xref: /openbsd-src/regress/lib/libradius/test25.c (revision f6aab3d83b51b91c24247ad2c2573574de475a82) 
1 #include "incs.h"
2 
3 /*
4  * MS-MPPE-{Send,Recv}-Key attribute
5  */
6 
7 void test25(void)
8 {
9 	uint8_t ra[] = {
10 		0x67, 0x8a, 0xe6, 0xed, 0x69, 0x6e, 0x1b, 0xd1, 0x0a, 0xe2, 0xfe, 0xa1, 0x05, 0xd4, 0x6a, 0x56,
11 	};
12 	uint8_t encrypted[] = {
13 		0x80, 0x36,
14 		0xf4, 0xab, 0xbe, 0x21, 0x17, 0xfb, 0x3e, 0x4a, 0x78, 0x74, 0xdc, 0xe9, 0x1c, 0x5b, 0x04, 0x49,
15 		0x8e, 0xc7, 0x72, 0x0f, 0x16, 0x86, 0x88, 0x56, 0x2d, 0xbc, 0x88, 0xe2, 0x1c, 0xab, 0x62, 0x71,
16 	};
17 	uint8_t plainkey[] = {
18 		0xfc, 0x6e, 0xa4, 0x18, 0x37, 0x3d, 0x8e, 0x90, 0xc1, 0x36, 0xfa, 0xe3, 0x73, 0x5e, 0x37, 0xd1,
19 	};
20 	uint8_t plainkey2[] = {
21 		0x86, 0xfe, 0x22, 0x0e, 0x76, 0x24, 0xba, 0x2a, 0x10, 0x05, 0xf6, 0xbf, 0x9b, 0x55, 0xe0, 0xb2,
22 	};
23 
24 	uint8_t plain[256];
25 	size_t plen;
26 	uint8_t cipher[256];
27 	size_t clen;
28 	RADIUS_PACKET *packet, *response;
29 
30 	plen = sizeof(plain);
31 	CHECK(radius_decrypt_mppe_key_attr(plain, &plen, encrypted, sizeof(encrypted), ra, "hogehogefugafuga") == 0);
32 	CHECK(plen == 16);
33 	CHECK(memcmp(plain, plainkey, 16) == 0);
34 
35 	clen = sizeof(cipher);
36 	CHECK(radius_encrypt_mppe_key_attr(cipher, &clen, plainkey, 16, ra, "hogehogefugafuga") == 0);
37 	CHECK(clen == 34);
38 	memset(plain, 0, sizeof(plain));
39 	plen = sizeof(plain);
40 	CHECK(radius_decrypt_mppe_key_attr(plain, &plen, cipher, clen, ra, "hogehogefugafuga") == 0);
41 	CHECK(plen == 16);
42 	CHECK(memcmp(plain, plainkey, 16) == 0);
43 
44 	clen = 33;
45 	CHECK(radius_encrypt_mppe_key_attr(cipher, &clen, plainkey, 16, ra, "hogehogefugafuga") != 0);
46 	plen = 15;
47 	CHECK(radius_decrypt_mppe_key_attr(plain, &plen, cipher, 34, ra, "hogehogefugafuga") != 0);
48 	plen = 16;
49 	CHECK(radius_decrypt_mppe_key_attr(plain, &plen, cipher, 33, ra, "hogehogefugafuga") != 0);
50 
51 	packet = radius_new_request_packet(RADIUS_CODE_ACCESS_REQUEST);
52 
53 	CHECK(radius_put_mppe_send_key_attr(packet, plainkey, sizeof(plainkey), "sharedsecret") == 0);
54 	clen = sizeof(cipher);
55 	CHECK(radius_get_vs_raw_attr(packet, RADIUS_VENDOR_MICROSOFT, RADIUS_VTYPE_MPPE_SEND_KEY, cipher, &clen) == 0);
56 	CHECK(clen == 34);
57 	plen = sizeof(plain);
58 	CHECK(radius_decrypt_mppe_key_attr(plain, &plen, cipher, clen, radius_get_authenticator_retval(packet), "sharedsecret") == 0);
59 	CHECK(plen == 16);
60 	CHECK(memcmp(plain, plainkey, plen) == 0);
61 	memset(plain, 0, sizeof(plain));
62 	plen = sizeof(plain);
63 	CHECK(radius_get_mppe_send_key_attr(packet, plain, &plen, "sharedsecret") == 0);
64 	CHECK(plen == 16);
65 	CHECK(memcmp(plain, plainkey, plen) == 0);
66 
67 	response = radius_new_response_packet(RADIUS_CODE_ACCESS_ACCEPT, packet);
68 
69 	CHECK(radius_put_mppe_recv_key_attr(response, plainkey2, sizeof(plainkey2), "sharedsecret") == 0);
70 	clen = sizeof(cipher);
71 	CHECK(radius_get_vs_raw_attr(response, RADIUS_VENDOR_MICROSOFT, RADIUS_VTYPE_MPPE_RECV_KEY, cipher, &clen) == 0);
72 	CHECK(clen == 34);
73 	plen = sizeof(plain);
74 	CHECK(radius_decrypt_mppe_key_attr(plain, &plen, cipher, clen, radius_get_authenticator_retval(packet), "sharedsecret") == 0);
75 	CHECK(plen == 16);
76 	CHECK(memcmp(plain, plainkey2, plen) == 0);
77 	memset(plain, 0, sizeof(plain));
78 	plen = sizeof(plain);
79 	CHECK(radius_get_mppe_recv_key_attr(response, plain, &plen, "sharedsecret") == 0);
80 	CHECK(plen == 16);
81 	CHECK(memcmp(plain, plainkey2, plen) == 0);
82 }
83 
84 ADD_TEST(test25)
85