Last active
June 7, 2020 04:43
-
-
Save jakcron/ab05a200e5a6b53c77f28ebfc6342885 to your computer and use it in GitHub Desktop.
PBKDF2 Test Vectors by Andrey Zholos http://althenia.net/svn/stackoverflow/pbkdf2-test-vectors.py?peg=6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PBKDF2 HMAC-SHA1 Test Vectors | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 1 | |
dkLen = 20 | |
Output: | |
DK = 0c 60 c8 0f 96 1f 0e 71 | |
f3 a9 b5 24 af 60 12 06 | |
2f e0 37 a6 (20 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 2 | |
dkLen = 20 | |
Output: | |
DK = ea 6c 01 4d c7 2d 6f 8c | |
cd 1e d9 2a ce 1d 41 f0 | |
d8 de 89 57 (20 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 4096 | |
dkLen = 20 | |
Output: | |
DK = 4b 00 79 01 b7 65 48 9a | |
be ad 49 d9 26 f7 21 d0 | |
65 a4 29 c1 (20 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 16777216 | |
dkLen = 20 | |
Output: | |
DK = ee fe 3d 61 cd 4d a4 e4 | |
e9 94 5b 3d 6b a2 15 8c | |
26 34 e9 84 (20 octets) | |
Input: | |
P = "passwordPASSWORDpassword" (24 octets) | |
S = "saltSALTsaltSALTsaltSALTsaltSALTsalt" (36 octets) | |
c = 4096 | |
dkLen = 25 | |
Output: | |
DK = 3d 2e ec 4f e4 1c 84 9b | |
80 c8 d8 36 62 c0 e4 4a | |
8b 29 1a 96 4c f2 f0 70 | |
38 (25 octets) | |
Input: | |
P = "pass\0word" (9 octets) | |
S = "sa\0lt" (5 octets) | |
c = 4096 | |
dkLen = 16 | |
Output: | |
DK = 56 fa 6a a7 55 48 09 9d | |
cc 37 d7 f0 34 25 e0 c3 (16 octets) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PBKDF2 HMAC-SHA224 Test Vectors | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 1 | |
dkLen = 28 | |
Output: | |
DK = 3c 19 8c bd b9 46 4b 78 | |
57 96 6b d0 5b 7b c9 2b | |
c1 cc 4e 6e 63 15 5d 4e | |
49 05 57 fd (28 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 2 | |
dkLen = 28 | |
Output: | |
DK = 93 20 0f fa 96 c5 77 6d | |
38 fa 10 ab df 8f 5b fc | |
00 54 b9 71 85 13 df 47 | |
2d 23 31 d2 (28 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 4096 | |
dkLen = 28 | |
Output: | |
DK = 21 8c 45 3b f9 06 35 bd | |
0a 21 a7 5d 17 27 03 ff | |
61 08 ef 60 3f 65 bb 82 | |
1a ed ad e1 (28 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 16777216 | |
dkLen = 28 | |
Output: | |
DK = b4 99 25 18 4c b4 b5 59 | |
f3 65 e9 4f ca fc d4 cd | |
b9 f7 ae f4 a8 ca 8f cb | |
4b d1 ec 53 (28 octets) | |
Input: | |
P = "passwordPASSWORDpassword" (24 octets) | |
S = "saltSALTsaltSALTsaltSALTsaltSALTsalt" (36 octets) | |
c = 4096 | |
dkLen = 35 | |
Output: | |
DK = 05 6c 4b a4 38 de d9 1f | |
c1 4e 05 94 e6 f5 2b 87 | |
e1 f3 69 0c 0d c0 fb c0 | |
57 84 ed 9a 75 4c a7 80 | |
e6 c0 17 (35 octets) | |
Input: | |
P = "pass\0word" (9 octets) | |
S = "sa\0lt" (5 octets) | |
c = 4096 | |
dkLen = 16 | |
Output: | |
DK = 9b 40 11 b6 41 f4 0a 2a | |
50 0a 31 d4 a3 92 d1 5c (16 octets) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PBKDF2 HMAC-SHA256 Test Vectors | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 1 | |
dkLen = 32 | |
Output: | |
DK = 12 0f b6 cf fc f8 b3 2c | |
43 e7 22 52 56 c4 f8 37 | |
a8 65 48 c9 2c cc 35 48 | |
08 05 98 7c b7 0b e1 7b (32 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 2 | |
dkLen = 32 | |
Output: | |
DK = ae 4d 0c 95 af 6b 46 d3 | |
2d 0a df f9 28 f0 6d d0 | |
2a 30 3f 8e f3 c2 51 df | |
d6 e2 d8 5a 95 47 4c 43 (32 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 4096 | |
dkLen = 32 | |
Output: | |
DK = c5 e4 78 d5 92 88 c8 41 | |
aa 53 0d b6 84 5c 4c 8d | |
96 28 93 a0 01 ce 4e 11 | |
a4 96 38 73 aa 98 13 4a (32 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 16777216 | |
dkLen = 32 | |
Output: | |
DK = cf 81 c6 6f e8 cf c0 4d | |
1f 31 ec b6 5d ab 40 89 | |
f7 f1 79 e8 9b 3b 0b cb | |
17 ad 10 e3 ac 6e ba 46 (32 octets) | |
Input: | |
P = "passwordPASSWORDpassword" (24 octets) | |
S = "saltSALTsaltSALTsaltSALTsaltSALTsalt" (36 octets) | |
c = 4096 | |
dkLen = 40 | |
Output: | |
DK = 34 8c 89 db cb d3 2b 2f | |
32 d8 14 b8 11 6e 84 cf | |
2b 17 34 7e bc 18 00 18 | |
1c 4e 2a 1f b8 dd 53 e1 | |
c6 35 51 8c 7d ac 47 e9 (40 octets) | |
Input: | |
P = "pass\0word" (9 octets) | |
S = "sa\0lt" (5 octets) | |
c = 4096 | |
dkLen = 16 | |
Output: | |
DK = 89 b6 9d 05 16 f8 29 89 | |
3c 69 62 26 65 0a 86 87 (16 octets) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PBKDF2 HMAC-SHA384 Test Vectors | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 1 | |
dkLen = 48 | |
Output: | |
DK = c0 e1 4f 06 e4 9e 32 d7 | |
3f 9f 52 dd f1 d0 c5 c7 | |
19 16 09 23 36 31 da dd | |
76 a5 67 db 42 b7 86 76 | |
b3 8f c8 00 cc 53 dd b6 | |
42 f5 c7 44 42 e6 2b e4 (48 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 2 | |
dkLen = 48 | |
Output: | |
DK = 54 f7 75 c6 d7 90 f2 19 | |
30 45 91 62 fc 53 5d bf | |
04 a9 39 18 51 27 01 6a | |
04 17 6a 07 30 c6 f1 f4 | |
fb 48 83 2a d1 26 1b aa | |
dd 2c ed d5 08 14 b1 c8 (48 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 4096 | |
dkLen = 48 | |
Output: | |
DK = 55 97 26 be 38 db 12 5b | |
c8 5e d7 89 5f 6e 3c f5 | |
74 c7 a0 1c 08 0c 34 47 | |
db 1e 8a 76 76 4d eb 3c | |
30 7b 94 85 3f be 42 4f | |
64 88 c5 f4 f1 28 96 26 (48 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 16777216 | |
dkLen = 48 | |
Output: | |
DK = a7 fd b3 49 ba 2b fa 6b | |
f6 47 bb 01 61 ba e1 32 | |
0d f2 7e 64 0a 04 e8 f1 | |
11 48 c8 12 29 e2 13 1a | |
f1 79 c3 b3 42 3b 38 ab | |
f7 63 df e2 08 c1 fb 67 (48 octets) | |
Input: | |
P = "passwordPASSWORDpassword" (24 octets) | |
S = "saltSALTsaltSALTsaltSALTsaltSALTsalt" (36 octets) | |
c = 4096 | |
dkLen = 60 | |
Output: | |
DK = 81 91 43 ad 66 df 9a 55 | |
25 59 b9 e1 31 c5 2a e6 | |
c5 c1 b0 ee d1 8f 4d 28 | |
3b 8c 5c 9e ae b9 2b 39 | |
2c 14 7c c2 d2 86 9d 58 | |
ff e2 f7 da 13 d1 5f 8d | |
92 57 21 f0 ed 1a fa fa | |
24 48 0d 55 (60 octets) | |
Input: | |
P = "pass\0word" (9 octets) | |
S = "sa\0lt" (5 octets) | |
c = 4096 | |
dkLen = 16 | |
Output: | |
DK = a3 f0 0a c8 65 7e 09 5f | |
8e 08 23 d2 32 fc 60 b3 (16 octets) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PBKDF2 HMAC-SHA512 Test Vectors | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 1 | |
dkLen = 64 | |
Output: | |
DK = 86 7f 70 cf 1a de 02 cf | |
f3 75 25 99 a3 a5 3d c4 | |
af 34 c7 a6 69 81 5a e5 | |
d5 13 55 4e 1c 8c f2 52 | |
c0 2d 47 0a 28 5a 05 01 | |
ba d9 99 bf e9 43 c0 8f | |
05 02 35 d7 d6 8b 1d a5 | |
5e 63 f7 3b 60 a5 7f ce (64 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 2 | |
dkLen = 64 | |
Output: | |
DK = e1 d9 c1 6a a6 81 70 8a | |
45 f5 c7 c4 e2 15 ce b6 | |
6e 01 1a 2e 9f 00 40 71 | |
3f 18 ae fd b8 66 d5 3c | |
f7 6c ab 28 68 a3 9b 9f | |
78 40 ed ce 4f ef 5a 82 | |
be 67 33 5c 77 a6 06 8e | |
04 11 27 54 f2 7c cf 4e (64 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 4096 | |
dkLen = 64 | |
Output: | |
DK = d1 97 b1 b3 3d b0 14 3e | |
01 8b 12 f3 d1 d1 47 9e | |
6c de bd cc 97 c5 c0 f8 | |
7f 69 02 e0 72 f4 57 b5 | |
14 3f 30 60 26 41 b3 d5 | |
5c d3 35 98 8c b3 6b 84 | |
37 60 60 ec d5 32 e0 39 | |
b7 42 a2 39 43 4a f2 d5 (64 octets) | |
Input: | |
P = "password" (8 octets) | |
S = "salt" (4 octets) | |
c = 16777216 | |
dkLen = 64 | |
Output: | |
DK = 61 80 a3 ce ab ab 45 cc | |
39 64 11 2c 81 1e 01 31 | |
bc a9 3a 35 d1 7e 83 3e | |
bc 22 1a 40 bd 75 8a e8 | |
32 88 02 89 6e 40 a5 4d | |
2b e2 1c 7d d8 e6 65 f6 | |
49 0a bb bd ff 6c 55 90 | |
bc 65 6c 9d 0b 3d ad 2a (64 octets) | |
Input: | |
P = "passwordPASSWORDpassword" (24 octets) | |
S = "saltSALTsaltSALTsaltSALTsaltSALTsalt" (36 octets) | |
c = 4096 | |
dkLen = 80 | |
Output: | |
DK = 8c 05 11 f4 c6 e5 97 c6 | |
ac 63 15 d8 f0 36 2e 22 | |
5f 3c 50 14 95 ba 23 b8 | |
68 c0 05 17 4d c4 ee 71 | |
11 5b 59 f9 e6 0c d9 53 | |
2f a3 3e 0f 75 ae fe 30 | |
22 5c 58 3a 18 6c d8 2b | |
d4 da ea 97 24 a3 d3 b8 | |
04 f7 5b dd 41 49 4f a3 | |
24 ca b2 4b cc 68 0f b3 (80 octets) | |
Input: | |
P = "pass\0word" (9 octets) | |
S = "sa\0lt" (5 octets) | |
c = 4096 | |
dkLen = 16 | |
Output: | |
DK = 9d 9e 9c 4c d2 1f e4 be | |
24 d5 b8 24 4c 75 96 65 (16 octets) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import getopt | |
import hashlib | |
import hmac | |
import struct | |
import sys | |
class prf: | |
def __init__(self, digest): | |
self.digest = digest | |
self.digest_size = digest().digest_size | |
def __call__(self, key, data): | |
return hmac.new(key, data, self.digest).digest() | |
def INT(i): | |
assert i > 0 | |
return struct.pack('>I', i) | |
def xor(A, B): | |
return ''.join([chr(ord(a) ^ ord(b)) for a, b in zip(A, B)]) | |
# RFC 2898, section 5.2 | |
def pbkdf2(P, S, c, dkLen, PRF): | |
hLen = PRF.digest_size | |
if dkLen > (2**32 - 1) * hLen: | |
raise Exception('derived key too long') | |
l = -(-dkLen // hLen) | |
r = dkLen - (l - 1) * hLen | |
def F(i): | |
def U(): | |
U = S + INT(i) | |
for j in range(c): | |
U = PRF(P, U) | |
yield U | |
return reduce(xor, U()) | |
T = map(F, range(1, l+1)) | |
DK = ''.join(T[:-1]) + T[-1][:r] | |
return DK | |
# RFC 6070 format | |
def print_str(name, s): | |
print ' %s = "%s" (%d octets)' % (name, s.replace("\0", "\\0"), len(s)) | |
def print_int(name, i): | |
print ' %s = %d' % (name, i) | |
def print_hex(name, s): | |
print ' %s =' % name, | |
for i in range(len(s)): | |
print '%02x%s' % (ord(s[i]), | |
'\n ' if i % 8 == 7 and i + 1 < len(s) else ''), | |
print '%s(%d octets)' % (' ' * (-len(s) % 8), len(s)) | |
def test(P, S, c, dkLen, PRF): | |
print 'Input:' | |
print_str("P", P) | |
print_str("S", S) | |
print_int("c", c) | |
print_int("dkLen", dkLen) | |
DK = pbkdf2(P, S, c, dkLen, PRF) | |
print 'Output:' | |
print_hex("DK", DK) | |
if __name__ == '__main__': | |
def usage(): | |
sys.exit('%s [-b 20] sha1 sha256 ...' % sys.argv[0]) | |
opts, args = getopt.getopt(sys.argv[1:], 'b:') | |
opt_b = None | |
for opt, arg in opts: | |
if opt == '-b': | |
opt_b = int(arg) | |
else: | |
usage() | |
if not args: | |
usage() | |
for name in args: | |
print 'PBKDF2 HMAC-%s Test Vectors' % name.upper() | |
PRF = prf(hashlib.new(name).copy) | |
block = opt_b or PRF.digest_size | |
test("password", "salt", 1, block, PRF) | |
test("password", "salt", 2, block, PRF) | |
test("password", "salt", 4096, block, PRF) | |
test("password", "salt", 16777216, block, PRF) | |
test("passwordPASSWORDpassword", | |
"saltSALTsaltSALTsaltSALTsaltSALTsalt", 4096, block // 4 * 5, PRF) | |
test("pass\0word", "sa\0lt", 4096, 16, PRF) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment