diff options
author | Marc Horowitz <marc@mit.edu> | 1998-09-30 03:41:07 +0000 |
---|---|---|
committer | Marc Horowitz <marc@mit.edu> | 1998-09-30 03:41:07 +0000 |
commit | a292f2266d7f5fe57aaf5e27e498be2f0350f79f (patch) | |
tree | fff9ecf91ec82217826406918e57affffc67125f | |
parent | dcbf4dc310cd5e48f77f16059af04b8cf1c64f54 (diff) | |
download | krb5-a292f2266d7f5fe57aaf5e27e498be2f0350f79f.zip krb5-a292f2266d7f5fe57aaf5e27e498be2f0350f79f.tar.gz krb5-a292f2266d7f5fe57aaf5e27e498be2f0350f79f.tar.bz2 |
reintegrate crypto tests into the tree
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/marc-3des@10951 dc483132-0cff-0310-8789-dd5450dbe970
-rw-r--r-- | src/lib/crypto/Makefile.in | 12 | ||||
-rw-r--r-- | src/lib/crypto/configure.in | 1 | ||||
-rw-r--r-- | src/lib/crypto/des/Makefile.in | 17 | ||||
-rw-r--r-- | src/lib/crypto/des/destest.c | 7 | ||||
-rw-r--r-- | src/lib/crypto/des/t_verify.c | 44 | ||||
-rw-r--r-- | src/lib/crypto/keyhash_provider/Makefile.in | 20 | ||||
-rw-r--r-- | src/lib/crypto/keyhash_provider/t_cksum.c | 136 | ||||
-rw-r--r-- | src/lib/crypto/md4/Makefile.in | 23 | ||||
-rw-r--r-- | src/lib/crypto/md5/Makefile.in | 15 | ||||
-rw-r--r-- | src/lib/crypto/md5/t_cksum.c | 203 | ||||
-rw-r--r-- | src/lib/crypto/md5/t_mddriver.c | 323 | ||||
-rw-r--r-- | src/lib/crypto/sha1/Makefile.in | 15 | ||||
-rw-r--r-- | src/lib/crypto/sha1/t_shs.c | 132 | ||||
-rw-r--r-- | src/lib/crypto/t_nfold.c | 76 |
14 files changed, 774 insertions, 250 deletions
diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in index 6af65a0..48d035a 100644 --- a/src/lib/crypto/Makefile.in +++ b/src/lib/crypto/Makefile.in @@ -15,6 +15,9 @@ CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)/enc_provider \ MAC_SUBDIRS = crc32 des dk enc_provider hash_provider keyhash_provider \ md4 md5 old raw sha1 +PROG_LIBPATH=-L$(TOPLIBD) +PROG_RPATH=$(KRB5_LIBDIR) + STLIBOBJS=\ block_size.o \ checksum_length.o \ @@ -123,7 +126,14 @@ libcrypto.lib: clean-unix:: clean-liblinks clean-libs clean-libobjs -check-unix:: +check-unix:: t_nfold + $(RUN_SETUP) ./t_nfold + +t_nfold$(EXEEXT): t_nfold.$(OBJEXT) nfold.$(OBJEXT) + $(CC_LINK) -o $@ t_nfold.$(OBJEXT) nfold.$(OBJEXT) + +clean:: + $(RM) t_nfold.o t_nfold all-windows:: cd crc32 diff --git a/src/lib/crypto/configure.in b/src/lib/crypto/configure.in index b5f73d9..2fb1faf 100644 --- a/src/lib/crypto/configure.in +++ b/src/lib/crypto/configure.in @@ -6,6 +6,7 @@ AC_PROG_RANLIB AC_PROG_INSTALL KRB5_RUN_FLAGS +KRB5_BUILD_PROGRAM KRB5_BUILD_LIBOBJS KRB5_BUILD_LIBRARY diff --git a/src/lib/crypto/des/Makefile.in b/src/lib/crypto/des/Makefile.in index 8f1e6d6..fdef9e8 100644 --- a/src/lib/crypto/des/Makefile.in +++ b/src/lib/crypto/des/Makefile.in @@ -34,7 +34,7 @@ OBJS= afsstring2key.$(OBJEXT) \ f_sched.$(OBJEXT) \ f_tables.$(OBJEXT) \ key_sched.$(OBJEXT) \ - string2key.$(OBEXT) \ + string2key.$(OBJEXT) \ weak_key.$(OBJEXT) SRCS= $(srcdir)/afsstring2key.c \ @@ -57,13 +57,18 @@ includes:: depend depend:: $(SRCS) -verify$(EXEEXT): t_verify.$(OBJEXT) $(OBJS) - $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(OBJS) +TOBJS = key_sched.$(OBJEXT) f_sched.$(OBJEXT) f_cbc.$(OBJEXT) \ + f_tables.$(OBJEXT) f_cksum.$(OBJEXT) -destest$(EXEEXT): destest.$(OBJEXT) $(OBJS) - $(CC_LINK) -o $@ destest.$(OBJEXT) $(OBJS) +verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \ + $(COM_ERR_DEPLIB) + $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \ + -lcom_err -check-unix:: destest verify +destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) + $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) + +check-unix:: verify destest $(RUN_SETUP) ./verify -z $(RUN_SETUP) ./verify -m $(RUN_SETUP) ./verify diff --git a/src/lib/crypto/des/destest.c b/src/lib/crypto/des/destest.c index 3d6ae24..aa89ffb 100644 --- a/src/lib/crypto/des/destest.c +++ b/src/lib/crypto/des/destest.c @@ -34,6 +34,8 @@ void convert PROTOTYPE((char *, unsigned char [])); void des_cblock_print_file PROTOTYPE((mit_des_cblock, FILE *)); +char zeroblock[8] = {0,0,0,0,0,0,0,0}; + void main(argc, argv) int argc; @@ -57,7 +59,7 @@ char *argv[]; fprintf(stderr, "des test: can't process key"); exit(1); } - mit_des_ecb_encrypt(&input, &output2, sched, 1); + mit_des_cbc_encrypt(&input, &output2, 8, sched, zeroblock, 1); if (memcmp((char *)output2, (char *)output, 8)) { fprintf(stderr, @@ -71,7 +73,7 @@ char *argv[]; /* * Now try decrypting.... */ - mit_des_ecb_encrypt(&output, &output2, sched, 0); + mit_des_cbc_encrypt(&output, &output2, 8, sched, zeroblock, 0); if (memcmp((char *)output2, (char *)input, 8)) { fprintf(stderr, @@ -132,7 +134,6 @@ unsigned char cblock[]; * Fake out the DES library, for the purposes of testing. */ -#include "des.h" #include "des_int.h" int diff --git a/src/lib/crypto/des/t_verify.c b/src/lib/crypto/des/t_verify.c index 9870b29..78031f7 100644 --- a/src/lib/crypto/des/t_verify.c +++ b/src/lib/crypto/des/t_verify.c @@ -50,23 +50,6 @@ unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0}; unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */ unsigned char *input; -unsigned char *nfold_in[] = { - "basch", - "eichin", - "sommerfeld", - "MASSACHVSETTS INSTITVTE OF TECHNOLOGY" }; - -unsigned char nfold_192[4][24] = { - { 0x1a, 0xab, 0x6b, 0x42, 0x96, 0x4b, 0x98, 0xb2, 0x1f, 0x8c, 0xde, 0x2d, - 0x24, 0x48, 0xba, 0x34, 0x55, 0xd7, 0x86, 0x2c, 0x97, 0x31, 0x64, 0x3f }, - { 0x65, 0x69, 0x63, 0x68, 0x69, 0x6e, 0x4b, 0x73, 0x2b, 0x4b, 0x1b, 0x43, - 0xda, 0x1a, 0x5b, 0x99, 0x5a, 0x58, 0xd2, 0xc6, 0xd0, 0xd2, 0xdc, 0xca }, - { 0x2f, 0x7a, 0x98, 0x55, 0x7c, 0x6e, 0xe4, 0xab, 0xad, 0xf4, 0xe7, 0x11, - 0x92, 0xdd, 0x44, 0x2b, 0xd4, 0xff, 0x53, 0x25, 0xa5, 0xde, 0xf7, 0x5c }, - { 0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60, 0x32, 0x82, 0xb3, 0x08, - 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54, 0x0c, 0x1b } -}; - /* 0x0123456789abcdef */ unsigned char default_key[8] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef @@ -112,7 +95,7 @@ unsigned char mresult[8] = { mit_des_key_schedule sched; -void +int main(argc,argv) int argc; char *argv[]; @@ -316,21 +299,6 @@ main(argc,argv) else printf("verify: CBC checksum is correct\n\n"); - printf("N-fold\n"); - for (i=0; i<sizeof(nfold_in)/sizeof(char *); i++) { - printf("\tInput:\t\"%.*s\"\n", strlen(nfold_in[i]), nfold_in[i]); - printf("\t192-Fold:\t"); - mit_des_n_fold(nfold_in[i], strlen(nfold_in[i]), cipher_text, 24); - for (j=0; j<24; j++) - printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]); - printf("\n"); - if (memcmp(cipher_text, nfold_192[i], 24)) { - printf("verify: error in n-fold\n"); - exit(-1); - }; - } - printf("verify: N-fold is correct\n\n"); - exit(0); } @@ -362,9 +330,11 @@ do_encrypt(in,out) char *out; { for (i =1; i<=nflag; i++) { - mit_des_ecb_encrypt((mit_des_cblock *)in, + mit_des_cbc_encrypt((mit_des_cblock *)in, (mit_des_cblock *)out, + 8, sched, + zero_text, MIT_DES_ENCRYPT); if (mit_des_debug) { printf("\nclear %s\n",in); @@ -384,9 +354,11 @@ do_decrypt(in,out) /* try to invert it */ { for (i =1; i<=nflag; i++) { - mit_des_ecb_encrypt((mit_des_cblock *)out, + mit_des_cbc_encrypt((mit_des_cblock *)out, (mit_des_cblock *)in, + 8, sched, + zero_text, MIT_DES_DECRYPT); if (mit_des_debug) { printf("clear %s\n",in); @@ -403,8 +375,6 @@ do_decrypt(in,out) * Fake out the DES library, for the purposes of testing. */ -#include "des.h" - int mit_des_is_weak_key(key) mit_des_cblock key; diff --git a/src/lib/crypto/keyhash_provider/Makefile.in b/src/lib/crypto/keyhash_provider/Makefile.in index 0896d81..86a4796 100644 --- a/src/lib/crypto/keyhash_provider/Makefile.in +++ b/src/lib/crypto/keyhash_provider/Makefile.in @@ -27,4 +27,24 @@ includes:: depend depend:: $(SRCS) +t_cksum4.o: t_cksum.c + $(CC) -DMD=4 $(CFLAGS) -o t_cksum4.o -c t_cksum.c + +t_cksum5.o: t_cksum.c + $(CC) -DMD=5 $(CFLAGS) -o t_cksum5.o -c t_cksum.c + +t_cksum4: t_cksum4.o $(KRB5_BASE_DEPLIBS) + $(CC_LINK) -o t_cksum4 t_cksum4.o $(KRB5_BASE_LIBS) + +t_cksum5: t_cksum5.o $(KRB5_BASE_DEPLIBS) + $(CC_LINK) -o t_cksum5 t_cksum5.o $(KRB5_BASE_LIBS) + +check-unix:: t_cksum4 t_cksum5 + $(RUN_SETUP) $(C)t_cksum4 "this is a test" + $(RUN_SETUP) $(C)t_cksum5 "this is a test" + +clean-unix:: + $(RM) t_cksum4 t_cksum4.o + $(RM) t_cksum5 t_cksum5.o + clean-unix:: clean-libobjs diff --git a/src/lib/crypto/keyhash_provider/t_cksum.c b/src/lib/crypto/keyhash_provider/t_cksum.c new file mode 100644 index 0000000..c9eecc7 --- /dev/null +++ b/src/lib/crypto/keyhash_provider/t_cksum.c @@ -0,0 +1,136 @@ +/* + * lib/crypto/md5/t_cksum.c + * + * Copyright 1995 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + */ + +/* + * t_cksum.c - Test checksum and checksum compatability for rsa-md[4,5]-des + */ + +#include "k5-int.h" + +#define MD5_K5BETA_COMPAT +#define MD4_K5BETA_COMPAT + +#if MD == 4 +extern struct krb5_keyhash_provider krb5_keyhash_md4des; +#define khp krb5_keyhash_md4des +#endif + +#if MD == 5 +extern struct krb5_keyhash_provider krb5_keyhash_md5des; +#define khp krb5_keyhash_md5des +#endif + +static void +print_checksum(text, number, message, checksum) + char *text; + int number; + char *message; + krb5_data *checksum; +{ + int i; + + printf("%s MD%d checksum(\"%s\") = ", text, number, message); + for (i=0; i<checksum->length; i++) + printf("%02x", (unsigned char) checksum->data[i]); + printf("\n"); +} + +/* + * Test the checksum verification of Old Style (tm) and correct RSA-MD[4,5]-DES + * checksums. + */ + +krb5_octet testkey[8] = { 0x45, 0x01, 0x49, 0x61, 0x58, 0x19, 0x1a, 0x3d }; + +int +main(argc, argv) + int argc; + char **argv; +{ + int msgindex; + krb5_boolean valid; + size_t length; + krb5_context kcontext; + krb5_keyblock keyblock; + krb5_error_code kret; + krb5_data plaintext, newstyle_checksum; + + /* this is a terrible seed, but that's ok for the test. */ + + plaintext.length = 8; + plaintext.data = testkey; + + krb5_c_random_seed(/* XXX */ 0, &plaintext); + + keyblock.enctype = ENCTYPE_DES_CBC_CRC; + keyblock.length = sizeof(testkey); + keyblock.contents = testkey; + + (*(khp.hash_size))(&length); + + newstyle_checksum.length = length; + + if (!(newstyle_checksum.data = (krb5_octet *) + malloc(newstyle_checksum.length))) { + printf("cannot get memory for new style checksum\n"); + return(ENOMEM); + } + for (msgindex = 1; msgindex < argc; msgindex++) { + plaintext.length = strlen(argv[msgindex]); + plaintext.data = argv[msgindex]; + + if ((kret = (*(khp.hash))(&keyblock, 0, &plaintext, &newstyle_checksum))) { + printf("krb5_calculate_checksum choked with %d\n", kret); + break; + } + print_checksum("correct", MD, argv[msgindex], &newstyle_checksum); + + if ((kret = (*(khp.verify))(&keyblock, 0, &plaintext, &newstyle_checksum, + &valid))) { + printf("verify on new checksum choked with %d\n", kret); + break; + } + if (!valid) { + printf("verify on new checksum failed\n"); + break; + } + printf("Verify succeeded for \"%s\"\n", argv[msgindex]); + + newstyle_checksum.data[0]++; + if ((kret = (*(khp.verify))(&keyblock, 0, &plaintext, &newstyle_checksum, + &valid))) { + printf("verify on new checksum choked with %d\n", kret); + break; + } + if (valid) { + printf("verify on new checksum succeeded, but shouldn't have\n"); + break; + } + printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]); + kret = 0; + } + if (!kret) + printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD); + return(kret); +} diff --git a/src/lib/crypto/md4/Makefile.in b/src/lib/crypto/md4/Makefile.in index 9151a27..be6baeb 100644 --- a/src/lib/crypto/md4/Makefile.in +++ b/src/lib/crypto/md4/Makefile.in @@ -26,4 +26,27 @@ includes:: depend depend:: $(SRCS) +t_mddriver.c: $(srcdir)/../md5/t_mddriver.c + $(CP) $(srcdir)/../md5/t_mddriver.c t_mddriver.c + +t_mddriver.o: t_mddriver.c + $(CC) -DMD=4 $(CFLAGS) -c t_mddriver.c + +t_mddriver: t_mddriver.o md4.o + $(CC) $(CFLAGS) -o t_mddriver t_mddriver.o md4.o + +t_mddriver.exe: + $(CP) $(srcdir)\..\md5\t_mddriver.c t_mddriver.c + $(CC) -DMD=4 $(CFLAGS2) -o t_mddriver t_mddriver.c md4.c + $(RM) md4.obj + +check-unix:: t_mddriver + $(RUN_SETUP) $(C)t_mddriver -x + +check-windows:: t_mddriver$(EXEEXT) + $(C)t_mddriver$(EXEEXT) -x + +clean:: + $(RM) t_mddriver$(EXEEXT) t_mddriver.$(OBJEXT) t_mddriver.c + clean-unix:: clean-libobjs diff --git a/src/lib/crypto/md5/Makefile.in b/src/lib/crypto/md5/Makefile.in index d9a8930..219fa30 100644 --- a/src/lib/crypto/md5/Makefile.in +++ b/src/lib/crypto/md5/Makefile.in @@ -26,4 +26,19 @@ includes:: depend depend:: $(SRCS) +t_mddriver: t_mddriver.o md5.o + $(CC) $(CFLAGS) $(LDFLAGS) -o t_mddriver t_mddriver.o md5.o + +t_mddriver.exe: + $(CC) $(CFLAGS2) -o t_mddriver.exe t_mddriver.c md5.c + +check-unix:: t_mddriver + $(RUN_SETUP) $(C)t_mddriver -x + +check-windows:: t_mddriver$(EXEEXT) + $(C)t_mddriver$(EXEEXT) -x + +clean:: + $(RM) t_mddriver$(EXEEXT) t_mddriver.$(OBJEXT) + clean-unix:: clean-libobjs diff --git a/src/lib/crypto/md5/t_cksum.c b/src/lib/crypto/md5/t_cksum.c deleted file mode 100644 index 5bc6370..0000000 --- a/src/lib/crypto/md5/t_cksum.c +++ /dev/null @@ -1,203 +0,0 @@ -/* - * lib/crypto/md5/t_cksum.c - * - * Copyright 1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - -/* - * t_cksum.c - Test checksum and checksum compatability for rsa-md[4,5]-des - */ - -#ifndef MD -#define MD 5 -#endif /* MD */ - -#include "k5-int.h" -#if MD == 4 -#include "rsa-md4.h" -#endif /* MD == 4 */ -#if MD == 5 -#include "rsa-md5.h" -#endif /* MD == 5 */ -#include "des_int.h" - -#define MD5_K5BETA_COMPAT -#define MD4_K5BETA_COMPAT - -#if MD == 4 -#define CONFOUNDER_LENGTH RSA_MD4_DES_CONFOUND_LENGTH -#define NEW_CHECKSUM_LENGTH NEW_RSA_MD4_DES_CKSUM_LENGTH -#define OLD_CHECKSUM_LENGTH OLD_RSA_MD4_DES_CKSUM_LENGTH -#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD4_DES -#ifdef MD4_K5BETA_COMPAT -#define K5BETA_COMPAT 1 -#else /* MD4_K5BETA_COMPAT */ -#undef K5BETA_COMPAT -#endif /* MD4_K5BETA_COMPAT */ -#define CKSUM_FUNCTION krb5_md4_crypto_sum_func -#define COMPAT_FUNCTION krb5_md4_crypto_compat_sum_func -#define VERIFY_FUNCTION krb5_md4_crypto_verify_func -#endif /* MD == 4 */ - -#if MD == 5 -#define CONFOUNDER_LENGTH RSA_MD5_DES_CONFOUND_LENGTH -#define NEW_CHECKSUM_LENGTH NEW_RSA_MD5_DES_CKSUM_LENGTH -#define OLD_CHECKSUM_LENGTH OLD_RSA_MD5_DES_CKSUM_LENGTH -#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD5_DES -#ifdef MD5_K5BETA_COMPAT -#define K5BETA_COMPAT 1 -#else /* MD5_K5BETA_COMPAT */ -#undef K5BETA_COMPAT -#endif /* MD5_K5BETA_COMPAT */ -#define CKSUM_FUNCTION krb5_md5_crypto_sum_func -#define COMPAT_FUNCTION krb5_md5_crypto_compat_sum_func -#define VERIFY_FUNCTION krb5_md5_crypto_verify_func -#endif /* MD == 5 */ - -static void -print_checksum(text, number, message, checksum) - char *text; - int number; - char *message; - krb5_checksum *checksum; -{ - int i; - - printf("%s MD%d checksum(\"%s\") = ", text, number, message); - for (i=0; i<checksum->length; i++) - printf("%02x", checksum->contents[i]); - printf("\n"); -} - -/* - * Test the checksum verification of Old Style (tm) and correct RSA-MD[4,5]-DES - * checksums. - */ -int -main(argc, argv) - int argc; - char **argv; -{ - int msgindex; - krb5_context kcontext; - krb5_encrypt_block encblock; - krb5_keyblock keyblock; - krb5_error_code kret; - krb5_checksum oldstyle_checksum; - krb5_checksum newstyle_checksum; - krb5_data pwdata; - char *pwd; - - pwd = "test password"; - pwdata.length = strlen(pwd); - pwdata.data = pwd; - krb5_use_enctype(kcontext, &encblock, DEFAULT_KDC_ENCTYPE); - if ((kret = mit_des_string_to_key(&encblock, &keyblock, &pwdata, NULL))) { - printf("mit_des_string_to_key choked with %d\n", kret); - return(kret); - } - if ((kret = mit_des_process_key(&encblock, &keyblock))) { - printf("mit_des_process_key choked with %d\n", kret); - return(kret); - } - - oldstyle_checksum.length = OLD_CHECKSUM_LENGTH; - if (!(oldstyle_checksum.contents = (krb5_octet *) malloc(OLD_CHECKSUM_LENGTH))) { - printf("cannot get memory for old style checksum\n"); - return(ENOMEM); - } - newstyle_checksum.length = NEW_CHECKSUM_LENGTH; - if (!(newstyle_checksum.contents = (krb5_octet *) - malloc(NEW_CHECKSUM_LENGTH))) { - printf("cannot get memory for new style checksum\n"); - return(ENOMEM); - } - for (msgindex = 1; msgindex < argc; msgindex++) { - if ((kret = CKSUM_FUNCTION(argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length, - &newstyle_checksum))) { - printf("krb5_calculate_checksum choked with %d\n", kret); - break; - } - print_checksum("correct", MD, argv[msgindex], &newstyle_checksum); -#ifdef K5BETA_COMPAT - if ((kret = COMPAT_FUNCTION(argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length, - &oldstyle_checksum))) { - printf("old style calculate_checksum choked with %d\n", kret); - break; - } - print_checksum("old", MD, argv[msgindex], &oldstyle_checksum); -#endif /* K5BETA_COMPAT */ - if ((kret = VERIFY_FUNCTION(&newstyle_checksum, - argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length))) { - printf("verify on new checksum choked with %d\n", kret); - break; - } - printf("Verify succeeded for \"%s\"\n", argv[msgindex]); -#ifdef K5BETA_COMPAT - if ((kret = VERIFY_FUNCTION(&oldstyle_checksum, - argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length))) { - printf("verify on old checksum choked with %d\n", kret); - break; - } - printf("Compatible checksum verify succeeded for \"%s\"\n", - argv[msgindex]); -#endif /* K5BETA_COMPAT */ - newstyle_checksum.contents[0]++; - if (!(kret = VERIFY_FUNCTION(&newstyle_checksum, - argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length))) { - printf("verify on new checksum should have choked\n"); - break; - } - printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]); -#ifdef K5BETA_COMPAT - oldstyle_checksum.contents[0]++; - if (!(kret = VERIFY_FUNCTION(&oldstyle_checksum, - argv[msgindex], - strlen(argv[msgindex]), - (krb5_pointer) keyblock.contents, - keyblock.length))) { - printf("verify on old checksum should have choked\n"); - break; - } - printf("Compatible checksum verify of altered checksum OK for \"%s\"\n", - argv[msgindex]); -#endif /* K5BETA_COMPAT */ - kret = 0; - } - if (!kret) - printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD); - return(kret); -} diff --git a/src/lib/crypto/md5/t_mddriver.c b/src/lib/crypto/md5/t_mddriver.c new file mode 100644 index 0000000..407e586 --- /dev/null +++ b/src/lib/crypto/md5/t_mddriver.c @@ -0,0 +1,323 @@ +/* MDDRIVER.C - test driver for MD2, MD4 and MD5 + */ + +/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All +rights reserved. + +RSA Data Security, Inc. makes no representations concerning either +the merchantability of this software or the suitability of this +software for any particular purpose. It is provided "as is" +without express or implied warranty of any kind. + +These notices must be retained in any copies of any part of this +documentation and/or software. + */ + +/* The following makes MD default to MD5 if it has not already been + defined with C compiler flags. + */ +#ifndef MD +#define MD 5 +#endif + +#include "k5-int.h" + +#if MD == 2 +#include "md2.h" +#endif +#if MD == 4 +#include "rsa-md4.h" +#endif +#if MD == 5 +#include "rsa-md5.h" +#endif + +/* Length of test block, number of test blocks. + */ +#define TEST_BLOCK_LEN 1000 +#define TEST_BLOCK_COUNT 1000 + +static void MDString PROTOTYPE ((char *)); +static void MDTimeTrial PROTOTYPE ((void)); +static void MDTestSuite PROTOTYPE ((void)); +static void MDFile PROTOTYPE ((char *)); +static void MDFilter PROTOTYPE ((void)); +static void MDPrint PROTOTYPE ((unsigned char [16])); + +struct md_test_entry { + char *string; + unsigned char digest[16]; +}; + +#if MD == 2 +#define MD_CTX krb5_MD2_CTX +#define MDInit krb5_MD2Init +#define MDUpdate krb5_MD2Update +#define MDFinal krb5_MD2Final +#endif + +#if MD == 4 +#define MD_CTX krb5_MD4_CTX +#define MDInit krb5_MD4Init +#define MDUpdate krb5_MD4Update +#define MDFinal krb5_MD4Final + +#define HAVE_TEST_SUITE +/* Test suite from RFC 1320 */ + +struct md_test_entry md_test_suite[] = { + { "", + 0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31, + 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0 }, + { "a", + 0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46, + 0x24, 0x5e, 0x05, 0xfb, 0xdb, 0xd6, 0xfb, 0x24 }, + { "abc", + 0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52, + 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d }, + { "message digest", + 0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8, + 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b }, + { "abcdefghijklmnopqrstuvwxyz", + 0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd, + 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9 }, + { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + 0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35, + 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4 }, + { "12345678901234567890123456789012345678901234567890123456789012345678901234567890", + 0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19, + 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36 }, + { 0, 0 } +}; + +#endif + +#if MD == 5 +#define MD_CTX krb5_MD5_CTX +#define MDInit krb5_MD5Init +#define MDUpdate krb5_MD5Update +#define MDFinal krb5_MD5Final + +#define HAVE_TEST_SUITE +/* Test suite from RFC 1321 */ + +struct md_test_entry md_test_suite[] = { + { "", + 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, + 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e }, + { "a", + 0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, + 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 }, + { "abc", + 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, + 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 }, + { "message digest", + 0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, + 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 }, + { "abcdefghijklmnopqrstuvwxyz", + 0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, + 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b }, + { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + 0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, + 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f }, + { "12345678901234567890123456789012345678901234567890123456789012345678901234567890", + 0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, + 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a }, + { 0, 0 } +}; + +#endif + +/* Main driver. + +Arguments (may be any combination): + -sstring - digests string + -t - runs time trial + -x - runs test script + filename - digests file + (none) - digests standard input + */ +int main (argc, argv) +int argc; +char *argv[]; +{ + int i; + + if (argc > 1) + for (i = 1; i < argc; i++) + if (argv[i][0] == '-' && argv[i][1] == 's') + MDString (argv[i] + 2); + else if (strcmp (argv[i], "-t") == 0) + MDTimeTrial (); + else if (strcmp (argv[i], "-x") == 0) + MDTestSuite (); + else + MDFile (argv[i]); + else + MDFilter (); + + return (0); +} + +/* Digests a string and prints the result. + */ +static void MDString (string) +char *string; +{ + MD_CTX context; + unsigned int len = strlen (string); + + MDInit (&context); + MDUpdate (&context, (unsigned char *) string, len); + MDFinal (&context); + + printf ("MD%d (\"%s\") = ", MD, string); + MDPrint (context.digest); + printf ("\n"); +} + +/* Measures the time to digest TEST_BLOCK_COUNT TEST_BLOCK_LEN-byte + blocks. + */ +static void MDTimeTrial () +{ + MD_CTX context; + time_t endTime, startTime; + unsigned char block[TEST_BLOCK_LEN]; + unsigned int i; + + printf("MD%d time trial. Digesting %d %d-byte blocks ...", MD, + TEST_BLOCK_LEN, TEST_BLOCK_COUNT); + + /* Initialize block */ + for (i = 0; i < TEST_BLOCK_LEN; i++) + block[i] = (unsigned char)(i & 0xff); + + /* Start timer */ + time (&startTime); + + /* Digest blocks */ + MDInit (&context); + for (i = 0; i < TEST_BLOCK_COUNT; i++) + MDUpdate (&context, block, TEST_BLOCK_LEN); + MDFinal (&context); + + /* Stop timer */ + time (&endTime); + + printf (" done\n"); + printf ("Digest = "); + MDPrint (context.digest); + printf ("\nTime = %ld seconds\n", (long)(endTime-startTime)); + printf + ("Speed = %ld bytes/second\n", + (long)TEST_BLOCK_LEN * (long)TEST_BLOCK_COUNT/(endTime-startTime)); +} + +/* Digests a reference suite of strings and prints the results. + */ +static void MDTestSuite () +{ +#ifdef HAVE_TEST_SUITE + MD_CTX context; + struct md_test_entry *entry; + int i, num_tests = 0, num_failed = 0; + + printf ("MD%d test suite:\n\n", MD); + for (entry = md_test_suite; entry->string; entry++) { + unsigned int len = strlen (entry->string); + + MDInit (&context); + MDUpdate (&context, (unsigned char *) entry->string, len); + MDFinal (&context); + + printf ("MD%d (\"%s\") = ", MD, entry->string); + MDPrint (context.digest); + printf ("\n"); + for (i=0; i < 16; i++) { + if (context.digest[i] != entry->digest[i]) { + printf("\tIncorrect MD%d digest! Should have been:\n\t\t ", + MD); + MDPrint(entry->digest); + printf("\n"); + num_failed++; + } + } + num_tests++; + } + if (num_failed) { + printf("%d out of %d tests failed for MD%d!!!\n", num_failed, + num_tests, MD); + exit(1); + } else { + printf ("%d tests passed successfully for MD%d.\n", num_tests, MD); + exit(0); + } +#else + + printf ("MD%d test suite:\n", MD); + MDString (""); + MDString ("a"); + MDString ("abc"); + MDString ("message digest"); + MDString ("abcdefghijklmnopqrstuvwxyz"); + MDString + ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); + MDString + ("12345678901234567890123456789012345678901234567890123456789012345678901234567890"); +#endif +} + +/* Digests a file and prints the result. */ + +static void MDFile (filename) + char *filename; +{ + FILE *file; + MD_CTX context; + int len; + unsigned char buffer[1024]; + + if ((file = fopen (filename, "rb")) == NULL) + printf ("%s can't be opened\n", filename); + else { + MDInit (&context); + while (len = fread (buffer, 1, 1024, file)) + MDUpdate (&context, buffer, len); + MDFinal (&context); + + fclose (file); + + printf ("MD%d (%s) = ", MD, filename); + MDPrint (context.digest); + printf ("\n"); + } +} + +/* Digests the standard input and prints the result. + */ +static void MDFilter () +{ + MD_CTX context; + int len; + unsigned char buffer[16]; + + MDInit (&context); + while (len = fread (buffer, 1, 16, stdin)) + MDUpdate (&context, buffer, len); + MDFinal (&context); + + MDPrint (context.digest); + printf ("\n"); +} + +/* Prints a message digest in hexadecimal. + */ +static void MDPrint (digest) +unsigned char digest[16]; +{ + unsigned int i; + + for (i = 0; i < 16; i++) + printf ("%02x", digest[i]); +} diff --git a/src/lib/crypto/sha1/Makefile.in b/src/lib/crypto/sha1/Makefile.in index 2716e29..abc4793 100644 --- a/src/lib/crypto/sha1/Makefile.in +++ b/src/lib/crypto/sha1/Makefile.in @@ -26,4 +26,19 @@ includes:: depend depend:: $(SRCS) +t_shs: t_shs.o shs.o + $(CC) $(CFLAGS) $(LDFLAGS) -o t_shs t_shs.o shs.o + +t_shs.exe: + $(CC) $(CFLAGS2) -o t_shs.exe t_shs.c shs.c + +check-unix:: t_shs + $(C)t_shs -x + +check-windows:: t_shs$(EXEEXT) + $(C)t_shs$(EXEEXT) -x + +clean:: + $(RM) t_shs$(EXEEXT) t_shs.$(OBJEXT) + clean-unix:: clean-libobjs diff --git a/src/lib/crypto/sha1/t_shs.c b/src/lib/crypto/sha1/t_shs.c new file mode 100644 index 0000000..da55992 --- /dev/null +++ b/src/lib/crypto/sha1/t_shs.c @@ -0,0 +1,132 @@ +/**************************************************************************** +* * +* SHS Test Code * +* * +****************************************************************************/ + +#include <stdio.h> +#include <stdlib.h> +#include <time.h> +#include "shs.h" + +/* Test the SHS implementation */ + +#ifdef NEW_SHS + +static LONG shsTestResults[][ 5 ] = { + { 0xA9993E36L, 0x4706816AL, 0xBA3E2571L, 0x7850C26CL, 0x9CD0D89DL, }, + { 0x84983E44L, 0x1C3BD26EL, 0xBAAE4AA1L, 0xF95129E5L, 0xE54670F1L, }, + { 0x34AA973CL, 0xD4C4DAA4L, 0xF61EEB2BL, 0xDBAD2731L, 0x6534016FL, } + }; + +#else + +static LONG shsTestResults[][ 5 ] = { + { 0x0164B8A9L, 0x14CD2A5EL, 0x74C4F7FFL, 0x082C4D97L, 0xF1EDF880L }, + { 0xD2516EE1L, 0xACFA5BAFL, 0x33DFC1C4L, 0x71E43844L, 0x9EF134C8L }, + { 0x3232AFFAL, 0x48628A26L, 0x653B5AAAL, 0x44541FD9L, 0x0D690603L } + }; +#endif /* NEW_SHS */ + +static int compareSHSresults(shsInfo, shsTestLevel) +SHS_INFO *shsInfo; +int shsTestLevel; +{ + int i, fail = 0; + + /* Compare the returned digest and required values */ + for( i = 0; i < 5; i++ ) + if( shsInfo->digest[ i ] != shsTestResults[ shsTestLevel ][ i ] ) + fail = 1; + if (fail) { + printf("\nExpected: "); + for (i = 0; i < 5; i++) { + printf("%8.8lx ", shsTestResults[shsTestLevel][i]); + } + printf("\nGot: "); + for (i = 0; i < 5; i++) { + printf("%8.8lx ", shsInfo->digest[i]); + } + printf("\n"); + return( -1 ); + } + return( 0 ); +} + +main() +{ + SHS_INFO shsInfo; + unsigned int i; + time_t secondCount; + BYTE data[ 200 ]; + + /* Make sure we've got the endianness set right. If the machine is + big-endian (up to 64 bits) the following value will be signed, + otherwise it will be unsigned. Unfortunately we can't test for odd + things like middle-endianness without knowing the size of the data + types */ + + /* Test SHS against values given in SHS standards document */ + printf( "Running SHS test 1 ... " ); + shsInit( &shsInfo ); + shsUpdate( &shsInfo, ( BYTE * ) "abc", 3 ); + shsFinal( &shsInfo ); + if( compareSHSresults( &shsInfo, 0 ) == -1 ) + { + putchar( '\n' ); + puts( "SHS test 1 failed" ); + exit( -1 ); + } +#ifdef NEW_SHS + puts( "passed, result= A9993E364706816ABA3E25717850C26C9CD0D89D" ); +#else + puts( "passed, result= 0164B8A914CD2A5E74C4F7FF082C4D97F1EDF880" ); +#endif /* NEW_SHS */ + + printf( "Running SHS test 2 ... " ); + shsInit( &shsInfo ); + shsUpdate( &shsInfo, ( BYTE * ) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56 ); + shsFinal( &shsInfo ); + if( compareSHSresults( &shsInfo, 1 ) == -1 ) + { + putchar( '\n' ); + puts( "SHS test 2 failed" ); + exit( -1 ); + } +#ifdef NEW_SHS + puts( "passed, result= 84983E441C3BD26EBAAE4AA1F95129E5E54670F1" ); +#else + puts( "passed, result= D2516EE1ACFA5BAF33DFC1C471E438449EF134C8" ); +#endif /* NEW_SHS */ + + printf( "Running SHS test 3 ... " ); + shsInit( &shsInfo ); + for( i = 0; i < 15625; i++ ) + shsUpdate( &shsInfo, ( BYTE * ) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 64 ); + shsFinal( &shsInfo ); + if( compareSHSresults( &shsInfo, 2 ) == -1 ) + { + putchar( '\n' ); + puts( "SHS test 3 failed" ); + exit( -1 ); + } +#ifdef NEW_SHS + puts( "passed, result= 34AA973CD4C4DAA4F61EEB2BDBAD27316534016F" ); +#else + puts( "passed, result= 3232AFFA48628A26653B5AAA44541FD90D690603" ); +#endif /* NEW_SHS */ + +#if 0 + printf( "\nTesting speed for 100MB data... " ); + shsInit( &shsInfo ); + secondCount = time( NULL ); + for( i = 0; i < 500000U; i++ ) + shsUpdate( &shsInfo, data, 200 ); + secondCount = time( NULL ) - secondCount; + printf( "done. Time = %ld seconds, %ld kbytes/second.\n", \ + secondCount, 100500L / secondCount ); +#endif + + puts( "\nAll SHS tests passed" ); + exit( 0 ); +} diff --git a/src/lib/crypto/t_nfold.c b/src/lib/crypto/t_nfold.c new file mode 100644 index 0000000..2693318 --- /dev/null +++ b/src/lib/crypto/t_nfold.c @@ -0,0 +1,76 @@ +/* + * lib/crypto/t_nfold.c + * + * Copyright 1988, 1990 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * Program to test the correctness of nfold implementation. + * + * exit returns 0 ==> success + * -1 ==> error + */ + +#include <stdio.h> +#include <string.h> + +#include "k5-int.h" + +unsigned char *nfold_in[] = { + "basch", + "eichin", + "sommerfeld", + "MASSACHVSETTS INSTITVTE OF TECHNOLOGY" }; + +unsigned char nfold_192[4][24] = { + { 0x1a, 0xab, 0x6b, 0x42, 0x96, 0x4b, 0x98, 0xb2, 0x1f, 0x8c, 0xde, 0x2d, + 0x24, 0x48, 0xba, 0x34, 0x55, 0xd7, 0x86, 0x2c, 0x97, 0x31, 0x64, 0x3f }, + { 0x65, 0x69, 0x63, 0x68, 0x69, 0x6e, 0x4b, 0x73, 0x2b, 0x4b, 0x1b, 0x43, + 0xda, 0x1a, 0x5b, 0x99, 0x5a, 0x58, 0xd2, 0xc6, 0xd0, 0xd2, 0xdc, 0xca }, + { 0x2f, 0x7a, 0x98, 0x55, 0x7c, 0x6e, 0xe4, 0xab, 0xad, 0xf4, 0xe7, 0x11, + 0x92, 0xdd, 0x44, 0x2b, 0xd4, 0xff, 0x53, 0x25, 0xa5, 0xde, 0xf7, 0x5c }, + { 0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60, 0x32, 0x82, 0xb3, 0x08, + 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54, 0x0c, 0x1b } +}; + +int +main(argc, argv) + int argc; + char *argv[]; +{ + unsigned char cipher_text[64]; + int i, j; + + printf("N-fold\n"); + for (i=0; i<sizeof(nfold_in)/sizeof(char *); i++) { + printf("\tInput:\t\"%.*s\"\n", strlen(nfold_in[i]), nfold_in[i]); + printf("\t192-Fold:\t"); + krb5_nfold(strlen(nfold_in[i])*8, nfold_in[i], 24*8, cipher_text); + for (j=0; j<24; j++) + printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]); + printf("\n"); + if (memcmp(cipher_text, nfold_192[i], 24)) { + printf("verify: error in n-fold\n"); + exit(-1); + }; + } + printf("verify: N-fold is correct\n\n"); + + exit(0); +} |