diff --git a/tools/test_modules/m29910.pm b/tools/test_modules/m29910.pm index e76177d83..544c0d2db 100644 --- a/tools/test_modules/m29910.pm +++ b/tools/test_modules/m29910.pm @@ -11,23 +11,32 @@ use warnings; use Crypt::Mode::ECB; use Crypt::PBKDF2; +my $ENC_NONCE_SIZE = 8; +my $ENC_KEY_SIZE = 16; +my $ENC_BLOCK_SIZE = 16; + sub module_constraints { [[0, 256], [64, 64], [-1, -1], [-1, -1], [-1, -1]] } sub module_generate_hash { my $word = shift; my $salt = shift; + my $algo = shift // random_number (1, 4); my $iv = shift // random_hex_string (16); my $ct = shift; my $iter = shift // 100000; # pbkdf2 part + my $nb_keys = 1 << ($algo - 1); + + my $key_len = $nb_keys * $ENC_KEY_SIZE; + my $pbkdf2 = Crypt::PBKDF2->new ( hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256), iterations => $iter, - output_len => 16 + output_len => $key_len ); my $salt_bin = pack ("H*", $salt); @@ -36,19 +45,45 @@ sub module_generate_hash my $aes = Crypt::Mode::ECB->new ('AES', 0); + my $aes_key = substr ($key, 0, $ENC_KEY_SIZE); + my $iv_bin = pack ("H*", $iv); + my @ivs; + + $ivs[0] = $iv_bin; + + for (my $i = 1; $i < $nb_keys; $i++) + { + my $next8 = substr ($key, $i * $ENC_KEY_SIZE, $ENC_NONCE_SIZE); ## its strange to skip 8 byte of key material every 16 byte + + $ivs[$i] = xor_len ($iv_bin, $next8, 8); + } + my $ctr_len = 16; my $ctr; - for (my $i = 0, my $counter = 1; $i < ($ctr_len >> 4); $i++, $counter++) + for (my $i = 0, my $counter = 1; $i < ($ctr_len / $ENC_BLOCK_SIZE); $i++, $counter++) { - my $tmp_iv = $iv_bin . pack ("Q>", $counter); + my $counter_be = pack ("Q>", $counter); - $tmp_iv = $aes->encrypt ($tmp_iv, $key); + my $tmp_iv = $ivs[0] . $counter_be; - $ctr .= $tmp_iv; + my $enc = $aes->encrypt ($tmp_iv, $aes_key); + + my $out = $enc; + + for (my $i = 1; $i < $nb_keys; $i++) + { + my $tmp_iv = $ivs[$i] . $counter_be; + + my $enc = $aes->encrypt ($tmp_iv, $aes_key); + + $out = xor_len ($enc, $out, $ENC_BLOCK_SIZE); + } + + $ctr .= $out; } my $pt_bin; @@ -75,7 +110,7 @@ sub module_generate_hash my $ct_bin = xor_len (substr ($ctr, 4, 4), $pt_bin, 4); - my $hash = sprintf ('$encdv-pbkdf2$1$1$%s$%s$32$%s$%d', unpack ("H*", $iv_bin), unpack ("H*", $ct_bin), unpack ("H*", $salt_bin), $iter); + my $hash = sprintf ('$encdv-pbkdf2$1$%d$%s$%s$32$%s$%d', $algo, unpack ("H*", $iv_bin), unpack ("H*", $ct_bin), unpack ("H*", $salt_bin), $iter); return $hash; } @@ -93,11 +128,11 @@ sub module_verify_hash return unless substr ($hash, 0, 14) eq '$encdv-pbkdf2$'; - my (undef, $signature, $version, $algo_id, $iv, $ct, $salt_len, $salt, $iter) = split '\$', $hash; + my (undef, $signature, $version, $algo, $iv, $ct, $salt_len, $salt, $iter) = split '\$', $hash; return unless defined $signature; return unless defined $version; - return unless defined $algo_id; + return unless defined $algo; return unless defined $iv; return unless defined $ct; return unless defined $salt_len; @@ -105,12 +140,13 @@ sub module_verify_hash return unless defined $iter; return unless ($version == 1); - return unless ($algo_id == 1); + return unless ($algo >= 1); + return unless ($algo <= 4); return unless ($salt_len == 32); my $word_packed = pack_if_HEX_notation ($word); - my $new_hash = module_generate_hash ($word_packed, $salt, $iv, $ct, $iter); + my $new_hash = module_generate_hash ($word_packed, $salt, $algo, $iv, $ct, $iter); return ($new_hash, $word); }