projects / mech_eap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
P2P: Wait on GO Negotiation Confirm transmit
[mech_eap.git] / tests / test-sha1.c
1 /*
2  * Test program for SHA1 and MD5
3  * Copyright (c) 2003-2006, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "crypto/crypto.h"
13 #include "crypto/md5.h"
14 #include "crypto/sha1.h"
15
16
17 static int test_eap_fast(void)
18 {
19         /* RFC 4851, Appendix B.1 */
20         const u8 pac_key[] = {
21                 0x0B, 0x97, 0x39, 0x0F, 0x37, 0x51, 0x78, 0x09,
22                 0x81, 0x1E, 0xFD, 0x9C, 0x6E, 0x65, 0x94, 0x2B,
23                 0x63, 0x2C, 0xE9, 0x53, 0x89, 0x38, 0x08, 0xBA,
24                 0x36, 0x0B, 0x03, 0x7C, 0xD1, 0x85, 0xE4, 0x14
25         };
26         const u8 seed[] = {
27                 0x3F, 0xFB, 0x11, 0xC4, 0x6C, 0xBF, 0xA5, 0x7A,
28                 0x54, 0x40, 0xDA, 0xE8, 0x22, 0xD3, 0x11, 0xD3,
29                 0xF7, 0x6D, 0xE4, 0x1D, 0xD9, 0x33, 0xE5, 0x93,
30                 0x70, 0x97, 0xEB, 0xA9, 0xB3, 0x66, 0xF4, 0x2A,
31                 0x00, 0x00, 0x00, 0x02, 0x6A, 0x66, 0x43, 0x2A,
32                 0x8D, 0x14, 0x43, 0x2C, 0xEC, 0x58, 0x2D, 0x2F,
33                 0xC7, 0x9C, 0x33, 0x64, 0xBA, 0x04, 0xAD, 0x3A,
34                 0x52, 0x54, 0xD6, 0xA5, 0x79, 0xAD, 0x1E, 0x00
35         };
36         const u8 master_secret[] = {
37                 0x4A, 0x1A, 0x51, 0x2C, 0x01, 0x60, 0xBC, 0x02,
38                 0x3C, 0xCF, 0xBC, 0x83, 0x3F, 0x03, 0xBC, 0x64,
39                 0x88, 0xC1, 0x31, 0x2F, 0x0B, 0xA9, 0xA2, 0x77,
40                 0x16, 0xA8, 0xD8, 0xE8, 0xBD, 0xC9, 0xD2, 0x29,
41                 0x38, 0x4B, 0x7A, 0x85, 0xBE, 0x16, 0x4D, 0x27,
42                 0x33, 0xD5, 0x24, 0x79, 0x87, 0xB1, 0xC5, 0xA2  
43         };
44         const u8 key_block[] = {
45                 0x59, 0x59, 0xBE, 0x8E, 0x41, 0x3A, 0x77, 0x74,
46                 0x8B, 0xB2, 0xE5, 0xD3, 0x60, 0xAC, 0x4D, 0x35,
47                 0xDF, 0xFB, 0xC8, 0x1E, 0x9C, 0x24, 0x9C, 0x8B,
48                 0x0E, 0xC3, 0x1D, 0x72, 0xC8, 0x84, 0x9D, 0x57,
49                 0x48, 0x51, 0x2E, 0x45, 0x97, 0x6C, 0x88, 0x70,
50                 0xBE, 0x5F, 0x01, 0xD3, 0x64, 0xE7, 0x4C, 0xBB,
51                 0x11, 0x24, 0xE3, 0x49, 0xE2, 0x3B, 0xCD, 0xEF,
52                 0x7A, 0xB3, 0x05, 0x39, 0x5D, 0x64, 0x8A, 0x44,
53                 0x11, 0xB6, 0x69, 0x88, 0x34, 0x2E, 0x8E, 0x29,
54                 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05,
55                 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96,
56                 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84,
57                 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98,
58                 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71
59         };
60         const u8 sks[] = {
61                 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05,
62                 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96,
63                 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84,
64                 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98,
65                 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71
66         };
67         const u8 isk[] = {
68                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
69                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
70                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
71                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
72         };
73         const u8 imck[] = {
74                 0x16, 0x15, 0x3C, 0x3F, 0x21, 0x55, 0xEF, 0xD9,
75                 0x7F, 0x34, 0xAE, 0xC8, 0x1A, 0x4E, 0x66, 0x80,
76                 0x4C, 0xC3, 0x76, 0xF2, 0x8A, 0xA9, 0x6F, 0x96,
77                 0xC2, 0x54, 0x5F, 0x8C, 0xAB, 0x65, 0x02, 0xE1,
78                 0x18, 0x40, 0x7B, 0x56, 0xBE, 0xEA, 0xA7, 0xC5,
79                 0x76, 0x5D, 0x8F, 0x0B, 0xC5, 0x07, 0xC6, 0xB9,
80                 0x04, 0xD0, 0x69, 0x56, 0x72, 0x8B, 0x6B, 0xB8,
81                 0x15, 0xEC, 0x57, 0x7B
82         };
83         const u8 msk[] = {
84                 0x4D, 0x83, 0xA9, 0xBE, 0x6F, 0x8A, 0x74, 0xED,
85                 0x6A, 0x02, 0x66, 0x0A, 0x63, 0x4D, 0x2C, 0x33,
86                 0xC2, 0xDA, 0x60, 0x15, 0xC6, 0x37, 0x04, 0x51,
87                 0x90, 0x38, 0x63, 0xDA, 0x54, 0x3E, 0x14, 0xB9,
88                 0x27, 0x99, 0x18, 0x1E, 0x07, 0xBF, 0x0F, 0x5A,
89                 0x5E, 0x3C, 0x32, 0x93, 0x80, 0x8C, 0x6C, 0x49,
90                 0x67, 0xED, 0x24, 0xFE, 0x45, 0x40, 0xA0, 0x59,
91                 0x5E, 0x37, 0xC2, 0xE9, 0xD0, 0x5D, 0x0A, 0xE3
92         };
93         const u8 emsk[] = {
94                 0x3A, 0xD4, 0xAB, 0xDB, 0x76, 0xB2, 0x7F, 0x3B,
95                 0xEA, 0x32, 0x2C, 0x2B, 0x74, 0xF4, 0x28, 0x55,
96                 0xEF, 0x2D, 0xBA, 0x78, 0xC9, 0x57, 0x2F, 0x0D,
97                 0x06, 0xCD, 0x51, 0x7C, 0x20, 0x93, 0x98, 0xA9,
98                 0x76, 0xEA, 0x70, 0x21, 0xD7, 0x0E, 0x25, 0x54,
99                 0x97, 0xED, 0xB2, 0x8A, 0xF6, 0xED, 0xFD, 0x0A,
100                 0x2A, 0xE7, 0xA1, 0x58, 0x90, 0x10, 0x50, 0x44,
101                 0xB3, 0x82, 0x85, 0xDB, 0x06, 0x14, 0xD2, 0xF9
102         };
103         /* RFC 4851, Appendix B.2 */
104         u8 tlv[] = {
105                 0x80, 0x0C, 0x00, 0x38, 0x00, 0x01, 0x01, 0x00,
106                 0xD8, 0x6A, 0x8C, 0x68, 0x3C, 0x32, 0x31, 0xA8,
107                 0x56, 0x63, 0xB6, 0x40, 0x21, 0xFE, 0x21, 0x14,
108                 0x4E, 0xE7, 0x54, 0x20, 0x79, 0x2D, 0x42, 0x62,
109                 0xC9, 0xBF, 0x53, 0x7F, 0x54, 0xFD, 0xAC, 0x58,
110                 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF,
111                 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC,
112                 0x05, 0xC5, 0x5B, 0xB7
113         };
114         const u8 compound_mac[] = {
115                 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF,
116                 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC,
117                 0x05, 0xC5, 0x5B, 0xB7
118         };
119         u8 buf[512];
120         const u8 *simck, *cmk;
121         int errors = 0;
122
123         printf("EAP-FAST test cases\n");
124
125         printf("- T-PRF (SHA1) test case / master_secret\n");
126         sha1_t_prf(pac_key, sizeof(pac_key), "PAC to master secret label hash",
127                    seed, sizeof(seed), buf, sizeof(master_secret));
128         if (memcmp(master_secret, buf, sizeof(master_secret)) != 0) {
129                 printf("T-PRF test - FAILED!\n");
130                 errors++;
131         }
132
133         printf("- PRF (TLS, SHA1/MD5) test case / key_block\n");
134         if (tls_prf_sha1_md5(master_secret, sizeof(master_secret),
135                              "key expansion", seed, sizeof(seed),
136                              buf, sizeof(key_block)) ||
137             memcmp(key_block, buf, sizeof(key_block)) != 0) {
138                 printf("PRF test - FAILED!\n");
139                 errors++;
140         }
141
142         printf("- T-PRF (SHA1) test case / IMCK\n");
143         sha1_t_prf(sks, sizeof(sks), "Inner Methods Compound Keys",
144                    isk, sizeof(isk), buf, sizeof(imck));
145         if (memcmp(imck, buf, sizeof(imck)) != 0) {
146                 printf("T-PRF test - FAILED!\n");
147                 errors++;
148         }
149
150         simck = imck;
151         cmk = imck + 40;
152
153         printf("- T-PRF (SHA1) test case / MSK\n");
154         sha1_t_prf(simck, 40, "Session Key Generating Function",
155                    (u8 *) "", 0, buf, sizeof(msk));
156         if (memcmp(msk, buf, sizeof(msk)) != 0) {
157                 printf("T-PRF test - FAILED!\n");
158                 errors++;
159         }
160
161         printf("- T-PRF (SHA1) test case / EMSK\n");
162         sha1_t_prf(simck, 40, "Extended Session Key Generating Function",
163                    (u8 *) "", 0, buf, sizeof(msk));
164         if (memcmp(emsk, buf, sizeof(emsk)) != 0) {
165                 printf("T-PRF test - FAILED!\n");
166                 errors++;
167         }
168
169         printf("- Compound MAC test case\n");
170         memset(tlv + sizeof(tlv) - 20, 0, 20);
171         hmac_sha1(cmk, 20, tlv, sizeof(tlv), tlv + sizeof(tlv) - 20);
172         if (memcmp(tlv + sizeof(tlv) - 20, compound_mac, sizeof(compound_mac))
173             != 0) {
174                 printf("Compound MAC test - FAILED!\n");
175                 errors++;
176         }
177
178         return errors;
179 }
180
181
182 static u8 key0[] =
183 {
184         0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
185         0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
186         0x0b, 0x0b, 0x0b, 0x0b
187 };
188 static u8 data0[] = "Hi There";
189 static u8 prf0[] =
190 {
191         0xbc, 0xd4, 0xc6, 0x50, 0xb3, 0x0b, 0x96, 0x84,
192         0x95, 0x18, 0x29, 0xe0, 0xd7, 0x5f, 0x9d, 0x54,
193         0xb8, 0x62, 0x17, 0x5e, 0xd9, 0xf0, 0x06, 0x06,
194         0xe1, 0x7d, 0x8d, 0xa3, 0x54, 0x02, 0xff, 0xee,
195         0x75, 0xdf, 0x78, 0xc3, 0xd3, 0x1e, 0x0f, 0x88,
196         0x9f, 0x01, 0x21, 0x20, 0xc0, 0x86, 0x2b, 0xeb,
197         0x67, 0x75, 0x3e, 0x74, 0x39, 0xae, 0x24, 0x2e,
198         0xdb, 0x83, 0x73, 0x69, 0x83, 0x56, 0xcf, 0x5a
199 };
200
201 static u8 key1[] = "Jefe";
202 static u8 data1[] = "what do ya want for nothing?";
203 static u8 prf1[] =
204 {
205         0x51, 0xf4, 0xde, 0x5b, 0x33, 0xf2, 0x49, 0xad,
206         0xf8, 0x1a, 0xeb, 0x71, 0x3a, 0x3c, 0x20, 0xf4,
207         0xfe, 0x63, 0x14, 0x46, 0xfa, 0xbd, 0xfa, 0x58,
208         0x24, 0x47, 0x59, 0xae, 0x58, 0xef, 0x90, 0x09,
209         0xa9, 0x9a, 0xbf, 0x4e, 0xac, 0x2c, 0xa5, 0xfa,
210         0x87, 0xe6, 0x92, 0xc4, 0x40, 0xeb, 0x40, 0x02,
211         0x3e, 0x7b, 0xab, 0xb2, 0x06, 0xd6, 0x1d, 0xe7,
212         0xb9, 0x2f, 0x41, 0x52, 0x90, 0x92, 0xb8, 0xfc
213 };
214
215
216 static u8 key2[] =
217 {
218         0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
219         0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
220         0xaa, 0xaa, 0xaa, 0xaa
221 };
222 static u8 data2[] =
223 {
224         0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
225         0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
226         0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
227         0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
228         0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
229         0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
230         0xdd, 0xdd
231 };
232 static u8 prf2[] =
233 {
234         0xe1, 0xac, 0x54, 0x6e, 0xc4, 0xcb, 0x63, 0x6f,
235         0x99, 0x76, 0x48, 0x7b, 0xe5, 0xc8, 0x6b, 0xe1,
236         0x7a, 0x02, 0x52, 0xca, 0x5d, 0x8d, 0x8d, 0xf1,
237         0x2c, 0xfb, 0x04, 0x73, 0x52, 0x52, 0x49, 0xce,
238         0x9d, 0xd8, 0xd1, 0x77, 0xea, 0xd7, 0x10, 0xbc,
239         0x9b, 0x59, 0x05, 0x47, 0x23, 0x91, 0x07, 0xae,
240         0xf7, 0xb4, 0xab, 0xd4, 0x3d, 0x87, 0xf0, 0xa6,
241         0x8f, 0x1c, 0xbd, 0x9e, 0x2b, 0x6f, 0x76, 0x07
242 };
243
244
245 struct passphrase_test {
246         char *passphrase;
247         char *ssid;
248         char psk[32];
249 };
250
251 static struct passphrase_test passphrase_tests[] =
252 {
253         {
254                 "password",
255                 "IEEE",
256                 {
257                         0xf4, 0x2c, 0x6f, 0xc5, 0x2d, 0xf0, 0xeb, 0xef,
258                         0x9e, 0xbb, 0x4b, 0x90, 0xb3, 0x8a, 0x5f, 0x90,
259                         0x2e, 0x83, 0xfe, 0x1b, 0x13, 0x5a, 0x70, 0xe2,
260                         0x3a, 0xed, 0x76, 0x2e, 0x97, 0x10, 0xa1, 0x2e
261                 }
262         },
263         {
264                 "ThisIsAPassword",
265                 "ThisIsASSID",
266                 {
267                         0x0d, 0xc0, 0xd6, 0xeb, 0x90, 0x55, 0x5e, 0xd6,
268                         0x41, 0x97, 0x56, 0xb9, 0xa1, 0x5e, 0xc3, 0xe3,
269                         0x20, 0x9b, 0x63, 0xdf, 0x70, 0x7d, 0xd5, 0x08,
270                         0xd1, 0x45, 0x81, 0xf8, 0x98, 0x27, 0x21, 0xaf
271                 }
272         },
273         {
274                 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
275                 "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ",
276                 {
277                         0xbe, 0xcb, 0x93, 0x86, 0x6b, 0xb8, 0xc3, 0x83,
278                         0x2c, 0xb7, 0x77, 0xc2, 0xf5, 0x59, 0x80, 0x7c,
279                         0x8c, 0x59, 0xaf, 0xcb, 0x6e, 0xae, 0x73, 0x48,
280                         0x85, 0x00, 0x13, 0x00, 0xa9, 0x81, 0xcc, 0x62
281                 }
282         },
283 };
284
285 #define NUM_PASSPHRASE_TESTS ARRAY_SIZE(passphrase_tests)
286
287
288 struct rfc6070_test {
289         char *p;
290         char *s;
291         int c;
292         char dk[32];
293         size_t dk_len;
294 };
295
296 static struct rfc6070_test rfc6070_tests[] =
297 {
298         {
299                 "password",
300                 "salt",
301                 1,
302                 {
303                         0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
304                         0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
305                         0x2f, 0xe0, 0x37, 0xa6
306                 },
307                 20
308         },
309         {
310                 "password",
311                 "salt",
312                 2,
313                 {
314                         0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
315                         0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
316                         0xd8, 0xde, 0x89, 0x57
317                 },
318                 20
319         },
320         {
321                 "password",
322                 "salt",
323                 4096,
324                 {
325                         0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
326                         0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
327                         0x65, 0xa4, 0x29, 0xc1
328                 },
329                 20
330         },
331 #if 0 /* This takes quite long to derive.. */
332         {
333                 "password",
334                 "salt",
335                 16777216,
336                 {
337                         0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
338                         0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
339                         0x26, 0x34, 0xe9, 0x84
340                 },
341                 20
342         },
343 #endif
344         {
345                 "passwordPASSWORDpassword",
346                 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
347                 4096,
348                 {
349                         0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
350                         0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
351                         0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
352                         0x38
353                 },
354                 25
355         },
356 #if 0 /* \0 not currently supported in passphrase parameters.. */
357         {
358                 "pass\0word",
359                 "sa\0lt",
360                 4096,
361                 {
362                         0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
363                         0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3
364                 },
365                 16
366         },
367 #endif
368 };
369
370 #define NUM_RFC6070_TESTS ARRAY_SIZE(rfc6070_tests)
371
372
373 int main(int argc, char *argv[])
374 {
375         u8 res[512];
376         int ret = 0;
377         unsigned int i;
378
379         printf("PRF-SHA1 test cases:\n");
380
381         sha1_prf(key0, sizeof(key0), "prefix", data0, sizeof(data0) - 1,
382                  res, sizeof(prf0));
383         if (memcmp(res, prf0, sizeof(prf0)) == 0)
384                 printf("Test case 0 - OK\n");
385         else {
386                 printf("Test case 0 - FAILED!\n");
387                 ret++;
388         }
389
390         sha1_prf(key1, sizeof(key1) - 1, "prefix", data1, sizeof(data1) - 1,
391                  res, sizeof(prf1));
392         if (memcmp(res, prf1, sizeof(prf1)) == 0)
393                 printf("Test case 1 - OK\n");
394         else {
395                 printf("Test case 1 - FAILED!\n");
396                 ret++;
397         }
398
399         sha1_prf(key2, sizeof(key2), "prefix", data2, sizeof(data2),
400                  res, sizeof(prf2));
401         if (memcmp(res, prf2, sizeof(prf2)) == 0)
402                 printf("Test case 2 - OK\n");
403         else {
404                 printf("Test case 2 - FAILED!\n");
405                 ret++;
406         }
407
408         ret += test_eap_fast();
409
410         printf("PBKDF2-SHA1 Passphrase test cases:\n");
411         for (i = 0; i < NUM_PASSPHRASE_TESTS; i++) {
412                 u8 psk[32];
413                 struct passphrase_test *test = &passphrase_tests[i];
414                 pbkdf2_sha1(test->passphrase,
415                             test->ssid, strlen(test->ssid),
416                             4096, psk, 32);
417                 if (memcmp(psk, test->psk, 32) == 0)
418                         printf("Test case %d - OK\n", i);
419                 else {
420                         printf("Test case %d - FAILED!\n", i);
421                         ret++;
422                 }
423         }
424
425         printf("PBKDF2-SHA1 test cases (RFC 6070):\n");
426         for (i = 0; i < NUM_RFC6070_TESTS; i++) {
427                 u8 dk[25];
428                 struct rfc6070_test *test = &rfc6070_tests[i];
429                 pbkdf2_sha1(test->p, test->s, strlen(test->s), test->c,
430                             dk, test->dk_len);
431                 if (memcmp(dk, test->dk, test->dk_len) == 0)
432                         printf("Test case %d - OK\n", i);
433                 else {
434                         printf("Test case %d - FAILED!\n", i);
435                         ret++;
436                 }
437         }
438
439         return ret;
440 }
Moonshot GSS-API mechanism