Mercurial > dropbear
view libtomcrypt/src/misc/pkcs5/pkcs_5_test.c @ 1857:6022df862942
Use DSCP for IP QoS traffic classes
The previous TOS values are deprecated and not used by modern traffic
classifiers. This sets AF21 for "interactive" traffic (with a tty).
Non-tty traffic sets AF11 - that indicates high throughput but is not
lowest priority (which would be CS1 or LE).
This differs from the CS1 used by OpenSSH, it lets interactive git over SSH
have higher priority than background least effort traffic. Dropbear's settings
here should be suitable with the diffservs used by CAKE qdisc.
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 25 Jan 2022 17:32:20 +0800 |
| parents | 6dba84798cd5 |
| children |
line wrap: on
line source
/* LibTomCrypt, modular cryptographic library -- Tom St Denis * * LibTomCrypt is a library that provides various cryptographic * algorithms in a highly modular and flexible manner. * * The library is free for all purposes without any express * guarantee it works. */ #include "tomcrypt.h" /** @file hkdf_test.c PKCS #5 support, self-test, Steffen Jaeckel */ #ifdef LTC_PKCS_5 /* TEST CASES SOURCE: Internet Engineering Task Force (IETF) S. Josefsson Request for Comments: 6070 SJD AB Category: Informational January 2011 ISSN: 2070-1721 */ /** PKCS #5 self-test @return CRYPT_OK if successful, CRYPT_NOP if tests have been disabled. */ int pkcs_5_test (void) { #ifndef LTC_TEST return CRYPT_NOP; #else typedef struct { const char* P; unsigned long P_len; const char* S; unsigned long S_len; int c; unsigned long dkLen; unsigned char DK[40]; } case_item; static const case_item cases_5_2[] = { { "password", 8, "salt", 4, 1, 20, { 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71, 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06, 0x2f, 0xe0, 0x37, 0xa6 } }, { "password", 8, "salt", 4, 2, 20, { 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0, 0xd8, 0xde, 0x89, 0x57 } }, #ifdef LTC_TEST_EXT { "password", 8, "salt", 4, 4096, 20, { 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a, 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0, 0x65, 0xa4, 0x29, 0xc1 } }, { "password", 8, "salt", 4, 16777216, 20, { 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4, 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c, 0x26, 0x34, 0xe9, 0x84 } }, { "passwordPASSWORDpassword", 25, "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36, 4096, 25, { 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b, 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a, 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70, 0x38 } }, { "pass\0word", 9, "sa\0lt", 5, 4096, 16, { 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d, 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 } }, #endif /* LTC_TEST_EXT */ }; static const case_item cases_5_1[] = { { "password", 8, "saltsalt", /* must be 8 octects */ 8, /* ignored by alg1 */ 1, 20, { 0xca, 0xb8, 0x6d, 0xd6, 0x26, 0x17, 0x10, 0x89, 0x1e, 0x8c, 0xb5, 0x6e, 0xe3, 0x62, 0x56, 0x91, 0xa7, 0x5d, 0xf3, 0x44 } }, }; static const case_item cases_5_1o[] = { { "password", 8, "saltsalt", /* must be 8 octects */ 8, /* ignored by alg1_openssl */ 1, 20, { 0xca, 0xb8, 0x6d, 0xd6, 0x26, 0x17, 0x10, 0x89, 0x1e, 0x8c, 0xb5, 0x6e, 0xe3, 0x62, 0x56, 0x91, 0xa7, 0x5d, 0xf3, 0x44 } }, { "password", 8, "saltsalt", /* must be 8 octects */ 8, /* ignored by alg1_openssl */ 1, 30, { 0xca, 0xb8, 0x6d, 0xd6, 0x26, 0x17, 0x10, 0x89, 0x1e, 0x8c, 0xb5, 0x6e, 0xe3, 0x62, 0x56, 0x91, 0xa7, 0x5d, 0xf3, 0x44, 0xf0, 0xbf, 0xf4, 0xc1, 0x2c, 0xf3, 0x59, 0x6f, 0xc0, 0x0b } } }; unsigned char DK[40]; unsigned long dkLen; int i, err; int tested=0, failed=0; int hash = find_hash("sha1"); if (hash == -1) { #ifdef LTC_TEST_DBG printf("PKCS#5 test failed: 'sha1' hash not found\n"); #endif return CRYPT_ERROR; } /* testing alg 2 */ for(i=0; i < (int)(sizeof(cases_5_2) / sizeof(cases_5_2[0])); i++) { ++tested; dkLen = cases_5_2[i].dkLen; if((err = pkcs_5_alg2((unsigned char*)cases_5_2[i].P, cases_5_2[i].P_len, (unsigned char*)cases_5_2[i].S, cases_5_2[i].S_len, cases_5_2[i].c, hash, DK, &dkLen)) != CRYPT_OK) { #ifdef LTC_TEST_DBG printf("\npkcs_5_alg2() #%d: Failed/1 (%s)\n", i, error_to_string(err)); #endif ++failed; } else if (compare_testvector(DK, dkLen, cases_5_2[i].DK, cases_5_2[i].dkLen, "PKCS#5_2", i)) { ++failed; } } /* testing alg 1 */ for(i=0; i < (int)(sizeof(cases_5_1) / sizeof(case_item)); i++, tested++) { dkLen = cases_5_1[i].dkLen; if((err = pkcs_5_alg1((unsigned char*)cases_5_1[i].P, cases_5_1[i].P_len, (unsigned char*)cases_5_1[i].S, cases_5_1[i].c, hash, DK, &dkLen)) != CRYPT_OK) { #ifdef LTC_TEST_DBG printf("\npkcs_5_alg1() #%d: Failed/1 (%s)\n", i, error_to_string(err)); #endif ++failed; } else if (compare_testvector(DK, dkLen, cases_5_1[i].DK, cases_5_1[i].dkLen, "PKCS#5_1", i)) { ++failed; } } /* testing alg 1_openssl */ for(i = 0; i < (int)(sizeof(cases_5_1o) / sizeof(cases_5_1o[0])); i++, tested++) { dkLen = cases_5_1o[i].dkLen; if ((err = pkcs_5_alg1_openssl((unsigned char*)cases_5_1o[i].P, cases_5_1o[i].P_len, (unsigned char*)cases_5_1o[i].S, cases_5_1o[i].c, hash, DK, &dkLen)) != CRYPT_OK) { #ifdef LTC_TEST_DBG printf("\npkcs_5_alg1_openssl() #%d: Failed/1 (%s)\n", i, error_to_string(err)); #endif ++failed; } else if (compare_testvector(DK, dkLen, cases_5_1o[i].DK, cases_5_1o[i].dkLen, "PKCS#5_1o", i)) { ++failed; } } return (failed != 0) ? CRYPT_FAIL_TESTVECTOR : CRYPT_OK; #endif } #endif /* ref: $Format:%D$ */ /* git commit: $Format:%H$ */ /* commit time: $Format:%ai$ */