1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
|
21 |
|
package org.xwiki.crypto.password.internal.kdf.factory; |
22 |
|
|
23 |
|
import org.bouncycastle.util.encoders.Hex; |
24 |
|
import org.junit.Before; |
25 |
|
import org.junit.Rule; |
26 |
|
import org.junit.Test; |
27 |
|
import org.xwiki.crypto.params.cipher.symmetric.KeyParameter; |
28 |
|
import org.xwiki.crypto.params.cipher.symmetric.KeyWithIVParameters; |
29 |
|
import org.xwiki.crypto.password.KeyDerivationFunction; |
30 |
|
import org.xwiki.crypto.password.KeyDerivationFunctionFactory; |
31 |
|
import org.xwiki.crypto.password.PasswordToByteConverter; |
32 |
|
import org.xwiki.crypto.password.params.PBKDF2Parameters; |
33 |
|
import org.xwiki.test.mockito.MockitoComponentMockingRule; |
34 |
|
|
35 |
|
import static org.hamcrest.CoreMatchers.equalTo; |
36 |
|
import static org.hamcrest.CoreMatchers.not; |
37 |
|
import static org.junit.Assert.assertThat; |
38 |
|
import static org.xwiki.crypto.password.PasswordToByteConverter.ToBytesMode.PKCS12; |
39 |
|
import static org.xwiki.crypto.password.PasswordToByteConverter.ToBytesMode.PKCS5; |
40 |
|
|
41 |
|
|
42 |
|
|
43 |
|
|
44 |
|
@version |
45 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (107) |
Complexity: 15 |
Complexity Density: 0.16 |
|
46 |
|
public class BcPKCS5S2KeyDerivationFunctionFactoryTest |
47 |
|
{ |
48 |
|
@Rule |
49 |
|
public final MockitoComponentMockingRule<KeyDerivationFunctionFactory> mocker = |
50 |
|
new MockitoComponentMockingRule<KeyDerivationFunctionFactory>(BcPKCS5S2KeyDerivationFunctionFactory.class); |
51 |
|
|
52 |
|
KeyDerivationFunctionFactory factory; |
53 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
54 |
13 |
@Before... |
55 |
|
public void configure() throws Exception |
56 |
|
{ |
57 |
13 |
factory = mocker.getComponentUnderTest(); |
58 |
|
} |
59 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
60 |
18 |
KeyDerivationFunction getKDFInstance(PBKDF2Parameters parameters)... |
61 |
|
{ |
62 |
18 |
return factory.getInstance(parameters); |
63 |
|
} |
64 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
1PASS
|
|
65 |
1 |
@Test... |
66 |
|
public void pbkdf2PropertiesTest() throws Exception |
67 |
|
{ |
68 |
1 |
assertThat(factory.getKDFAlgorithmName(), equalTo("PKCS5S2")); |
69 |
|
} |
70 |
|
|
71 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 1 |
Complexity Density: 0.25 |
1PASS
|
|
72 |
1 |
@Test... |
73 |
|
public void pbkdf2ConformanceTest1() throws Exception |
74 |
|
{ |
75 |
1 |
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); |
76 |
1 |
byte[] password = PasswordToByteConverter.convert("password", PKCS5); |
77 |
1 |
byte[] key = Hex.decode("D1 DA A7 86 15 F2 87 E6"); |
78 |
|
|
79 |
1 |
assertThat(getKDFInstance( |
80 |
|
new PBKDF2Parameters(8, 5, salt)).derive(password).getKey(), equalTo(key)); |
81 |
|
} |
82 |
|
|
83 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 1 |
Complexity Density: 0.25 |
1PASS
|
|
84 |
1 |
@Test... |
85 |
|
public void pbkdf2ConformanceTest2() throws Exception |
86 |
|
{ |
87 |
1 |
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); |
88 |
1 |
byte[] password = PasswordToByteConverter.convert( |
89 |
|
"All n-entities must communicate with other n-entities via n-1 entiteeheehees", PKCS5); |
90 |
1 |
byte[] key = Hex.decode("6A 89 70 BF 68 C9 2C AE A8 4A 8D F2 85 10 85 86"); |
91 |
|
|
92 |
1 |
assertThat(getKDFInstance( |
93 |
|
new PBKDF2Parameters(16, 500, salt)).derive(password).getKey(), equalTo(key)); |
94 |
|
} |
95 |
|
|
96 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 1 |
Complexity Density: 0.25 |
1PASS
|
|
97 |
1 |
@Test... |
98 |
|
public void pbkdf2ConfluenceTest() throws Exception |
99 |
|
{ |
100 |
1 |
byte[] salt = Hex.decode("0d0217254d37f2ee0fec576cb854d8ff"); |
101 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
102 |
1 |
byte[] key = Hex.decode("edf96e6e3591f8d96b9ed4addc47a7632edea176bb2fa8a03fa3179b75b5bf09"); |
103 |
|
|
104 |
1 |
assertThat(getKDFInstance( |
105 |
|
new PBKDF2Parameters(32, 10000, salt)).derive(password).getKey(), equalTo(key)); |
106 |
|
} |
107 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 1 |
Complexity Density: 0.25 |
1PASS
|
|
108 |
1 |
@Test... |
109 |
|
public void pbkdf2PKCS12Test() throws Exception |
110 |
|
{ |
111 |
1 |
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); |
112 |
1 |
byte[] password = PasswordToByteConverter.convert("password", PKCS12); |
113 |
1 |
byte[] key = new byte[] { 5, 54, -36, -24, 96, -76, 7, -128 }; |
114 |
|
|
115 |
1 |
assertThat(getKDFInstance( |
116 |
|
new PBKDF2Parameters(8, 5, salt)).derive(password).getKey(), equalTo(key)); |
117 |
|
} |
118 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (7) |
Complexity: 1 |
Complexity Density: 0.14 |
1PASS
|
|
119 |
1 |
@Test... |
120 |
|
public void pbkdf2WithIVTest() throws Exception |
121 |
|
{ |
122 |
1 |
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); |
123 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
124 |
1 |
byte[] key = Hex.decode("d1daa78615f287e6a1c8b120d7062a493f98d203e6be49a6adf4fa574b6e64ee"); |
125 |
1 |
byte[] iv = Hex.decode("df377ef2e8ad463fb711f1b4ff27139a"); |
126 |
|
|
127 |
1 |
KeyWithIVParameters params = |
128 |
|
getKDFInstance(new PBKDF2Parameters(32, 5, salt)).derive(password, 16); |
129 |
|
|
130 |
1 |
assertThat(params.getKey(), equalTo(key)); |
131 |
1 |
assertThat(params.getIV(), equalTo(iv)); |
132 |
|
} |
133 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (9) |
Complexity: 1 |
Complexity Density: 0.11 |
1PASS
|
|
134 |
1 |
@Test... |
135 |
|
public void pbkdf2KeyWithRandomSalt() throws Exception |
136 |
|
{ |
137 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
138 |
|
|
139 |
1 |
PBKDF2Parameters kdfParam1 = new PBKDF2Parameters(32, 5); |
140 |
1 |
KeyParameter params1 = getKDFInstance(kdfParam1).derive(password); |
141 |
|
|
142 |
1 |
PBKDF2Parameters kdfParam2 = new PBKDF2Parameters(32, 5); |
143 |
1 |
KeyParameter params2 = getKDFInstance(kdfParam2).derive(password); |
144 |
|
|
145 |
1 |
assertThat(params1.getKey(), not(equalTo(params2.getKey()))); |
146 |
1 |
assertThat(params1.getKey().length, equalTo(32)); |
147 |
1 |
assertThat(kdfParam1.getIterationCount(), equalTo(kdfParam2.getIterationCount())); |
148 |
1 |
assertThat(kdfParam1.getSalt(), not(equalTo(kdfParam2.getSalt()))); |
149 |
|
} |
150 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (10) |
Complexity: 1 |
Complexity Density: 0.1 |
1PASS
|
|
151 |
1 |
@Test... |
152 |
|
public void pbkdf2KeyWithRandomIterationCount() throws Exception |
153 |
|
{ |
154 |
1 |
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); |
155 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
156 |
|
|
157 |
1 |
PBKDF2Parameters kdfParam1 = new PBKDF2Parameters(24, salt); |
158 |
1 |
KeyParameter params1 = getKDFInstance(kdfParam1).derive(password); |
159 |
|
|
160 |
1 |
PBKDF2Parameters kdfParam2 = new PBKDF2Parameters(24, salt); |
161 |
1 |
KeyParameter params2 = getKDFInstance(kdfParam2).derive(password); |
162 |
|
|
163 |
1 |
assertThat(params1.getKey(), not(equalTo(params2.getKey()))); |
164 |
1 |
assertThat(params1.getKey().length, equalTo(24)); |
165 |
1 |
assertThat(kdfParam1.getSalt(), equalTo(kdfParam2.getSalt())); |
166 |
1 |
assertThat(kdfParam1.getIterationCount(), not(equalTo(kdfParam2.getIterationCount()))); |
167 |
|
} |
168 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (9) |
Complexity: 1 |
Complexity Density: 0.11 |
1PASS
|
|
169 |
1 |
@Test... |
170 |
|
public void pbkdf2KeyWithRandomSaltAndIterationCount() throws Exception |
171 |
|
{ |
172 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
173 |
|
|
174 |
1 |
PBKDF2Parameters kdfParam1 = new PBKDF2Parameters(16); |
175 |
1 |
KeyParameter params1 = getKDFInstance(kdfParam1).derive(password); |
176 |
|
|
177 |
1 |
PBKDF2Parameters kdfParam2 = new PBKDF2Parameters(16); |
178 |
1 |
KeyParameter params2 = getKDFInstance(kdfParam2).derive(password); |
179 |
|
|
180 |
1 |
assertThat(params1.getKey(), not(equalTo(params2.getKey()))); |
181 |
1 |
assertThat(params1.getKey().length, equalTo(16)); |
182 |
1 |
assertThat(kdfParam1.getSalt(), not(equalTo(kdfParam2.getSalt()))); |
183 |
1 |
assertThat(kdfParam1.getIterationCount(), not(equalTo(kdfParam2.getIterationCount()))); |
184 |
|
} |
185 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (10) |
Complexity: 1 |
Complexity Density: 0.1 |
1PASS
|
|
186 |
1 |
@Test... |
187 |
|
public void pbkdf2KeyWithIVWithRandomSalt() throws Exception |
188 |
|
{ |
189 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
190 |
|
|
191 |
1 |
PBKDF2Parameters kdfParam1 = new PBKDF2Parameters(32, 5); |
192 |
1 |
KeyWithIVParameters params1 = getKDFInstance(kdfParam1).derive(password, 16); |
193 |
|
|
194 |
1 |
PBKDF2Parameters kdfParam2 = new PBKDF2Parameters(32, 5); |
195 |
1 |
KeyWithIVParameters params2 = getKDFInstance(kdfParam2).derive(password, 16); |
196 |
|
|
197 |
1 |
assertThat(params1.getKey(), not(equalTo(params2.getKey()))); |
198 |
1 |
assertThat(params1.getKey().length, equalTo(32)); |
199 |
1 |
assertThat(params1.getIV().length, equalTo(16)); |
200 |
1 |
assertThat(kdfParam1.getIterationCount(), equalTo(kdfParam2.getIterationCount())); |
201 |
1 |
assertThat(kdfParam1.getSalt(), not(equalTo(kdfParam2.getSalt()))); |
202 |
|
} |
203 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (11) |
Complexity: 1 |
Complexity Density: 0.09 |
1PASS
|
|
204 |
1 |
@Test... |
205 |
|
public void pbkdf2KeyWithIVWithRandomIterationCount() throws Exception |
206 |
|
{ |
207 |
1 |
byte[] salt = Hex.decode("12 34 56 78 78 56 34 12"); |
208 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
209 |
|
|
210 |
1 |
PBKDF2Parameters kdfParam1 = new PBKDF2Parameters(24, salt); |
211 |
1 |
KeyWithIVParameters params1 = getKDFInstance(kdfParam1).derive(password, 12); |
212 |
|
|
213 |
1 |
PBKDF2Parameters kdfParam2 = new PBKDF2Parameters(24, salt); |
214 |
1 |
KeyWithIVParameters params2 = getKDFInstance(kdfParam2).derive(password, 12); |
215 |
|
|
216 |
1 |
assertThat(params1.getKey(), not(equalTo(params2.getKey()))); |
217 |
1 |
assertThat(params1.getKey().length, equalTo(24)); |
218 |
1 |
assertThat(params1.getIV().length, equalTo(12)); |
219 |
1 |
assertThat(kdfParam1.getSalt(), equalTo(kdfParam2.getSalt())); |
220 |
1 |
assertThat(kdfParam1.getIterationCount(), not(equalTo(kdfParam2.getIterationCount()))); |
221 |
|
} |
222 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (10) |
Complexity: 1 |
Complexity Density: 0.1 |
1PASS
|
|
223 |
1 |
@Test... |
224 |
|
public void pbkdf2KeyWithIVWithRandomSaltAndIterationCount() throws Exception |
225 |
|
{ |
226 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
227 |
|
|
228 |
1 |
PBKDF2Parameters kdfParam1 = new PBKDF2Parameters(16); |
229 |
1 |
KeyWithIVParameters params1 = getKDFInstance(kdfParam1).derive(password, 8); |
230 |
|
|
231 |
1 |
PBKDF2Parameters kdfParam2 = new PBKDF2Parameters(16); |
232 |
1 |
KeyWithIVParameters params2 = getKDFInstance(kdfParam2).derive(password, 8); |
233 |
|
|
234 |
1 |
assertThat(params1.getKey(), not(equalTo(params2.getKey()))); |
235 |
1 |
assertThat(params1.getKey().length, equalTo(16)); |
236 |
1 |
assertThat(params1.getIV().length, equalTo(8)); |
237 |
1 |
assertThat(kdfParam1.getSalt(), not(equalTo(kdfParam2.getSalt()))); |
238 |
1 |
assertThat(kdfParam1.getIterationCount(), not(equalTo(kdfParam2.getIterationCount()))); |
239 |
|
} |
240 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (7) |
Complexity: 1 |
Complexity Density: 0.14 |
1PASS
|
|
241 |
1 |
@Test... |
242 |
|
public void pbkdf2SerializationDeserializationTest() throws Exception |
243 |
|
{ |
244 |
1 |
byte[] password = PasswordToByteConverter.convert("password"); |
245 |
1 |
KeyDerivationFunction kdf = getKDFInstance(new PBKDF2Parameters(32, 1000)); |
246 |
1 |
KeyWithIVParameters params = kdf.derive(password, 8); |
247 |
|
|
248 |
1 |
KeyDerivationFunction kdf2 = factory.getInstance(kdf.getEncoded()); |
249 |
1 |
KeyWithIVParameters params2 = kdf2.derive(password, 8); |
250 |
|
|
251 |
1 |
assertThat(params.getKey(), equalTo(params2.getKey())); |
252 |
1 |
assertThat(params2.getIV(), equalTo(params2.getIV())); |
253 |
|
} |
254 |
|
} |