directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dran...@apache.org
Subject directory-kerberos git commit: Finished and passed all the tests
Date Fri, 16 Jan 2015 01:38:40 GMT
Repository: directory-kerberos
Updated Branches:
  refs/heads/fixdes 33cde4047 -> 83e1e0f08


Finished and passed all the tests


Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/83e1e0f0
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/83e1e0f0
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/83e1e0f0

Branch: refs/heads/fixdes
Commit: 83e1e0f088bf9510476c06beb1eba029046ecd03
Parents: 33cde40
Author: Drankye <drankye@gmail.com>
Authored: Fri Jan 16 09:37:03 2015 +0800
Committer: Drankye <drankye@gmail.com>
Committed: Fri Jan 16 09:37:03 2015 +0800

----------------------------------------------------------------------
 .../org/apache/kerberos/kerb/crypto/Des.java    |  17 +-
 .../kerberos/kerb/crypto/key/DesKeyMaker.java   |   4 +-
 .../kerberos/kerb/crypto/DecryptionTest.java    |   6 -
 .../kerberos/kerb/crypto/DesKeyMakerTest.java   |   2 +-
 .../kerberos/kerb/crypto/String2keyTest.java    | 907 +++++++++++--------
 5 files changed, 534 insertions(+), 402 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/83e1e0f0/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
index d3abce1..c94814f 100644
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
+++ b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
@@ -57,15 +57,20 @@ public class Des {
     };
 
     public static boolean isWeakKey(byte[] key, int offset, int len) {
+        boolean match;
         for (byte[] weakKey : WEAK_KEYS) {
-            if (weakKey.length != len)
-                return false;
-
-            for (int i = 0; i < len; i++) {
-                if (weakKey[i] != key[i]) {
-                    return false;
+            match = true;
+            if (weakKey.length == len) {
+                for (int i = 0; i < len; i++) {
+                    if (weakKey[i] != key[i]) {
+                        match = false;
+                        break;
+                    }
                 }
             }
+            if (match) {
+                return true;
+            }
         }
         return false;
     }

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/83e1e0f0/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
index 5feab96..cc91fb7 100644
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
+++ b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
@@ -83,6 +83,8 @@ public class DesKeyMaker extends AbstractKeyMaker {
         byte[] intermediateKey = intermediateKey(fanFoldedKey);
 
         byte[] key = desEncryptedKey(intermediateKey, paddedBytes);
+        keyCorrection(key);
+
         return key;
     }
 
@@ -103,7 +105,7 @@ public class DesKeyMaker extends AbstractKeyMaker {
         for (int i = 0; i < blocksOfbytes8; ++i) {
             System.arraycopy(paddedBytes, 8 * i, bits56, 0, 8);
             removeMSBits(bits56);
-            if (odd) {
+            if (!odd) {
                 reverse(bits56);
             }
             odd = !odd;

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/83e1e0f0/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java
b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java
index bbabaea..76e60c5 100644
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java
+++ b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java
@@ -73,12 +73,6 @@ public class DecryptionTest {
      * Perform all the checks for a testcase
      */
     private void performTestDecrypt(TestCase testCase) {
-
-        /**
-         * As DES_* related encryption types are still on-going so they're
-         * currently marked as not implemented yet. Will allow the following
-         * check when they're finished.
-         */
         //assertTrue(EncryptionHandler.isImplemented(testCase.encType));
         if (! EncryptionHandler.isImplemented(testCase.encType)) {
             System.err.println("Not implemented yet: " + testCase.encType.getDisplayName());

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/83e1e0f0/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
index 3027e6c..cfc0032 100644
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
+++ b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
@@ -38,7 +38,7 @@ public class DesKeyMakerTest {
         Assert.assertArrayEquals("PasswdSalt bytes", expectedValue, value);
 
         expectedValue = HexUtil.hex2bytes(tc.fanFoldedKey);
-        value = DesKeyMaker.fanFold(tc.salt, tc.passwd, null);
+        value = DesKeyMaker.fanFold(tc.passwd, tc.salt, null);
         Assert.assertArrayEquals("FanFold result", expectedValue, value);
 
         expectedValue = HexUtil.hex2bytes(tc.intermediateKey);

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/83e1e0f0/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java
b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java
index 0445ed2..f28b2d4 100644
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java
+++ b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java
@@ -6,27 +6,30 @@
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
- *  
+ *
  *    http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License. 
- *  
+ *
  */
 package org.apache.kerberos.kerb.crypto;
 
 import org.apache.kerberos.kerb.spec.common.EncryptionKey;
 import org.apache.kerberos.kerb.spec.common.EncryptionType;
 import org.haox.util.HexUtil;
-import org.junit.Assert;
 import org.junit.Test;
 
+import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
 
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
 /**
  * Based on MIT krb5 t_str2key.c
  *
@@ -36,16 +39,16 @@ public class String2keyTest {
 
     static class TestCase {
         EncryptionType encType;
-        String string;
+        String password;
         String salt;
         String param;
         String answer;
         boolean allowWeak;
 
-        TestCase(EncryptionType encType, String string, String salt, String param,
+        TestCase(EncryptionType encType, String password, String salt, String param,
                  String answer, boolean allowWeak) {
             this.encType = encType;
-            this.string = string;
+            this.password = password;
             this.salt = salt;
             this.param = param;
             this.answer = answer;
@@ -53,398 +56,526 @@ public class String2keyTest {
         }
     }
 
-    static TestCase[] testCases = new TestCase[] {
-            // Test vectors from RFC 3961 appendix A.2.
-            new TestCase(
-                    EncryptionType.DES_CBC_CRC,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00",
-                    "CBC22FAE235298E3",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES_CBC_CRC,
-                    "potatoe",
-                    "WHITEHOUSE.GOVdanny",
-                    "00",
-                    "DF3D32A74FD92A01",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES_CBC_CRC,
-                    "F09D849E",
-                    "EXAMPLE.COMpianist",
-                    "00",
-                    "4FFB26BAB0CD9413",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES_CBC_CRC,
-                    "C39F",
-                    "ATHENA.MIT.EDUJuriC5A169C487",
-                    "00",
-                    "62C81A5232B5E69D",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES_CBC_CRC,
-                    "11119999",
-                    "AAAAAAAA",
-                    "00",
-                    "984054d0f1a73e31",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES_CBC_CRC,
-                    "NNNN6666",
-                    "FFFFAAAA",
-                    "00",
-                    "C4BF6B25ADF7A4F8",
-                    false)
-            ,
-
-            // Test vectors from RFC 3961 appendix A.4.
-            new TestCase(
-                    EncryptionType.DES3_CBC_SHA1,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    null,
-                    "850BB51358548CD05E86768C" +
-                            "313E3BFEF7511937DCF72C3E",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES3_CBC_SHA1,
-                    "potatoe",
-                    "WHITEHOUSE.GOVdanny",
-                    null,
-                    "DFCD233DD0A43204EA6DC437" +
-                            "FB15E061B02979C1F74F377A",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES3_CBC_SHA1,
-                    "penny",
-                    "EXAMPLE.COMbuckaroo",
-                    null,
-                    "6D2FCDF2D6FBBC3DDCADB5DA" +
-                            "5710A23489B0D3B69D5D9D4A",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES3_CBC_SHA1,
-                    "C39F",
-                    "ATHENA.MIT.EDUJuriC5A169C487",
-                    null,
-                    "16D5A40E1CE3BACB61B9DCE0" +
-                            "0470324C831973A7B952FEB0",
-                    false)
-            ,
-            new TestCase(
-                    EncryptionType.DES3_CBC_SHA1,
-                    "F09D849E",
-                    "EXAMPLE.COMpianist",
-                    null,
-                    "85763726585DBC1CCE6EC43E" +
-                            "1F751F07F1C4CBB098F40B19",
-                    false)
-            ,
-
-            // Test vectors from RFC 3962 appendix B.
-            new TestCase(
-                    EncryptionType.AES128_CTS_HMAC_SHA1_96,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00000001",
-                    "42263C6E89F4FC28B8DF68EE09799F15",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.AES256_CTS_HMAC_SHA1_96,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00000001",
-                    "FE697B52BC0D3CE14432BA036A92E65B" +
-                            "BB52280990A2FA27883998D72AF30161",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.AES128_CTS_HMAC_SHA1_96,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00000002",
-                    "C651BF29E2300AC27FA469D693BDDA13",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.AES256_CTS_HMAC_SHA1_96,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00000002",
-                    "A2E16D16B36069C135D5E9D2E25F8961" +
-                            "02685618B95914B467C67622225824FF",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.AES128_CTS_HMAC_SHA1_96,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "000004B0", // 1200
-                    "4C01CD46D632D01E6DBE230A01ED642A",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.AES256_CTS_HMAC_SHA1_96,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "000004B0", // 1200
-                    "55A6AC740AD17B4846941051E1E8B0A7" +
-                            "548D93B0AB30A8BC3FF16280382B8C2A",
-                    true)
-            ,
-            new TestCase (
-                    EncryptionType.AES128_CTS_HMAC_SHA1_96,
-                    "password",
-                    "1234567878563412",
-                    "00000005",
-                    "E9B23D52273747DD5C35CB55BE619D8E",
-                    true)
-            ,
-            new TestCase (
-                    EncryptionType.AES256_CTS_HMAC_SHA1_96,
-                    "password",
-                    "1234567878563412",
-                    "00000005",
-                    "97A4E786BE20D81A382D5EBC96D5909C" +
-                            "ABCDADC87CA48F574504159F16C36E31",
-                    true)
-            ,
-            new TestCase (
-                    EncryptionType.AES128_CTS_HMAC_SHA1_96,
-                    "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                    "pass phrase equals block size",
-                    "000004B0", // 1200
-                    "59D1BB789A828B1AA54EF9C2883F69ED",
-                    true)
-            ,
-            new TestCase (
-                    EncryptionType.AES256_CTS_HMAC_SHA1_96,
-                    "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                    "pass phrase equals block size",
-                    "000004B0", // 1200
-                    "89ADEE3608DB8BC71F1BFBFE459486B0" +
-                            "5618B70CBAE22092534E56C553BA4B34",
-                    true)
-            ,
-            new TestCase (
-                    EncryptionType.AES128_CTS_HMAC_SHA1_96,
-                    "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                    "pass phrase exceeds block size",
-                    "000004B0", // 1200
-                    "CB8005DC5F90179A7F02104C0018751D",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.AES256_CTS_HMAC_SHA1_96,
-                    "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                    "pass phrase exceeds block size",
-                    "000004B0", // 1200
-                    "D78C5C9CB872A8C9DAD4697F0BB5B2D2" +
-                            "1496C82BEB2CAEDA2112FCEEA057401B",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.AES128_CTS_HMAC_SHA1_96,
-                    "F09D849E",
-                    "EXAMPLE.COMpianist",
-                    "00000032", // 50
-                    "F149C1F2E154A73452D43E7FE62A56E5",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.AES256_CTS_HMAC_SHA1_96,
-                    "F09D849E",
-                    "EXAMPLE.COMpianist",
-                    "00000032", // 50
-                    "4B6D9839F84406DF1F09CC166DB4B83C" +
-                            "571848B784A3D6BDC346589A3E393F9E",
-                    true)
-            ,
-            // Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are forbidden
-            new TestCase(
-                    EncryptionType.AES256_CTS_HMAC_SHA1_96,
-                    "F09D849E",
-                    "EXAMPLE.COMpianist",
-                    "00000032", // 50
-                    "4B6D9839F84406DF1F09CC166DB4B83C" +
-                            "571848B784A3D6BDC346589A3E393F9E",
-                    false)
-            ,
-
-            // The same inputs applied to Camellia enctypes.
-            new TestCase(
-                    EncryptionType.CAMELLIA128_CTS_CMAC,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00000001",
-                    "57D0297298FFD9D35DE5A47FB4BDE24B",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA256_CTS_CMAC,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00000001",
-                    "B9D6828B2056B7BE656D88A123B1FAC6" +
-                            "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA128_CTS_CMAC,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00000002",
-                    "73F1B53AA0F310F93B1DE8CCAA0CB152",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA256_CTS_CMAC,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "00000002",
-                    "83FC5866E5F8F4C6F38663C65C87549F" +
-                            "342BC47ED394DC9D3CD4D163ADE375E3",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA128_CTS_CMAC,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "000004B0", // 1200
-                    "8E571145452855575FD916E7B04487AA",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA256_CTS_CMAC,
-                    "password",
-                    "ATHENA.MIT.EDUraeburn",
-                    "000004B0", // 1200
-                    "77F421A6F25E138395E837E5D85D385B" +
-                            "4C1BFD772E112CD9208CE72A530B15E6",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA128_CTS_CMAC,
-                    "password",
-                    "1234567878563412",
-                    "00000005",
-                    "00498FD916BFC1C2B1031C170801B381",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA256_CTS_CMAC,
-                    "password",
-                    "1234567878563412",
-                    "00000005",
-                    "11083A00BDFE6A41B2F19716D6202F0A" +
-                            "FA94289AFE8B27A049BD28B1D76C389A",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA128_CTS_CMAC,
-                    "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                    "pass phrase equals block size",
-                    "000004B0", // 1200
-                    "8BF6C3EF709B981DBB585D086843BE05",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA256_CTS_CMAC,
-                    "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                    "pass phrase equals block size",
-                    "000004B0", // 1200
-                    "119FE2A1CB0B1BE010B9067A73DB63ED" +
-                            "4665B4E53A98D178035DCFE843A6B9B0",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA128_CTS_CMAC,
-                    "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                    "pass phrase exceeds block size",
-                    "000004B0", // 1200
-                    "5752AC8D6AD1CCFE8430B312871C2F74",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA256_CTS_CMAC,
-                    "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                    "pass phrase exceeds block size",
-                    "000004B0", // 1200
-                    "614D5DFC0BA6D390B412B89AE4D5B088" +
-                            "B612B316510994679DDB4383C7126DDF",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA128_CTS_CMAC,
-                    "f09d849e",
-                    "EXAMPLE.COMpianist",
-                    "00000032", // 50
-                    "CC75C7FD260F1C1658011FCC0D560616",
-                    true)
-            ,
-            new TestCase(
-                    EncryptionType.CAMELLIA256_CTS_CMAC,
-                    "f09d849e",
-                    "EXAMPLE.COMpianist",
-                    "00000032", // 50
-                    "163B768C6DB148B4EEC7163DF5AED70E" +
-                            "206B68CEC078BC069ED68A7ED36B1ECC",
-                    true)
-            ,
-            // Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are forbidden.
-            new TestCase(
-                    EncryptionType.CAMELLIA256_CTS_CMAC,
-                    "f09d849e",
-                    "EXAMPLE.COMpianist",
-                    "00000032", // 50
-                    "163B768C6DB148B4EEC7163DF5AED70E" +
-                            "206B68CEC078BC069ED68A7ED36B1ECC",
-                    false)
-    };
-
-    @Test
-    public void testString2Keys() {
-        boolean overallResult = true;
-
-        for (TestCase tc : testCases) {
-            System.err.println("String2key test for " + tc.encType.getName());
-            try {
-                if (EncryptionHandler.isImplemented(tc.encType)) {
-                    if (! testWith(tc)) {
-                        overallResult = false;
-                    }
-                }
-            } catch (Exception e) {
-                e.printStackTrace();
-                overallResult = false;
-            }
+    /**
+     *  Test vectors from RFC 3961 appendix A.2.
+     */
+
+    @Test
+    public void test_DES_CBC_CRC_0() {
+        performTest(new TestCase(
+                EncryptionType.DES_CBC_CRC,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00",
+                "CBC22FAE235298E3",
+                false));
+    }
+
+    @Test
+    public void test_DES_CBC_CRC_1() {
+        performTest(new TestCase(
+                EncryptionType.DES_CBC_CRC,
+                "potatoe",
+                "WHITEHOUSE.GOVdanny",
+                "00",
+                "DF3D32A74FD92A01",
+                false));
+    }
+
+    @Test
+    public void test_DES_CBC_CRC_2() {
+        performTest(new TestCase(
+                EncryptionType.DES_CBC_CRC,
+                toUtf8("F09D849E"),
+                "EXAMPLE.COMpianist",
+                "00",
+                "4FFB26BAB0CD9413",
+                false));
+    }
+
+    @Test
+    public void test_DES_CBC_CRC_3() {
+        performTest(new TestCase(
+                EncryptionType.DES_CBC_CRC,
+                toUtf8("C39F"),
+                "ATHENA.MIT.EDUJuri" + toUtf8("C5A169C487"),
+                "00",
+                "62C81A5232B5E69D",
+                false));
+    }
+
+    @Test
+    public void test_DES_CBC_CRC_4() {
+        performTest(new TestCase(
+                EncryptionType.DES_CBC_CRC,
+                "11119999",
+                "AAAAAAAA",
+                "00",
+                "984054d0f1a73e31",
+                false));
+    }
+
+    @Test
+    public void test_DES_CBC_CRC_5() {
+        performTest(new TestCase(
+                EncryptionType.DES_CBC_CRC,
+                "NNNN6666",
+                "FFFFAAAA",
+                "00",
+                "C4BF6B25ADF7A4F8",
+                false));
+    }
+
+    // Test vectors from RFC 3961 appendix A.4.
+
+    @Test
+    public void test_DES3_CBC_SHA1_0() {
+        performTest(new TestCase(
+                EncryptionType.DES3_CBC_SHA1,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                null,
+                "850BB51358548CD05E86768C" +
+                        "313E3BFEF7511937DCF72C3E",
+                false));
+    }
+
+    @Test
+    public void test_DES3_CBC_SHA1_1() {
+        performTest(new TestCase(
+                EncryptionType.DES3_CBC_SHA1,
+                "potatoe",
+                "WHITEHOUSE.GOVdanny",
+                null,
+                "DFCD233DD0A43204EA6DC437" +
+                        "FB15E061B02979C1F74F377A",
+                false));
+    }
+
+    @Test
+    public void test_DES3_CBC_SHA1_2() {
+        performTest(new TestCase(
+                EncryptionType.DES3_CBC_SHA1,
+                "penny",
+                "EXAMPLE.COMbuckaroo",
+                null,
+                "6D2FCDF2D6FBBC3DDCADB5DA" +
+                        "5710A23489B0D3B69D5D9D4A",
+                false));
+    }
+
+    @Test
+    public void test_DES3_CBC_SHA1_3() {
+        performTest(new TestCase(
+                EncryptionType.DES3_CBC_SHA1,
+                toUtf8("C39F"),
+                "ATHENA.MIT.EDUJuri" + toUtf8("C5A169C487"),
+                null,
+                "16D5A40E1CE3BACB61B9DCE0" +
+                        "0470324C831973A7B952FEB0",
+                false));
+    }
+
+    @Test
+    public void test_DES3_CBC_SHA1_4() {
+        performTest(new TestCase(
+                EncryptionType.DES3_CBC_SHA1,
+                toUtf8("F09D849E"),
+                "EXAMPLE.COMpianist",
+                null,
+                "85763726585DBC1CCE6EC43E" +
+                        "1F751F07F1C4CBB098F40B19",
+                false));
+    }
+
+    // Test vectors from RFC 3962 appendix B.
+
+    @Test
+    public void test_AES128_CTS_HMAC_SHA1_96_0() {
+        performTest(new TestCase(
+                EncryptionType.AES128_CTS_HMAC_SHA1_96,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00000001",
+                "42263C6E89F4FC28B8DF68EE09799F15",
+                true));
+    }
+
+    @Test
+    public void test_AES128_CTS_HMAC_SHA1_96_1() {
+        performTest(new TestCase(
+                EncryptionType.AES128_CTS_HMAC_SHA1_96,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00000002",
+                "C651BF29E2300AC27FA469D693BDDA13",
+                true));
+    }
+
+    @Test
+    public void test_AES128_CTS_HMAC_SHA1_96_2() {
+        performTest(new TestCase(
+                EncryptionType.AES128_CTS_HMAC_SHA1_96,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "000004B0", // 1200
+                "4C01CD46D632D01E6DBE230A01ED642A",
+                true));
+    }
+
+    @Test
+    public void test_AES128_CTS_HMAC_SHA1_96_3() {
+        performTest(new TestCase(
+                EncryptionType.AES128_CTS_HMAC_SHA1_96,
+                "password",
+                toUtf8("1234567878563412"),
+                "00000005",
+                "E9B23D52273747DD5C35CB55BE619D8E",
+                true));
+    }
+
+    @Test
+    public void test_AES128_CTS_HMAC_SHA1_96_4() {
+        performTest(new TestCase(
+                EncryptionType.AES128_CTS_HMAC_SHA1_96,
+                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+                "pass phrase exceeds block size",
+                "000004B0", // 1200
+                "CB8005DC5F90179A7F02104C0018751D",
+                true));
+    }
+
+    @Test
+    public void test_AES128_CTS_HMAC_SHA1_96_5() {
+        performTest(new TestCase(
+                EncryptionType.AES128_CTS_HMAC_SHA1_96,
+                toUtf8("F09D849E"),
+                "EXAMPLE.COMpianist",
+                "00000032", // 50
+                "F149C1F2E154A73452D43E7FE62A56E5",
+                true));
+    }
+
+    @Test
+    public void test_AES128_CTS_HMAC_SHA1_96_6() {
+        performTest(new TestCase(
+                EncryptionType.AES128_CTS_HMAC_SHA1_96,
+                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+                "pass phrase equals block size",
+                "000004B0", // 1200
+                "59D1BB789A828B1AA54EF9C2883F69ED",
+                true));
+    }
+
+    @Test
+    public void test_AES256_CTS_HMAC_SHA1_96_0() {
+        performTest(new TestCase(
+                EncryptionType.AES256_CTS_HMAC_SHA1_96,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00000001",
+                "FE697B52BC0D3CE14432BA036A92E65B" +
+                        "BB52280990A2FA27883998D72AF30161",
+                true));
+    }
+
+    @Test
+    public void test_AES256_CTS_HMAC_SHA1_96_1() {
+        performTest(new TestCase(
+                EncryptionType.AES256_CTS_HMAC_SHA1_96,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00000002",
+                "A2E16D16B36069C135D5E9D2E25F8961" +
+                        "02685618B95914B467C67622225824FF",
+                true));
+    }
+
+    @Test
+    public void test_AES256_CTS_HMAC_SHA1_96_2() {
+        performTest(new TestCase(
+                EncryptionType.AES256_CTS_HMAC_SHA1_96,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "000004B0", // 1200
+                "55A6AC740AD17B4846941051E1E8B0A7" +
+                        "548D93B0AB30A8BC3FF16280382B8C2A",
+                true));
+    }
+
+    @Test
+    public void test_AES256_CTS_HMAC_SHA1_96_3() {
+        performTest(new TestCase(
+                EncryptionType.AES256_CTS_HMAC_SHA1_96,
+                "password",
+                toUtf8("1234567878563412"),
+                "00000005",
+                "97A4E786BE20D81A382D5EBC96D5909C" +
+                        "ABCDADC87CA48F574504159F16C36E31",
+                true));
+    }
+
+    @Test
+    public void test_AES256_CTS_HMAC_SHA1_96_4() {
+        performTest(new TestCase(
+                EncryptionType.AES256_CTS_HMAC_SHA1_96,
+                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+                "pass phrase equals block size",
+                "000004B0", // 1200
+                "89ADEE3608DB8BC71F1BFBFE459486B0" +
+                        "5618B70CBAE22092534E56C553BA4B34",
+                true));
+    }
+
+
+
+    @Test
+    public void test_AES256_CTS_HMAC_SHA1_96_5() {
+        performTest(new TestCase(
+                EncryptionType.AES256_CTS_HMAC_SHA1_96,
+                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+                "pass phrase exceeds block size",
+                "000004B0", // 1200
+                "D78C5C9CB872A8C9DAD4697F0BB5B2D2" +
+                        "1496C82BEB2CAEDA2112FCEEA057401B",
+                true));
+    }
+
+    @Test
+    public void test_AES256_CTS_HMAC_SHA1_96_6() {
+        performTest(new TestCase(
+                EncryptionType.AES256_CTS_HMAC_SHA1_96,
+                toUtf8("F09D849E"),
+                "EXAMPLE.COMpianist",
+                "00000032", // 50
+                "4B6D9839F84406DF1F09CC166DB4B83C" +
+                        "571848B784A3D6BDC346589A3E393F9E",
+                true));
+    }
+
+    // Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are forbidden
+    @Test
+    public void test_AES256_CTS_HMAC_SHA1_96_7() {
+        performTest(new TestCase(
+                EncryptionType.AES256_CTS_HMAC_SHA1_96,
+                toUtf8("F09D849E"),
+                "EXAMPLE.COMpianist",
+                "00000032", // 50
+                "4B6D9839F84406DF1F09CC166DB4B83C" +
+                        "571848B784A3D6BDC346589A3E393F9E",
+                false));
+    }
+
+    // The same inputs applied to Camellia enctypes.
+    @Test
+    public void test_CAMELLIA128_CTS_CMAC_0() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA128_CTS_CMAC,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00000001",
+                "57D0297298FFD9D35DE5A47FB4BDE24B",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA128_CTS_CMAC_1() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA128_CTS_CMAC,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00000002",
+                "73F1B53AA0F310F93B1DE8CCAA0CB152",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA128_CTS_CMAC_2() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA128_CTS_CMAC,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "000004B0", // 1200
+                "8E571145452855575FD916E7B04487AA",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA128_CTS_CMAC_3() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA128_CTS_CMAC,
+                "password",
+                toUtf8("1234567878563412"),
+                "00000005",
+                "00498FD916BFC1C2B1031C170801B381",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA128_CTS_CMAC_4() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA128_CTS_CMAC,
+                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+                "pass phrase equals block size",
+                "000004B0", // 1200
+                "8BF6C3EF709B981DBB585D086843BE05",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA128_CTS_CMAC_5() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA128_CTS_CMAC,
+                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+                "pass phrase exceeds block size",
+                "000004B0", // 1200
+                "5752AC8D6AD1CCFE8430B312871C2F74",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA128_CTS_CMAC_6() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA128_CTS_CMAC,
+                toUtf8("f09d849e"),
+                "EXAMPLE.COMpianist",
+                "00000032", // 50
+                "CC75C7FD260F1C1658011FCC0D560616",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA256_CTS_CMAC_1() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA256_CTS_CMAC,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00000001",
+                "B9D6828B2056B7BE656D88A123B1FAC6" +
+                        "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA256_CTS_CMAC_2() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA256_CTS_CMAC,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "00000002",
+                "83FC5866E5F8F4C6F38663C65C87549F" +
+                        "342BC47ED394DC9D3CD4D163ADE375E3",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA256_CTS_CMAC_3() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA256_CTS_CMAC,
+                "password",
+                "ATHENA.MIT.EDUraeburn",
+                "000004B0", // 1200
+                "77F421A6F25E138395E837E5D85D385B" +
+                        "4C1BFD772E112CD9208CE72A530B15E6",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA256_CTS_CMAC_4() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA256_CTS_CMAC,
+                "password",
+                toUtf8("1234567878563412"),
+                "00000005",
+                "11083A00BDFE6A41B2F19716D6202F0A" +
+                        "FA94289AFE8B27A049BD28B1D76C389A",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA256_CTS_CMAC_5() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA256_CTS_CMAC,
+                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+                "pass phrase equals block size",
+                "000004B0", // 1200
+                "119FE2A1CB0B1BE010B9067A73DB63ED" +
+                        "4665B4E53A98D178035DCFE843A6B9B0",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA256_CTS_CMAC_6() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA256_CTS_CMAC,
+                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+                "pass phrase exceeds block size",
+                "000004B0", // 1200
+                "614D5DFC0BA6D390B412B89AE4D5B088" +
+                        "B612B316510994679DDB4383C7126DDF",
+                true));
+    }
+
+    @Test
+    public void test_CAMELLIA256_CTS_CMAC_7() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA256_CTS_CMAC,
+                toUtf8("f09d849e"),
+                "EXAMPLE.COMpianist",
+                "00000032", // 50
+                "163B768C6DB148B4EEC7163DF5AED70E" +
+                        "206B68CEC078BC069ED68A7ED36B1ECC",
+                true));
+    }
+
+    // Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are forbidden.
+    @Test
+    public void test_CAMELLIA256_CTS_CMAC_8() {
+        performTest(new TestCase(
+                EncryptionType.CAMELLIA256_CTS_CMAC,
+                toUtf8("f09d849e"),
+                "EXAMPLE.COMpianist",
+                "00000032", // 50
+                "163B768C6DB148B4EEC7163DF5AED70E" +
+                        "206B68CEC078BC069ED68A7ED36B1ECC",
+                false));
+    }
+
+    /**
+     * Convert hex string into password
+     */
+    private static String toUtf8(String string) {
+        return new String(HexUtil.hex2bytes(string), StandardCharsets.UTF_8); // Per spec
+    }
+
+    /**
+     * Perform all the checks for a testcase
+     */
+    private void performTest(TestCase testCase) {
+        //assertTrue(EncryptionHandler.isImplemented(testCase.encType));
+        if (! EncryptionHandler.isImplemented(testCase.encType)) {
+            System.err.println("Not implemented yet: " + testCase.encType.getDisplayName());
+            return;
         }
 
-        if (!overallResult) {
-            Assert.fail();
+        try {
+            assertTrue(testWith(testCase));
+        } catch (Exception e) {
+            fail(e.getMessage());
         }
     }
 
+    /**
+     * Do the actual test work
+     */
     private boolean testWith(TestCase tc) throws Exception {
         byte[] answer = HexUtil.hex2bytes(tc.answer);
         byte[] params = tc.param != null ? HexUtil.hex2bytes(tc.param) : null;
-        EncryptionKey outkey = EncryptionHandler.string2Key(tc.string, tc.salt, params, tc.encType);
+        EncryptionKey outkey = EncryptionHandler.string2Key(tc.password, tc.salt, params,
tc.encType);
         if (! Arrays.equals(answer, outkey.getKeyData())) {
-            System.err.println("failed with:");
+            System.err.println("failed with:" + tc.salt);
             System.err.println("outKey:" + HexUtil.bytesToHex(outkey.getKeyData()));
             System.err.println("answer:" + tc.answer);
-            // Will un-comment below when passed all the tests.
             return false;
         }
         return true;


Mime
View raw message