summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNeil Conway2005-03-21 05:24:52 +0000
committerNeil Conway2005-03-21 05:24:52 +0000
commit6a8eb1a7b6dd48bceca9ed0e449ef8d1c09967e3 (patch)
tree82eb3fdb7fe865763ecf145058571ced87d230a2
parent19b676869a1d9c1bf25a2332bdbe04bb9027c340 (diff)
pgcrypto update:
* test error handling * add tests for des, 3des, cast5 * add some tests to blowfish, rijndael * Makefile: ability to specify different tests for different crypto libraries, so we can skip des, 3des and cast5 for builtin. Marko Kreen
-rw-r--r--contrib/pgcrypto/Makefile5
-rw-r--r--contrib/pgcrypto/expected/3des.out56
-rw-r--r--contrib/pgcrypto/expected/blowfish.out52
-rw-r--r--contrib/pgcrypto/expected/cast5.out73
-rw-r--r--contrib/pgcrypto/expected/des.out48
-rw-r--r--contrib/pgcrypto/expected/init.out9
-rw-r--r--contrib/pgcrypto/expected/rijndael.out42
-rw-r--r--contrib/pgcrypto/sql/3des.sql26
-rw-r--r--contrib/pgcrypto/sql/blowfish.sql21
-rw-r--r--contrib/pgcrypto/sql/cast5.sql42
-rw-r--r--contrib/pgcrypto/sql/des.sql24
-rw-r--r--contrib/pgcrypto/sql/init.sql6
-rw-r--r--contrib/pgcrypto/sql/rijndael.sql15
13 files changed, 418 insertions, 1 deletions
diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
index 4b79d9febd..5e92f92945 100644
--- a/contrib/pgcrypto/Makefile
+++ b/contrib/pgcrypto/Makefile
@@ -1,5 +1,5 @@
#
-# $PostgreSQL: pgsql/contrib/pgcrypto/Makefile,v 1.13 2005/03/21 05:17:16 neilc Exp $
+# $PostgreSQL: pgsql/contrib/pgcrypto/Makefile,v 1.14 2005/03/21 05:24:51 neilc Exp $
#
# either 'builtin', 'openssl'
@@ -26,12 +26,14 @@ ifeq ($(cryptolib), builtin)
CRYPTO_CFLAGS =
CRYPTO_LDFLAGS =
SRCS = md5.c sha1.c internal.c blf.c rijndael.c
+EXTRA_TESTS =
endif
ifeq ($(cryptolib), openssl)
CRYPTO_CFLAGS = -I/usr/include/openssl
CRYPTO_LDFLAGS = -lcrypto
SRCS = openssl.c
+EXTRA_TESTS = des 3des cast5
endif
ifeq ($(cryptsrc), builtin)
@@ -63,6 +65,7 @@ PG_CPPFLAGS = $(CRYPTO_CFLAGS) -I$(srcdir)
SHLIB_LINK = $(CRYPTO_LDFLAGS)
REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \
+ $(EXTRA_TESTS) \
crypt-des crypt-md5 crypt-blowfish crypt-xdes
diff --git a/contrib/pgcrypto/expected/3des.out b/contrib/pgcrypto/expected/3des.out
new file mode 100644
index 0000000000..51de60b2bc
--- /dev/null
+++ b/contrib/pgcrypto/expected/3des.out
@@ -0,0 +1,56 @@
+--
+-- 3DES cipher
+--
+-- test vector from somewhere
+SELECT encode(encrypt(
+decode('80 00 00 00 00 00 00 00', 'hex'),
+decode('01 01 01 01 01 01 01 01
+ 01 01 01 01 01 01 01 01
+ 01 01 01 01 01 01 01 01', 'hex'),
+'3des-ecb/pad:none'), 'hex');
+ encode
+------------------
+ 95f8a5e5dd31d900
+(1 row)
+
+-- val 95 F8 A5 E5 DD 31 D9 00
+select encode( encrypt('', 'foo', '3des'), 'hex');
+ encode
+------------------
+ 9b641a6936249eb4
+(1 row)
+
+-- 10 bytes key
+select encode( encrypt('foo', '0123456789', '3des'), 'hex');
+ encode
+------------------
+ 6f02b7076a366504
+(1 row)
+
+-- 22 bytes key
+select encode( encrypt('foo', '0123456789012345678901', '3des'), 'hex');
+ encode
+------------------
+ a44360e699269817
+(1 row)
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', '3des'), '0123456', '3des');
+ decrypt
+---------
+ foo
+(1 row)
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', '3des'), 'hex');
+ encode
+------------------
+ df27c264fb24ed7a
+(1 row)
+
+select decrypt_iv(decode('df27c264fb24ed7a', 'hex'), '0123456', 'abcd', '3des');
+ decrypt_iv
+------------
+ foo
+(1 row)
+
diff --git a/contrib/pgcrypto/expected/blowfish.out b/contrib/pgcrypto/expected/blowfish.out
index 5a13b7669c..7558aa937a 100644
--- a/contrib/pgcrypto/expected/blowfish.out
+++ b/contrib/pgcrypto/expected/blowfish.out
@@ -106,3 +106,55 @@ decode('37363534333231204e6f77206973207468652074696d6520666f722000', 'hex'),
3ea6357a0ee7fad6d0c4b63464f2aafa40c2e91b4b7e1bba8114932fd92b5c8f111e7e50e7b2e541
(1 row)
+-- blowfish-448
+SELECT encode(encrypt(
+decode('fedcba9876543210', 'hex'),
+decode('f0e1d2c3b4a5968778695a4b3c2d1e0f001122334455667704689104c2fd3b2f584023641aba61761f1f1f1f0e0e0e0effffffffffffffff', 'hex'),
+'bf-ecb/pad:none'), 'hex');
+ encode
+------------------
+ c04504012e4e1f53
+(1 row)
+
+-- result: c04504012e4e1f53
+-- empty data
+select encode( encrypt('', 'foo', 'bf'), 'hex');
+ encode
+------------------
+ 1871949bb2311c8e
+(1 row)
+
+-- 10 bytes key
+select encode( encrypt('foo', '0123456789', 'bf'), 'hex');
+ encode
+------------------
+ 42f58af3b2c03f46
+(1 row)
+
+-- 22 bytes key
+select encode( encrypt('foo', '0123456789012345678901', 'bf'), 'hex');
+ encode
+------------------
+ 86ab6f0bc72b5f22
+(1 row)
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', 'bf'), '0123456', 'bf');
+ decrypt
+---------
+ foo
+(1 row)
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', 'bf'), 'hex');
+ encode
+------------------
+ 95c7e89322525d59
+(1 row)
+
+select decrypt_iv(decode('95c7e89322525d59', 'hex'), '0123456', 'abcd', 'bf');
+ decrypt_iv
+------------
+ foo
+(1 row)
+
diff --git a/contrib/pgcrypto/expected/cast5.out b/contrib/pgcrypto/expected/cast5.out
new file mode 100644
index 0000000000..f5b3cf6750
--- /dev/null
+++ b/contrib/pgcrypto/expected/cast5.out
@@ -0,0 +1,73 @@
+--
+-- Cast5 cipher
+--
+-- test vectors from RFC2144
+-- 128 bit key
+SELECT encode(encrypt(
+decode('01 23 45 67 89 AB CD EF', 'hex'),
+decode('01 23 45 67 12 34 56 78 23 45 67 89 34 56 78 9A', 'hex'),
+'cast5-ecb/pad:none'), 'hex');
+ encode
+------------------
+ 238b4fe5847e44b2
+(1 row)
+
+-- result: 23 8B 4F E5 84 7E 44 B2
+-- 80 bit key
+SELECT encode(encrypt(
+decode('01 23 45 67 89 AB CD EF', 'hex'),
+decode('01 23 45 67 12 34 56 78 23 45', 'hex'),
+'cast5-ecb/pad:none'), 'hex');
+ encode
+------------------
+ eb6a711a2c02271b
+(1 row)
+
+-- result: EB 6A 71 1A 2C 02 27 1B
+-- 40 bit key
+SELECT encode(encrypt(
+decode('01 23 45 67 89 AB CD EF', 'hex'),
+decode('01 23 45 67 12', 'hex'),
+'cast5-ecb/pad:none'), 'hex');
+ encode
+------------------
+ 7ac816d16e9b302e
+(1 row)
+
+-- result: 7A C8 16 D1 6E 9B 30 2E
+-- cbc
+-- empty data
+select encode( encrypt('', 'foo', 'cast5'), 'hex');
+ encode
+------------------
+ a48bd1aabde4de10
+(1 row)
+
+-- 10 bytes key
+select encode( encrypt('foo', '0123456789', 'cast5'), 'hex');
+ encode
+------------------
+ b07f19255e60cb6d
+(1 row)
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', 'cast5'), '0123456', 'cast5');
+ decrypt
+---------
+ foo
+(1 row)
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', 'cast5'), 'hex');
+ encode
+------------------
+ 384a970695ce016a
+(1 row)
+
+select decrypt_iv(decode('384a970695ce016a', 'hex'),
+ '0123456', 'abcd', 'cast5');
+ decrypt_iv
+------------
+ foo
+(1 row)
+
diff --git a/contrib/pgcrypto/expected/des.out b/contrib/pgcrypto/expected/des.out
new file mode 100644
index 0000000000..333b30d8cc
--- /dev/null
+++ b/contrib/pgcrypto/expected/des.out
@@ -0,0 +1,48 @@
+--
+-- DES cipher
+--
+-- no official test vectors atm
+-- from blowfish.sql
+SELECT encode(encrypt(
+decode('0123456789abcdef', 'hex'),
+decode('fedcba9876543210', 'hex'),
+'des-ecb/pad:none'), 'hex');
+ encode
+------------------
+ ed39d950fa74bcc4
+(1 row)
+
+-- empty data
+select encode( encrypt('', 'foo', 'des'), 'hex');
+ encode
+------------------
+ 752111e37a2d7ac3
+(1 row)
+
+-- 8 bytes key
+select encode( encrypt('foo', '01234589', 'des'), 'hex');
+ encode
+------------------
+ dec0f9c602b647a8
+(1 row)
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', 'des'), '0123456', 'des');
+ decrypt
+---------
+ foo
+(1 row)
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', 'des'), 'hex');
+ encode
+------------------
+ 50735067b073bb93
+(1 row)
+
+select decrypt_iv(decode('50735067b073bb93', 'hex'), '0123456', 'abcd', 'des');
+ decrypt_iv
+------------
+ foo
+(1 row)
+
diff --git a/contrib/pgcrypto/expected/init.out b/contrib/pgcrypto/expected/init.out
index 509f454047..3252d4276e 100644
--- a/contrib/pgcrypto/expected/init.out
+++ b/contrib/pgcrypto/expected/init.out
@@ -15,3 +15,12 @@ SELECT decode('666f6f', 'hex');
foo
(1 row)
+-- check error handling
+select gen_salt('foo');
+ERROR: gen_salt: Unknown salt algorithm
+select digest('foo', 'foo');
+ERROR: Cannot use "foo": No such hash algorithm
+select hmac('foo', 'foo', 'foo');
+ERROR: Cannot use "foo": No such hash algorithm
+select encrypt('foo', 'foo', 'foo');
+ERROR: Cannot use "foo": No such cipher algorithm
diff --git a/contrib/pgcrypto/expected/rijndael.out b/contrib/pgcrypto/expected/rijndael.out
index a5dc8ce620..fbbbc87189 100644
--- a/contrib/pgcrypto/expected/rijndael.out
+++ b/contrib/pgcrypto/expected/rijndael.out
@@ -67,3 +67,45 @@ decode('000102030405060708090a0b0c0d0e0f101112131415161718191a1b', 'hex'),
4facb6a041d53e0a5a73289170901fe7
(1 row)
+-- empty data
+select encode( encrypt('', 'foo', 'aes'), 'hex');
+ encode
+----------------------------------
+ b48cc3338a2eb293b6007ef72c360d48
+(1 row)
+
+-- 10 bytes key
+select encode( encrypt('foo', '0123456789', 'aes'), 'hex');
+ encode
+----------------------------------
+ f397f03d2819b7172b68d0706fda4693
+(1 row)
+
+-- 22 bytes key
+select encode( encrypt('foo', '0123456789012345678901', 'aes'), 'hex');
+ encode
+----------------------------------
+ 5c9db77af02b4678117bcd8a71ae7f53
+(1 row)
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', 'aes'), '0123456', 'aes');
+ decrypt
+---------
+ foo
+(1 row)
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', 'aes'), 'hex');
+ encode
+----------------------------------
+ 2c24cb7da91d6d5699801268b0f5adad
+(1 row)
+
+select decrypt_iv(decode('2c24cb7da91d6d5699801268b0f5adad', 'hex'),
+ '0123456', 'abcd', 'aes');
+ decrypt_iv
+------------
+ foo
+(1 row)
+
diff --git a/contrib/pgcrypto/sql/3des.sql b/contrib/pgcrypto/sql/3des.sql
new file mode 100644
index 0000000000..f3c01e2908
--- /dev/null
+++ b/contrib/pgcrypto/sql/3des.sql
@@ -0,0 +1,26 @@
+--
+-- 3DES cipher
+--
+
+-- test vector from somewhere
+SELECT encode(encrypt(
+decode('80 00 00 00 00 00 00 00', 'hex'),
+decode('01 01 01 01 01 01 01 01
+ 01 01 01 01 01 01 01 01
+ 01 01 01 01 01 01 01 01', 'hex'),
+'3des-ecb/pad:none'), 'hex');
+-- val 95 F8 A5 E5 DD 31 D9 00
+
+select encode( encrypt('', 'foo', '3des'), 'hex');
+-- 10 bytes key
+select encode( encrypt('foo', '0123456789', '3des'), 'hex');
+-- 22 bytes key
+select encode( encrypt('foo', '0123456789012345678901', '3des'), 'hex');
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', '3des'), '0123456', '3des');
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', '3des'), 'hex');
+select decrypt_iv(decode('df27c264fb24ed7a', 'hex'), '0123456', 'abcd', '3des');
+
diff --git a/contrib/pgcrypto/sql/blowfish.sql b/contrib/pgcrypto/sql/blowfish.sql
index e5f6ddccf3..565282cb0f 100644
--- a/contrib/pgcrypto/sql/blowfish.sql
+++ b/contrib/pgcrypto/sql/blowfish.sql
@@ -64,3 +64,24 @@ decode('6b77b4d63006dee605b156e27403979358deb9e7154616d959f1652bd5ff92cc', 'hex'
decode('37363534333231204e6f77206973207468652074696d6520666f722000', 'hex'),
'bf-cbc'), 'hex');
+-- blowfish-448
+SELECT encode(encrypt(
+decode('fedcba9876543210', 'hex'),
+decode('f0e1d2c3b4a5968778695a4b3c2d1e0f001122334455667704689104c2fd3b2f584023641aba61761f1f1f1f0e0e0e0effffffffffffffff', 'hex'),
+'bf-ecb/pad:none'), 'hex');
+-- result: c04504012e4e1f53
+
+-- empty data
+select encode( encrypt('', 'foo', 'bf'), 'hex');
+-- 10 bytes key
+select encode( encrypt('foo', '0123456789', 'bf'), 'hex');
+-- 22 bytes key
+select encode( encrypt('foo', '0123456789012345678901', 'bf'), 'hex');
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', 'bf'), '0123456', 'bf');
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', 'bf'), 'hex');
+select decrypt_iv(decode('95c7e89322525d59', 'hex'), '0123456', 'abcd', 'bf');
+
diff --git a/contrib/pgcrypto/sql/cast5.sql b/contrib/pgcrypto/sql/cast5.sql
new file mode 100644
index 0000000000..553ae4f0f2
--- /dev/null
+++ b/contrib/pgcrypto/sql/cast5.sql
@@ -0,0 +1,42 @@
+--
+-- Cast5 cipher
+--
+
+-- test vectors from RFC2144
+
+-- 128 bit key
+SELECT encode(encrypt(
+decode('01 23 45 67 89 AB CD EF', 'hex'),
+decode('01 23 45 67 12 34 56 78 23 45 67 89 34 56 78 9A', 'hex'),
+'cast5-ecb/pad:none'), 'hex');
+-- result: 23 8B 4F E5 84 7E 44 B2
+
+-- 80 bit key
+SELECT encode(encrypt(
+decode('01 23 45 67 89 AB CD EF', 'hex'),
+decode('01 23 45 67 12 34 56 78 23 45', 'hex'),
+'cast5-ecb/pad:none'), 'hex');
+-- result: EB 6A 71 1A 2C 02 27 1B
+
+-- 40 bit key
+SELECT encode(encrypt(
+decode('01 23 45 67 89 AB CD EF', 'hex'),
+decode('01 23 45 67 12', 'hex'),
+'cast5-ecb/pad:none'), 'hex');
+-- result: 7A C8 16 D1 6E 9B 30 2E
+
+-- cbc
+
+-- empty data
+select encode( encrypt('', 'foo', 'cast5'), 'hex');
+-- 10 bytes key
+select encode( encrypt('foo', '0123456789', 'cast5'), 'hex');
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', 'cast5'), '0123456', 'cast5');
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', 'cast5'), 'hex');
+select decrypt_iv(decode('384a970695ce016a', 'hex'),
+ '0123456', 'abcd', 'cast5');
+
diff --git a/contrib/pgcrypto/sql/des.sql b/contrib/pgcrypto/sql/des.sql
new file mode 100644
index 0000000000..3b55ca5e3a
--- /dev/null
+++ b/contrib/pgcrypto/sql/des.sql
@@ -0,0 +1,24 @@
+--
+-- DES cipher
+--
+
+-- no official test vectors atm
+
+-- from blowfish.sql
+SELECT encode(encrypt(
+decode('0123456789abcdef', 'hex'),
+decode('fedcba9876543210', 'hex'),
+'des-ecb/pad:none'), 'hex');
+
+-- empty data
+select encode( encrypt('', 'foo', 'des'), 'hex');
+-- 8 bytes key
+select encode( encrypt('foo', '01234589', 'des'), 'hex');
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', 'des'), '0123456', 'des');
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', 'des'), 'hex');
+select decrypt_iv(decode('50735067b073bb93', 'hex'), '0123456', 'abcd', 'des');
+
diff --git a/contrib/pgcrypto/sql/init.sql b/contrib/pgcrypto/sql/init.sql
index 9d38cb5854..e536e67ea3 100644
--- a/contrib/pgcrypto/sql/init.sql
+++ b/contrib/pgcrypto/sql/init.sql
@@ -10,3 +10,9 @@
SELECT encode('foo', 'hex');
SELECT decode('666f6f', 'hex');
+-- check error handling
+select gen_salt('foo');
+select digest('foo', 'foo');
+select hmac('foo', 'foo', 'foo');
+select encrypt('foo', 'foo', 'foo');
+
diff --git a/contrib/pgcrypto/sql/rijndael.sql b/contrib/pgcrypto/sql/rijndael.sql
index 6f3dfc9622..c609a635df 100644
--- a/contrib/pgcrypto/sql/rijndael.sql
+++ b/contrib/pgcrypto/sql/rijndael.sql
@@ -41,3 +41,18 @@ decode('0011223344', 'hex'),
decode('000102030405060708090a0b0c0d0e0f101112131415161718191a1b', 'hex'),
'aes-cbc'), 'hex');
+-- empty data
+select encode( encrypt('', 'foo', 'aes'), 'hex');
+-- 10 bytes key
+select encode( encrypt('foo', '0123456789', 'aes'), 'hex');
+-- 22 bytes key
+select encode( encrypt('foo', '0123456789012345678901', 'aes'), 'hex');
+
+-- decrypt
+select decrypt(encrypt('foo', '0123456', 'aes'), '0123456', 'aes');
+
+-- iv
+select encode(encrypt_iv('foo', '0123456', 'abcd', 'aes'), 'hex');
+select decrypt_iv(decode('2c24cb7da91d6d5699801268b0f5adad', 'hex'),
+ '0123456', 'abcd', 'aes');
+