test_rfc3961: Add HMAC tests

Add some HMAC-SHA1 tests using the test vectors in RFC2202
2018-05-14 13:18:24 +01:00
parent 927185e732
commit ae62cc2341
1 changed files with 165 additions and 0 deletions
--- a/lib/krb5/test_rfc3961.c
+++ b/lib/krb5/test_rfc3961.c
@@ -148,6 +148,169 @@ usage (int ret)
    exit (ret);
 }

+/* SHA1 test vectors from RFC2202 */
+
+struct rfc2202 {
+    char key[80];
+    int keylen;
+    char data[80];
+    int datalen;
+    char digest[20];
+    int digestlen;
+};
+
+static struct rfc2202 rfc2202_vectors[] =
+{
+    {
+	{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+	 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+	 0x0b, 0x0b, 0x0b, 0x0b},
+	20,
+	"Hi There",
+	8,
+	{0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64,
+	 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e,
+	 0xf1, 0x46, 0xbe, 0x00},
+	20
+    },
+    {
+	"Jefe",
+	4,
+	"what do ya want for nothing?",
+	28,
+	{0xef, 0xfc, 0xdf, 0x6a, 0xe5, 0xeb, 0x2f, 0xa2,
+	 0xd2, 0x74, 0x16, 0xd5, 0xf1, 0x84, 0xdf, 0x9c,
+	 0x25, 0x9a, 0x7c, 0x79},
+	20
+    },
+    {
+	{0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa},
+	 20,
+	{0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+	 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+	 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+	 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+	 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+	 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+	 0xdd, 0xdd},
+	50,
+	{0x12, 0x5d, 0x73, 0x42, 0xb9, 0xac, 0x11, 0xcd,
+	 0x91, 0xa3, 0x9a, 0xf4, 0x8a, 0xa1, 0x7b, 0x4f,
+	 0x63, 0xf1, 0x75, 0xd3},
+	20
+    },
+    {
+	{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+	 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
+	 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+	 0x19},
+	25,
+	{0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+	 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+	 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+	 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+	 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+	 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
+	 0xcd, 0xcd},
+	50,
+	{0x4c, 0x90, 0x07, 0xf4, 0x02, 0x62, 0x50, 0xc6,
+	 0xbc, 0x84, 0x14, 0xf9, 0xbf, 0x50, 0xc8, 0x6c,
+	 0x2d, 0x72, 0x35, 0xda},
+	20
+    },
+    {
+	{0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
+	 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
+	 0x0c, 0x0c, 0x0c, 0x0c},
+	20,
+	"Test With Truncation",
+	20,
+	{0x4c, 0x1a, 0x03, 0x42, 0x4b, 0x55, 0xe0, 0x7f,
+	 0xe7, 0xf2, 0x7b, 0xe1, 0xd5, 0x8b, 0xb9, 0x32,
+	 0x4a, 0x9a, 0x5a, 0x04},
+	20
+    },
+    {
+	{0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa},
+	80,
+	"Test Using Larger Than Block-Size Key - Hash Key First",
+	54,
+	{0xaa, 0x4a, 0xe5, 0xe1, 0x52, 0x72, 0xd0, 0x0e,
+	 0x95, 0x70, 0x56, 0x37, 0xce, 0x8a, 0x3b, 0x55,
+	 0xed, 0x40, 0x21, 0x12},
+	20
+    },
+    {
+	{0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+	 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa},
+	80,
+	"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
+	73,
+	{0xe8, 0xe9, 0x9d, 0x0f, 0x45, 0x23, 0x7d, 0x78,
+	 0x6d, 0x6b, 0xba, 0xa7, 0x96, 0x5c, 0x78, 0x08,
+	 0xbb, 0xff, 0x1a, 0x91},
+	20
+    }
+};
+
+/* RFC 2202 test vectors for HMAC-SHA1 */
+static void
+test_rfc2202(krb5_context context)
+{
+    int num_tests;
+    int i;
+
+    num_tests = sizeof(rfc2202_vectors) / sizeof(struct rfc2202);
+
+    printf("Running %d RFC2202 HMAC-MD5 tests\n", num_tests);
+    for (i = 0; i < num_tests; i++) {
+	krb5_keyblock keyblock;
+	Checksum result;
+	char sha1_data[20];
+	int code;
+
+	memset(&keyblock, 0, sizeof(keyblock));
+	memset(&result, 0, sizeof(result));
+
+	keyblock.keyvalue.length = rfc2202_vectors[i].keylen;
+	keyblock.keyvalue.data = &rfc2202_vectors[i].key;
+
+	result.checksum.data = &sha1_data;
+	result.checksum.length = sizeof(sha1_data);
+
+	code = krb5_hmac(context, CKSUMTYPE_SHA1,
+			 &rfc2202_vectors[i].data, rfc2202_vectors[i].datalen,
+			 0, &keyblock, &result);
+
+	if (code != 0)
+	    errx(1, "HMAC-SHA1 failed with %d on test %d", code, i + 1);
+
+	if (memcmp(&sha1_data, rfc2202_vectors[i].digest, sizeof(sha1_data)) !=0)
+	    errx(1, "Digests don't match on test %d", i);
+
+	printf("Test %d okay\n", i + 1);
+    }
+}
+
 int
 main(int argc, char **argv)
 {
@@ -188,6 +351,8 @@ main(int argc, char **argv)
    if (ret)
 	errx (1, "krb5_init_context failed: %d", ret);

+    test_rfc2202(context);
+
    enciter = 1000;
    s2kiter = 100;