t_afss2k.c   [plain text]

#include "des_int.h"

static const char *me;

struct test_case {
	char *saltstr;
	int saltlen;
	unsigned char keys[12][8];
};

struct test_case test_cases[] = {
	{
		"Sodium Chloride", -1,
		{
			{ 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, },
			{ 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, },
			{ 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, },
			{ 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, },
			{ 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, },
			{ 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, },
			{ 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, },
			{ 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, },
			{ 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, },
			{ 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, },
			{ 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, },
			{ 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, },
		}
	},
	{
		"NaCl", 4,
		{
			{ 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
			{ 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
			{ 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
			{ 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
			{ 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
			{ 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
			{ 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
			{ 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
			{ 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
			{ 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
			{ 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
			{ 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
		}
	},
	{
		/* This one intentionally supplies a length shorter
		   than the string.  The point of this is to ensure
		   that s[len] is not zero, so that anything actually
		   relying on that value (i.e., reading out of bounds)
		   should generate incorrect results.  */
		"NaCl2", 4,
		{
			{ 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
			{ 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
			{ 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
			{ 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
			{ 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
			{ 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
			{ 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
			{ 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
			{ 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
			{ 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
			{ 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
			{ 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
		}
	},
};

static void do_it (struct test_case *tcase);

int
main (int argc, char *argv[])
{
	int i;

	me = argv[0];
	for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++)
		do_it (&test_cases[i]);
	return 0;
}

static void
do_it (struct test_case *tcase)
{
	unsigned char keydata[8];
	krb5_data salt, passwd;
	krb5_keyblock key;
	krb5_error_code err;
	int i;
	unsigned char longpass[2048];

	key.contents = keydata;
	key.length = sizeof (keydata);

	salt.data = tcase->saltstr;
	if (tcase->saltlen == -1)
		salt.length = strlen (tcase->saltstr);
	else
		salt.length = tcase->saltlen;

	/*
	 * Try passwords with lengths equal to, greater than, and less
	 * than 8 characters, since the AFS s2k algorithm does
	 * interesting stuff depending on the length.
	 */
	passwd.data = "My Password";
	for (i = 0; i < 12; i++) {
		passwd.length = i;
		err = mit_afs_string_to_key (&key, &passwd, &salt);
		if (err != 0) {
			com_err (me, err, "");
			exit (1);
		}
		if (memcmp (tcase->keys[i], keydata, 8) != 0)
			abort ();
	}

	/* Run another pass to make sure the characters after the
	   password in the buffer aren't influencing the output.  The
	   password is *not* required to be null-terminated.  */
	memset (longpass, '!', sizeof (longpass));
	longpass[sizeof (longpass)-1] = '\0';
	memcpy (longpass, "My Password", strlen ("My Password"));
	passwd.data = (char *) longpass;
	for (i = 0; i < 12; i++) {
		passwd.length = i;
		err = mit_afs_string_to_key (&key, &passwd, &salt);
		if (err != 0) {
			com_err (me, err, "");
			exit (1);
		}
		if (memcmp (tcase->keys[i], keydata, 8) != 0)
			abort ();
	}
}