Context Navigation

aes-test.c

Last change on this file was 1, checked in by Paul Smedley, 10 years ago
Initial commit of Heimdal 1.5.3
File size: 22.6 KB

Line
1	/*
2	* Copyright (c) 2003 Kungliga Tekniska HÃ¶gskolan
3	* (Royal Institute of Technology, Stockholm, Sweden).
4	* All rights reserved.
5	*
6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions
8	* are met:
9	*
10	* 1. Redistributions of source code must retain the above copyright
11	* notice, this list of conditions and the following disclaimer.
12	*
13	* 2. Redistributions in binary form must reproduce the above copyright
14	* notice, this list of conditions and the following disclaimer in the
15	* documentation and/or other materials provided with the distribution.
16	*
17	* 3. Neither the name of KTH nor the names of its contributors may be
18	* used to endorse or promote products derived from this software without
19	* specific prior written permission.
20	*
21	* THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25	* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26	* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27	* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28	* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29	* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30	* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31	* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
32
33	#include "krb5_locl.h"
34	#include <hex.h>
35	#include <err.h>
36	#include <assert.h>
37
38	#ifdef HAVE_OPENSSL
39	#include <openssl/evp.h>
40	#endif
41
42	static int verbose = 0;
43
44	static void
45	hex_dump_data(const void *data, size_t length)
46	{
47	char *p;
48
49	hex_encode(data, length, &p);
50	printf("%s\n", p);
51	free(p);
52	}
53
54	struct {
55	char *password;
56	char *salt;
57	int saltlen;
58	int iterations;
59	krb5_enctype enctype;
60	size_t keylen;
61	char *pbkdf2;
62	char *key;
63	} keys[] = {
64	{
65	"password", "ATHENA.MIT.EDUraeburn", -1,
66	1,
67	ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
68	"\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15",
69	"\x42\x26\x3c\x6e\x89\xf4\xfc\x28\xb8\xdf\x68\xee\x09\x79\x9f\x15"
70	},
71	{
72	"password", "ATHENA.MIT.EDUraeburn", -1,
73	1,
74	ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
75	"\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15"
76	"\x0a\xd1\xf7\xa0\x4b\xb9\xf3\xa3\x33\xec\xc0\xe2\xe1\xf7\x08\x37",
77	"\xfe\x69\x7b\x52\xbc\x0d\x3c\xe1\x44\x32\xba\x03\x6a\x92\xe6\x5b"
78	"\xbb\x52\x28\x09\x90\xa2\xfa\x27\x88\x39\x98\xd7\x2a\xf3\x01\x61"
79	},
80	{
81	"password", "ATHENA.MIT.EDUraeburn", -1,
82	2,
83	ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
84	"\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d",
85	"\xc6\x51\xbf\x29\xe2\x30\x0a\xc2\x7f\xa4\x69\xd6\x93\xbd\xda\x13"
86	},
87	{
88	"password", "ATHENA.MIT.EDUraeburn", -1,
89	2,
90	ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
91	"\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d"
92	"\xa0\x53\x78\xb9\x32\x44\xec\x8f\x48\xa9\x9e\x61\xad\x79\x9d\x86",
93	"\xa2\xe1\x6d\x16\xb3\x60\x69\xc1\x35\xd5\xe9\xd2\xe2\x5f\x89\x61"
94	"\x02\x68\x56\x18\xb9\x59\x14\xb4\x67\xc6\x76\x22\x22\x58\x24\xff"
95	},
96	{
97	"password", "ATHENA.MIT.EDUraeburn", -1,
98	1200,
99	ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
100	"\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b",
101	"\x4c\x01\xcd\x46\xd6\x32\xd0\x1e\x6d\xbe\x23\x0a\x01\xed\x64\x2a"
102	},
103	{
104	"password", "ATHENA.MIT.EDUraeburn", -1,
105	1200,
106	ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
107	"\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b"
108	"\xa7\xe5\x2d\xdb\xc5\xe5\x14\x2f\x70\x8a\x31\xe2\xe6\x2b\x1e\x13",
109	"\x55\xa6\xac\x74\x0a\xd1\x7b\x48\x46\x94\x10\x51\xe1\xe8\xb0\xa7"
110	"\x54\x8d\x93\xb0\xab\x30\xa8\xbc\x3f\xf1\x62\x80\x38\x2b\x8c\x2a"
111	},
112	{
113	"password", "\x12\x34\x56\x78\x78\x56\x34\x12", 8,
114	5,
115	ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
116	"\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49",
117	"\xe9\xb2\x3d\x52\x27\x37\x47\xdd\x5c\x35\xcb\x55\xbe\x61\x9d\x8e"
118	},
119	{
120	"password", "\x12\x34\x56\x78\x78\x56\x34\x12", 8,
121	5,
122	ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
123	"\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49"
124	"\x3f\x98\xd2\x03\xe6\xbe\x49\xa6\xad\xf4\xfa\x57\x4b\x6e\x64\xee",
125	"\x97\xa4\xe7\x86\xbe\x20\xd8\x1a\x38\x2d\x5e\xbc\x96\xd5\x90\x9c"
126	"\xab\xcd\xad\xc8\x7c\xa4\x8f\x57\x45\x04\x15\x9f\x16\xc3\x6e\x31"
127	},
128	{
129	"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
130	"pass phrase equals block size", -1,
131	1200,
132	ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
133	"\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9",
134	"\x59\xd1\xbb\x78\x9a\x82\x8b\x1a\xa5\x4e\xf9\xc2\x88\x3f\x69\xed"
135	},
136	{
137	"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
138	"pass phrase equals block size", -1,
139	1200,
140	ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
141	"\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9"
142	"\xc5\xec\x59\xf1\xa4\x52\xf5\xcc\x9a\xd9\x40\xfe\xa0\x59\x8e\xd1",
143	"\x89\xad\xee\x36\x08\xdb\x8b\xc7\x1f\x1b\xfb\xfe\x45\x94\x86\xb0"
144	"\x56\x18\xb7\x0c\xba\xe2\x20\x92\x53\x4e\x56\xc5\x53\xba\x4b\x34"
145	},
146	{
147	"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
148	"pass phrase exceeds block size", -1,
149	1200,
150	ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
151	"\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61",
152	"\xcb\x80\x05\xdc\x5f\x90\x17\x9a\x7f\x02\x10\x4c\x00\x18\x75\x1d"
153	},
154	{
155	"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
156	"pass phrase exceeds block size", -1,
157	1200,
158	ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
159	"\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61"
160	"\x1a\x8b\x4d\x28\x26\x01\xdb\x3b\x36\xbe\x92\x46\x91\x5e\xc8\x2a",
161	"\xd7\x8c\x5c\x9c\xb8\x72\xa8\xc9\xda\xd4\x69\x7f\x0b\xb5\xb2\xd2"
162	"\x14\x96\xc8\x2b\xeb\x2c\xae\xda\x21\x12\xfc\xee\xa0\x57\x40\x1b"
163
164	},
165	{
166	"\xf0\x9d\x84\x9e" /* g-clef */, "EXAMPLE.COMpianist", -1,
167	50,
168	ETYPE_AES128_CTS_HMAC_SHA1_96, 16,
169	"\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39",
170	"\xf1\x49\xc1\xf2\xe1\x54\xa7\x34\x52\xd4\x3e\x7f\xe6\x2a\x56\xe5"
171	},
172	{
173	"\xf0\x9d\x84\x9e" /* g-clef */, "EXAMPLE.COMpianist", -1,
174	50,
175	ETYPE_AES256_CTS_HMAC_SHA1_96, 32,
176	"\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39"
177	"\xe7\xfe\x37\xa0\xc4\x1e\x02\xc2\x81\xff\x30\x69\xe1\xe9\x4f\x52",
178	"\x4b\x6d\x98\x39\xf8\x44\x06\xdf\x1f\x09\xcc\x16\x6d\xb4\xb8\x3c"
179	"\x57\x18\x48\xb7\x84\xa3\xd6\xbd\xc3\x46\x58\x9a\x3e\x39\x3f\x9e"
180	},
181	{
182	"foo", "", -1,
183	0,
184	ETYPE_ARCFOUR_HMAC_MD5, 16,
185	NULL,
186	"\xac\x8e\x65\x7f\x83\xdf\x82\xbe\xea\x5d\x43\xbd\xaf\x78\x00\xcc"
187	},
188	{
189	"test", "", -1,
190	0,
191	ETYPE_ARCFOUR_HMAC_MD5, 16,
192	NULL,
193	"\x0c\xb6\x94\x88\x05\xf7\x97\xbf\x2a\x82\x80\x79\x73\xb8\x95\x37"
194	}
195	};
196
197	static int
198	string_to_key_test(krb5_context context)
199	{
200	krb5_data password, opaque;
201	krb5_error_code ret;
202	krb5_salt salt;
203	int i, val = 0;
204	char iter[4];
205
206	for (i = 0; i < sizeof(keys)/sizeof(keys[0]); i++) {
207
208	password.data = keys[i].password;
209	password.length = strlen(password.data);
210
211	salt.salttype = KRB5_PW_SALT;
212	salt.saltvalue.data = keys[i].salt;
213	if (keys[i].saltlen == -1)
214	salt.saltvalue.length = strlen(salt.saltvalue.data);
215	else
216	salt.saltvalue.length = keys[i].saltlen;
217
218	opaque.data = iter;
219	opaque.length = sizeof(iter);
220	_krb5_put_int(iter, keys[i].iterations, 4);
221
222	if (keys[i].pbkdf2) {
223	unsigned char keyout[32];
224
225	if (keys[i].keylen > sizeof(keyout))
226	abort();
227
228	PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length,
229	salt.saltvalue.data, salt.saltvalue.length,
230	keys[i].iterations,
231	keys[i].keylen, keyout);
232
233	if (memcmp(keyout, keys[i].pbkdf2, keys[i].keylen) != 0) {
234	krb5_warnx(context, "%d: pbkdf2", i);
235	val = 1;
236	continue;
237	}
238
239	if (verbose) {
240	printf("PBKDF2:\n");
241	hex_dump_data(keyout, keys[i].keylen);
242	}
243	}
244
245	{
246	krb5_keyblock key;
247
248	ret = krb5_string_to_key_data_salt_opaque (context,
249	keys[i].enctype,
250	password,
251	salt,
252	opaque,
253	&key);
254	if (ret) {
255	krb5_warn(context, ret, "%d: string_to_key_data_salt_opaque",
256	i);
257	val = 1;
258	continue;
259	}
260
261	if (key.keyvalue.length != keys[i].keylen) {
262	krb5_warnx(context, "%d: key wrong length (%lu/%lu)",
263	i, (unsigned long)key.keyvalue.length,
264	(unsigned long)keys[i].keylen);
265	val = 1;
266	continue;
267	}
268
269	if (memcmp(key.keyvalue.data, keys[i].key, keys[i].keylen) != 0) {
270	krb5_warnx(context, "%d: key wrong", i);
271	val = 1;
272	continue;
273	}
274
275	if (verbose) {
276	printf("key:\n");
277	hex_dump_data(key.keyvalue.data, key.keyvalue.length);
278	}
279	krb5_free_keyblock_contents(context, &key);
280	}
281	}
282	return val;
283	}
284
285	static int
286	krb_enc(krb5_context context,
287	krb5_crypto crypto,
288	unsigned usage,
289	krb5_data *cipher,
290	krb5_data *clear)
291	{
292	krb5_data decrypt;
293	krb5_error_code ret;
294
295	krb5_data_zero(&decrypt);
296
297	ret = krb5_decrypt(context,
298	crypto,
299	usage,
300	cipher->data,
301	cipher->length,
302	&decrypt);
303
304	if (ret) {
305	krb5_warn(context, ret, "krb5_decrypt");
306	return ret;
307	}
308
309	if (decrypt.length != clear->length \|\|
310	memcmp(decrypt.data, clear->data, decrypt.length) != 0) {
311	krb5_warnx(context, "clear text not same");
312	return EINVAL;
313	}
314
315	krb5_data_free(&decrypt);
316
317	return 0;
318	}
319
320	static int
321	krb_enc_iov2(krb5_context context,
322	krb5_crypto crypto,
323	unsigned usage,
324	size_t cipher_len,
325	krb5_data *clear)
326	{
327	krb5_crypto_iov iov[4];
328	krb5_data decrypt;
329	int ret;
330	char p, q;
331	size_t len, i;
332
333	p = clear->data;
334	len = clear->length;
335
336	iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
337	krb5_crypto_length(context, crypto, iov[0].flags, &iov[0].data.length);
338	iov[0].data.data = emalloc(iov[0].data.length);
339
340	iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
341	iov[1].data.length = len;
342	iov[1].data.data = emalloc(iov[1].data.length);
343	memcpy(iov[1].data.data, p, iov[1].data.length);
344
345	/* padding buffer */
346	iov[2].flags = KRB5_CRYPTO_TYPE_PADDING;
347	krb5_crypto_length(context, crypto, KRB5_CRYPTO_TYPE_PADDING, &iov[2].data.length);
348	iov[2].data.data = emalloc(iov[2].data.length);
349
350	iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER;
351	krb5_crypto_length(context, crypto, iov[3].flags, &iov[3].data.length);
352	iov[3].data.data = emalloc(iov[3].data.length);
353
354	ret = krb5_encrypt_iov_ivec(context, crypto, usage,
355	iov, sizeof(iov)/sizeof(iov[0]), NULL);
356	if (ret)
357	errx(1, "encrypt iov failed: %d", ret);
358
359	/* check len */
360	for (i = 0, len = 0; i < sizeof(iov)/sizeof(iov[0]); i++)
361	len += iov[i].data.length;
362	if (len != cipher_len)
363	errx(1, "cipher len wrong");
364
365	/*
366	* Plain decrypt
367	*/
368
369	p = q = emalloc(len);
370	for (i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) {
371	memcpy(q, iov[i].data.data, iov[i].data.length);
372	q += iov[i].data.length;
373	}
374
375	ret = krb5_decrypt(context, crypto, usage, p, len, &decrypt);
376	if (ret)
377	krb5_err(context, 1, ret, "krb5_decrypt");
378	else
379	krb5_data_free(&decrypt);
380
381	free(p);
382
383	/*
384	* Now decrypt use iov
385	*/
386
387	/* padding turn into data */
388	p = q = emalloc(iov[1].data.length + iov[2].data.length);
389
390	memcpy(q, iov[1].data.data, iov[1].data.length);
391	q += iov[1].data.length;
392	memcpy(q, iov[2].data.data, iov[2].data.length);
393
394	free(iov[1].data.data);
395	free(iov[2].data.data);
396
397	iov[1].data.data = p;
398	iov[1].data.length += iov[2].data.length;
399
400	iov[2].flags = KRB5_CRYPTO_TYPE_EMPTY;
401	iov[2].data.length = 0;
402
403	ret = krb5_decrypt_iov_ivec(context, crypto, usage,
404	iov, sizeof(iov)/sizeof(iov[0]), NULL);
405	free(iov[0].data.data);
406	free(iov[3].data.data);
407
408	if (ret)
409	krb5_err(context, 1, ret, "decrypt iov failed: %d", ret);
410
411	if (clear->length != iov[1].data.length)
412	errx(1, "length incorrect");
413
414	p = clear->data;
415	if (memcmp(iov[1].data.data, p, iov[1].data.length) != 0)
416	errx(1, "iov[1] incorrect");
417
418	free(iov[1].data.data);
419
420	return 0;
421	}
422
423
424	static int
425	krb_enc_iov(krb5_context context,
426	krb5_crypto crypto,
427	unsigned usage,
428	krb5_data *cipher,
429	krb5_data *clear)
430	{
431	krb5_crypto_iov iov[3];
432	int ret;
433	char *p;
434	size_t len;
435
436	p = cipher->data;
437	len = cipher->length;
438
439	iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
440	krb5_crypto_length(context, crypto, iov[0].flags, &iov[0].data.length);
441	iov[0].data.data = emalloc(iov[0].data.length);
442	memcpy(iov[0].data.data, p, iov[0].data.length);
443	p += iov[0].data.length;
444	len -= iov[0].data.length;
445
446	iov[1].flags = KRB5_CRYPTO_TYPE_TRAILER;
447	krb5_crypto_length(context, crypto, iov[1].flags, &iov[1].data.length);
448	iov[1].data.data = emalloc(iov[1].data.length);
449	memcpy(iov[1].data.data, p + len - iov[1].data.length, iov[1].data.length);
450	len -= iov[1].data.length;
451
452	iov[2].flags = KRB5_CRYPTO_TYPE_DATA;
453	iov[2].data.length = len;
454	iov[2].data.data = emalloc(len);
455	memcpy(iov[2].data.data, p, len);
456
457	ret = krb5_decrypt_iov_ivec(context, crypto, usage,
458	iov, sizeof(iov)/sizeof(iov[0]), NULL);
459	if (ret)
460	krb5_err(context, 1, ret, "krb_enc_iov decrypt iov failed: %d", ret);
461
462	if (clear->length != iov[2].data.length)
463	errx(1, "length incorrect");
464
465	p = clear->data;
466	if (memcmp(iov[2].data.data, p, iov[2].data.length) != 0)
467	errx(1, "iov[2] incorrect");
468
469	free(iov[0].data.data);
470	free(iov[1].data.data);
471	free(iov[2].data.data);
472
473
474	return 0;
475	}
476
477	static int
478	krb_checksum_iov(krb5_context context,
479	krb5_crypto crypto,
480	unsigned usage,
481	krb5_data *plain)
482	{
483	krb5_crypto_iov iov[4];
484	int ret;
485	char *p;
486	size_t len;
487
488	p = plain->data;
489	len = plain->length;
490
491	iov[0].flags = KRB5_CRYPTO_TYPE_CHECKSUM;
492	krb5_crypto_length(context, crypto, iov[0].flags, &iov[0].data.length);
493	iov[0].data.data = emalloc(iov[0].data.length);
494
495	iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
496	iov[1].data.length = len;
497	iov[1].data.data = p;
498
499	iov[2].flags = KRB5_CRYPTO_TYPE_TRAILER;
500	krb5_crypto_length(context, crypto, iov[0].flags, &iov[2].data.length);
501	iov[2].data.data = malloc(iov[2].data.length);
502
503	ret = krb5_create_checksum_iov(context, crypto, usage,
504	iov, sizeof(iov)/sizeof(iov[0]), NULL);
505	if (ret)
506	krb5_err(context, 1, ret, "krb5_create_checksum_iov failed");
507
508	ret = krb5_verify_checksum_iov(context, crypto, usage, iov, sizeof(iov)/sizeof(iov[0]), NULL);
509	if (ret)
510	krb5_err(context, 1, ret, "krb5_verify_checksum_iov");
511
512	free(iov[0].data.data);
513	free(iov[2].data.data);
514
515	return 0;
516	}
517
518
519	static int
520	krb_enc_mit(krb5_context context,
521	krb5_enctype enctype,
522	krb5_keyblock *key,
523	unsigned usage,
524	krb5_data *cipher,
525	krb5_data *clear)
526	{
527	#ifndef HEIMDAL_SMALLER
528	krb5_error_code ret;
529	krb5_enc_data e;
530	krb5_data decrypt;
531	size_t len;
532
533	e.kvno = 0;
534	e.enctype = enctype;
535	e.ciphertext = *cipher;
536
537	ret = krb5_c_decrypt(context, *key, usage, NULL, &e, &decrypt);
538	if (ret)
539	return ret;
540
541	if (decrypt.length != clear->length \|\|
542	memcmp(decrypt.data, clear->data, decrypt.length) != 0) {
543	krb5_warnx(context, "clear text not same");
544	return EINVAL;
545	}
546
547	krb5_data_free(&decrypt);
548
549	ret = krb5_c_encrypt_length(context, enctype, clear->length, &len);
550	if (ret)
551	return ret;
552
553	if (len != cipher->length) {
554	krb5_warnx(context, "c_encrypt_length wrong %lu != %lu",
555	(unsigned long)len, (unsigned long)cipher->length);
556	return EINVAL;
557	}
558	#endif /* HEIMDAL_SMALLER */
559	return 0;
560	}
561
562
563	struct {
564	krb5_enctype enctype;
565	unsigned usage;
566	size_t keylen;
567	void *key;
568	size_t elen;
569	void* edata;
570	size_t plen;
571	void *pdata;
572	} krbencs[] = {
573	{
574	ETYPE_AES256_CTS_HMAC_SHA1_96,
575	7,
576	32,
577	"\x47\x75\x69\x64\x65\x6c\x69\x6e\x65\x73\x20\x74\x6f\x20\x41\x75"
578	"\x74\x68\x6f\x72\x73\x20\x6f\x66\x20\x49\x6e\x74\x65\x72\x6e\x65",
579	44,
580	"\xcf\x79\x8f\x0d\x76\xf3\xe0\xbe\x8e\x66\x94\x70\xfa\xcc\x9e\x91"
581	"\xa9\xec\x1c\x5c\x21\xfb\x6e\xef\x1a\x7a\xc8\xc1\xcc\x5a\x95\x24"
582	"\x6f\x9f\xf4\xd5\xbe\x5d\x59\x97\x44\xd8\x47\xcd",
583	16,
584	"\x54\x68\x69\x73\x20\x69\x73\x20\x61\x20\x74\x65\x73\x74\x2e\x0a"
585	}
586	};
587
588
589	static int
590	krb_enc_test(krb5_context context)
591	{
592	krb5_error_code ret;
593	krb5_crypto crypto;
594	krb5_keyblock kb;
595	krb5_data cipher, plain;
596	int i;
597
598	for (i = 0; i < sizeof(krbencs)/sizeof(krbencs[0]); i++) {
599
600	kb.keytype = krbencs[i].enctype;
601	kb.keyvalue.length = krbencs[i].keylen;
602	kb.keyvalue.data = krbencs[i].key;
603
604	ret = krb5_crypto_init(context, &kb, krbencs[i].enctype, &crypto);
605
606	cipher.length = krbencs[i].elen;
607	cipher.data = krbencs[i].edata;
608	plain.length = krbencs[i].plen;
609	plain.data = krbencs[i].pdata;
610
611	ret = krb_enc(context, crypto, krbencs[i].usage, &cipher, &plain);
612
613	if (ret)
614	errx(1, "krb_enc failed with %d for test %d", ret, i);
615
616	ret = krb_enc_iov(context, crypto, krbencs[i].usage, &cipher, &plain);
617	if (ret)
618	errx(1, "krb_enc_iov failed with %d for test %d", ret, i);
619
620	ret = krb_enc_iov2(context, crypto, krbencs[i].usage,
621	cipher.length, &plain);
622	if (ret)
623	errx(1, "krb_enc_iov2 failed with %d for test %d", ret, i);
624
625	ret = krb_checksum_iov(context, crypto, krbencs[i].usage, &plain);
626	if (ret)
627	errx(1, "krb_checksum_iov failed with %d for test %d", ret, i);
628
629	krb5_crypto_destroy(context, crypto);
630
631	ret = krb_enc_mit(context, krbencs[i].enctype, &kb,
632	krbencs[i].usage, &cipher, &plain);
633	if (ret)
634	errx(1, "krb_enc_mit failed with %d for test %d", ret, i);
635	}
636
637	return 0;
638	}
639
640	static int
641	iov_test(krb5_context context)
642	{
643	krb5_enctype enctype = ENCTYPE_AES256_CTS_HMAC_SHA1_96;
644	krb5_error_code ret;
645	krb5_crypto crypto;
646	krb5_keyblock key;
647	krb5_data signonly, in, in2;
648	krb5_crypto_iov iov[6];
649	size_t len, i;
650	unsigned char base, p;
651
652	ret = krb5_generate_random_keyblock(context, enctype, &key);
653	if (ret)
654	krb5_err(context, 1, ret, "krb5_generate_random_keyblock");
655
656	ret = krb5_crypto_init(context, &key, 0, &crypto);
657	if (ret)
658	krb5_err(context, 1, ret, "krb5_crypto_init");
659
660
661	ret = krb5_crypto_length(context, crypto, KRB5_CRYPTO_TYPE_HEADER, &len);
662	if (ret)
663	krb5_err(context, 1, ret, "krb5_crypto_length");
664
665	signonly.data = "This should be signed";
666	signonly.length = strlen(signonly.data);
667	in.data = "inputdata";
668	in.length = strlen(in.data);
669
670	in2.data = "INPUTDATA";
671	in2.length = strlen(in2.data);
672
673
674	memset(iov, 0, sizeof(iov));
675
676	iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
677	iov[1].flags = KRB5_CRYPTO_TYPE_DATA;
678	iov[1].data = in;
679	iov[2].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY;
680	iov[2].data = signonly;
681	iov[3].flags = KRB5_CRYPTO_TYPE_EMPTY;
682	iov[4].flags = KRB5_CRYPTO_TYPE_PADDING;
683	iov[5].flags = KRB5_CRYPTO_TYPE_TRAILER;
684
685	ret = krb5_crypto_length_iov(context, crypto, iov,
686	sizeof(iov)/sizeof(iov[0]));
687	if (ret)
688	krb5_err(context, 1, ret, "krb5_crypto_length_iov");
689
690	for (len = 0, i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) {
691	if (iov[i].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY)
692	continue;
693	len += iov[i].data.length;
694	}
695
696	base = emalloc(len);
697
698	/*
699	* Allocate data for the fields
700	*/
701
702	for (p = base, i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) {
703	if (iov[i].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY)
704	continue;;
705	iov[i].data.data = p;
706	p += iov[i].data.length;
707	}
708	assert(iov[1].data.length == in.length);
709	memcpy(iov[1].data.data, in.data, iov[1].data.length);
710
711	/*
712	* Encrypt
713	*/
714
715	ret = krb5_encrypt_iov_ivec(context, crypto, 7, iov,
716	sizeof(iov)/sizeof(iov[0]), NULL);
717	if (ret)
718	krb5_err(context, 1, ret, "krb5_encrypt_iov_ivec");
719
720	/*
721	* Decrypt
722	*/
723
724	ret = krb5_decrypt_iov_ivec(context, crypto, 7,
725	iov, sizeof(iov)/sizeof(iov[0]), NULL);
726	if (ret)
727	krb5_err(context, 1, ret, "krb5_decrypt_iov_ivec");
728
729	/*
730	* Verify data
731	*/
732
733	if (krb5_data_cmp(&iov[1].data, &in) != 0)
734	krb5_errx(context, 1, "decrypted data not same");
735
736	/*
737	* Free memory
738	*/
739
740	free(base);
741
742	/* Set up for second try */
743
744	iov[3].flags = KRB5_CRYPTO_TYPE_DATA;
745	iov[3].data = in;
746
747	ret = krb5_crypto_length_iov(context, crypto,
748	iov, sizeof(iov)/sizeof(iov[0]));
749	if (ret)
750	krb5_err(context, 1, ret, "krb5_crypto_length_iov");
751
752	for (len = 0, i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) {
753	if (iov[i].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY)
754	continue;
755	len += iov[i].data.length;
756	}
757
758	base = emalloc(len);
759
760	/*
761	* Allocate data for the fields
762	*/
763
764	for (p = base, i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) {
765	if (iov[i].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY)
766	continue;;
767	iov[i].data.data = p;
768	p += iov[i].data.length;
769	}
770	assert(iov[1].data.length == in.length);
771	memcpy(iov[1].data.data, in.data, iov[1].data.length);
772
773	assert(iov[3].data.length == in2.length);
774	memcpy(iov[3].data.data, in2.data, iov[3].data.length);
775
776
777
778	/*
779	* Encrypt
780	*/
781
782	ret = krb5_encrypt_iov_ivec(context, crypto, 7,
783	iov, sizeof(iov)/sizeof(iov[0]), NULL);
784	if (ret)
785	krb5_err(context, 1, ret, "krb5_encrypt_iov_ivec");
786
787	/*
788	* Decrypt
789	*/
790
791	ret = krb5_decrypt_iov_ivec(context, crypto, 7,
792	iov, sizeof(iov)/sizeof(iov[0]), NULL);
793	if (ret)
794	krb5_err(context, 1, ret, "krb5_decrypt_iov_ivec");
795
796	/*
797	* Verify data
798	*/
799
800	if (krb5_data_cmp(&iov[1].data, &in) != 0)
801	krb5_errx(context, 1, "decrypted data 2.1 not same");
802
803	if (krb5_data_cmp(&iov[3].data, &in2) != 0)
804	krb5_errx(context, 1, "decrypted data 2.2 not same");
805
806	/*
807	* Free memory
808	*/
809
810	free(base);
811
812	krb5_crypto_destroy(context, crypto);
813
814	krb5_free_keyblock_contents(context, &key);
815
816	return 0;
817	}
818
819
820
821	static int
822	random_to_key(krb5_context context)
823	{
824	krb5_error_code ret;
825	krb5_keyblock key;
826
827	ret = krb5_random_to_key(context,
828	ETYPE_DES3_CBC_SHA1,
829	"\x21\x39\x04\x58\x6A\xBD\x7F"
830	"\x21\x39\x04\x58\x6A\xBD\x7F"
831	"\x21\x39\x04\x58\x6A\xBD\x7F",
832	21,
833	&key);
834	if (ret){
835	krb5_warn(context, ret, "random_to_key");
836	return 1;
837	}
838	if (key.keyvalue.length != 24)
839	return 1;
840
841	if (memcmp(key.keyvalue.data,
842	"\x20\x38\x04\x58\x6b\xbc\x7f\xc7"
843	"\x20\x38\x04\x58\x6b\xbc\x7f\xc7"
844	"\x20\x38\x04\x58\x6b\xbc\x7f\xc7",
845	24) != 0)
846	return 1;
847
848	krb5_free_keyblock_contents(context, &key);
849
850	return 0;
851	}
852
853	int
854	main(int argc, char **argv)
855	{
856	krb5_error_code ret;
857	krb5_context context;
858	int val = 0;
859
860	ret = krb5_init_context (&context);
861	if (ret)
862	errx (1, "krb5_init_context failed: %d", ret);
863
864	val \|= string_to_key_test(context);
865
866	val \|= krb_enc_test(context);
867	val \|= random_to_key(context);
868	val \|= iov_test(context);
869
870	if (verbose && val == 0)
871	printf("all ok\n");
872	if (val)
873	printf("tests failed\n");
874
875	krb5_free_context(context);
876
877	return val;
878	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: heimdal/trunk/lib/krb5/aes-test.c

Download in other formats: