search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
No empty .Rs/.Re
[netbsd-mini2440.git] / crypto / dist / heimdal / lib / krb5 / aes-test.c
blob619605406500465412b811322ddb3479ed73ec12
1 /*
2 * Copyright (c) 2003 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of KTH nor the names of its contributors may be
18 * used to endorse or promote products derived from this software without
19 * specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
32
33 #include "krb5_locl.h"
34 #include <hex.h>
35 #include <err.h>
36
37 #ifdef HAVE_OPENSSL
38 #include <openssl/evp.h>
39 #endif
40
41 __RCSID("$Heimdal: aes-test.c 18301 2006-10-07 13:50:34Z lha $"
42 "$NetBSD$");
43
44 static int verbose = 0;
45
46 static void
47 hex_dump_data(const void *data, size_t length)
48 {
49 char *p;
50
51 hex_encode(data, length, &p);
52 printf("%s\n", p);
53 free(p);
54 }
55
56 struct {
57 char *password;
58 char *salt;
59 int saltlen;
60 int iterations;
61 krb5_enctype enctype;
62 size_t keylen;
63 char *pbkdf2;
64 char *key;
65 } keys[] = {
66 {
67 "password", "ATHENA.MIT.EDUraeburn", -1,
68 1,
69 ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
70 "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15",
71 "\x42\x26\x3c\x6e\x89\xf4\xfc\x28\xb8\xdf\x68\xee\x09\x79\x9f\x15"
72 },
73 {
74 "password", "ATHENA.MIT.EDUraeburn", -1,
75 1,
76 ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
77 "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15"
78 "\x0a\xd1\xf7\xa0\x4b\xb9\xf3\xa3\x33\xec\xc0\xe2\xe1\xf7\x08\x37",
79 "\xfe\x69\x7b\x52\xbc\x0d\x3c\xe1\x44\x32\xba\x03\x6a\x92\xe6\x5b"
80 "\xbb\x52\x28\x09\x90\xa2\xfa\x27\x88\x39\x98\xd7\x2a\xf3\x01\x61"
81 },
82 {
83 "password", "ATHENA.MIT.EDUraeburn", -1,
84 2,
85 ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
86 "\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d",
87 "\xc6\x51\xbf\x29\xe2\x30\x0a\xc2\x7f\xa4\x69\xd6\x93\xbd\xda\x13"
88 },
89 {
90 "password", "ATHENA.MIT.EDUraeburn", -1,
91 2,
92 ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
93 "\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d"
94 "\xa0\x53\x78\xb9\x32\x44\xec\x8f\x48\xa9\x9e\x61\xad\x79\x9d\x86",
95 "\xa2\xe1\x6d\x16\xb3\x60\x69\xc1\x35\xd5\xe9\xd2\xe2\x5f\x89\x61"
96 "\x02\x68\x56\x18\xb9\x59\x14\xb4\x67\xc6\x76\x22\x22\x58\x24\xff"
97 },
98 {
99 "password", "ATHENA.MIT.EDUraeburn", -1,
100 1200,
101 ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
102 "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b",
103 "\x4c\x01\xcd\x46\xd6\x32\xd0\x1e\x6d\xbe\x23\x0a\x01\xed\x64\x2a"
104 },
105 {
106 "password", "ATHENA.MIT.EDUraeburn", -1,
107 1200,
108 ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
109 "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b"
110 "\xa7\xe5\x2d\xdb\xc5\xe5\x14\x2f\x70\x8a\x31\xe2\xe6\x2b\x1e\x13",
111 "\x55\xa6\xac\x74\x0a\xd1\x7b\x48\x46\x94\x10\x51\xe1\xe8\xb0\xa7"
112 "\x54\x8d\x93\xb0\xab\x30\xa8\xbc\x3f\xf1\x62\x80\x38\x2b\x8c\x2a"
113 },
114 {
115 "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 8,
116 5,
117 ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
118 "\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49",
119 "\xe9\xb2\x3d\x52\x27\x37\x47\xdd\x5c\x35\xcb\x55\xbe\x61\x9d\x8e"
120 },
121 {
122 "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 8,
123 5,
124 ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
125 "\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49"
126 "\x3f\x98\xd2\x03\xe6\xbe\x49\xa6\xad\xf4\xfa\x57\x4b\x6e\x64\xee",
127 "\x97\xa4\xe7\x86\xbe\x20\xd8\x1a\x38\x2d\x5e\xbc\x96\xd5\x90\x9c"
128 "\xab\xcd\xad\xc8\x7c\xa4\x8f\x57\x45\x04\x15\x9f\x16\xc3\x6e\x31"
129 },
130 {
131 "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
132 "pass phrase equals block size", -1,
133 1200,
134 ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
135 "\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9",
136 "\x59\xd1\xbb\x78\x9a\x82\x8b\x1a\xa5\x4e\xf9\xc2\x88\x3f\x69\xed"
137 },
138 {
139 "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
140 "pass phrase equals block size", -1,
141 1200,
142 ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
143 "\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9"
144 "\xc5\xec\x59\xf1\xa4\x52\xf5\xcc\x9a\xd9\x40\xfe\xa0\x59\x8e\xd1",
145 "\x89\xad\xee\x36\x08\xdb\x8b\xc7\x1f\x1b\xfb\xfe\x45\x94\x86\xb0"
146 "\x56\x18\xb7\x0c\xba\xe2\x20\x92\x53\x4e\x56\xc5\x53\xba\x4b\x34"
147 },
148 {
149 "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
150 "pass phrase exceeds block size", -1,
151 1200,
152 ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
153 "\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61",
154 "\xcb\x80\x05\xdc\x5f\x90\x17\x9a\x7f\x02\x10\x4c\x00\x18\x75\x1d"
155 },
156 {
157 "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
158 "pass phrase exceeds block size", -1,
159 1200,
160 ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
161 "\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61"
162 "\x1a\x8b\x4d\x28\x26\x01\xdb\x3b\x36\xbe\x92\x46\x91\x5e\xc8\x2a",
163 "\xd7\x8c\x5c\x9c\xb8\x72\xa8\xc9\xda\xd4\x69\x7f\x0b\xb5\xb2\xd2"
164 "\x14\x96\xc8\x2b\xeb\x2c\xae\xda\x21\x12\xfc\xee\xa0\x57\x40\x1b"
165
166 },
167 {
168 "\xf0\x9d\x84\x9e" /* g-clef */, "EXAMPLE.COMpianist", -1,
169 50,
170 ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
171 "\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39",
172 "\xf1\x49\xc1\xf2\xe1\x54\xa7\x34\x52\xd4\x3e\x7f\xe6\x2a\x56\xe5"
173 },
174 {
175 "\xf0\x9d\x84\x9e" /* g-clef */, "EXAMPLE.COMpianist", -1,
176 50,
177 ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
178 "\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39"
179 "\xe7\xfe\x37\xa0\xc4\x1e\x02\xc2\x81\xff\x30\x69\xe1\xe9\x4f\x52",
180 "\x4b\x6d\x98\x39\xf8\x44\x06\xdf\x1f\x09\xcc\x16\x6d\xb4\xb8\x3c"
181 "\x57\x18\x48\xb7\x84\xa3\xd6\xbd\xc3\x46\x58\x9a\x3e\x39\x3f\x9e"
182 },
183 {
184 "foo", "", -1,
185 0,
186 ETYPE_ARCFOUR_HMAC_MD5, 16,
187 NULL,
188 "\xac\x8e\x65\x7f\x83\xdf\x82\xbe\xea\x5d\x43\xbd\xaf\x78\x00\xcc"
189 },
190 {
191 "test", "", -1,
192 0,
193 ETYPE_ARCFOUR_HMAC_MD5, 16,
194 NULL,
195 "\x0c\xb6\x94\x88\x05\xf7\x97\xbf\x2a\x82\x80\x79\x73\xb8\x95\x37"
196 }
197 };
198
199 static int
200 string_to_key_test(krb5_context context)
201 {
202 krb5_data password, opaque;
203 krb5_error_code ret;
204 krb5_salt salt;
205 int i, val = 0;
206 char iter[4];
207
208 for (i = 0; i < sizeof(keys)/sizeof(keys[0]); i++) {
209
210 password.data = keys[i].password;
211 password.length = strlen(password.data);
212
213 salt.salttype = KRB5_PW_SALT;
214 salt.saltvalue.data = keys[i].salt;
215 if (keys[i].saltlen == -1)
216 salt.saltvalue.length = strlen(salt.saltvalue.data);
217 else
218 salt.saltvalue.length = keys[i].saltlen;
219
220 opaque.data = iter;
221 opaque.length = sizeof(iter);
222 _krb5_put_int(iter, keys[i].iterations, 4);
223
224 if (keys[i].pbkdf2) {
225 unsigned char keyout[32];
226
227 if (keys[i].keylen > sizeof(keyout))
228 abort();
229
230 PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length,
231 salt.saltvalue.data, salt.saltvalue.length,
232 keys[i].iterations,
233 keys[i].keylen, keyout);
234
235 if (memcmp(keyout, keys[i].pbkdf2, keys[i].keylen) != 0) {
236 krb5_warnx(context, "%d: pbkdf2", i);
237 val = 1;
238 continue;
239 }
240
241 if (verbose) {
242 printf("PBKDF2:\n");
243 hex_dump_data(keyout, keys[i].keylen);
244 }
245 }
246
247 {
248 krb5_keyblock key;
249
250 ret = krb5_string_to_key_data_salt_opaque (context,
251 keys[i].enctype,
252 password,
253 salt,
254 opaque,
255 &key);
256 if (ret) {
257 krb5_warn(context, ret, "%d: string_to_key_data_salt_opaque",
258 i);
259 val = 1;
260 continue;
261 }
262
263 if (key.keyvalue.length != keys[i].keylen) {
264 krb5_warnx(context, "%d: key wrong length (%lu/%lu)",
265 i, (unsigned long)key.keyvalue.length,
266 (unsigned long)keys[i].keylen);
267 val = 1;
268 continue;
269 }
270
271 if (memcmp(key.keyvalue.data, keys[i].key, keys[i].keylen) != 0) {
272 krb5_warnx(context, "%d: key wrong", i);
273 val = 1;
274 continue;
275 }
276
277 if (verbose) {
278 printf("key:\n");
279 hex_dump_data(key.keyvalue.data, key.keyvalue.length);
280 }
281 krb5_free_keyblock_contents(context, &key);
282 }
283 }
284 return val;
285 }
286
287 struct enc_test {
288 size_t len;
289 char *input;
290 char *output;
291 char *nextiv;
292 };
293
294 struct enc_test encs1[] = {
295 {
296 17,
297 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
298 "\x20",
299 "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
300 "\x97",
301 "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
302 },
303 {
304 31,
305 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
306 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20",
307 "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
308 "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
309 "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
310 },
311 {
312 32,
313 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
314 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43",
315 "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
316 "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
317 "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
318 },
319 {
320 47,
321 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
322 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
323 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c",
324 "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
325 "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
326 "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
327 "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
328 },
329 {
330 48,
331 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
332 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
333 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20",
334 "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
335 "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
336 "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
337 "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
338 },
339 {
340 64,
341 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
342 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
343 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
344 "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
345 "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
346 "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
347 "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
348 "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
349 "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
350 }
351 };
352
353
354 struct enc_test encs2[] = {
355 {
356 17,
357 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
358 "\x20",
359 "\x5c\x13\x26\x27\xc4\xcb\xca\x04\x14\x43\x8a\xb5\x97\x97\x7c\x10"
360 "\x16"
361 },
362 {
363 31,
364 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
365 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20",
366 "\x16\xb3\xd8\xe5\xcd\x93\xe6\x2c\x28\x70\xa0\x36\x6e\x9a\xb9\x74"
367 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53"
368 },
369 {
370 32,
371 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
372 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43",
373 "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8"
374 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c"
375 },
376 {
377 47,
378 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
379 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
380 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c",
381 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c"
382 "\xe5\x56\xb4\x88\x41\xb9\xde\x27\xf0\x07\xa1\x6e\x89\x94\x47\xf1"
383 "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff"
384 },
385 {
386 48,
387 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
388 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
389 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20",
390 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c"
391 "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30"
392 "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8"
393 },
394 {
395 64,
396 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
397 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
398 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
399 "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
400 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c"
401 "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8"
402 "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67"
403 "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30"
404 },
405 {
406 78,
407 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
408 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
409 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
410 "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e"
411 "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41",
412 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c"
413 "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8"
414 "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30"
415 "\x73\xfb\x2c\x36\x76\xaf\xcf\x31\xff\xe3\x8a\x89\x0c\x7e\x99\x3f"
416 "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62"
417 },
418 {
419 83,
420 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
421 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
422 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
423 "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e"
424 "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
425 "\x41\x41\x41",
426 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c"
427 "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8"
428 "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30"
429 "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67"
430 "\x65\x39\x3a\xdb\x92\x05\x4d\x4f\x08\xa1\xfa\x59\xda\x56\x58\x0e"
431 "\x3b\xac\x12"
432 },
433 {
434 92,
435 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
436 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
437 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
438 "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e"
439 "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
440 "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41",
441 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c"
442 "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8"
443 "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30"
444 "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67"
445 "\x0c\xff\xd7\x63\x50\xf8\x4e\xf9\xec\x56\x1c\x79\xc5\xc8\xfe\x50"
446 "\x3b\xac\x12\x6e\xd3\x2d\x02\xc4\xe5\x06\x43\x5f"
447 },
448 {
449 96,
450 "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
451 "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
452 "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
453 "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e"
454 "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
455 "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41",
456 "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c"
457 "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8"
458 "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30"
459 "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67"
460 "\x08\x28\x49\xad\xfc\x2d\x8e\x86\xae\x69\xa5\xa8\xd9\x29\x9e\xe4"
461 "\x3b\xac\x12\x6e\xd3\x2d\x02\xc4\xe5\x06\x43\x5f\x4c\x41\xd1\xb8"
462 }
463 };
464
465
466
467 char *aes_key1 =
468 "\x63\x68\x69\x63\x6b\x65\x6e\x20\x74\x65\x72\x69\x79\x61\x6b\x69";
469
470 char *aes_key2 =
471 "\x63\x68\x69\x63\x6b\x65\x6e\x20\x74\x65\x72\x69\x79\x61\x6b\x69"
472 "\x2c\x20\x79\x75\x6d\x6d\x79\x20\x79\x75\x6d\x6d\x79\x21\x21\x21";
473
474
475 static int
476 samep(int testn, char *type, const void *pp1, const void *pp2, size_t len)
477 {
478 const unsigned char *p1 = pp1, *p2 = pp2;
479 size_t i;
480 int val = 1;
481
482 for (i = 0; i < len; i++) {
483 if (p1[i] != p2[i]) {
484 if (verbose)
485 printf("M");
486 val = 0;
487 } else {
488 if (verbose)
489 printf(".");
490 }
491 }
492 if (verbose)
493 printf("\n");
494 return val;
495 }
496
497 static int
498 encryption_test(krb5_context context, const void *key, size_t keylen,
499 struct enc_test *enc, int numenc)
500 {
501 unsigned char iv[AES_BLOCK_SIZE];
502 int i, val, failed = 0;
503 AES_KEY ekey, dkey;
504 unsigned char *p;
505
506 AES_set_encrypt_key(key, keylen, &ekey);
507 AES_set_decrypt_key(key, keylen, &dkey);
508
509 for (i = 0; i < numenc; i++) {
510 val = 0;
511
512 if (verbose)
513 printf("test: %d\n", i);
514 memset(iv, 0, sizeof(iv));
515
516 p = malloc(enc[i].len + 1);
517 if (p == NULL)
518 krb5_errx(context, 1, "malloc");
519
520 p[enc[i].len] = '\0';
521
522 memcpy(p, enc[i].input, enc[i].len);
523
524 _krb5_aes_cts_encrypt(p, p, enc[i].len,
525 &ekey, iv, AES_ENCRYPT);
526
527 if (p[enc[i].len] != '\0') {
528 krb5_warnx(context, "%d: encrypt modified off end", i);
529 val = 1;
530 }
531
532 if (!samep(i, "cipher", p, enc[i].output, enc[i].len)) {
533 krb5_warnx(context, "%d: cipher", i);
534 val = 1;
535 }
536
537 if (enc[i].nextiv && !samep(i, "iv", iv, enc[i].nextiv, 16)){ /*XXX*/
538 krb5_warnx(context, "%d: iv", i);
539 val = 1;
540 }
541
542 memset(iv, 0, sizeof(iv));
543
544 _krb5_aes_cts_encrypt(p, p, enc[i].len,
545 &dkey, iv, AES_DECRYPT);
546
547 if (p[enc[i].len] != '\0') {
548 krb5_warnx(context, "%d: decrypt modified off end", i);
549 val = 1;
550 }
551
552 if (!samep(i, "clear", p, enc[i].input, enc[i].len))
553 val = 1;
554
555 if (enc[i].nextiv && !samep(i, "iv", iv, enc[i].nextiv, 16)){ /*XXX*/
556 krb5_warnx(context, "%d: iv", i);
557 val = 1;
558 }
559
560 free(p);
561
562 if (val) {
563 printf("test %d failed\n", i);
564 failed = 1;
565 }
566 val = 0;
567 }
568 return failed;
569 }
570
571 static int
572 krb_enc(krb5_context context,
573 krb5_crypto crypto,
574 unsigned usage,
575 krb5_data *cipher,
576 krb5_data *clear)
577 {
578 krb5_data decrypt;
579 krb5_error_code ret;
580
581 krb5_data_zero(&decrypt);
582
583 ret = krb5_decrypt(context,
584 crypto,
585 usage,
586 cipher->data,
587 cipher->length,
588 &decrypt);
589
590 if (ret) {
591 krb5_warn(context, ret, "krb5_decrypt");
592 return ret;
593 }
594
595 if (decrypt.length != clear->length ||
596 memcmp(decrypt.data, clear->data, decrypt.length) != 0) {
597 krb5_warnx(context, "clear text not same");
598 return EINVAL;
599 }
600
601 krb5_data_free(&decrypt);
602
603 return 0;
604 }
605
606 static int
607 krb_enc_mit(krb5_context context,
608 krb5_enctype enctype,
609 krb5_keyblock *key,
610 unsigned usage,
611 krb5_data *cipher,
612 krb5_data *clear)
613 {
614 krb5_error_code ret;
615 krb5_enc_data e;
616 krb5_data decrypt;
617 size_t len;
618
619 e.kvno = 0;
620 e.enctype = enctype;
621 e.ciphertext = *cipher;
622
623 ret = krb5_c_decrypt(context, *key, usage, NULL, &e, &decrypt);
624 if (ret)
625 return ret;
626
627 if (decrypt.length != clear->length ||
628 memcmp(decrypt.data, clear->data, decrypt.length) != 0) {
629 krb5_warnx(context, "clear text not same");
630 return EINVAL;
631 }
632
633 krb5_data_free(&decrypt);
634
635 ret = krb5_c_encrypt_length(context, enctype, clear->length, &len);
636 if (ret)
637 return ret;
638
639 if (len != cipher->length) {
640 krb5_warnx(context, "c_encrypt_length wrong %lu != %lu",
641 (unsigned long)len, (unsigned long)cipher->length);
642 return EINVAL;
643 }
644
645 return 0;
646 }
647
648
649 struct {
650 krb5_enctype enctype;
651 unsigned usage;
652 size_t keylen;
653 void *key;
654 size_t elen;
655 void* edata;
656 size_t plen;
657 void *pdata;
658 } krbencs[] = {
659 {
660 ETYPE_AES256_CTS_HMAC_SHA1_96,
661 7,
662 32,
663 "\x47\x75\x69\x64\x65\x6c\x69\x6e\x65\x73\x20\x74\x6f\x20\x41\x75"
664 "\x74\x68\x6f\x72\x73\x20\x6f\x66\x20\x49\x6e\x74\x65\x72\x6e\x65",
665 44,
666 "\xcf\x79\x8f\x0d\x76\xf3\xe0\xbe\x8e\x66\x94\x70\xfa\xcc\x9e\x91"
667 "\xa9\xec\x1c\x5c\x21\xfb\x6e\xef\x1a\x7a\xc8\xc1\xcc\x5a\x95\x24"
668 "\x6f\x9f\xf4\xd5\xbe\x5d\x59\x97\x44\xd8\x47\xcd",
669 16,
670 "\x54\x68\x69\x73\x20\x69\x73\x20\x61\x20\x74\x65\x73\x74\x2e\x0a"
671 }
672 };
673
674
675 static int
676 krb_enc_test(krb5_context context)
677 {
678 krb5_error_code ret;
679 krb5_crypto crypto;
680 krb5_keyblock kb;
681 krb5_data cipher, plain;
682 int i, failed = 0;
683
684 for (i = 0; i < sizeof(krbencs)/sizeof(krbencs[0]); i++) {
685
686 kb.keytype = krbencs[i].enctype;
687 kb.keyvalue.length = krbencs[i].keylen;
688 kb.keyvalue.data = krbencs[i].key;
689
690 ret = krb5_crypto_init(context, &kb, krbencs[i].enctype, &crypto);
691
692 cipher.length = krbencs[i].elen;
693 cipher.data = krbencs[i].edata;
694 plain.length = krbencs[i].plen;
695 plain.data = krbencs[i].pdata;
696
697 ret = krb_enc(context, crypto, krbencs[i].usage, &cipher, &plain);
698
699 if (ret) {
700 failed = 1;
701 printf("krb_enc failed with %d\n", ret);
702 }
703 krb5_crypto_destroy(context, crypto);
704
705 ret = krb_enc_mit(context, krbencs[i].enctype, &kb,
706 krbencs[i].usage, &cipher, &plain);
707 if (ret) {
708 failed = 1;
709 printf("krb_enc_mit failed with %d\n", ret);
710 }
711
712 }
713
714 return failed;
715 }
716
717
718 static int
719 random_to_key(krb5_context context)
720 {
721 krb5_error_code ret;
722 krb5_keyblock key;
723
724 ret = krb5_random_to_key(context,
725 ETYPE_DES3_CBC_SHA1,
726 "\x21\x39\x04\x58\x6A\xBD\x7F"
727 "\x21\x39\x04\x58\x6A\xBD\x7F"
728 "\x21\x39\x04\x58\x6A\xBD\x7F",
729 21,
730 &key);
731 if (ret){
732 krb5_warn(context, ret, "random_to_key");
733 return 1;
734 }
735 if (key.keyvalue.length != 24)
736 return 1;
737
738 if (memcmp(key.keyvalue.data,
739 "\x20\x38\x04\x58\x6b\xbc\x7f\xc7"
740 "\x20\x38\x04\x58\x6b\xbc\x7f\xc7"
741 "\x20\x38\x04\x58\x6b\xbc\x7f\xc7",
742 24) != 0)
743 return 1;
744
745 krb5_free_keyblock_contents(context, &key);
746
747 return 0;
748 }
749
750
751 int
752 main(int argc, char **argv)
753 {
754 krb5_error_code ret;
755 krb5_context context;
756 int val = 0;
757
758 ret = krb5_init_context (&context);
759 if (ret)
760 errx (1, "krb5_init_context failed: %d", ret);
761
762 val |= string_to_key_test(context);
763
764 val |= encryption_test(context, aes_key1, 128,
765 encs1, sizeof(encs1)/sizeof(encs1[0]));
766 val |= encryption_test(context, aes_key2, 256,
767 encs2, sizeof(encs2)/sizeof(encs2[0]));
768 val |= krb_enc_test(context);
769 val |= random_to_key(context);
770
771 if (verbose && val == 0)
772 printf("all ok\n");
773 if (val)
774 printf("tests failed\n");
775
776 krb5_free_context(context);
777
778 return val;
779 }
NetBSD on the FriendlyARM MINI2440