1 /* $NetBSD: validate.c,v 1.2 2017/01/28 21:31:47 christos Exp $ */
2
3 /*
4 * Copyright (c) 2010 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #include <config.h>
37 #include <krb5/roken.h>
38
39 #include <evp.h>
40 #include <hmac.h>
41 #include <err.h>
42
43 struct tests {
44 const EVP_CIPHER *(*cipher)(void);
45 const char *name;
46 void *key;
47 size_t keysize;
48 void *iv;
49 size_t datasize;
50 void *indata;
51 void *outdata;
52 void *outiv;
53 };
54
55 static struct tests hc_tests[] = {
56 {
57 EVP_aes_256_cbc,
58 "aes-256",
59 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
60 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
61 32,
62 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
63 16,
64 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
65 "\xdc\x95\xc0\x78\xa2\x40\x89\x89\xad\x48\xa2\x14\x92\x84\x20\x87",
66 NULL
67 },
68 #if 0
69 {
70 EVP_aes_128_cfb8,
71 "aes-cfb8-128",
72 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
73 16,
74 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
75 16,
76 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
77 "\x66\xe9\x4b\xd4\xef\x8a\x2c\x3b\x88\x4c\xfa\x59\xca\x34\x2b\x2e"
78 },
79 #endif
80 {
81 EVP_des_ede3_cbc,
82 "des-ede3",
83 "\x19\x17\xff\xe6\xbb\x77\x2e\xfc"
84 "\x29\x76\x43\xbc\x63\x56\x7e\x9a"
85 "\x00\x2e\x4d\x43\x1d\x5f\xfd\x58",
86 24,
87 "\xbf\x9a\x12\xb7\x26\x69\xfd\x05",
88 16,
89 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
90 "\x55\x95\x97\x76\xa9\x6c\x66\x40\x64\xc7\xf4\x1c\x21\xb7\x14\x1b",
91 NULL
92 },
93 #if 0
94 {
95 EVP_camellia_128_cbc,
96 "camellia128",
97 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
98 16,
99 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
100 16,
101 "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
102 "\x07\x92\x3A\x39\xEB\x0A\x81\x7D\x1C\x4D\x87\xBD\xB8\x2D\x1F\x1C",
103 NULL
104 },
105 #endif
106 {
107 EVP_rc4,
108 "rc4 8",
109 "\x01\x23\x45\x67\x89\xAB\xCD\xEF",
110 8,
111 NULL,
112 8,
113 "\x00\x00\x00\x00\x00\x00\x00\x00",
114 "\x74\x94\xC2\xE7\x10\x4B\x08\x79",
115 NULL
116 },
117 {
118 EVP_rc4,
119 "rc4 5",
120 "\x61\x8a\x63\xd2\xfb",
121 5,
122 NULL,
123 5,
124 "\xdc\xee\x4c\xf9\x2c",
125 "\xf1\x38\x29\xc9\xde",
126 NULL
127 },
128 {
129 EVP_rc4,
130 "rc4 309",
131 "\x29\x04\x19\x72\xfb\x42\xba\x5f\xc7\x12\x77\x12\xf1\x38\x29\xc9",
132 16,
133 NULL,
134 309,
135 "\x52\x75\x69\x73\x6c\x69\x6e\x6e"
136 "\x75\x6e\x20\x6c\x61\x75\x6c\x75"
137 "\x20\x6b\x6f\x72\x76\x69\x73\x73"
138 "\x73\x61\x6e\x69\x2c\x20\x74\xe4"
139 "\x68\x6b\xe4\x70\xe4\x69\x64\x65"
140 "\x6e\x20\x70\xe4\xe4\x6c\x6c\xe4"
141 "\x20\x74\xe4\x79\x73\x69\x6b\x75"
142 "\x75\x2e\x20\x4b\x65\x73\xe4\x79"
143 "\xf6\x6e\x20\x6f\x6e\x20\x6f\x6e"
144 "\x6e\x69\x20\x6f\x6d\x61\x6e\x61"
145 "\x6e\x69\x2c\x20\x6b\x61\x73\x6b"
146 "\x69\x73\x61\x76\x75\x75\x6e\x20"
147 "\x6c\x61\x61\x6b\x73\x6f\x74\x20"
148 "\x76\x65\x72\x68\x6f\x75\x75\x2e"
149 "\x20\x45\x6e\x20\x6d\x61\x20\x69"
150 "\x6c\x6f\x69\x74\x73\x65\x2c\x20"
151 "\x73\x75\x72\x65\x20\x68\x75\x6f"
152 "\x6b\x61\x61\x2c\x20\x6d\x75\x74"
153 "\x74\x61\x20\x6d\x65\x74\x73\xe4"
154 "\x6e\x20\x74\x75\x6d\x6d\x75\x75"
155 "\x73\x20\x6d\x75\x6c\x6c\x65\x20"
156 "\x74\x75\x6f\x6b\x61\x61\x2e\x20"
157 "\x50\x75\x75\x6e\x74\x6f\x20\x70"
158 "\x69\x6c\x76\x65\x6e\x2c\x20\x6d"
159 "\x69\x20\x68\x75\x6b\x6b\x75\x75"
160 "\x2c\x20\x73\x69\x69\x6e\x74\x6f"
161 "\x20\x76\x61\x72\x61\x6e\x20\x74"
162 "\x75\x75\x6c\x69\x73\x65\x6e\x2c"
163 "\x20\x6d\x69\x20\x6e\x75\x6b\x6b"
164 "\x75\x75\x2e\x20\x54\x75\x6f\x6b"
165 "\x73\x75\x74\x20\x76\x61\x6e\x61"
166 "\x6d\x6f\x6e\x20\x6a\x61\x20\x76"
167 "\x61\x72\x6a\x6f\x74\x20\x76\x65"
168 "\x65\x6e\x2c\x20\x6e\x69\x69\x73"
169 "\x74\xe4\x20\x73\x79\x64\xe4\x6d"
170 "\x65\x6e\x69\x20\x6c\x61\x75\x6c"
171 "\x75\x6e\x20\x74\x65\x65\x6e\x2e"
172 "\x20\x2d\x20\x45\x69\x6e\x6f\x20"
173 "\x4c\x65\x69\x6e\x6f",
174 "\x35\x81\x86\x99\x90\x01\xe6\xb5"
175 "\xda\xf0\x5e\xce\xeb\x7e\xee\x21"
176 "\xe0\x68\x9c\x1f\x00\xee\xa8\x1f"
177 "\x7d\xd2\xca\xae\xe1\xd2\x76\x3e"
178 "\x68\xaf\x0e\xad\x33\xd6\x6c\x26"
179 "\x8b\xc9\x46\xc4\x84\xfb\xe9\x4c"
180 "\x5f\x5e\x0b\x86\xa5\x92\x79\xe4"
181 "\xf8\x24\xe7\xa6\x40\xbd\x22\x32"
182 "\x10\xb0\xa6\x11\x60\xb7\xbc\xe9"
183 "\x86\xea\x65\x68\x80\x03\x59\x6b"
184 "\x63\x0a\x6b\x90\xf8\xe0\xca\xf6"
185 "\x91\x2a\x98\xeb\x87\x21\x76\xe8"
186 "\x3c\x20\x2c\xaa\x64\x16\x6d\x2c"
187 "\xce\x57\xff\x1b\xca\x57\xb2\x13"
188 "\xf0\xed\x1a\xa7\x2f\xb8\xea\x52"
189 "\xb0\xbe\x01\xcd\x1e\x41\x28\x67"
190 "\x72\x0b\x32\x6e\xb3\x89\xd0\x11"
191 "\xbd\x70\xd8\xaf\x03\x5f\xb0\xd8"
192 "\x58\x9d\xbc\xe3\xc6\x66\xf5\xea"
193 "\x8d\x4c\x79\x54\xc5\x0c\x3f\x34"
194 "\x0b\x04\x67\xf8\x1b\x42\x59\x61"
195 "\xc1\x18\x43\x07\x4d\xf6\x20\xf2"
196 "\x08\x40\x4b\x39\x4c\xf9\xd3\x7f"
197 "\xf5\x4b\x5f\x1a\xd8\xf6\xea\x7d"
198 "\xa3\xc5\x61\xdf\xa7\x28\x1f\x96"
199 "\x44\x63\xd2\xcc\x35\xa4\xd1\xb0"
200 "\x34\x90\xde\xc5\x1b\x07\x11\xfb"
201 "\xd6\xf5\x5f\x79\x23\x4d\x5b\x7c"
202 "\x76\x66\x22\xa6\x6d\xe9\x2b\xe9"
203 "\x96\x46\x1d\x5e\x4d\xc8\x78\xef"
204 "\x9b\xca\x03\x05\x21\xe8\x35\x1e"
205 "\x4b\xae\xd2\xfd\x04\xf9\x46\x73"
206 "\x68\xc4\xad\x6a\xc1\x86\xd0\x82"
207 "\x45\xb2\x63\xa2\x66\x6d\x1f\x6c"
208 "\x54\x20\xf1\x59\x9d\xfd\x9f\x43"
209 "\x89\x21\xc2\xf5\xa4\x63\x93\x8c"
210 "\xe0\x98\x22\x65\xee\xf7\x01\x79"
211 "\xbc\x55\x3f\x33\x9e\xb1\xa4\xc1"
212 "\xaf\x5f\x6a\x54\x7f",
213 NULL
214 }
215 };
216
217 static int
test_cipher(struct tests * t)218 test_cipher(struct tests *t)
219 {
220 const EVP_CIPHER *c = t->cipher();
221 EVP_CIPHER_CTX ectx;
222 EVP_CIPHER_CTX dctx;
223 void *d;
224
225 EVP_CIPHER_CTX_init(&ectx);
226 EVP_CIPHER_CTX_init(&dctx);
227
228 if (EVP_CipherInit_ex(&ectx, c, NULL, NULL, NULL, 1) != 1)
229 errx(1, "%s: EVP_CipherInit_ex einit", t->name);
230 if (EVP_CipherInit_ex(&dctx, c, NULL, NULL, NULL, 0) != 1)
231 errx(1, "%s: EVP_CipherInit_ex dinit", t->name);
232
233 EVP_CIPHER_CTX_set_key_length(&ectx, t->keysize);
234 EVP_CIPHER_CTX_set_key_length(&dctx, t->keysize);
235
236 if (EVP_CipherInit_ex(&ectx, NULL, NULL, t->key, t->iv, 1) != 1)
237 errx(1, "%s: EVP_CipherInit_ex encrypt", t->name);
238 if (EVP_CipherInit_ex(&dctx, NULL, NULL, t->key, t->iv, 0) != 1)
239 errx(1, "%s: EVP_CipherInit_ex decrypt", t->name);
240
241 d = emalloc(t->datasize);
242
243 if (!EVP_Cipher(&ectx, d, t->indata, t->datasize))
244 return 1;
245
246 if (memcmp(d, t->outdata, t->datasize) != 0)
247 errx(1, "%s: encrypt not the same", t->name);
248
249 if (!EVP_Cipher(&dctx, d, d, t->datasize))
250 return 1;
251
252 if (memcmp(d, t->indata, t->datasize) != 0)
253 errx(1, "%s: decrypt not the same", t->name);
254
255 #if 0
256 if (t->outiv)
257 /* XXXX check */;
258 #endif
259
260 EVP_CIPHER_CTX_cleanup(&ectx);
261 EVP_CIPHER_CTX_cleanup(&dctx);
262 free(d);
263
264 return 0;
265 }
266
267 static void
check_hmac(void)268 check_hmac(void)
269 {
270 unsigned char buf[4] = { 0, 0, 0, 0 };
271 char hmackey[] = "hello-world";
272 size_t hmackey_size = sizeof(hmackey);
273 unsigned int hmaclen;
274 unsigned char hmac[EVP_MAX_MD_SIZE];
275 HMAC_CTX c;
276
277 char answer[20] = "\x2c\xfa\x32\xb7\x2b\x8a\xf6\xdf\xcf\xda"
278 "\x6f\xd1\x52\x4d\x54\x58\x73\x0f\xf3\x24";
279
280 HMAC_CTX_init(&c);
281 HMAC_Init_ex(&c, hmackey, hmackey_size, EVP_sha1(), NULL);
282 HMAC_Update(&c, buf, sizeof(buf));
283 HMAC_Final(&c, hmac, &hmaclen);
284 HMAC_CTX_cleanup(&c);
285
286 if (hmaclen != 20)
287 errx(1, "hmaclen = %d\n", (int)hmaclen);
288
289 if (ct_memcmp(hmac, answer, hmaclen) != 0)
290 errx(1, "wrong answer\n");
291 }
292
293 void
hcrypto_validate(void)294 hcrypto_validate(void)
295 {
296 static int validated = 0;
297 unsigned int i;
298
299 /* its ok to run this twice, do don't check for races */
300 if (validated)
301 return;
302 validated++;
303
304 for (i = 0; i < sizeof(hc_tests) / sizeof(hc_tests[0]); i++)
305 test_cipher(&hc_tests[i]);
306
307 check_hmac();
308 }
309