pgcrypto update:

* test error handling
* add tests for des, 3des, cast5
* add some tests to blowfish, rijndael
* Makefile: ability to specify different tests for different crypto
  libraries, so we can skip des, 3des and cast5 for builtin.

Marko Kreen
This commit is contained in:
Neil Conway 2005-03-21 05:24:52 +00:00
parent 19b676869a
commit 6a8eb1a7b6
13 changed files with 418 additions and 1 deletions

View File

@ -1,5 +1,5 @@
# #
# $PostgreSQL: pgsql/contrib/pgcrypto/Makefile,v 1.13 2005/03/21 05:17:16 neilc Exp $ # $PostgreSQL: pgsql/contrib/pgcrypto/Makefile,v 1.14 2005/03/21 05:24:51 neilc Exp $
# #
# either 'builtin', 'openssl' # either 'builtin', 'openssl'
@ -26,12 +26,14 @@ ifeq ($(cryptolib), builtin)
CRYPTO_CFLAGS = CRYPTO_CFLAGS =
CRYPTO_LDFLAGS = CRYPTO_LDFLAGS =
SRCS = md5.c sha1.c internal.c blf.c rijndael.c SRCS = md5.c sha1.c internal.c blf.c rijndael.c
EXTRA_TESTS =
endif endif
ifeq ($(cryptolib), openssl) ifeq ($(cryptolib), openssl)
CRYPTO_CFLAGS = -I/usr/include/openssl CRYPTO_CFLAGS = -I/usr/include/openssl
CRYPTO_LDFLAGS = -lcrypto CRYPTO_LDFLAGS = -lcrypto
SRCS = openssl.c SRCS = openssl.c
EXTRA_TESTS = des 3des cast5
endif endif
ifeq ($(cryptsrc), builtin) ifeq ($(cryptsrc), builtin)
@ -63,6 +65,7 @@ PG_CPPFLAGS = $(CRYPTO_CFLAGS) -I$(srcdir)
SHLIB_LINK = $(CRYPTO_LDFLAGS) SHLIB_LINK = $(CRYPTO_LDFLAGS)
REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \ REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \
$(EXTRA_TESTS) \
crypt-des crypt-md5 crypt-blowfish crypt-xdes crypt-des crypt-md5 crypt-blowfish crypt-xdes

View File

@ -0,0 +1,56 @@
--
-- 3DES cipher
--
-- test vector from somewhere
SELECT encode(encrypt(
decode('80 00 00 00 00 00 00 00', 'hex'),
decode('01 01 01 01 01 01 01 01
01 01 01 01 01 01 01 01
01 01 01 01 01 01 01 01', 'hex'),
'3des-ecb/pad:none'), 'hex');
encode
------------------
95f8a5e5dd31d900
(1 row)
-- val 95 F8 A5 E5 DD 31 D9 00
select encode( encrypt('', 'foo', '3des'), 'hex');
encode
------------------
9b641a6936249eb4
(1 row)
-- 10 bytes key
select encode( encrypt('foo', '0123456789', '3des'), 'hex');
encode
------------------
6f02b7076a366504
(1 row)
-- 22 bytes key
select encode( encrypt('foo', '0123456789012345678901', '3des'), 'hex');
encode
------------------
a44360e699269817
(1 row)
-- decrypt
select decrypt(encrypt('foo', '0123456', '3des'), '0123456', '3des');
decrypt
---------
foo
(1 row)
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', '3des'), 'hex');
encode
------------------
df27c264fb24ed7a
(1 row)
select decrypt_iv(decode('df27c264fb24ed7a', 'hex'), '0123456', 'abcd', '3des');
decrypt_iv
------------
foo
(1 row)

View File

@ -106,3 +106,55 @@ decode('37363534333231204e6f77206973207468652074696d6520666f722000', 'hex'),
3ea6357a0ee7fad6d0c4b63464f2aafa40c2e91b4b7e1bba8114932fd92b5c8f111e7e50e7b2e541 3ea6357a0ee7fad6d0c4b63464f2aafa40c2e91b4b7e1bba8114932fd92b5c8f111e7e50e7b2e541
(1 row) (1 row)
-- blowfish-448
SELECT encode(encrypt(
decode('fedcba9876543210', 'hex'),
decode('f0e1d2c3b4a5968778695a4b3c2d1e0f001122334455667704689104c2fd3b2f584023641aba61761f1f1f1f0e0e0e0effffffffffffffff', 'hex'),
'bf-ecb/pad:none'), 'hex');
encode
------------------
c04504012e4e1f53
(1 row)
-- result: c04504012e4e1f53
-- empty data
select encode( encrypt('', 'foo', 'bf'), 'hex');
encode
------------------
1871949bb2311c8e
(1 row)
-- 10 bytes key
select encode( encrypt('foo', '0123456789', 'bf'), 'hex');
encode
------------------
42f58af3b2c03f46
(1 row)
-- 22 bytes key
select encode( encrypt('foo', '0123456789012345678901', 'bf'), 'hex');
encode
------------------
86ab6f0bc72b5f22
(1 row)
-- decrypt
select decrypt(encrypt('foo', '0123456', 'bf'), '0123456', 'bf');
decrypt
---------
foo
(1 row)
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', 'bf'), 'hex');
encode
------------------
95c7e89322525d59
(1 row)
select decrypt_iv(decode('95c7e89322525d59', 'hex'), '0123456', 'abcd', 'bf');
decrypt_iv
------------
foo
(1 row)

View File

@ -0,0 +1,73 @@
--
-- Cast5 cipher
--
-- test vectors from RFC2144
-- 128 bit key
SELECT encode(encrypt(
decode('01 23 45 67 89 AB CD EF', 'hex'),
decode('01 23 45 67 12 34 56 78 23 45 67 89 34 56 78 9A', 'hex'),
'cast5-ecb/pad:none'), 'hex');
encode
------------------
238b4fe5847e44b2
(1 row)
-- result: 23 8B 4F E5 84 7E 44 B2
-- 80 bit key
SELECT encode(encrypt(
decode('01 23 45 67 89 AB CD EF', 'hex'),
decode('01 23 45 67 12 34 56 78 23 45', 'hex'),
'cast5-ecb/pad:none'), 'hex');
encode
------------------
eb6a711a2c02271b
(1 row)
-- result: EB 6A 71 1A 2C 02 27 1B
-- 40 bit key
SELECT encode(encrypt(
decode('01 23 45 67 89 AB CD EF', 'hex'),
decode('01 23 45 67 12', 'hex'),
'cast5-ecb/pad:none'), 'hex');
encode
------------------
7ac816d16e9b302e
(1 row)
-- result: 7A C8 16 D1 6E 9B 30 2E
-- cbc
-- empty data
select encode( encrypt('', 'foo', 'cast5'), 'hex');
encode
------------------
a48bd1aabde4de10
(1 row)
-- 10 bytes key
select encode( encrypt('foo', '0123456789', 'cast5'), 'hex');
encode
------------------
b07f19255e60cb6d
(1 row)
-- decrypt
select decrypt(encrypt('foo', '0123456', 'cast5'), '0123456', 'cast5');
decrypt
---------
foo
(1 row)
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', 'cast5'), 'hex');
encode
------------------
384a970695ce016a
(1 row)
select decrypt_iv(decode('384a970695ce016a', 'hex'),
'0123456', 'abcd', 'cast5');
decrypt_iv
------------
foo
(1 row)

View File

@ -0,0 +1,48 @@
--
-- DES cipher
--
-- no official test vectors atm
-- from blowfish.sql
SELECT encode(encrypt(
decode('0123456789abcdef', 'hex'),
decode('fedcba9876543210', 'hex'),
'des-ecb/pad:none'), 'hex');
encode
------------------
ed39d950fa74bcc4
(1 row)
-- empty data
select encode( encrypt('', 'foo', 'des'), 'hex');
encode
------------------
752111e37a2d7ac3
(1 row)
-- 8 bytes key
select encode( encrypt('foo', '01234589', 'des'), 'hex');
encode
------------------
dec0f9c602b647a8
(1 row)
-- decrypt
select decrypt(encrypt('foo', '0123456', 'des'), '0123456', 'des');
decrypt
---------
foo
(1 row)
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', 'des'), 'hex');
encode
------------------
50735067b073bb93
(1 row)
select decrypt_iv(decode('50735067b073bb93', 'hex'), '0123456', 'abcd', 'des');
decrypt_iv
------------
foo
(1 row)

View File

@ -15,3 +15,12 @@ SELECT decode('666f6f', 'hex');
foo foo
(1 row) (1 row)
-- check error handling
select gen_salt('foo');
ERROR: gen_salt: Unknown salt algorithm
select digest('foo', 'foo');
ERROR: Cannot use "foo": No such hash algorithm
select hmac('foo', 'foo', 'foo');
ERROR: Cannot use "foo": No such hash algorithm
select encrypt('foo', 'foo', 'foo');
ERROR: Cannot use "foo": No such cipher algorithm

View File

@ -67,3 +67,45 @@ decode('000102030405060708090a0b0c0d0e0f101112131415161718191a1b', 'hex'),
4facb6a041d53e0a5a73289170901fe7 4facb6a041d53e0a5a73289170901fe7
(1 row) (1 row)
-- empty data
select encode( encrypt('', 'foo', 'aes'), 'hex');
encode
----------------------------------
b48cc3338a2eb293b6007ef72c360d48
(1 row)
-- 10 bytes key
select encode( encrypt('foo', '0123456789', 'aes'), 'hex');
encode
----------------------------------
f397f03d2819b7172b68d0706fda4693
(1 row)
-- 22 bytes key
select encode( encrypt('foo', '0123456789012345678901', 'aes'), 'hex');
encode
----------------------------------
5c9db77af02b4678117bcd8a71ae7f53
(1 row)
-- decrypt
select decrypt(encrypt('foo', '0123456', 'aes'), '0123456', 'aes');
decrypt
---------
foo
(1 row)
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', 'aes'), 'hex');
encode
----------------------------------
2c24cb7da91d6d5699801268b0f5adad
(1 row)
select decrypt_iv(decode('2c24cb7da91d6d5699801268b0f5adad', 'hex'),
'0123456', 'abcd', 'aes');
decrypt_iv
------------
foo
(1 row)

View File

@ -0,0 +1,26 @@
--
-- 3DES cipher
--
-- test vector from somewhere
SELECT encode(encrypt(
decode('80 00 00 00 00 00 00 00', 'hex'),
decode('01 01 01 01 01 01 01 01
01 01 01 01 01 01 01 01
01 01 01 01 01 01 01 01', 'hex'),
'3des-ecb/pad:none'), 'hex');
-- val 95 F8 A5 E5 DD 31 D9 00
select encode( encrypt('', 'foo', '3des'), 'hex');
-- 10 bytes key
select encode( encrypt('foo', '0123456789', '3des'), 'hex');
-- 22 bytes key
select encode( encrypt('foo', '0123456789012345678901', '3des'), 'hex');
-- decrypt
select decrypt(encrypt('foo', '0123456', '3des'), '0123456', '3des');
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', '3des'), 'hex');
select decrypt_iv(decode('df27c264fb24ed7a', 'hex'), '0123456', 'abcd', '3des');

View File

@ -64,3 +64,24 @@ decode('6b77b4d63006dee605b156e27403979358deb9e7154616d959f1652bd5ff92cc', 'hex'
decode('37363534333231204e6f77206973207468652074696d6520666f722000', 'hex'), decode('37363534333231204e6f77206973207468652074696d6520666f722000', 'hex'),
'bf-cbc'), 'hex'); 'bf-cbc'), 'hex');
-- blowfish-448
SELECT encode(encrypt(
decode('fedcba9876543210', 'hex'),
decode('f0e1d2c3b4a5968778695a4b3c2d1e0f001122334455667704689104c2fd3b2f584023641aba61761f1f1f1f0e0e0e0effffffffffffffff', 'hex'),
'bf-ecb/pad:none'), 'hex');
-- result: c04504012e4e1f53
-- empty data
select encode( encrypt('', 'foo', 'bf'), 'hex');
-- 10 bytes key
select encode( encrypt('foo', '0123456789', 'bf'), 'hex');
-- 22 bytes key
select encode( encrypt('foo', '0123456789012345678901', 'bf'), 'hex');
-- decrypt
select decrypt(encrypt('foo', '0123456', 'bf'), '0123456', 'bf');
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', 'bf'), 'hex');
select decrypt_iv(decode('95c7e89322525d59', 'hex'), '0123456', 'abcd', 'bf');

View File

@ -0,0 +1,42 @@
--
-- Cast5 cipher
--
-- test vectors from RFC2144
-- 128 bit key
SELECT encode(encrypt(
decode('01 23 45 67 89 AB CD EF', 'hex'),
decode('01 23 45 67 12 34 56 78 23 45 67 89 34 56 78 9A', 'hex'),
'cast5-ecb/pad:none'), 'hex');
-- result: 23 8B 4F E5 84 7E 44 B2
-- 80 bit key
SELECT encode(encrypt(
decode('01 23 45 67 89 AB CD EF', 'hex'),
decode('01 23 45 67 12 34 56 78 23 45', 'hex'),
'cast5-ecb/pad:none'), 'hex');
-- result: EB 6A 71 1A 2C 02 27 1B
-- 40 bit key
SELECT encode(encrypt(
decode('01 23 45 67 89 AB CD EF', 'hex'),
decode('01 23 45 67 12', 'hex'),
'cast5-ecb/pad:none'), 'hex');
-- result: 7A C8 16 D1 6E 9B 30 2E
-- cbc
-- empty data
select encode( encrypt('', 'foo', 'cast5'), 'hex');
-- 10 bytes key
select encode( encrypt('foo', '0123456789', 'cast5'), 'hex');
-- decrypt
select decrypt(encrypt('foo', '0123456', 'cast5'), '0123456', 'cast5');
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', 'cast5'), 'hex');
select decrypt_iv(decode('384a970695ce016a', 'hex'),
'0123456', 'abcd', 'cast5');

View File

@ -0,0 +1,24 @@
--
-- DES cipher
--
-- no official test vectors atm
-- from blowfish.sql
SELECT encode(encrypt(
decode('0123456789abcdef', 'hex'),
decode('fedcba9876543210', 'hex'),
'des-ecb/pad:none'), 'hex');
-- empty data
select encode( encrypt('', 'foo', 'des'), 'hex');
-- 8 bytes key
select encode( encrypt('foo', '01234589', 'des'), 'hex');
-- decrypt
select decrypt(encrypt('foo', '0123456', 'des'), '0123456', 'des');
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', 'des'), 'hex');
select decrypt_iv(decode('50735067b073bb93', 'hex'), '0123456', 'abcd', 'des');

View File

@ -10,3 +10,9 @@
SELECT encode('foo', 'hex'); SELECT encode('foo', 'hex');
SELECT decode('666f6f', 'hex'); SELECT decode('666f6f', 'hex');
-- check error handling
select gen_salt('foo');
select digest('foo', 'foo');
select hmac('foo', 'foo', 'foo');
select encrypt('foo', 'foo', 'foo');

View File

@ -41,3 +41,18 @@ decode('0011223344', 'hex'),
decode('000102030405060708090a0b0c0d0e0f101112131415161718191a1b', 'hex'), decode('000102030405060708090a0b0c0d0e0f101112131415161718191a1b', 'hex'),
'aes-cbc'), 'hex'); 'aes-cbc'), 'hex');
-- empty data
select encode( encrypt('', 'foo', 'aes'), 'hex');
-- 10 bytes key
select encode( encrypt('foo', '0123456789', 'aes'), 'hex');
-- 22 bytes key
select encode( encrypt('foo', '0123456789012345678901', 'aes'), 'hex');
-- decrypt
select decrypt(encrypt('foo', '0123456', 'aes'), '0123456', 'aes');
-- iv
select encode(encrypt_iv('foo', '0123456', 'abcd', 'aes'), 'hex');
select decrypt_iv(decode('2c24cb7da91d6d5699801268b0f5adad', 'hex'),
'0123456', 'abcd', 'aes');