diff options
Diffstat (limited to 'tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp')
-rw-r--r-- | tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp | 92 |
1 files changed, 63 insertions, 29 deletions
diff --git a/tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp b/tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp index bbd6c72ca8..1876c955af 100644 --- a/tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp +++ b/tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp @@ -1,45 +1,79 @@ -/**************************************************************************** -** -** Copyright (C) 2018 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the test suite of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:GPL-EXCEPT$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 3 as published by the Free Software -** Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - -#include <QtTest/QtTest> +// Copyright (C) 2018 The Qt Company Ltd. +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only + +#include <QTest> #include <QtNetwork/qpassworddigestor.h> +#include <QtCore/qcryptographichash.h> #include <QtCore/QByteArray> +#include <limits> + class tst_QPasswordDigestor : public QObject { Q_OBJECT private Q_SLOTS: + void inputSanityChecks(); void pbkdf1Vectors_data(); void pbkdf1Vectors(); void pbkdf2Vectors_data(); void pbkdf2Vectors(); }; +void tst_QPasswordDigestor::inputSanityChecks() +{ + const QByteArray pass("password"); + const QByteArray salt("saltsalt"); +#ifndef QT_CRYPTOGRAPHICHASH_ONLY_SHA1 + //1. PBKDF1 supports only SHA1 and (if not disabled in Qt) MD5 algorithms. + QTest::ignoreMessage(QtWarningMsg, "The only supported algorithms for pbkdf1 are SHA-1 and MD5!"); + auto derivedKey = QPasswordDigestor::deriveKeyPbkdf1(QCryptographicHash::Sha224, pass, salt, 2, 48); + QCOMPARE(derivedKey, QByteArray()); +#endif // QT_CRYPTOGRAPHICHASH_ONLY_SHA1 + + // 2. Salt size must be == 8: + QTest::ignoreMessage(QtWarningMsg, "The salt must be 8 bytes long!"); + derivedKey = QPasswordDigestor::deriveKeyPbkdf1(QCryptographicHash::Sha1, pass, "salt", 2, 48); + QCOMPARE(derivedKey, QByteArray()); + + // 3. An illegal number of iterations (0): + derivedKey = QPasswordDigestor::deriveKeyPbkdf1(QCryptographicHash::Sha1, pass, salt, 0, 48); + QCOMPARE(derivedKey, QByteArray()); + + // 4. An illegal number of iterations (-10): + derivedKey = QPasswordDigestor::deriveKeyPbkdf1(QCryptographicHash::Sha1, pass, salt, -10, 48); + QCOMPARE(derivedKey, QByteArray()); + + // 5. An invalid key size (0): + derivedKey = QPasswordDigestor::deriveKeyPbkdf1(QCryptographicHash::Sha1, + "password", "saltsalt", 1, 0); + QCOMPARE(derivedKey, QByteArray()); + + // 6. Requested key is too large: + QTest::ignoreMessage(QtWarningMsg, "Derived key too long:\n" + " QCryptographicHash::Sha1 was chosen which" + " produces output of length 20 but 120 was requested."); + derivedKey = QPasswordDigestor::deriveKeyPbkdf1(QCryptographicHash::Sha1, pass, salt, 1, + quint64(QCryptographicHash::hashLength(QCryptographicHash::Sha1) + 100)); + QCOMPARE(derivedKey, QByteArray()); + + // 7. Key size is too large, max is quint64(std::numeric_limits<quint32>::max() - 1) * hashLen + const auto invalidDkLen = quint64(QCryptographicHash::hashLength(QCryptographicHash::Sha1)) + * (std::numeric_limits<quint32>::max() - 1) + 1; + QTest::ignoreMessage(QtWarningMsg, "Derived key too long:\n" + "QCryptographicHash::Sha1 was chosen which produces output" + " of length 85899345880 but 85899345881 was requested."); + derivedKey = QPasswordDigestor::deriveKeyPbkdf2(QCryptographicHash::Sha1, pass, salt, 1, invalidDkLen); + QCOMPARE(derivedKey, QByteArray()); + + // 8. Invalid number of iterations. + derivedKey = QPasswordDigestor::deriveKeyPbkdf2(QCryptographicHash::Sha1, pass, salt, 0, 100); + QCOMPARE(derivedKey, QByteArray()); + + // 9. Invalid (negative) number of iterations. + derivedKey = QPasswordDigestor::deriveKeyPbkdf2(QCryptographicHash::Sha1, pass, salt, -100, 100); + QCOMPARE(derivedKey, QByteArray()); +} + void tst_QPasswordDigestor::pbkdf1Vectors_data() { QTest::addColumn<QCryptographicHash::Algorithm>("algorithm"); |