- Added PKCS#5 PBKDF2 key derivation function
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index a1e311f..18d5ad4 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -52,6 +52,7 @@
add_test_suite(md)
add_test_suite(mdx)
add_test_suite(mpi)
+add_test_suite(pbkdf2)
add_test_suite(pkcs1_v21)
add_test_suite(shax)
add_test_suite(rsa)
diff --git a/tests/Makefile b/tests/Makefile
index 13342f8..2ebb9f5 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -33,7 +33,8 @@
test_suite_error test_suite_gcm.decrypt \
test_suite_gcm.decrypt test_suite_hmac_shax \
test_suite_md test_suite_mdx \
- test_suite_mpi test_suite_pkcs1_v21 \
+ test_suite_mpi test_suite_pbkdf2 \
+ test_suite_pkcs1_v21 \
test_suite_rsa test_suite_shax \
test_suite_x509parse test_suite_x509write \
test_suite_xtea test_suite_version
@@ -154,6 +155,10 @@
echo " CC $@.c"
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
+test_suite_pbkdf2: test_suite_pbkdf2.c ../library/libpolarssl.a
+ echo " CC $@.c"
+ $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
+
test_suite_pkcs1_v21: test_suite_pkcs1_v21.c ../library/libpolarssl.a
echo " CC $@.c"
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
diff --git a/tests/suites/test_suite_pbkdf2.data b/tests/suites/test_suite_pbkdf2.data
new file mode 100644
index 0000000..1ac2be7
--- /dev/null
+++ b/tests/suites/test_suite_pbkdf2.data
@@ -0,0 +1,14 @@
+PBKDF2 RFC 6070 Test Vector #1 (SHA1)
+pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":1:20:"0c60c80f961f0e71f3a9b524af6012062fe037a6"
+
+PBKDF2 RFC 6070 Test Vector #2 (SHA1)
+pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":2:20:"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
+
+PBKDF2 RFC 6070 Test Vector #3 (SHA1)
+pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f7264":"73616c74":4096:20:"4b007901b765489abead49d926f721d065a429c1"
+
+PBKDF2 RFC 6070 Test Vector #5 (SHA1)
+pbkdf2_hmac:POLARSSL_MD_SHA1:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
+
+PBKDF2 RFC 6070 Test Vector #6 (SHA1)
+pbkdf2_hmac:POLARSSL_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3"
diff --git a/tests/suites/test_suite_pbkdf2.function b/tests/suites/test_suite_pbkdf2.function
new file mode 100644
index 0000000..907f478
--- /dev/null
+++ b/tests/suites/test_suite_pbkdf2.function
@@ -0,0 +1,39 @@
+BEGIN_HEADER
+#include <polarssl/pbkdf2.h>
+END_HEADER
+
+BEGIN_DEPENDENCIES
+depends_on:POLARSSL_PBKDF2_C
+END_DEPENDENCIES
+
+BEGIN_CASE
+pbkdf2_hmac:hash:hex_password_string:hex_salt_string:it_cnt:key_len:result_key_string
+{
+ unsigned char pw_str[100];
+ unsigned char salt_str[100];
+ unsigned char dst_str[100];
+
+ md_context_t ctx;
+ const md_info_t *info;
+
+ int pw_len, salt_len;
+ unsigned char key[100];
+
+ memset(pw_str, 0x00, 100);
+ memset(salt_str, 0x00, 100);
+ memset(dst_str, 0x00, 100);
+
+ pw_len = unhexify( pw_str, {hex_password_string} );
+ salt_len = unhexify( salt_str, {hex_salt_string} );
+
+
+ info = md_info_from_type( {hash} );
+ TEST_ASSERT( info != NULL );
+ TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
+ TEST_ASSERT( pbkdf2_hmac( &ctx, pw_str, pw_len, salt_str, salt_len,
+ {it_cnt}, {key_len}, key ) == 0 );
+
+ hexify( dst_str, key, {key_len} );
+ TEST_ASSERT( strcmp( (char *) dst_str, {result_key_string} ) == 0 );
+}
+END_CASE