1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/crypto/crypto_tests/t_mdcksum.c */
4 * Copyright 1995 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
27 /* Test checksum and checksum compatibility for rsa-md[4,5]-des. */
42 #define MD5_K5BETA_COMPAT
43 #define MD4_K5BETA_COMPAT
46 #define CONFOUNDER_LENGTH RSA_MD4_DES_CONFOUND_LENGTH
47 #define NEW_CHECKSUM_LENGTH NEW_RSA_MD4_DES_CKSUM_LENGTH
48 #define OLD_CHECKSUM_LENGTH OLD_RSA_MD4_DES_CKSUM_LENGTH
49 #define CHECKSUM_TYPE CKSUMTYPE_RSA_MD4_DES
50 #ifdef MD4_K5BETA_COMPAT
51 #define K5BETA_COMPAT 1
52 #else /* MD4_K5BETA_COMPAT */
54 #endif /* MD4_K5BETA_COMPAT */
55 #define CKSUM_FUNCTION krb5_md4_crypto_sum_func
56 #define COMPAT_FUNCTION krb5_md4_crypto_compat_sum_func
57 #define VERIFY_FUNCTION krb5_md4_crypto_verify_func
61 #define CONFOUNDER_LENGTH RSA_MD5_DES_CONFOUND_LENGTH
62 #define NEW_CHECKSUM_LENGTH NEW_RSA_MD5_DES_CKSUM_LENGTH
63 #define OLD_CHECKSUM_LENGTH OLD_RSA_MD5_DES_CKSUM_LENGTH
64 #define CHECKSUM_TYPE CKSUMTYPE_RSA_MD5_DES
65 #ifdef MD5_K5BETA_COMPAT
66 #define K5BETA_COMPAT 1
67 #else /* MD5_K5BETA_COMPAT */
69 #endif /* MD5_K5BETA_COMPAT */
70 #define CKSUM_FUNCTION krb5_md5_crypto_sum_func
71 #define COMPAT_FUNCTION krb5_md5_crypto_compat_sum_func
72 #define VERIFY_FUNCTION krb5_md5_crypto_verify_func
76 print_checksum(text, number, message, checksum)
80 krb5_checksum *checksum;
84 printf("%s MD%d checksum(\"%s\") = ", text, number, message);
85 for (i=0; i<checksum->length; i++)
86 printf("%02x", checksum->contents[i]);
91 * Test the checksum verification of Old Style (tm) and correct RSA-MD[4,5]-DES
100 krb5_context kcontext;
101 krb5_encrypt_block encblock;
102 krb5_keyblock keyblock;
103 krb5_error_code kret;
104 krb5_checksum oldstyle_checksum;
105 krb5_checksum newstyle_checksum;
109 pwd = "test password";
110 pwdata.length = strlen(pwd);
112 krb5_use_enctype(kcontext, &encblock, DEFAULT_KDC_ENCTYPE);
113 if ((kret = mit_des_string_to_key(&encblock, &keyblock, &pwdata, NULL))) {
114 printf("mit_des_string_to_key choked with %d\n", kret);
117 if ((kret = mit_des_process_key(&encblock, &keyblock))) {
118 printf("mit_des_process_key choked with %d\n", kret);
122 oldstyle_checksum.length = OLD_CHECKSUM_LENGTH;
123 if (!(oldstyle_checksum.contents = (krb5_octet *) malloc(OLD_CHECKSUM_LENGTH))) {
124 printf("cannot get memory for old style checksum\n");
127 newstyle_checksum.length = NEW_CHECKSUM_LENGTH;
128 if (!(newstyle_checksum.contents = (krb5_octet *)
129 malloc(NEW_CHECKSUM_LENGTH))) {
130 printf("cannot get memory for new style checksum\n");
133 for (msgindex = 1; msgindex < argc; msgindex++) {
134 if ((kret = CKSUM_FUNCTION(argv[msgindex],
135 strlen(argv[msgindex]),
136 (krb5_pointer) keyblock.contents,
138 &newstyle_checksum))) {
139 printf("krb5_calculate_checksum choked with %d\n", kret);
142 print_checksum("correct", MD, argv[msgindex], &newstyle_checksum);
144 if ((kret = COMPAT_FUNCTION(argv[msgindex],
145 strlen(argv[msgindex]),
146 (krb5_pointer) keyblock.contents,
148 &oldstyle_checksum))) {
149 printf("old style calculate_checksum choked with %d\n", kret);
152 print_checksum("old", MD, argv[msgindex], &oldstyle_checksum);
153 #endif /* K5BETA_COMPAT */
154 if ((kret = VERIFY_FUNCTION(&newstyle_checksum,
156 strlen(argv[msgindex]),
157 (krb5_pointer) keyblock.contents,
159 printf("verify on new checksum choked with %d\n", kret);
162 printf("Verify succeeded for \"%s\"\n", argv[msgindex]);
164 if ((kret = VERIFY_FUNCTION(&oldstyle_checksum,
166 strlen(argv[msgindex]),
167 (krb5_pointer) keyblock.contents,
169 printf("verify on old checksum choked with %d\n", kret);
172 printf("Compatible checksum verify succeeded for \"%s\"\n",
174 #endif /* K5BETA_COMPAT */
175 newstyle_checksum.contents[0]++;
176 if (!(kret = VERIFY_FUNCTION(&newstyle_checksum,
178 strlen(argv[msgindex]),
179 (krb5_pointer) keyblock.contents,
181 printf("verify on new checksum should have choked\n");
184 printf("Verify of bad checksum OK for \"%s\"\n", argv[msgindex]);
186 oldstyle_checksum.contents[0]++;
187 if (!(kret = VERIFY_FUNCTION(&oldstyle_checksum,
189 strlen(argv[msgindex]),
190 (krb5_pointer) keyblock.contents,
192 printf("verify on old checksum should have choked\n");
195 printf("Compatible checksum verify of altered checksum OK for \"%s\"\n",
197 #endif /* K5BETA_COMPAT */
201 printf("%d tests passed successfully for MD%d checksum\n", argc-1, MD);