Adding test vectors for PBE with BMPStrings.

RFC 7292 uses BMPStrings to encode passwords. This encoding uses UTF-16 encoded strings with big-endian ordering and a NULL terminator. Adding a few more test vectors with invalid UTF-8 encoding. NOKEYCHECK=True PiperOrigin-RevId: 516194647
C2SP · Mar 13, 2023 · b2cc2fd · b2cc2fd
1 parent 813bb2c
commit b2cc2fd
Show file tree

Hide file tree

Showing 15 changed files with 3,870 additions and 240 deletions.
diff --git a/testvectors_v1/pbes2_hmacsha1_aes_128_test.json b/testvectors_v1/pbes2_hmacsha1_aes_128_test.json
@@ -2,7 +2,7 @@
  "algorithm" : "PbeWithHmacSha1AndAes_128",
  "schema" : "pbe_test_schema.json",
  "generatorVersion" : "0.9",
- "numberOfTests" : 68,
+ "numberOfTests" : 84,
  "header" : [
  "Test vector of type PbeTest are used for PBES1 or PBES2."
  ],
@@ -11,6 +11,10 @@
  "bugType" : "FUNCTIONALITY",
  "description" : "The test vector contains a password consisting of ASCII characters."
  },
+ "BmpString" : {
+ "bugType" : "FUNCTIONALITY",
+ "description" : "The test vectors contains a password that is a valid BMPString as used in RFC 7292. This RFC uses big endian encoding and a null terminator."
+ },
  "NonUtf8" : {
  "bugType" : "FUNCTIONALITY",
  "description" : "The test vector contains a password that is not a valid UTF-8 string."
@@ -828,6 +832,186 @@
  },
  {
  "tcId" : 58,
+ "comment" : "password is an ASCII string encoded as BMPString",
+ "flags" : [
+ "Ascii",
+ "BmpString"
+ ],
+ "password" : "002d0000",
+ "salt" : "66a92292e6db2d9e",
+ "iterationCount" : 4096,
+ "iv" : "7911306933f1131299247a85b585bed8",
+ "msg" : "63219964fd79651fe1be8ad5e90f414c",
+ "ct" : "dd01fdce378777558f5f66dc423a91efafab047a08e247ba31f1ca2a8485045d",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 59,
+ "comment" : "password is an ASCII string encoded as BMPString",
+ "flags" : [
+ "Ascii",
+ "BmpString"
+ ],
+ "password" : "00470000",
+ "salt" : "88abb902385f0efc",
+ "iterationCount" : 4096,
+ "iv" : "109f2c7a8aacc98d0aa176b1b43f2ece",
+ "msg" : "34ce8c499c20714c34506b8e8b87b103d2",
+ "ct" : "f9034cf9e72d94916a3f0593a8f0ddb01b7c95c2b980f8a37211d63d67caf2b3",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 60,
+ "comment" : "password is an ASCII string encoded as BMPString",
+ "flags" : [
+ "Ascii",
+ "BmpString"
+ ],
+ "password" : "004400640042004d0064006d000100790000",
+ "salt" : "675617aaff664428",
+ "iterationCount" : 4096,
+ "iv" : "c08dd25d3aa04749850301e9b8f8eb28",
+ "msg" : "4f5f5d4d0a21d463419db42fdff6ae6c",
+ "ct" : "dc3395e31374d53f993e136d6b5051ef53a958ef530453e1a37636c3075e1843",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 61,
+ "comment" : "password is an ASCII string encoded as BMPString",
+ "flags" : [
+ "Ascii",
+ "BmpString"
+ ],
+ "password" : "007400760025002a0012005b005c00610000",
+ "salt" : "957a9ab7ad9fc7de",
+ "iterationCount" : 4096,
+ "iv" : "126081b5c830984abd553ec39b080f39",
+ "msg" : "ede5a5ea322b7972a789bb5af48f384218",
+ "ct" : "99e1e73a5dd49e0deba0633b391d3bd1e8a573a768b78f1dafd17cac02eed72f",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 62,
+ "comment" : "password is an ASCII string encoded as BMPString",
+ "flags" : [
+ "Ascii",
+ "BmpString"
+ ],
+ "password" : "0023000d00510069001d0077002a0009001200010034004d00520070006100290000",
+ "salt" : "deea2dabe885caf6",
+ "iterationCount" : 4096,
+ "iv" : "698a466cec24214100bb3f30a6820bf7",
+ "msg" : "930b94a70883efd733f63f841dfc3d17",
+ "ct" : "a5573a4a3c9d52ba722c8fe9cf4c70c06c09133a2cbe46fb69d163e4205021c3",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 63,
+ "comment" : "password is an ASCII string encoded as BMPString",
+ "flags" : [
+ "Ascii",
+ "BmpString"
+ ],
+ "password" : "007300520057005c005600180030003c004b0050007c004f00020020002600390000",
+ "salt" : "6ed69f23acf64114",
+ "iterationCount" : 4096,
+ "iv" : "59efebfe7a6056507dc17778e5c444c5",
+ "msg" : "538705a997333fc2bf4f44f2bb90f3cd26",
+ "ct" : "ac2cb5128d9760bb191a24b457419e35b590a2c139c0cb56569cd35213dc6c33",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 64,
+ "comment" : "password is a BMPString",
+ "flags" : [
+ "NonUtf8",
+ "BmpString"
+ ],
+ "password" : "92ae0000",
+ "salt" : "6978583ea9c24c49",
+ "iterationCount" : 4096,
+ "iv" : "0192ad10599677f253e7dea587373553",
+ "msg" : "c06bcb3b5cd9c1317f5eb7ba50882530",
+ "ct" : "a97fb52651734d7c61762aca1fff6e59ec61e007682085f157808e536dc688aa",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 65,
+ "comment" : "password is a BMPString",
+ "flags" : [
+ "NonUtf8",
+ "BmpString"
+ ],
+ "password" : "38a90000",
+ "salt" : "c217b8c980fe4698",
+ "iterationCount" : 4096,
+ "iv" : "890a0303475f07189a0fe14b4e509217",
+ "msg" : "1ea8b43513275537d021c0f75849c01840",
+ "ct" : "e8ce9a7662fd4663c63b7c533c98bf3baf77ede39d193a90812a9dd808aa5e36",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 66,
+ "comment" : "password is a BMPString",
+ "flags" : [
+ "NonUtf8",
+ "BmpString"
+ ],
+ "password" : "4464c2cde4ed81790000",
+ "salt" : "675617aaff664428",
+ "iterationCount" : 4096,
+ "iv" : "c08dd25d3aa04749850301e9b8f8eb28",
+ "msg" : "4f5f5d4d0a21d463419db42fdff6ae6c",
+ "ct" : "3f3fb94979594d4e1d97f0b02987fbb205d12b6e0550cc5c34a3717fe0a88f62",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 67,
+ "comment" : "password is a BMPString",
+ "flags" : [
+ "NonUtf8",
+ "BmpString"
+ ],
+ "password" : "f4f6a52a925b00610000",
+ "salt" : "957a9ab7ad9fc7de",
+ "iterationCount" : 4096,
+ "iv" : "126081b5c830984abd553ec39b080f39",
+ "msg" : "ede5a5ea322b7972a789bb5af48f384218",
+ "ct" : "32ce6a152fdd25d2f36570c905c525b8a489bce72ee8dfb41a561cc871eb2b0a",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 68,
+ "comment" : "password is a BMPString",
+ "flags" : [
+ "NonUtf8",
+ "BmpString"
+ ],
+ "password" : "a38d51691d77aa891281b44d52f061a90000",
+ "salt" : "deea2dabe885caf6",
+ "iterationCount" : 4096,
+ "iv" : "698a466cec24214100bb3f30a6820bf7",
+ "msg" : "930b94a70883efd733f63f841dfc3d17",
+ "ct" : "36f9ee8202d2436fa6bd4bde7d4ac223c4af532d73cd1d738530e8bfa4f087be",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 69,
+ "comment" : "password is a BMPString",
+ "flags" : [
+ "NonUtf8",
+ "BmpString"
+ ],
+ "password" : "f35257dc5698b0bccbd0fc4f02a026390000",
+ "salt" : "6ed69f23acf64114",
+ "iterationCount" : 4096,
+ "iv" : "59efebfe7a6056507dc17778e5c444c5",
+ "msg" : "538705a997333fc2bf4f44f2bb90f3cd26",
+ "ct" : "d049547b61d499cdeddd35c38c588c135675771e706fecbbfc0b17badc5dfcd2",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 70,
  "comment" : "empty password",
  "flags" : [
  "Printable"
@@ -841,7 +1025,7 @@
  "result" : "valid"
  },
  {
- "tcId" : 59,
+ "tcId" : 71,
  "comment" : "empty password",
  "flags" : [
  "Printable"
@@ -855,7 +1039,37 @@
  "result" : "valid"
  },
  {
- "tcId" : 60,
+ "tcId" : 72,
+ "comment" : "password is an empty BMPString",
+ "flags" : [
+ "Ascii",
+ "BmpString"
+ ],
+ "password" : "0000",
+ "salt" : "f488f026badc3624",
+ "iterationCount" : 4096,
+ "iv" : "2979c2a734e4cd5da5d9a7e69c3f8b8e",
+ "msg" : "d63088e9bf4e9105bc287f0ab6823af9",
+ "ct" : "288a57a00fe51003669965f2e5294581124652a565f3f95e5fd454ca6279830b",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 73,
+ "comment" : "password is an empty BMPString",
+ "flags" : [
+ "Ascii",
+ "BmpString"
+ ],
+ "password" : "0000",
+ "salt" : "542ada9132800d2c",
+ "iterationCount" : 4096,
+ "iv" : "844635e540de3a85c02f2df9413ff911",
+ "msg" : "08dfdd58aa603d5fc4bdaa9cb24ce82bca",
+ "ct" : "2ddb971c0fee6640c8d9e9e603ee81c51cbce9e838d40a98095098105f7be380",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 74,
  "comment" : "long password",
  "flags" : [
  "Printable"
@@ -869,7 +1083,7 @@
  "result" : "valid"
  },
  {
- "tcId" : 61,
+ "tcId" : 75,
  "comment" : "long password",
  "flags" : [
  "Printable"
@@ -883,7 +1097,7 @@
  "result" : "valid"
  },
  {
- "tcId" : 62,
+ "tcId" : 76,
  "comment" : "long password",
  "flags" : [
  "Printable"
@@ -897,7 +1111,7 @@
  "result" : "valid"
  },
  {
- "tcId" : 63,
+ "tcId" : 77,
  "comment" : "special case password",
  "flags" : [
  "NonUtf8"
@@ -911,8 +1125,22 @@
  "result" : "valid"
  },
  {
- "tcId" : 64,
- "comment" : "special case password",
+ "tcId" : 78,
+ "comment" : "special case: truncated UTF-8 string",
+ "flags" : [
+ "NonUtf8"
+ ],
+ "password" : "c0",
+ "salt" : "e19e4f175a64d35a",
+ "iterationCount" : 4096,
+ "iv" : "7545745f8d0bfe38f024371e12008a5f",
+ "msg" : "9e21b64aeff5338eb9bc71b19ef8f8e7",
+ "ct" : "3f57aee83a71dabbe7f7f6dfb48dbc6ab9a573568a34f931d1e2d25ba111953f",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 79,
+ "comment" : "special case: invalid UTF-8 bytes",
  "flags" : [
  "NonUtf8"
  ],
@@ -925,8 +1153,8 @@
  "result" : "valid"
  },
  {
- "tcId" : 65,
- "comment" : "special case password",
+ "tcId" : 80,
+ "comment" : "special case: invalid 2 byte UTF-8 code points",
  "flags" : [
  "NonUtf8"
  ],
@@ -939,8 +1167,8 @@
  "result" : "valid"
  },
  {
- "tcId" : 66,
- "comment" : "special case password",
+ "tcId" : 81,
+ "comment" : "special case: invalid 3 byte UTF-8 code points",
  "flags" : [
  "NonUtf8"
  ],
@@ -953,8 +1181,8 @@
  "result" : "valid"
  },
  {
- "tcId" : 67,
- "comment" : "special case password",
+ "tcId" : 82,
+ "comment" : "special case: invalid UTF-8 code points",
  "flags" : [
  "NonUtf8"
  ],
@@ -967,8 +1195,22 @@
  "result" : "valid"
  },
  {
- "tcId" : 68,
- "comment" : "special case password",
+ "tcId" : 83,
+ "comment" : "special case for UTF-16",
+ "flags" : [
+ "NonUtf8"
+ ],
+ "password" : "dbdbdbdbdbdbdbdb",
+ "salt" : "ba21795fffb901bc",
+ "iterationCount" : 4096,
+ "iv" : "753675f249b8c153997a797116495204",
+ "msg" : "706c565ba28370ff433460cc9f8d845a",
+ "ct" : "092375312cbe8397b0bca894c8b04ef2a960ac933830f60a5a813691ade153d6",
+ "result" : "valid"
+ },
+ {
+ "tcId" : 84,
+ "comment" : "special case: long all zero password",
  "flags" : [
  "Ascii"
  ],