]>
git.ipfire.org Git - thirdparty/openssl.git/blob - test/recipes/20-test_passwd.t
2 # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
14 use OpenSSL
::Test
::Utils
;
18 # The following tests are an adaptation of those in
19 # https://www.akkadia.org/drepper/SHA-crypt.txt
23 key
=> 'Hello world!',
24 expected
=> '$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5' },
26 salt
=> 'rounds=10000$saltstringsaltstring',
27 key
=> 'Hello world!',
28 expected
=> '$5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2.opqey6IcA' },
30 salt
=> 'rounds=5000$toolongsaltstring',
31 key
=> 'This is just a test',
32 expected
=> '$5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8mGRcvxa5' },
34 salt
=> 'rounds=1400$anotherlongsaltstring',
35 key
=> 'a very much longer text to encrypt. This one even stretches over morethan one line.',
36 expected
=> '$5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12oP84Bnq1' },
38 salt
=> 'rounds=77777$short',
39 key
=> 'we have a short salt string but not a short password',
40 expected
=> '$5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/' },
42 salt
=> 'rounds=123456$asaltof16chars..',
43 key
=> 'a short string',
44 expected
=> '$5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/cZKmF/wJvD' },
46 salt
=> 'rounds=10$roundstoolow',
47 key
=> 'the minimum number is still observed',
48 expected
=> '$5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL972bIC' },
51 key
=> 'Hello world!',
52 expected
=> '$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1' },
54 salt
=> 'rounds=10000$saltstringsaltstring',
55 key
=> 'Hello world!',
56 expected
=> '$6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v.' },
58 salt
=> 'rounds=5000$toolongsaltstring',
59 key
=> 'This is just a test',
60 expected
=> '$6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQzQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0' },
62 salt
=> 'rounds=1400$anotherlongsaltstring',
63 key
=> 'a very much longer text to encrypt. This one even stretches over morethan one line.',
64 expected
=> '$6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wPvMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1' },
66 salt
=> 'rounds=77777$short',
67 key
=> 'we have a short salt string but not a short password',
68 expected
=> '$6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0gge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0' },
70 salt
=> 'rounds=123456$asaltof16chars..',
71 key
=> 'a short string',
72 expected
=> '$6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwcelCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1' },
74 salt
=> 'rounds=10$roundstoolow',
75 key
=> 'the minimum number is still observed',
76 expected
=> '$6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX.' }
79 plan tests
=> (disabled
("des") || disabled
('deprecated-3.0') ?
9 : 11) + scalar @sha_tests;
82 ok
(compare1stline_re
([qw{openssl passwd password
}], '^.{13}\R$'),
83 'crypt password with random salt')
84 if !disabled
("des") && !disabled
('deprecated-3.0');
85 ok
(compare1stline_re
([qw{openssl passwd
-1 password
}], '^\$1\$.{8}\$.{22}\R$'),
86 'BSD style MD5 password with random salt');
87 ok
(compare1stline_re
([qw{openssl passwd
-apr1 password
}], '^\$apr1\$.{8}\$.{22}\R$'),
88 'Apache style MD5 password with random salt');
89 ok
(compare1stline_re
([qw{openssl passwd
-5 password
}], '^\$5\$.{16}\$.{43}\R$'),
90 'SHA256 password with random salt');
91 ok
(compare1stline_re
([qw{openssl passwd
-6 password
}], '^\$6\$.{16}\$.{86}\R$'),
92 'Apache SHA512 password with random salt');
94 ok
(compare1stline
([qw{openssl passwd
-salt xx password
}], 'xxj31ZMTZzkVA'),
95 'crypt password with salt xx')
96 if !disabled
("des") && !disabled
('deprecated-3.0');
97 ok
(compare1stline
([qw{openssl passwd
-salt xxxxxxxx
-1 password
}], '$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.'),
98 'BSD style MD5 password with salt xxxxxxxx');
99 ok
(compare1stline
([qw{openssl passwd
-salt xxxxxxxx
-apr1 password
}], '$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0'),
100 'Apache style MD5 password with salt xxxxxxxx');
101 ok
(compare1stline
([qw{openssl passwd
-salt xxxxxxxx
-aixmd5 password
}], 'xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/'),
102 'AIX style MD5 password with salt xxxxxxxx');
103 ok
(compare1stline
([qw{openssl passwd
-salt xxxxxxxxxxxxxxxx
-5 password
}], '$5$xxxxxxxxxxxxxxxx$fHytsM.wVD..zPN/h3i40WJRggt/1f73XkAC/gkelkB'),
104 'SHA256 password with salt xxxxxxxxxxxxxxxx');
105 ok
(compare1stline
([qw{openssl passwd
-salt xxxxxxxxxxxxxxxx
-6 password
}], '$6$xxxxxxxxxxxxxxxx$VjGUrXBG6/8yW0f6ikBJVOb/lK/Tm9LxHJmFfwMvT7cpk64N9BW7ZQhNeMXAYFbOJ6HDG7wb0QpxJyYQn0rh81'),
106 'SHA512 password with salt xxxxxxxxxxxxxxxx');
108 foreach (@sha_tests) {
109 ok
(compare1stline
([qw{openssl passwd
}, '-'.$_->{type
}, '-salt', $_->{salt
},
110 $_->{key
}], $_->{expected
}),
111 { 5 => 'SHA256', 6 => 'SHA512' }->{$_->{type
}} . ' password with salt ' . $_->{salt
});
115 sub compare1stline_re
{
116 my ($cmdarray, $regexp) = @_;
117 my @lines = run
(app
($cmdarray), capture
=> 1);
119 return $lines[0] =~ m
|$regexp|;
123 my ($cmdarray, $str) = @_;
124 my @lines = run
(app
($cmdarray), capture
=> 1);
126 return $lines[0] =~ m
|^\Q
${str
}\E\R
$|;
projects / thirdparty / openssl.git / blob