diff options
author | Greg Hudson <ghudson@mit.edu> | 2010-08-06 03:12:06 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2010-08-06 03:12:06 +0000 |
commit | ffc76e63796e45c661ffca86b42520b894db0b98 (patch) | |
tree | c600a7ca8b3cece358435057ce0bdd0ad0f536bf /src | |
parent | dab5522c4fd4bd160aa336d7bf90d0b37287164d (diff) | |
download | krb5-ffc76e63796e45c661ffca86b42520b894db0b98.zip krb5-ffc76e63796e45c661ffca86b42520b894db0b98.tar.gz krb5-ffc76e63796e45c661ffca86b42520b894db0b98.tar.bz2 |
Add two more crypto test programs on the camellia-ccm branch: one for
string-to-key test vectors for AES and Camellia, and one for encryption
and checksum test vectors for Camellia.
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/camellia-ccm@24234 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/crypto/crypto_tests/Makefile.in | 13 | ||||
-rw-r--r-- | src/lib/crypto/crypto_tests/t_camellia_ccm.c | 267 | ||||
-rw-r--r-- | src/lib/crypto/crypto_tests/t_str2key.c | 334 |
3 files changed, 612 insertions, 2 deletions
diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in index 38a6aea..3b2fa58 100644 --- a/src/lib/crypto/crypto_tests/Makefile.in +++ b/src/lib/crypto/crypto_tests/Makefile.in @@ -49,7 +49,7 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \ aes-test \ camellia-test \ t_mddriver4 t_mddriver \ - t_crc t_cts t_short + t_crc t_cts t_short t_str2key $(RUN_SETUP) $(VALGRIND) ./t_nfold $(RUN_SETUP) $(VALGRIND) ./t_encrypt $(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \ @@ -71,6 +71,8 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \ $(RUN_SETUP) $(VALGRIND) $(C)t_mddriver4 -x $(RUN_SETUP) $(VALGRIND) $(C)t_mddriver -x $(RUN_SETUP) $(VALGRIND) ./t_short + $(RUN_SETUP) $(VALGRIND) ./t_str2key + $(RUN_SETUP) $(VALGRIND) ./t_camellia_ccm @@ -145,6 +147,12 @@ t_mddriver: t_mddriver.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB) t_kperf: t_kperf.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB) $(CC_LINK) -o t_kperf t_kperf.o $(SUPPORT_LIB) $(CRYPTO_DEPLIB) +t_str2key$(EXEEXT): t_str2key.$(OBJEXT) $(SUPPORT_DEPLIB) + $(CC_LINK) -o $@ t_str2key.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB) + +t_camellia_ccm$(EXEEXT): t_camellia_ccm.$(OBJEXT) $(SUPPORT_DEPLIB) + $(CC_LINK) -o $@ t_camellia_ccm.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB) + ytest: ytest.o shs.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB) $(CC_LINK) -o ytest ytest.o $(SUPPORT_LIB) $(CRYPTO_DEPLIB) @@ -159,7 +167,8 @@ clean:: t_crc.o t_crc t_cts.o t_cts \ t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \ t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o \ - t_kperf.o t_kperf t_short t_short.o \ + t_kperf.o t_kperf t_short t_short.o t_str2key t_str2key.o \ + t_camellia_ccm t_camellia_ccm.o \ t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) -$(RM) t_prng.output diff --git a/src/lib/crypto/crypto_tests/t_camellia_ccm.c b/src/lib/crypto/crypto_tests/t_camellia_ccm.c new file mode 100644 index 0000000..329dcea --- /dev/null +++ b/src/lib/crypto/crypto_tests/t_camellia_ccm.c @@ -0,0 +1,267 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/crypto_tests/t_camellia_ccm.c + * + * Copyright 2010 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * Test vectors for camellia-ccm enctypes. + * + * Currently we have no way of controlling the random generated during + * encryption. This test program can be used to generate test vectors with + * random nonces, and to verify existing test vectors via decryption. + * + * Usage: + * ./t_camellia_ccm -ge <usage> <text> <additional> + * ./t_camellia_ccm -gc <usage> <text> + * ./t_camellia_ccm + */ + +#include "k5-int.h" + +static krb5_keyblock key_128 = { + KV5M_KEYBLOCK, + ENCTYPE_CAMELLIA128_CCM_128, + 16, (unsigned char *) + "\xF0\x10\x02\xD2\xB1\xF9\xA1\xAD\xE2\x57\xEE\xF7\x52\x9C\x2A\x16" +}; + +static krb5_keyblock key_256 = { + KV5M_KEYBLOCK, + ENCTYPE_CAMELLIA256_CCM_128, + 32, (unsigned char *) + "\xD7\xEF\x37\xE2\xD1\x05\x5E\xB7\xD7\x6B\x06\x39\x6E\xF7\x00\x52" + "\x3D\xA4\xB0\xB7\xA0\x53\xF5\xCC\x5F\xAE\x4A\x39\xCF\xC5\x75\x0F" +}; + +static struct enc_test { + krb5_keyusage usage; + char *input; + char *addl; + krb5_data cipher_128; + krb5_data cipher_256; +} enc_tests[] = { + { + 0, "", "", + { KV5M_DATA, 28, + "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34" + "\xA1\x0C\x14\x58\x97\x38\xDD\x6B\x0D\x44\x12\x87\xAC\x2C\xC8\xD8" }, + { KV5M_DATA, 28, + "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E" + "\x82\xC1\xFD\xB6\xA7\x05\x5B\x78\xD3\x1D\xE2\x34\xBA\xC3\xC0\x5A" } + }, + { + 1, "input", "additional", + { KV5M_DATA, 33, + "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34" + "\x32\x69\x98\x26\xE4" + "\xE4\x4E\x85\x75\xA0\x37\x60\xDF\x0A\x96\xEC\x24\xB2\xBE\x4A\xA4" }, + { KV5M_DATA, 33, + "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E" + "\x55\x9E\xB8\xB8\x22" + "\x7C\xD0\x38\x61\xC6\x81\x3C\x64\xB1\x72\xE3\x3D\x38\x36\x42\x72" } + }, + { + 100, + "this input spans multiple blocks", + "the additional data also spans multiple blocks", + { KV5M_DATA, 60, + "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34" + "\x29\x1B\xAF\x6E\x2E\x31\xC6\xDD\xB2\xC9\xE1\xDD\xB4\x82\xAD\x5E" + "\x87\xE2\x9A\x65\xF5\x53\x28\x75\x84\x40\x96\x1B\x56\x02\xAD\x31" + "\xDD\x15\x22\x61\xB6\x10\xAD\x80\x42\x44\x32\x85\xFD\xFA\x82\x1A" }, + { KV5M_DATA, 60, + "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E" + "\xD0\x9E\x5A\xFB\xFB\x56\x13\x5F\xB6\x29\x07\x0A\x54\x80\xAE\xB9" + "\x37\xC5\x25\x6E\xA3\x65\xD4\x2D\x92\x0A\x15\xF9\xED\x6B\x07\xC3" + "\x3D\x6B\x68\x9C\x2D\xC9\x7C\x69\x86\xAA\x7C\xCC\x37\x75\x33\x1C" } + } +}; + +static struct cksum_test { + krb5_keyusage usage; + char *input; + unsigned char expected_128[16]; + unsigned char expected_256[16]; +} cksum_tests[] = { + { + 0, "", + "\xEE\x29\xC4\x6D\xA1\x37\x1D\x27\xD7\x32\x12\xFA\x14\xE8\x25\xB3", + "\x19\x7A\xD0\x4B\x76\x82\x99\xA8\xD7\xBD\x51\x2C\xA8\x65\x65\x5D" + }, + { + 5, "input", + "\xA4\x40\x3B\x18\xC2\xAE\xFF\x04\xEA\x9E\xE2\x8F\xB0\x1F\x1C\x26", + "\xC2\x11\x53\x9B\x99\xC2\x76\xDB\xC4\x55\x4F\x73\xFE\xD9\x76\x38" + }, + { + 99, "a somewhat longer input spanning multiple blocks", + "\x4A\x29\x54\x12\x9D\xF8\x0D\x04\x33\x2C\xD2\xA6\xC4\x14\x10\xDA", + "\x0F\xAD\xE4\x38\xEA\xB4\xCB\x3C\x29\x5F\xBE\x69\x6F\xA4\x9F\x52" + } +}; + +static void +print_hex(const char *heading, unsigned char *data, size_t len) +{ + size_t i; + + printf(" %s:\n ", heading); + for (i = 0; i < len; i++) { + printf("%02X", data[i]); + if (i + 1 < len) + printf("%s", (i % 16) == 15 ? "\n " : " "); + } + printf("\n"); +} + +static void +generate_enc1(krb5_context context, krb5_keyusage usage, char *text, + char *addl, krb5_keyblock *keyblock) +{ + krb5_crypto_iov iov[4]; + unsigned char nonce[12], tag[16]; + char *ciphertext = strdup(text); + + iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; + iov[0].data = make_data(nonce, sizeof(nonce)); + iov[1].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; + iov[1].data = string2data(addl); + iov[2].flags = KRB5_CRYPTO_TYPE_DATA; + iov[2].data = string2data(ciphertext); + iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER; + iov[3].data = make_data(tag, sizeof(tag)); + assert(krb5_c_encrypt_iov(context, keyblock, usage, NULL, iov, 4) == 0); + print_hex("Nonce", nonce, sizeof(nonce)); + print_hex("Ciphertext", (unsigned char *)ciphertext, strlen(ciphertext)); + print_hex("Tag", tag, sizeof(tag)); +} + +static void +generate_enc(krb5_context context, krb5_keyusage usage, char *text, char *addl) +{ + printf("camellia128-ccm-128 ciphertext:\n"); + generate_enc1(context, usage, text, addl, &key_128); + printf("camellia256-ccm-128 ciphertext:\n"); + generate_enc1(context, usage, text, addl, &key_256); +} + +static void +generate_cksum1(krb5_context context, krb5_keyusage usage, char *text, + krb5_keyblock *keyblock) +{ + krb5_checksum sum; + krb5_data input = string2data(text); + + assert(krb5_c_make_checksum(context, 0, keyblock, usage, &input, + &sum) == 0); + print_hex("Checksum", sum.contents, sum.length); + krb5_free_checksum_contents(context, &sum); +} + +static void +generate_cksum(krb5_context context, krb5_keyusage usage, char *text) +{ + printf("cmac-128-camellia128 checksum:\n"); + generate_cksum1(context, usage, text, &key_128); + printf("cmac-128-camellia256 checksum:\n"); + generate_cksum1(context, usage, text, &key_256); +} + +static void +verify_enc1(krb5_context context, krb5_keyblock *keyblock, krb5_keyusage usage, + krb5_data *cipher, char *input, char *addl) +{ + krb5_crypto_iov iov[3]; + + iov[0].flags = KRB5_CRYPTO_TYPE_STREAM; + assert(alloc_data(&iov[0].data, cipher->length) == 0); + memcpy(iov[0].data.data, cipher->data, cipher->length); + iov[1].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; + iov[1].data = string2data(addl); + iov[2].flags = KRB5_CRYPTO_TYPE_DATA; + assert(krb5_c_decrypt_iov(context, keyblock, usage, NULL, iov, 3) == 0); + assert(data_eq_string(iov[2].data, input)); +} + +static void +verify_enc(krb5_context context) +{ + size_t i; + struct enc_test *test; + + for (i = 0; i < sizeof(enc_tests) / sizeof(*enc_tests); i++) { + test = &enc_tests[i]; + verify_enc1(context, &key_128, test->usage, &test->cipher_128, + test->input, test->addl); + verify_enc1(context, &key_256, test->usage, &test->cipher_256, + test->input, test->addl); + } +} + +static void +verify_cksum1(krb5_context context, krb5_keyblock *keyblock, + krb5_keyusage usage, char *text, unsigned char *expected) +{ + krb5_checksum sum; + krb5_data input = string2data(text); + + assert(krb5_c_make_checksum(context, 0, keyblock, usage, &input, + &sum) == 0); + assert(sum.length == 16); + assert(memcmp(sum.contents, expected, 16) == 0); + krb5_free_checksum_contents(context, &sum); +} + +static void +verify_cksum(krb5_context context) +{ + size_t i; + struct cksum_test *test; + + for (i = 0; i < sizeof(cksum_tests) / sizeof(*cksum_tests); i++) { + test = &cksum_tests[i]; + verify_cksum1(context, &key_128, test->usage, test->input, + test->expected_128); + verify_cksum1(context, &key_256, test->usage, test->input, + test->expected_256); + } +} + +int +main(int argc, char **argv) +{ + krb5_context context = NULL; + krb5_data seed = string2data("seed"); + + assert(krb5_c_random_seed(context, &seed) == 0); + if (argc >= 5 && strcmp(argv[1], "-ge") == 0) { + generate_enc(context, atoi(argv[2]), argv[3], argv[4]); + } else if (argc >= 4 && strcmp(argv[1], "-gc") == 0) { + generate_cksum(context, atoi(argv[2]), argv[3]); + } else { + verify_enc(context); + verify_cksum(context); + } + return 0; +} diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c new file mode 100644 index 0000000..53d232d --- /dev/null +++ b/src/lib/crypto/crypto_tests/t_str2key.c @@ -0,0 +1,334 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/crypto_tests/t_str2key.c + * + * Copyright (C) 2010 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * String-to-key test vectors + */ + +#include "k5-int.h" + +struct test { + krb5_enctype enctype; + char *string; + char *salt; + krb5_data params; + krb5_data expected_key; +} test_cases[] = { + /* Test vectors from RFC 3962 appendix B. */ + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\0\1" }, + { KV5M_DATA, 16, + "\x42\x26\x3C\x6E\x89\xF4\xFC\x28\xB8\xDF\x68\xEE\x09\x79\x9F\x15" } + }, + { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\0\1" }, + { KV5M_DATA, 32, + "\xFE\x69\x7B\x52\xBC\x0D\x3C\xE1\x44\x32\xBA\x03\x6A\x92\xE6\x5B" + "\xBB\x52\x28\x09\x90\xA2\xFA\x27\x88\x39\x98\xD7\x2A\xF3\x01\x61" } + }, + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\0\2" }, + { KV5M_DATA, 16, + "\xC6\x51\xBF\x29\xE2\x30\x0A\xC2\x7F\xA4\x69\xD6\x93\xBD\xDA\x13" } + }, + { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\0\2" }, + { KV5M_DATA, 32, + "\xA2\xE1\x6D\x16\xB3\x60\x69\xC1\x35\xD5\xE9\xD2\xE2\x5F\x89\x61" + "\x02\x68\x56\x18\xB9\x59\x14\xB4\x67\xC6\x76\x22\x22\x58\x24\xFF" } + }, + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 16, + "\x4C\x01\xCD\x46\xD6\x32\xD0\x1E\x6D\xBE\x23\x0A\x01\xED\x64\x2A" } + }, + { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 32, + "\x55\xA6\xAC\x74\x0A\xD1\x7B\x48\x46\x94\x10\x51\xE1\xE8\xB0\xA7" + "\x54\x8D\x93\xB0\xAB\x30\xA8\xBC\x3F\xF1\x62\x80\x38\x2B\x8C\x2A" } + }, + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + "password", + "\x12\x34\x56\x78\x78\x56\x34\x12", + { KV5M_DATA, 4, "\0\0\0\5" }, + { KV5M_DATA, 16, + "\xE9\xB2\x3D\x52\x27\x37\x47\xDD\x5C\x35\xCB\x55\xBE\x61\x9D\x8E" } + }, + { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + "password", + "\x12\x34\x56\x78\x78\x56\x34\x12", + { KV5M_DATA, 4, "\0\0\0\5" }, + { KV5M_DATA, 32, + "\x97\xA4\xE7\x86\xBE\x20\xD8\x1A\x38\x2D\x5E\xBC\x96\xD5\x90\x9C" + "\xAB\xCD\xAD\xC8\x7C\xA4\x8F\x57\x45\x04\x15\x9F\x16\xC3\x6E\x31" } + }, + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase equals block size", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 16, + "\x59\xD1\xBB\x78\x9A\x82\x8B\x1A\xA5\x4E\xF9\xC2\x88\x3F\x69\xED" } + }, + { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase equals block size", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 32, + "\x89\xAD\xEE\x36\x08\xDB\x8B\xC7\x1F\x1B\xFB\xFE\x45\x94\x86\xB0" + "\x56\x18\xB7\x0C\xBA\xE2\x20\x92\x53\x4E\x56\xC5\x53\xBA\x4B\x34" } + }, + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase exceeds block size", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 16, + "\xCB\x80\x05\xDC\x5F\x90\x17\x9A\x7F\x02\x10\x4C\x00\x18\x75\x1D" } + }, + { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase exceeds block size", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 32, + "\xD7\x8C\x5C\x9C\xB8\x72\xA8\xC9\xDA\xD4\x69\x7F\x0B\xB5\xB2\xD2" + "\x14\x96\xC8\x2B\xEB\x2C\xAE\xDA\x21\x12\xFC\xEE\xA0\x57\x40\x1B" } + }, + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + "\xF0\x9D\x84\x9E", + "EXAMPLE.COMpianist", + { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */ + { KV5M_DATA, 16, + "\xF1\x49\xC1\xF2\xE1\x54\xA7\x34\x52\xD4\x3E\x7F\xE6\x2A\x56\xE5" } + }, + { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + "\xF0\x9D\x84\x9E", + "EXAMPLE.COMpianist", + { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */ + { KV5M_DATA, 32, + "\x4B\x6D\x98\x39\xF8\x44\x06\xDF\x1F\x09\xCC\x16\x6D\xB4\xB8\x3C" + "\x57\x18\x48\xB7\x84\xA3\xD6\xBD\xC3\x46\x58\x9A\x3E\x39\x3F\x9E" } + }, + + /* The same inputs applied to camellia-ccm enctypes. */ + { + ENCTYPE_CAMELLIA128_CCM_128, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\0\1" }, + { KV5M_DATA, 16, + "\xF0\x10\x02\xD2\xB1\xF9\xA1\xAD\xE2\x57\xEE\xF7\x52\x9C\x2A\x16" } + }, + { + ENCTYPE_CAMELLIA256_CCM_128, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\0\1" }, + { KV5M_DATA, 32, + "\xD7\xEF\x37\xE2\xD1\x05\x5E\xB7\xD7\x6B\x06\x39\x6E\xF7\x00\x52" + "\x3D\xA4\xB0\xB7\xA0\x53\xF5\xCC\x5F\xAE\x4A\x39\xCF\xC5\x75\x0F" } + }, + { + ENCTYPE_CAMELLIA128_CCM_128, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\0\2" }, + { KV5M_DATA, 16, + "\xDD\x74\x90\xC0\x57\x4A\x44\x6B\x10\x3A\xB3\x1B\x6D\xE4\x77\x4F" } + }, + { + ENCTYPE_CAMELLIA256_CCM_128, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\0\2" }, + { KV5M_DATA, 32, + "\x68\xC1\x64\x74\x09\x42\x8F\x59\x47\x9B\x26\xC3\x98\x6D\x5B\xB8" + "\x66\x1C\xDE\x3C\x66\x79\xA0\xF5\x2C\x89\x01\xBD\x78\xDC\xEB\xA2" } + }, + { + ENCTYPE_CAMELLIA128_CCM_128, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 16, + "\x1A\xA9\x0A\xA6\x1E\x0B\x3C\xB8\x6A\xA5\xA7\x7E\xD8\x44\x9D\x3B" } + }, + { + ENCTYPE_CAMELLIA256_CCM_128, + "password", + "ATHENA.MIT.EDUraeburn", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 32, + "\xF8\x29\xBC\xE4\xBB\xB1\xA2\x4B\x01\xA0\xE8\xB1\xA7\x09\x52\x0A" + "\x61\x38\xE9\xAF\xE5\x13\x84\x59\xB2\x0B\xAC\xCA\xB2\x4D\x5F\xAA" } + }, + { + ENCTYPE_CAMELLIA128_CCM_128, + "password", + "\x12\x34\x56\x78\x78\x56\x34\x12", + { KV5M_DATA, 4, "\0\0\0\5" }, + { KV5M_DATA, 16, + "\x35\x70\xC6\x68\x0D\xC6\xE9\xB0\x2E\x01\x28\x8B\xD0\xD2\xB6\x9B" } + }, + { + ENCTYPE_CAMELLIA256_CCM_128, + "password", + "\x12\x34\x56\x78\x78\x56\x34\x12", + { KV5M_DATA, 4, "\0\0\0\5" }, + { KV5M_DATA, 32, + "\x40\xB3\xB7\xC8\xF9\xC3\xB8\x65\x18\x10\xDC\x28\x42\x2D\x5F\x6D" + "\x10\xA6\xB3\xE9\xE1\x2A\x71\xFF\xA6\x35\x41\x08\x4A\xFA\x2C\xA2" } + }, + { + ENCTYPE_CAMELLIA128_CCM_128, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase equals block size", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 16, + "\xFF\x99\x18\x52\x84\x8E\x67\x50\x4C\x09\x4F\x94\x68\xC9\xD6\x05" } + }, + { + ENCTYPE_CAMELLIA256_CCM_128, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase equals block size", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 32, + "\x56\x5C\x0A\x29\xC0\x58\xCD\xDC\x3C\xD8\xA9\xF3\x0A\x92\xAA\xD7" + "\xFE\x30\xEA\xD4\x16\xC1\x51\xAA\x9B\x54\x75\x56\x62\xF0\x95\xDD" } + }, + { + ENCTYPE_CAMELLIA128_CCM_128, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase exceeds block size", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 16, + "\xAC\x83\x28\x64\x10\xA2\x8C\x76\x64\x79\x60\xF6\xA0\x37\x88\x03" } + }, + { + ENCTYPE_CAMELLIA256_CCM_128, + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase exceeds block size", + { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */ + { KV5M_DATA, 32, + "\xD3\x25\x4A\x5B\x45\x1F\x27\x9C\x1A\xD6\x29\x3E\x72\xF0\x69\x55" + "\xEB\xFF\x36\xB6\x47\xDF\x97\x48\x97\x18\xD7\x5C\xF0\x6C\x40\x7C" } + }, + { + ENCTYPE_CAMELLIA128_CCM_128, + "\xf0\x9d\x84\x9e", + "EXAMPLE.COMpianist", + { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */ + { KV5M_DATA, 16, + "\x5D\xBD\x71\x57\x09\x38\x59\x81\xDA\xAB\xA2\x8A\x43\x10\xD7\x20" } + }, + { + ENCTYPE_CAMELLIA256_CCM_128, + "\xf0\x9d\x84\x9e", + "EXAMPLE.COMpianist", + { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */ + { KV5M_DATA, 32, + "\x6A\x1F\x10\xE5\x74\x4E\x32\xDD\x33\x49\x03\xA8\xEB\xD1\x42\x7E" + "\x4C\x8D\x3D\x6D\xA5\x76\x77\x50\x4C\x38\x4C\x24\x33\x0B\x60\x3D" } + } +}; + +static void +printkey(krb5_keyblock *keyblock) +{ + unsigned int i; + + for (i = 0; i < keyblock->length; i++) { + printf("%02X", keyblock->contents[i]); + if (i + 1 < keyblock->length) + printf(" "); + } + printf("\n"); +} + +int +main(int argc, char **argv) +{ + krb5_context context = NULL; + krb5_data string, salt; + krb5_error_code ret; + krb5_keyblock *keyblock; + size_t i; + struct test *test; + krb5_boolean verbose = FALSE; + + if (argc >= 2 && strcmp(argv[1], "-v") == 0) + verbose = TRUE; + for (i = 0; i < sizeof(test_cases) / sizeof(*test_cases); i++) { + test = &test_cases[i]; + string = string2data(test->string); + salt = string2data(test->salt); + assert(krb5_init_keyblock(context, test->enctype, 0, &keyblock) == 0); + ret = krb5_c_string_to_key_with_params(context, test->enctype, + &string, &salt, &test->params, + keyblock); + if (ret != 0) { + com_err(argv[0], ret, "in krb5_c_string_to_key_with_params"); + exit(1); + } + if (verbose) { + printf("Test %02d: ", (int)i); + printkey(keyblock); + } + assert(keyblock->length == test->expected_key.length); + if (memcmp(keyblock->contents, test->expected_key.data, + keyblock->length) != 0) { + printf("str2key test %d failed\n", (int)i); + exit(1); + } + krb5_free_keyblock(context, keyblock); + } + return 0; +} |