crypto/external/bsd/heimdal/dist/lib/krb5/test_fx.c

   1 /*      $NetBSD: test_fx.c,v 1.1.1.2 2014/04/24 12:45:51 pettai Exp $   */
   2
   3 /*
   4  * Copyright (c) 2009 Kungliga Tekniska Högskolan
   5  * (Royal Institute of Technology, Stockholm, Sweden).
   6  * All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in the
  17  *    documentation and/or other materials provided with the distribution.
  18  *
  19  * 3. Neither the name of KTH nor the names of its contributors may be
  20  *    used to endorse or promote products derived from this software without
  21  *    specific prior written permission.
  22  *
  23  * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
  24  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  26  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
  27  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  28  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  29  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  30  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
  31  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
  32  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
  33  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
  34
  35 #include "krb5_locl.h"
  36 #include <err.h>
  37 #include <krb5/getarg.h>
  38
  39 struct {
  40     char *p1;
  41     char *pepper1;
  42     krb5_enctype e1;
  43     char *p2;
  44     char *pepper2;
  45     krb5_enctype e2;
  46     krb5_enctype e3;
  47     char *key;
  48     size_t len;
  49 } cf2[] = {
  50     {
  51         "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96,
  52         "key2", "b", ETYPE_AES128_CTS_HMAC_SHA1_96,
  53         ETYPE_AES128_CTS_HMAC_SHA1_96,
  54         "\x97\xdf\x97\xe4\xb7\x98\xb2\x9e\xb3\x1e\xd7\x28\x02\x87\xa9\x2a",
  55         16
  56     },
  57     {
  58         "key1", "a", ETYPE_AES256_CTS_HMAC_SHA1_96,
  59         "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96,
  60         ETYPE_AES256_CTS_HMAC_SHA1_96,
  61         "\x4d\x6c\xa4\xe6\x29\x78\x5c\x1f\x01\xba\xf5\x5e\x2e\x54\x85\x66"
  62         "\xb9\x61\x7a\xe3\xa9\x68\x68\xc3\x37\xcb\x93\xb5\xe7\x2b\x1c\x7b",
  63         32
  64     },
  65     {
  66         "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96,
  67         "key2", "b", ETYPE_AES128_CTS_HMAC_SHA1_96,
  68         ETYPE_AES256_CTS_HMAC_SHA1_96,
  69         "\x97\xdf\x97\xe4\xb7\x98\xb2\x9e\xb3\x1e\xd7\x28\x2\x87\xa9\x2a"
  70         "\x1\x96\xfa\xf2\x44\xf8\x11\x20\xc2\x1c\x51\x17\xb3\xe6\xeb\x98",
  71         32
  72     },
  73     {
  74         "key1", "a", ETYPE_AES256_CTS_HMAC_SHA1_96,
  75         "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96,
  76         ETYPE_AES128_CTS_HMAC_SHA1_96,
  77         "\x4d\x6c\xa4\xe6\x29\x78\x5c\x1f\x01\xba\xf5\x5e\x2e\x54\x85\x66",
  78         16
  79     },
  80     {
  81         "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96,
  82         "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96,
  83         ETYPE_AES256_CTS_HMAC_SHA1_96,
  84         "\x88\xbd\xb2\xa9\xf\x3e\x52\x5a\xb0\x5f\x68\xc5\x43\x9a\x4d\x5e"
  85         "\x9c\x2b\xfd\x2b\x02\x24\xde\x39\xb5\x82\xf4\xbb\x05\xfe\x2\x2e",
  86         32
  87     }
  88 };
  89
  90
  91 static void
  92 test_cf2(krb5_context context)
  93 {
  94     krb5_error_code ret;
  95     krb5_data pw, p1, p2;
  96     krb5_salt salt;
  97     krb5_keyblock k1, k2, k3;
  98     krb5_crypto c1, c2;
  99     unsigned int i;
 100
 101     for (i = 0; i < sizeof(cf2)/sizeof(cf2[0]); i++) {
 102         pw.data = cf2[i].p1;
 103         pw.length = strlen(cf2[i].p1);
 104         salt.salttype = (krb5_salttype)KRB5_PADATA_PW_SALT;
 105         salt.saltvalue.data = cf2[i].p1;
 106         salt.saltvalue.length = strlen(cf2[i].p1);
 107
 108         ret = krb5_string_to_key_data_salt(context,
 109                                            cf2[i].e1,
 110                                            pw,
 111                                            salt,
 112                                            &k1);
 113         if (ret)
 114             krb5_err(context, 1, ret, "krb5_string_to_key_data_salt");
 115
 116         ret = krb5_crypto_init(context, &k1, 0, &c1);
 117         if (ret)
 118             krb5_err(context, 1, ret, "krb5_crypto_init");
 119
 120         pw.data = cf2[i].p2;
 121         pw.length = strlen(cf2[i].p2);
 122         salt.saltvalue.data = cf2[i].p2;
 123         salt.saltvalue.length = strlen(cf2[i].p2);
 124
 125         ret = krb5_string_to_key_data_salt(context,
 126                                            cf2[i].e2,
 127                                            pw,
 128                                            salt,
 129                                            &k2);
 130         if (ret)
 131             krb5_err(context, 1, ret, "krb5_string_to_key_data_salt");
 132
 133         ret = krb5_crypto_init(context, &k2, 0, &c2);
 134         if (ret)
 135             krb5_err(context, 1, ret, "krb5_crypto_init");
 136
 137
 138         p1.data = cf2[i].pepper1;
 139         p1.length = strlen(cf2[i].pepper1);
 140
 141         p2.data = cf2[i].pepper2;
 142         p2.length = strlen(cf2[i].pepper2);
 143
 144         ret = krb5_crypto_fx_cf2(context, c1, c2, &p1, &p2, cf2[i].e3, &k3);
 145         if (ret)
 146             krb5_err(context, 1, ret, "krb5_crypto_fx_cf2");
 147
 148         if (k3.keytype != cf2[i].e3)
 149             krb5_errx(context, 1, "length not right");
 150         if (k3.keyvalue.length != cf2[i].len ||
 151             memcmp(k3.keyvalue.data, cf2[i].key, cf2[i].len) != 0)
 152             krb5_errx(context, 1, "key not same");
 153
 154         krb5_crypto_destroy(context, c1);
 155         krb5_crypto_destroy(context, c2);
 156
 157         krb5_free_keyblock_contents(context, &k1);
 158         krb5_free_keyblock_contents(context, &k2);
 159         krb5_free_keyblock_contents(context, &k3);
 160     }
 161 }
 162
 163 static int version_flag = 0;
 164 static int help_flag    = 0;
 165
 166 static struct getargs args[] = {
 167     {"version", 0,      arg_flag,       &version_flag,
 168      "print version", NULL },
 169     {"help",    0,      arg_flag,       &help_flag,
 170      NULL, NULL }
 171 };
 172
 173 static void
 174 usage (int ret)
 175 {
 176     arg_printusage (args,
 177                     sizeof(args)/sizeof(*args),
 178                     NULL,
 179                     "");
 180     exit (ret);
 181 }
 182
 183 int
 184 main(int argc, char **argv)
 185 {
 186     krb5_context context;
 187     krb5_error_code ret;
 188     int optidx = 0;
 189
 190     setprogname(argv[0]);
 191
 192     if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
 193         usage(1);
 194
 195     if (help_flag)
 196         usage (0);
 197
 198     if(version_flag){
 199         print_version(NULL);
 200         exit(0);
 201     }
 202
 203     ret = krb5_init_context(&context);
 204     if (ret)
 205         errx (1, "krb5_init_context failed: %d", ret);
 206
 207     test_cf2(context);
 208
 209     krb5_free_context(context);
 210
 211     return 0;
 212 }