aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2010-08-06 03:12:06 +0000
committerGreg Hudson <ghudson@mit.edu>2010-08-06 03:12:06 +0000
commitffc76e63796e45c661ffca86b42520b894db0b98 (patch)
treec600a7ca8b3cece358435057ce0bdd0ad0f536bf /src
parentdab5522c4fd4bd160aa336d7bf90d0b37287164d (diff)
downloadkrb5-ffc76e63796e45c661ffca86b42520b894db0b98.zip
krb5-ffc76e63796e45c661ffca86b42520b894db0b98.tar.gz
krb5-ffc76e63796e45c661ffca86b42520b894db0b98.tar.bz2
Add two more crypto test programs on the camellia-ccm branch: one for
string-to-key test vectors for AES and Camellia, and one for encryption and checksum test vectors for Camellia. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/camellia-ccm@24234 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r--src/lib/crypto/crypto_tests/Makefile.in13
-rw-r--r--src/lib/crypto/crypto_tests/t_camellia_ccm.c267
-rw-r--r--src/lib/crypto/crypto_tests/t_str2key.c334
3 files changed, 612 insertions, 2 deletions
diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in
index 38a6aea..3b2fa58 100644
--- a/src/lib/crypto/crypto_tests/Makefile.in
+++ b/src/lib/crypto/crypto_tests/Makefile.in
@@ -49,7 +49,7 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \
aes-test \
camellia-test \
t_mddriver4 t_mddriver \
- t_crc t_cts t_short
+ t_crc t_cts t_short t_str2key
$(RUN_SETUP) $(VALGRIND) ./t_nfold
$(RUN_SETUP) $(VALGRIND) ./t_encrypt
$(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \
@@ -71,6 +71,8 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \
$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver4 -x
$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver -x
$(RUN_SETUP) $(VALGRIND) ./t_short
+ $(RUN_SETUP) $(VALGRIND) ./t_str2key
+ $(RUN_SETUP) $(VALGRIND) ./t_camellia_ccm
@@ -145,6 +147,12 @@ t_mddriver: t_mddriver.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB)
t_kperf: t_kperf.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB)
$(CC_LINK) -o t_kperf t_kperf.o $(SUPPORT_LIB) $(CRYPTO_DEPLIB)
+t_str2key$(EXEEXT): t_str2key.$(OBJEXT) $(SUPPORT_DEPLIB)
+ $(CC_LINK) -o $@ t_str2key.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
+
+t_camellia_ccm$(EXEEXT): t_camellia_ccm.$(OBJEXT) $(SUPPORT_DEPLIB)
+ $(CC_LINK) -o $@ t_camellia_ccm.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
+
ytest: ytest.o shs.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB)
$(CC_LINK) -o ytest ytest.o $(SUPPORT_LIB) $(CRYPTO_DEPLIB)
@@ -159,7 +167,8 @@ clean::
t_crc.o t_crc t_cts.o t_cts \
t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \
t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o \
- t_kperf.o t_kperf t_short t_short.o \
+ t_kperf.o t_kperf t_short t_short.o t_str2key t_str2key.o \
+ t_camellia_ccm t_camellia_ccm.o \
t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT)
-$(RM) t_prng.output
diff --git a/src/lib/crypto/crypto_tests/t_camellia_ccm.c b/src/lib/crypto/crypto_tests/t_camellia_ccm.c
new file mode 100644
index 0000000..329dcea
--- /dev/null
+++ b/src/lib/crypto/crypto_tests/t_camellia_ccm.c
@@ -0,0 +1,267 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/crypto_tests/t_camellia_ccm.c
+ *
+ * Copyright 2010 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Test vectors for camellia-ccm enctypes.
+ *
+ * Currently we have no way of controlling the random generated during
+ * encryption. This test program can be used to generate test vectors with
+ * random nonces, and to verify existing test vectors via decryption.
+ *
+ * Usage:
+ * ./t_camellia_ccm -ge <usage> <text> <additional>
+ * ./t_camellia_ccm -gc <usage> <text>
+ * ./t_camellia_ccm
+ */
+
+#include "k5-int.h"
+
+static krb5_keyblock key_128 = {
+ KV5M_KEYBLOCK,
+ ENCTYPE_CAMELLIA128_CCM_128,
+ 16, (unsigned char *)
+ "\xF0\x10\x02\xD2\xB1\xF9\xA1\xAD\xE2\x57\xEE\xF7\x52\x9C\x2A\x16"
+};
+
+static krb5_keyblock key_256 = {
+ KV5M_KEYBLOCK,
+ ENCTYPE_CAMELLIA256_CCM_128,
+ 32, (unsigned char *)
+ "\xD7\xEF\x37\xE2\xD1\x05\x5E\xB7\xD7\x6B\x06\x39\x6E\xF7\x00\x52"
+ "\x3D\xA4\xB0\xB7\xA0\x53\xF5\xCC\x5F\xAE\x4A\x39\xCF\xC5\x75\x0F"
+};
+
+static struct enc_test {
+ krb5_keyusage usage;
+ char *input;
+ char *addl;
+ krb5_data cipher_128;
+ krb5_data cipher_256;
+} enc_tests[] = {
+ {
+ 0, "", "",
+ { KV5M_DATA, 28,
+ "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34"
+ "\xA1\x0C\x14\x58\x97\x38\xDD\x6B\x0D\x44\x12\x87\xAC\x2C\xC8\xD8" },
+ { KV5M_DATA, 28,
+ "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E"
+ "\x82\xC1\xFD\xB6\xA7\x05\x5B\x78\xD3\x1D\xE2\x34\xBA\xC3\xC0\x5A" }
+ },
+ {
+ 1, "input", "additional",
+ { KV5M_DATA, 33,
+ "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34"
+ "\x32\x69\x98\x26\xE4"
+ "\xE4\x4E\x85\x75\xA0\x37\x60\xDF\x0A\x96\xEC\x24\xB2\xBE\x4A\xA4" },
+ { KV5M_DATA, 33,
+ "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E"
+ "\x55\x9E\xB8\xB8\x22"
+ "\x7C\xD0\x38\x61\xC6\x81\x3C\x64\xB1\x72\xE3\x3D\x38\x36\x42\x72" }
+ },
+ {
+ 100,
+ "this input spans multiple blocks",
+ "the additional data also spans multiple blocks",
+ { KV5M_DATA, 60,
+ "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34"
+ "\x29\x1B\xAF\x6E\x2E\x31\xC6\xDD\xB2\xC9\xE1\xDD\xB4\x82\xAD\x5E"
+ "\x87\xE2\x9A\x65\xF5\x53\x28\x75\x84\x40\x96\x1B\x56\x02\xAD\x31"
+ "\xDD\x15\x22\x61\xB6\x10\xAD\x80\x42\x44\x32\x85\xFD\xFA\x82\x1A" },
+ { KV5M_DATA, 60,
+ "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E"
+ "\xD0\x9E\x5A\xFB\xFB\x56\x13\x5F\xB6\x29\x07\x0A\x54\x80\xAE\xB9"
+ "\x37\xC5\x25\x6E\xA3\x65\xD4\x2D\x92\x0A\x15\xF9\xED\x6B\x07\xC3"
+ "\x3D\x6B\x68\x9C\x2D\xC9\x7C\x69\x86\xAA\x7C\xCC\x37\x75\x33\x1C" }
+ }
+};
+
+static struct cksum_test {
+ krb5_keyusage usage;
+ char *input;
+ unsigned char expected_128[16];
+ unsigned char expected_256[16];
+} cksum_tests[] = {
+ {
+ 0, "",
+ "\xEE\x29\xC4\x6D\xA1\x37\x1D\x27\xD7\x32\x12\xFA\x14\xE8\x25\xB3",
+ "\x19\x7A\xD0\x4B\x76\x82\x99\xA8\xD7\xBD\x51\x2C\xA8\x65\x65\x5D"
+ },
+ {
+ 5, "input",
+ "\xA4\x40\x3B\x18\xC2\xAE\xFF\x04\xEA\x9E\xE2\x8F\xB0\x1F\x1C\x26",
+ "\xC2\x11\x53\x9B\x99\xC2\x76\xDB\xC4\x55\x4F\x73\xFE\xD9\x76\x38"
+ },
+ {
+ 99, "a somewhat longer input spanning multiple blocks",
+ "\x4A\x29\x54\x12\x9D\xF8\x0D\x04\x33\x2C\xD2\xA6\xC4\x14\x10\xDA",
+ "\x0F\xAD\xE4\x38\xEA\xB4\xCB\x3C\x29\x5F\xBE\x69\x6F\xA4\x9F\x52"
+ }
+};
+
+static void
+print_hex(const char *heading, unsigned char *data, size_t len)
+{
+ size_t i;
+
+ printf(" %s:\n ", heading);
+ for (i = 0; i < len; i++) {
+ printf("%02X", data[i]);
+ if (i + 1 < len)
+ printf("%s", (i % 16) == 15 ? "\n " : " ");
+ }
+ printf("\n");
+}
+
+static void
+generate_enc1(krb5_context context, krb5_keyusage usage, char *text,
+ char *addl, krb5_keyblock *keyblock)
+{
+ krb5_crypto_iov iov[4];
+ unsigned char nonce[12], tag[16];
+ char *ciphertext = strdup(text);
+
+ iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
+ iov[0].data = make_data(nonce, sizeof(nonce));
+ iov[1].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY;
+ iov[1].data = string2data(addl);
+ iov[2].flags = KRB5_CRYPTO_TYPE_DATA;
+ iov[2].data = string2data(ciphertext);
+ iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER;
+ iov[3].data = make_data(tag, sizeof(tag));
+ assert(krb5_c_encrypt_iov(context, keyblock, usage, NULL, iov, 4) == 0);
+ print_hex("Nonce", nonce, sizeof(nonce));
+ print_hex("Ciphertext", (unsigned char *)ciphertext, strlen(ciphertext));
+ print_hex("Tag", tag, sizeof(tag));
+}
+
+static void
+generate_enc(krb5_context context, krb5_keyusage usage, char *text, char *addl)
+{
+ printf("camellia128-ccm-128 ciphertext:\n");
+ generate_enc1(context, usage, text, addl, &key_128);
+ printf("camellia256-ccm-128 ciphertext:\n");
+ generate_enc1(context, usage, text, addl, &key_256);
+}
+
+static void
+generate_cksum1(krb5_context context, krb5_keyusage usage, char *text,
+ krb5_keyblock *keyblock)
+{
+ krb5_checksum sum;
+ krb5_data input = string2data(text);
+
+ assert(krb5_c_make_checksum(context, 0, keyblock, usage, &input,
+ &sum) == 0);
+ print_hex("Checksum", sum.contents, sum.length);
+ krb5_free_checksum_contents(context, &sum);
+}
+
+static void
+generate_cksum(krb5_context context, krb5_keyusage usage, char *text)
+{
+ printf("cmac-128-camellia128 checksum:\n");
+ generate_cksum1(context, usage, text, &key_128);
+ printf("cmac-128-camellia256 checksum:\n");
+ generate_cksum1(context, usage, text, &key_256);
+}
+
+static void
+verify_enc1(krb5_context context, krb5_keyblock *keyblock, krb5_keyusage usage,
+ krb5_data *cipher, char *input, char *addl)
+{
+ krb5_crypto_iov iov[3];
+
+ iov[0].flags = KRB5_CRYPTO_TYPE_STREAM;
+ assert(alloc_data(&iov[0].data, cipher->length) == 0);
+ memcpy(iov[0].data.data, cipher->data, cipher->length);
+ iov[1].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY;
+ iov[1].data = string2data(addl);
+ iov[2].flags = KRB5_CRYPTO_TYPE_DATA;
+ assert(krb5_c_decrypt_iov(context, keyblock, usage, NULL, iov, 3) == 0);
+ assert(data_eq_string(iov[2].data, input));
+}
+
+static void
+verify_enc(krb5_context context)
+{
+ size_t i;
+ struct enc_test *test;
+
+ for (i = 0; i < sizeof(enc_tests) / sizeof(*enc_tests); i++) {
+ test = &enc_tests[i];
+ verify_enc1(context, &key_128, test->usage, &test->cipher_128,
+ test->input, test->addl);
+ verify_enc1(context, &key_256, test->usage, &test->cipher_256,
+ test->input, test->addl);
+ }
+}
+
+static void
+verify_cksum1(krb5_context context, krb5_keyblock *keyblock,
+ krb5_keyusage usage, char *text, unsigned char *expected)
+{
+ krb5_checksum sum;
+ krb5_data input = string2data(text);
+
+ assert(krb5_c_make_checksum(context, 0, keyblock, usage, &input,
+ &sum) == 0);
+ assert(sum.length == 16);
+ assert(memcmp(sum.contents, expected, 16) == 0);
+ krb5_free_checksum_contents(context, &sum);
+}
+
+static void
+verify_cksum(krb5_context context)
+{
+ size_t i;
+ struct cksum_test *test;
+
+ for (i = 0; i < sizeof(cksum_tests) / sizeof(*cksum_tests); i++) {
+ test = &cksum_tests[i];
+ verify_cksum1(context, &key_128, test->usage, test->input,
+ test->expected_128);
+ verify_cksum1(context, &key_256, test->usage, test->input,
+ test->expected_256);
+ }
+}
+
+int
+main(int argc, char **argv)
+{
+ krb5_context context = NULL;
+ krb5_data seed = string2data("seed");
+
+ assert(krb5_c_random_seed(context, &seed) == 0);
+ if (argc >= 5 && strcmp(argv[1], "-ge") == 0) {
+ generate_enc(context, atoi(argv[2]), argv[3], argv[4]);
+ } else if (argc >= 4 && strcmp(argv[1], "-gc") == 0) {
+ generate_cksum(context, atoi(argv[2]), argv[3]);
+ } else {
+ verify_enc(context);
+ verify_cksum(context);
+ }
+ return 0;
+}
diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c
new file mode 100644
index 0000000..53d232d
--- /dev/null
+++ b/src/lib/crypto/crypto_tests/t_str2key.c
@@ -0,0 +1,334 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/crypto_tests/t_str2key.c
+ *
+ * Copyright (C) 2010 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * String-to-key test vectors
+ */
+
+#include "k5-int.h"
+
+struct test {
+ krb5_enctype enctype;
+ char *string;
+ char *salt;
+ krb5_data params;
+ krb5_data expected_key;
+} test_cases[] = {
+ /* Test vectors from RFC 3962 appendix B. */
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\0\1" },
+ { KV5M_DATA, 16,
+ "\x42\x26\x3C\x6E\x89\xF4\xFC\x28\xB8\xDF\x68\xEE\x09\x79\x9F\x15" }
+ },
+ {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\0\1" },
+ { KV5M_DATA, 32,
+ "\xFE\x69\x7B\x52\xBC\x0D\x3C\xE1\x44\x32\xBA\x03\x6A\x92\xE6\x5B"
+ "\xBB\x52\x28\x09\x90\xA2\xFA\x27\x88\x39\x98\xD7\x2A\xF3\x01\x61" }
+ },
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\0\2" },
+ { KV5M_DATA, 16,
+ "\xC6\x51\xBF\x29\xE2\x30\x0A\xC2\x7F\xA4\x69\xD6\x93\xBD\xDA\x13" }
+ },
+ {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\0\2" },
+ { KV5M_DATA, 32,
+ "\xA2\xE1\x6D\x16\xB3\x60\x69\xC1\x35\xD5\xE9\xD2\xE2\x5F\x89\x61"
+ "\x02\x68\x56\x18\xB9\x59\x14\xB4\x67\xC6\x76\x22\x22\x58\x24\xFF" }
+ },
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 16,
+ "\x4C\x01\xCD\x46\xD6\x32\xD0\x1E\x6D\xBE\x23\x0A\x01\xED\x64\x2A" }
+ },
+ {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 32,
+ "\x55\xA6\xAC\x74\x0A\xD1\x7B\x48\x46\x94\x10\x51\xE1\xE8\xB0\xA7"
+ "\x54\x8D\x93\xB0\xAB\x30\xA8\xBC\x3F\xF1\x62\x80\x38\x2B\x8C\x2A" }
+ },
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ "password",
+ "\x12\x34\x56\x78\x78\x56\x34\x12",
+ { KV5M_DATA, 4, "\0\0\0\5" },
+ { KV5M_DATA, 16,
+ "\xE9\xB2\x3D\x52\x27\x37\x47\xDD\x5C\x35\xCB\x55\xBE\x61\x9D\x8E" }
+ },
+ {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ "password",
+ "\x12\x34\x56\x78\x78\x56\x34\x12",
+ { KV5M_DATA, 4, "\0\0\0\5" },
+ { KV5M_DATA, 32,
+ "\x97\xA4\xE7\x86\xBE\x20\xD8\x1A\x38\x2D\x5E\xBC\x96\xD5\x90\x9C"
+ "\xAB\xCD\xAD\xC8\x7C\xA4\x8F\x57\x45\x04\x15\x9F\x16\xC3\x6E\x31" }
+ },
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 16,
+ "\x59\xD1\xBB\x78\x9A\x82\x8B\x1A\xA5\x4E\xF9\xC2\x88\x3F\x69\xED" }
+ },
+ {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 32,
+ "\x89\xAD\xEE\x36\x08\xDB\x8B\xC7\x1F\x1B\xFB\xFE\x45\x94\x86\xB0"
+ "\x56\x18\xB7\x0C\xBA\xE2\x20\x92\x53\x4E\x56\xC5\x53\xBA\x4B\x34" }
+ },
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 16,
+ "\xCB\x80\x05\xDC\x5F\x90\x17\x9A\x7F\x02\x10\x4C\x00\x18\x75\x1D" }
+ },
+ {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 32,
+ "\xD7\x8C\x5C\x9C\xB8\x72\xA8\xC9\xDA\xD4\x69\x7F\x0B\xB5\xB2\xD2"
+ "\x14\x96\xC8\x2B\xEB\x2C\xAE\xDA\x21\x12\xFC\xEE\xA0\x57\x40\x1B" }
+ },
+ {
+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+ "\xF0\x9D\x84\x9E",
+ "EXAMPLE.COMpianist",
+ { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+ { KV5M_DATA, 16,
+ "\xF1\x49\xC1\xF2\xE1\x54\xA7\x34\x52\xD4\x3E\x7F\xE6\x2A\x56\xE5" }
+ },
+ {
+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+ "\xF0\x9D\x84\x9E",
+ "EXAMPLE.COMpianist",
+ { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+ { KV5M_DATA, 32,
+ "\x4B\x6D\x98\x39\xF8\x44\x06\xDF\x1F\x09\xCC\x16\x6D\xB4\xB8\x3C"
+ "\x57\x18\x48\xB7\x84\xA3\xD6\xBD\xC3\x46\x58\x9A\x3E\x39\x3F\x9E" }
+ },
+
+ /* The same inputs applied to camellia-ccm enctypes. */
+ {
+ ENCTYPE_CAMELLIA128_CCM_128,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\0\1" },
+ { KV5M_DATA, 16,
+ "\xF0\x10\x02\xD2\xB1\xF9\xA1\xAD\xE2\x57\xEE\xF7\x52\x9C\x2A\x16" }
+ },
+ {
+ ENCTYPE_CAMELLIA256_CCM_128,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\0\1" },
+ { KV5M_DATA, 32,
+ "\xD7\xEF\x37\xE2\xD1\x05\x5E\xB7\xD7\x6B\x06\x39\x6E\xF7\x00\x52"
+ "\x3D\xA4\xB0\xB7\xA0\x53\xF5\xCC\x5F\xAE\x4A\x39\xCF\xC5\x75\x0F" }
+ },
+ {
+ ENCTYPE_CAMELLIA128_CCM_128,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\0\2" },
+ { KV5M_DATA, 16,
+ "\xDD\x74\x90\xC0\x57\x4A\x44\x6B\x10\x3A\xB3\x1B\x6D\xE4\x77\x4F" }
+ },
+ {
+ ENCTYPE_CAMELLIA256_CCM_128,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\0\2" },
+ { KV5M_DATA, 32,
+ "\x68\xC1\x64\x74\x09\x42\x8F\x59\x47\x9B\x26\xC3\x98\x6D\x5B\xB8"
+ "\x66\x1C\xDE\x3C\x66\x79\xA0\xF5\x2C\x89\x01\xBD\x78\xDC\xEB\xA2" }
+ },
+ {
+ ENCTYPE_CAMELLIA128_CCM_128,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 16,
+ "\x1A\xA9\x0A\xA6\x1E\x0B\x3C\xB8\x6A\xA5\xA7\x7E\xD8\x44\x9D\x3B" }
+ },
+ {
+ ENCTYPE_CAMELLIA256_CCM_128,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 32,
+ "\xF8\x29\xBC\xE4\xBB\xB1\xA2\x4B\x01\xA0\xE8\xB1\xA7\x09\x52\x0A"
+ "\x61\x38\xE9\xAF\xE5\x13\x84\x59\xB2\x0B\xAC\xCA\xB2\x4D\x5F\xAA" }
+ },
+ {
+ ENCTYPE_CAMELLIA128_CCM_128,
+ "password",
+ "\x12\x34\x56\x78\x78\x56\x34\x12",
+ { KV5M_DATA, 4, "\0\0\0\5" },
+ { KV5M_DATA, 16,
+ "\x35\x70\xC6\x68\x0D\xC6\xE9\xB0\x2E\x01\x28\x8B\xD0\xD2\xB6\x9B" }
+ },
+ {
+ ENCTYPE_CAMELLIA256_CCM_128,
+ "password",
+ "\x12\x34\x56\x78\x78\x56\x34\x12",
+ { KV5M_DATA, 4, "\0\0\0\5" },
+ { KV5M_DATA, 32,
+ "\x40\xB3\xB7\xC8\xF9\xC3\xB8\x65\x18\x10\xDC\x28\x42\x2D\x5F\x6D"
+ "\x10\xA6\xB3\xE9\xE1\x2A\x71\xFF\xA6\x35\x41\x08\x4A\xFA\x2C\xA2" }
+ },
+ {
+ ENCTYPE_CAMELLIA128_CCM_128,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 16,
+ "\xFF\x99\x18\x52\x84\x8E\x67\x50\x4C\x09\x4F\x94\x68\xC9\xD6\x05" }
+ },
+ {
+ ENCTYPE_CAMELLIA256_CCM_128,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 32,
+ "\x56\x5C\x0A\x29\xC0\x58\xCD\xDC\x3C\xD8\xA9\xF3\x0A\x92\xAA\xD7"
+ "\xFE\x30\xEA\xD4\x16\xC1\x51\xAA\x9B\x54\x75\x56\x62\xF0\x95\xDD" }
+ },
+ {
+ ENCTYPE_CAMELLIA128_CCM_128,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 16,
+ "\xAC\x83\x28\x64\x10\xA2\x8C\x76\x64\x79\x60\xF6\xA0\x37\x88\x03" }
+ },
+ {
+ ENCTYPE_CAMELLIA256_CCM_128,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size",
+ { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+ { KV5M_DATA, 32,
+ "\xD3\x25\x4A\x5B\x45\x1F\x27\x9C\x1A\xD6\x29\x3E\x72\xF0\x69\x55"
+ "\xEB\xFF\x36\xB6\x47\xDF\x97\x48\x97\x18\xD7\x5C\xF0\x6C\x40\x7C" }
+ },
+ {
+ ENCTYPE_CAMELLIA128_CCM_128,
+ "\xf0\x9d\x84\x9e",
+ "EXAMPLE.COMpianist",
+ { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+ { KV5M_DATA, 16,
+ "\x5D\xBD\x71\x57\x09\x38\x59\x81\xDA\xAB\xA2\x8A\x43\x10\xD7\x20" }
+ },
+ {
+ ENCTYPE_CAMELLIA256_CCM_128,
+ "\xf0\x9d\x84\x9e",
+ "EXAMPLE.COMpianist",
+ { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+ { KV5M_DATA, 32,
+ "\x6A\x1F\x10\xE5\x74\x4E\x32\xDD\x33\x49\x03\xA8\xEB\xD1\x42\x7E"
+ "\x4C\x8D\x3D\x6D\xA5\x76\x77\x50\x4C\x38\x4C\x24\x33\x0B\x60\x3D" }
+ }
+};
+
+static void
+printkey(krb5_keyblock *keyblock)
+{
+ unsigned int i;
+
+ for (i = 0; i < keyblock->length; i++) {
+ printf("%02X", keyblock->contents[i]);
+ if (i + 1 < keyblock->length)
+ printf(" ");
+ }
+ printf("\n");
+}
+
+int
+main(int argc, char **argv)
+{
+ krb5_context context = NULL;
+ krb5_data string, salt;
+ krb5_error_code ret;
+ krb5_keyblock *keyblock;
+ size_t i;
+ struct test *test;
+ krb5_boolean verbose = FALSE;
+
+ if (argc >= 2 && strcmp(argv[1], "-v") == 0)
+ verbose = TRUE;
+ for (i = 0; i < sizeof(test_cases) / sizeof(*test_cases); i++) {
+ test = &test_cases[i];
+ string = string2data(test->string);
+ salt = string2data(test->salt);
+ assert(krb5_init_keyblock(context, test->enctype, 0, &keyblock) == 0);
+ ret = krb5_c_string_to_key_with_params(context, test->enctype,
+ &string, &salt, &test->params,
+ keyblock);
+ if (ret != 0) {
+ com_err(argv[0], ret, "in krb5_c_string_to_key_with_params");
+ exit(1);
+ }
+ if (verbose) {
+ printf("Test %02d: ", (int)i);
+ printkey(keyblock);
+ }
+ assert(keyblock->length == test->expected_key.length);
+ if (memcmp(keyblock->contents, test->expected_key.data,
+ keyblock->length) != 0) {
+ printf("str2key test %d failed\n", (int)i);
+ exit(1);
+ }
+ krb5_free_keyblock(context, keyblock);
+ }
+ return 0;
+}
generated by cgit v1.1 at 2024-08-01 23:42:58 +0000