krb5 commit: Add tests for GSS IOV and AEAD interfaces

Greg Hudson ghudson at MIT.EDU
Fri Sep 6 01:14:36 EDT 2013


https://github.com/krb5/krb5/commit/ecd91cd350b2c3880b3f967acfcb00ac1bdac154
commit ecd91cd350b2c3880b3f967acfcb00ac1bdac154
Author: Greg Hudson <ghudson at mit.edu>
Date:   Wed Sep 4 14:23:27 2013 -0400

    Add tests for GSS IOV and AEAD interfaces
    
    Add a new test program t_iov.c which tests various combinations of
    wrapping and unwrapping using the IOV and AEAD interfaces.  Run it
    with and without SPNEGO in each enctype configuration.

 src/tests/gssapi/Makefile.in |   12 +-
 src/tests/gssapi/deps        |    4 +
 src/tests/gssapi/t_gssapi.py |    5 +-
 src/tests/gssapi/t_iov.c     |  471 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 486 insertions(+), 6 deletions(-)

diff --git a/src/tests/gssapi/Makefile.in b/src/tests/gssapi/Makefile.in
index 04cba07..b40e5b8 100644
--- a/src/tests/gssapi/Makefile.in
+++ b/src/tests/gssapi/Makefile.in
@@ -5,22 +5,22 @@ DEFINES = -DUSE_AUTOCONF_H
 SRCS=	$(srcdir)/t_accname.c $(srcdir)/t_ccselect.c $(srcdir)/t_credstore.c \
 	$(srcdir)/t_export_cred.c $(srcdir)/t_export_name.c \
 	$(srcdir)/t_gssexts.c $(srcdir)/t_imp_cred.c $(srcdir)/t_imp_name.c \
-	$(srcdir)/t_inq_cred.c $(srcdir)/t_inq_mechs_name.c \
+	$(srcdir)/t_inq_cred.c $(srcdir)/t_inq_mechs_name.c $(srcdir)/t_iov.c \
 	$(srcdir)/t_namingexts.c $(srcdir)/t_s4u.c \
 	$(srcdir)/t_s4u2proxy_krb5.c $(srcdir)/t_saslname.c \
 	$(srcdir)/t_spnego.c
 
 OBJS=	ccinit.o ccrefresh.o common.o t_accname.o t_ccselect.o t_credstore.o \
 	t_export_cred.o t_export_name.o t_gssexts.o t_imp_cred.o t_imp_name.o \
-	t_inq_cred.o t_inq_mechs_name.o t_namingexts.o t_oid.o t_s4u.o \
-	t_s4u2proxy_krb5.o t_saslname.o t_spnego.o
+	t_inq_cred.o t_inq_mechs_name.o t_iov.o t_namingexts.o t_oid.o \
+	t_s4u.o t_s4u2proxy_krb5.o t_saslname.o t_spnego.o
 
 COMMON_DEPS= common.o $(GSS_DEPLIBS) $(KRB5_BASE_DEPLIBS)
 COMMON_LIBS= common.o $(GSS_LIBS) $(KRB5_BASE_LIBS)
 
 all:: ccinit ccrefresh t_accname t_ccselect t_credstore t_enctypes \
 	t_export_cred t_export_name t_gssexts t_imp_cred t_imp_name \
-	t_inq_cred t_inq_mechs_name t_namingexts t_s4u t_s4u2proxy_krb5 \
+	t_inq_cred t_inq_mechs_name t_iov t_namingexts t_s4u t_s4u2proxy_krb5 \
 	t_saslname t_spnego t_oid
 
 check-unix:: t_oid
@@ -28,7 +28,7 @@ check-unix:: t_oid
 
 check-pytests:: ccinit ccrefresh t_accname t_ccselect t_credstore \
 	t_export_cred t_export_name t_imp_cred t_inq_cred t_inq_mechs_name \
-	t_s4u t_s4u2proxy_krb5 t_spnego
+	t_iov t_s4u t_s4u2proxy_krb5 t_spnego
 	$(RUNPYTEST) $(srcdir)/t_gssapi.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_ccselect.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_client_keytab.py $(PYTESTFLAGS)
@@ -62,6 +62,8 @@ t_inq_cred: t_inq_cred.o $(COMMON_DEPS)
 	$(CC_LINK) -o $@ t_inq_cred.o $(COMMON_LIBS)
 t_inq_mechs_name: t_inq_mechs_name.o $(COMMON_DEPS)
 	$(CC_LINK) -o $@ t_inq_mechs_name.o $(COMMON_LIBS)
+t_iov: t_iov.o $(COMMON_DEPS)
+	$(CC_LINK) -o $@ t_iov.o $(COMMON_LIBS)
 t_namingexts: t_namingexts.o $(COMMON_DEPS)
 	$(CC_LINK) -o $@ t_namingexts.o $(COMMON_LIBS)
 t_s4u: t_s4u.o $(COMMON_DEPS)
diff --git a/src/tests/gssapi/deps b/src/tests/gssapi/deps
index c576f35..2e74a2a 100644
--- a/src/tests/gssapi/deps
+++ b/src/tests/gssapi/deps
@@ -43,6 +43,10 @@ $(OUTPRE)t_inq_mechs_name.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
   $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssapi/gssapi_krb5.h \
   $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h \
   common.h t_inq_mechs_name.c
+$(OUTPRE)t_iov.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
+  $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssapi/gssapi_krb5.h \
+  $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h \
+  common.h t_iov.c
 $(OUTPRE)t_namingexts.$(OBJEXT): $(BUILDTOP)/include/gssapi/gssapi.h \
   $(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssapi/gssapi_krb5.h \
   $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/include/krb5.h \
diff --git a/src/tests/gssapi/t_gssapi.py b/src/tests/gssapi/t_gssapi.py
index 5583b02..2b86d3e 100755
--- a/src/tests/gssapi/t_gssapi.py
+++ b/src/tests/gssapi/t_gssapi.py
@@ -1,9 +1,12 @@
 #!/usr/bin/python
 from k5test import *
 
-# Test krb5 negotiation under SPNEGO for all enctype configurations.
+# Test krb5 negotiation under SPNEGO for all enctype configurations.  Also
+# test IOV wrap/unwrap with and without SPNEGO.
 for realm in multipass_realms():
     realm.run(['./t_spnego','p:' + realm.host_princ, realm.keytab])
+    realm.run(['./t_iov', 'p:' + realm.host_princ])
+    realm.run(['./t_iov', '-s', 'p:' + realm.host_princ])
 
 ### Test acceptor name behavior.
 
diff --git a/src/tests/gssapi/t_iov.c b/src/tests/gssapi/t_iov.c
new file mode 100644
index 0000000..8a74b4e
--- /dev/null
+++ b/src/tests/gssapi/t_iov.c
@@ -0,0 +1,471 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* tests/gssapi/t_iov.c - Test program for IOV functions */
+/*
+ * Copyright (C) 2013 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in
+ *   the documentation and/or other materials provided with the
+ *   distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stddef.h>
+#include "common.h"
+
+/* Release all library-allocated buffers in iov. */
+static void
+release_iov(gss_iov_buffer_desc *iov, size_t len)
+{
+    OM_uint32 minor;
+    size_t i;
+
+    for (i = 0; i < len; i++) {
+        if (GSS_IOV_BUFFER_FLAGS(iov[i].type) & GSS_IOV_BUFFER_FLAG_ALLOCATED)
+            (void)gss_release_buffer(&minor, &iov[i].buffer);
+    }
+}
+
+/* Concatenate iov (except for sign-only buffers) into a contiguous token. */
+static void
+concat_iov(gss_iov_buffer_desc *iov, size_t iovlen, char **buf_out,
+           size_t *len_out)
+{
+    size_t len, i;
+    char *buf;
+
+    /* Concatenate the result into a contiguous buffer. */
+    len = 0;
+    for (i = 0; i < iovlen; i++) {
+        if (GSS_IOV_BUFFER_TYPE(iov[i].type) != GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
+            len += iov[i].buffer.length;
+    }
+    buf = malloc(len);
+    if (buf == NULL)
+        errout("malloc failed");
+    len = 0;
+    for (i = 0; i < iovlen; i++) {
+        if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
+            continue;
+        memcpy(buf + len, iov[i].buffer.value, iov[i].buffer.length);
+        len += iov[i].buffer.length;
+    }
+    *buf_out = buf;
+    *len_out = len;
+}
+
+static void
+check_encrypted(const char *msg, int conf, const char *buf, const char *plain)
+{
+    int same = memcmp(buf, plain, strlen(plain)) == 0;
+
+    if ((conf && same) || (!conf && !same))
+        errout(msg);
+}
+
+/*
+ * Wrap str in standard form (HEADER | DATA | PADDING | TRAILER) using the
+ * caller-provided array iov, which must have space for four elements.  Library
+ * allocation will be used for the header/padding/trailer buffers, so the
+ * caller must check and free them.
+ */
+static void
+wrap_std(gss_ctx_id_t ctx, char *str, gss_iov_buffer_desc *iov, int conf)
+{
+    OM_uint32 minor, major;
+    int oconf;
+
+    /* Lay out iov array. */
+    iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+    iov[1].type = GSS_IOV_BUFFER_TYPE_DATA;
+    iov[1].buffer.value = str;
+    iov[1].buffer.length = strlen(str);
+    iov[2].type = GSS_IOV_BUFFER_TYPE_PADDING | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+    iov[3].type = GSS_IOV_BUFFER_TYPE_TRAILER | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+
+    /* Wrap.  This will allocate header/padding/trailer buffers as necessary
+     * and encrypt str in place. */
+    major = gss_wrap_iov(&minor, ctx, conf, GSS_C_QOP_DEFAULT, &oconf, iov, 4);
+    check_gsserr("gss_wrap_iov(std)", major, minor);
+    if (oconf != conf)
+        errout("gss_wrap_iov(std) conf");
+}
+
+/* Create standard tokens using gss_wrap_iov and ctx1, and make sure we can
+ * unwrap them using ctx2 in all of the supported ways. */
+static void
+test_standard_wrap(gss_ctx_id_t ctx1, gss_ctx_id_t ctx2, int conf)
+{
+    OM_uint32 major, minor;
+    gss_iov_buffer_desc iov[4], stiov[2];
+    gss_qop_t qop;
+    gss_buffer_desc input, output;
+    const char *string1 = "The swift brown fox jumped over the lazy dog.";
+    const char *string2 = "Now is the time!";
+    const char *string3 = "x";
+    const char *string4 = "!@#";
+    char data[1024], *fulltoken;
+    size_t len;
+    int oconf;
+    ptrdiff_t offset;
+
+    /* Wrap a standard token and unwrap it using the iov array. */
+    memcpy(data, string1, strlen(string1) + 1);
+    wrap_std(ctx1, data, iov, conf);
+    check_encrypted("gss_wrap_iov(std1) encryption", conf, data, string1);
+    major = gss_unwrap_iov(&minor, ctx2, &oconf, &qop, iov, 4);
+    check_gsserr("gss_unwrap_iov(std1)", major, minor);
+    if (oconf != conf || qop != GSS_C_QOP_DEFAULT)
+        errout("gss_unwrap_iov(std1) conf/qop");
+    if (iov[1].buffer.value != data || iov[1].buffer.length != strlen(string1))
+        errout("gss_unwrap_iov(std1) data buffer");
+    if (memcmp(data, string1, iov[1].buffer.length) != 0)
+        errout("gss_unwrap_iov(std1) decryption");
+    release_iov(iov, 4);
+
+    /* Wrap a standard token and unwrap it using gss_unwrap(). */
+    memcpy(data, string2, strlen(string2) + 1);
+    wrap_std(ctx1, data, iov, conf);
+    concat_iov(iov, 4, &fulltoken, &len);
+    input.value = fulltoken;
+    input.length = len;
+    major = gss_unwrap(&minor, ctx2, &input, &output, &oconf, &qop);
+    check_gsserr("gss_unwrap(std2)", major, minor);
+    if (oconf != conf || qop != GSS_C_QOP_DEFAULT)
+        errout("gss_unwrap(std2) conf/qop");
+    if (output.length != strlen(string2) ||
+        memcmp(output.value, string2, output.length) != 0)
+        errout("gss_unwrap(std2) decryption");
+    (void)gss_release_buffer(&minor, &output);
+    free(fulltoken);
+    release_iov(iov, 4);
+
+    /* Wrap a standard token and unwrap it using a stream buffer. */
+    memcpy(data, string3, strlen(string3) + 1);
+    wrap_std(ctx1, data, iov, conf);
+    concat_iov(iov, 4, &fulltoken, &len);
+    stiov[0].type = GSS_IOV_BUFFER_TYPE_STREAM;
+    stiov[0].buffer.value = fulltoken;
+    stiov[0].buffer.length = len;
+    stiov[1].type = GSS_IOV_BUFFER_TYPE_DATA;
+    major = gss_unwrap_iov(&minor, ctx2, &oconf, &qop, stiov, 2);
+    check_gsserr("gss_unwrap_iov(std3)", major, minor);
+    if (oconf != conf || qop != GSS_C_QOP_DEFAULT)
+        errout("gss_unwrap_iov(std3) conf/qop");
+    if (stiov[1].buffer.length != strlen(string3) ||
+        memcmp(stiov[1].buffer.value, string3, strlen(string3)) != 0)
+        errout("gss_unwrap_iov(std3) decryption");
+    offset = (char *)stiov[1].buffer.value - fulltoken;
+    if (offset < 0 || (size_t)offset > len)
+        errout("gss_unwrap_iov(std3) offset");
+    free(fulltoken);
+    release_iov(iov, 4);
+
+    /* Wrap a token using gss_wrap and unwrap it using a stream buffer with
+     * allocation and copying. */
+    input.value = (char *)string4;
+    input.length = strlen(string4);
+    major = gss_wrap(&minor, ctx1, conf, GSS_C_QOP_DEFAULT, &input, &oconf,
+                     &output);
+    check_gsserr("gss_wrap(std4)", major, minor);
+    if (oconf != conf)
+        errout("gss_wrap(std4) conf");
+    stiov[0].type = GSS_IOV_BUFFER_TYPE_STREAM;
+    stiov[0].buffer = output;
+    stiov[1].type = GSS_IOV_BUFFER_TYPE_DATA | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+    major = gss_unwrap_iov(&minor, ctx2, &oconf, &qop, stiov, 2);
+    check_gsserr("gss_unwrap_iov(std4)", major, minor);
+    if (!(GSS_IOV_BUFFER_FLAGS(stiov[1].type) & GSS_IOV_BUFFER_FLAG_ALLOCATED))
+        errout("gss_unwrap_iov(std4) allocated");
+    if (oconf != conf || qop != GSS_C_QOP_DEFAULT)
+        errout("gss_unwrap_iov(std4) conf/qop");
+    if (stiov[1].buffer.length != strlen(string4) ||
+        memcmp(stiov[1].buffer.value, string4, strlen(string4)) != 0)
+        errout("gss_unwrap_iov(std4) decryption");
+    (void)gss_release_buffer(&minor, &output);
+    release_iov(stiov, 2);
+}
+
+/*
+ * Wrap an AEAD token (HEADER | SIGN_ONLY | DATA | PADDING | TRAILER) using the
+ * caller-provided array iov, which must have space for five elements, and the
+ * caller-provided buffer data, which must be big enough to handle the test
+ * inputs.  Library allocation will not be used.
+ */
+static void
+wrap_aead(gss_ctx_id_t ctx, const char *sign, const char *wrap,
+          gss_iov_buffer_desc *iov, char *data, int conf)
+{
+    OM_uint32 major, minor;
+    int oconf;
+    char *ptr;
+
+    /* Lay out iov array. */
+    iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER;
+    iov[1].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY;
+    iov[1].buffer.value = (char *)sign;
+    iov[1].buffer.length = strlen(sign);
+    iov[2].type = GSS_IOV_BUFFER_TYPE_DATA;
+    iov[2].buffer.value = (char *)wrap;
+    iov[2].buffer.length = strlen(wrap);
+    iov[3].type = GSS_IOV_BUFFER_TYPE_PADDING;
+    iov[4].type = GSS_IOV_BUFFER_TYPE_TRAILER;
+
+    /* Get header/padding/trailer lengths. */
+    major = gss_wrap_iov_length(&minor, ctx, conf, GSS_C_QOP_DEFAULT, &oconf,
+                                iov, 5);
+    check_gsserr("gss_wrap_iov_length(aead)", major, minor);
+    if (oconf != conf)
+        errout("gss_wrap_iov_length(aead) conf");
+    if (iov[1].buffer.value != sign || iov[1].buffer.length != strlen(sign))
+        errout("gss_wrap_iov_length(aead) sign-only buffer");
+    if (iov[2].buffer.value != wrap || iov[2].buffer.length != strlen(wrap))
+        errout("gss_wrap_iov_length(aead) data buffer");
+
+    /* Set iov buffer pointers using returned lengths. */
+    iov[0].buffer.value = data;
+    ptr = data + iov[0].buffer.length;
+    memcpy(ptr, wrap, strlen(wrap));
+    iov[2].buffer.value = ptr;
+    ptr += iov[2].buffer.length;
+    iov[3].buffer.value = ptr;
+    ptr += iov[3].buffer.length;
+    iov[4].buffer.value = ptr;
+
+    /* Wrap the AEAD token. */
+    major = gss_wrap_iov(&minor, ctx, conf, GSS_C_QOP_DEFAULT, &oconf, iov, 5);
+    check_gsserr("gss_wrap_iov(aead)", major, minor);
+    if (oconf != conf)
+        errout("gss_wrap_iov(aead) conf");
+    if (iov[1].buffer.value != sign || iov[1].buffer.length != strlen(sign))
+        errout("gss_wrap_iov(aead) sign-only buffer");
+    if (iov[2].buffer.length != strlen(wrap))
+        errout("gss_wrap_iov(aead) data buffer");
+    check_encrypted("gss_wrap_iov(aead) encryption", conf, iov[2].buffer.value,
+                    wrap);
+}
+
+/* Create AEAD tokens using gss_wrap_iov and ctx1, and make sure we can unwrap
+ * them using ctx2 in all of the supported ways. */
+static void
+test_aead(gss_ctx_id_t ctx1, gss_ctx_id_t ctx2, int conf)
+{
+    OM_uint32 major, minor;
+    gss_iov_buffer_desc iov[5], stiov[3];
+    gss_qop_t qop;
+    gss_buffer_desc input, assoc, output;
+    const char *sign = "This data is only signed.";
+    const char *wrap = "This data is wrapped in-place.";
+    char data[1024], *fulltoken;
+    size_t len;
+    int oconf;
+    ptrdiff_t offset;
+
+    /* Wrap an AEAD token and unwrap it using the IOV array. */
+    wrap_aead(ctx1, sign, wrap, iov, data, conf);
+    major = gss_unwrap_iov(&minor, ctx2, &oconf, &qop, iov, 5);
+    check_gsserr("gss_unwrap_iov(aead1)", major, minor);
+    if (oconf != conf || qop != GSS_C_QOP_DEFAULT)
+        errout("gss_unwrap_iov(aead1) conf/qop");
+    if (iov[1].buffer.value != sign || iov[1].buffer.length != strlen(sign))
+        errout("gss_unwrap_iov(aead1) sign-only buffer");
+    if (iov[2].buffer.length != strlen(wrap) ||
+        memcmp(iov[2].buffer.value, wrap, iov[2].buffer.length) != 0)
+        errout("gss_unwrap_iov(aead1) decryption");
+
+    /* Wrap an AEAD token and unwrap it using gss_unwrap_aead. */
+    wrap_aead(ctx1, sign, wrap, iov, data, conf);
+    concat_iov(iov, 5, &fulltoken, &len);
+    input.value = fulltoken;
+    input.length = len;
+    assoc.value = (char *)sign;
+    assoc.length = strlen(sign);
+    major = gss_unwrap_aead(&minor, ctx2, &input, &assoc, &output, &oconf,
+                            &qop);
+    check_gsserr("gss_unwrap_aead(aead2)", major, minor);
+    if (output.length != strlen(wrap) ||
+        memcmp(output.value, wrap, output.length) != 0)
+        errout("gss_unwrap_aead(aead2) decryption");
+    free(fulltoken);
+    (void)gss_release_buffer(&minor, &output);
+
+    /* Wrap an AEAD token and unwrap it using a stream buffer. */
+    wrap_aead(ctx1, sign, wrap, iov, data, conf);
+    concat_iov(iov, 5, &fulltoken, &len);
+    stiov[0].type = GSS_IOV_BUFFER_TYPE_STREAM;
+    stiov[0].buffer.value = fulltoken;
+    stiov[0].buffer.length = len;
+    stiov[1].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY;
+    stiov[1].buffer.value = (char *)sign;
+    stiov[1].buffer.length = strlen(sign);
+    stiov[2].type = GSS_IOV_BUFFER_TYPE_DATA;
+    major = gss_unwrap_iov(&minor, ctx2, &oconf, &qop, stiov, 3);
+    check_gsserr("gss_unwrap_iov(aead3)", major, minor);
+    if (oconf != conf || qop != GSS_C_QOP_DEFAULT)
+        errout("gss_unwrap_iov(aead3) conf/qop");
+    if (stiov[2].buffer.length != strlen(wrap) ||
+        memcmp(stiov[2].buffer.value, wrap, strlen(wrap)) != 0)
+        errout("gss_unwrap_iov(aead3) decryption");
+    offset = (char *)stiov[2].buffer.value - fulltoken;
+    if (offset < 0 || (size_t)offset > len)
+        errout("gss_unwrap_iov(aead3) offset");
+    free(fulltoken);
+    release_iov(iov, 4);
+
+    /* Wrap a token using gss_wrap_aead and unwrap it using a stream buffer
+     * with allocation and copying. */
+    input.value = (char *)wrap;
+    input.length = strlen(wrap);
+    assoc.value = (char *)sign;
+    assoc.length = strlen(sign);
+    major = gss_wrap_aead(&minor, ctx1, conf, GSS_C_QOP_DEFAULT, &assoc,
+                          &input, &oconf, &output);
+    check_gsserr("gss_wrap_aead(aead4)", major, minor);
+    if (oconf != conf)
+        errout("gss_wrap(aead4) conf");
+    stiov[0].type = GSS_IOV_BUFFER_TYPE_STREAM;
+    stiov[0].buffer = output;
+    stiov[1].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY;
+    stiov[1].buffer = assoc;
+    stiov[2].type = GSS_IOV_BUFFER_TYPE_DATA | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+    major = gss_unwrap_iov(&minor, ctx2, &oconf, &qop, stiov, 3);
+    check_gsserr("gss_unwrap_iov(aead4)", major, minor);
+    if (!(GSS_IOV_BUFFER_FLAGS(stiov[2].type) & GSS_IOV_BUFFER_FLAG_ALLOCATED))
+        errout("gss_unwrap_iov(aead4) allocated");
+    if (oconf != conf || qop != GSS_C_QOP_DEFAULT)
+        errout("gss_unwrap_iov(aead4) conf/qop");
+    if (stiov[2].buffer.length != strlen(wrap) ||
+        memcmp(stiov[2].buffer.value, wrap, strlen(wrap)) != 0)
+        errout("gss_unwrap_iov(aead4) decryption");
+    (void)gss_release_buffer(&minor, &output);
+    release_iov(stiov, 3);
+}
+
+/* Create a DCE-style token and make sure we can unwrap it. */
+static void
+test_dce(gss_ctx_id_t ctx1, gss_ctx_id_t ctx2, int conf)
+{
+    OM_uint32 major, minor;
+    gss_iov_buffer_desc iov[4];
+    gss_qop_t qop;
+    const char *sign1 = "First data to be signed";
+    const char *sign2 = "Second data to be signed";
+    const char *wrap = "This data must align to 16 bytes";
+    int oconf;
+    char data[1024];
+
+    /* Wrap a SIGN_ONLY_1 | DATA | SIGN_ONLY_2 | HEADER token. */
+    memcpy(data, wrap, strlen(wrap) + 1);
+    iov[0].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY;
+    iov[0].buffer.value = (char *)sign1;
+    iov[0].buffer.length = strlen(sign1);
+    iov[1].type = GSS_IOV_BUFFER_TYPE_DATA;
+    iov[1].buffer.value = data;
+    iov[1].buffer.length = strlen(wrap);
+    iov[2].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY;
+    iov[2].buffer.value = (char *)sign2;
+    iov[2].buffer.length = strlen(sign2);
+    iov[3].type = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+    major = gss_wrap_iov(&minor, ctx1, conf, GSS_C_QOP_DEFAULT, &oconf, iov,
+                         4);
+    check_gsserr("gss_wrap_iov(dce)", major, minor);
+    if (oconf != conf)
+        errout("gss_wrap_iov(dce) conf");
+    if (iov[0].buffer.value != sign1 || iov[0].buffer.length != strlen(sign1))
+        errout("gss_wrap_iov(dce) sign1 buffer");
+    if (iov[1].buffer.value != data || iov[1].buffer.length != strlen(wrap))
+        errout("gss_wrap_iov(dce) data buffer");
+    if (iov[2].buffer.value != sign2 || iov[2].buffer.length != strlen(sign2))
+        errout("gss_wrap_iov(dce) sign2 buffer");
+    check_encrypted("gss_wrap_iov(dce) encryption", conf, data, wrap);
+
+    /* Make sure we can unwrap it. */
+    major = gss_unwrap_iov(&minor, ctx2, &oconf, &qop, iov, 4);
+    check_gsserr("gss_unwrap_iov(std1)", major, minor);
+    if (oconf != conf || qop != GSS_C_QOP_DEFAULT)
+        errout("gss_unwrap_iov(std1) conf/qop");
+    if (iov[0].buffer.value != sign1 || iov[0].buffer.length != strlen(sign1))
+        errout("gss_unwrap_iov(dce) sign1 buffer");
+    if (iov[1].buffer.value != data || iov[1].buffer.length != strlen(wrap))
+        errout("gss_unwrap_iov(dce) data buffer");
+    if (iov[2].buffer.value != sign2 || iov[2].buffer.length != strlen(sign2))
+        errout("gss_unwrap_iov(dce) sign2 buffer");
+    if (memcmp(data, wrap, iov[1].buffer.length) != 0)
+        errout("gss_unwrap_iov(dce) decryption");
+    release_iov(iov, 4);
+}
+
+int
+main(int argc, char *argv[])
+{
+    OM_uint32 minor, flags;
+    gss_OID mech = &mech_krb5;
+    gss_name_t tname;
+    gss_ctx_id_t ictx, actx;
+
+    /* Parse arguments. */
+    argv++;
+    if (*argv != NULL && strcmp(*argv, "-s") == 0) {
+        mech = &mech_spnego;
+        argv++;
+    }
+    if (*argv == NULL || *(argv + 1) != NULL)
+        errout("Usage: t_iov [-s] targetname");
+    tname = import_name(*argv);
+
+    flags = GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG | GSS_C_MUTUAL_FLAG;
+    establish_contexts(mech, GSS_C_NO_CREDENTIAL, GSS_C_NO_CREDENTIAL, tname,
+                       flags, &ictx, &actx, NULL, NULL, NULL);
+
+    /* Test standard token wrapping and unwrapping in both directions, with and
+     * without confidentiality. */
+    test_standard_wrap(ictx, actx, 0);
+    test_standard_wrap(ictx, actx, 1);
+    test_standard_wrap(actx, ictx, 0);
+    test_standard_wrap(actx, ictx, 1);
+
+    /* Test AEAD wrapping. */
+    test_aead(ictx, actx, 0);
+    test_aead(ictx, actx, 1);
+    test_aead(actx, ictx, 0);
+    test_aead(actx, ictx, 1);
+
+    /* Test DCE wrapping with DCE-style contexts. */
+    (void)gss_delete_sec_context(&minor, &ictx, NULL);
+    (void)gss_delete_sec_context(&minor, &actx, NULL);
+    flags = GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG | GSS_C_DCE_STYLE;
+    establish_contexts(mech, GSS_C_NO_CREDENTIAL, GSS_C_NO_CREDENTIAL, tname,
+                       flags, &ictx, &actx, NULL, NULL, NULL);
+    test_dce(ictx, actx, 0);
+    test_dce(ictx, actx, 1);
+    test_dce(actx, ictx, 0);
+    test_dce(actx, ictx, 1);
+
+    (void)gss_release_name(&minor, &tname);
+    (void)gss_delete_sec_context(&minor, &ictx, NULL);
+    (void)gss_delete_sec_context(&minor, &actx, NULL);
+    return 0;
+}


More information about the cvs-krb5 mailing list