From 351fe21402496dfdb2673a610162519b80991665 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 22 May 2015 17:17:21 +0100
Subject: [PATCH] Add PBE tests.

Add support for PKCS#12 and PBKDF2 password based encryption tests. Add
additional test data.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 test/evp_test.c   | 110 +++++++++++++++++++++++++-------
 test/evptests.txt | 156 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 243 insertions(+), 23 deletions(-)

diff --git a/test/evp_test.c b/test/evp_test.c
index e0e4857657..90441f36fa 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -60,6 +60,7 @@
 #include <openssl/pem.h>
 #include <openssl/err.h>
 #include <openssl/x509v3.h>
+#include <openssl/pkcs12.h>
 #include "internal/numbers.h"
 
 /* Remove spaces from beginning and end of a string */
@@ -1283,6 +1284,8 @@ static const struct evp_test_method pverify_test_method = {
 /* PBE tests */
 
 #define PBE_TYPE_SCRYPT 1
+#define PBE_TYPE_PBKDF2 2
+#define PBE_TYPE_PKCS12 3
 
 struct pbe_data {
 
@@ -1291,6 +1294,10 @@ struct pbe_data {
     /* scrypt parameters */
     uint64_t N, r, p, maxmem;
 
+    /* PKCS#12 parameters */
+    int id, iter;
+    const EVP_MD *md;
+
     /* password */
     unsigned char *pass;
     size_t pass_len;
@@ -1308,6 +1315,7 @@ static int scrypt_test_parse(struct evp_test *t,
                              const char *keyword, const char *value)
 {
     struct pbe_data *pdata = t->data;
+
     if (strcmp(keyword, "N") == 0)
         return test_uint64(value, &pdata->N);
     if (strcmp(keyword, "p") == 0)
@@ -1319,36 +1327,51 @@ static int scrypt_test_parse(struct evp_test *t,
     return 0;
 }
 
-static int scrypt_test_run(struct evp_test *t)
+static int pbkdf2_test_parse(struct evp_test *t,
+                             const char *keyword, const char *value)
 {
     struct pbe_data *pdata = t->data;
-    const char *err = "INTERNAL_ERROR";
-    unsigned char *key;
-    key = OPENSSL_malloc(pdata->key_len);
-    if (!key)
-        goto err;
-    err = "SCRYPT_ERROR";
-    if (EVP_PBE_scrypt((const char *)pdata->pass, pdata->pass_len,
-                       pdata->salt, pdata->salt_len,
-                       pdata->N, pdata->r, pdata->p, pdata->maxmem,
-                       key, pdata->key_len) == 0)
-        goto err;
-    err = "KEY_MISMATCH";
-    if (check_output(t, pdata->key, key, pdata->key_len))
-        goto err;
-    err = NULL;
-    err:
-    OPENSSL_free(key);
-    t->err = err;
-    return 1;
+
+    if (strcmp(keyword, "iter") == 0) {
+        pdata->iter = atoi(value);
+        if (pdata->iter <= 0)
+            return 0;
+        return 1;
+    }
+    if (strcmp(keyword, "MD") == 0) {
+        pdata->md = EVP_get_digestbyname(value);
+        if (pdata->md == NULL)
+            return 0;
+        return 1;
+    }
+    return 0;
+}
+
+static int pkcs12_test_parse(struct evp_test *t,
+                             const char *keyword, const char *value)
+{
+    struct pbe_data *pdata = t->data;
+
+    if (strcmp(keyword, "id") == 0) {
+        pdata->id = atoi(value);
+        if (pdata->id <= 0)
+            return 0;
+        return 1;
+    }
+    return pbkdf2_test_parse(t, keyword, value);
 }
 
 static int pbe_test_init(struct evp_test *t, const char *alg)
 {
     struct pbe_data *pdat;
     int pbe_type = 0;
+
     if (strcmp(alg, "scrypt") == 0)
         pbe_type = PBE_TYPE_SCRYPT;
+    else if (strcmp(alg, "pbkdf2") == 0)
+        pbe_type = PBE_TYPE_PBKDF2;
+    else if (strcmp(alg, "pkcs12") == 0)
+        pbe_type = PBE_TYPE_PKCS12;
     else
         fprintf(stderr, "Unknown pbe algorithm %s\n", alg);
     pdat = OPENSSL_malloc(sizeof(*pdat));
@@ -1359,6 +1382,9 @@ static int pbe_test_init(struct evp_test *t, const char *alg)
     pdat->r = 0;
     pdat->p = 0;
     pdat->maxmem = 0;
+    pdat->id = 0;
+    pdat->iter = 0;
+    pdat->md = NULL;
     t->data = pdat;
     return 1;
 }
@@ -1375,6 +1401,7 @@ static int pbe_test_parse(struct evp_test *t,
                              const char *keyword, const char *value)
 {
     struct pbe_data *pdata = t->data;
+
     if (strcmp(keyword, "Password") == 0)
         return test_bin(value, &pdata->pass, &pdata->pass_len);
     if (strcmp(keyword, "Salt") == 0)
@@ -1383,15 +1410,52 @@ static int pbe_test_parse(struct evp_test *t,
         return test_bin(value, &pdata->key, &pdata->key_len);
     if (pdata->pbe_type == PBE_TYPE_SCRYPT)
         return scrypt_test_parse(t, keyword, value);
+    else if (pdata->pbe_type == PBE_TYPE_PBKDF2)
+        return pbkdf2_test_parse(t, keyword, value);
+    else if (pdata->pbe_type == PBE_TYPE_PKCS12)
+        return pkcs12_test_parse(t, keyword, value);
     return 0;
 }
 
 static int pbe_test_run(struct evp_test *t)
 {
     struct pbe_data *pdata = t->data;
-    if (pdata->pbe_type == PBE_TYPE_SCRYPT)
-        return scrypt_test_run(t);
-    return 0;
+    const char *err = "INTERNAL_ERROR";
+    unsigned char *key;
+
+    key = OPENSSL_malloc(pdata->key_len);
+    if (!key)
+        goto err;
+    if (pdata->pbe_type == PBE_TYPE_PBKDF2) {
+        err = "PBKDF2_ERROR";
+        if (PKCS5_PBKDF2_HMAC((char *)pdata->pass, pdata->pass_len,
+                              pdata->salt, pdata->salt_len,
+                              pdata->iter, pdata->md,
+                              pdata->key_len, key) == 0)
+            goto err;
+    } else if (pdata->pbe_type == PBE_TYPE_SCRYPT) {
+        err = "SCRYPT_ERROR";
+        if (EVP_PBE_scrypt((const char *)pdata->pass, pdata->pass_len,
+                           pdata->salt, pdata->salt_len,
+                           pdata->N, pdata->r, pdata->p, pdata->maxmem,
+                           key, pdata->key_len) == 0)
+            goto err;
+    } else if (pdata->pbe_type == PBE_TYPE_PKCS12) {
+        err = "PKCS12_ERROR";
+        if (PKCS12_key_gen_uni(pdata->pass, pdata->pass_len,
+                               pdata->salt, pdata->salt_len,
+                               pdata->id, pdata->iter, pdata->key_len,
+                               key, pdata->md) == 0)
+            goto err;
+    }
+    err = "KEY_MISMATCH";
+    if (check_output(t, pdata->key, key, pdata->key_len))
+        goto err;
+    err = NULL;
+    err:
+    OPENSSL_free(key);
+    t->err = err;
+    return 1;
 }
 
 static const struct evp_test_method pbe_test_method = {
diff --git a/test/evptests.txt b/test/evptests.txt
index db6336261f..a4faba7d07 100644
--- a/test/evptests.txt
+++ b/test/evptests.txt
@@ -2353,3 +2353,159 @@ p = 1
 Key = 2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4
 #maxmem = 10000000000
 Result = SCRYPT_ERROR
+
+# PKCS#12 tests
+
+PBE = pkcs12
+id = 1
+iter = 1
+MD = SHA1
+Password = 0073006D006500670000
+Salt = 0A58CF64530D823F
+Key = 8AAAE6297B6CB04642AB5B077851284EB7128F1A2A7FBCA3
+
+PBE = pkcs12
+id = 2
+iter = 1
+MD = SHA1
+Password = 0073006D006500670000
+Salt = 0A58CF64530D823F
+Key = 79993DFE048D3B76
+
+PBE = pkcs12
+id = 3
+iter 1
+MD = SHA1
+Password = 0073006D006500670000
+Salt = 3D83C0E4546AC140
+Key = 8D967D88F6CAA9D714800AB3D48051D63F73A312
+
+PBE = pkcs12
+id = 1
+iter = 1000
+MD = SHA1
+Password = 007100750065006500670000
+Salt = 1682C0FC5B3F7EC5
+Key = 483DD6E919D7DE2E8E648BA8F862F3FBFBDC2BCB2C02957F
+
+PBE = pkcs12
+id = 2
+iter = 1000
+MD = SHA1
+Password = 007100750065006500670000
+Salt = 1682C0FC5B3F7EC5
+Key = 9D461D1B00355C50
+
+PBE = pkcs12
+id = 3
+iter = 1000
+MD = SHA1
+Password = 007100750065006500670000
+Salt = 263216FCC2FAB31C
+Key = 5EC4C7A80DF652294C3925B6489A7AB857C83476
+
+# PBKDF2 tests from p5_crpt2_test.c
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 1
+MD = sha1
+Key = 0c60c80f961f0e71f3a9b524af6012062fe037a6
+
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 1
+MD = sha256
+Key = 120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b
+
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 1
+MD = sha512
+Key = 867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce
+
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 2
+MD = sha1
+Key = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957
+
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 2
+MD = sha256
+Key = ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43
+
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 2
+MD = sha512
+Key = e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e
+
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 4096
+MD = sha1
+Key = 4b007901b765489abead49d926f721d065a429c1
+
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 4096
+MD = sha256
+Key = c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a
+
+PBE = pbkdf2
+Password = "password"
+Salt = "salt"
+iter = 4096
+MD = sha512
+Key = d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5
+
+PBE = pbkdf2
+Password = "passwordPASSWORDpassword"
+Salt = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
+iter = 4096
+MD = sha1
+Key = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038
+
+PBE = pbkdf2
+Password = "passwordPASSWORDpassword"
+Salt = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
+iter = 4096
+MD = sha256
+Key = 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9
+
+PBE = pbkdf2
+Password = "passwordPASSWORDpassword"
+Salt = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
+iter = 4096
+MD = sha512
+Key = 8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8
+
+PBE = pbkdf2
+Password = 7061737300776f7264
+Salt = 7361006c74
+iter = 4096
+MD = sha1
+Key = 56fa6aa75548099dcc37d7f03425e0c3
+
+PBE = pbkdf2
+Password = 7061737300776f7264
+Salt = 7361006c74
+iter = 4096
+MD = sha256
+Key = 89b69d0516f829893c696226650a8687
+
+PBE = pbkdf2
+Password = 7061737300776f7264
+Salt = 7361006c74
+iter = 4096
+MD = sha512
+Key = 9d9e9c4cd21fe4be24d5b8244c759665
-- 
2.34.1