Add dynamic key length support for -m 29910 unit test

2 years ago · 9ae37c9361
parent a63dc50b08
commit 9ae37c9361
1 changed files with 46 additions and 10 deletions
--- a/tools/test_modules/m29910.pm
+++ b/tools/test_modules/m29910.pm
@ -11,23 +11,32 @@ use warnings;
 use Crypt::Mode::ECB;
 use Crypt::PBKDF2;

+my $ENC_NONCE_SIZE = 8;
+my $ENC_KEY_SIZE   = 16;
+my $ENC_BLOCK_SIZE = 16;
+
 sub module_constraints { [[0, 256], [64, 64], [-1, -1], [-1, -1], [-1, -1]] }

 sub module_generate_hash
 {
  my $word  = shift;
  my $salt  = shift;
+  my $algo  = shift // random_number (1, 4);
  my $iv    = shift // random_hex_string (16);
  my $ct    = shift;
  my $iter  = shift // 100000;

  # pbkdf2 part

+  my $nb_keys = 1 << ($algo - 1);
+
+  my $key_len = $nb_keys * $ENC_KEY_SIZE;
+
  my $pbkdf2 = Crypt::PBKDF2->new
  (
    hasher     => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
    iterations => $iter,
-    output_len => 16
+    output_len => $key_len
  );

  my $salt_bin = pack ("H*", $salt);
@ -36,19 +45,45 @@ sub module_generate_hash

  my $aes = Crypt::Mode::ECB->new ('AES', 0);

+  my $aes_key = substr ($key, 0, $ENC_KEY_SIZE);
+
  my $iv_bin = pack ("H*", $iv);

+  my @ivs;
+
+  $ivs[0] = $iv_bin;
+
+  for (my $i = 1; $i < $nb_keys; $i++)
+  {
+    my $next8 = substr ($key, $i * $ENC_KEY_SIZE, $ENC_NONCE_SIZE); ## its strange to skip 8 byte of key material every 16 byte
+
+    $ivs[$i] = xor_len ($iv_bin, $next8, 8);
+  }
+
  my $ctr_len = 16;

  my $ctr;

-  for (my $i = 0, my $counter = 1; $i < ($ctr_len >> 4); $i++, $counter++)
+  for (my $i = 0, my $counter = 1; $i < ($ctr_len / $ENC_BLOCK_SIZE); $i++, $counter++)
  {
-    my $tmp_iv = $iv_bin . pack ("Q>", $counter);
+    my $counter_be = pack ("Q>", $counter);
+
+    my $tmp_iv = $ivs[0] . $counter_be;
+
+    my $enc = $aes->encrypt ($tmp_iv, $aes_key);
+
+    my $out = $enc;

-    $tmp_iv = $aes->encrypt ($tmp_iv, $key);
+    for (my $i = 1; $i < $nb_keys; $i++)
+    {
+      my $tmp_iv = $ivs[$i] . $counter_be;
+
+      my $enc = $aes->encrypt ($tmp_iv, $aes_key);
+
+      $out = xor_len ($enc, $out, $ENC_BLOCK_SIZE);
+    }

-    $ctr .= $tmp_iv;
+    $ctr .= $out;
  }

  my $pt_bin;
@ -75,7 +110,7 @@ sub module_generate_hash

  my $ct_bin = xor_len (substr ($ctr, 4, 4), $pt_bin, 4);

-  my $hash = sprintf ('$encdv-pbkdf2$1$1$%s$%s$32$%s$%d', unpack ("H*", $iv_bin), unpack ("H*", $ct_bin), unpack ("H*", $salt_bin), $iter);
+  my $hash = sprintf ('$encdv-pbkdf2$1$%d$%s$%s$32$%s$%d', $algo, unpack ("H*", $iv_bin), unpack ("H*", $ct_bin), unpack ("H*", $salt_bin), $iter);

  return $hash;
 }
@ -93,11 +128,11 @@ sub module_verify_hash

  return unless substr ($hash, 0, 14) eq '$encdv-pbkdf2$';

-  my (undef, $signature, $version, $algo_id, $iv, $ct, $salt_len, $salt, $iter) = split '\$', $hash;
+  my (undef, $signature, $version, $algo, $iv, $ct, $salt_len, $salt, $iter) = split '\$', $hash;

  return unless defined $signature;
  return unless defined $version;
-  return unless defined $algo_id;
+  return unless defined $algo;
  return unless defined $iv;
  return unless defined $ct;
  return unless defined $salt_len;
@ -105,12 +140,13 @@ sub module_verify_hash
  return unless defined $iter;

  return unless ($version == 1);
-  return unless ($algo_id == 1);
+  return unless ($algo >= 1);
+  return unless ($algo <= 4);
  return unless ($salt_len == 32);

  my $word_packed = pack_if_HEX_notation ($word);

-  my $new_hash = module_generate_hash ($word_packed, $salt, $iv, $ct, $iter);
+  my $new_hash = module_generate_hash ($word_packed, $salt, $algo, $iv, $ct, $iter);

  return ($new_hash, $word);
 }