VirtualBox

source: vbox/trunk/src/VBox/Runtime/testcase/tstRTShaCrypt.cpp@ 102376

Last change on this file since 102376 was 102376, checked in by vboxsync, 16 months ago

IPRT/crypto: Testcase logging nit. bugref:10551
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 10.7 KB
Line 
1/* $Id: tstRTShaCrypt.cpp 102376 2023-11-29 11:02:20Z vboxsync $ */
2/** @file
3 * IPRT Testcase - SHA-crypt 256 / 512.
4 */
5
6/*
7 * Copyright (C) 2023 Oracle and/or its affiliates.
8 *
9 * This file is part of VirtualBox base platform packages, as
10 * available from https://www.virtualbox.org.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation, in version 3 of the
15 * License.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, see <https://www.gnu.org/licenses>.
24 *
25 * The contents of this file may alternatively be used under the terms
26 * of the Common Development and Distribution License Version 1.0
27 * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
28 * in the VirtualBox distribution, in which case the provisions of the
29 * CDDL are applicable instead of those of the GPL.
30 *
31 * You may elect to license modified versions of this file under the
32 * terms and conditions of either the GPL or the CDDL or both.
33 *
34 * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
35 */
36
37
38/*********************************************************************************************************************************
39* Header Files *
40*********************************************************************************************************************************/
41#include <iprt/crypto/shacrypt.h>
42#include <iprt/errcore.h>
43#include <iprt/initterm.h>
44#include <iprt/rand.h>
45#include <iprt/sha.h>
46#include <iprt/string.h>
47#include <iprt/test.h>
48
49
50/*********************************************************************************************************************************
51* Global Variables *
52*********************************************************************************************************************************/
53static RTTEST g_hTest;
54
55
56/*********************************************************************************************************************************
57* Test data *
58*********************************************************************************************************************************/
59
60/** Digest type. */
61typedef enum TST_DIGESTTYPE
62{
63 TST_DIGESTTYPE_RANDOM = 0,
64 TST_DIGESTTYPE_SHA256,
65 TST_DIGESTTYPE_SHA512,
66 TST_DIGESTTYPE_LAST
67} TST_DIGESTTYPE;
68
69static struct
70{
71 /** Cleartext password. */
72 const char *pszPassword;
73 /** Salt to use. If NULL, a random salt will be used. */
74 const char *pszSalt;
75 /** Number of rounds to use. If set to UINT32_MAX, random rounds will be used. */
76 uint32_t cRounds;
77 /** Digest type to use. If set to 0, a random digest type will be used. */
78 TST_DIGESTTYPE enmType;
79 /** Overall test outcome. */
80 int rc;
81 /** Expected result as a string. Can be NULL to skip testing this. */
82 const char *pszResultStr;
83} g_aTests[] =
84{
85 /*
86 * Invalid stuff.
87 */
88 { /* No salt */
89 /* pszPassword */ "changeme",
90 /* pszSalt */ "",
91 /* cRounds */ RT_SHACRYPT_DEFAULT_ROUNDS,
92 /* enmType */ TST_DIGESTTYPE_RANDOM,
93 /* rc */ VERR_INVALID_PARAMETER,
94 /* pszResultStr */ ""
95 },
96 { /* Salt too short */
97 /* pszPassword */ "changeme",
98 /* pszSalt */ "1234",
99 /* cRounds */ RT_SHACRYPT_DEFAULT_ROUNDS,
100 /* enmType */ TST_DIGESTTYPE_RANDOM,
101 /* rc */ VERR_INVALID_PARAMETER,
102 /* pszResultStr */ ""
103 },
104 { /* Salt too long */
105 /* pszPassword */ "changeme",
106 /* pszSalt */ "12341234123412341234123412341234",
107 /* cRounds */ RT_SHACRYPT_DEFAULT_ROUNDS,
108 /* enmType */ TST_DIGESTTYPE_RANDOM,
109 /* rc */ VERR_INVALID_PARAMETER,
110 /* pszResultStr */ ""
111 },
112 { /* Invalid rounds */
113 /* pszPassword */ "changeme",
114 /* pszSalt */ "12341234123412341234123412341234",
115 /* cRounds */ 0,
116 /* enmType */ TST_DIGESTTYPE_RANDOM,
117 /* rc */ VERR_INVALID_PARAMETER,
118 /* pszResultStr */ ""
119 },
120 /*
121 * Valid stuff.
122 */
123 { /* Expected string */
124 /* pszPassword */ "changeme",
125 /* pszSalt */ "foo12345",
126 /* cRounds */ RT_SHACRYPT_DEFAULT_ROUNDS,
127 /* enmType */ TST_DIGESTTYPE_SHA256,
128 /* rc */ VINF_SUCCESS,
129 /* pszResultStr */ "$5$foo12345$KnOIYJmTgZ744xCqNLl1I9qF.Xq47vHTH.yVStiAMZD"
130 },
131 { /* Expected string */
132 /* pszPassword */ "changeme",
133 /* pszSalt */ "foo12345",
134 /* cRounds */ RT_SHACRYPT_DEFAULT_ROUNDS,
135 /* enmType */ TST_DIGESTTYPE_SHA512,
136 /* rc */ VINF_SUCCESS,
137 /* pszResultStr */ "$6$foo12345$cb11CtCP6YgoZr8SyNoD2TAdOY4OmTzA6kfDgju5JrNVzgeCBU1ALbJHVlEuSImPKAoSnT53N7k7BqzjYRRPk/"
138 },
139 { /* Custom rounds */
140 /* pszPassword */ "changeme",
141 /* pszSalt */ "foo12345",
142 /* cRounds */ 42,
143 /* enmType */ TST_DIGESTTYPE_RANDOM,
144 /* rc */ VINF_SUCCESS,
145 /* pszResultStr */ NULL
146 },
147 { /* Random salt + rounds */
148 /* pszPassword */ "changeme",
149 /* pszSalt */ NULL,
150 /* cRounds */ UINT32_MAX,
151 /* enmType */ TST_DIGESTTYPE_RANDOM,
152 /* rc */ VINF_SUCCESS,
153 /* pszResultStr */ NULL
154 },
155 { /* Random salt */
156 /* pszPassword */ "changeme",
157 /* pszSalt */ NULL,
158 /* cRounds */ RT_SHACRYPT_DEFAULT_ROUNDS,
159 /* enmType */ TST_DIGESTTYPE_RANDOM,
160 /* rc */ VINF_SUCCESS,
161 /* pszResultStr */ NULL
162 }
163};
164
165
166int main()
167{
168 /*
169 * Init.
170 */
171 RTTEST hTest;
172 int rc = RTTestInitAndCreate("tstRTShaCrypt", &hTest);
173 if (rc)
174 return rc;
175 RTTestBanner(hTest);
176 g_hTest = hTest;
177
178 bool const fAssertMayPanic = RTAssertMayPanic();
179 RTAssertSetMayPanic(false); /* To test invalid stuff. */
180 bool const fAssertQuiet = RTAssertAreQuiet();
181 RTAssertSetQuiet(true); /* Ditto. */
182
183 char szSalt[RT_SHACRYPT_MAX_SALT_LEN + 1];
184 uint8_t abDigest[RTSHA512_HASH_SIZE];
185
186 for (uint32_t i = 0; i < RT_ELEMENTS(g_aTests); i++)
187 {
188 const char *pszSalt;
189 if (g_aTests[i].pszSalt)
190 pszSalt = g_aTests[i].pszSalt;
191 else
192 {
193 rc = RTCrShaCryptGenerateSalt(szSalt, RT_SHACRYPT_MAX_SALT_LEN);
194 RTTEST_CHECK_RC_OK(hTest, rc);
195 pszSalt = szSalt;
196 }
197
198 uint32_t cRounds;
199 if (g_aTests[i].cRounds == UINT32_MAX)
200 cRounds = RTRandU32Ex(1, _512K /* Save a bit of time on the testboxes */);
201 else
202 cRounds = g_aTests[i].cRounds;
203
204 TST_DIGESTTYPE enmType;
205 if (g_aTests[i].enmType == TST_DIGESTTYPE_RANDOM)
206 enmType = (TST_DIGESTTYPE)RTRandU32Ex(1, TST_DIGESTTYPE_LAST - 1);
207 else
208 enmType = g_aTests[i].enmType;
209
210 switch (enmType)
211 {
212 case TST_DIGESTTYPE_SHA256:
213 rc = RTCrShaCrypt256(g_aTests[i].pszPassword, pszSalt, cRounds, abDigest);
214 break;
215
216 case TST_DIGESTTYPE_SHA512:
217 rc = RTCrShaCrypt512(g_aTests[i].pszPassword, pszSalt, cRounds, abDigest);
218 break;
219
220 default:
221 AssertFailed();
222 break;
223 }
224
225 if ( RT_SUCCESS(rc)
226 && g_aTests[i].pszResultStr)
227 {
228 char szResult[RTSHA512_DIGEST_LEN + 1];
229
230 switch (enmType)
231 {
232 case TST_DIGESTTYPE_SHA256:
233 rc = RTCrShaCrypt256ToString(abDigest, pszSalt, cRounds, szResult, sizeof(szResult));
234 break;
235
236 case TST_DIGESTTYPE_SHA512:
237 rc = RTCrShaCrypt512ToString(abDigest, pszSalt, cRounds, szResult, sizeof(szResult));
238 break;
239
240 default:
241 AssertFailed();
242 break;
243 }
244
245 if (RT_SUCCESS(rc))
246 {
247 if (RTStrCmp(szResult, g_aTests[i].pszResultStr))
248 RTTestIFailed("#%u: Returns '%s', expected '%s'", i, szResult, g_aTests[i].pszResultStr);
249
250 /* Now do the same, but hand-in the result string as the salt.
251 *
252 * This approach is used by many *crypt implementations -- it allows feeding the user-provided password and the
253 * crypted password from "the password file" to the function. If it returns the same crypted password then the
254 * user-provided password must be the correct one.
255 */
256 switch (enmType)
257 {
258 case TST_DIGESTTYPE_SHA256:
259 {
260 rc = RTCrShaCrypt256(g_aTests[i].pszPassword, g_aTests[i].pszResultStr, cRounds, abDigest);
261 if (RT_SUCCESS(rc))
262 rc = RTCrShaCrypt256ToString(abDigest, pszSalt, cRounds, szResult, sizeof(szResult));
263 break;
264 }
265
266 case TST_DIGESTTYPE_SHA512:
267 {
268 rc = RTCrShaCrypt512(g_aTests[i].pszPassword, g_aTests[i].pszResultStr, cRounds, abDigest);
269 if (RT_SUCCESS(rc))
270 rc = RTCrShaCrypt512ToString(abDigest, pszSalt, cRounds, szResult, sizeof(szResult));
271 break;
272 }
273
274 default:
275 AssertFailed();
276 break;
277 }
278
279 if (RTStrCmp(szResult, g_aTests[i].pszResultStr))
280 RTTestIFailed("#%u (result as salt): Returns '%s', expected '%s'",
281 i, szResult, g_aTests[i].pszResultStr);
282 }
283 }
284
285 if (rc != g_aTests[i].rc)
286 RTTestIFailed("#%u: Returned %Rrc, expected %Rrc", i, rc, g_aTests[i].rc);
287 }
288
289 RTAssertSetMayPanic(fAssertMayPanic);
290 RTAssertSetQuiet(fAssertQuiet);
291
292 /*
293 * Done.
294 */
295 return RTTestSummaryAndDestroy(hTest);
296}
297
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette