]> git.saurik.com Git - apple/security.git/blob - OSX/sec/Security/Regressions/crypto/spbkdf-01-hmac-sha256.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-59306.11.20.tar.gz
[apple/security.git] / OSX / sec / Security / Regressions / crypto / spbkdf-01-hmac-sha256.c
1 /*
2 * Copyright (c) 2016 Apple Inc. All Rights Reserved.
3 */
4
5 #include <CoreFoundation/CoreFoundation.h>
6 #include <Security/SecInternal.h>
7 #include <Security/SecItem.h>
8 #include <Security/SecBase.h>
9 #include <CommonCrypto/CommonHMAC.h>
10 #include <stdlib.h>
11 #include <unistd.h>
12 #include <Security/SecPBKDF.h>
13
14 #include "Security_regressions.h"
15
16 static int kTestTestCount = 16;
17
18 static void tests(void)
19 {
20 {
21 const char *password = "password";
22 const char *salt = "salt";
23 const int iterations = 1;
24 const uint8_t expected[32] = {
25 0x12, 0x0f, 0xb6, 0xcf, 0xfc, 0xf8, 0xb3, 0x2c,
26 0x43, 0xe7, 0x22, 0x52, 0x56, 0xc4, 0xf8, 0x37,
27 0xa8, 0x65, 0x48, 0xc9, 0x2c, 0xcc, 0x35, 0x48,
28 0x08, 0x05, 0x98, 0x7c, 0xb7, 0x0b, 0xe1, 0x7b
29 };
30
31 const char resultSize = sizeof(expected);
32
33 uint8_t actual[resultSize];
34
35 is(pbkdf2_hmac_sha256((const uint8_t*) password, strlen(password), (const uint8_t*) salt, strlen(salt), iterations, actual, resultSize), errSecSuccess, "pbkdf-sha-256: Failed Key Derivation I-1");
36
37 is(memcmp(expected, actual, resultSize), 0, "pbkdf-sha-256: P-'password' S-'salt' I-1");
38 }
39
40 {
41 const char *password = "password";
42 const char *salt = "salt";
43 const int iterations = 2;
44 const uint8_t expected[32] = {
45 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
46 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
47 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf,
48 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43
49 };
50
51 const char resultSize = sizeof(expected);
52
53 uint8_t actual[resultSize];
54
55 is(pbkdf2_hmac_sha256((const uint8_t*) password, strlen(password), (const uint8_t*) salt, strlen(salt), iterations, actual, resultSize), errSecSuccess, "pbkdf-sha-256: Failed Key Derivation I-2");
56
57 is(memcmp(expected, actual, resultSize), 0, "pbkdf-sha-256: P-'password' S-'salt' I-2");
58 }
59
60 {
61 const char *password = "password";
62 const char *salt = "salt";
63 const int iterations = 4096;
64 const uint8_t expected[32] = {
65 0xc5, 0xe4, 0x78, 0xd5, 0x92, 0x88, 0xc8, 0x41,
66 0xaa, 0x53, 0x0d, 0xb6, 0x84, 0x5c, 0x4c, 0x8d,
67 0x96, 0x28, 0x93, 0xa0, 0x01, 0xce, 0x4e, 0x11,
68 0xa4, 0x96, 0x38, 0x73, 0xaa, 0x98, 0x13, 0x4a
69 };
70
71 const char resultSize = sizeof(expected);
72
73 uint8_t actual[resultSize];
74
75 is(pbkdf2_hmac_sha256((const uint8_t*) password, strlen(password), (const uint8_t*) salt, strlen(salt), iterations, actual, resultSize), errSecSuccess, "pbkdf-sha-256: Failed Key Derivation I-4096");
76
77 is(memcmp(expected, actual, resultSize), 0, "pbkdf-sha-256: P-'password' S-'salt' I-4096");
78 }
79
80 SKIP: {
81 skip("16777216 iterations is too slow", 1, 0);
82
83 const char *password = "password";
84 const char *salt = "salt";
85 const int iterations = 16777216;
86 const uint8_t expected[32] = {
87 0xcf, 0x81, 0xc6, 0x6f, 0xe8, 0xcf, 0xc0, 0x4d,
88 0x1f, 0x31, 0xec, 0xb6, 0x5d, 0xab, 0x40, 0x89,
89 0xf7, 0xf1, 0x79, 0xe8, 0x9b, 0x3b, 0x0b, 0xcb,
90 0x17, 0xad, 0x10, 0xe3, 0xac, 0x6e, 0xba, 0x46
91 };
92
93 const char resultSize = sizeof(expected);
94
95 uint8_t actual[resultSize];
96
97 is(pbkdf2_hmac_sha256((const uint8_t*) password, strlen(password), (const uint8_t*) salt, strlen(salt), iterations, actual, resultSize), errSecSuccess, "pbkdf-sha-256: Failed Key Derivation I-16777216");
98
99 is(memcmp(expected, actual, resultSize), 0, "pbkdf-sha-256: P-'password' S-'salt' I-16777216");
100 }
101
102
103 {
104 CFStringRef password = CFStringCreateWithCString(NULL, "password", kCFStringEncodingUTF8);
105 CFStringRef salt = CFStringCreateWithCString(NULL, "salt", kCFStringEncodingUTF8);
106
107 CFDataRef passwordData = CFStringCreateExternalRepresentation(NULL, password, kCFStringEncodingUTF8, 0);
108 CFDataRef saltData = CFStringCreateExternalRepresentation(NULL, salt, kCFStringEncodingUTF8, 0);
109
110 const int iterations = 1;
111 const uint8_t expected[32] = {
112 0x12, 0x0f, 0xb6, 0xcf, 0xfc, 0xf8, 0xb3, 0x2c,
113 0x43, 0xe7, 0x22, 0x52, 0x56, 0xc4, 0xf8, 0x37,
114 0xa8, 0x65, 0x48, 0xc9, 0x2c, 0xcc, 0x35, 0x48,
115 0x08, 0x05, 0x98, 0x7c, 0xb7, 0x0b, 0xe1, 0x7b
116 };
117
118 const char resultSize = sizeof(expected);
119
120 CFMutableDataRef resultData = CFDataCreateMutable(NULL, resultSize);
121 CFDataIncreaseLength(resultData, resultSize);
122
123 is(SecKeyFromPassphraseDataHMACSHA256(passwordData, saltData, iterations, resultData), errSecSuccess, "pbkdf-sha-256: Failed Key Derivation I-1");
124
125 is(memcmp(expected, CFDataGetBytePtr(resultData), resultSize), 0, "pbkdf-sha-256: P-'password' S-'salt' I-1");
126
127 CFReleaseSafe(password);
128 CFReleaseSafe(salt);
129 CFReleaseSafe(passwordData);
130 CFReleaseSafe(saltData);
131 CFReleaseSafe(resultData);
132 }
133
134 {
135 CFStringRef password = CFStringCreateWithCString(NULL, "password", kCFStringEncodingUTF8);
136 CFStringRef salt = CFStringCreateWithCString(NULL, "salt", kCFStringEncodingUTF8);
137
138 CFDataRef passwordData = CFStringCreateExternalRepresentation(NULL, password, kCFStringEncodingUTF8, 0);
139 CFDataRef saltData = CFStringCreateExternalRepresentation(NULL, salt, kCFStringEncodingUTF8, 0);
140
141 const int iterations = 2;
142 const uint8_t expected[32] = {
143 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
144 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
145 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf,
146 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43
147 };
148
149 const char resultSize = sizeof(expected);
150
151 CFMutableDataRef resultData = CFDataCreateMutable(NULL, resultSize);
152 CFDataIncreaseLength(resultData, resultSize);
153
154 is(SecKeyFromPassphraseDataHMACSHA256(passwordData, saltData, iterations, resultData), errSecSuccess, "pbkdf-sha-256: Failed Key Derivation I-2");
155
156 is(memcmp(expected, CFDataGetBytePtr(resultData), resultSize), 0, "pbkdf-sha-256: P-'password' S-'salt' I-2");
157
158 CFReleaseSafe(password);
159 CFReleaseSafe(salt);
160 CFReleaseSafe(passwordData);
161 CFReleaseSafe(saltData);
162 CFReleaseSafe(resultData);
163 }
164
165 {
166 CFStringRef password = CFStringCreateWithCString(NULL, "password", kCFStringEncodingUTF8);
167 CFStringRef salt = CFStringCreateWithCString(NULL, "salt", kCFStringEncodingUTF8);
168
169 CFDataRef passwordData = CFStringCreateExternalRepresentation(NULL, password, kCFStringEncodingUTF8, 0);
170 CFDataRef saltData = CFStringCreateExternalRepresentation(NULL, salt, kCFStringEncodingUTF8, 0);
171
172 const int iterations = 4096;
173 const uint8_t expected[32] = {
174 0xc5, 0xe4, 0x78, 0xd5, 0x92, 0x88, 0xc8, 0x41,
175 0xaa, 0x53, 0x0d, 0xb6, 0x84, 0x5c, 0x4c, 0x8d,
176 0x96, 0x28, 0x93, 0xa0, 0x01, 0xce, 0x4e, 0x11,
177 0xa4, 0x96, 0x38, 0x73, 0xaa, 0x98, 0x13, 0x4a
178 };
179
180 const char resultSize = sizeof(expected);
181
182 CFMutableDataRef resultData = CFDataCreateMutable(NULL, resultSize);
183 CFDataIncreaseLength(resultData, resultSize);
184
185 is(SecKeyFromPassphraseDataHMACSHA256(passwordData, saltData, iterations, resultData), errSecSuccess, "pbkdf-sha-256: Failed Key Derivation I-4096");
186
187 is(memcmp(expected, CFDataGetBytePtr(resultData), resultSize), 0, "pbkdf-sha-256: P-'password' S-'salt' I-4096");
188
189 CFReleaseSafe(password);
190 CFReleaseSafe(salt);
191 CFReleaseSafe(passwordData);
192 CFReleaseSafe(saltData);
193 CFReleaseSafe(resultData);
194 }
195
196 SKIP: {
197 skip("16777216 iterations is too slow", 2, 0);
198
199 CFStringRef password = CFStringCreateWithCString(NULL, "password", kCFStringEncodingUTF8);
200 CFStringRef salt = CFStringCreateWithCString(NULL, "salt", kCFStringEncodingUTF8);
201
202 CFDataRef passwordData = CFStringCreateExternalRepresentation(NULL, password, kCFStringEncodingUTF8, 0);
203 CFDataRef saltData = CFStringCreateExternalRepresentation(NULL, salt, kCFStringEncodingUTF8, 0);
204
205 const int iterations = 16777216;
206 const uint8_t expected[32] = {
207 0xcf, 0x81, 0xc6, 0x6f, 0xe8, 0xcf, 0xc0, 0x4d,
208 0x1f, 0x31, 0xec, 0xb6, 0x5d, 0xab, 0x40, 0x89,
209 0xf7, 0xf1, 0x79, 0xe8, 0x9b, 0x3b, 0x0b, 0xcb,
210 0x17, 0xad, 0x10, 0xe3, 0xac, 0x6e, 0xba, 0x46
211 };
212
213
214 const char resultSize = sizeof(expected);
215
216 CFMutableDataRef resultData = CFDataCreateMutable(NULL, resultSize);
217 CFDataIncreaseLength(resultData, resultSize);
218
219 is(SecKeyFromPassphraseDataHMACSHA256(passwordData, saltData, iterations, resultData), errSecSuccess,
220 "pbkdf-sha-256: P-'password' S-'salt' I-16777216");
221
222 is(memcmp(expected, CFDataGetBytePtr(resultData), resultSize), 0, "pbkdf-sha-256: P-'password' S-'salt' I-16777216");
223
224 CFReleaseSafe(password);
225 CFReleaseSafe(salt);
226 CFReleaseSafe(passwordData);
227 CFReleaseSafe(saltData);
228 CFReleaseSafe(resultData);
229 }
230
231 }
232
233 int spbkdf_01_hmac_sha256(int argc, char *const *argv)
234 {
235 plan_tests(kTestTestCount);
236
237 tests();
238
239 return 0;
240 }
mirror of Security