VirtualBox

source: vbox/trunk/src/libs/openssl-3.1.5/test/recipes/20-test_passwd.t@ 105770

Last change on this file since 105770 was 104078, checked in by vboxsync, 8 months ago

openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638

File size: 6.4 KB
Line 
1#! /usr/bin/env perl
2# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License"). You may not use
5# this file except in compliance with the License. You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10use strict;
11use warnings;
12
13use OpenSSL::Test;
14use OpenSSL::Test::Utils;
15
16setup("test_passwd");
17
18# The following tests are an adaptation of those in
19# https://www.akkadia.org/drepper/SHA-crypt.txt
20my @sha_tests =
21 ({ type => '5',
22 salt => 'saltstring',
23 key => 'Hello world!',
24 expected => '$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5' },
25 { type => '5',
26 salt => 'rounds=10000$saltstringsaltstring',
27 key => 'Hello world!',
28 expected => '$5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2.opqey6IcA' },
29 { type => '5',
30 salt => 'rounds=5000$toolongsaltstring',
31 key => 'This is just a test',
32 expected => '$5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8mGRcvxa5' },
33 { type => '5',
34 salt => 'rounds=1400$anotherlongsaltstring',
35 key => 'a very much longer text to encrypt. This one even stretches over morethan one line.',
36 expected => '$5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12oP84Bnq1' },
37 { type => '5',
38 salt => 'rounds=10$roundstoolow',
39 key => 'the minimum number is still observed',
40 expected => '$5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL972bIC' },
41 { type => '6',
42 salt => 'saltstring',
43 key => 'Hello world!',
44 expected => '$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1' },
45 { type => '6',
46 salt => 'rounds=10000$saltstringsaltstring',
47 key => 'Hello world!',
48 expected => '$6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v.' },
49 { type => '6',
50 salt => 'rounds=5000$toolongsaltstring',
51 key => 'This is just a test',
52 expected => '$6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQzQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0' },
53 { type => '6',
54 salt => 'rounds=1400$anotherlongsaltstring',
55 key => 'a very much longer text to encrypt. This one even stretches over morethan one line.',
56 expected => '$6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wPvMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1' },
57 { type => '6',
58 salt => 'rounds=10$roundstoolow',
59 key => 'the minimum number is still observed',
60 expected => '$6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX.' }
61 );
62# From the same source as above, these tests use a number of rounds > 10000. They are separated because this can
63# cause out of memory problems in the address sanitizer in the no-cache-fetch build.
64my @sha_high_rounds_tests =
65 ({ type => '5',
66 salt => 'rounds=77777$short',
67 key => 'we have a short salt string but not a short password',
68 expected => '$5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/' },
69 { type => '5',
70 salt => 'rounds=123456$asaltof16chars..',
71 key => 'a short string',
72 expected => '$5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/cZKmF/wJvD' },
73 { type => '6',
74 salt => 'rounds=77777$short',
75 key => 'we have a short salt string but not a short password',
76 expected => '$6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0gge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0' },
77 { type => '6',
78 salt => 'rounds=123456$asaltof16chars..',
79 key => 'a short string',
80 expected => '$6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwcelCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1' },
81 );
82
83plan tests => 9 + scalar @sha_tests + scalar @sha_high_rounds_tests;
84
85
86ok(compare1stline_re([qw{openssl passwd -1 password}], '^\$1\$.{8}\$.{22}\R$'),
87 'BSD style MD5 password with random salt');
88ok(compare1stline_re([qw{openssl passwd -apr1 password}], '^\$apr1\$.{8}\$.{22}\R$'),
89 'Apache style MD5 password with random salt');
90ok(compare1stline_re([qw{openssl passwd -5 password}], '^\$5\$.{16}\$.{43}\R$'),
91 'SHA256 password with random salt');
92ok(compare1stline_re([qw{openssl passwd -6 password}], '^\$6\$.{16}\$.{86}\R$'),
93 'Apache SHA512 password with random salt');
94
95ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -1 password}], '$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.'),
96 'BSD style MD5 password with salt xxxxxxxx');
97ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -apr1 password}], '$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0'),
98 'Apache style MD5 password with salt xxxxxxxx');
99ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -aixmd5 password}], 'xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/'),
100 'AIX style MD5 password with salt xxxxxxxx');
101ok(compare1stline([qw{openssl passwd -salt xxxxxxxxxxxxxxxx -5 password}], '$5$xxxxxxxxxxxxxxxx$fHytsM.wVD..zPN/h3i40WJRggt/1f73XkAC/gkelkB'),
102 'SHA256 password with salt xxxxxxxxxxxxxxxx');
103ok(compare1stline([qw{openssl passwd -salt xxxxxxxxxxxxxxxx -6 password}], '$6$xxxxxxxxxxxxxxxx$VjGUrXBG6/8yW0f6ikBJVOb/lK/Tm9LxHJmFfwMvT7cpk64N9BW7ZQhNeMXAYFbOJ6HDG7wb0QpxJyYQn0rh81'),
104 'SHA512 password with salt xxxxxxxxxxxxxxxx');
105
106foreach (@sha_tests) {
107 ok(compare1stline([qw{openssl passwd}, '-'.$_->{type}, '-salt', $_->{salt},
108 $_->{key}], $_->{expected}),
109 { 5 => 'SHA256', 6 => 'SHA512' }->{$_->{type}} . ' password with salt ' . $_->{salt});
110}
111
112SKIP: {
113 skip "Skipping high rounds tests in non caching builds", scalar @sha_high_rounds_tests
114 if disabled("cached-fetch");
115
116 foreach (@sha_high_rounds_tests) {
117 ok(compare1stline([qw{openssl passwd}, '-'.$_->{type}, '-salt', $_->{salt},
118 $_->{key}], $_->{expected}),
119 { 5 => 'SHA256', 6 => 'SHA512' }->{$_->{type}} . ' password with salt ' . $_->{salt});
120 }
121}
122
123sub compare1stline_re {
124 my ($cmdarray, $regexp) = @_;
125 my @lines = run(app($cmdarray), capture => 1);
126
127 return $lines[0] =~ m|$regexp|;
128}
129
130sub compare1stline {
131 my ($cmdarray, $str) = @_;
132 my @lines = run(app($cmdarray), capture => 1);
133
134 return $lines[0] =~ m|^\Q${str}\E\R$|;
135}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette