diff options
Diffstat (limited to 'src/lib/crypto/t_encrypt.c')
-rw-r--r-- | src/lib/crypto/t_encrypt.c | 55 |
1 files changed, 48 insertions, 7 deletions
diff --git a/src/lib/crypto/t_encrypt.c b/src/lib/crypto/t_encrypt.c index 2a6e09e..3bc62e5 100644 --- a/src/lib/crypto/t_encrypt.c +++ b/src/lib/crypto/t_encrypt.c @@ -53,25 +53,51 @@ if( retval) { \ abort(); \ } else printf ("OK\n"); +int compare_results(krb5_data *d1, krb5_data *d2) +{ + if (d1->length != d2->length) { + /* Decryption can leave a little trailing cruft. + For the current cryptosystems, this can be up to 7 bytes. */ + if (d1->length + 8 <= d2->length) + return EINVAL; + if (d1->length > d2->length) + return EINVAL; + } + if (memcmp(d1->data, d2->data, d1->length)) { + return EINVAL; + } + return 0; +} + int main () { krb5_context context = 0; - krb5_data in, out, check, state; + krb5_data in, in2, out, out2, check, check2, state; int i; size_t len; - krb5_enc_data enc_out; + krb5_enc_data enc_out, enc_out2; krb5_error_code retval; krb5_keyblock *key; + in.data = "This is a test.\n"; in.length = strlen (in.data); + in2.data = "This is another test.\n"; + in2.length = strlen (in2.data); test ("Seeding random number generator", krb5_c_random_seed (context, &in)); out.data = malloc(2048); + out2.data = malloc(2048); check.data = malloc(2048); + check2.data = malloc(2048); + if (out.data == NULL || out2.data == NULL + || check.data == NULL || check2.data == NULL) + abort(); out.length = 2048; + out2.length = 2048; check.length = 2048; + check2.length = 2048; for (i = 0; interesting_enctypes[i]; i++) { krb5_enctype enctype = interesting_enctypes [i]; printf ("Testing enctype %d\n", enctype); @@ -79,8 +105,8 @@ main () krb5_init_keyblock (context, enctype, 0, &key)); test ("Generating random key", krb5_c_make_random_key (context, enctype, key)); - enc_out.ciphertext.data = out.data; - enc_out.ciphertext.length = out.length; + enc_out.ciphertext = out; + enc_out2.ciphertext = out2; /* We use an intermediate `len' because size_t may be different size than `int' */ krb5_c_encrypt_length (context, key->enctype, in.length, &len); @@ -89,14 +115,29 @@ main () krb5_c_encrypt (context, key, 7, 0, &in, &enc_out)); test ("Decrypting", krb5_c_decrypt (context, key, 7, 0, &enc_out, &check)); + test ("Comparing", compare_results (&in, &check)); + enc_out.ciphertext.length = out.length; + check.length = 2048; test ("init_state", krb5_c_init_state (context, key, 7, &state)); - test ("Encrypting with state", + test ("Encrypting with state", krb5_c_encrypt (context, key, 7, &state, &in, &enc_out)); - test ("Decrypting", - krb5_c_decrypt (context, key, 7, 0, &enc_out, &check)); + test ("Encrypting again with state", + krb5_c_encrypt (context, key, 7, &state, &in2, &enc_out2)); + test ("free_state", + krb5_c_free_state (context, key, &state)); + test ("init_state", + krb5_c_init_state (context, key, 7, &state)); + test ("Decrypting with state", + krb5_c_decrypt (context, key, 7, &state, &enc_out, &check)); + test ("Decrypting again with state", + krb5_c_decrypt (context, key, 7, &state, &enc_out2, &check2)); test ("free_state", krb5_c_free_state (context, key, &state)); + test ("Comparing", + compare_results (&in, &check)); + test ("Comparing", + compare_results (&in2, &check2)); krb5_free_keyblock (context, key); } |