From commits-return-16345-apmail-directory-commits-archive=directory.apache.org@directory.apache.org Sat Nov 24 03:45:55 2007 Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 1649 invoked from network); 24 Nov 2007 03:45:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 24 Nov 2007 03:45:54 -0000 Received: (qmail 15379 invoked by uid 500); 24 Nov 2007 03:45:42 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 15333 invoked by uid 500); 24 Nov 2007 03:45:42 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 15322 invoked by uid 99); 24 Nov 2007 03:45:42 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Nov 2007 19:45:42 -0800 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 24 Nov 2007 03:45:51 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id CDB461A9832; Fri, 23 Nov 2007 19:45:29 -0800 (PST) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r597792 - in /directory/apacheds/branches/bigbang/kerberos-shared/src: main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ Date: Sat, 24 Nov 2007 03:45:29 -0000 To: commits@directory.apache.org From: erodriguez@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20071124034529.CDB461A9832@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: erodriguez Date: Fri Nov 23 19:45:27 2007 New Revision: 597792 URL: http://svn.apache.org/viewvc?rev=597792&view=rev Log: Corrected padding algorithm error in DES encryption types (DIRSERVER-1100): o Corrected padding algorithm error in DesCbcCrcEncryption. o Also corrected padding algorithm error in DesCbcMd5Encryption, however algorithm error had no effect. o Added new test cases for above encryption types. Added: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java (with props) directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java (with props) Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java?rev=597792&r1=597791&r2=597792&view=diff ============================================================================== --- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java (original) +++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java Fri Nov 23 19:45:27 2007 @@ -123,10 +123,9 @@ // build the ciphertext structure byte[] conFounder = getRandomBytes( getConfounderLength() ); byte[] zeroedChecksum = new byte[getChecksumLength()]; - byte[] paddedPlainText = padString( plainText ); - byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) ); - byte[] checksumBytes = calculateIntegrity( dataBytes, null, usage ); + byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, plainText ) ); byte[] paddedDataBytes = padString( dataBytes ); + byte[] checksumBytes = calculateIntegrity( paddedDataBytes, null, usage ); // lay the checksum into the ciphertext for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ ) Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java?rev=597792&r1=597791&r2=597792&view=diff ============================================================================== --- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java (original) +++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java Fri Nov 23 19:45:27 2007 @@ -115,10 +115,9 @@ // build the ciphertext structure byte[] conFounder = getRandomBytes( getConfounderLength() ); byte[] zeroedChecksum = new byte[getChecksumLength()]; - byte[] paddedPlainText = padString( plainText ); - byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) ); - byte[] checksumBytes = calculateIntegrity( dataBytes, null, usage ); + byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, plainText ) ); byte[] paddedDataBytes = padString( dataBytes ); + byte[] checksumBytes = calculateIntegrity( paddedDataBytes, null, usage ); // lay the checksum into the ciphertext for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ ) Added: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java?rev=597792&view=auto ============================================================================== --- directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java (added) +++ directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java Fri Nov 23 19:45:27 2007 @@ -0,0 +1,124 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.directory.server.kerberos.shared.crypto.encryption; + + +import javax.security.auth.kerberos.KerberosKey; +import javax.security.auth.kerberos.KerberosPrincipal; + +import junit.framework.TestCase; + +import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData; +import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey; + + +/** + * Test case for the DES-CBC-CRC encryption type. + * + * @author Apache Directory Project + * @version $Rev$, $Date$ + */ +public class DesCbcCrcEncryptionTest extends TestCase +{ + private static final char[] PASSWORD = "password".toCharArray(); + + + /** + * Test successful encryption and decryption when the plaintext size is less than the block size. + * + * @throws Exception + */ + public void testPlainTextSizeLessThanBlockSize() throws Exception + { + KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" ); + byte[] keyBytes = key.getEncoded(); + EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_CRC, keyBytes ); + + byte[] plainText = + { 1, 2, 3, 4, 5, 6, 7 }; + + DesCbcCrcEncryption encryption = new DesCbcCrcEncryption(); + EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null ); + + byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null ); + + assertTrue( beginsWith( plainText, recoveredText ) ); + } + + + /** + * Test successful encryption and decryption when the plaintext size equals the block size. + * + * @throws Exception + */ + public void testPlainTextSizeEqualsBlockSize() throws Exception + { + KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" ); + byte[] keyBytes = key.getEncoded(); + EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_CRC, keyBytes ); + + byte[] plainText = + { 1, 2, 3, 4, 5, 6, 7, 8 }; + + DesCbcCrcEncryption encryption = new DesCbcCrcEncryption(); + EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null ); + + byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null ); + + assertTrue( beginsWith( plainText, recoveredText ) ); + } + + + /** + * Test successful encryption and decryption when the plaintext size is greater than the block size. + * + * @throws Exception + */ + public void testPlainTextSizeGreaterThanBlockSize() throws Exception + { + KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" ); + byte[] keyBytes = key.getEncoded(); + EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_CRC, keyBytes ); + + byte[] plainText = + { 1, 2, 3, 4, 5, 6, 7, 8, 9 }; + + DesCbcCrcEncryption encryption = new DesCbcCrcEncryption(); + EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null ); + + byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null ); + + assertTrue( beginsWith( plainText, recoveredText ) ); + } + + + private boolean beginsWith( byte[] plainText, byte[] recoveredText ) + { + for ( int i = 0; i < plainText.length; i++ ) + { + if ( plainText[i] != recoveredText[i] ) + { + return false; + } + } + + return true; + } +} Propchange: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java ------------------------------------------------------------------------------ svn:eol-style = native Added: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java?rev=597792&view=auto ============================================================================== --- directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java (added) +++ directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java Fri Nov 23 19:45:27 2007 @@ -0,0 +1,124 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.directory.server.kerberos.shared.crypto.encryption; + + +import javax.security.auth.kerberos.KerberosKey; +import javax.security.auth.kerberos.KerberosPrincipal; + +import junit.framework.TestCase; + +import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData; +import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey; + + +/** + * Test case for the DES-CBC-MD5 encryption type. + * + * @author Apache Directory Project + * @version $Rev$, $Date$ + */ +public class DesCbcMd5EncryptionTest extends TestCase +{ + private static final char[] PASSWORD = "password".toCharArray(); + + + /** + * Test successful encryption and decryption when the plaintext size is less than the block size. + * + * @throws Exception + */ + public void testPlainTextSizeLessThanBlockSize() throws Exception + { + KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" ); + byte[] keyBytes = key.getEncoded(); + EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes ); + + byte[] plainText = + { 1, 2, 3, 4, 5, 6, 7 }; + + DesCbcMd5Encryption encryption = new DesCbcMd5Encryption(); + EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null ); + + byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null ); + + assertTrue( beginsWith( plainText, recoveredText ) ); + } + + + /** + * Test successful encryption and decryption when the plaintext size equals the block size. + * + * @throws Exception + */ + public void testPlainTextSizeEqualsBlockSize() throws Exception + { + KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" ); + byte[] keyBytes = key.getEncoded(); + EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes ); + + byte[] plainText = + { 1, 2, 3, 4, 5, 6, 7, 8 }; + + DesCbcMd5Encryption encryption = new DesCbcMd5Encryption(); + EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null ); + + byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null ); + + assertTrue( beginsWith( plainText, recoveredText ) ); + } + + + /** + * Test successful encryption and decryption when the plaintext size is greater than the block size. + * + * @throws Exception + */ + public void testPlainTextSizeGreaterThanBlockSize() throws Exception + { + KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" ); + byte[] keyBytes = key.getEncoded(); + EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes ); + + byte[] plainText = + { 1, 2, 3, 4, 5, 6, 7, 8, 9 }; + + DesCbcMd5Encryption encryption = new DesCbcMd5Encryption(); + EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null ); + + byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null ); + + assertTrue( beginsWith( plainText, recoveredText ) ); + } + + + private boolean beginsWith( byte[] plainText, byte[] recoveredText ) + { + for ( int i = 0; i < plainText.length; i++ ) + { + if ( plainText[i] != recoveredText[i] ) + { + return false; + } + } + + return true; + } +} Propchange: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java ------------------------------------------------------------------------------ svn:eol-style = native