@brix-crypto/crypto-js 0.0.1-security → 4.2.2

package/test/config-test.js

@@ -0,0 +1,51 @@
+YUI.add('config-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Config',
+
+        setUp: function () {
+            this.data = {
+                saltA: CryptoJS.enc.Hex.parse('AA00000000000000'),
+                saltB: CryptoJS.enc.Hex.parse('BB00000000000000')
+            };
+        },
+
+        testEncrypt: function () {
+            Y.Assert.areEqual(C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA }).toString(), C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA }).toString());
+            Y.Assert.areNotEqual(C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA }).toString(), C.AES.encrypt('Test', 'Pass', { salt: this.data.saltB }).toString());
+        },
+
+        testDecrypt: function () {
+            var encryptedA = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA });
+            var encryptedB = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltB });
+            Y.Assert.areEqual('Test', C.AES.decrypt(encryptedA, 'Pass').toString(C.enc.Utf8));
+            Y.Assert.areEqual('Test', C.AES.decrypt(encryptedB, 'Pass').toString(C.enc.Utf8));
+        },
+
+        testCustomKDFHasher: function () {
+            //SHA1
+            let encryptedSHA1 = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA, hasher: C.algo.SHA1}).toString();
+            Y.Assert.areEqual('Test', C.AES.decrypt(encryptedSHA1, 'Pass', { hasher: C.algo.SHA1}).toString(C.enc.Utf8));
+
+            //SHA256
+            let encryptedSHA256 = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA, hasher: C.algo.SHA256}).toString();
+            Y.Assert.areEqual('Test', C.AES.decrypt(encryptedSHA256, 'Pass', { hasher: C.algo.SHA256}).toString(C.enc.Utf8));
+
+            //SHA512
+            let encryptedSHA512 = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA, hasher: C.algo.SHA512}).toString();
+            Y.Assert.areEqual('Test', C.AES.decrypt(encryptedSHA512, 'Pass', { hasher: C.algo.SHA512}).toString(C.enc.Utf8));
+
+            //Default: MD5
+            let encryptedDefault = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA }).toString();
+            let encryptedMD5 = C.AES.encrypt('Test', 'Pass', { salt: this.data.saltA, hasher: C.algo.MD5}).toString();
+            Y.Assert.areEqual('Test', C.AES.decrypt(encryptedMD5, 'Pass', { hasher: C.algo.MD5}).toString(C.enc.Utf8));
+            Y.Assert.areEqual(encryptedDefault, encryptedMD5);
+
+            //Different KDFHasher
+            Y.Assert.areNotEqual(encryptedDefault, encryptedSHA1);
+            Y.Assert.areNotEqual(encryptedDefault, encryptedSHA256);
+            Y.Assert.areNotEqual(encryptedDefault, encryptedSHA512);
+        }
+    }));
+}, '$Rev$');

package/test/des-profile.js

@@ -0,0 +1,31 @@
+YUI.add('algo-des-profile', function (Y) {
+    var C = CryptoJS;
+
+    Y.Profiler.add({
+        name: 'DES',
+
+        setUp: function () {
+            this.data = {
+                key: C.enc.Hex.parse('0001020304050607'),
+                iv: C.enc.Hex.parse('08090a0b0c0d0e0f')
+            };
+        },
+
+        profileSinglePartMessage: function () {
+            var singlePartMessage = '';
+            for (var i = 0; i < 100; i++) {
+                singlePartMessage += '12345678901234567890123456789012345678901234567890';
+            }
+
+            C.algo.DES.createEncryptor(this.data.key, { iv: this.data.iv }).finalize(singlePartMessage) + '';
+        },
+
+        profileMultiPartMessage: function () {
+            var des = C.algo.DES.createEncryptor(this.data.key, { iv: this.data.iv });
+            for (var i = 0; i < 100; i++) {
+                des.process('12345678901234567890123456789012345678901234567890') + '';
+            }
+            des.finalize() + '';
+        }
+    });
+}, '$Rev$');

package/test/des-test.js

@@ -0,0 +1,104 @@
+YUI.add('algo-des-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'DES',
+
+        testEncrypt1: function () {
+            Y.Assert.areEqual('95a8d72813daa94d', C.DES.encrypt(C.enc.Hex.parse('0000000000000000'), C.enc.Hex.parse('8000000000000000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt2: function () {
+            Y.Assert.areEqual('1de5279dae3bed6f', C.DES.encrypt(C.enc.Hex.parse('0000000000000000'), C.enc.Hex.parse('0000000000002000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt3: function () {
+            Y.Assert.areEqual('1d1ca853ae7c0c5f', C.DES.encrypt(C.enc.Hex.parse('0000000000002000'), C.enc.Hex.parse('0000000000000000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt4: function () {
+            Y.Assert.areEqual('ac978c247863388f', C.DES.encrypt(C.enc.Hex.parse('3232323232323232'), C.enc.Hex.parse('3232323232323232'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt5: function () {
+            Y.Assert.areEqual('3af1703d76442789', C.DES.encrypt(C.enc.Hex.parse('6464646464646464'), C.enc.Hex.parse('6464646464646464'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt6: function () {
+            Y.Assert.areEqual('a020003c5554f34c', C.DES.encrypt(C.enc.Hex.parse('9696969696969696'), C.enc.Hex.parse('9696969696969696'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testDecrypt1: function () {
+            Y.Assert.areEqual('0000000000000000', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('95a8d72813daa94d') }), C.enc.Hex.parse('8000000000000000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt2: function () {
+            Y.Assert.areEqual('0000000000000000', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('1de5279dae3bed6f') }), C.enc.Hex.parse('0000000000002000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt3: function () {
+            Y.Assert.areEqual('0000000000002000', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('1d1ca853ae7c0c5f') }), C.enc.Hex.parse('0000000000000000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt4: function () {
+            Y.Assert.areEqual('3232323232323232', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('ac978c247863388f') }), C.enc.Hex.parse('3232323232323232'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt5: function () {
+            Y.Assert.areEqual('6464646464646464', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('3af1703d76442789') }), C.enc.Hex.parse('6464646464646464'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt6: function () {
+            Y.Assert.areEqual('9696969696969696', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('a020003c5554f34c') }), C.enc.Hex.parse('9696969696969696'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testMultiPart: function () {
+            var des = C.algo.DES.createEncryptor(C.enc.Hex.parse('0123456789abcdef'), { mode: C.mode.ECB, padding: C.pad.NoPadding });
+            var ciphertext1 = des.process(C.enc.Hex.parse('001122334455'));
+            var ciphertext2 = des.process(C.enc.Hex.parse('66778899aa'));
+            var ciphertext3 = des.process(C.enc.Hex.parse('bbccddeeff'));
+            var ciphertext4 = des.finalize();
+
+            Y.Assert.areEqual(C.DES.encrypt(C.enc.Hex.parse('00112233445566778899aabbccddeeff'), C.enc.Hex.parse('0123456789abcdef'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString(), ciphertext1.concat(ciphertext2).concat(ciphertext3).concat(ciphertext4).toString());
+        },
+
+        testInputIntegrity: function () {
+            var message = C.enc.Hex.parse('00112233445566778899aabbccddeeff');
+            var key = C.enc.Hex.parse('0001020304050607');
+            var iv = C.enc.Hex.parse('08090a0b0c0d0e0f');
+
+            var expectedMessage = message.toString();
+            var expectedKey = key.toString();
+            var expectedIv = iv.toString();
+
+            C.DES.encrypt(message, key, { iv: iv });
+
+            Y.Assert.areEqual(expectedMessage, message.toString());
+            Y.Assert.areEqual(expectedKey, key.toString());
+            Y.Assert.areEqual(expectedIv, iv.toString());
+        },
+
+        testHelper: function () {
+            // Save original random method
+            var random = C.lib.WordArray.random;
+
+            // Replace random method with one that returns a predictable value
+            C.lib.WordArray.random = function (nBytes) {
+                var words = [];
+                for (var i = 0; i < nBytes; i += 4) {
+                    words.push([0x11223344]);
+                }
+
+                return C.lib.WordArray.create(words, nBytes);
+            };
+
+            // Test
+            Y.Assert.areEqual(C.algo.DES.createEncryptor(C.SHA256('Jefe'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).finalize('Hi There').toString(), C.DES.encrypt('Hi There', C.SHA256('Jefe'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+            Y.Assert.areEqual(C.lib.SerializableCipher.encrypt(C.algo.DES, 'Hi There', C.SHA256('Jefe'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString(), C.DES.encrypt('Hi There', C.SHA256('Jefe'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+            Y.Assert.areEqual(C.lib.PasswordBasedCipher.encrypt(C.algo.DES, 'Hi There', 'Jefe', { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString(), C.DES.encrypt('Hi There', 'Jefe', { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+
+            // Restore random method
+            C.lib.WordArray.random = random;
+        }
+    }));
+}, '$Rev$');

package/test/enc-base64-test.js

@@ -0,0 +1,71 @@
+YUI.add('enc-base64-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Base64',
+
+        testStringify0: function () {
+            Y.Assert.areEqual('', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 0)));
+        },
+
+        testStringify1: function () {
+            Y.Assert.areEqual('Zg==', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 1)));
+        },
+
+        testStringify2: function () {
+            Y.Assert.areEqual('Zm8=', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 2)));
+        },
+
+        testStringify3: function () {
+            Y.Assert.areEqual('Zm9v', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 3)));
+        },
+
+        testStringify4: function () {
+            Y.Assert.areEqual('Zm9vYg==', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 4)));
+        },
+
+        testStringify5: function () {
+            Y.Assert.areEqual('Zm9vYmE=', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 5)));
+        },
+
+        testStringify6: function () {
+            Y.Assert.areEqual('Zm9vYmFy', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 6)));
+        },
+
+        testStringify15: function () {
+            Y.Assert.areEqual('Pj4+Pz8/Pj4+Pz8/PS8r', C.enc.Base64.stringify(C.lib.WordArray.create([0x3e3e3e3f, 0x3f3f3e3e, 0x3e3f3f3f, 0x3d2f2b00], 15)));
+        },
+
+        testParse0: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 0).toString(), C.enc.Base64.parse('').toString());
+        },
+
+        testParse1: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 1).toString(), C.enc.Base64.parse('Zg==').toString());
+        },
+
+        testParse2: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 2).toString(), C.enc.Base64.parse('Zm8=').toString());
+        },
+
+        testParse3: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 3).toString(), C.enc.Base64.parse('Zm9v').toString());
+        },
+
+        testParse4: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 4).toString(), C.enc.Base64.parse('Zm9vYg==').toString());
+        },
+
+        testParse5: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 5).toString(), C.enc.Base64.parse('Zm9vYmE=').toString());
+        },
+
+        testParse6: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 6).toString(), C.enc.Base64.parse('Zm9vYmFy').toString());
+        },
+
+        testParse15: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x3e3e3e3f, 0x3f3f3e3e, 0x3e3f3f3f, 0x3d2f2b00], 15).toString(), C.enc.Base64.parse('Pj4+Pz8/Pj4+Pz8/PS8r').toString());
+        }
+    }));
+}, '$Rev$');

package/test/enc-hex-test.js

@@ -0,0 +1,15 @@
+YUI.add('enc-hex-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Hex',
+
+        testStringify: function () {
+            Y.Assert.areEqual('12345678', C.enc.Hex.stringify(C.lib.WordArray.create([0x12345678])));
+        },
+
+        testParse: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x12345678]).toString(), C.enc.Hex.parse('12345678').toString());
+        }
+    }));
+}, '$Rev$');

package/test/enc-latin1-test.js

@@ -0,0 +1,15 @@
+YUI.add('enc-latin1-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Latin1',
+
+        testStringify: function () {
+            Y.Assert.areEqual('\x12\x34\x56\x78', C.enc.Latin1.stringify(C.lib.WordArray.create([0x12345678])));
+        },
+
+        testParse: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x12345678]).toString(), C.enc.Latin1.parse('\x12\x34\x56\x78').toString());
+        }
+    }));
+}, '$Rev$');

package/test/enc-utf16-test.js

@@ -0,0 +1,55 @@
+YUI.add('enc-utf16-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Utf16',
+
+        testStringify1: function () {
+            Y.Assert.areEqual('z', C.enc.Utf16.stringify(C.lib.WordArray.create([0x007a0000], 2)));
+        },
+
+        testStringify2: function () {
+            Y.Assert.areEqual('水', C.enc.Utf16.stringify(C.lib.WordArray.create([0x6c340000], 2)));
+        },
+
+        testStringify3: function () {
+            Y.Assert.areEqual('𐀀', C.enc.Utf16.stringify(C.lib.WordArray.create([0xd800dc00], 4)));
+        },
+
+        testStringify4: function () {
+            Y.Assert.areEqual('𝄞', C.enc.Utf16.stringify(C.lib.WordArray.create([0xd834dd1e], 4)));
+        },
+
+        testStringify5: function () {
+            Y.Assert.areEqual('􏿽', C.enc.Utf16.stringify(C.lib.WordArray.create([0xdbffdffd], 4)));
+        },
+
+        testStringifyLE: function () {
+            Y.Assert.areEqual('􏿽', C.enc.Utf16LE.stringify(C.lib.WordArray.create([0xffdbfddf], 4)));
+        },
+
+        testParse1: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x007a0000], 2).toString(), C.enc.Utf16.parse('z').toString());
+        },
+
+        testParse2: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x6c340000], 2).toString(), C.enc.Utf16.parse('水').toString());
+        },
+
+        testParse3: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xd800dc00], 4).toString(), C.enc.Utf16.parse('𐀀').toString());
+        },
+
+        testParse4: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xd834dd1e], 4).toString(), C.enc.Utf16.parse('𝄞').toString());
+        },
+
+        testParse5: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xdbffdffd], 4).toString(), C.enc.Utf16.parse('􏿽').toString());
+        },
+
+        testParseLE: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xffdbfddf], 4).toString(), C.enc.Utf16LE.parse('􏿽').toString());
+        }
+    }));
+}, '$Rev$');

package/test/enc-utf8-test.js

@@ -0,0 +1,39 @@
+YUI.add('enc-utf8-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Utf8',
+
+        testStringify1: function () {
+            Y.Assert.areEqual('$', C.enc.Utf8.stringify(C.lib.WordArray.create([0x24000000], 1)));
+        },
+
+        testStringify2: function () {
+            Y.Assert.areEqual('¢', C.enc.Utf8.stringify(C.lib.WordArray.create([0xc2a20000], 2)));
+        },
+
+        testStringify3: function () {
+            Y.Assert.areEqual('€', C.enc.Utf8.stringify(C.lib.WordArray.create([0xe282ac00], 3)));
+        },
+
+        testStringify4: function () {
+            Y.Assert.areEqual('𤭢', C.enc.Utf8.stringify(C.lib.WordArray.create([0xf0a4ada2], 4)));
+        },
+
+        testParse1: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x24000000], 1).toString(), C.enc.Utf8.parse('$').toString());
+        },
+
+        testParse2: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xc2a20000], 2).toString(), C.enc.Utf8.parse('¢').toString());
+        },
+
+        testParse3: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xe282ac00], 3).toString(), C.enc.Utf8.parse('€').toString());
+        },
+
+        testParse4: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xf0a4ada2], 4).toString(), C.enc.Utf8.parse('𤭢').toString());
+        }
+    }));
+}, '$Rev$');

package/test/evpkdf-profile.js

@@ -0,0 +1,11 @@
+YUI.add('algo-evpkdf-profile', function (Y) {
+    var C = CryptoJS;
+
+    Y.Profiler.add({
+        name: 'EvpKDF',
+
+        profileKeySize256Iterations20: function () {
+            C.algo.EvpKDF.create({ keySize: 256/32, iterations: 20 }).compute('password', 'ATHENA.MIT.EDUraeburn');
+        }
+    });
+}, '$Rev$');

package/test/evpkdf-test.js

@@ -0,0 +1,32 @@
+YUI.add('algo-evpkdf-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'EvpKDF',
+
+        testVector: function () {
+            Y.Assert.areEqual('fdbdf3419fff98bdb0241390f62a9db35f4aba29d77566377997314ebfc709f20b5ca7b1081f94b1ac12e3c8ba87d05a', C.EvpKDF('password', 'saltsalt', { keySize: (256+128)/32 }).toString());
+        },
+
+        // There are no official test vectors that I could find, and the EVP implementation is short on comments.
+        // Need to use the C code to generate more test vectors.
+        // The iteration count in particular needs to be tested.
+
+        testInputIntegrity: function () {
+            var password = C.lib.WordArray.create([0x12345678]);
+            var salt = C.lib.WordArray.create([0x12345678]);
+
+            var expectedPassword = password.toString();
+            var expectedSalt = salt.toString();
+
+            C.EvpKDF(password, salt);
+
+            Y.Assert.areEqual(expectedPassword, password.toString());
+            Y.Assert.areEqual(expectedSalt, salt.toString());
+        },
+
+        testHelper: function () {
+            Y.Assert.areEqual(C.algo.EvpKDF.create({ keySize: (256+128)/32 }).compute('password', 'saltsalt').toString(), C.EvpKDF('password', 'saltsalt', { keySize: (256+128)/32 }).toString());
+        }
+    }));
+}, '$Rev$');

package/test/format-openssl-test.js

@@ -0,0 +1,37 @@
+YUI.add('format-openssl-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'OpenSSLFormatter',
+
+        setUp: function () {
+            this.data = {};
+
+            this.data.ciphertext = C.lib.WordArray.create([0x00010203, 0x04050607, 0x08090a0b, 0x0c0d0e0f]);
+            this.data.salt = C.lib.WordArray.create([0x01234567, 0x89abcdef]);
+        },
+
+        testSaltedToString: function () {
+            Y.Assert.areEqual(C.enc.Latin1.parse('Salted__').concat(this.data.salt).concat(this.data.ciphertext).toString(C.enc.Base64), C.format.OpenSSL.stringify(C.lib.CipherParams.create({ ciphertext: this.data.ciphertext, salt: this.data.salt })));
+        },
+
+        testUnsaltedToString: function () {
+            Y.Assert.areEqual(this.data.ciphertext.toString(C.enc.Base64), C.format.OpenSSL.stringify(C.lib.CipherParams.create({ ciphertext: this.data.ciphertext })));
+        },
+
+        testSaltedFromString: function () {
+            var openSSLStr = C.format.OpenSSL.stringify(C.lib.CipherParams.create({ ciphertext: this.data.ciphertext, salt: this.data.salt }));
+            var cipherParams = C.format.OpenSSL.parse(openSSLStr);
+
+            Y.Assert.areEqual(this.data.ciphertext.toString(), cipherParams.ciphertext.toString());
+            Y.Assert.areEqual(this.data.salt.toString(), cipherParams.salt.toString());
+        },
+
+        testUnsaltedFromString: function () {
+            var openSSLStr = C.format.OpenSSL.stringify(C.lib.CipherParams.create({ ciphertext: this.data.ciphertext }));
+            var cipherParams = C.format.OpenSSL.parse(openSSLStr);
+
+            Y.Assert.areEqual(this.data.ciphertext.toString(), cipherParams.ciphertext.toString());
+        }
+    }));
+}, '$Rev$');

package/test/hmac-md5-profile.js

@@ -0,0 +1,30 @@
+YUI.add('algo-hmac-md5-profile', function (Y) {
+    var C = CryptoJS;
+
+    Y.Profiler.add({
+        name: 'HMAC MD5',
+
+        setUp: function () {
+            this.data = {
+                key: C.lib.WordArray.random(128/8)
+            };
+        },
+
+        profileSinglePartMessage: function () {
+            var singlePartMessage = '';
+            for (var i = 0; i < 500; i++) {
+                singlePartMessage += '12345678901234567890123456789012345678901234567890';
+            }
+
+            C.algo.HMAC.create(C.algo.MD5, this.data.key).finalize(singlePartMessage) + '';
+        },
+
+        profileMultiPartMessage: function () {
+            var hmac = C.algo.HMAC.create(C.algo.MD5, this.data.key);
+            for (var i = 0; i < 500; i++) {
+                hmac.update('12345678901234567890123456789012345678901234567890');
+            }
+            hmac.finalize() + '';
+        }
+    });
+}, '$Rev$');

package/test/hmac-md5-test.js

@@ -0,0 +1,59 @@
+YUI.add('algo-hmac-md5-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'HMAC MD5',
+
+        testVector1: function () {
+            Y.Assert.areEqual('9294727a3638bb1c13f48ef8158bfc9d', C.HmacMD5('Hi There', C.enc.Hex.parse('0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b')).toString());
+        },
+
+        testVector2: function () {
+            Y.Assert.areEqual('750c783e6ab0b503eaa86e310a5db738', C.HmacMD5('what do ya want for nothing?', 'Jefe').toString());
+        },
+
+        testVector3: function () {
+            Y.Assert.areEqual('56be34521d144c88dbb8c733f0e8b3f6', C.HmacMD5(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString());
+        },
+
+        testVector4: function () {
+            Y.Assert.areEqual('7ee2a3cc979ab19865704644ce13355c', C.HmacMD5('ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'A').toString());
+        },
+
+        testVector5: function () {
+            Y.Assert.areEqual('0e1bd89c43e3e6e3b3f8cf1d5ba4f77a', C.HmacMD5('abcdefghijklmnopqrstuvwxyz', 'A').toString());
+        },
+
+        testUpdate: function () {
+            var hmac = C.algo.HMAC.create(C.algo.MD5, C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+
+            Y.Assert.areEqual(C.HmacMD5(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString(), hmac.finalize().toString());
+        },
+
+        testInputIntegrity: function () {
+            var message = C.lib.WordArray.create([0x12345678]);
+            var key = C.lib.WordArray.create([0x12345678]);
+
+            var expectedMessage = message.toString();
+            var expectedKey = key.toString();
+
+            C.HmacMD5(message, key);
+
+            Y.Assert.areEqual(expectedMessage, message.toString());
+            Y.Assert.areEqual(expectedKey, key.toString());
+        },
+
+        testRespectKeySigBytes: function () {
+            var key = C.lib.WordArray.random(8);
+            key.sigBytes = 4;
+
+            var keyClamped = key.clone();
+            keyClamped.clamp();
+
+            Y.Assert.areEqual(CryptoJS.HmacSHA256("Message", keyClamped).toString(), CryptoJS.HmacSHA256("Message", key).toString());
+        }
+    }));
+}, '$Rev$');

package/test/hmac-sha224-test.js

@@ -0,0 +1,59 @@
+YUI.add('algo-hmac-sha224-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'HMAC SHA224',
+
+        testVector1: function () {
+            Y.Assert.areEqual('4e841ce7a4ae83fbcf71e3cd64bfbf277f73a14680aae8c518ac7861', C.HmacSHA224('Hi There', C.enc.Hex.parse('0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b')).toString());
+        },
+
+        testVector2: function () {
+            Y.Assert.areEqual('a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44', C.HmacSHA224('what do ya want for nothing?', 'Jefe').toString());
+        },
+
+        testVector3: function () {
+            Y.Assert.areEqual('cbff7c2716bbaa7c77bed4f491d3e8456cb6c574e92f672b291acf5b', C.HmacSHA224(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString());
+        },
+
+        testVector4: function () {
+            Y.Assert.areEqual('61bf669da4fdcd8e5c3bd09ebbb4a986d3d1b298d3ca05c511f7aeff', C.HmacSHA224('ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'A').toString());
+        },
+
+        testVector5: function () {
+            Y.Assert.areEqual('16fc69ada3c3edc1fe9144d6b98d93393833ae442bedf681110a1176', C.HmacSHA224('abcdefghijklmnopqrstuvwxyz', 'A').toString());
+        },
+
+        testUpdate: function () {
+            var hmac = C.algo.HMAC.create(C.algo.SHA224, C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+
+            Y.Assert.areEqual(C.HmacSHA224(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString(), hmac.finalize().toString());
+        },
+
+        testInputIntegrity: function () {
+            var message = C.lib.WordArray.create([0x12345678]);
+            var key = C.lib.WordArray.create([0x12345678]);
+
+            var expectedMessage = message.toString();
+            var expectedKey = key.toString();
+
+            C.HmacSHA224(message, key);
+
+            Y.Assert.areEqual(expectedMessage, message.toString());
+            Y.Assert.areEqual(expectedKey, key.toString());
+        },
+
+        testRespectKeySigBytes: function () {
+            var key = C.lib.WordArray.random(8);
+            key.sigBytes = 4;
+
+            var keyClamped = key.clone();
+            keyClamped.clamp();
+
+            Y.Assert.areEqual(CryptoJS.HmacSHA224("Message", keyClamped).toString(), CryptoJS.HmacSHA224("Message", key).toString());
+        }
+    }));
+}, '$Rev$');