зеркало из https://github.com/mozilla/gecko-dev.git
193 строки
7.6 KiB
Java
193 строки
7.6 KiB
Java
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
package org.mozilla.gecko.tests;
|
|
|
|
import static org.mozilla.gecko.tests.helpers.AssertionHelper.fAssertArrayEquals;
|
|
import static org.mozilla.gecko.tests.helpers.AssertionHelper.fAssertEquals;
|
|
import static org.mozilla.gecko.tests.helpers.AssertionHelper.fAssertNotNull;
|
|
import static org.mozilla.gecko.tests.helpers.AssertionHelper.fFail;
|
|
|
|
import java.io.UnsupportedEncodingException;
|
|
import java.security.GeneralSecurityException;
|
|
import java.security.MessageDigest;
|
|
import java.security.NoSuchAlgorithmException;
|
|
|
|
import org.mozilla.gecko.background.nativecode.NativeCrypto;
|
|
import org.mozilla.gecko.sync.Utils;
|
|
import org.mozilla.gecko.tests.helpers.GeckoHelper;
|
|
|
|
import android.os.SystemClock;
|
|
|
|
/**
|
|
* Tests the Java wrapper over native implementations of crypto code. Test vectors from:
|
|
* * PBKDF2SHA256:
|
|
* - <https://github.com/ircmaxell/PHP-PasswordLib/blob/master/test/Data/Vectors/pbkdf2-draft-josefsson-sha256.test-vectors>
|
|
- <https://gitorious.org/scrypt/nettle-scrypt/blobs/37c0d5288e991604fe33dba2f1724986a8dddf56/testsuite/pbkdf2-test.c>
|
|
* SHA-1:
|
|
- <http://oauth.googlecode.com/svn/code/c/liboauth/src/sha1.c>
|
|
*/
|
|
public class testNativeCrypto extends UITest {
|
|
private final static String LOGTAG = "testNativeCrypto";
|
|
|
|
/**
|
|
* Robocop supports only a single test function per test class. Therefore, we
|
|
* have a single top-level test function that dispatches to sub-tests,
|
|
* accepting that we might fail part way through the cycle. Proper JUnit 3
|
|
* testing can't land soon enough!
|
|
*
|
|
* @throws Exception
|
|
*/
|
|
public void test() throws Exception {
|
|
// This test could complete very quickly. If it completes too soon, the
|
|
// minidumps directory may not be created before the process is
|
|
// taken down, causing bug 722166. But we can't run the test and then block
|
|
// for Gecko:Ready, since it may have arrived before we block. So we wait.
|
|
// Again, JUnit 3 can't land soon enough!
|
|
GeckoHelper.blockForReady();
|
|
|
|
_testPBKDF2SHA256A();
|
|
_testPBKDF2SHA256B();
|
|
_testPBKDF2SHA256C();
|
|
_testPBKDF2SHA256scryptA();
|
|
_testPBKDF2SHA256scryptB();
|
|
_testPBKDF2SHA256InvalidLenArg();
|
|
|
|
_testSHA1();
|
|
_testSHA1AgainstMessageDigest();
|
|
}
|
|
|
|
public void _testPBKDF2SHA256A() throws UnsupportedEncodingException, GeneralSecurityException {
|
|
final String p = "password";
|
|
final String s = "salt";
|
|
final int dkLen = 32;
|
|
|
|
checkPBKDF2SHA256(p, s, 1, dkLen, "120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b");
|
|
checkPBKDF2SHA256(p, s, 4096, dkLen, "c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a");
|
|
}
|
|
|
|
public void _testPBKDF2SHA256B() throws UnsupportedEncodingException, GeneralSecurityException {
|
|
final String p = "passwordPASSWORDpassword";
|
|
final String s = "saltSALTsaltSALTsaltSALTsaltSALTsalt";
|
|
final int dkLen = 40;
|
|
|
|
checkPBKDF2SHA256(p, s, 4096, dkLen, "348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9");
|
|
}
|
|
|
|
public void _testPBKDF2SHA256scryptA() throws UnsupportedEncodingException, GeneralSecurityException {
|
|
final String p = "passwd";
|
|
final String s = "salt";
|
|
final int dkLen = 64;
|
|
|
|
checkPBKDF2SHA256(p, s, 1, dkLen, "55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783");
|
|
}
|
|
|
|
public void _testPBKDF2SHA256scryptB() throws UnsupportedEncodingException, GeneralSecurityException {
|
|
final String p = "Password";
|
|
final String s = "NaCl";
|
|
final int dkLen = 64;
|
|
|
|
checkPBKDF2SHA256(p, s, 80000, dkLen, "4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d");
|
|
}
|
|
|
|
public void _testPBKDF2SHA256C() throws UnsupportedEncodingException, GeneralSecurityException {
|
|
final String p = "pass\0word";
|
|
final String s = "sa\0lt";
|
|
final int dkLen = 16;
|
|
|
|
checkPBKDF2SHA256(p, s, 4096, dkLen, "89b69d0516f829893c696226650a8687");
|
|
}
|
|
|
|
public void _testPBKDF2SHA256InvalidLenArg() throws UnsupportedEncodingException, GeneralSecurityException {
|
|
final String p = "password";
|
|
final String s = "salt";
|
|
final int c = 1;
|
|
final int dkLen = -1; // Should always be positive.
|
|
|
|
try {
|
|
final byte[] key = NativeCrypto.pbkdf2SHA256(p.getBytes("US-ASCII"), s.getBytes("US-ASCII"), c, dkLen);
|
|
fFail("Expected sha256 to throw with negative dkLen argument.");
|
|
} catch (IllegalArgumentException e) { } // Expected.
|
|
}
|
|
|
|
private void _testSHA1() throws UnsupportedEncodingException {
|
|
final String[] inputs = new String[] {
|
|
"abc",
|
|
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
|
"" // To be filled in below.
|
|
};
|
|
final String baseStr = "01234567";
|
|
final int repetitions = 80;
|
|
final StringBuilder builder = new StringBuilder(baseStr.length() * repetitions);
|
|
for (int i = 0; i < 80; ++i) {
|
|
builder.append(baseStr);
|
|
}
|
|
inputs[2] = builder.toString();
|
|
|
|
final String[] expecteds = new String[] {
|
|
"a9993e364706816aba3e25717850c26c9cd0d89d",
|
|
"84983e441c3bd26ebaae4aa1f95129e5e54670f1",
|
|
"dea356a2cddd90c7a7ecedc5ebb563934f460452"
|
|
};
|
|
|
|
for (int i = 0; i < inputs.length; ++i) {
|
|
final byte[] input = inputs[i].getBytes("US-ASCII");
|
|
final String expected = expecteds[i];
|
|
|
|
final byte[] actual = NativeCrypto.sha1(input);
|
|
fAssertNotNull("Hashed value is non-null", actual);
|
|
assertExpectedBytes(expected, actual);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Test to ensure the output of our SHA1 algo is the same as MessageDigest's. This is important
|
|
* because we intend to replace MessageDigest in FHR with this SHA-1 algo (bug 959652).
|
|
*/
|
|
private void _testSHA1AgainstMessageDigest() throws UnsupportedEncodingException,
|
|
NoSuchAlgorithmException {
|
|
final String[] inputs = {
|
|
"password",
|
|
"saranghae",
|
|
"aoeusnthaoeusnthaoeusnth \0 12345098765432109876_!"
|
|
};
|
|
|
|
final MessageDigest digest = MessageDigest.getInstance("SHA-1");
|
|
for (final String input : inputs) {
|
|
final byte[] inputBytes = input.getBytes("US-ASCII");
|
|
|
|
final byte[] mdBytes = digest.digest(inputBytes);
|
|
final byte[] ourBytes = NativeCrypto.sha1(inputBytes);
|
|
fAssertArrayEquals("MessageDigest hash is the same as NativeCrypto SHA-1 hash", mdBytes, ourBytes);
|
|
}
|
|
}
|
|
|
|
private void checkPBKDF2SHA256(String p, String s, int c, int dkLen, final String expectedStr)
|
|
throws GeneralSecurityException, UnsupportedEncodingException {
|
|
final long start = SystemClock.elapsedRealtime();
|
|
|
|
final byte[] key = NativeCrypto.pbkdf2SHA256(p.getBytes("US-ASCII"), s.getBytes("US-ASCII"), c, dkLen);
|
|
fAssertNotNull("Hash result is non-null", key);
|
|
|
|
final long end = SystemClock.elapsedRealtime();
|
|
dumpLog(LOGTAG, "SHA-256 " + c + " took " + (end - start) + "ms");
|
|
|
|
if (expectedStr == null) {
|
|
return;
|
|
}
|
|
|
|
fAssertEquals("Hash result is the appropriate length", dkLen,
|
|
Utils.hex2Byte(expectedStr).length);
|
|
assertExpectedBytes(expectedStr, key);
|
|
}
|
|
|
|
private void assertExpectedBytes(final String expectedStr, byte[] key) {
|
|
fAssertEquals("Expected string matches hash result", expectedStr, Utils.byte2Hex(key));
|
|
final byte[] expected = Utils.hex2Byte(expectedStr);
|
|
|
|
fAssertEquals("Expected byte array length matches key length", expected.length, key.length);
|
|
fAssertArrayEquals("Expected byte array matches key byte array", expected, key);
|
|
}
|
|
}
|