diff options
Diffstat (limited to 'src/Common/Tests.c')
| -rw-r--r-- | src/Common/Tests.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/src/Common/Tests.c b/src/Common/Tests.c index 4f53d4ed..530e7577 100644 --- a/src/Common/Tests.c +++ b/src/Common/Tests.c @@ -284,60 +284,63 @@ BOOL XTSAesTest (PCRYPTO_INFO ci) EncryptBufferXTS (p, sizeof (p), &dataUnitNo, XTS_vectors[i].blockNo, (unsigned char *) (ci->ks), (unsigned char *) ci->ks2, AES); if (memcmp (XTS_vectors[i].ciphertext, p, sizeof (p)) != 0) return FALSE; } return TRUE; } // AES ECB test vectors FIPS-197 #define AES_TEST_COUNT 1 typedef struct { unsigned char key[32]; unsigned char plaintext[16]; unsigned char ciphertext[16]; } AES_TEST; AES_TEST aes_ecb_vectors[AES_TEST_COUNT] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f, 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f, 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff, 0x8e,0xa2,0xb7,0xca,0x51,0x67,0x45,0xbf,0xea,0xfc,0x49,0x90,0x4b,0x49,0x60,0x89 }; + +#ifndef WOLFCRYPT_BACKEND + // Serpent ECB test vectors #define SERPENT_TEST_COUNT 1 typedef struct { unsigned char key[32]; unsigned char plaintext[16]; unsigned char ciphertext[16]; } SERPENT_TEST; SERPENT_TEST serpent_vectors[SERPENT_TEST_COUNT] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xde, 0x26, 0x9f, 0xf8, 0x33, 0xe4, 0x32, 0xb8, 0x5b, 0x2e, 0x88, 0xd2, 0x70, 0x1c, 0xe7, 0x5c }; // Twofish ECB test vectors #define TWOFISH_TEST_COUNT 1 typedef struct { unsigned char key[32]; unsigned char plaintext[16]; unsigned char ciphertext[16]; } TWOFISH_TEST; TWOFISH_TEST twofish_vectors[TWOFISH_TEST_COUNT] = { 0xD4, 0x3B, 0xB7, 0x55, 0x6E, 0xA3, 0x2E, 0x46, 0xF2, 0xA2, 0x82, 0xB7, 0xD4, 0x5B, 0x4E, 0x0D, @@ -392,60 +395,61 @@ KUZNYECHIK_TEST kuznyechik_vectors[KUZNYECHIK_TEST_COUNT] = { 0x55, 0x66, 0x77, 0x00, 0xFF, 0xEE, 0xDD, 0xCC, 0xBB, 0xAA, 0x99, 0x88, 0x7F, 0x67, 0x9D, 0x90, 0xBE, 0xBC, 0x24, 0x30, 0x5A, 0x46, 0x8D, 0x42, 0xB9, 0xD4, 0xED, 0xCD }, { 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xEE, 0xFF, 0x0A, 0xB4, 0x29, 0x91, 0x2C, 0x6E, 0x00, 0x32, 0xF9, 0x28, 0x54, 0x52, 0xD7, 0x67, 0x18, 0xD0, 0x8B }, { 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xEE, 0xFF, 0x0A, 0x00, 0xF0, 0xCA, 0x33, 0x54, 0x9D, 0x24, 0x7C, 0xEE, 0xF3, 0xF5, 0xA5, 0x31, 0x3B, 0xD4, 0xB1, 0x57 }, { 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xEE, 0xFF, 0x0A, 0x00, 0x11, 0xD0, 0xB0, 0x9C, 0xCD, 0xE8, 0x30, 0xB9, 0xEB, 0x3A, 0x02, 0xC4, 0xC5, 0xAA, 0x8A, 0xDA, 0x98 } }; +#endif /* Test vectors from FIPS 198a, RFC 4231, RFC 2104, RFC 2202, and other sources. */ char *hmac_sha256_test_keys[] = { "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", "Jefe", "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19", "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", }; char *hmac_sha256_test_data[] = { "Hi There", "what do ya want for nothing?", "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd", "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd", "Test Using Larger Than Block-Size Key - Hash Key First", "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.", }; char *hmac_sha256_test_vectors[] = { "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7", "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec\x38\x43", "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5\x65\xfe", "\x82\x55\x8a\x38\x9a\x44\x3c\x0e\xa4\xcc\x81\x98\x99\xf2\x08\x3a\x85\xf0\xfa\xa3\xe5\x78\xf8\x07\x7a\x2e\x3f\xf4\x67\x29\x66\x5b", "\x60\xe4\x31\x59\x1e\xe0\xb6\x7f\x0d\x8a\x26\xaa\xcb\xf5\xb7\x7f\x8e\x0b\xc6\x21\x37\x28\xc5\x14\x05\x46\x04\x0f\x0e\xe3\x7f\x54", @@ -757,60 +761,61 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) ENCRYPTION_DATA_UNIT_SIZE) != 0) { return FALSE; } // CRC of all data units in the buffer for each test case switch (testCase) { case 0: if (crc != 0x888f2990) return FALSE; nTestsPerformed++; break; case 1: if (crc != 0xea28ea34) return FALSE; nTestsPerformed++; break; case 2: if (crc != 0xe058f5a2) return FALSE; nTestsPerformed++; break; case 3: if (crc != 0x10473dc9) return FALSE; nTestsPerformed++; break; } } + #ifndef WOLFCRYPT_BACKEND else if (wcscmp (name, L"Serpent") == 0) { switch (testCase) { case 0: if (crc != 0x7edfecb3) return FALSE; nTestsPerformed++; break; case 1: if (crc != 0x357baaaa) return FALSE; nTestsPerformed++; break; case 2: if (crc != 0xc7b9fca5) return FALSE; nTestsPerformed++; break; case 3: if (crc != 0xb5263e0c) return FALSE; nTestsPerformed++; break; } } else if (wcscmp (name, L"Twofish") == 0) { switch (testCase) { @@ -1121,112 +1126,113 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) nTestsPerformed++; break; } } else if (wcscmp (name, L"Kuznyechik-Serpent-Camellia") == 0) { switch (testCase) { case 0: if (crc != 0x9d8ac7ee) return FALSE; nTestsPerformed++; break; case 1: if (crc != 0x5d7d347f) return FALSE; nTestsPerformed++; break; case 2: if (crc != 0x884b62ee) return FALSE; nTestsPerformed++; break; case 3: if (crc != 0x5c6c3997) return FALSE; nTestsPerformed++; break; } } - + #endif if (crc == 0x9f5edd58) return FALSE; DecryptDataUnits (buf, &unitNo, nbrUnits, ci); if (GetCrc32 (buf, sizeof (buf)) != 0x9f5edd58) return FALSE; nTestsPerformed++; } testCase++; } /* Encryption/decryption of a buffer (typically, a volume header) */ nbrUnits = sizeof (buf) / ENCRYPTION_DATA_UNIT_SIZE; // Test all EAs that support this mode of operation for (ci->ea = EAGetFirst (); ci->ea != 0; ci->ea = EAGetNext (ci->ea)) { if (!EAIsModeSupported (ci->ea, ci->mode)) continue; EAGetName (name, ARRAYSIZE(name), ci->ea, 0); if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS) return FALSE; memcpy (key2, XTS_vectors[XTS_TEST_COUNT-1].key2, sizeof (XTS_vectors[XTS_TEST_COUNT-1].key2)); if (!EAInitMode (ci, key2)) return FALSE; // Each data unit will contain the same plaintext for (i = 0; i < nbrUnits; i++) { memcpy ((unsigned char *) buf + i * ENCRYPTION_DATA_UNIT_SIZE, XTS_vectors[XTS_TEST_COUNT-1].plaintext, ENCRYPTION_DATA_UNIT_SIZE); } EncryptBuffer (buf, sizeof (buf), ci); crc = GetCrc32 (buf, sizeof (buf)); if (wcscmp (name, L"AES") == 0) { if (crc != 0x33b91fab) return FALSE; nTestsPerformed++; } + #ifndef WOLFCRYPT_BACKEND else if (wcscmp (name, L"Serpent") == 0) { if (crc != 0x3494d480) return FALSE; nTestsPerformed++; } else if (wcscmp (name, L"Twofish") == 0) { if (crc != 0xc4d65b46) return FALSE; nTestsPerformed++; } else if (wcscmp (name, L"Camellia") == 0) { if (crc != 0x8176b223) return FALSE; nTestsPerformed++; } else if (wcscmp (name, L"Kuznyechik") == 0) { if (crc != 0xd6d39cdb) return FALSE; nTestsPerformed++; } else if (wcscmp (name, L"AES-Twofish") == 0) { if (crc != 0x14ce7385) return FALSE; nTestsPerformed++; } @@ -1257,133 +1263,134 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) else if (wcscmp (name, L"Camellia-Kuznyechik") == 0) { if (crc != 0xe69d680d) return FALSE; nTestsPerformed++; } else if (wcscmp (name, L"Kuznyechik-Twofish") == 0) { if (crc != 0xe0aef0d1) return FALSE; nTestsPerformed++; } else if (wcscmp (name, L"Camellia-Serpent") == 0) { if (crc != 0x58aad727) return FALSE; nTestsPerformed++; } else if (wcscmp (name, L"Kuznyechik-AES") == 0) { if (crc != 0x4641234a) return FALSE; nTestsPerformed++; } else if (wcscmp (name, L"Kuznyechik-Serpent-Camellia") == 0) { if (crc != 0x755dad72) return FALSE; nTestsPerformed++; } - + #endif if (crc == 0x9f5edd58) return FALSE; DecryptBuffer (buf, sizeof (buf), ci); if (GetCrc32 (buf, sizeof (buf)) != 0x9f5edd58) return FALSE; nTestsPerformed++; } return (nTestsPerformed == 150); } static BOOL DoAutoTestAlgorithms (void) { PCRYPTO_INFO ci; CRYPTOPP_ALIGN_DATA(16) char key[32]; unsigned char tmp[16]; BOOL bFailed = FALSE; int i; ci = crypto_open (); if (!ci) return FALSE; memset (ci, 0, sizeof (*ci)); /* AES */ for (i = 0; i < AES_TEST_COUNT; i++) { int cipher = AES; memcpy(key, aes_ecb_vectors[i].key, 32); memcpy(tmp, aes_ecb_vectors[i].plaintext, 16); CipherInit(cipher, key, ks_tmp); EncipherBlock(cipher, tmp, ks_tmp); if (memcmp(aes_ecb_vectors[i].ciphertext, tmp, 16) != 0) break; DecipherBlock(cipher, tmp, ks_tmp); if (memcmp(aes_ecb_vectors[i].plaintext, tmp, 16) != 0) break; } if (i != AES_TEST_COUNT) bFailed = TRUE; // AES EncipherBlocks()/DecipherBlocks() { - byte testData[1024]; + uint8 testData[1024]; uint32 origCrc; size_t i; for (i = 0; i < sizeof (testData); ++i) { - testData[i] = (byte) i; + testData[i] = (uint8) i; } origCrc = GetCrc32 (testData, sizeof (testData)); CipherInit (AES, testData, ks_tmp); EncipherBlocks (AES, testData, ks_tmp, sizeof (testData) / CipherGetBlockSize (AES)); if (GetCrc32 (testData, sizeof (testData)) != 0xb5cd5631) bFailed = TRUE; DecipherBlocks (AES, testData, ks_tmp, sizeof (testData) / CipherGetBlockSize (AES)); if (origCrc != GetCrc32 (testData, sizeof (testData))) bFailed = TRUE; } + #ifndef WOLFCRYPT_BACKEND /* Serpent */ for (i = 0; i < SERPENT_TEST_COUNT; i++) { int cipher = SERPENT; memcpy(key, serpent_vectors[i].key, 32); memcpy(tmp, serpent_vectors[i].plaintext, 16); CipherInit(cipher, key, ks_tmp); EncipherBlock(cipher, tmp, ks_tmp); if (memcmp(serpent_vectors[i].ciphertext, tmp, 16) != 0) break; DecipherBlock(cipher, tmp, ks_tmp); if (memcmp(serpent_vectors[i].plaintext, tmp, 16) != 0) break; } if (i != SERPENT_TEST_COUNT) bFailed = TRUE; /* Twofish */ for (i = 0; i < TWOFISH_TEST_COUNT; i++) { int cipher = TWOFISH; memcpy(key, twofish_vectors[i].key, 32); memcpy(tmp, twofish_vectors[i].plaintext, 16); CipherInit(cipher, key, ks_tmp); @@ -1410,60 +1417,61 @@ static BOOL DoAutoTestAlgorithms (void) EncipherBlock(cipher, tmp, ks_tmp); if (memcmp(camellia_vectors[i].ciphertext, tmp, 16) != 0) break; DecipherBlock(cipher, tmp, ks_tmp); if (memcmp(camellia_vectors[i].plaintext, tmp, 16) != 0) break; } if (i != CAMELLIA_TEST_COUNT) bFailed = TRUE; /* Kuznyechik */ for (i = 0; i < KUZNYECHIK_TEST_COUNT; i++) { int cipher = KUZNYECHIK; memcpy(key, kuznyechik_vectors[i].key, 32); memcpy(tmp, kuznyechik_vectors[i].plaintext, 16); CipherInit(cipher, key, ks_tmp); EncipherBlock(cipher, tmp, ks_tmp); if (memcmp(kuznyechik_vectors[i].ciphertext, tmp, 16) != 0) break; DecipherBlock(cipher, tmp, ks_tmp); if (memcmp(kuznyechik_vectors[i].plaintext, tmp, 16) != 0) break; } if (i != KUZNYECHIK_TEST_COUNT) bFailed = TRUE; + #endif /* PKCS #5 and HMACs */ if (!test_pkcs5 ()) bFailed = TRUE; /* CRC-32 */ if (!crc32_selftests ()) bFailed = TRUE; /* GF multiplicator */ #if 0 if (!GfMulSelfTest ()) bFailed = TRUE; #endif /* XTS-AES */ if (!XTSAesTest (ci)) bFailed = TRUE; /* Sector and buffer related algorithms */ if (!TestSectorBufEncryption (ci)) bFailed = TRUE; crypto_close (ci); return !bFailed; } BOOL AutoTestAlgorithms (void) { @@ -1538,214 +1546,220 @@ BOOL test_hmac_sha256 () return (nTestsPerformed == 6); } BOOL test_hmac_sha512 () { unsigned int i; int nTestsPerformed = 0; for (i = 0; i < sizeof (hmac_sha512_test_data) / sizeof(char *); i++) { char digest[1024]; /* large enough to hold digets and test vector inputs */ size_t dataLen = strlen (hmac_sha512_test_data[i]); if (dataLen <= sizeof(digest)) { memcpy (digest, hmac_sha512_test_data[i], dataLen ); hmac_sha512 (hmac_sha512_test_keys[i], (int) strlen (hmac_sha512_test_keys[i]), digest, (int) dataLen); if (memcmp (digest, hmac_sha512_test_vectors[i], SHA512_DIGESTSIZE) != 0) return FALSE; else nTestsPerformed++; } else { return FALSE; } } return (nTestsPerformed == 6); } +#ifndef WOLFCRYPT_BACKEND BOOL test_hmac_blake2s () { unsigned int i; int nTestsPerformed = 0; for (i = 0; i < sizeof (hmac_blake2s_test_data) / sizeof(char *); i++) { char digest[1024]; /* large enough to hold digets and test vector inputs */ size_t dataLen = strlen (hmac_blake2s_test_data[i]); if (dataLen <= sizeof(digest)) { memcpy (digest, hmac_blake2s_test_data[i], dataLen); hmac_blake2s (hmac_blake2s_test_keys[i], (int) strlen (hmac_blake2s_test_keys[i]), digest, (int) dataLen); if (memcmp (digest, hmac_blake2s_test_vectors[i], BLAKE2S_DIGESTSIZE) != 0) return FALSE; else nTestsPerformed++; } else { return FALSE; } } return (nTestsPerformed == 6); } int __cdecl Blake2sHash (unsigned char* input, unsigned long inputLen, unsigned char* output) { blake2s(output, input, (size_t) inputLen); return BLAKE2S_DIGESTSIZE; } BOOL test_hmac_whirlpool () { unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */ memcpy (digest, hmac_whirlpool_test_data, strlen (hmac_whirlpool_test_data)); hmac_whirlpool (hmac_whirlpool_test_key, 64, digest, (int) strlen (hmac_whirlpool_test_data)); if (memcmp (digest, hmac_whirlpool_test_vectors, WHIRLPOOL_DIGESTSIZE) != 0) return FALSE; return TRUE; } +#endif /* http://www.tc26.ru/methods/recommendation/%D0%A2%D0%9A26%D0%90%D0%9B%D0%93.pdf */ /* https://tools.ietf.org/html/draft-smyshlyaev-gost-usage-00 */ /* https://datatracker.ietf.org/doc/rfc7836/?include_text=1 */ static const unsigned char gost3411_2012_hmac_k1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }; static const unsigned char gost3411_2012_hmac_m1[] = { 0x01, 0x26, 0xbd, 0xb8, 0x78, 0x00, 0xaf, 0x21, 0x43, 0x41, 0x45, 0x65, 0x63, 0x78, 0x01, 0x00 }; static const unsigned char gost3411_2012_hmac_r1[] = { 0xA5, 0x9B, 0xAB, 0x22, 0xEC, 0xAE, 0x19, 0xC6, 0x5F, 0xBD, 0xE6, 0xE5, 0xF4, 0xE9, 0xF5, 0xD8, 0x54, 0x9D, 0x31, 0xF0, 0x37, 0xF9, 0xDF, 0x9B, 0x90, 0x55, 0x00, 0xE1, 0x71, 0x92, 0x3A, 0x77, 0x3D, 0x5F, 0x15, 0x30, 0xF2, 0xED, 0x7E, 0x96, 0x4C, 0xB2, 0xEE, 0xDC, 0x29, 0xE9, 0xAD, 0x2F, 0x3A, 0xFE, 0x93, 0xB2, 0x81, 0x4F, 0x79, 0xF5, 0x00, 0x0F, 0xFC, 0x03, 0x66, 0xC2, 0x51, 0xE6 }; +#ifndef WOLFCRYPT_BACKEND BOOL test_hmac_streebog () { CRYPTOPP_ALIGN_DATA(16) char digest[64]; /* large enough to hold digets and test vector inputs */ memcpy (digest, gost3411_2012_hmac_m1, sizeof (gost3411_2012_hmac_m1)); hmac_streebog ((char*) gost3411_2012_hmac_k1, sizeof(gost3411_2012_hmac_k1), digest, (int) sizeof (gost3411_2012_hmac_m1)); if (memcmp (digest, gost3411_2012_hmac_r1, STREEBOG_DIGESTSIZE) != 0) return FALSE; return TRUE; } int __cdecl StreebogHash (unsigned char* input, unsigned long inputLen, unsigned char* output) { STREEBOG_CTX ctx; STREEBOG_init (&ctx); STREEBOG_add (&ctx, input, inputLen); STREEBOG_finalize (&ctx, output); return STREEBOG_DIGESTSIZE; } +#endif BOOL test_pkcs5 () { char dk[144]; /* HMAC-SHA-256 tests */ if (!test_hmac_sha256()) return FALSE; /* HMAC-SHA-512 tests */ if (!test_hmac_sha512()) return FALSE; +#ifndef WOLFCRYPT_BACKEND /* HMAC-BLAKE2s tests */ if (test_hmac_blake2s() == FALSE) return FALSE; /* Blake2s hash tests */ if (RunHashTest (Blake2sHash, Blake2sTestVectors, (HasSSE2())? TRUE : FALSE) == FALSE) return FALSE; /* HMAC-Whirlpool tests */ if (test_hmac_whirlpool() == FALSE) return FALSE; /* HMAC-STREEBOG tests */ if (test_hmac_streebog() == FALSE) return FALSE; /* STREEBOG hash tests */ if (RunHashTest (StreebogHash, Streebog512TestVectors, (HasSSE2() || HasSSE41())? TRUE : FALSE) == FALSE) return FALSE; - +#endif /* PKCS-5 test 1 with HMAC-SHA-256 used as the PRF (https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00) */ derive_key_sha256 ("passwd", 6, "\x73\x61\x6C\x74", 4, 1, dk, 64); if (memcmp (dk, "\x55\xac\x04\x6e\x56\xe3\x08\x9f\xec\x16\x91\xc2\x25\x44\xb6\x05\xf9\x41\x85\x21\x6d\xde\x04\x65\xe6\x8b\x9d\x57\xc2\x0d\xac\xbc\x49\xca\x9c\xcc\xf1\x79\xb6\x45\x99\x16\x64\xb3\x9d\x77\xef\x31\x7c\x71\xb8\x45\xb1\xe3\x0b\xd5\x09\x11\x20\x41\xd3\xa1\x97\x83", 64) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-SHA-256 used as the PRF (https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors) */ derive_key_sha256 ("password", 8, "\x73\x61\x6C\x74", 4, 2, dk, 32); if (memcmp (dk, "\xae\x4d\x0c\x95\xaf\x6b\x46\xd3\x2d\x0a\xdf\xf9\x28\xf0\x6d\xd0\x2a\x30\x3f\x8e\xf3\xc2\x51\xdf\xd6\xe2\xd8\x5a\x95\x47\x4c\x43", 32) != 0) return FALSE; /* PKCS-5 test 3 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */ derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\xf2\xa0\x4f\xb2", 4) != 0) return FALSE; /* PKCS-5 test 4 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */ derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144); if (memcmp (dk, "\xf2\xa0\x4f\xb2\xd3\xe9\xa5\xd8\x51\x0b\x5c\x06\xdf\x70\x8e\x24\xe9\xc7\xd9\x15\x3d\x22\xcd\xde\xb8\xa6\xdb\xfd\x71\x85\xc6\x99\x32\xc0\xee\x37\x27\xf7\x24\xcf\xea\xa6\xac\x73\xa1\x4c\x4e\x52\x9b\x94\xf3\x54\x06\xfc\x04\x65\xa1\x0a\x24\xfe\xf0\x98\x1d\xa6\x22\x28\xeb\x24\x55\x74\xce\x6a\x3a\x28\xe2\x04\x3a\x59\x13\xec\x3f\xf2\xdb\xcf\x58\xdd\x53\xd9\xf9\x17\xf6\xda\x74\x06\x3c\x0b\x66\xf5\x0f\xf5\x58\xa3\x27\x52\x8c\x5b\x07\x91\xd0\x81\xeb\xb6\xbc\x30\x69\x42\x71\xf2\xd7\x18\x42\xbe\xe8\x02\x93\x70\x66\xad\x35\x65\xbc\xf7\x96\x8e\x64\xf1\xc6\x92\xda\xe0\xdc\x1f\xb5\xf4", 144) != 0) return FALSE; /* PKCS-5 test 1 with HMAC-SHA-512 used as the PRF */ derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\x13\x64\xae\xf8", 4) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-SHA-512 used as the PRF (derives a key longer than the underlying hash output size and block size) */ derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144); if (memcmp (dk, "\x13\x64\xae\xf8\x0d\xf5\x57\x6c\x30\xd5\x71\x4c\xa7\x75\x3f\xfd\x00\xe5\x25\x8b\x39\xc7\x44\x7f\xce\x23\x3d\x08\x75\xe0\x2f\x48\xd6\x30\xd7\x00\xb6\x24\xdb\xe0\x5a\xd7\x47\xef\x52\xca\xa6\x34\x83\x47\xe5\xcb\xe9\x87\xf1\x20\x59\x6a\xe6\xa9\xcf\x51\x78\xc6\xb6\x23\xa6\x74\x0d\xe8\x91\xbe\x1a\xd0\x28\xcc\xce\x16\x98\x9a\xbe\xfb\xdc\x78\xc9\xe1\x7d\x72\x67\xce\xe1\x61\x56\x5f\x96\x68\xe6\xe1\xdd\xf4\xbf\x1b\x80\xe0\x19\x1c\xf4\xc4\xd3\xdd\xd5\xd5\x57\x2d\x83\xc7\xa3\x37\x87\xf4\x4e\xe0\xf6\xd8\x6d\x65\xdc\xa0\x52\xa3\x13\xbe\x81\xfc\x30\xbe\x7d\x69\x58\x34\xb6\xdd\x41\xc6", 144) != 0) return FALSE; +#ifndef WOLFCRYPT_BACKEND /* PKCS-5 test 1 with HMAC-BLAKE2s used as the PRF */ derive_key_blake2s ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\x8d\x51\xfa\x31", 4) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-BLAKE2s used as the PRF (derives a key longer than the underlying hash) */ derive_key_blake2s ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 48); if (memcmp (dk, "\x8d\x51\xfa\x31\x46\x25\x37\x67\xa3\x29\x6b\x3c\x6b\xc1\x5d\xb2\xee\xe1\x6c\x28\x00\x26\xea\x08\x65\x9c\x12\xf1\x07\xde\x0d\xb9\x9b\x4f\x39\xfa\xc6\x80\x26\xb1\x8f\x8e\x48\x89\x85\x2d\x24\x2d", 48) != 0) return FALSE; /* PKCS-5 test 1 with HMAC-Whirlpool used as the PRF */ derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\x50\x7c\x36\x6f", 4) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-Whirlpool used as the PRF (derives a key longer than the underlying hash) */ derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96); if (memcmp (dk, "\x50\x7c\x36\x6f\xee\x10\x2e\x9a\xe2\x8a\xd5\x82\x72\x7d\x27\x0f\xe8\x4d\x7f\x68\x7a\xcf\xb5\xe7\x43\x67\xaa\x98\x93\x52\x2b\x09\x6e\x42\xdf\x2c\x59\x4a\x91\x6d\x7e\x10\xae\xb2\x1a\x89\x8f\xb9\x8f\xe6\x31\xa9\xd8\x9f\x98\x26\xf4\xda\xcd\x7d\x65\x65\xde\x10\x95\x91\xb4\x84\x26\xae\x43\xa1\x00\x5b\x1e\xb8\x38\x97\xa4\x1e\x4b\xd2\x65\x64\xbc\xfa\x1f\x35\x85\xdb\x4f\x97\x65\x6f\xbd\x24", 96) != 0) return FALSE; /* PKCS-5 test 1 with HMAC-STREEBOG used as the PRF */ derive_key_streebog ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); if (memcmp (dk, "\xd0\x53\xa2\x30", 4) != 0) return FALSE; /* PKCS-5 test 2 with HMAC-STREEBOG used as the PRF (derives a key longer than the underlying hash) */ derive_key_streebog ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96); if (memcmp (dk, "\xd0\x53\xa2\x30\x6f\x45\x81\xeb\xbc\x06\x81\xc5\xe7\x53\xa8\x5d\xc7\xf1\x23\x33\x1e\xbe\x64\x2c\x3b\x0f\x26\xd7\x00\xe1\x95\xc9\x65\x26\xb1\x85\xbe\x1e\xe2\xf4\x9b\xfc\x6b\x14\x84\xda\x24\x61\xa0\x1b\x9e\x79\x5c\xee\x69\x6e\xf9\x25\xb1\x1d\xca\xa0\x31\xba\x02\x6f\x9e\x99\x0f\xdb\x25\x01\x5b\xf1\xc7\x10\x19\x53\x3b\x29\x3f\x18\x00\xd6\xfc\x85\x03\xdc\xf2\xe5\xe9\x5a\xb1\x1e\x61\xde", 96) != 0) return FALSE; - +#endif return TRUE; } |