svn rev #24234: branches/camellia-ccm/src/lib/crypto/crypto_tests/

ghudson@MIT.EDU ghudson at MIT.EDU
Thu Aug 5 23:12:06 EDT 2010


http://src.mit.edu/fisheye/changelog/krb5/?cs=24234
Commit By: ghudson
Log Message:
Add two more crypto test programs on the camellia-ccm branch: one for
string-to-key test vectors for AES and Camellia, and one for encryption
and checksum test vectors for Camellia.



Changed Files:
U   branches/camellia-ccm/src/lib/crypto/crypto_tests/Makefile.in
A   branches/camellia-ccm/src/lib/crypto/crypto_tests/t_camellia_ccm.c
A   branches/camellia-ccm/src/lib/crypto/crypto_tests/t_str2key.c
Modified: branches/camellia-ccm/src/lib/crypto/crypto_tests/Makefile.in
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/Makefile.in	2010-08-05 18:36:52 UTC (rev 24233)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/Makefile.in	2010-08-06 03:12:06 UTC (rev 24234)
@@ -49,7 +49,7 @@
 		aes-test  \
 		camellia-test  \
 		t_mddriver4 t_mddriver \
-		t_crc t_cts t_short
+		t_crc t_cts t_short t_str2key
 	$(RUN_SETUP) $(VALGRIND) ./t_nfold
 	$(RUN_SETUP) $(VALGRIND) ./t_encrypt
 	$(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output && \
@@ -71,6 +71,8 @@
 	$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver4 -x
 	$(RUN_SETUP) $(VALGRIND) $(C)t_mddriver -x
 	$(RUN_SETUP) $(VALGRIND) ./t_short
+	$(RUN_SETUP) $(VALGRIND) ./t_str2key
+	$(RUN_SETUP) $(VALGRIND) ./t_camellia_ccm
 
 
 
@@ -145,6 +147,12 @@
 t_kperf: t_kperf.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB)
 	$(CC_LINK) -o t_kperf t_kperf.o  $(SUPPORT_LIB) $(CRYPTO_DEPLIB)
 
+t_str2key$(EXEEXT): t_str2key.$(OBJEXT) $(SUPPORT_DEPLIB)
+	$(CC_LINK) -o $@ t_str2key.$(OBJEXT)  -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
+
+t_camellia_ccm$(EXEEXT): t_camellia_ccm.$(OBJEXT) $(SUPPORT_DEPLIB)
+	$(CC_LINK) -o $@ t_camellia_ccm.$(OBJEXT)  -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB)
+
 ytest: ytest.o shs.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB)
 	$(CC_LINK) -o ytest ytest.o  $(SUPPORT_LIB)  $(CRYPTO_DEPLIB)
 
@@ -159,7 +167,8 @@
 		t_crc.o t_crc t_cts.o t_cts \
 		t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \
 		t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o \
-		t_kperf.o t_kperf t_short t_short.o \
+		t_kperf.o t_kperf t_short t_short.o t_str2key t_str2key.o \
+		t_camellia_ccm t_camellia_ccm.o \
 		t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT)
 
 	-$(RM) t_prng.output

Added: branches/camellia-ccm/src/lib/crypto/crypto_tests/t_camellia_ccm.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/t_camellia_ccm.c	                        (rev 0)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/t_camellia_ccm.c	2010-08-06 03:12:06 UTC (rev 24234)
@@ -0,0 +1,267 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/crypto_tests/t_camellia_ccm.c
+ *
+ * Copyright 2010 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Test vectors for camellia-ccm enctypes.
+ *
+ * Currently we have no way of controlling the random generated during
+ * encryption.  This test program can be used to generate test vectors with
+ * random nonces, and to verify existing test vectors via decryption.
+ *
+ * Usage:
+ *   ./t_camellia_ccm -ge <usage> <text> <additional>
+ *   ./t_camellia_ccm -gc <usage> <text>
+ *   ./t_camellia_ccm
+ */
+
+#include "k5-int.h"
+
+static krb5_keyblock key_128 = {
+    KV5M_KEYBLOCK,
+    ENCTYPE_CAMELLIA128_CCM_128,
+    16, (unsigned char *)
+    "\xF0\x10\x02\xD2\xB1\xF9\xA1\xAD\xE2\x57\xEE\xF7\x52\x9C\x2A\x16"
+};
+
+static krb5_keyblock key_256 = {
+    KV5M_KEYBLOCK,
+    ENCTYPE_CAMELLIA256_CCM_128,
+    32, (unsigned char *)
+    "\xD7\xEF\x37\xE2\xD1\x05\x5E\xB7\xD7\x6B\x06\x39\x6E\xF7\x00\x52"
+    "\x3D\xA4\xB0\xB7\xA0\x53\xF5\xCC\x5F\xAE\x4A\x39\xCF\xC5\x75\x0F"
+};
+
+static struct enc_test {
+    krb5_keyusage usage;
+    char *input;
+    char *addl;
+    krb5_data cipher_128;
+    krb5_data cipher_256;
+} enc_tests[] = {
+    {
+        0, "", "",
+        { KV5M_DATA, 28,
+          "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34"
+          "\xA1\x0C\x14\x58\x97\x38\xDD\x6B\x0D\x44\x12\x87\xAC\x2C\xC8\xD8" },
+        { KV5M_DATA, 28,
+          "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E"
+          "\x82\xC1\xFD\xB6\xA7\x05\x5B\x78\xD3\x1D\xE2\x34\xBA\xC3\xC0\x5A" }
+    },
+    {
+        1, "input", "additional",
+        { KV5M_DATA, 33,
+          "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34"
+          "\x32\x69\x98\x26\xE4"
+          "\xE4\x4E\x85\x75\xA0\x37\x60\xDF\x0A\x96\xEC\x24\xB2\xBE\x4A\xA4" },
+        { KV5M_DATA, 33,
+          "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E"
+          "\x55\x9E\xB8\xB8\x22"
+          "\x7C\xD0\x38\x61\xC6\x81\x3C\x64\xB1\x72\xE3\x3D\x38\x36\x42\x72" }
+    },
+    {
+        100,
+        "this input spans multiple blocks",
+        "the additional data also spans multiple blocks",
+        { KV5M_DATA, 60,
+          "\x44\xE7\x08\x7D\xDF\x12\x8F\x02\x56\x10\xF5\x34"
+          "\x29\x1B\xAF\x6E\x2E\x31\xC6\xDD\xB2\xC9\xE1\xDD\xB4\x82\xAD\x5E"
+          "\x87\xE2\x9A\x65\xF5\x53\x28\x75\x84\x40\x96\x1B\x56\x02\xAD\x31"
+          "\xDD\x15\x22\x61\xB6\x10\xAD\x80\x42\x44\x32\x85\xFD\xFA\x82\x1A" },
+        { KV5M_DATA, 60,
+          "\xE1\x8C\x74\x93\xA7\x15\x58\x11\x58\x6A\xB4\x0E"
+          "\xD0\x9E\x5A\xFB\xFB\x56\x13\x5F\xB6\x29\x07\x0A\x54\x80\xAE\xB9"
+          "\x37\xC5\x25\x6E\xA3\x65\xD4\x2D\x92\x0A\x15\xF9\xED\x6B\x07\xC3"
+          "\x3D\x6B\x68\x9C\x2D\xC9\x7C\x69\x86\xAA\x7C\xCC\x37\x75\x33\x1C" }
+    }
+};
+
+static struct cksum_test {
+    krb5_keyusage usage;
+    char *input;
+    unsigned char expected_128[16];
+    unsigned char expected_256[16];
+} cksum_tests[] = {
+    {
+        0, "",
+        "\xEE\x29\xC4\x6D\xA1\x37\x1D\x27\xD7\x32\x12\xFA\x14\xE8\x25\xB3",
+        "\x19\x7A\xD0\x4B\x76\x82\x99\xA8\xD7\xBD\x51\x2C\xA8\x65\x65\x5D"
+    },
+    {
+        5, "input",
+        "\xA4\x40\x3B\x18\xC2\xAE\xFF\x04\xEA\x9E\xE2\x8F\xB0\x1F\x1C\x26",
+        "\xC2\x11\x53\x9B\x99\xC2\x76\xDB\xC4\x55\x4F\x73\xFE\xD9\x76\x38"
+    },
+    {
+        99, "a somewhat longer input spanning multiple blocks",
+        "\x4A\x29\x54\x12\x9D\xF8\x0D\x04\x33\x2C\xD2\xA6\xC4\x14\x10\xDA",
+        "\x0F\xAD\xE4\x38\xEA\xB4\xCB\x3C\x29\x5F\xBE\x69\x6F\xA4\x9F\x52"
+    }
+};
+
+static void
+print_hex(const char *heading, unsigned char *data, size_t len)
+{
+    size_t i;
+
+    printf("  %s:\n    ", heading);
+    for (i = 0; i < len; i++) {
+        printf("%02X", data[i]);
+        if (i + 1 < len)
+            printf("%s", (i % 16) == 15 ? "\n    " : " ");
+    }
+    printf("\n");
+}
+
+static void
+generate_enc1(krb5_context context, krb5_keyusage usage, char *text,
+              char *addl, krb5_keyblock *keyblock)
+{
+    krb5_crypto_iov iov[4];
+    unsigned char nonce[12], tag[16];
+    char *ciphertext = strdup(text);
+
+    iov[0].flags = KRB5_CRYPTO_TYPE_HEADER;
+    iov[0].data = make_data(nonce, sizeof(nonce));
+    iov[1].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY;
+    iov[1].data = string2data(addl);
+    iov[2].flags = KRB5_CRYPTO_TYPE_DATA;
+    iov[2].data = string2data(ciphertext);
+    iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER;
+    iov[3].data = make_data(tag, sizeof(tag));
+    assert(krb5_c_encrypt_iov(context, keyblock, usage, NULL, iov, 4) == 0);
+    print_hex("Nonce", nonce, sizeof(nonce));
+    print_hex("Ciphertext", (unsigned char *)ciphertext, strlen(ciphertext));
+    print_hex("Tag", tag, sizeof(tag));
+}
+
+static void
+generate_enc(krb5_context context, krb5_keyusage usage, char *text, char *addl)
+{
+    printf("camellia128-ccm-128 ciphertext:\n");
+    generate_enc1(context, usage, text, addl, &key_128);
+    printf("camellia256-ccm-128 ciphertext:\n");
+    generate_enc1(context, usage, text, addl, &key_256);
+}
+
+static void
+generate_cksum1(krb5_context context, krb5_keyusage usage, char *text,
+                krb5_keyblock *keyblock)
+{
+    krb5_checksum sum;
+    krb5_data input = string2data(text);
+
+    assert(krb5_c_make_checksum(context, 0, keyblock, usage, &input,
+                                &sum) == 0);
+    print_hex("Checksum", sum.contents, sum.length);
+    krb5_free_checksum_contents(context, &sum);
+}
+
+static void
+generate_cksum(krb5_context context, krb5_keyusage usage, char *text)
+{
+    printf("cmac-128-camellia128 checksum:\n");
+    generate_cksum1(context, usage, text, &key_128);
+    printf("cmac-128-camellia256 checksum:\n");
+    generate_cksum1(context, usage, text, &key_256);
+}
+
+static void
+verify_enc1(krb5_context context, krb5_keyblock *keyblock, krb5_keyusage usage,
+            krb5_data *cipher, char *input, char *addl)
+{
+    krb5_crypto_iov iov[3];
+
+    iov[0].flags = KRB5_CRYPTO_TYPE_STREAM;
+    assert(alloc_data(&iov[0].data, cipher->length) == 0);
+    memcpy(iov[0].data.data, cipher->data, cipher->length);
+    iov[1].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY;
+    iov[1].data = string2data(addl);
+    iov[2].flags = KRB5_CRYPTO_TYPE_DATA;
+    assert(krb5_c_decrypt_iov(context, keyblock, usage, NULL, iov, 3) == 0);
+    assert(data_eq_string(iov[2].data, input));
+}
+
+static void
+verify_enc(krb5_context context)
+{
+    size_t i;
+    struct enc_test *test;
+
+    for (i = 0; i < sizeof(enc_tests) / sizeof(*enc_tests); i++) {
+        test = &enc_tests[i];
+        verify_enc1(context, &key_128, test->usage, &test->cipher_128,
+                    test->input, test->addl);
+        verify_enc1(context, &key_256, test->usage, &test->cipher_256,
+                    test->input, test->addl);
+    }
+}
+
+static void
+verify_cksum1(krb5_context context, krb5_keyblock *keyblock,
+              krb5_keyusage usage, char *text, unsigned char *expected)
+{
+    krb5_checksum sum;
+    krb5_data input = string2data(text);
+
+    assert(krb5_c_make_checksum(context, 0, keyblock, usage, &input,
+                                &sum) == 0);
+    assert(sum.length == 16);
+    assert(memcmp(sum.contents, expected, 16) == 0);
+    krb5_free_checksum_contents(context, &sum);
+}
+
+static void
+verify_cksum(krb5_context context)
+{
+    size_t i;
+    struct cksum_test *test;
+
+    for (i = 0; i < sizeof(cksum_tests) / sizeof(*cksum_tests); i++) {
+        test = &cksum_tests[i];
+        verify_cksum1(context, &key_128, test->usage, test->input,
+                      test->expected_128);
+        verify_cksum1(context, &key_256, test->usage, test->input,
+                      test->expected_256);
+    }
+}
+
+int
+main(int argc, char **argv)
+{
+    krb5_context context = NULL;
+    krb5_data seed = string2data("seed");
+
+    assert(krb5_c_random_seed(context, &seed) == 0);
+    if (argc >= 5 && strcmp(argv[1], "-ge") == 0) {
+        generate_enc(context, atoi(argv[2]), argv[3], argv[4]);
+    } else if (argc >= 4 && strcmp(argv[1], "-gc") == 0) {
+        generate_cksum(context, atoi(argv[2]), argv[3]);
+    } else {
+        verify_enc(context);
+        verify_cksum(context);
+    }
+    return 0;
+}

Added: branches/camellia-ccm/src/lib/crypto/crypto_tests/t_str2key.c
===================================================================
--- branches/camellia-ccm/src/lib/crypto/crypto_tests/t_str2key.c	                        (rev 0)
+++ branches/camellia-ccm/src/lib/crypto/crypto_tests/t_str2key.c	2010-08-06 03:12:06 UTC (rev 24234)
@@ -0,0 +1,334 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/crypto_tests/t_str2key.c
+ *
+ * Copyright (C) 2010 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * String-to-key test vectors
+ */
+
+#include "k5-int.h"
+
+struct test {
+    krb5_enctype enctype;
+    char *string;
+    char *salt;
+    krb5_data params;
+    krb5_data expected_key;
+} test_cases[] = {
+    /* Test vectors from RFC 3962 appendix B. */
+    { 
+        ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\0\1" },
+        { KV5M_DATA, 16,
+          "\x42\x26\x3C\x6E\x89\xF4\xFC\x28\xB8\xDF\x68\xEE\x09\x79\x9F\x15" }
+    },
+    { 
+        ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\0\1" },
+        { KV5M_DATA, 32,
+          "\xFE\x69\x7B\x52\xBC\x0D\x3C\xE1\x44\x32\xBA\x03\x6A\x92\xE6\x5B"
+          "\xBB\x52\x28\x09\x90\xA2\xFA\x27\x88\x39\x98\xD7\x2A\xF3\x01\x61" }
+    },
+    { 
+        ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\0\2" },
+        { KV5M_DATA, 16,
+          "\xC6\x51\xBF\x29\xE2\x30\x0A\xC2\x7F\xA4\x69\xD6\x93\xBD\xDA\x13" }
+    },
+    { 
+        ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\0\2" },
+        { KV5M_DATA, 32,
+          "\xA2\xE1\x6D\x16\xB3\x60\x69\xC1\x35\xD5\xE9\xD2\xE2\x5F\x89\x61"
+          "\x02\x68\x56\x18\xB9\x59\x14\xB4\x67\xC6\x76\x22\x22\x58\x24\xFF" }
+    },
+    { 
+        ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 16,
+          "\x4C\x01\xCD\x46\xD6\x32\xD0\x1E\x6D\xBE\x23\x0A\x01\xED\x64\x2A" }
+    },
+    { 
+        ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 32,
+          "\x55\xA6\xAC\x74\x0A\xD1\x7B\x48\x46\x94\x10\x51\xE1\xE8\xB0\xA7"
+          "\x54\x8D\x93\xB0\xAB\x30\xA8\xBC\x3F\xF1\x62\x80\x38\x2B\x8C\x2A" }
+    },
+    { 
+        ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+        "password",
+        "\x12\x34\x56\x78\x78\x56\x34\x12",
+        { KV5M_DATA, 4, "\0\0\0\5" },
+        { KV5M_DATA, 16,
+          "\xE9\xB2\x3D\x52\x27\x37\x47\xDD\x5C\x35\xCB\x55\xBE\x61\x9D\x8E" }
+    },
+    { 
+        ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+        "password",
+        "\x12\x34\x56\x78\x78\x56\x34\x12",
+        { KV5M_DATA, 4, "\0\0\0\5" },
+        { KV5M_DATA, 32,
+          "\x97\xA4\xE7\x86\xBE\x20\xD8\x1A\x38\x2D\x5E\xBC\x96\xD5\x90\x9C"
+          "\xAB\xCD\xAD\xC8\x7C\xA4\x8F\x57\x45\x04\x15\x9F\x16\xC3\x6E\x31" }
+    },
+    { 
+        ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+        "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+        "pass phrase equals block size",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 16,
+          "\x59\xD1\xBB\x78\x9A\x82\x8B\x1A\xA5\x4E\xF9\xC2\x88\x3F\x69\xED" }
+    },
+    { 
+        ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+        "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+        "pass phrase equals block size",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 32,
+          "\x89\xAD\xEE\x36\x08\xDB\x8B\xC7\x1F\x1B\xFB\xFE\x45\x94\x86\xB0"
+          "\x56\x18\xB7\x0C\xBA\xE2\x20\x92\x53\x4E\x56\xC5\x53\xBA\x4B\x34" }
+    },
+    { 
+        ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+        "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+        "pass phrase exceeds block size",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 16,
+          "\xCB\x80\x05\xDC\x5F\x90\x17\x9A\x7F\x02\x10\x4C\x00\x18\x75\x1D" }
+    },
+    { 
+        ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+        "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+        "pass phrase exceeds block size",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 32,
+          "\xD7\x8C\x5C\x9C\xB8\x72\xA8\xC9\xDA\xD4\x69\x7F\x0B\xB5\xB2\xD2"
+          "\x14\x96\xC8\x2B\xEB\x2C\xAE\xDA\x21\x12\xFC\xEE\xA0\x57\x40\x1B" }
+    },
+    { 
+        ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+        "\xF0\x9D\x84\x9E",
+        "EXAMPLE.COMpianist",
+        { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+        { KV5M_DATA, 16,
+          "\xF1\x49\xC1\xF2\xE1\x54\xA7\x34\x52\xD4\x3E\x7F\xE6\x2A\x56\xE5" }
+    },
+    { 
+        ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+        "\xF0\x9D\x84\x9E",
+        "EXAMPLE.COMpianist",
+        { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+        { KV5M_DATA, 32,
+          "\x4B\x6D\x98\x39\xF8\x44\x06\xDF\x1F\x09\xCC\x16\x6D\xB4\xB8\x3C"
+          "\x57\x18\x48\xB7\x84\xA3\xD6\xBD\xC3\x46\x58\x9A\x3E\x39\x3F\x9E" }
+    },
+
+    /* The same inputs applied to camellia-ccm enctypes. */
+    { 
+        ENCTYPE_CAMELLIA128_CCM_128,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\0\1" },
+        { KV5M_DATA, 16,
+          "\xF0\x10\x02\xD2\xB1\xF9\xA1\xAD\xE2\x57\xEE\xF7\x52\x9C\x2A\x16" }
+    },
+    { 
+        ENCTYPE_CAMELLIA256_CCM_128,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\0\1" },
+        { KV5M_DATA, 32,
+          "\xD7\xEF\x37\xE2\xD1\x05\x5E\xB7\xD7\x6B\x06\x39\x6E\xF7\x00\x52"
+          "\x3D\xA4\xB0\xB7\xA0\x53\xF5\xCC\x5F\xAE\x4A\x39\xCF\xC5\x75\x0F" }
+    },
+    { 
+        ENCTYPE_CAMELLIA128_CCM_128,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\0\2" },
+        { KV5M_DATA, 16,
+          "\xDD\x74\x90\xC0\x57\x4A\x44\x6B\x10\x3A\xB3\x1B\x6D\xE4\x77\x4F" }
+    },
+    { 
+        ENCTYPE_CAMELLIA256_CCM_128,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\0\2" },
+        { KV5M_DATA, 32,
+          "\x68\xC1\x64\x74\x09\x42\x8F\x59\x47\x9B\x26\xC3\x98\x6D\x5B\xB8"
+          "\x66\x1C\xDE\x3C\x66\x79\xA0\xF5\x2C\x89\x01\xBD\x78\xDC\xEB\xA2" }
+    },
+    { 
+        ENCTYPE_CAMELLIA128_CCM_128,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 16,
+          "\x1A\xA9\x0A\xA6\x1E\x0B\x3C\xB8\x6A\xA5\xA7\x7E\xD8\x44\x9D\x3B" }
+    },
+    { 
+        ENCTYPE_CAMELLIA256_CCM_128,
+        "password",
+        "ATHENA.MIT.EDUraeburn",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 32,
+          "\xF8\x29\xBC\xE4\xBB\xB1\xA2\x4B\x01\xA0\xE8\xB1\xA7\x09\x52\x0A"
+          "\x61\x38\xE9\xAF\xE5\x13\x84\x59\xB2\x0B\xAC\xCA\xB2\x4D\x5F\xAA" }
+    },
+    { 
+        ENCTYPE_CAMELLIA128_CCM_128,
+        "password",
+        "\x12\x34\x56\x78\x78\x56\x34\x12",
+        { KV5M_DATA, 4, "\0\0\0\5" },
+        { KV5M_DATA, 16,
+          "\x35\x70\xC6\x68\x0D\xC6\xE9\xB0\x2E\x01\x28\x8B\xD0\xD2\xB6\x9B" }
+    },
+    { 
+        ENCTYPE_CAMELLIA256_CCM_128,
+        "password",
+        "\x12\x34\x56\x78\x78\x56\x34\x12",
+        { KV5M_DATA, 4, "\0\0\0\5" },
+        { KV5M_DATA, 32,
+          "\x40\xB3\xB7\xC8\xF9\xC3\xB8\x65\x18\x10\xDC\x28\x42\x2D\x5F\x6D"
+          "\x10\xA6\xB3\xE9\xE1\x2A\x71\xFF\xA6\x35\x41\x08\x4A\xFA\x2C\xA2" }
+    },
+    { 
+        ENCTYPE_CAMELLIA128_CCM_128,
+        "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+        "pass phrase equals block size",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 16,
+          "\xFF\x99\x18\x52\x84\x8E\x67\x50\x4C\x09\x4F\x94\x68\xC9\xD6\x05" }
+    },
+    { 
+        ENCTYPE_CAMELLIA256_CCM_128,
+        "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+        "pass phrase equals block size",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 32,
+          "\x56\x5C\x0A\x29\xC0\x58\xCD\xDC\x3C\xD8\xA9\xF3\x0A\x92\xAA\xD7"
+          "\xFE\x30\xEA\xD4\x16\xC1\x51\xAA\x9B\x54\x75\x56\x62\xF0\x95\xDD" }
+    },
+    { 
+        ENCTYPE_CAMELLIA128_CCM_128,
+        "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+        "pass phrase exceeds block size",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 16,
+          "\xAC\x83\x28\x64\x10\xA2\x8C\x76\x64\x79\x60\xF6\xA0\x37\x88\x03" }
+    },
+    { 
+        ENCTYPE_CAMELLIA256_CCM_128,
+        "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+        "pass phrase exceeds block size",
+        { KV5M_DATA, 4, "\0\0\x04\xB0" }, /* 1200 */
+        { KV5M_DATA, 32,
+          "\xD3\x25\x4A\x5B\x45\x1F\x27\x9C\x1A\xD6\x29\x3E\x72\xF0\x69\x55"
+          "\xEB\xFF\x36\xB6\x47\xDF\x97\x48\x97\x18\xD7\x5C\xF0\x6C\x40\x7C" }
+    },
+    { 
+        ENCTYPE_CAMELLIA128_CCM_128,
+        "\xf0\x9d\x84\x9e",
+        "EXAMPLE.COMpianist",
+        { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+        { KV5M_DATA, 16,
+          "\x5D\xBD\x71\x57\x09\x38\x59\x81\xDA\xAB\xA2\x8A\x43\x10\xD7\x20" }
+    },
+    { 
+        ENCTYPE_CAMELLIA256_CCM_128,
+        "\xf0\x9d\x84\x9e",
+        "EXAMPLE.COMpianist",
+        { KV5M_DATA, 4, "\0\0\0\x32" }, /* 50 */
+        { KV5M_DATA, 32,
+          "\x6A\x1F\x10\xE5\x74\x4E\x32\xDD\x33\x49\x03\xA8\xEB\xD1\x42\x7E"
+          "\x4C\x8D\x3D\x6D\xA5\x76\x77\x50\x4C\x38\x4C\x24\x33\x0B\x60\x3D" }
+    }
+};
+
+static void
+printkey(krb5_keyblock *keyblock)
+{
+    unsigned int i;
+
+    for (i = 0; i < keyblock->length; i++) {
+        printf("%02X", keyblock->contents[i]);
+        if (i + 1 < keyblock->length)
+            printf(" ");
+    }
+    printf("\n");
+}
+
+int
+main(int argc, char **argv)
+{
+    krb5_context context = NULL;
+    krb5_data string, salt;
+    krb5_error_code ret;
+    krb5_keyblock *keyblock;
+    size_t i;
+    struct test *test;
+    krb5_boolean verbose = FALSE;
+
+    if (argc >= 2 && strcmp(argv[1], "-v") == 0)
+        verbose = TRUE;
+    for (i = 0; i < sizeof(test_cases) / sizeof(*test_cases); i++) {
+        test = &test_cases[i];
+        string = string2data(test->string);
+        salt = string2data(test->salt);
+        assert(krb5_init_keyblock(context, test->enctype, 0, &keyblock) == 0);
+        ret = krb5_c_string_to_key_with_params(context, test->enctype,
+                                               &string, &salt, &test->params,
+                                               keyblock);
+        if (ret != 0) {
+            com_err(argv[0], ret, "in krb5_c_string_to_key_with_params");
+            exit(1);
+        }
+        if (verbose) {
+            printf("Test %02d: ", (int)i);
+            printkey(keyblock);
+        }
+        assert(keyblock->length == test->expected_key.length);
+        if (memcmp(keyblock->contents, test->expected_key.data,
+                   keyblock->length) != 0) {
+            printf("str2key test %d failed\n", (int)i);
+            exit(1);
+        }
+        krb5_free_keyblock(context, keyblock);
+    }
+    return 0;
+}




More information about the cvs-krb5 mailing list