Home | History | Annotate | Download | only in Cryptest 
      1 /** @file
      2   Application for PKCS#5 PBKDF2 Function Validation.
      3 
      4 Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
      5 This program and the accompanying materials
      6 are licensed and made available under the terms and conditions of the BSD License
      7 which accompanies this distribution.  The full text of the license may be found at
      8 http://opensource.org/licenses/bsd-license.php
      9 
     10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     12 
     13 **/
     14 
     15 #include "Cryptest.h"
     16 
     17 //
     18 // PBKDF2 HMAC-SHA1 Test Vector from RFC6070
     19 //
     20 GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8  *Password = "password";  // Input Password
     21 GLOBAL_REMOVE_IF_UNREFERENCED UINTN        PassLen   = 8;           // Length of Input Password
     22 GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8  *Salt     = "salt";      // Input Salt
     23 GLOBAL_REMOVE_IF_UNREFERENCED UINTN        SaltLen   = 4;           // Length of Input Salt
     24 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN  Count     = 2;           // InterationCount
     25 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN  KeyLen    = 20;          // Length of derived key
     26 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8  DerivedKey[]  = {        // Expected output key
     27   0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
     28   0xd8, 0xde, 0x89, 0x57
     29   };
     30 
     31 /**
     32   Validate UEFI-OpenSSL PKCS#5 PBKDF2 Interface.
     33 
     34   @retval  EFI_SUCCESS  Validation succeeded.
     35   @retval  EFI_ABORTED  Validation failed.
     36 
     37 **/
     38 EFI_STATUS
     39 ValidateCryptPkcs5Pbkdf2 (
     40   VOID
     41   )
     42 {
     43   BOOLEAN  Status;
     44   UINT8    *OutKey;
     45 
     46   Print (L"\nUEFI-OpenSSL PKCS#5 PBKDF2 Testing: ");
     47   Print (L"\n- PKCS#5 PBKDF2 Verification: ");
     48 
     49   OutKey = AllocatePool (KeyLen);
     50   if (OutKey == NULL) {
     51     Print (L"[Fail]");
     52     return EFI_ABORTED;
     53   }
     54 
     55   //
     56   // Verify PKCS#5 PBKDF2 Key Derivation Function
     57   //
     58   Print (L"Deriving Key... ");
     59   Status = Pkcs5HashPassword (
     60              PassLen,
     61              Password,
     62              SaltLen,
     63              (CONST UINT8 *)Salt,
     64              Count,
     65              SHA1_DIGEST_SIZE,
     66              KeyLen,
     67              OutKey
     68              );
     69 
     70   if (!Status) {
     71     Print (L"[Fail]");
     72     FreePool (OutKey);
     73     return EFI_ABORTED;
     74   }
     75 
     76   //
     77   // Check the output key with the expected key result
     78   //
     79   Print (L"Check Derived Key... ");
     80   if (CompareMem (OutKey, DerivedKey, KeyLen) != 0) {
     81     Print (L"[Fail]");
     82     FreePool (OutKey);
     83     return EFI_ABORTED;
     84   }
     85 
     86   Print (L"[Pass]\n");
     87 
     88   //
     89   // Release Resources
     90   //
     91   FreePool (OutKey);
     92 
     93   return EFI_SUCCESS;
     94 }
     95