-
-
Notifications
You must be signed in to change notification settings - Fork 33
/
keys_test.go
138 lines (131 loc) · 7.77 KB
/
keys_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
package openssl
import (
"crypto/sha256"
"testing"
)
func TestBytesToKeyGenerator(t *testing.T) {
var (
pass = []byte("myverysecretpass")
salt = []byte{0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7}
)
for name, tc := range map[string]struct {
CG CredsGenerator
OC Creds
}{
"MD5": {CG: BytesToKeyMD5, OC: Creds{
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md md5
// salt=0001020304050607
// key=7434342C270FA039438DA7B2898C6B3CA936DCE3D2705E805DA2987E5808CC06
// iv =E20BB8B5CCBC1405705734ACCE1040A9
Key: []uint8{0x74, 0x34, 0x34, 0x2C, 0x27, 0x0F, 0xA0, 0x39, 0x43, 0x8D, 0xA7, 0xB2, 0x89, 0x8C, 0x6B, 0x3C, 0xA9, 0x36, 0xDC, 0xE3, 0xD2, 0x70, 0x5E, 0x80, 0x5D, 0xA2, 0x98, 0x7E, 0x58, 0x08, 0xCC, 0x06},
IV: []uint8{0xE2, 0x0B, 0xB8, 0xB5, 0xCC, 0xBC, 0x14, 0x05, 0x70, 0x57, 0x34, 0xAC, 0xCE, 0x10, 0x40, 0xA9},
}},
"SHA1": {CG: BytesToKeySHA1, OC: Creds{
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha1
// salt=0001020304050607
// key=186718DE0173029146A45CE44CD5D95224DDE0CC3DA63412B5BA41F4AB4B9927
// iv =5AE1C3D9ACE659D309842CFF32A8D18B
Key: []uint8{0x18, 0x67, 0x18, 0xDE, 0x01, 0x73, 0x02, 0x91, 0x46, 0xA4, 0x5C, 0xE4, 0x4C, 0xD5, 0xD9, 0x52, 0x24, 0xDD, 0xE0, 0xCC, 0x3D, 0xA6, 0x34, 0x12, 0xB5, 0xBA, 0x41, 0xF4, 0xAB, 0x4B, 0x99, 0x27},
IV: []uint8{0x5A, 0xE1, 0xC3, 0xD9, 0xAC, 0xE6, 0x59, 0xD3, 0x09, 0x84, 0x2C, 0xFF, 0x32, 0xA8, 0xD1, 0x8B},
}},
"SHA256": {CG: BytesToKeySHA256, OC: Creds{
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha256
// salt=0001020304050607
// key=C309EE4C6809DF8C0137F80D8409DAC2C8C4E054349D17DDC1D6390C3999070B
// iv =D3411C53B5C49FB339690EAC86D07107
Key: []uint8{0xC3, 0x09, 0xEE, 0x4C, 0x68, 0x09, 0xDF, 0x8C, 0x01, 0x37, 0xF8, 0x0D, 0x84, 0x09, 0xDA, 0xC2, 0xC8, 0xC4, 0xE0, 0x54, 0x34, 0x9D, 0x17, 0xDD, 0xC1, 0xD6, 0x39, 0x0C, 0x39, 0x99, 0x07, 0x0B},
IV: []uint8{0xD3, 0x41, 0x1C, 0x53, 0xB5, 0xC4, 0x9F, 0xB3, 0x39, 0x69, 0x0E, 0xAC, 0x86, 0xD0, 0x71, 0x07},
}},
"SHA384": {CG: BytesToKeySHA384, OC: Creds{
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha384
// salt=0001020304050607
// key=9BB4703E4EF60FCC812DBE757240219AE2370CC1DF9A685BAAC60CCA99B76222
// iv =D64BDFF4A105BCEFEF28183B9722CDEC
Key: []uint8{0x9B, 0xB4, 0x70, 0x3E, 0x4E, 0xF6, 0x0F, 0xCC, 0x81, 0x2D, 0xBE, 0x75, 0x72, 0x40, 0x21, 0x9A, 0xE2, 0x37, 0x0C, 0xC1, 0xDF, 0x9A, 0x68, 0x5B, 0xAA, 0xC6, 0x0C, 0xCA, 0x99, 0xB7, 0x62, 0x22},
IV: []uint8{0xD6, 0x4B, 0xDF, 0xF4, 0xA1, 0x05, 0xBC, 0xEF, 0xEF, 0x28, 0x18, 0x3B, 0x97, 0x22, 0xCD, 0xEC},
}},
"SHA512": {CG: BytesToKeySHA512, OC: Creds{
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha512
// salt=0001020304050607
// key=735C94766AA35E84C1A314EB4505F177008B64F9853D1E10BF19C943313250D1
// iv =304B88C772E582D8BBBBB3B3F535422C
Key: []uint8{0x73, 0x5C, 0x94, 0x76, 0x6A, 0xA3, 0x5E, 0x84, 0xC1, 0xA3, 0x14, 0xEB, 0x45, 0x05, 0xF1, 0x77, 0x00, 0x8B, 0x64, 0xF9, 0x85, 0x3D, 0x1E, 0x10, 0xBF, 0x19, 0xC9, 0x43, 0x31, 0x32, 0x50, 0xD1},
IV: []uint8{0x30, 0x4B, 0x88, 0xC7, 0x72, 0xE5, 0x82, 0xD8, 0xBB, 0xBB, 0xB3, 0xB3, 0xF5, 0x35, 0x42, 0x2C},
}},
} {
res, err := tc.CG(pass, salt)
if err != nil {
t.Fatalf("Generator %s caused an error: %s", name, err)
}
if !res.equals(tc.OC) {
t.Errorf("Generator %s yielded unexpected result: exp=%#v res=%#v", name, tc.OC, res)
}
}
}
func TestPBKDF2Generator(t *testing.T) {
var (
pass = []byte("myverysecretpass")
salt = []byte{0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7}
)
for name, tc := range map[string]struct {
CG CredsGenerator
OC Creds
}{
"MD5": {CG: PBKDF2MD5, OC: Creds{
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md md5
// salt=0001020304050607
// key=C5D1C98445902BD0515C105C25C88DA7243B79B2D67FE1CC978397BEDC526237
// iv =F34AEAD261AAB8C16067D90A29275676
Key: []uint8{0xC5, 0xD1, 0xC9, 0x84, 0x45, 0x90, 0x2B, 0xD0, 0x51, 0x5C, 0x10, 0x5C, 0x25, 0xC8, 0x8D, 0xA7, 0x24, 0x3B, 0x79, 0xB2, 0xD6, 0x7F, 0xE1, 0xCC, 0x97, 0x83, 0x97, 0xBE, 0xDC, 0x52, 0x62, 0x37},
IV: []uint8{0xF3, 0x4A, 0xEA, 0xD2, 0x61, 0xAA, 0xB8, 0xC1, 0x60, 0x67, 0xD9, 0x0A, 0x29, 0x27, 0x56, 0x76},
}},
"SHA1": {CG: PBKDF2SHA1, OC: Creds{
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha1
// salt=0001020304050607
// key=EAE7B36DEAA01F34894722C1EBA856B5DB6FF5C34CFBDC8774B259DA9CB44837
// iv =4496482B39B410D8B2AB582FB0993D7D
Key: []uint8{0xEA, 0xE7, 0xB3, 0x6D, 0xEA, 0xA0, 0x1F, 0x34, 0x89, 0x47, 0x22, 0xC1, 0xEB, 0xA8, 0x56, 0xB5, 0xDB, 0x6F, 0xF5, 0xC3, 0x4C, 0xFB, 0xDC, 0x87, 0x74, 0xB2, 0x59, 0xDA, 0x9C, 0xB4, 0x48, 0x37},
IV: []uint8{0x44, 0x96, 0x48, 0x2B, 0x39, 0xB4, 0x10, 0xD8, 0xB2, 0xAB, 0x58, 0x2F, 0xB0, 0x99, 0x3D, 0x7D},
}},
"SHA256": {CG: PBKDF2SHA256, OC: Creds{
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha256
// salt=0001020304050607
// key=A1B5D01BF7C1A1A0BF7659850C68ADD40E1CDF6B2D603EBD03673CED1C5AF032
// iv =7DC52677DEF3D4B6D9A644209F42AE26
Key: []uint8{0xA1, 0xB5, 0xD0, 0x1B, 0xF7, 0xC1, 0xA1, 0xA0, 0xBF, 0x76, 0x59, 0x85, 0x0C, 0x68, 0xAD, 0xD4, 0x0E, 0x1C, 0xDF, 0x6B, 0x2D, 0x60, 0x3E, 0xBD, 0x03, 0x67, 0x3C, 0xED, 0x1C, 0x5A, 0xF0, 0x32},
IV: []uint8{0x7D, 0xC5, 0x26, 0x77, 0xDE, 0xF3, 0xD4, 0xB6, 0xD9, 0xA6, 0x44, 0x20, 0x9F, 0x42, 0xAE, 0x26},
}},
"SHA256_25k": {CG: NewPBKDF2Generator(sha256.New, 25000), OC: Creds{
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha256 -iter 25000
// salt=0001020304050607
// key=2D6C8A525CC457FF1C7CA1E8F366FEE441CD80562AF6AD12A6B7033C12BA0514
// iv =F10F5FAE49D9A74C104BFF8346DDEB0C
Key: []uint8{0x2D, 0x6C, 0x8A, 0x52, 0x5C, 0xC4, 0x57, 0xFF, 0x1C, 0x7C, 0xA1, 0xE8, 0xF3, 0x66, 0xFE, 0xE4, 0x41, 0xCD, 0x80, 0x56, 0x2A, 0xF6, 0xAD, 0x12, 0xA6, 0xB7, 0x03, 0x3C, 0x12, 0xBA, 0x05, 0x14},
IV: []uint8{0xF1, 0x0F, 0x5F, 0xAE, 0x49, 0xD9, 0xA7, 0x4C, 0x10, 0x4B, 0xFF, 0x83, 0x46, 0xDD, 0xEB, 0x0C},
}},
"SHA384": {CG: PBKDF2SHA384, OC: Creds{
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha384
// salt=0001020304050607
// key=E73AA9008F7D33BBCBBFBCD3D69FE18802AD7807453BEF43761E2B3E88224132
// iv =1A7171E9FFE4F69B56077C5C823DAD92
Key: []uint8{0xE7, 0x3A, 0xA9, 0x00, 0x8F, 0x7D, 0x33, 0xBB, 0xCB, 0xBF, 0xBC, 0xD3, 0xD6, 0x9F, 0xE1, 0x88, 0x02, 0xAD, 0x78, 0x07, 0x45, 0x3B, 0xEF, 0x43, 0x76, 0x1E, 0x2B, 0x3E, 0x88, 0x22, 0x41, 0x32},
IV: []uint8{0x1A, 0x71, 0x71, 0xE9, 0xFF, 0xE4, 0xF6, 0x9B, 0x56, 0x07, 0x7C, 0x5C, 0x82, 0x3D, 0xAD, 0x92},
}},
"SHA512": {CG: PBKDF2SHA512, OC: Creds{
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha512
// salt=0001020304050607
// key=84D09D95F052EA32F0570817C0034D70392A966B319986539E97797841D65009
// iv =63254E32D530B2ECC13EF88E7CF3CD17
Key: []uint8{0x84, 0xD0, 0x9D, 0x95, 0xF0, 0x52, 0xEA, 0x32, 0xF0, 0x57, 0x08, 0x17, 0xC0, 0x03, 0x4D, 0x70, 0x39, 0x2A, 0x96, 0x6B, 0x31, 0x99, 0x86, 0x53, 0x9E, 0x97, 0x79, 0x78, 0x41, 0xD6, 0x50, 0x09},
IV: []uint8{0x63, 0x25, 0x4E, 0x32, 0xD5, 0x30, 0xB2, 0xEC, 0xC1, 0x3E, 0xF8, 0x8E, 0x7C, 0xF3, 0xCD, 0x17},
}},
} {
res, err := tc.CG(pass, salt)
if err != nil {
t.Fatalf("Generator %s caused an error: %s", name, err)
}
if !res.equals(tc.OC) {
t.Errorf("Generator %s yielded unexpected result: exp=%#v res=%#v", name, tc.OC, res)
}
}
}