2 // PasswordDeriveTest.cs - NUnit Test Cases for PasswordDerive
5 // Sebastien Pouliot (sebastien@ximian.com)
7 // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using NUnit.Framework;
32 using System.Security.Cryptography;
34 namespace MonoTests.System.Security.Cryptography {
37 // a. PKCS#5: Password-Based Cryptography Standard
38 // http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html
41 public class PasswordDeriveBytesTest {
43 static byte[] salt = { 0xDE, 0xAD, 0xC0, 0xDE };
44 static string ssalt = "DE-AD-C0-DE";
50 [ExpectedException (typeof (ArgumentNullException))]
52 public void Ctor_PasswordNullSalt ()
55 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt);
59 public void Ctor_PasswordSaltNull ()
61 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", null);
62 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
63 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
64 Assert.IsNull (pdb.Salt, "Salt");
68 public void Ctor_PasswordSalt ()
70 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt);
71 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
72 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
73 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
78 [ExpectedException (typeof (ArgumentNullException))]
80 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
82 public void Ctor_PasswordNullSaltCspParameters ()
85 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt, new CspParameters ());
89 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
90 public void Ctor_PasswordSaltNullCspParameters ()
92 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", null, new CspParameters ());
93 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
94 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
95 Assert.IsNull (pdb.Salt, "Salt");
99 public void Ctor_PasswordSaltCspParametersNull ()
101 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, null);
102 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
103 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
104 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
108 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
109 public void Ctor_PasswordSaltCspParameters ()
111 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, new CspParameters ());
112 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
113 Assert.AreEqual (100, pdb.IterationCount, "IterationCount");
114 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
119 [ExpectedException (typeof (ArgumentNullException))]
121 public void Ctor_PasswordNullSaltHashIteration ()
124 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt, "SHA1", 1);
128 public void Ctor_PasswordSaltNullHashIteration ()
130 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", null, "SHA1", 1);
131 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
132 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
133 Assert.IsNull (pdb.Salt, "Salt");
137 [ExpectedException (typeof (ArgumentNullException))]
138 public void Ctor_PasswordSaltHashNullIteration ()
140 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, null, 1);
144 [ExpectedException (typeof (ArgumentOutOfRangeException))]
145 public void Ctor_PasswordSaltHashIterationNegative ()
147 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", -1);
151 [ExpectedException (typeof (ArgumentOutOfRangeException))]
152 public void Ctor_PasswordSaltHashIterationZero ()
154 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 0);
158 public void Ctor_PasswordSaltHashIterationMaxValue ()
160 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", Int32.MaxValue);
161 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
162 Assert.AreEqual (Int32.MaxValue, pdb.IterationCount, "IterationCount");
163 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
167 public void Ctor_PasswordSaltHashIteration ()
169 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 1);
170 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
171 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
172 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
177 [ExpectedException (typeof (ArgumentNullException))]
179 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
181 public void Ctor_PasswordNullSaltHashIterationCspParameters ()
184 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt, "SHA1", 1, new CspParameters ());
188 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
189 public void Ctor_PasswordSaltNullHashIterationCspParameters ()
191 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", null, "SHA1", 1, new CspParameters ());
192 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
193 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
194 Assert.IsNull (pdb.Salt, "Salt");
198 [ExpectedException (typeof (ArgumentNullException))]
199 public void Ctor_PasswordSaltHashNullIterationCspParameters ()
201 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, null, 1, new CspParameters ());
205 [ExpectedException (typeof (ArgumentOutOfRangeException))]
206 public void Ctor_PasswordSaltHashIterationNegativeCspParameters ()
208 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", -1, new CspParameters ());
212 [ExpectedException (typeof (ArgumentOutOfRangeException))]
213 public void Ctor_PasswordSaltHashIterationZeroCspParameters ()
215 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 0, new CspParameters ());
219 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
220 public void Ctor_PasswordSaltHashIterationMaxValueCspParameters ()
222 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", Int32.MaxValue, new CspParameters ());
223 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
224 Assert.AreEqual (Int32.MaxValue, pdb.IterationCount, "IterationCount");
225 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
229 public void Ctor_PasswordSaltHashIterationCspParametersNull ()
231 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 1, null);
232 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
233 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
234 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
238 [Category ("NotWorking")] // CspParameters aren't supported by Mono (requires CryptoAPI)
239 public void Ctor_PasswordSaltHashIterationCspParameters ()
241 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 1, new CspParameters ());
242 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
243 Assert.AreEqual (1, pdb.IterationCount, "IterationCount");
244 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
250 [ExpectedException (typeof (ArgumentNullException))]
251 public void Property_HashName_Null ()
253 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt, "SHA1", 1);
254 Assert.AreEqual ("SHA1", pdb.HashName, "HashName");
260 // Fixed in 2.0 beta 1
261 [ExpectedException (typeof (NullReferenceException))]
263 public void Property_Salt ()
265 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt);
266 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
268 Assert.IsNull (pdb.Salt, "Salt");
272 public void Property_Salt_Modify ()
274 PasswordDeriveBytes pdb = new PasswordDeriveBytes ("s3kr3t", salt);
275 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
277 // modification rejected (the property returned a copy of the salt)
278 Assert.AreEqual (ssalt, BitConverter.ToString (pdb.Salt), "Salt");
281 // 1.0/1.1 compatibility
284 // 1.0/1.1 accepted a null password as valid - but throw the
285 // ArgumentNullException when GetBytes is called
286 // byte stream from the null input. Check that we can do the same...
288 [ExpectedException (typeof (ArgumentNullException))]
289 public void GetBytes_PasswordNull ()
292 PasswordDeriveBytes pdb = new PasswordDeriveBytes (pwd, salt);
299 static int ToInt32LE(byte [] bytes, int offset)
301 return (bytes[offset + 3] << 24) | (bytes[offset + 2] << 16) | (bytes[offset + 1] << 8) | bytes[offset];
304 // generate the key up to HashSize and reset between operations
305 public void ShortRun(string msg, PasswordDeriveBytes pd, byte[] finalKey)
307 for (int i=0; i < finalKey.Length; i++) {
310 byte[] key = pd.GetBytes (i+1);
312 if (finalKey [j] != key[j]) {
317 Assert.IsTrue (compare, msg + " #" + j);
322 // generate a key at least 1000 bytes and don't reset between operations
323 public void LongRun(string msg, PasswordDeriveBytes pd, byte[] finalKey)
325 int bloc = finalKey.Length;
326 int iter = (int) ((1000 + bloc - 1) / bloc);
328 for (int i=0; i < iter; i++) {
329 pass = pd.GetBytes (bloc);
331 Assert.AreEqual (pass, finalKey, msg);
334 public void Run (string password, byte[] salt, string hashname, int iterations, int getbytes, int lastFourBytes)
336 PasswordDeriveBytes pd = new PasswordDeriveBytes (password, salt, hashname, iterations);
337 byte[] key = pd.GetBytes (getbytes);
338 string msg = "[pwd=" + password;
339 msg += ", salt=" + ((salt == null) ? "null" : salt.Length.ToString ());
340 msg += ", hash=" + hashname;
341 msg += ", iter=" + iterations;
342 msg += ", get=" + getbytes + "]";
343 Assert.AreEqual (lastFourBytes, ToInt32LE (key, key.Length - 4), msg);
347 [ExpectedException (typeof (IndexOutOfRangeException))]
348 public void TooShort ()
350 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "SHA1", 1);
351 byte[] key = pd.GetBytes (0);
354 public void TooLong (string hashName, int size, int lastFourBytes)
356 PasswordDeriveBytes pd = new PasswordDeriveBytes ("toolong", null, hashName, 1);
358 // this should work (we check the last four devired bytes to be sure)
359 byte[] key = pd.GetBytes (size);
360 Assert.AreEqual (lastFourBytes, ToInt32LE (key, size - 4), "Last 4 bytes");
362 // but we can't get another byte from it!
364 key = pd.GetBytes (1);
365 Assert.Fail ("Expected CryptographicException but got none");
367 catch (CryptographicException) {
368 // LAMESPEC: no limit is documented
370 catch (Exception e) {
371 Assert.Fail ("Expected CryptographicException but got " + e.ToString ());
376 public void TooLong ()
378 // 1000 times hash length is the maximum
379 TooLong ("MD5", 16000, 1135777886);
380 TooLong ("SHA1", 20000, -1167918035);
381 TooLong ("SHA256", 32000, -358766048);
382 TooLong ("SHA384", 48000, 1426370534);
383 TooLong ("SHA512", 64000, -1763233543);
387 public void OneIteration ()
389 // (1) size of hash, (2) size of 2 hash
390 Run ("password", salt, "MD5", 1, 16, 986357363);
391 Run ("monomono", null, "MD5", 1, 32, -1092059875);
392 Run ("password", salt, "SHA1", 1, 20, -1251929751);
393 Run ("monomono", null, "SHA1", 1, 40, -1148594972);
394 Run ("password", salt, "SHA256", 1, 32, -1106908309);
395 Run ("monomono", null, "SHA256", 1, 64, 1243724695);
396 Run ("password", salt, "SHA384", 1, 48, 1338639872);
397 Run ("monomono", null, "SHA384", 1, 96, -1974067932);
398 Run ("password", salt, "SHA512", 1, 64, 998927776);
399 Run ("monomono", null, "SHA512", 1, 128, -1082987985);
405 Run ("password", salt, "MD5", 10, 10, -1174247292);
406 Run ("monomono", salt, "SHA1", 20, 20, 622814236);
407 Run ("password", salt, "MD5", 30, 30, 1491759020);
408 Run ("monomono", salt, "SHA1", 40, 40, 1186751819);
409 Run ("password", salt, "MD5", 50, 50, -1416348895);
410 Run ("monomono", salt, "SHA1", 60, 60, -1167799882);
411 Run ("password", salt, "MD5", 70, 70, -695745351);
412 Run ("monomono", salt, "SHA1", 80, 80, 598766793);
413 Run ("password", salt, "MD5", 90, 90, -906351079);
414 Run ("monomono", salt, "SHA1", 100, 100, 1247157997);
418 public void NoSalt ()
420 Run ("password", null, "MD5", 10, 10, -385488886);
421 Run ("password", null, "SHA1", 20, 20, -385953596);
422 Run ("password", null, "MD5", 30, 30, -669295228);
423 Run ("password", null, "SHA1", 40, 40, -1921654064);
424 Run ("password", null, "MD5", 50, 50, -1664099354);
425 Run ("monomono", null, "SHA1", 60, 60, -1988511363);
426 Run ("monomono", null, "MD5", 70, 70, -1326415479);
427 Run ("monomono", null, "SHA1", 80, 80, 158880373);
428 Run ("monomono", null, "MD5", 90, 90, 532527918);
429 Run ("monomono", null, "SHA1", 100, 100, 769250758);
435 const string hashName = "MD5";
436 // getbytes less than hash size
437 Run ("password", null, hashName, 10, 10, -385488886);
438 // getbytes equal to hash size
439 Run ("password", salt, hashName, 20, 16, -470982134);
440 // getbytes more than hash size
441 Run ("password", null, hashName, 30, 30, -669295228);
442 Run ("password", salt, hashName, 40, 40, 892279589);
443 Run ("password", null, hashName, 50, 50, -1664099354);
444 Run ("monomono", salt, hashName, 60, 60, -2050574033);
445 Run ("monomono", null, hashName, 70, 70, -1326415479);
446 Run ("monomono", salt, hashName, 80, 80, 2047895994);
447 Run ("monomono", null, hashName, 90, 90, 532527918);
448 Run ("monomono", salt, hashName, 100, 100, 1522243696);
454 const string hashName = "SHA1";
455 // getbytes less than hash size
456 Run ("password", null, hashName, 10, 10, -852142057);
457 // getbytes equal to hash size
458 Run ("password", salt, hashName, 20, 20, -1096621819);
459 // getbytes more than hash size
460 Run ("password", null, hashName, 30, 30, 1748347042);
461 Run ("password", salt, hashName, 40, 40, 900690664);
462 Run ("password", null, hashName, 50, 50, 2125027038);
463 Run ("monomono", salt, hashName, 60, 60, -1167799882);
464 Run ("monomono", null, hashName, 70, 70, -1967623713);
465 Run ("monomono", salt, hashName, 80, 80, 598766793);
466 Run ("monomono", null, hashName, 90, 90, -1754629926);
467 Run ("monomono", salt, hashName, 100, 100, 1247157997);
471 public void SHA256 ()
473 const string hashName = "SHA256";
474 // getbytes less than hash size
475 Run ("password", null, hashName, 10, 10, -1636557322);
476 Run ("password", salt, hashName, 20, 20, -1403130075);
477 // getbytes equal to hash size
478 Run ("password", null, hashName, 30, 32, -1013167039);
479 // getbytes more than hash size
480 Run ("password", salt, hashName, 40, 40, 379553148);
481 Run ("password", null, hashName, 50, 50, 1031928292);
482 Run ("monomono", salt, hashName, 60, 60, 1933836953);
483 Run ("monomono", null, hashName, 70, 70, -956782587);
484 Run ("monomono", salt, hashName, 80, 80, 1239391711);
485 Run ("monomono", null, hashName, 90, 90, -872090432);
486 Run ("monomono", salt, hashName, 100, 100, -591569127);
490 public void SHA384 ()
492 const string hashName = "SHA384";
493 // getbytes less than hash size
494 Run ("password", null, hashName, 10, 10, 323393534);
495 Run ("password", salt, hashName, 20, 20, -2034683704);
496 Run ("password", null, hashName, 30, 32, 167978389);
497 Run ("password", salt, hashName, 40, 40, 2123410525);
498 // getbytes equal to hash size
499 Run ("password", null, hashName, 50, 48, -47538843);
500 // getbytes more than hash size
501 Run ("monomono", salt, hashName, 60, 60, -118610774);
502 Run ("monomono", null, hashName, 70, 70, 772360425);
503 Run ("monomono", salt, hashName, 80, 80, -1018881215);
504 Run ("monomono", null, hashName, 90, 90, -1585583772);
505 Run ("monomono", salt, hashName, 100, 100, -821501990);
509 public void SHA512 ()
511 const string hashName = "SHA512";
512 // getbytes less than hash size
513 Run ("password", null, hashName, 10, 10, 708870265);
514 Run ("password", salt, hashName, 20, 20, 23889227);
515 Run ("password", null, hashName, 30, 32, 1718904507);
516 Run ("password", salt, hashName, 40, 40, 979228711);
517 Run ("password", null, hashName, 50, 48, 1554003653);
518 // getbytes equal to hash size
519 Run ("monomono", salt, hashName, 60, 64, 1251099126);
520 // getbytes more than hash size
521 Run ("monomono", null, hashName, 70, 70, 1021441810);
522 Run ("monomono", salt, hashName, 80, 80, 640059310);
523 Run ("monomono", null, hashName, 90, 90, 1178147201);
524 Run ("monomono", salt, hashName, 100, 100, 206423887);
527 // get one block after the other
529 public void OneByOne ()
531 byte[] key = { 0x91, 0xDA, 0xF9, 0x9D, 0x7C, 0xA9, 0xB4, 0x42, 0xB8, 0xD9, 0x45, 0xAB, 0x69, 0xEE, 0x12, 0xBC, 0x48, 0xDD, 0x38, 0x74 };
532 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", salt, "SHA1", 1);
533 string msg = "PKCS#5-Long password salt SHA1 (1)";
535 int bloc = key.Length;
536 int iter = (int) ((1000 + bloc - 1) / bloc);
538 for (int i=0; i < iter; i++) {
539 pass = pd.GetBytes (bloc);
541 Assert.AreEqual (pass, key, msg);
545 public void SHA1SaltShortRun ()
547 byte[] key = { 0x0B, 0x61, 0x93, 0x96, 0x3A, 0xFF, 0x0D, 0xFC, 0xF6, 0x3D, 0xA3, 0xDB, 0x34, 0xC2, 0x99, 0x71, 0x69, 0x11, 0x61, 0xB5 };
548 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", salt, "SHA1", 1);
549 string msg = "PKCS#5 password salt SHA1 (1)";
550 ShortRun (msg, pd, key);
554 public void SHA1SaltLongRun ()
556 byte[] key = { 0x91, 0xDA, 0xF9, 0x9D, 0x7C, 0xA9, 0xB4, 0x42, 0xB8, 0xD9, 0x45, 0xAB, 0x69, 0xEE, 0x12, 0xBC, 0x48, 0xDD, 0x38, 0x74 };
557 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", salt, "SHA1", 1);
558 string msg = "PKCS#5-Long password salt SHA1 (1)";
559 LongRun (msg, pd, key);
563 public void SHA1NoSaltShortRun ()
565 byte[] key = { 0x74, 0x61, 0x03, 0x6C, 0xA1, 0xFE, 0x85, 0x3E, 0xD9, 0x3F, 0x03, 0x06, 0x58, 0x45, 0xDE, 0x36, 0x52, 0xEF, 0x4B, 0x68 };
566 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", null, "SHA1", 10);
567 string msg = "PKCS#5 mono null SHA1 (10)";
568 ShortRun (msg, pd, key);
572 public void SHA1NoSaltLongRun ()
574 byte[] key = { 0x3A, 0xF8, 0x33, 0x88, 0x39, 0x61, 0x29, 0x75, 0x5C, 0x17, 0xD2, 0x9E, 0x8A, 0x78, 0xEB, 0xBD, 0x89, 0x1E, 0x4C, 0x67 };
575 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", null, "SHA1", 10);
576 string msg = "PKCS#5-Long mono null SHA1 (10)";
577 LongRun (msg, pd, key);
581 public void MD5SaltShortRun ()
583 byte[] key = { 0xA5, 0x4D, 0x4E, 0xDD, 0x3A, 0x59, 0xAC, 0x98, 0x08, 0xDA, 0xE7, 0xF2, 0x85, 0x2F, 0x7F, 0xF2 };
584 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", salt, "MD5", 100);
585 string msg = "PKCS#5 mono salt MD5 (100)";
586 ShortRun (msg, pd, key);
590 public void MD5SaltLongRun ()
592 byte[] key = { 0x92, 0x51, 0x4D, 0x10, 0xE1, 0x5F, 0xA8, 0x44, 0xEF, 0xFC, 0x0F, 0x1F, 0x6F, 0x3E, 0x40, 0x36 };
593 PasswordDeriveBytes pd = new PasswordDeriveBytes ("mono", salt, "MD5", 100);
594 string msg = "PKCS#5-Long mono salt MD5 (100)";
595 LongRun (msg, pd, key);
599 public void MD5NoSaltShortRun ()
601 byte[] key = { 0x39, 0xEB, 0x82, 0x84, 0xCF, 0x1A, 0x3B, 0x3C, 0xA1, 0xF2, 0x68, 0xAF, 0xBF, 0xAC, 0x41, 0xA6 };
602 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "MD5", 1000);
603 string msg = "PKCS#5 password null MD5 (1000)";
604 ShortRun (msg, pd, key);
608 public void MD5NoSaltLongRun ()
610 byte[] key = { 0x49, 0x3C, 0x00, 0x69, 0xB4, 0x55, 0x21, 0xA4, 0xC9, 0x69, 0x2E, 0xFF, 0xAA, 0xED, 0x4C, 0x72 };
611 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "MD5", 1000);
612 string msg = "PKCS#5-Long password null MD5 (1000)";
613 LongRun (msg, pd, key);
617 public void Properties ()
620 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "MD5", 1000);
621 Assert.AreEqual ("MD5", pd.HashName, "HashName-MD5");
622 Assert.AreEqual (1000, pd.IterationCount, "IterationCount-1000");
623 // ...then change all its properties...
624 pd.HashName = "SHA1";
625 Assert.AreEqual ("SHA1", pd.HashName, "HashName-SHA1");
627 Assert.AreEqual (ssalt, BitConverter.ToString (pd.Salt), "Salt");
628 pd.IterationCount = 1;
629 Assert.AreEqual (1, pd.IterationCount, "IterationCount-1");
630 byte[] expectedKey = { 0x0b, 0x61, 0x93, 0x96 };
631 // ... before using it
632 Assert.AreEqual (expectedKey, pd.GetBytes (4), "PKCS#5 test properties");
633 // it should work but if we try to set any properties after GetBytes
634 // they should all throw an exception
636 pd.HashName = "SHA256";
637 Assert.Fail ("PKCS#5 can't set HashName after GetBytes - expected CryptographicException but got none");
639 catch (CryptographicException) {
640 // do nothing, this is what we expect
642 catch (Exception e) {
643 Assert.Fail ("PKCS#5 can't set HashName after GetBytes - expected CryptographicException but got " + e.ToString ());
646 pd.Salt = expectedKey;
647 Assert.Fail ("PKCS#5 can't set Salt after GetBytes - expected CryptographicException but got none");
649 catch (CryptographicException) {
650 // do nothing, this is what we expect
652 catch (Exception e) {
653 Assert.Fail ("PKCS#5 can't set Salt after GetBytes - expected CryptographicException but got " + e.ToString ());
656 pd.IterationCount = 10;
657 Assert.Fail ("PKCS#5 can't set IterationCount after GetBytes - expected CryptographicException but got none");
659 catch (CryptographicException) {
660 // do nothing, this is what we expect
662 catch (Exception e) {
663 Assert.Fail ("PKCS#5 can't set IterationCount after GetBytes - expected CryptographicException but got " + e.ToString ());
665 // same thing after Reset
668 pd.HashName = "SHA256";
669 Assert.Fail ("PKCS#5 can't set HashName after Reset - expected CryptographicException but got none");
671 catch (CryptographicException) {
672 // do nothing, this is what we expect
674 catch (Exception e) {
675 Assert.Fail ("PKCS#5 can't set HashName after Reset - expected CryptographicException but got " + e.ToString ());
678 pd.Salt = expectedKey;
679 Assert.Fail ("PKCS#5 can't set Salt after Reset - expected CryptographicException but got none");
681 catch (CryptographicException) {
682 // do nothing, this is what we expect
684 catch (Exception e) {
685 Assert.Fail ("PKCS#5 can't set Salt after Reset - expected CryptographicException but got " + e.ToString ());
688 pd.IterationCount = 10;
689 Assert.Fail ("PKCS#5 can't set IterationCount after Reset - expected CryptographicException but got none");
691 catch (CryptographicException) {
692 // do nothing, this is what we expect
694 catch (Exception e) {
695 Assert.Fail ("PKCS#5 can't set IterationCount after Reset - expected CryptographicException but got " + e.ToString ());
699 // FIXME: should we treat this as a bug or as a feature ?
702 [ExpectedException (typeof (NullReferenceException))]
704 public void StrangeBehaviour ()
706 // create object with a salt...
707 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", salt, "MD5", 1000);
708 // ...then change the salt to null
713 [ExpectedException (typeof (CryptographicException))]
714 public void CryptDeriveKey_TooLongKey ()
716 PasswordDeriveBytes pd = new PasswordDeriveBytes ("password", null, "MD5", 1000);
717 pd.CryptDeriveKey ("AlgName", "MD5", 256, new byte [8]);