derive.. */
{
"password",
"salt",
16777216,
{
0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
0x26, 0x34, 0xe9, 0x84
},
20
},
#endif
{
"passwordPASSWORDpassword",
"saltSALTsaltSALTsaltSALTsaltSALTsalt",
4096,
{
0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
0x38
},
25
},
#if 0 /* \0 not currently supported in passphrase parameters.. */
{
"pass\0word",
"sa\0lt",
4096,
{
0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3
},
16
},
#endif
};
#define NUM_RFC6070_TESTS \
(sizeof(rfc6070_tests) / sizeof(rfc6070_tests[0]))
int main(int argc, char *argv[])
{
u8 res[512];
@ -343,5 +429,19 @@ int main(int argc, char *argv[])
}
}
printf("PBKDF2-SHA1 test cases (RFC 6070):\n");
for (i = 0; i < NUM_RFC6070_TESTS; i++) {
u8 dk[25];
struct rfc6070_test *test = &rfc6070_tests[i];
pbkdf2_sha1(test->p, test->s, strlen(test->s), test->c,
dk, test->dk_len);
if (memcmp(dk, test->dk, test->dk_len) == 0)
printf("Test case %d - OK\n", i);
else {
printf("Test case %d - FAILED!\n", i);
ret++;
}
}
return ret;
}