1
0
Fork 0
mirror of https://github.com/Luzifer/go-openssl.git synced 2024-12-20 19:01:18 +00:00

Add pre-defined generators and compatibility tests for SHA384 and SHA512

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2020-06-13 18:12:42 +02:00
parent 0aca51aceb
commit 3d3b55e02b
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
3 changed files with 41 additions and 0 deletions

View file

@ -4,6 +4,7 @@ import (
"crypto/md5" "crypto/md5"
"crypto/sha1" "crypto/sha1"
"crypto/sha256" "crypto/sha256"
"crypto/sha512"
"hash" "hash"
"golang.org/x/crypto/pbkdf2" "golang.org/x/crypto/pbkdf2"
@ -18,9 +19,13 @@ var (
BytesToKeyMD5 = NewBytesToKeyGenerator(md5.New) BytesToKeyMD5 = NewBytesToKeyGenerator(md5.New)
BytesToKeySHA1 = NewBytesToKeyGenerator(sha1.New) BytesToKeySHA1 = NewBytesToKeyGenerator(sha1.New)
BytesToKeySHA256 = NewBytesToKeyGenerator(sha256.New) BytesToKeySHA256 = NewBytesToKeyGenerator(sha256.New)
BytesToKeySHA384 = NewBytesToKeyGenerator(sha512.New384)
BytesToKeySHA512 = NewBytesToKeyGenerator(sha512.New)
PBKDF2MD5 = NewPBKDF2Generator(md5.New, DefaultPBKDF2Iterations) PBKDF2MD5 = NewPBKDF2Generator(md5.New, DefaultPBKDF2Iterations)
PBKDF2SHA1 = NewPBKDF2Generator(sha1.New, DefaultPBKDF2Iterations) PBKDF2SHA1 = NewPBKDF2Generator(sha1.New, DefaultPBKDF2Iterations)
PBKDF2SHA256 = NewPBKDF2Generator(sha256.New, DefaultPBKDF2Iterations) PBKDF2SHA256 = NewPBKDF2Generator(sha256.New, DefaultPBKDF2Iterations)
PBKDF2SHA384 = NewPBKDF2Generator(sha512.New384, DefaultPBKDF2Iterations)
PBKDF2SHA512 = NewPBKDF2Generator(sha512.New, DefaultPBKDF2Iterations)
) )
// openSSLEvpBytesToKey follows the OpenSSL (undocumented?) convention for extracting the key and IV from passphrase. // openSSLEvpBytesToKey follows the OpenSSL (undocumented?) convention for extracting the key and IV from passphrase.

View file

@ -39,6 +39,22 @@ func TestBytesToKeyGenerator(t *testing.T) {
Key: []uint8{0xC3, 0x09, 0xEE, 0x4C, 0x68, 0x09, 0xDF, 0x8C, 0x01, 0x37, 0xF8, 0x0D, 0x84, 0x09, 0xDA, 0xC2, 0xC8, 0xC4, 0xE0, 0x54, 0x34, 0x9D, 0x17, 0xDD, 0xC1, 0xD6, 0x39, 0x0C, 0x39, 0x99, 0x07, 0x0B}, Key: []uint8{0xC3, 0x09, 0xEE, 0x4C, 0x68, 0x09, 0xDF, 0x8C, 0x01, 0x37, 0xF8, 0x0D, 0x84, 0x09, 0xDA, 0xC2, 0xC8, 0xC4, 0xE0, 0x54, 0x34, 0x9D, 0x17, 0xDD, 0xC1, 0xD6, 0x39, 0x0C, 0x39, 0x99, 0x07, 0x0B},
IV: []uint8{0xD3, 0x41, 0x1C, 0x53, 0xB5, 0xC4, 0x9F, 0xB3, 0x39, 0x69, 0x0E, 0xAC, 0x86, 0xD0, 0x71, 0x07}, IV: []uint8{0xD3, 0x41, 0x1C, 0x53, 0xB5, 0xC4, 0x9F, 0xB3, 0x39, 0x69, 0x0E, 0xAC, 0x86, 0xD0, 0x71, 0x07},
}}, }},
"SHA384": {CG: BytesToKeySHA384, OC: Creds{
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha384
// salt=0001020304050607
// key=9BB4703E4EF60FCC812DBE757240219AE2370CC1DF9A685BAAC60CCA99B76222
// iv =D64BDFF4A105BCEFEF28183B9722CDEC
Key: []uint8{0x9B, 0xB4, 0x70, 0x3E, 0x4E, 0xF6, 0x0F, 0xCC, 0x81, 0x2D, 0xBE, 0x75, 0x72, 0x40, 0x21, 0x9A, 0xE2, 0x37, 0x0C, 0xC1, 0xDF, 0x9A, 0x68, 0x5B, 0xAA, 0xC6, 0x0C, 0xCA, 0x99, 0xB7, 0x62, 0x22},
IV: []uint8{0xD6, 0x4B, 0xDF, 0xF4, 0xA1, 0x05, 0xBC, 0xEF, 0xEF, 0x28, 0x18, 0x3B, 0x97, 0x22, 0xCD, 0xEC},
}},
"SHA512": {CG: BytesToKeySHA512, OC: Creds{
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha512
// salt=0001020304050607
// key=735C94766AA35E84C1A314EB4505F177008B64F9853D1E10BF19C943313250D1
// iv =304B88C772E582D8BBBBB3B3F535422C
Key: []uint8{0x73, 0x5C, 0x94, 0x76, 0x6A, 0xA3, 0x5E, 0x84, 0xC1, 0xA3, 0x14, 0xEB, 0x45, 0x05, 0xF1, 0x77, 0x00, 0x8B, 0x64, 0xF9, 0x85, 0x3D, 0x1E, 0x10, 0xBF, 0x19, 0xC9, 0x43, 0x31, 0x32, 0x50, 0xD1},
IV: []uint8{0x30, 0x4B, 0x88, 0xC7, 0x72, 0xE5, 0x82, 0xD8, 0xBB, 0xBB, 0xB3, 0xB3, 0xF5, 0x35, 0x42, 0x2C},
}},
} { } {
res, err := tc.CG(pass, salt) res, err := tc.CG(pass, salt)
if err != nil { if err != nil {
@ -93,6 +109,22 @@ func TestPBKDF2Generator(t *testing.T) {
Key: []uint8{0x2D, 0x6C, 0x8A, 0x52, 0x5C, 0xC4, 0x57, 0xFF, 0x1C, 0x7C, 0xA1, 0xE8, 0xF3, 0x66, 0xFE, 0xE4, 0x41, 0xCD, 0x80, 0x56, 0x2A, 0xF6, 0xAD, 0x12, 0xA6, 0xB7, 0x03, 0x3C, 0x12, 0xBA, 0x05, 0x14}, Key: []uint8{0x2D, 0x6C, 0x8A, 0x52, 0x5C, 0xC4, 0x57, 0xFF, 0x1C, 0x7C, 0xA1, 0xE8, 0xF3, 0x66, 0xFE, 0xE4, 0x41, 0xCD, 0x80, 0x56, 0x2A, 0xF6, 0xAD, 0x12, 0xA6, 0xB7, 0x03, 0x3C, 0x12, 0xBA, 0x05, 0x14},
IV: []uint8{0xF1, 0x0F, 0x5F, 0xAE, 0x49, 0xD9, 0xA7, 0x4C, 0x10, 0x4B, 0xFF, 0x83, 0x46, 0xDD, 0xEB, 0x0C}, IV: []uint8{0xF1, 0x0F, 0x5F, 0xAE, 0x49, 0xD9, 0xA7, 0x4C, 0x10, 0x4B, 0xFF, 0x83, 0x46, 0xDD, 0xEB, 0x0C},
}}, }},
"SHA384": {CG: PBKDF2SHA384, OC: Creds{
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha384
// salt=0001020304050607
// key=E73AA9008F7D33BBCBBFBCD3D69FE18802AD7807453BEF43761E2B3E88224132
// iv =1A7171E9FFE4F69B56077C5C823DAD92
Key: []uint8{0xE7, 0x3A, 0xA9, 0x00, 0x8F, 0x7D, 0x33, 0xBB, 0xCB, 0xBF, 0xBC, 0xD3, 0xD6, 0x9F, 0xE1, 0x88, 0x02, 0xAD, 0x78, 0x07, 0x45, 0x3B, 0xEF, 0x43, 0x76, 0x1E, 0x2B, 0x3E, 0x88, 0x22, 0x41, 0x32},
IV: []uint8{0x1A, 0x71, 0x71, 0xE9, 0xFF, 0xE4, 0xF6, 0x9B, 0x56, 0x07, 0x7C, 0x5C, 0x82, 0x3D, 0xAD, 0x92},
}},
"SHA512": {CG: PBKDF2SHA512, OC: Creds{
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha512
// salt=0001020304050607
// key=84D09D95F052EA32F0570817C0034D70392A966B319986539E97797841D65009
// iv =63254E32D530B2ECC13EF88E7CF3CD17
Key: []uint8{0x84, 0xD0, 0x9D, 0x95, 0xF0, 0x52, 0xEA, 0x32, 0xF0, 0x57, 0x08, 0x17, 0xC0, 0x03, 0x4D, 0x70, 0x39, 0x2A, 0x96, 0x6B, 0x31, 0x99, 0x86, 0x53, 0x9E, 0x97, 0x79, 0x78, 0x41, 0xD6, 0x50, 0x09},
IV: []uint8{0x63, 0x25, 0x4E, 0x32, 0xD5, 0x30, 0xB2, 0xEC, 0xC1, 0x3E, 0xF8, 0x8E, 0x7C, 0xF3, 0xCD, 0x17},
}},
} { } {
res, err := tc.CG(pass, salt) res, err := tc.CG(pass, salt)
if err != nil { if err != nil {

View file

@ -17,9 +17,13 @@ var testTable = []struct {
{"MD5", "md5", BytesToKeyMD5, false}, {"MD5", "md5", BytesToKeyMD5, false},
{"SHA1", "sha1", BytesToKeySHA1, false}, {"SHA1", "sha1", BytesToKeySHA1, false},
{"SHA256", "sha256", BytesToKeySHA256, false}, {"SHA256", "sha256", BytesToKeySHA256, false},
{"SHA384", "sha384", BytesToKeySHA384, false},
{"SHA512", "sha512", BytesToKeySHA512, false},
{"PBKDF2_MD5", "md5", PBKDF2MD5, true}, {"PBKDF2_MD5", "md5", PBKDF2MD5, true},
{"PBKDF2_SHA1", "sha1", PBKDF2SHA1, true}, {"PBKDF2_SHA1", "sha1", PBKDF2SHA1, true},
{"PBKDF2_SHA256", "sha256", PBKDF2SHA256, true}, {"PBKDF2_SHA256", "sha256", PBKDF2SHA256, true},
{"PBKDF2_SHA384", "sha384", PBKDF2SHA384, true},
{"PBKDF2_SHA512", "sha512", PBKDF2SHA512, true},
} }
func TestBinaryEncryptToDecryptWithCustomSalt(t *testing.T) { func TestBinaryEncryptToDecryptWithCustomSalt(t *testing.T) {