mirror of
https://github.com/Luzifer/go-openssl.git
synced 2024-12-20 19:01:18 +00:00
Add pre-defined generators and compatibility tests for SHA384 and SHA512
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
0aca51aceb
commit
3d3b55e02b
3 changed files with 41 additions and 0 deletions
5
keys.go
5
keys.go
|
@ -4,6 +4,7 @@ import (
|
|||
"crypto/md5"
|
||||
"crypto/sha1"
|
||||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"hash"
|
||||
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
|
@ -18,9 +19,13 @@ var (
|
|||
BytesToKeyMD5 = NewBytesToKeyGenerator(md5.New)
|
||||
BytesToKeySHA1 = NewBytesToKeyGenerator(sha1.New)
|
||||
BytesToKeySHA256 = NewBytesToKeyGenerator(sha256.New)
|
||||
BytesToKeySHA384 = NewBytesToKeyGenerator(sha512.New384)
|
||||
BytesToKeySHA512 = NewBytesToKeyGenerator(sha512.New)
|
||||
PBKDF2MD5 = NewPBKDF2Generator(md5.New, DefaultPBKDF2Iterations)
|
||||
PBKDF2SHA1 = NewPBKDF2Generator(sha1.New, DefaultPBKDF2Iterations)
|
||||
PBKDF2SHA256 = NewPBKDF2Generator(sha256.New, DefaultPBKDF2Iterations)
|
||||
PBKDF2SHA384 = NewPBKDF2Generator(sha512.New384, DefaultPBKDF2Iterations)
|
||||
PBKDF2SHA512 = NewPBKDF2Generator(sha512.New, DefaultPBKDF2Iterations)
|
||||
)
|
||||
|
||||
// openSSLEvpBytesToKey follows the OpenSSL (undocumented?) convention for extracting the key and IV from passphrase.
|
||||
|
|
32
keys_test.go
32
keys_test.go
|
@ -39,6 +39,22 @@ func TestBytesToKeyGenerator(t *testing.T) {
|
|||
Key: []uint8{0xC3, 0x09, 0xEE, 0x4C, 0x68, 0x09, 0xDF, 0x8C, 0x01, 0x37, 0xF8, 0x0D, 0x84, 0x09, 0xDA, 0xC2, 0xC8, 0xC4, 0xE0, 0x54, 0x34, 0x9D, 0x17, 0xDD, 0xC1, 0xD6, 0x39, 0x0C, 0x39, 0x99, 0x07, 0x0B},
|
||||
IV: []uint8{0xD3, 0x41, 0x1C, 0x53, 0xB5, 0xC4, 0x9F, 0xB3, 0x39, 0x69, 0x0E, 0xAC, 0x86, 0xD0, 0x71, 0x07},
|
||||
}},
|
||||
"SHA384": {CG: BytesToKeySHA384, OC: Creds{
|
||||
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha384
|
||||
// salt=0001020304050607
|
||||
// key=9BB4703E4EF60FCC812DBE757240219AE2370CC1DF9A685BAAC60CCA99B76222
|
||||
// iv =D64BDFF4A105BCEFEF28183B9722CDEC
|
||||
Key: []uint8{0x9B, 0xB4, 0x70, 0x3E, 0x4E, 0xF6, 0x0F, 0xCC, 0x81, 0x2D, 0xBE, 0x75, 0x72, 0x40, 0x21, 0x9A, 0xE2, 0x37, 0x0C, 0xC1, 0xDF, 0x9A, 0x68, 0x5B, 0xAA, 0xC6, 0x0C, 0xCA, 0x99, 0xB7, 0x62, 0x22},
|
||||
IV: []uint8{0xD6, 0x4B, 0xDF, 0xF4, 0xA1, 0x05, 0xBC, 0xEF, 0xEF, 0x28, 0x18, 0x3B, 0x97, 0x22, 0xCD, 0xEC},
|
||||
}},
|
||||
"SHA512": {CG: BytesToKeySHA512, OC: Creds{
|
||||
// # echo "" | openssl enc -e -P -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha512
|
||||
// salt=0001020304050607
|
||||
// key=735C94766AA35E84C1A314EB4505F177008B64F9853D1E10BF19C943313250D1
|
||||
// iv =304B88C772E582D8BBBBB3B3F535422C
|
||||
Key: []uint8{0x73, 0x5C, 0x94, 0x76, 0x6A, 0xA3, 0x5E, 0x84, 0xC1, 0xA3, 0x14, 0xEB, 0x45, 0x05, 0xF1, 0x77, 0x00, 0x8B, 0x64, 0xF9, 0x85, 0x3D, 0x1E, 0x10, 0xBF, 0x19, 0xC9, 0x43, 0x31, 0x32, 0x50, 0xD1},
|
||||
IV: []uint8{0x30, 0x4B, 0x88, 0xC7, 0x72, 0xE5, 0x82, 0xD8, 0xBB, 0xBB, 0xB3, 0xB3, 0xF5, 0x35, 0x42, 0x2C},
|
||||
}},
|
||||
} {
|
||||
res, err := tc.CG(pass, salt)
|
||||
if err != nil {
|
||||
|
@ -93,6 +109,22 @@ func TestPBKDF2Generator(t *testing.T) {
|
|||
Key: []uint8{0x2D, 0x6C, 0x8A, 0x52, 0x5C, 0xC4, 0x57, 0xFF, 0x1C, 0x7C, 0xA1, 0xE8, 0xF3, 0x66, 0xFE, 0xE4, 0x41, 0xCD, 0x80, 0x56, 0x2A, 0xF6, 0xAD, 0x12, 0xA6, 0xB7, 0x03, 0x3C, 0x12, 0xBA, 0x05, 0x14},
|
||||
IV: []uint8{0xF1, 0x0F, 0x5F, 0xAE, 0x49, 0xD9, 0xA7, 0x4C, 0x10, 0x4B, 0xFF, 0x83, 0x46, 0xDD, 0xEB, 0x0C},
|
||||
}},
|
||||
"SHA384": {CG: PBKDF2SHA384, OC: Creds{
|
||||
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha384
|
||||
// salt=0001020304050607
|
||||
// key=E73AA9008F7D33BBCBBFBCD3D69FE18802AD7807453BEF43761E2B3E88224132
|
||||
// iv =1A7171E9FFE4F69B56077C5C823DAD92
|
||||
Key: []uint8{0xE7, 0x3A, 0xA9, 0x00, 0x8F, 0x7D, 0x33, 0xBB, 0xCB, 0xBF, 0xBC, 0xD3, 0xD6, 0x9F, 0xE1, 0x88, 0x02, 0xAD, 0x78, 0x07, 0x45, 0x3B, 0xEF, 0x43, 0x76, 0x1E, 0x2B, 0x3E, 0x88, 0x22, 0x41, 0x32},
|
||||
IV: []uint8{0x1A, 0x71, 0x71, 0xE9, 0xFF, 0xE4, 0xF6, 0x9B, 0x56, 0x07, 0x7C, 0x5C, 0x82, 0x3D, 0xAD, 0x92},
|
||||
}},
|
||||
"SHA512": {CG: PBKDF2SHA512, OC: Creds{
|
||||
// # echo "" | openssl enc -e -P -pbkdf2 -aes-256-cbc -pass "pass:myverysecretpass" -S 0001020304050607 -md sha512
|
||||
// salt=0001020304050607
|
||||
// key=84D09D95F052EA32F0570817C0034D70392A966B319986539E97797841D65009
|
||||
// iv =63254E32D530B2ECC13EF88E7CF3CD17
|
||||
Key: []uint8{0x84, 0xD0, 0x9D, 0x95, 0xF0, 0x52, 0xEA, 0x32, 0xF0, 0x57, 0x08, 0x17, 0xC0, 0x03, 0x4D, 0x70, 0x39, 0x2A, 0x96, 0x6B, 0x31, 0x99, 0x86, 0x53, 0x9E, 0x97, 0x79, 0x78, 0x41, 0xD6, 0x50, 0x09},
|
||||
IV: []uint8{0x63, 0x25, 0x4E, 0x32, 0xD5, 0x30, 0xB2, 0xEC, 0xC1, 0x3E, 0xF8, 0x8E, 0x7C, 0xF3, 0xCD, 0x17},
|
||||
}},
|
||||
} {
|
||||
res, err := tc.CG(pass, salt)
|
||||
if err != nil {
|
||||
|
|
|
@ -17,9 +17,13 @@ var testTable = []struct {
|
|||
{"MD5", "md5", BytesToKeyMD5, false},
|
||||
{"SHA1", "sha1", BytesToKeySHA1, false},
|
||||
{"SHA256", "sha256", BytesToKeySHA256, false},
|
||||
{"SHA384", "sha384", BytesToKeySHA384, false},
|
||||
{"SHA512", "sha512", BytesToKeySHA512, false},
|
||||
{"PBKDF2_MD5", "md5", PBKDF2MD5, true},
|
||||
{"PBKDF2_SHA1", "sha1", PBKDF2SHA1, true},
|
||||
{"PBKDF2_SHA256", "sha256", PBKDF2SHA256, true},
|
||||
{"PBKDF2_SHA384", "sha384", PBKDF2SHA384, true},
|
||||
{"PBKDF2_SHA512", "sha512", PBKDF2SHA512, true},
|
||||
}
|
||||
|
||||
func TestBinaryEncryptToDecryptWithCustomSalt(t *testing.T) {
|
||||
|
|
Loading…
Reference in a new issue