diff options
-rw-r--r-- | lib/crypto/aes_cmac_128_test.c | 92 | ||||
-rw-r--r-- | lib/crypto/wscript_build | 2 | ||||
-rw-r--r-- | source4/torture/local/local.c | 2 |
3 files changed, 95 insertions, 1 deletions
diff --git a/lib/crypto/aes_cmac_128_test.c b/lib/crypto/aes_cmac_128_test.c new file mode 100644 index 0000000000..173087f064 --- /dev/null +++ b/lib/crypto/aes_cmac_128_test.c @@ -0,0 +1,92 @@ +/* + AES-CMAC-128 tests + Copyright (C) Stefan Metzmacher 2012 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ +#include "replace.h" +#include "../lib/util/samba_util.h" +#include "../lib/crypto/crypto.h" + +struct torture_context; +bool torture_local_crypto_aes_cmac_128(struct torture_context *torture); + +/* + This uses the test values from rfc 4493 +*/ +bool torture_local_crypto_aes_cmac_128(struct torture_context *torture) +{ + bool ret = true; + uint32_t i; + DATA_BLOB key; + struct { + DATA_BLOB data; + DATA_BLOB cmac; + } testarray[5]; + + TALLOC_CTX *tctx = talloc_new(torture); + if (!tctx) { return false; }; + + key = strhex_to_data_blob(tctx, "2b7e151628aed2a6abf7158809cf4f3c"); + + testarray[0].data = data_blob_null; + testarray[0].cmac = strhex_to_data_blob(tctx, + "bb1d6929e95937287fa37d129b756746"); + + testarray[1].data = strhex_to_data_blob(tctx, + "6bc1bee22e409f96e93d7e117393172a"); + testarray[1].cmac = strhex_to_data_blob(tctx, + "070a16b46b4d4144f79bdd9dd04a287c"); + + testarray[2].data = strhex_to_data_blob(tctx, + "6bc1bee22e409f96e93d7e117393172a" + "ae2d8a571e03ac9c9eb76fac45af8e51" + "30c81c46a35ce411"); + testarray[2].cmac = strhex_to_data_blob(tctx, + "dfa66747de9ae63030ca32611497c827"); + + testarray[3].data = strhex_to_data_blob(tctx, + "6bc1bee22e409f96e93d7e117393172a" + "ae2d8a571e03ac9c9eb76fac45af8e51" + "30c81c46a35ce411e5fbc1191a0a52ef" + "f69f2445df4f9b17ad2b417be66c3710"); + testarray[3].cmac = strhex_to_data_blob(tctx, + "51f0bebf7e3b9d92fc49741779363cfe"); + + ZERO_STRUCT(testarray[4]); + + for (i=0; testarray[i].cmac.length != 0; i++) { + struct aes_cmac_128_context ctx; + uint8_t cmac[AES_BLOCK_SIZE]; + int e; + + aes_cmac_128_init(&ctx, key.data); + aes_cmac_128_update(&ctx, + testarray[i].data.data, + testarray[i].data.length); + aes_cmac_128_final(&ctx, cmac); + + e = memcmp(testarray[i].cmac.data, cmac, sizeof(cmac)); + if (e != 0) { + printf("aes_cmac_128 test[%u]: failed\n", i); + dump_data(0, key.data, key.length); + dump_data(0, testarray[i].data.data, testarray[i].data.length); + dump_data(0, testarray[i].cmac.data, testarray[i].cmac.length); + dump_data(0, cmac, sizeof(cmac)); + ret = false; + } + } + talloc_free(tctx); + return ret; +} diff --git a/lib/crypto/wscript_build b/lib/crypto/wscript_build index c4bfefc1fd..f50269879b 100644 --- a/lib/crypto/wscript_build +++ b/lib/crypto/wscript_build @@ -15,7 +15,7 @@ bld.SAMBA_SUBSYSTEM('LIBCRYPTO', ) bld.SAMBA_SUBSYSTEM('TORTURE_LIBCRYPTO', - source='md4test.c md5test.c hmacmd5test.c', + source='md4test.c md5test.c hmacmd5test.c aes_cmac_128_test.c', autoproto='test_proto.h', deps='LIBCRYPTO' ) diff --git a/source4/torture/local/local.c b/source4/torture/local/local.c index b11d3387cb..c0b3305462 100644 --- a/source4/torture/local/local.c +++ b/source4/torture/local/local.c @@ -92,6 +92,8 @@ NTSTATUS torture_local_init(void) torture_local_crypto_md5); torture_suite_add_simple_test(suite, "crypto.hmacmd5", torture_local_crypto_hmacmd5); + torture_suite_add_simple_test(suite, "crypto.aes_cmac_128", + torture_local_crypto_aes_cmac_128); for (i = 0; suite_generators[i]; i++) torture_suite_add_suite(suite, |