Added PBKDF2 test vectors.

zlib-ng · Apr 8, 2023 · 5f5d899 · 5f5d899
1 parent a3ed70a
commit 5f5d899
Show file tree

Hide file tree

Showing 3 changed files with 83 additions and 3 deletions.
diff --git a/mz_crypt.c b/mz_crypt.c
@@ -104,13 +104,13 @@ uint32_t mz_crypt_crc32_update(uint32_t value, const uint8_t *buf, int32_t size)
 
 #if defined(HAVE_WZAES)
 int32_t  mz_crypt_pbkdf2(uint8_t *password, int32_t password_length, uint8_t *salt,
-    int32_t salt_length, uint16_t iteration_count, uint8_t *key, uint16_t key_length) {
+    int32_t salt_length, uint32_t iteration_count, uint8_t *key, uint16_t key_length) {
     void *hmac1 = NULL;
     void *hmac2 = NULL;
     void *hmac3 = NULL;
     int32_t err = MZ_OK;
     uint16_t i = 0;
-    uint16_t j = 0;
+    uint32_t j = 0;
     uint16_t k = 0;
     uint16_t block_count = 0;
     uint8_t uu[MZ_HASH_SHA1_SIZE];

diff --git a/mz_crypt.h b/mz_crypt.h
@@ -20,7 +20,7 @@ extern "C" {
 uint32_t mz_crypt_crc32_update(uint32_t value, const uint8_t *buf, int32_t size);
 
 int32_t  mz_crypt_pbkdf2(uint8_t *password, int32_t password_length, uint8_t *salt,
-            int32_t salt_length, uint16_t iteration_count, uint8_t *key, uint16_t key_length);
+            int32_t salt_length, uint32_t iteration_count, uint8_t *key, uint16_t key_length);
 
 /***************************************************************************/
 

diff --git a/test/test_crypt.cc b/test/test_crypt.cc
@@ -329,5 +329,85 @@ TEST(crypt, pbkdf2_short_password) {
 
     EXPECT_STREQ(key_hex, "91cf25bb4c2978620255d7fed8cc1751c7d283b9");
 }
+
+TEST(crypt, pbkdf2_rfc6070_v1) {
+    /* https://www.ietf.org/rfc/rfc6070.txt */
+    uint16_t iteration_count = 2;
+    uint8_t key[MZ_HASH_SHA1_SIZE];
+    char key_hex[256];
+    const char *password = "password";
+    const char *salt = "salt";
+
+    EXPECT_EQ(mz_crypt_pbkdf2((uint8_t *)password, (int32_t)strlen(password),
+        (uint8_t *)salt, (int32_t)strlen(salt), iteration_count, key, (uint16_t)sizeof(key)), MZ_OK);
+
+    convert_buffer_to_hex_string(key, sizeof(key), key_hex, sizeof(key_hex));
+
+    EXPECT_STREQ(key_hex, "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957");
+}
+
+TEST(crypt, pbkdf2_rfc6070_v2) {
+    /* https://www.ietf.org/rfc/rfc6070.txt */
+    uint16_t iteration_count = 4096;
+    uint8_t key[MZ_HASH_SHA1_SIZE];
+    char key_hex[256];
+    const char *password = "password";
+    const char *salt = "salt";
+
+    EXPECT_EQ(mz_crypt_pbkdf2((uint8_t *)password, (int32_t)strlen(password),
+        (uint8_t *)salt, (int32_t)strlen(salt), iteration_count, key, (uint16_t)sizeof(key)), MZ_OK);
+
+    convert_buffer_to_hex_string(key, sizeof(key), key_hex, sizeof(key_hex));
+
+    EXPECT_STREQ(key_hex, "4b007901b765489abead49d926f721d065a429c1");
+}
+
+TEST(crypt, pbkdf2_rfc6070_v3) {
+    /* https://www.ietf.org/rfc/rfc6070.txt */
+    uint32_t iteration_count = 16777216U;
+    uint8_t key[MZ_HASH_SHA1_SIZE];
+    char key_hex[256];
+    const char *password = "password";
+    const char *salt = "salt";
+
+    EXPECT_EQ(mz_crypt_pbkdf2((uint8_t *)password, (int32_t)strlen(password),
+        (uint8_t *)salt, (int32_t)strlen(salt), iteration_count, key, (uint16_t)sizeof(key)), MZ_OK);
+
+    convert_buffer_to_hex_string(key, sizeof(key), key_hex, sizeof(key_hex));
+
+    EXPECT_STREQ(key_hex, "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984");
+}
+
+TEST(crypt, pbkdf2_rfc6070_v4) {
+    /* https://www.ietf.org/rfc/rfc6070.txt */
+    uint16_t iteration_count = 4096;
+    uint8_t key[25];
+    char key_hex[256];
+    const char *password = "passwordPASSWORDpassword";
+    const char *salt = "saltSALTsaltSALTsaltSALTsaltSALTsalt";
+
+    EXPECT_EQ(mz_crypt_pbkdf2((uint8_t *)password, (int32_t)strlen(password),
+        (uint8_t *)salt, (int32_t)strlen(salt), iteration_count, key, (uint16_t)sizeof(key)), MZ_OK);
+
+    convert_buffer_to_hex_string(key, sizeof(key), key_hex, sizeof(key_hex));
+
+    EXPECT_STREQ(key_hex, "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038");
+}
+
+TEST(crypt, pbkdf2_rfc6070_v5) {
+    /* https://www.ietf.org/rfc/rfc6070.txt */
+    uint16_t iteration_count = 4096;
+    uint8_t key[16];
+    char key_hex[256];
+    const char *password = "pass\0word";
+    const char *salt = "sa\0lt";
+
+    EXPECT_EQ(mz_crypt_pbkdf2((uint8_t *)password, 9,
+        (uint8_t *)salt, 5, iteration_count, key, (uint16_t)sizeof(key)), MZ_OK);
+
+    convert_buffer_to_hex_string(key, sizeof(key), key_hex, sizeof(key_hex));
+
+    EXPECT_STREQ(key_hex, "56fa6aa75548099dcc37d7f03425e0c3");
+}
 #endif
 #endif