yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2026-01-03 23:30:11 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
mbedtls/tests
History
Kusumit Ghoderao 9d4c74f25c Add test cases for output validation of pbkdf2 cmac 
PBKDF2_AES_CMAC_PRF_128 test vectors are generated using PyCryptodome library:
https://github.com/Legrandin/pycryptodome

Steps to generate test vectors:
1. pip install pycryptodome
2. Use the python script below to generate Derived key (see description for details):

Example usage:
pbkdf2_cmac.py <password> <salt> <number_of_iterations> <derived_key_len>
derive_ms.py 4a30314e4d45 54687265616437333563383762344f70656e54687265616444656d6f 16384 16

password         : 4a30314e4d45
salt             : 54687265616437333563383762344f70656e54687265616444656d6f
input cost       : 16384
derived key len  : 16
output           : 8b27beed7e7a4dd6c53138c879a8e33c

"""
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import CMAC
from Crypto.Cipher import AES
import sys

def main():
    #check args
    if len(sys.argv) != 5:
        print("Invalid number of arguments. Expected: <password> <salt> <input_cost> <derived_key_len>")
        return

    password    = bytes.fromhex(sys.argv[1])
    salt        = bytes.fromhex(sys.argv[2])
    iterations  = int(sys.argv[3])
    dklen       = int(sys.argv[4])

    # If password is not 16 bytes then we need to use CMAC to derive the password
    if len(password) != 16:
        zeros     = bytes.fromhex("00000000000000000000000000000000")
        cobj_pass = CMAC.new(zeros, msg=password, ciphermod=AES, mac_len=16)
        passwd    = bytes.fromhex(cobj_pass.hexdigest())
    else:
        passwd = password

    cmac_prf = lambda p,s: CMAC.new(p, s, ciphermod=AES, mac_len=16).digest()

    actual_output = PBKDF2(passwd, salt=salt, dkLen=dklen, count=iterations, prf=cmac_prf)

    print('password         : ' + password.hex())
    print('salt             : ' + salt.hex())
    print('input cost       : ' + str(iterations))
    print('derived key len  : ' + str(dklen))
    print('output           : ' + actual_output.hex())

if __name__ == "__main__":
    main()
"""

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-04 15:17:01 +05:30
..
.jenkins
configs Explicitly disable all DTLS options in tls13-only.h 2023-03-01 19:49:58 +01:00
data_files Change spaces to a tab in a makefile recipe 2023-06-30 08:42:05 -04:00
docker/bionic Point to docker images used in the CI 2022-12-15 10:08:26 +01:00
git-scripts Fix typographical errors in .md files found by cspell 2022-07-29 13:44:01 +01:00
include Merge pull request #7627 from mprse/ffdh_tls13_v2 2023-07-03 10:12:33 +02:00
opt-testcases Change ffdh testing strategy 2023-06-28 13:31:38 +02:00
scripts Merge pull request #7851 from daverodgman/fix-unused-aes 2023-07-03 16:49:00 +01:00
src Merge pull request #7627 from mprse/ffdh_tls13_v2 2023-07-03 10:12:33 +02:00
suites Add test cases for output validation of pbkdf2 cmac 2023-07-04 15:17:01 +05:30
.gitignore Ignore *.o everywhere 2023-05-12 13:58:05 +02:00
CMakeLists.txt Fix build errors in CMake 2023-03-13 19:20:42 +08:00
compat-in-docker.sh Use OPENSSL everywhere, not OPENSSL_CMD 2022-12-19 11:42:12 +01:00
compat.sh Update some comments 2023-02-23 16:03:56 +08:00
context-info.sh
Descriptions.txt
make-in-docker.sh Point to docker images used in the CI 2022-12-15 10:08:26 +01:00
Makefile Fix build errors in CMake 2023-03-13 19:20:42 +08:00
ssl-opt-in-docker.sh Use OPENSSL everywhere, not OPENSSL_CMD 2022-12-19 11:42:12 +01:00
ssl-opt.sh Change ffdh testing strategy 2023-06-28 13:31:38 +02:00