2 // PasswordDeriveTest.cs - NUnit Test Cases for PasswordDerive
5 // Sebastien Pouliot (sebastien@ximian.com)
7 // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004,2007 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using NUnit.Framework;
32 using System.Security.Cryptography;
34 namespace MonoTests.System.Security.Cryptography {
37 // a. PKCS#5: Password-Based Cryptography Standard
38 // http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html
41 public class PasswordDeriveBytesTest {
43 static byte[] salt = { 0xDE, 0xAD, 0xC0, 0xDE };
44 static string ssalt = "DE-AD-C0-DE";
49 [ExpectedException (typeof (ArgumentNullException))]
50 public void Ctor_PasswordNullSalt ()
53 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt);
57 public void Ctor_PasswordSaltNull ()
59 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", null);
60 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
61 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
62 Assert.IsNull (pdb.Salt, "Salt");
66 public void Ctor_PasswordSalt ()
68 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt);
69 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
70 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
71 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
75 [ExpectedException (typeof (ArgumentNullException))]
76 public void Ctor_PasswordNullSaltCspParameters ()
79 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt, new CspParameters ());
84 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
85 public void Ctor_PasswordSaltNullCspParameters ()
87 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", null, new CspParameters ());
88 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
89 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
90 Assert.IsNull (pdb.Salt, "Salt");
95 public void Ctor_PasswordSaltCspParametersNull ()
97 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, null);
98 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
99 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
100 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
105 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
106 public void Ctor_PasswordSaltCspParameters ()
108 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, new CspParameters ());
109 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
110 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
111 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
116 [ExpectedException (typeof (ArgumentNullException))]
117 public void Ctor_PasswordNullSaltHashIteration ()
120 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt, "SHA1", 1);
124 public void Ctor_PasswordSaltNullHashIteration ()
126 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", null, "SHA1", 1);
127 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
128 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
129 Assert.IsNull (pdb.Salt, "Salt");
133 [ExpectedException (typeof (ArgumentNullException))]
134 public void Ctor_PasswordSaltHashNullIteration ()
136 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, null, 1);
140 [ExpectedException (typeof (ArgumentOutOfRangeException))]
141 public void Ctor_PasswordSaltHashIterationNegative ()
143 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", -1);
147 [ExpectedException (typeof (ArgumentOutOfRangeException))]
148 public void Ctor_PasswordSaltHashIterationZero ()
150 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 0);
154 public void Ctor_PasswordSaltHashIterationMaxValue ()
156 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", Int32.MaxValue);
157 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
158 Assert.AreEqual (Int32.MaxValue, pdb.IterationCount, "IterationCount");
159 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
163 public void Ctor_PasswordSaltHashIteration ()
165 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 1);
166 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
167 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
168 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
172 [ExpectedException (typeof (ArgumentNullException))]
173 public void Ctor_PasswordNullSaltHashIterationCspParameters ()
176 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt, "SHA1", 1, new CspParameters ());
181 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
182 public void Ctor_PasswordSaltNullHashIterationCspParameters ()
184 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", null, "SHA1", 1, new CspParameters ());
185 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
186 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
187 Assert.IsNull (pdb.Salt, "Salt");
192 [ExpectedException (typeof (ArgumentNullException))]
193 public void Ctor_PasswordSaltHashNullIterationCspParameters ()
195 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, null, 1, new CspParameters ());
199 [ExpectedException (typeof (ArgumentOutOfRangeException))]
200 public void Ctor_PasswordSaltHashIterationNegativeCspParameters ()
202 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", -1, new CspParameters ());
206 [ExpectedException (typeof (ArgumentOutOfRangeException))]
207 public void Ctor_PasswordSaltHashIterationZeroCspParameters ()
209 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 0, new CspParameters ());
214 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
215 public void Ctor_PasswordSaltHashIterationMaxValueCspParameters ()
217 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", Int32.MaxValue, new CspParameters ());
218 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
219 Assert.AreEqual (Int32.MaxValue, pdb.IterationCount, "IterationCount");
220 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
225 public void Ctor_PasswordSaltHashIterationCspParametersNull ()
227 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 1, null);
228 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
229 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
230 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
235 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
236 public void Ctor_PasswordSaltHashIterationCspParameters ()
238 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 1, new CspParameters ());
239 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
240 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
241 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
248 [ExpectedException (typeof (ArgumentNullException))]
249 public void Property_HashName_Null ()
251 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 1);
252 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
257 public void Property_Salt ()
259 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt);
260 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
262 Assert.IsNull (pdb.Salt, "Salt");
266 public void Property_Salt_Modify ()
268 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt);
269 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
271 // modification rejected (the property returned a copy of the salt)
272 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
275 // 1.0/1.1 compatibility
280 static int ToInt32LE(byte [] bytes, int offset)
282 return (bytes[offset + 3] << 24) | (bytes[offset + 2] << 16) | (bytes[offset + 1] << 8) | bytes[offset];
285 // generate the key up to HashSize and reset between operations
286 public void ShortRun(string msg, PasswordDeriveBytes pd, byte[] finalKey)
288 for (int i=0; i < finalKey.Length; i++) {
291 byte[] key = pd.GetBytes (i+1);
293 if (finalKey [j] != key[j]) {
298 Assert.IsTrue (compare, msg + " #" + j);
303 // generate a key at least 1000 bytes and don't reset between operations
304 public void LongRun(string msg, PasswordDeriveBytes pd, byte[] finalKey)
306 int bloc = finalKey.Length;
307 int iter = (int) ((1000 + bloc - 1) / bloc);
309 for (int i=0; i < iter; i++) {
310 pass = pd.GetBytes (bloc);
312 Assert.AreEqual (pass, finalKey, msg);
315 public void Run (string password, byte[] salt, string hashname, int iterations, int getbytes, int lastFourBytes)
317 PasswordDeriveBytes pd = new PasswordDeriveBytes (password, salt, hashname, iterations);
318 byte[] key = pd.GetBytes (getbytes);
319 string msg = "[pwd=" + password;
320 msg += ", salt=" + ((salt == null) ? "null" : salt.Length.ToString ());
321 msg += ", hash=" + hashname;
322 msg += ", iter=" + iterations;
323 msg += ", get=" + getbytes + "]";
324 Assert.AreEqual (lastFourBytes, ToInt32LE (key, key.Length - 4), msg);
328 [ExpectedException (typeof (IndexOutOfRangeException))]
329 public void TooShort ()
331 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "SHA1", 1);
332 byte[] key = pd.GetBytes (0);
335 public void TooLong (string hashName, int size, int lastFourBytes)
337 PasswordDeriveBytes pd = new PasswordDeriveBytes ("toolong", null, hashName, 1);
339 // this should work (we check the last four devired bytes to be sure)
340 byte[] key = pd.GetBytes (size);
341 Assert.AreEqual (lastFourBytes, ToInt32LE (key, size - 4), "Last 4 bytes");
343 // but we can't get another byte from it!
345 key = pd.GetBytes (1);
346 Assert.Fail ("Expected CryptographicException but got none");
348 catch (CryptographicException) {
349 // LAMESPEC: no limit is documented
351 catch (Exception e) {
352 Assert.Fail ("Expected CryptographicException but got " + e.ToString ());
357 public void TooLong ()
359 // 1000 times hash length is the maximum
360 TooLong ("MD5", 16000, 1135777886);
361 TooLong ("SHA1", 20000, -1167918035);
362 TooLong ("SHA256", 32000, -358766048);
363 TooLong ("SHA384", 48000, 1426370534);
364 TooLong ("SHA512", 64000, -1763233543);
368 public void OneIteration ()
370 // (1) size of hash, (2) size of 2 hash
371 Run ("password", salt, "MD5", 1, 16, 986357363);
372 Run ("monomono", null, "MD5", 1, 32, -1092059875);
373 Run ("password", salt, "SHA1", 1, 20, -1251929751);
374 Run ("monomono", null, "SHA1", 1, 40, -1148594972);
375 Run ("password", salt, "SHA256", 1, 32, -1106908309);
376 Run ("monomono", null, "SHA256", 1, 64, 1243724695);
377 Run ("password", salt, "SHA384", 1, 48, 1338639872);
378 Run ("monomono", null, "SHA384", 1, 96, -1974067932);
379 Run ("password", salt, "SHA512", 1, 64, 998927776);
380 Run ("monomono", null, "SHA512", 1, 128, -1082987985);
386 Run ("password", salt, "MD5", 10, 10, -1174247292);
387 Run ("monomono", salt, "SHA1", 20, 20, 622814236);
388 Run ("password", salt, "MD5", 30, 30, 1491759020);
389 Run ("monomono", salt, "SHA1", 40, 40, 1186751819);
390 Run ("password", salt, "MD5", 50, 50, -1416348895);
391 Run ("monomono", salt, "SHA1", 60, 60, -1167799882);
392 Run ("password", salt, "MD5", 70, 70, -695745351);
393 Run ("monomono", salt, "SHA1", 80, 80, 598766793);
394 Run ("password", salt, "MD5", 90, 90, -906351079);
395 Run ("monomono", salt, "SHA1", 100, 100, 1247157997);
399 public void NoSalt ()
401 Run ("password", null, "MD5", 10, 10, -385488886);
402 Run ("password", null, "SHA1", 20, 20, -385953596);
403 Run ("password", null, "MD5", 30, 30, -669295228);
404 Run ("password", null, "SHA1", 40, 40, -1921654064);
405 Run ("password", null, "MD5", 50, 50, -1664099354);
406 Run ("monomono", null, "SHA1", 60, 60, -1988511363);
407 Run ("monomono", null, "MD5", 70, 70, -1326415479);
408 Run ("monomono", null, "SHA1", 80, 80, 158880373);
409 Run ("monomono", null, "MD5", 90, 90, 532527918);
410 Run ("monomono", null, "SHA1", 100, 100, 769250758);
416 const string hashName = "MD5";
417 // getbytes less than hash size
418 Run ("password", null, hashName, 10, 10, -385488886);
419 // getbytes equal to hash size
420 Run ("password", salt, hashName, 20, 16, -470982134);
421 // getbytes more than hash size
422 Run ("password", null, hashName, 30, 30, -669295228);
423 Run ("password", salt, hashName, 40, 40, 892279589);
424 Run ("password", null, hashName, 50, 50, -1664099354);
425 Run ("monomono", salt, hashName, 60, 60, -2050574033);
426 Run ("monomono", null, hashName, 70, 70, -1326415479);
427 Run ("monomono", salt, hashName, 80, 80, 2047895994);
428 Run ("monomono", null, hashName, 90, 90, 532527918);
429 Run ("monomono", salt, hashName, 100, 100, 1522243696);
435 const string hashName = "SHA1";
436 // getbytes less than hash size
437 Run ("password", null, hashName, 10, 10, -852142057);
438 // getbytes equal to hash size
439 Run ("password", salt, hashName, 20, 20, -1096621819);
440 // getbytes more than hash size
441 Run ("password", null, hashName, 30, 30, 1748347042);
442 Run ("password", salt, hashName, 40, 40, 900690664);
443 Run ("password", null, hashName, 50, 50, 2125027038);
444 Run ("monomono", salt, hashName, 60, 60, -1167799882);
445 Run ("monomono", null, hashName, 70, 70, -1967623713);
446 Run ("monomono", salt, hashName, 80, 80, 598766793);
447 Run ("monomono", null, hashName, 90, 90, -1754629926);
448 Run ("monomono", salt, hashName, 100, 100, 1247157997);
452 public void SHA256 ()
454 const string hashName = "SHA256";
455 // getbytes less than hash size
456 Run ("password", null, hashName, 10, 10, -1636557322);
457 Run ("password", salt, hashName, 20, 20, -1403130075);
458 // getbytes equal to hash size
459 Run ("password", null, hashName, 30, 32, -1013167039);
460 // getbytes more than hash size
461 Run ("password", salt, hashName, 40, 40, 379553148);
462 Run ("password", null, hashName, 50, 50, 1031928292);
463 Run ("monomono", salt, hashName, 60, 60, 1933836953);
464 Run ("monomono", null, hashName, 70, 70, -956782587);
465 Run ("monomono", salt, hashName, 80, 80, 1239391711);
466 Run ("monomono", null, hashName, 90, 90, -872090432);
467 Run ("monomono", salt, hashName, 100, 100, -591569127);
471 public void SHA384 ()
473 const string hashName = "SHA384";
474 // getbytes less than hash size
475 Run ("password", null, hashName, 10, 10, 323393534);
476 Run ("password", salt, hashName, 20, 20, -2034683704);
477 Run ("password", null, hashName, 30, 32, 167978389);
478 Run ("password", salt, hashName, 40, 40, 2123410525);
479 // getbytes equal to hash size
480 Run ("password", null, hashName, 50, 48, -47538843);
481 // getbytes more than hash size
482 Run ("monomono", salt, hashName, 60, 60, -118610774);
483 Run ("monomono", null, hashName, 70, 70, 772360425);
484 Run ("monomono", salt, hashName, 80, 80, -1018881215);
485 Run ("monomono", null, hashName, 90, 90, -1585583772);
486 Run ("monomono", salt, hashName, 100, 100, -821501990);
490 public void SHA512 ()
492 const string hashName = "SHA512";
493 // getbytes less than hash size
494 Run ("password", null, hashName, 10, 10, 708870265);
495 Run ("password", salt, hashName, 20, 20, 23889227);
496 Run ("password", null, hashName, 30, 32, 1718904507);
497 Run ("password", salt, hashName, 40, 40, 979228711);
498 Run ("password", null, hashName, 50, 48, 1554003653);
499 // getbytes equal to hash size
500 Run ("monomono", salt, hashName, 60, 64, 1251099126);
501 // getbytes more than hash size
502 Run ("monomono", null, hashName, 70, 70, 1021441810);
503 Run ("monomono", salt, hashName, 80, 80, 640059310);
504 Run ("monomono", null, hashName, 90, 90, 1178147201);
505 Run ("monomono", salt, hashName, 100, 100, 206423887);
508 // get one block after the other
510 public void OneByOne ()
512 byte[] key = { 0x91, 0xDA, 0xF9, 0x9D, 0x7C, 0xA9, 0xB4, 0x42, 0xB8, 0xD9, 0x45, 0xAB, 0x69, 0xEE, 0x12, 0xBC, 0x48, 0xDD, 0x38, 0x74 };
513 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", salt, "SHA1", 1);
514 string msg = "PKCS#5-Long password salt SHA1 (1)";
516 int bloc = key.Length;
517 int iter = (int) ((1000 + bloc - 1) / bloc);
519 for (int i=0; i < iter; i++) {
520 pass = pd.GetBytes (bloc);
522 Assert.AreEqual (pass, key, msg);
526 public void SHA1SaltShortRun ()
528 byte[] key = { 0x0B, 0x61, 0x93, 0x96, 0x3A, 0xFF, 0x0D, 0xFC, 0xF6, 0x3D, 0xA3, 0xDB, 0x34, 0xC2, 0x99, 0x71, 0x69, 0x11, 0x61, 0xB5 };
529 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", salt, "SHA1", 1);
530 string msg = "PKCS#5 password salt SHA1 (1)";
531 ShortRun (msg, pd, key);
535 public void SHA1SaltLongRun ()
537 byte[] key = { 0x91, 0xDA, 0xF9, 0x9D, 0x7C, 0xA9, 0xB4, 0x42, 0xB8, 0xD9, 0x45, 0xAB, 0x69, 0xEE, 0x12, 0xBC, 0x48, 0xDD, 0x38, 0x74 };
538 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", salt, "SHA1", 1);
539 string msg = "PKCS#5-Long password salt SHA1 (1)";
540 LongRun (msg, pd, key);
544 public void SHA1NoSaltShortRun ()
546 byte[] key = { 0x74, 0x61, 0x03, 0x6C, 0xA1, 0xFE, 0x85, 0x3E, 0xD9, 0x3F, 0x03, 0x06, 0x58, 0x45, 0xDE, 0x36, 0x52, 0xEF, 0x4B, 0x68 };
547 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", null, "SHA1", 10);
548 string msg = "PKCS#5 mono null SHA1 (10)";
549 ShortRun (msg, pd, key);
553 public void SHA1NoSaltLongRun ()
555 byte[] key = { 0x3A, 0xF8, 0x33, 0x88, 0x39, 0x61, 0x29, 0x75, 0x5C, 0x17, 0xD2, 0x9E, 0x8A, 0x78, 0xEB, 0xBD, 0x89, 0x1E, 0x4C, 0x67 };
556 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", null, "SHA1", 10);
557 string msg = "PKCS#5-Long mono null SHA1 (10)";
558 LongRun (msg, pd, key);
562 public void MD5SaltShortRun ()
564 byte[] key = { 0xA5, 0x4D, 0x4E, 0xDD, 0x3A, 0x59, 0xAC, 0x98, 0x08, 0xDA, 0xE7, 0xF2, 0x85, 0x2F, 0x7F, 0xF2 };
565 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", salt, "MD5", 100);
566 string msg = "PKCS#5 mono salt MD5 (100)";
567 ShortRun (msg, pd, key);
571 public void MD5SaltLongRun ()
573 byte[] key = { 0x92, 0x51, 0x4D, 0x10, 0xE1, 0x5F, 0xA8, 0x44, 0xEF, 0xFC, 0x0F, 0x1F, 0x6F, 0x3E, 0x40, 0x36 };
574 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", salt, "MD5", 100);
575 string msg = "PKCS#5-Long mono salt MD5 (100)";
576 LongRun (msg, pd, key);
580 public void MD5NoSaltShortRun ()
582 byte[] key = { 0x39, 0xEB, 0x82, 0x84, 0xCF, 0x1A, 0x3B, 0x3C, 0xA1, 0xF2, 0x68, 0xAF, 0xBF, 0xAC, 0x41, 0xA6 };
583 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "MD5", 1000);
584 string msg = "PKCS#5 password null MD5 (1000)";
585 ShortRun (msg, pd, key);
589 public void MD5NoSaltLongRun ()
591 byte[] key = { 0x49, 0x3C, 0x00, 0x69, 0xB4, 0x55, 0x21, 0xA4, 0xC9, 0x69, 0x2E, 0xFF, 0xAA, 0xED, 0x4C, 0x72 };
592 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "MD5", 1000);
593 string msg = "PKCS#5-Long password null MD5 (1000)";
594 LongRun (msg, pd, key);
598 public void Properties ()
601 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "MD5", 1000);
602 Assert.AreEqual ("MD5", pd.HashName, "HashName-MD5");
603 Assert.AreEqual (1000, pd.IterationCount, "IterationCount-1000");
604 // ...then change all its properties...
605 pd.HashName = "SHA1";
606 Assert.AreEqual ("SHA1", pd.HashName, "HashName-SHA1");
608 Assert.AreEqual (ssalt, BitConverter.ToString (pd.Salt), "Salt");
609 pd.IterationCount = 1;
610 Assert.AreEqual (1, pd.IterationCount, "IterationCount-1");
611 byte[] expectedKey = { 0x0b, 0x61, 0x93, 0x96 };
612 // ... before using it
613 Assert.AreEqual (expectedKey, pd.GetBytes (4), "PKCS#5 test properties");
614 // it should work but if we try to set any properties after GetBytes
615 // they should all throw an exception
617 pd.HashName = "SHA256";
618 Assert.Fail ("PKCS#5 can't set HashName after GetBytes - expected CryptographicException but got none");
620 catch (CryptographicException) {
621 // do nothing, this is what we expect
623 catch (Exception e) {
624 Assert.Fail ("PKCS#5 can't set HashName after GetBytes - expected CryptographicException but got " + e.ToString ());
627 pd.Salt = expectedKey;
628 Assert.Fail ("PKCS#5 can't set Salt after GetBytes - expected CryptographicException but got none");
630 catch (CryptographicException) {
631 // do nothing, this is what we expect
633 catch (Exception e) {
634 Assert.Fail ("PKCS#5 can't set Salt after GetBytes - expected CryptographicException but got " + e.ToString ());
637 pd.IterationCount = 10;
638 Assert.Fail ("PKCS#5 can't set IterationCount after GetBytes - expected CryptographicException but got none");
640 catch (CryptographicException) {
641 // do nothing, this is what we expect
643 catch (Exception e) {
644 Assert.Fail ("PKCS#5 can't set IterationCount after GetBytes - expected CryptographicException but got " + e.ToString ());
648 // finally a useful reset :)
649 pd.HashName = "SHA256";
650 pd.Salt = expectedKey;
651 pd.IterationCount = 10;
654 // FIXME: should we treat this as a bug or as a feature ?
656 public void StrangeBehaviour ()
658 // create object with a salt...
659 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", salt, "MD5", 1000);
660 // ...then change the salt to null
665 [ExpectedException (typeof (CryptographicException))]
666 public void CryptDeriveKey_TooLongKey ()
668 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "MD5", 1000);
669 pd.CryptDeriveKey ("AlgName", "MD5", -256, new byte [8]);
674 [Category ("NotWorking")] // bug #79499
675 public void LongMultipleGetBytes ()
677 // based on http://bugzilla.ximian.com/show_bug.cgi?id=79499
678 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", new byte[20]);
679 string key = BitConverter.ToString (pd.GetBytes (32));
680 Assert.AreEqual ("88-0A-AE-0A-41-61-02-78-FD-E2-70-9F-25-13-14-28-1F-C7-D9-72-9A-AE-CA-3F-BD-31-B4-F0-BD-8E-5B-98", key, "key");
681 string iv = BitConverter.ToString (pd.GetBytes (16));
682 Assert.AreEqual ("FD-E2-70-9F-25-13-14-28-4D-3F-9B-F8-EE-AA-95-ED", iv, "iv");
684 // bytes from 32-40 are different from calling GetBytes separately
685 Assert.AreEqual (key + "-F6-55-6C-3E-54-8B-F3-73-4D-3F-9B-F8-EE-AA-95-ED", BitConverter.ToString (pd.GetBytes (48)), "same");