[openssl] openssl-3.0 update
Dr. Paul Dale
pauli at openssl.org
Thu Nov 4 23:26:55 UTC 2021
The branch openssl-3.0 has been updated
via d355c879b64e99194db8b943c6efc4b1a38740e5 (commit)
from 04020e2f41500e08a36e8edd31e465ac12fffab2 (commit)
- Log -----------------------------------------------------------------
commit d355c879b64e99194db8b943c6efc4b1a38740e5
Author: Pauli <pauli at openssl.org>
Date: Wed Nov 3 10:34:36 2021 +1000
Add unit tests for weak key and key parity checks
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/16953)
(cherry picked from commit cc350c882218b1053a636d01eb36573b3e7b20c2)
-----------------------------------------------------------------------
Summary of changes:
test/destest.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 69 insertions(+)
diff --git a/test/destest.c b/test/destest.c
index ee5a70db27..e0c4b30f90 100644
--- a/test/destest.c
+++ b/test/destest.c
@@ -771,6 +771,73 @@ static int test_des_key_wrap(int idx)
EVP_CIPHER_CTX_free(ctx);
return res;
}
+
+/*-
+ * Weak and semi weak keys as taken from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ */
+static struct {
+ const DES_cblock key;
+ int expect;
+} weak_keys[] = {
+ /* weak keys */
+ {{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, 1 },
+ {{0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}, 1 },
+ {{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, 1 },
+ {{0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1}, 1 },
+ /* semi-weak keys */
+ {{0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE}, 1 },
+ {{0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01}, 1 },
+ {{0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1}, 1 },
+ {{0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E}, 1 },
+ {{0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1}, 1 },
+ {{0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01}, 1 },
+ {{0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE}, 1 },
+ {{0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E}, 1 },
+ {{0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E}, 1 },
+ {{0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01}, 1 },
+ {{0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, 1 },
+ {{0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}, 1 },
+ /* good key */
+ {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }
+};
+
+static int test_des_weak_keys(int n)
+{
+ const_DES_cblock *key = (unsigned char (*)[8])weak_keys[n].key;
+
+ return TEST_int_eq(DES_is_weak_key(key), weak_keys[n].expect);
+}
+
+static struct {
+ const DES_cblock key;
+ int expect;
+} bad_parity_keys[] = {
+ {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 0 },
+ {{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 0 },
+ /* Perturb each byte in turn to create even parity */
+ {{0x48, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 },
+ {{0x49, 0xE8, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 },
+ {{0x49, 0xE9, 0x5C, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 },
+ {{0x49, 0xE9, 0x5D, 0x7D, 0x4C, 0xA2, 0x29, 0xBF}, 0 },
+ {{0x49, 0xE9, 0x5D, 0x6D, 0x5C, 0xA2, 0x29, 0xBF}, 0 },
+ {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA3, 0x29, 0xBF}, 0 },
+ {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x39, 0xBF}, 0 },
+ {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBE}, 0 },
+ /* Odd parity version of above */
+ {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 1 }
+};
+
+static int test_des_check_bad_parity(int n)
+{
+ const_DES_cblock *key = (unsigned char (*)[8])bad_parity_keys[n].key;
+
+ return TEST_int_eq(DES_check_key_parity(key), bad_parity_keys[n].expect);
+}
#endif
int setup_tests(void)
@@ -797,6 +864,8 @@ int setup_tests(void)
ADD_ALL_TESTS(test_input_align, 4);
ADD_ALL_TESTS(test_output_align, 4);
ADD_ALL_TESTS(test_des_key_wrap, OSSL_NELEM(test_des_key_wrap_sizes));
+ ADD_ALL_TESTS(test_des_weak_keys, OSSL_NELEM(weak_keys));
+ ADD_ALL_TESTS(test_des_check_bad_parity, OSSL_NELEM(bad_parity_keys));
#endif
return 1;
}
More information about the openssl-commits
mailing list