mirror of
https://github.com/weechat/weechat.git
synced 2026-07-07 02:03:13 +02:00
core: move crypto functions to wee-crypto.c, rename API function string_hash to crypto_hash
This commit is contained in:
@@ -25,7 +25,6 @@ extern "C"
|
||||
{
|
||||
#include <string.h>
|
||||
#include <gcrypt.h>
|
||||
#include "tests/unit/core/test-core.h"
|
||||
#include "src/core/wee-secure.h"
|
||||
#include "src/core/wee-string.h"
|
||||
|
||||
@@ -33,71 +32,6 @@ extern "C"
|
||||
#define SECURE_PASSWORD "this_is_a_secret_password"
|
||||
#define TOTP_SECRET "secretpasswordbase32"
|
||||
|
||||
#define WEE_CHECK_HASH(__result_code, __result_hash, \
|
||||
__data, __data_size, __hash_algo) \
|
||||
if (__result_hash) \
|
||||
{ \
|
||||
hash_size_expected = string_base16_decode (__result_hash, \
|
||||
hash_expected); \
|
||||
} \
|
||||
else \
|
||||
{ \
|
||||
hash_size_expected = 0; \
|
||||
} \
|
||||
hash_size = -1; \
|
||||
LONGS_EQUAL(__result_code, \
|
||||
secure_hash (__data, __data_size, __hash_algo, \
|
||||
hash, &hash_size)); \
|
||||
if (__result_hash) \
|
||||
{ \
|
||||
MEMCMP_EQUAL(hash_expected, hash, hash_size); \
|
||||
} \
|
||||
LONGS_EQUAL(hash_size_expected, hash_size);
|
||||
|
||||
#define WEE_CHECK_HASH_PBKDF2(__result_code, __result_hash, \
|
||||
__data, __data_size, \
|
||||
__hash_subalgo, __salt, __salt_size, \
|
||||
__iterations) \
|
||||
if (__result_hash) \
|
||||
{ \
|
||||
hash_size_expected = string_base16_decode (__result_hash, \
|
||||
hash_expected); \
|
||||
} \
|
||||
else \
|
||||
{ \
|
||||
hash_size_expected = 0; \
|
||||
} \
|
||||
hash_size = -1; \
|
||||
LONGS_EQUAL(__result_code, \
|
||||
secure_hash_pbkdf2 (__data, __data_size, \
|
||||
__hash_subalgo, \
|
||||
__salt, __salt_size, \
|
||||
__iterations, \
|
||||
hash, &hash_size)); \
|
||||
if (__result_hash) \
|
||||
{ \
|
||||
MEMCMP_EQUAL(hash_expected, hash, hash_size); \
|
||||
} \
|
||||
LONGS_EQUAL(hash_size_expected, hash_size);
|
||||
|
||||
#define WEE_CHECK_TOTP_GENERATE(__result, __secret, __time, __digits) \
|
||||
totp = secure_totp_generate (__secret, __time, __digits); \
|
||||
if (__result == NULL) \
|
||||
{ \
|
||||
POINTERS_EQUAL(NULL, totp); \
|
||||
} \
|
||||
else \
|
||||
{ \
|
||||
STRCMP_EQUAL(__result, totp); \
|
||||
} \
|
||||
if (totp) \
|
||||
free (totp);
|
||||
|
||||
#define WEE_CHECK_TOTP_VALIDATE(__result, __secret, __time, __window, \
|
||||
__otp) \
|
||||
LONGS_EQUAL(__result, secure_totp_validate (__secret, __time, \
|
||||
__window, __otp));
|
||||
|
||||
extern int secure_derive_key (const char *salt, const char *passphrase,
|
||||
unsigned char *key, int length_key);
|
||||
}
|
||||
@@ -106,90 +40,6 @@ TEST_GROUP(CoreSecure)
|
||||
{
|
||||
};
|
||||
|
||||
/*
|
||||
* Tests functions:
|
||||
* secure_hash
|
||||
*/
|
||||
|
||||
TEST(CoreSecure, Hash)
|
||||
{
|
||||
const char *data = DATA_HASH;
|
||||
char hash_expected[4096], hash[4096];
|
||||
int data_size, hash_size_expected, hash_size;
|
||||
|
||||
data_size = strlen (data);
|
||||
|
||||
WEE_CHECK_HASH(0, NULL, NULL, 0, 0);
|
||||
WEE_CHECK_HASH(0, NULL, "test", 0, 0);
|
||||
|
||||
WEE_CHECK_HASH(1, DATA_HASH_CRC32, data, data_size, GCRY_MD_CRC32);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_MD5, data, data_size, GCRY_MD_MD5);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA1, data, data_size, GCRY_MD_SHA1);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA224, data, data_size, GCRY_MD_SHA224);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA256, data, data_size, GCRY_MD_SHA256);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA384, data, data_size, GCRY_MD_SHA384);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA512, data, data_size, GCRY_MD_SHA512);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA3_224, data, data_size, GCRY_MD_SHA3_224);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA3_256, data, data_size, GCRY_MD_SHA3_256);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA3_384, data, data_size, GCRY_MD_SHA3_384);
|
||||
WEE_CHECK_HASH(1, DATA_HASH_SHA3_512, data, data_size, GCRY_MD_SHA3_512);
|
||||
}
|
||||
|
||||
/*
|
||||
* Tests functions:
|
||||
* secure_hash_pbkdf2
|
||||
*/
|
||||
|
||||
TEST(CoreSecure, HashPbkdf2)
|
||||
{
|
||||
const char *data = DATA_HASH, *salt = DATA_HASH_SALT;
|
||||
char hash_expected[4096], hash[4096];
|
||||
int data_size, salt_size, hash_size_expected, hash_size;
|
||||
|
||||
data_size = strlen (data);
|
||||
salt_size = strlen (salt);
|
||||
|
||||
WEE_CHECK_HASH_PBKDF2(0, NULL, NULL, 0, 0, NULL, 0, 0);
|
||||
WEE_CHECK_HASH_PBKDF2(0, NULL, "test", 0, 0, NULL, 0, 0);
|
||||
WEE_CHECK_HASH_PBKDF2(0, NULL, "test", 4, GCRY_MD_SHA1, "salt", 4, 0);
|
||||
|
||||
/* SHA1 */
|
||||
WEE_CHECK_HASH_PBKDF2(1, DATA_HASH_PBKDF2_SHA1_1000,
|
||||
data, data_size,
|
||||
GCRY_MD_SHA1,
|
||||
DATA_HASH_SALT, salt_size,
|
||||
1000);
|
||||
WEE_CHECK_HASH_PBKDF2(1, DATA_HASH_PBKDF2_SHA1_100000,
|
||||
data, data_size,
|
||||
GCRY_MD_SHA1,
|
||||
DATA_HASH_SALT, salt_size,
|
||||
100000);
|
||||
|
||||
/* SHA256 */
|
||||
WEE_CHECK_HASH_PBKDF2(1, DATA_HASH_PBKDF2_SHA256_1000,
|
||||
data, data_size,
|
||||
GCRY_MD_SHA256,
|
||||
DATA_HASH_SALT, salt_size,
|
||||
1000);
|
||||
WEE_CHECK_HASH_PBKDF2(1, DATA_HASH_PBKDF2_SHA256_100000,
|
||||
data, data_size,
|
||||
GCRY_MD_SHA256,
|
||||
DATA_HASH_SALT, salt_size,
|
||||
100000);
|
||||
|
||||
/* SHA512 */
|
||||
WEE_CHECK_HASH_PBKDF2(1, DATA_HASH_PBKDF2_SHA512_1000,
|
||||
data, data_size,
|
||||
GCRY_MD_SHA512,
|
||||
DATA_HASH_SALT, salt_size,
|
||||
1000);
|
||||
WEE_CHECK_HASH_PBKDF2(1, DATA_HASH_PBKDF2_SHA512_100000,
|
||||
data, data_size,
|
||||
GCRY_MD_SHA512,
|
||||
DATA_HASH_SALT, salt_size,
|
||||
100000);
|
||||
}
|
||||
|
||||
/*
|
||||
* Tests functions:
|
||||
* secure_derive_key
|
||||
@@ -288,91 +138,3 @@ TEST(CoreSecure, EncryptDecryptData)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Tests functions:
|
||||
* secure_totp_generate
|
||||
*/
|
||||
|
||||
TEST(CoreSecure, TotpGenerate)
|
||||
{
|
||||
char *totp;
|
||||
|
||||
/* invalid secret */
|
||||
WEE_CHECK_TOTP_GENERATE(NULL, NULL, 0, 6);
|
||||
WEE_CHECK_TOTP_GENERATE(NULL, "", 0, 6);
|
||||
WEE_CHECK_TOTP_GENERATE(NULL, "not_in_base32_0189", 0, 6);
|
||||
|
||||
/* invalid number of digits (must be between 4 and 10) */
|
||||
WEE_CHECK_TOTP_GENERATE(NULL, TOTP_SECRET, 0, 3);
|
||||
WEE_CHECK_TOTP_GENERATE(NULL, TOTP_SECRET, 0, 11);
|
||||
|
||||
/* TOTP with 6 digits */
|
||||
WEE_CHECK_TOTP_GENERATE("065486", TOTP_SECRET, 1540624066, 6);
|
||||
WEE_CHECK_TOTP_GENERATE("640073", TOTP_SECRET, 1540624085, 6);
|
||||
WEE_CHECK_TOTP_GENERATE("725645", TOTP_SECRET, 1540624110, 6);
|
||||
|
||||
/* TOTP with 7 digits */
|
||||
WEE_CHECK_TOTP_GENERATE("0065486", TOTP_SECRET, 1540624066, 7);
|
||||
WEE_CHECK_TOTP_GENERATE("6640073", TOTP_SECRET, 1540624085, 7);
|
||||
WEE_CHECK_TOTP_GENERATE("4725645", TOTP_SECRET, 1540624110, 7);
|
||||
|
||||
/* TOTP with 8 digits */
|
||||
WEE_CHECK_TOTP_GENERATE("40065486", TOTP_SECRET, 1540624066, 8);
|
||||
WEE_CHECK_TOTP_GENERATE("16640073", TOTP_SECRET, 1540624085, 8);
|
||||
WEE_CHECK_TOTP_GENERATE("94725645", TOTP_SECRET, 1540624110, 8);
|
||||
}
|
||||
|
||||
/*
|
||||
* Tests functions:
|
||||
* secure_totp_validate
|
||||
*/
|
||||
|
||||
TEST(CoreSecure, TotpValidate)
|
||||
{
|
||||
/* invalid secret */
|
||||
WEE_CHECK_TOTP_VALIDATE(0, NULL, 0, 0, "123456");
|
||||
WEE_CHECK_TOTP_VALIDATE(0, "", 0, 0, "123456");
|
||||
WEE_CHECK_TOTP_VALIDATE(0, "not_in_base32_0189", 0, 0, "123456");
|
||||
|
||||
/* invalid window (must be ≥ 0) */
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 0, -1, "123456");
|
||||
|
||||
/* invalid OTP */
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 0, 0, NULL);
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 0, 0, "");
|
||||
|
||||
/* validation error (wrong OTP) */
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 1540624110, 0, "065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 1540624110, 1, "065486");
|
||||
|
||||
/* TOTP with 6 digits */
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624066, 0, "065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624085, 0, "640073");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624110, 0, "725645");
|
||||
|
||||
/* TOTP with 7 digits */
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624066, 0, "0065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624085, 0, "6640073");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624110, 0, "4725645");
|
||||
|
||||
/* TOTP with 7 digits */
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624066, 0, "40065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624085, 0, "16640073");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624110, 0, "94725645");
|
||||
|
||||
/* TOTP with 6 digits, using window */
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 1540624110, 0, "065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 1540624110, 1, "065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624110, 2, "065486");
|
||||
|
||||
/* TOTP with 7 digits, using window */
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 1540624110, 0, "0065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 1540624110, 1, "0065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624110, 2, "0065486");
|
||||
|
||||
/* TOTP with 8 digits, using window */
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 1540624110, 0, "40065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(0, TOTP_SECRET, 1540624110, 1, "40065486");
|
||||
WEE_CHECK_TOTP_VALIDATE(1, TOTP_SECRET, 1540624110, 2, "40065486");
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user