CryptoPkg: Add PKCS5 PBKDF2 interface for password derivation.

[mirror_edk2.git] / CryptoPkg / Application / Cryptest / Pkcs5Pbkdf2Verify.c

diff --git a/CryptoPkg/Application/Cryptest/Pkcs5Pbkdf2Verify.c b/CryptoPkg/Application/Cryptest/Pkcs5Pbkdf2Verify.c
new file mode 100644 (file)
index 0000000..84652d3
--- /dev/null
+++ b/CryptoPkg/Application/Cryptest/Pkcs5Pbkdf2Verify.c
@@ -0,0 +1,94 @@
+/** @file\r
+  Application for PKCS#5 PBKDF2 Function Validation.\r
+\r
+Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution.  The full text of the license may be found at\r
+http://opensource.org/licenses/bsd-license.php\r
+\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#include "Cryptest.h"\r
+\r
+//\r
+// PBKDF2 HMAC-SHA1 Test Vector from RFC6070\r
+//\r
+GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8  *Password = "password";  // Input Password\r
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN        PassLen   = 8;           // Length of Input Password\r
+GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8  *Salt     = "salt";      // Input Salt\r
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN        SaltLen   = 4;           // Length of Input Salt\r
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN  Count     = 2;           // InterationCount\r
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN  KeyLen    = 20;          // Length of derived key\r
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8  DerivedKey[]  = {        // Expected output key\r
+  0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,\r
+  0xd8, 0xde, 0x89, 0x57\r
+  };\r
+\r
+/**\r
+  Validate UEFI-OpenSSL PKCS#5 PBKDF2 Interface.\r
+\r
+  @retval  EFI_SUCCESS  Validation succeeded.\r
+  @retval  EFI_ABORTED  Validation failed.\r
+\r
+**/\r
+EFI_STATUS\r
+ValidateCryptPkcs5Pbkdf2 (\r
+  VOID\r
+  )\r
+{\r
+  BOOLEAN  Status;\r
+  UINT8    *OutKey;\r
+\r
+  Print (L"\nUEFI-OpenSSL PKCS#5 PBKDF2 Testing: ");\r
+  Print (L"\n- PKCS#5 PBKDF2 Verification: ");\r
+\r
+  OutKey = AllocatePool (KeyLen);\r
+  if (OutKey == NULL) {\r
+    Print (L"[Fail]");\r
+    return EFI_ABORTED;\r
+  }\r
+\r
+  //\r
+  // Verify PKCS#5 PBKDF2 Key Derivation Function\r
+  //\r
+  Print (L"Deriving Key... ");\r
+  Status = Pkcs5HashPassword (\r
+             PassLen,\r
+             Password,\r
+             SaltLen,\r
+             (CONST UINT8 *)Salt,\r
+             Count,\r
+             SHA1_DIGEST_SIZE,\r
+             KeyLen,\r
+             OutKey\r
+             );\r
+\r
+  if (!Status) {\r
+    Print (L"[Fail]");\r
+    FreePool (OutKey);\r
+    return EFI_ABORTED;\r
+  }\r
+\r
+  //\r
+  // Check the output key with the expected key result\r
+  //\r
+  Print (L"Check Derived Key... ");\r
+  if (CompareMem (OutKey, DerivedKey, KeyLen) != 0) {\r
+    Print (L"[Fail]");\r
+    FreePool (OutKey);\r
+    return EFI_ABORTED;\r
+  }\r
+\r
+  Print (L"[Pass]\n");\r
+\r
+  //\r
+  // Release Resources\r
+  //\r
+  FreePool (OutKey);\r
+\r
+  return EFI_SUCCESS;\r
+}\r