pbetest.c 4.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136
  1. /*
  2. * Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <string.h>
  10. #include "testutil.h"
  11. #include <openssl/evp.h>
  12. #include <openssl/x509.h>
  13. #include <openssl/rc4.h>
  14. #include <openssl/md5.h>
  15. #if !defined OPENSSL_NO_RC4 && !defined OPENSSL_NO_MD5 \
  16. || !defined OPENSSL_NO_DES && !defined OPENSSL_NO_SHA1
  17. static const char pbe_password[] = "MyVoiceIsMyPassport";
  18. static unsigned char pbe_salt[] = {
  19. 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
  20. };
  21. static const int pbe_iter = 1000;
  22. static unsigned char pbe_plaintext[] = {
  23. 0x57, 0x65, 0x20, 0x61, 0x72, 0x65, 0x20, 0x61,
  24. 0x6c, 0x6c, 0x20, 0x6d, 0x61, 0x64, 0x65, 0x20,
  25. 0x6f, 0x66, 0x20, 0x73, 0x74, 0x61, 0x72, 0x73,
  26. };
  27. #endif
  28. /* Expected output generated using OpenSSL 1.1.1 */
  29. #if !defined OPENSSL_NO_RC4 && !defined OPENSSL_NO_MD5
  30. static const unsigned char pbe_ciphertext_rc4_md5[] = {
  31. 0x21, 0x90, 0xfa, 0xee, 0x95, 0x66, 0x59, 0x45,
  32. 0xfa, 0x1e, 0x9f, 0xe2, 0x25, 0xd2, 0xf9, 0x71,
  33. 0x94, 0xe4, 0x3d, 0xc9, 0x7c, 0xb0, 0x07, 0x23,
  34. };
  35. #endif
  36. #if !defined OPENSSL_NO_DES && !defined OPENSSL_NO_SHA1
  37. static const unsigned char pbe_ciphertext_des_sha1[] = {
  38. 0xce, 0x4b, 0xb0, 0x0a, 0x7b, 0x48, 0xd7, 0xe3,
  39. 0x9a, 0x9f, 0x46, 0xd6, 0x41, 0x42, 0x4b, 0x44,
  40. 0x36, 0x45, 0x5f, 0x60, 0x8f, 0x3c, 0xd0, 0x55,
  41. 0xd0, 0x8d, 0xa9, 0xab, 0x78, 0x5b, 0x63, 0xaf,
  42. };
  43. #endif
  44. #if !defined OPENSSL_NO_RC4 && !defined OPENSSL_NO_MD5 \
  45. || !defined OPENSSL_NO_DES && !defined OPENSSL_NO_SHA1
  46. static int test_pkcs5_pbe(const EVP_CIPHER *cipher, const EVP_MD *md,
  47. const unsigned char *exp, const int exp_len)
  48. {
  49. int ret = 0;
  50. EVP_CIPHER_CTX *ctx;
  51. X509_ALGOR *algor = NULL;
  52. int i, outlen;
  53. unsigned char out[32];
  54. ctx = EVP_CIPHER_CTX_new();
  55. if (!TEST_ptr(ctx))
  56. goto err;
  57. algor = X509_ALGOR_new();
  58. if (!TEST_ptr(algor))
  59. goto err;
  60. if (!TEST_true(PKCS5_pbe_set0_algor(algor, EVP_CIPHER_nid(cipher), pbe_iter,
  61. pbe_salt, sizeof(pbe_salt)))
  62. || !TEST_true(PKCS5_PBE_keyivgen(ctx, pbe_password, strlen(pbe_password),
  63. algor->parameter, cipher, md, 1))
  64. || !TEST_true(EVP_CipherUpdate(ctx, out, &i, pbe_plaintext,
  65. sizeof(pbe_plaintext))))
  66. goto err;
  67. outlen = i;
  68. if (!TEST_true(EVP_CipherFinal_ex(ctx, out + i, &i)))
  69. goto err;
  70. outlen += i;
  71. if (!TEST_mem_eq(out, outlen, exp, exp_len))
  72. goto err;
  73. /* Decrypt */
  74. if (!TEST_true(PKCS5_PBE_keyivgen(ctx, pbe_password, strlen(pbe_password),
  75. algor->parameter, cipher, md, 0))
  76. || !TEST_true(EVP_CipherUpdate(ctx, out, &i, exp, exp_len)))
  77. goto err;
  78. outlen = i;
  79. if (!TEST_true(EVP_CipherFinal_ex(ctx, out + i, &i)))
  80. goto err;
  81. if (!TEST_mem_eq(out, outlen, pbe_plaintext, sizeof(pbe_plaintext)))
  82. goto err;
  83. ret = 1;
  84. err:
  85. EVP_CIPHER_CTX_free(ctx);
  86. X509_ALGOR_free(algor);
  87. return ret;
  88. }
  89. #endif
  90. #if !defined OPENSSL_NO_RC4 && !defined OPENSSL_NO_MD5
  91. static int test_pkcs5_pbe_rc4_md5(void)
  92. {
  93. return test_pkcs5_pbe(EVP_rc4(), EVP_md5(), pbe_ciphertext_rc4_md5, sizeof(pbe_ciphertext_rc4_md5));
  94. }
  95. #endif
  96. #if !defined OPENSSL_NO_DES && !defined OPENSSL_NO_SHA1
  97. static int test_pkcs5_pbe_des_sha1(void)
  98. {
  99. return test_pkcs5_pbe(EVP_des_cbc(), EVP_sha1(), pbe_ciphertext_des_sha1, sizeof(pbe_ciphertext_des_sha1));
  100. }
  101. #endif
  102. int setup_tests(void)
  103. {
  104. #if !defined OPENSSL_NO_RC4 && !defined OPENSSL_NO_MD5
  105. ADD_TEST(test_pkcs5_pbe_rc4_md5);
  106. #endif
  107. #if !defined OPENSSL_NO_DES && !defined OPENSSL_NO_SHA1
  108. ADD_TEST(test_pkcs5_pbe_des_sha1);
  109. #endif
  110. return 1;
  111. }