MAC_SUBDIRS = crc32 des dk enc_provider hash_provider keyhash_provider \
md4 md5 old raw sha1
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+
STLIBOBJS=\
block_size.o \
checksum_length.o \
clean-unix:: clean-liblinks clean-libs clean-libobjs
-check-unix::
+check-unix:: t_nfold
+ $(RUN_SETUP) ./t_nfold
+
+t_nfold$(EXEEXT): t_nfold.$(OBJEXT) nfold.$(OBJEXT)
+ $(CC_LINK) -o $@ t_nfold.$(OBJEXT) nfold.$(OBJEXT)
+
+clean::
+ $(RM) t_nfold.o t_nfold
all-windows::
cd crc32
AC_PROG_INSTALL
KRB5_RUN_FLAGS
+KRB5_BUILD_PROGRAM
KRB5_BUILD_LIBOBJS
KRB5_BUILD_LIBRARY
f_sched.$(OBJEXT) \
f_tables.$(OBJEXT) \
key_sched.$(OBJEXT) \
- string2key.$(OBEXT) \
+ string2key.$(OBJEXT) \
weak_key.$(OBJEXT)
SRCS= $(srcdir)/afsstring2key.c \
depend:: $(SRCS)
-verify$(EXEEXT): t_verify.$(OBJEXT) $(OBJS)
- $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(OBJS)
+TOBJS = key_sched.$(OBJEXT) f_sched.$(OBJEXT) f_cbc.$(OBJEXT) \
+ f_tables.$(OBJEXT) f_cksum.$(OBJEXT)
-destest$(EXEEXT): destest.$(OBJEXT) $(OBJS)
- $(CC_LINK) -o $@ destest.$(OBJEXT) $(OBJS)
+verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
+ $(COM_ERR_DEPLIB)
+ $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
+ -lcom_err
-check-unix:: destest verify
+destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS)
+ $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS)
+
+check-unix:: verify destest
$(RUN_SETUP) ./verify -z
$(RUN_SETUP) ./verify -m
$(RUN_SETUP) ./verify
void des_cblock_print_file PROTOTYPE((mit_des_cblock, FILE *));
+char zeroblock[8] = {0,0,0,0,0,0,0,0};
+
void
main(argc, argv)
int argc;
fprintf(stderr, "des test: can't process key");
exit(1);
}
- mit_des_ecb_encrypt(&input, &output2, sched, 1);
+ mit_des_cbc_encrypt(&input, &output2, 8, sched, zeroblock, 1);
if (memcmp((char *)output2, (char *)output, 8)) {
fprintf(stderr,
/*
* Now try decrypting....
*/
- mit_des_ecb_encrypt(&output, &output2, sched, 0);
+ mit_des_cbc_encrypt(&output, &output2, 8, sched, zeroblock, 0);
if (memcmp((char *)output2, (char *)input, 8)) {
fprintf(stderr,
* Fake out the DES library, for the purposes of testing.
*/
-#include "des.h"
#include "des_int.h"
int
unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */
unsigned char *input;
-unsigned char *nfold_in[] = {
- "basch",
- "eichin",
- "sommerfeld",
- "MASSACHVSETTS INSTITVTE OF TECHNOLOGY" };
-
-unsigned char nfold_192[4][24] = {
- { 0x1a, 0xab, 0x6b, 0x42, 0x96, 0x4b, 0x98, 0xb2, 0x1f, 0x8c, 0xde, 0x2d,
- 0x24, 0x48, 0xba, 0x34, 0x55, 0xd7, 0x86, 0x2c, 0x97, 0x31, 0x64, 0x3f },
- { 0x65, 0x69, 0x63, 0x68, 0x69, 0x6e, 0x4b, 0x73, 0x2b, 0x4b, 0x1b, 0x43,
- 0xda, 0x1a, 0x5b, 0x99, 0x5a, 0x58, 0xd2, 0xc6, 0xd0, 0xd2, 0xdc, 0xca },
- { 0x2f, 0x7a, 0x98, 0x55, 0x7c, 0x6e, 0xe4, 0xab, 0xad, 0xf4, 0xe7, 0x11,
- 0x92, 0xdd, 0x44, 0x2b, 0xd4, 0xff, 0x53, 0x25, 0xa5, 0xde, 0xf7, 0x5c },
- { 0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60, 0x32, 0x82, 0xb3, 0x08,
- 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54, 0x0c, 0x1b }
-};
-
/* 0x0123456789abcdef */
unsigned char default_key[8] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
mit_des_key_schedule sched;
-void
+int
main(argc,argv)
int argc;
char *argv[];
else
printf("verify: CBC checksum is correct\n\n");
- printf("N-fold\n");
- for (i=0; i<sizeof(nfold_in)/sizeof(char *); i++) {
- printf("\tInput:\t\"%.*s\"\n", strlen(nfold_in[i]), nfold_in[i]);
- printf("\t192-Fold:\t");
- mit_des_n_fold(nfold_in[i], strlen(nfold_in[i]), cipher_text, 24);
- for (j=0; j<24; j++)
- printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]);
- printf("\n");
- if (memcmp(cipher_text, nfold_192[i], 24)) {
- printf("verify: error in n-fold\n");
- exit(-1);
- };
- }
- printf("verify: N-fold is correct\n\n");
-
exit(0);
}
char *out;
{
for (i =1; i<=nflag; i++) {
- mit_des_ecb_encrypt((mit_des_cblock *)in,
+ mit_des_cbc_encrypt((mit_des_cblock *)in,
(mit_des_cblock *)out,
+ 8,
sched,
+ zero_text,
MIT_DES_ENCRYPT);
if (mit_des_debug) {
printf("\nclear %s\n",in);
/* try to invert it */
{
for (i =1; i<=nflag; i++) {
- mit_des_ecb_encrypt((mit_des_cblock *)out,
+ mit_des_cbc_encrypt((mit_des_cblock *)out,
(mit_des_cblock *)in,
+ 8,
sched,
+ zero_text,
MIT_DES_DECRYPT);
if (mit_des_debug) {
printf("clear %s\n",in);
* Fake out the DES library, for the purposes of testing.
*/
-#include "des.h"
-
int
mit_des_is_weak_key(key)
mit_des_cblock key;
depend:: $(SRCS)
+t_cksum4.o: t_cksum.c
+ $(CC) -DMD=4 $(CFLAGS) -o t_cksum4.o -c t_cksum.c
+
+t_cksum5.o: t_cksum.c
+ $(CC) -DMD=5 $(CFLAGS) -o t_cksum5.o -c t_cksum.c
+
+t_cksum4: t_cksum4.o $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o t_cksum4 t_cksum4.o $(KRB5_BASE_LIBS)
+
+t_cksum5: t_cksum5.o $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o t_cksum5 t_cksum5.o $(KRB5_BASE_LIBS)
+
+check-unix:: t_cksum4 t_cksum5
+ $(RUN_SETUP) $(C)t_cksum4 "this is a test"
+ $(RUN_SETUP) $(C)t_cksum5 "this is a test"
+
+clean-unix::
+ $(RM) t_cksum4 t_cksum4.o
+ $(RM) t_cksum5 t_cksum5.o
+
clean-unix:: clean-libobjs
--- /dev/null
+/*
+ * lib/crypto/md5/t_cksum.c
+ *
+ * Copyright 1995 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+/*
+ * t_cksum.c - Test checksum and checksum compatability for rsa-md[4,5]-des
+ */
+
+#include "k5-int.h"
+
+#define MD5_K5BETA_COMPAT
+#define MD4_K5BETA_COMPAT
+
+#if MD == 4
+extern struct krb5_keyhash_provider krb5_keyhash_md4des;
+#define khp krb5_keyhash_md4des
+#endif
+
+#if MD == 5
+extern struct krb5_keyhash_provider krb5_keyhash_md5des;
+#define khp krb5_keyhash_md5des
+#endif
+
+static void
+print_checksum(text, number, message, checksum)
+ char *text;
+ int number;
+ char *message;
+ krb5_data *checksum;
+{
+ int i;
+
+ printf("%s MD%d checksum(\"%s\") = ", text, number, message);
+ for (i=0; i<checksum->length; i++)
+ printf("%02x", (unsigned char) checksum->data[i]);
+ printf("\n");
+}
+
+/*
+ * Test the checksum verification of Old Style (tm) and correct RSA-MD[4,5]-DES
+ * checksums.
+ */
+
+krb5_octet testkey[8] = { 0x45, 0x01, 0x49, 0x61, 0x58, 0x19, 0x1a, 0x3d };
+
+int
+main(argc, argv)
+ int argc;
+ char **argv;
+{
+ int msgindex;
+ krb5_boolean valid;
+ size_t length;
+ krb5_context kcontext;
+ krb5_keyblock keyblock;
+ krb5_error_code kret;
+ krb5_data plaintext, newstyle_checksum;
+
+ /* this is a terrible seed, but that's ok for the test. */
+
+ plaintext.length = 8;
+ plaintext.data = testkey;
+
+ krb5_c_random_seed(/* XXX */ 0, &plaintext);
+
+ keyblock.enctype = ENCTYPE_DES_CBC_CRC;
+ keyblock.length = sizeof(testkey);
+ keyblock.contents = testkey;
+
+ (*(khp.hash_size))(&length);
+
+ newstyle_checksum.length = length;
+
+ if (!(newstyle_checksum.data = (krb5_octet *)
+ malloc(newstyle_checksum.length))) {
+ printf("cannot get memory for new style checksum\n");
+ return(ENOMEM);
+ }
+ for (msgindex = 1; msgindex < argc; msgindex++) {
+ plaintext.length = strlen(argv[msgindex]);
+ plaintext.data = argv[msgindex];
+
+ if ((kret = (*(khp.hash))(&keyblock, 0, &plaintext, &newstyle_checksum))) {
+ printf("krb5_calculate_checksum choked with %d\n", kret);
+ break;
+ }
+ print_checksum("correct", MD, argv[msgindex], &newstyle_checksum);
+
+ if ((kret = (*(khp.verify))(&keyblock, 0, &plaintext, &newstyle_checksum,
+ &valid))) {
+ printf("verify on new checksum choked with %d\n", kret);
+ break;
+ }
+ if (!valid) {
+ printf("verify on new checksum failed\n");
+ break;
+ }
+ printf("Verify succeeded for \"%s\"\n", argv[msgindex]);
+
+ newstyle_checksum.data[0]++;
+ if ((kret = (*(khp.verify))(&keyblock, 0, &plaintext, &newstyle_checksum,
+ &valid))) {
+ printf("verify on new checksum choked with %d\n", kret);
+ break;
+ }
+ if (valid) {
+ printf("verify on new checksum succeeded, but shouldn't have\n");
+ break;
+ }
+ printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]);
+ kret = 0;
+ }
+ if (!kret)
+ printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD);
+ return(kret);
+}
depend:: $(SRCS)
+t_mddriver.c: $(srcdir)/../md5/t_mddriver.c
+ $(CP) $(srcdir)/../md5/t_mddriver.c t_mddriver.c
+
+t_mddriver.o: t_mddriver.c
+ $(CC) -DMD=4 $(CFLAGS) -c t_mddriver.c
+
+t_mddriver: t_mddriver.o md4.o
+ $(CC) $(CFLAGS) -o t_mddriver t_mddriver.o md4.o
+
+t_mddriver.exe:
+ $(CP) $(srcdir)\..\md5\t_mddriver.c t_mddriver.c
+ $(CC) -DMD=4 $(CFLAGS2) -o t_mddriver t_mddriver.c md4.c
+ $(RM) md4.obj
+
+check-unix:: t_mddriver
+ $(RUN_SETUP) $(C)t_mddriver -x
+
+check-windows:: t_mddriver$(EXEEXT)
+ $(C)t_mddriver$(EXEEXT) -x
+
+clean::
+ $(RM) t_mddriver$(EXEEXT) t_mddriver.$(OBJEXT) t_mddriver.c
+
clean-unix:: clean-libobjs
depend:: $(SRCS)
+t_mddriver: t_mddriver.o md5.o
+ $(CC) $(CFLAGS) $(LDFLAGS) -o t_mddriver t_mddriver.o md5.o
+
+t_mddriver.exe:
+ $(CC) $(CFLAGS2) -o t_mddriver.exe t_mddriver.c md5.c
+
+check-unix:: t_mddriver
+ $(RUN_SETUP) $(C)t_mddriver -x
+
+check-windows:: t_mddriver$(EXEEXT)
+ $(C)t_mddriver$(EXEEXT) -x
+
+clean::
+ $(RM) t_mddriver$(EXEEXT) t_mddriver.$(OBJEXT)
+
clean-unix:: clean-libobjs
+++ /dev/null
-/*
- * lib/crypto/md5/t_cksum.c
- *
- * Copyright 1995 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- */
-
-/*
- * t_cksum.c - Test checksum and checksum compatability for rsa-md[4,5]-des
- */
-
-#ifndef MD
-#define MD 5
-#endif /* MD */
-
-#include "k5-int.h"
-#if MD == 4
-#include "rsa-md4.h"
-#endif /* MD == 4 */
-#if MD == 5
-#include "rsa-md5.h"
-#endif /* MD == 5 */
-#include "des_int.h"
-
-#define MD5_K5BETA_COMPAT
-#define MD4_K5BETA_COMPAT
-
-#if MD == 4
-#define CONFOUNDER_LENGTH RSA_MD4_DES_CONFOUND_LENGTH
-#define NEW_CHECKSUM_LENGTH NEW_RSA_MD4_DES_CKSUM_LENGTH
-#define OLD_CHECKSUM_LENGTH OLD_RSA_MD4_DES_CKSUM_LENGTH
-#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD4_DES
-#ifdef MD4_K5BETA_COMPAT
-#define K5BETA_COMPAT 1
-#else /* MD4_K5BETA_COMPAT */
-#undef K5BETA_COMPAT
-#endif /* MD4_K5BETA_COMPAT */
-#define CKSUM_FUNCTION krb5_md4_crypto_sum_func
-#define COMPAT_FUNCTION krb5_md4_crypto_compat_sum_func
-#define VERIFY_FUNCTION krb5_md4_crypto_verify_func
-#endif /* MD == 4 */
-
-#if MD == 5
-#define CONFOUNDER_LENGTH RSA_MD5_DES_CONFOUND_LENGTH
-#define NEW_CHECKSUM_LENGTH NEW_RSA_MD5_DES_CKSUM_LENGTH
-#define OLD_CHECKSUM_LENGTH OLD_RSA_MD5_DES_CKSUM_LENGTH
-#define CHECKSUM_TYPE CKSUMTYPE_RSA_MD5_DES
-#ifdef MD5_K5BETA_COMPAT
-#define K5BETA_COMPAT 1
-#else /* MD5_K5BETA_COMPAT */
-#undef K5BETA_COMPAT
-#endif /* MD5_K5BETA_COMPAT */
-#define CKSUM_FUNCTION krb5_md5_crypto_sum_func
-#define COMPAT_FUNCTION krb5_md5_crypto_compat_sum_func
-#define VERIFY_FUNCTION krb5_md5_crypto_verify_func
-#endif /* MD == 5 */
-
-static void
-print_checksum(text, number, message, checksum)
- char *text;
- int number;
- char *message;
- krb5_checksum *checksum;
-{
- int i;
-
- printf("%s MD%d checksum(\"%s\") = ", text, number, message);
- for (i=0; i<checksum->length; i++)
- printf("%02x", checksum->contents[i]);
- printf("\n");
-}
-
-/*
- * Test the checksum verification of Old Style (tm) and correct RSA-MD[4,5]-DES
- * checksums.
- */
-int
-main(argc, argv)
- int argc;
- char **argv;
-{
- int msgindex;
- krb5_context kcontext;
- krb5_encrypt_block encblock;
- krb5_keyblock keyblock;
- krb5_error_code kret;
- krb5_checksum oldstyle_checksum;
- krb5_checksum newstyle_checksum;
- krb5_data pwdata;
- char *pwd;
-
- pwd = "test password";
- pwdata.length = strlen(pwd);
- pwdata.data = pwd;
- krb5_use_enctype(kcontext, &encblock, DEFAULT_KDC_ENCTYPE);
- if ((kret = mit_des_string_to_key(&encblock, &keyblock, &pwdata, NULL))) {
- printf("mit_des_string_to_key choked with %d\n", kret);
- return(kret);
- }
- if ((kret = mit_des_process_key(&encblock, &keyblock))) {
- printf("mit_des_process_key choked with %d\n", kret);
- return(kret);
- }
-
- oldstyle_checksum.length = OLD_CHECKSUM_LENGTH;
- if (!(oldstyle_checksum.contents = (krb5_octet *) malloc(OLD_CHECKSUM_LENGTH))) {
- printf("cannot get memory for old style checksum\n");
- return(ENOMEM);
- }
- newstyle_checksum.length = NEW_CHECKSUM_LENGTH;
- if (!(newstyle_checksum.contents = (krb5_octet *)
- malloc(NEW_CHECKSUM_LENGTH))) {
- printf("cannot get memory for new style checksum\n");
- return(ENOMEM);
- }
- for (msgindex = 1; msgindex < argc; msgindex++) {
- if ((kret = CKSUM_FUNCTION(argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length,
- &newstyle_checksum))) {
- printf("krb5_calculate_checksum choked with %d\n", kret);
- break;
- }
- print_checksum("correct", MD, argv[msgindex], &newstyle_checksum);
-#ifdef K5BETA_COMPAT
- if ((kret = COMPAT_FUNCTION(argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length,
- &oldstyle_checksum))) {
- printf("old style calculate_checksum choked with %d\n", kret);
- break;
- }
- print_checksum("old", MD, argv[msgindex], &oldstyle_checksum);
-#endif /* K5BETA_COMPAT */
- if ((kret = VERIFY_FUNCTION(&newstyle_checksum,
- argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length))) {
- printf("verify on new checksum choked with %d\n", kret);
- break;
- }
- printf("Verify succeeded for \"%s\"\n", argv[msgindex]);
-#ifdef K5BETA_COMPAT
- if ((kret = VERIFY_FUNCTION(&oldstyle_checksum,
- argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length))) {
- printf("verify on old checksum choked with %d\n", kret);
- break;
- }
- printf("Compatible checksum verify succeeded for \"%s\"\n",
- argv[msgindex]);
-#endif /* K5BETA_COMPAT */
- newstyle_checksum.contents[0]++;
- if (!(kret = VERIFY_FUNCTION(&newstyle_checksum,
- argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length))) {
- printf("verify on new checksum should have choked\n");
- break;
- }
- printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]);
-#ifdef K5BETA_COMPAT
- oldstyle_checksum.contents[0]++;
- if (!(kret = VERIFY_FUNCTION(&oldstyle_checksum,
- argv[msgindex],
- strlen(argv[msgindex]),
- (krb5_pointer) keyblock.contents,
- keyblock.length))) {
- printf("verify on old checksum should have choked\n");
- break;
- }
- printf("Compatible checksum verify of altered checksum OK for \"%s\"\n",
- argv[msgindex]);
-#endif /* K5BETA_COMPAT */
- kret = 0;
- }
- if (!kret)
- printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD);
- return(kret);
-}
--- /dev/null
+/* MDDRIVER.C - test driver for MD2, MD4 and MD5
+ */
+
+/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
+rights reserved.
+
+RSA Data Security, Inc. makes no representations concerning either
+the merchantability of this software or the suitability of this
+software for any particular purpose. It is provided "as is"
+without express or implied warranty of any kind.
+
+These notices must be retained in any copies of any part of this
+documentation and/or software.
+ */
+
+/* The following makes MD default to MD5 if it has not already been
+ defined with C compiler flags.
+ */
+#ifndef MD
+#define MD 5
+#endif
+
+#include "k5-int.h"
+
+#if MD == 2
+#include "md2.h"
+#endif
+#if MD == 4
+#include "rsa-md4.h"
+#endif
+#if MD == 5
+#include "rsa-md5.h"
+#endif
+
+/* Length of test block, number of test blocks.
+ */
+#define TEST_BLOCK_LEN 1000
+#define TEST_BLOCK_COUNT 1000
+
+static void MDString PROTOTYPE ((char *));
+static void MDTimeTrial PROTOTYPE ((void));
+static void MDTestSuite PROTOTYPE ((void));
+static void MDFile PROTOTYPE ((char *));
+static void MDFilter PROTOTYPE ((void));
+static void MDPrint PROTOTYPE ((unsigned char [16]));
+
+struct md_test_entry {
+ char *string;
+ unsigned char digest[16];
+};
+
+#if MD == 2
+#define MD_CTX krb5_MD2_CTX
+#define MDInit krb5_MD2Init
+#define MDUpdate krb5_MD2Update
+#define MDFinal krb5_MD2Final
+#endif
+
+#if MD == 4
+#define MD_CTX krb5_MD4_CTX
+#define MDInit krb5_MD4Init
+#define MDUpdate krb5_MD4Update
+#define MDFinal krb5_MD4Final
+
+#define HAVE_TEST_SUITE
+/* Test suite from RFC 1320 */
+
+struct md_test_entry md_test_suite[] = {
+ { "",
+ 0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31,
+ 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0 },
+ { "a",
+ 0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46,
+ 0x24, 0x5e, 0x05, 0xfb, 0xdb, 0xd6, 0xfb, 0x24 },
+ { "abc",
+ 0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52,
+ 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d },
+ { "message digest",
+ 0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8,
+ 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b },
+ { "abcdefghijklmnopqrstuvwxyz",
+ 0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd,
+ 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9 },
+ { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ 0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35,
+ 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4 },
+ { "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ 0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19,
+ 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36 },
+ { 0, 0 }
+};
+
+#endif
+
+#if MD == 5
+#define MD_CTX krb5_MD5_CTX
+#define MDInit krb5_MD5Init
+#define MDUpdate krb5_MD5Update
+#define MDFinal krb5_MD5Final
+
+#define HAVE_TEST_SUITE
+/* Test suite from RFC 1321 */
+
+struct md_test_entry md_test_suite[] = {
+ { "",
+ 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04,
+ 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e },
+ { "a",
+ 0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8,
+ 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 },
+ { "abc",
+ 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0,
+ 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 },
+ { "message digest",
+ 0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d,
+ 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 },
+ { "abcdefghijklmnopqrstuvwxyz",
+ 0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00,
+ 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b },
+ { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ 0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5,
+ 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f },
+ { "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ 0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55,
+ 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a },
+ { 0, 0 }
+};
+
+#endif
+
+/* Main driver.
+
+Arguments (may be any combination):
+ -sstring - digests string
+ -t - runs time trial
+ -x - runs test script
+ filename - digests file
+ (none) - digests standard input
+ */
+int main (argc, argv)
+int argc;
+char *argv[];
+{
+ int i;
+
+ if (argc > 1)
+ for (i = 1; i < argc; i++)
+ if (argv[i][0] == '-' && argv[i][1] == 's')
+ MDString (argv[i] + 2);
+ else if (strcmp (argv[i], "-t") == 0)
+ MDTimeTrial ();
+ else if (strcmp (argv[i], "-x") == 0)
+ MDTestSuite ();
+ else
+ MDFile (argv[i]);
+ else
+ MDFilter ();
+
+ return (0);
+}
+
+/* Digests a string and prints the result.
+ */
+static void MDString (string)
+char *string;
+{
+ MD_CTX context;
+ unsigned int len = strlen (string);
+
+ MDInit (&context);
+ MDUpdate (&context, (unsigned char *) string, len);
+ MDFinal (&context);
+
+ printf ("MD%d (\"%s\") = ", MD, string);
+ MDPrint (context.digest);
+ printf ("\n");
+}
+
+/* Measures the time to digest TEST_BLOCK_COUNT TEST_BLOCK_LEN-byte
+ blocks.
+ */
+static void MDTimeTrial ()
+{
+ MD_CTX context;
+ time_t endTime, startTime;
+ unsigned char block[TEST_BLOCK_LEN];
+ unsigned int i;
+
+ printf("MD%d time trial. Digesting %d %d-byte blocks ...", MD,
+ TEST_BLOCK_LEN, TEST_BLOCK_COUNT);
+
+ /* Initialize block */
+ for (i = 0; i < TEST_BLOCK_LEN; i++)
+ block[i] = (unsigned char)(i & 0xff);
+
+ /* Start timer */
+ time (&startTime);
+
+ /* Digest blocks */
+ MDInit (&context);
+ for (i = 0; i < TEST_BLOCK_COUNT; i++)
+ MDUpdate (&context, block, TEST_BLOCK_LEN);
+ MDFinal (&context);
+
+ /* Stop timer */
+ time (&endTime);
+
+ printf (" done\n");
+ printf ("Digest = ");
+ MDPrint (context.digest);
+ printf ("\nTime = %ld seconds\n", (long)(endTime-startTime));
+ printf
+ ("Speed = %ld bytes/second\n",
+ (long)TEST_BLOCK_LEN * (long)TEST_BLOCK_COUNT/(endTime-startTime));
+}
+
+/* Digests a reference suite of strings and prints the results.
+ */
+static void MDTestSuite ()
+{
+#ifdef HAVE_TEST_SUITE
+ MD_CTX context;
+ struct md_test_entry *entry;
+ int i, num_tests = 0, num_failed = 0;
+
+ printf ("MD%d test suite:\n\n", MD);
+ for (entry = md_test_suite; entry->string; entry++) {
+ unsigned int len = strlen (entry->string);
+
+ MDInit (&context);
+ MDUpdate (&context, (unsigned char *) entry->string, len);
+ MDFinal (&context);
+
+ printf ("MD%d (\"%s\") = ", MD, entry->string);
+ MDPrint (context.digest);
+ printf ("\n");
+ for (i=0; i < 16; i++) {
+ if (context.digest[i] != entry->digest[i]) {
+ printf("\tIncorrect MD%d digest! Should have been:\n\t\t ",
+ MD);
+ MDPrint(entry->digest);
+ printf("\n");
+ num_failed++;
+ }
+ }
+ num_tests++;
+ }
+ if (num_failed) {
+ printf("%d out of %d tests failed for MD%d!!!\n", num_failed,
+ num_tests, MD);
+ exit(1);
+ } else {
+ printf ("%d tests passed successfully for MD%d.\n", num_tests, MD);
+ exit(0);
+ }
+#else
+
+ printf ("MD%d test suite:\n", MD);
+ MDString ("");
+ MDString ("a");
+ MDString ("abc");
+ MDString ("message digest");
+ MDString ("abcdefghijklmnopqrstuvwxyz");
+ MDString
+ ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
+ MDString
+ ("12345678901234567890123456789012345678901234567890123456789012345678901234567890");
+#endif
+}
+
+/* Digests a file and prints the result. */
+
+static void MDFile (filename)
+ char *filename;
+{
+ FILE *file;
+ MD_CTX context;
+ int len;
+ unsigned char buffer[1024];
+
+ if ((file = fopen (filename, "rb")) == NULL)
+ printf ("%s can't be opened\n", filename);
+ else {
+ MDInit (&context);
+ while (len = fread (buffer, 1, 1024, file))
+ MDUpdate (&context, buffer, len);
+ MDFinal (&context);
+
+ fclose (file);
+
+ printf ("MD%d (%s) = ", MD, filename);
+ MDPrint (context.digest);
+ printf ("\n");
+ }
+}
+
+/* Digests the standard input and prints the result.
+ */
+static void MDFilter ()
+{
+ MD_CTX context;
+ int len;
+ unsigned char buffer[16];
+
+ MDInit (&context);
+ while (len = fread (buffer, 1, 16, stdin))
+ MDUpdate (&context, buffer, len);
+ MDFinal (&context);
+
+ MDPrint (context.digest);
+ printf ("\n");
+}
+
+/* Prints a message digest in hexadecimal.
+ */
+static void MDPrint (digest)
+unsigned char digest[16];
+{
+ unsigned int i;
+
+ for (i = 0; i < 16; i++)
+ printf ("%02x", digest[i]);
+}
depend:: $(SRCS)
+t_shs: t_shs.o shs.o
+ $(CC) $(CFLAGS) $(LDFLAGS) -o t_shs t_shs.o shs.o
+
+t_shs.exe:
+ $(CC) $(CFLAGS2) -o t_shs.exe t_shs.c shs.c
+
+check-unix:: t_shs
+ $(C)t_shs -x
+
+check-windows:: t_shs$(EXEEXT)
+ $(C)t_shs$(EXEEXT) -x
+
+clean::
+ $(RM) t_shs$(EXEEXT) t_shs.$(OBJEXT)
+
clean-unix:: clean-libobjs
--- /dev/null
+/****************************************************************************
+* *
+* SHS Test Code *
+* *
+****************************************************************************/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include "shs.h"
+
+/* Test the SHS implementation */
+
+#ifdef NEW_SHS
+
+static LONG shsTestResults[][ 5 ] = {
+ { 0xA9993E36L, 0x4706816AL, 0xBA3E2571L, 0x7850C26CL, 0x9CD0D89DL, },
+ { 0x84983E44L, 0x1C3BD26EL, 0xBAAE4AA1L, 0xF95129E5L, 0xE54670F1L, },
+ { 0x34AA973CL, 0xD4C4DAA4L, 0xF61EEB2BL, 0xDBAD2731L, 0x6534016FL, }
+ };
+
+#else
+
+static LONG shsTestResults[][ 5 ] = {
+ { 0x0164B8A9L, 0x14CD2A5EL, 0x74C4F7FFL, 0x082C4D97L, 0xF1EDF880L },
+ { 0xD2516EE1L, 0xACFA5BAFL, 0x33DFC1C4L, 0x71E43844L, 0x9EF134C8L },
+ { 0x3232AFFAL, 0x48628A26L, 0x653B5AAAL, 0x44541FD9L, 0x0D690603L }
+ };
+#endif /* NEW_SHS */
+
+static int compareSHSresults(shsInfo, shsTestLevel)
+SHS_INFO *shsInfo;
+int shsTestLevel;
+{
+ int i, fail = 0;
+
+ /* Compare the returned digest and required values */
+ for( i = 0; i < 5; i++ )
+ if( shsInfo->digest[ i ] != shsTestResults[ shsTestLevel ][ i ] )
+ fail = 1;
+ if (fail) {
+ printf("\nExpected: ");
+ for (i = 0; i < 5; i++) {
+ printf("%8.8lx ", shsTestResults[shsTestLevel][i]);
+ }
+ printf("\nGot: ");
+ for (i = 0; i < 5; i++) {
+ printf("%8.8lx ", shsInfo->digest[i]);
+ }
+ printf("\n");
+ return( -1 );
+ }
+ return( 0 );
+}
+
+main()
+{
+ SHS_INFO shsInfo;
+ unsigned int i;
+ time_t secondCount;
+ BYTE data[ 200 ];
+
+ /* Make sure we've got the endianness set right. If the machine is
+ big-endian (up to 64 bits) the following value will be signed,
+ otherwise it will be unsigned. Unfortunately we can't test for odd
+ things like middle-endianness without knowing the size of the data
+ types */
+
+ /* Test SHS against values given in SHS standards document */
+ printf( "Running SHS test 1 ... " );
+ shsInit( &shsInfo );
+ shsUpdate( &shsInfo, ( BYTE * ) "abc", 3 );
+ shsFinal( &shsInfo );
+ if( compareSHSresults( &shsInfo, 0 ) == -1 )
+ {
+ putchar( '\n' );
+ puts( "SHS test 1 failed" );
+ exit( -1 );
+ }
+#ifdef NEW_SHS
+ puts( "passed, result= A9993E364706816ABA3E25717850C26C9CD0D89D" );
+#else
+ puts( "passed, result= 0164B8A914CD2A5E74C4F7FF082C4D97F1EDF880" );
+#endif /* NEW_SHS */
+
+ printf( "Running SHS test 2 ... " );
+ shsInit( &shsInfo );
+ shsUpdate( &shsInfo, ( BYTE * ) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56 );
+ shsFinal( &shsInfo );
+ if( compareSHSresults( &shsInfo, 1 ) == -1 )
+ {
+ putchar( '\n' );
+ puts( "SHS test 2 failed" );
+ exit( -1 );
+ }
+#ifdef NEW_SHS
+ puts( "passed, result= 84983E441C3BD26EBAAE4AA1F95129E5E54670F1" );
+#else
+ puts( "passed, result= D2516EE1ACFA5BAF33DFC1C471E438449EF134C8" );
+#endif /* NEW_SHS */
+
+ printf( "Running SHS test 3 ... " );
+ shsInit( &shsInfo );
+ for( i = 0; i < 15625; i++ )
+ shsUpdate( &shsInfo, ( BYTE * ) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 64 );
+ shsFinal( &shsInfo );
+ if( compareSHSresults( &shsInfo, 2 ) == -1 )
+ {
+ putchar( '\n' );
+ puts( "SHS test 3 failed" );
+ exit( -1 );
+ }
+#ifdef NEW_SHS
+ puts( "passed, result= 34AA973CD4C4DAA4F61EEB2BDBAD27316534016F" );
+#else
+ puts( "passed, result= 3232AFFA48628A26653B5AAA44541FD90D690603" );
+#endif /* NEW_SHS */
+
+#if 0
+ printf( "\nTesting speed for 100MB data... " );
+ shsInit( &shsInfo );
+ secondCount = time( NULL );
+ for( i = 0; i < 500000U; i++ )
+ shsUpdate( &shsInfo, data, 200 );
+ secondCount = time( NULL ) - secondCount;
+ printf( "done. Time = %ld seconds, %ld kbytes/second.\n", \
+ secondCount, 100500L / secondCount );
+#endif
+
+ puts( "\nAll SHS tests passed" );
+ exit( 0 );
+}
--- /dev/null
+/*
+ * lib/crypto/t_nfold.c
+ *
+ * Copyright 1988, 1990 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * Program to test the correctness of nfold implementation.
+ *
+ * exit returns 0 ==> success
+ * -1 ==> error
+ */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "k5-int.h"
+
+unsigned char *nfold_in[] = {
+ "basch",
+ "eichin",
+ "sommerfeld",
+ "MASSACHVSETTS INSTITVTE OF TECHNOLOGY" };
+
+unsigned char nfold_192[4][24] = {
+ { 0x1a, 0xab, 0x6b, 0x42, 0x96, 0x4b, 0x98, 0xb2, 0x1f, 0x8c, 0xde, 0x2d,
+ 0x24, 0x48, 0xba, 0x34, 0x55, 0xd7, 0x86, 0x2c, 0x97, 0x31, 0x64, 0x3f },
+ { 0x65, 0x69, 0x63, 0x68, 0x69, 0x6e, 0x4b, 0x73, 0x2b, 0x4b, 0x1b, 0x43,
+ 0xda, 0x1a, 0x5b, 0x99, 0x5a, 0x58, 0xd2, 0xc6, 0xd0, 0xd2, 0xdc, 0xca },
+ { 0x2f, 0x7a, 0x98, 0x55, 0x7c, 0x6e, 0xe4, 0xab, 0xad, 0xf4, 0xe7, 0x11,
+ 0x92, 0xdd, 0x44, 0x2b, 0xd4, 0xff, 0x53, 0x25, 0xa5, 0xde, 0xf7, 0x5c },
+ { 0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60, 0x32, 0x82, 0xb3, 0x08,
+ 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54, 0x0c, 0x1b }
+};
+
+int
+main(argc, argv)
+ int argc;
+ char *argv[];
+{
+ unsigned char cipher_text[64];
+ int i, j;
+
+ printf("N-fold\n");
+ for (i=0; i<sizeof(nfold_in)/sizeof(char *); i++) {
+ printf("\tInput:\t\"%.*s\"\n", strlen(nfold_in[i]), nfold_in[i]);
+ printf("\t192-Fold:\t");
+ krb5_nfold(strlen(nfold_in[i])*8, nfold_in[i], 24*8, cipher_text);
+ for (j=0; j<24; j++)
+ printf("%s%02x", (j&3) ? "" : " ", cipher_text[j]);
+ printf("\n");
+ if (memcmp(cipher_text, nfold_192[i], 24)) {
+ printf("verify: error in n-fold\n");
+ exit(-1);
+ };
+ }
+ printf("verify: N-fold is correct\n\n");
+
+ exit(0);
+}
projects / thirdparty / krb5.git / commitdiff
