2 * Test program for SHA1 and MD5
3 * Copyright (c) 2003-2006, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
18 #include "crypto/crypto.h"
19 #include "crypto/md5.h"
20 #include "crypto/sha1.h"
23 static int test_eap_fast(void)
25 /* RFC 4851, Appendix B.1 */
26 const u8 pac_key[] = {
27 0x0B, 0x97, 0x39, 0x0F, 0x37, 0x51, 0x78, 0x09,
28 0x81, 0x1E, 0xFD, 0x9C, 0x6E, 0x65, 0x94, 0x2B,
29 0x63, 0x2C, 0xE9, 0x53, 0x89, 0x38, 0x08, 0xBA,
30 0x36, 0x0B, 0x03, 0x7C, 0xD1, 0x85, 0xE4, 0x14
33 0x3F, 0xFB, 0x11, 0xC4, 0x6C, 0xBF, 0xA5, 0x7A,
34 0x54, 0x40, 0xDA, 0xE8, 0x22, 0xD3, 0x11, 0xD3,
35 0xF7, 0x6D, 0xE4, 0x1D, 0xD9, 0x33, 0xE5, 0x93,
36 0x70, 0x97, 0xEB, 0xA9, 0xB3, 0x66, 0xF4, 0x2A,
37 0x00, 0x00, 0x00, 0x02, 0x6A, 0x66, 0x43, 0x2A,
38 0x8D, 0x14, 0x43, 0x2C, 0xEC, 0x58, 0x2D, 0x2F,
39 0xC7, 0x9C, 0x33, 0x64, 0xBA, 0x04, 0xAD, 0x3A,
40 0x52, 0x54, 0xD6, 0xA5, 0x79, 0xAD, 0x1E, 0x00
42 const u8 master_secret[] = {
43 0x4A, 0x1A, 0x51, 0x2C, 0x01, 0x60, 0xBC, 0x02,
44 0x3C, 0xCF, 0xBC, 0x83, 0x3F, 0x03, 0xBC, 0x64,
45 0x88, 0xC1, 0x31, 0x2F, 0x0B, 0xA9, 0xA2, 0x77,
46 0x16, 0xA8, 0xD8, 0xE8, 0xBD, 0xC9, 0xD2, 0x29,
47 0x38, 0x4B, 0x7A, 0x85, 0xBE, 0x16, 0x4D, 0x27,
48 0x33, 0xD5, 0x24, 0x79, 0x87, 0xB1, 0xC5, 0xA2
50 const u8 key_block[] = {
51 0x59, 0x59, 0xBE, 0x8E, 0x41, 0x3A, 0x77, 0x74,
52 0x8B, 0xB2, 0xE5, 0xD3, 0x60, 0xAC, 0x4D, 0x35,
53 0xDF, 0xFB, 0xC8, 0x1E, 0x9C, 0x24, 0x9C, 0x8B,
54 0x0E, 0xC3, 0x1D, 0x72, 0xC8, 0x84, 0x9D, 0x57,
55 0x48, 0x51, 0x2E, 0x45, 0x97, 0x6C, 0x88, 0x70,
56 0xBE, 0x5F, 0x01, 0xD3, 0x64, 0xE7, 0x4C, 0xBB,
57 0x11, 0x24, 0xE3, 0x49, 0xE2, 0x3B, 0xCD, 0xEF,
58 0x7A, 0xB3, 0x05, 0x39, 0x5D, 0x64, 0x8A, 0x44,
59 0x11, 0xB6, 0x69, 0x88, 0x34, 0x2E, 0x8E, 0x29,
60 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05,
61 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96,
62 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84,
63 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98,
64 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71
67 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05,
68 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96,
69 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84,
70 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98,
71 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71
74 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
75 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
76 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
77 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
80 0x16, 0x15, 0x3C, 0x3F, 0x21, 0x55, 0xEF, 0xD9,
81 0x7F, 0x34, 0xAE, 0xC8, 0x1A, 0x4E, 0x66, 0x80,
82 0x4C, 0xC3, 0x76, 0xF2, 0x8A, 0xA9, 0x6F, 0x96,
83 0xC2, 0x54, 0x5F, 0x8C, 0xAB, 0x65, 0x02, 0xE1,
84 0x18, 0x40, 0x7B, 0x56, 0xBE, 0xEA, 0xA7, 0xC5,
85 0x76, 0x5D, 0x8F, 0x0B, 0xC5, 0x07, 0xC6, 0xB9,
86 0x04, 0xD0, 0x69, 0x56, 0x72, 0x8B, 0x6B, 0xB8,
87 0x15, 0xEC, 0x57, 0x7B
90 0x4D, 0x83, 0xA9, 0xBE, 0x6F, 0x8A, 0x74, 0xED,
91 0x6A, 0x02, 0x66, 0x0A, 0x63, 0x4D, 0x2C, 0x33,
92 0xC2, 0xDA, 0x60, 0x15, 0xC6, 0x37, 0x04, 0x51,
93 0x90, 0x38, 0x63, 0xDA, 0x54, 0x3E, 0x14, 0xB9,
94 0x27, 0x99, 0x18, 0x1E, 0x07, 0xBF, 0x0F, 0x5A,
95 0x5E, 0x3C, 0x32, 0x93, 0x80, 0x8C, 0x6C, 0x49,
96 0x67, 0xED, 0x24, 0xFE, 0x45, 0x40, 0xA0, 0x59,
97 0x5E, 0x37, 0xC2, 0xE9, 0xD0, 0x5D, 0x0A, 0xE3
100 0x3A, 0xD4, 0xAB, 0xDB, 0x76, 0xB2, 0x7F, 0x3B,
101 0xEA, 0x32, 0x2C, 0x2B, 0x74, 0xF4, 0x28, 0x55,
102 0xEF, 0x2D, 0xBA, 0x78, 0xC9, 0x57, 0x2F, 0x0D,
103 0x06, 0xCD, 0x51, 0x7C, 0x20, 0x93, 0x98, 0xA9,
104 0x76, 0xEA, 0x70, 0x21, 0xD7, 0x0E, 0x25, 0x54,
105 0x97, 0xED, 0xB2, 0x8A, 0xF6, 0xED, 0xFD, 0x0A,
106 0x2A, 0xE7, 0xA1, 0x58, 0x90, 0x10, 0x50, 0x44,
107 0xB3, 0x82, 0x85, 0xDB, 0x06, 0x14, 0xD2, 0xF9
109 /* RFC 4851, Appendix B.2 */
111 0x80, 0x0C, 0x00, 0x38, 0x00, 0x01, 0x01, 0x00,
112 0xD8, 0x6A, 0x8C, 0x68, 0x3C, 0x32, 0x31, 0xA8,
113 0x56, 0x63, 0xB6, 0x40, 0x21, 0xFE, 0x21, 0x14,
114 0x4E, 0xE7, 0x54, 0x20, 0x79, 0x2D, 0x42, 0x62,
115 0xC9, 0xBF, 0x53, 0x7F, 0x54, 0xFD, 0xAC, 0x58,
116 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF,
117 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC,
118 0x05, 0xC5, 0x5B, 0xB7
120 const u8 compound_mac[] = {
121 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF,
122 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC,
123 0x05, 0xC5, 0x5B, 0xB7
126 const u8 *simck, *cmk;
129 printf("EAP-FAST test cases\n");
131 printf("- T-PRF (SHA1) test case / master_secret\n");
132 sha1_t_prf(pac_key, sizeof(pac_key), "PAC to master secret label hash",
133 seed, sizeof(seed), buf, sizeof(master_secret));
134 if (memcmp(master_secret, buf, sizeof(master_secret)) != 0) {
135 printf("T-PRF test - FAILED!\n");
139 printf("- PRF (TLS, SHA1/MD5) test case / key_block\n");
140 if (tls_prf(master_secret, sizeof(master_secret), "key expansion",
141 seed, sizeof(seed), buf, sizeof(key_block)) ||
142 memcmp(key_block, buf, sizeof(key_block)) != 0) {
143 printf("PRF test - FAILED!\n");
147 printf("- T-PRF (SHA1) test case / IMCK\n");
148 sha1_t_prf(sks, sizeof(sks), "Inner Methods Compound Keys",
149 isk, sizeof(isk), buf, sizeof(imck));
150 if (memcmp(imck, buf, sizeof(imck)) != 0) {
151 printf("T-PRF test - FAILED!\n");
158 printf("- T-PRF (SHA1) test case / MSK\n");
159 sha1_t_prf(simck, 40, "Session Key Generating Function",
160 (u8 *) "", 0, buf, sizeof(msk));
161 if (memcmp(msk, buf, sizeof(msk)) != 0) {
162 printf("T-PRF test - FAILED!\n");
166 printf("- T-PRF (SHA1) test case / EMSK\n");
167 sha1_t_prf(simck, 40, "Extended Session Key Generating Function",
168 (u8 *) "", 0, buf, sizeof(msk));
169 if (memcmp(emsk, buf, sizeof(emsk)) != 0) {
170 printf("T-PRF test - FAILED!\n");
174 printf("- Compound MAC test case\n");
175 memset(tlv + sizeof(tlv) - 20, 0, 20);
176 hmac_sha1(cmk, 20, tlv, sizeof(tlv), tlv + sizeof(tlv) - 20);
177 if (memcmp(tlv + sizeof(tlv) - 20, compound_mac, sizeof(compound_mac))
179 printf("Compound MAC test - FAILED!\n");
189 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
190 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
191 0x0b, 0x0b, 0x0b, 0x0b
193 static u8 data0[] = "Hi There";
196 0xbc, 0xd4, 0xc6, 0x50, 0xb3, 0x0b, 0x96, 0x84,
197 0x95, 0x18, 0x29, 0xe0, 0xd7, 0x5f, 0x9d, 0x54,
198 0xb8, 0x62, 0x17, 0x5e, 0xd9, 0xf0, 0x06, 0x06,
199 0xe1, 0x7d, 0x8d, 0xa3, 0x54, 0x02, 0xff, 0xee,
200 0x75, 0xdf, 0x78, 0xc3, 0xd3, 0x1e, 0x0f, 0x88,
201 0x9f, 0x01, 0x21, 0x20, 0xc0, 0x86, 0x2b, 0xeb,
202 0x67, 0x75, 0x3e, 0x74, 0x39, 0xae, 0x24, 0x2e,
203 0xdb, 0x83, 0x73, 0x69, 0x83, 0x56, 0xcf, 0x5a
206 static u8 key1[] = "Jefe";
207 static u8 data1[] = "what do ya want for nothing?";
210 0x51, 0xf4, 0xde, 0x5b, 0x33, 0xf2, 0x49, 0xad,
211 0xf8, 0x1a, 0xeb, 0x71, 0x3a, 0x3c, 0x20, 0xf4,
212 0xfe, 0x63, 0x14, 0x46, 0xfa, 0xbd, 0xfa, 0x58,
213 0x24, 0x47, 0x59, 0xae, 0x58, 0xef, 0x90, 0x09,
214 0xa9, 0x9a, 0xbf, 0x4e, 0xac, 0x2c, 0xa5, 0xfa,
215 0x87, 0xe6, 0x92, 0xc4, 0x40, 0xeb, 0x40, 0x02,
216 0x3e, 0x7b, 0xab, 0xb2, 0x06, 0xd6, 0x1d, 0xe7,
217 0xb9, 0x2f, 0x41, 0x52, 0x90, 0x92, 0xb8, 0xfc
223 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
224 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
225 0xaa, 0xaa, 0xaa, 0xaa
229 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
230 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
231 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
232 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
233 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
234 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
239 0xe1, 0xac, 0x54, 0x6e, 0xc4, 0xcb, 0x63, 0x6f,
240 0x99, 0x76, 0x48, 0x7b, 0xe5, 0xc8, 0x6b, 0xe1,
241 0x7a, 0x02, 0x52, 0xca, 0x5d, 0x8d, 0x8d, 0xf1,
242 0x2c, 0xfb, 0x04, 0x73, 0x52, 0x52, 0x49, 0xce,
243 0x9d, 0xd8, 0xd1, 0x77, 0xea, 0xd7, 0x10, 0xbc,
244 0x9b, 0x59, 0x05, 0x47, 0x23, 0x91, 0x07, 0xae,
245 0xf7, 0xb4, 0xab, 0xd4, 0x3d, 0x87, 0xf0, 0xa6,
246 0x8f, 0x1c, 0xbd, 0x9e, 0x2b, 0x6f, 0x76, 0x07
250 struct passphrase_test {
256 static struct passphrase_test passphrase_tests[] =
262 0xf4, 0x2c, 0x6f, 0xc5, 0x2d, 0xf0, 0xeb, 0xef,
263 0x9e, 0xbb, 0x4b, 0x90, 0xb3, 0x8a, 0x5f, 0x90,
264 0x2e, 0x83, 0xfe, 0x1b, 0x13, 0x5a, 0x70, 0xe2,
265 0x3a, 0xed, 0x76, 0x2e, 0x97, 0x10, 0xa1, 0x2e
272 0x0d, 0xc0, 0xd6, 0xeb, 0x90, 0x55, 0x5e, 0xd6,
273 0x41, 0x97, 0x56, 0xb9, 0xa1, 0x5e, 0xc3, 0xe3,
274 0x20, 0x9b, 0x63, 0xdf, 0x70, 0x7d, 0xd5, 0x08,
275 0xd1, 0x45, 0x81, 0xf8, 0x98, 0x27, 0x21, 0xaf
279 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
280 "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ",
282 0xbe, 0xcb, 0x93, 0x86, 0x6b, 0xb8, 0xc3, 0x83,
283 0x2c, 0xb7, 0x77, 0xc2, 0xf5, 0x59, 0x80, 0x7c,
284 0x8c, 0x59, 0xaf, 0xcb, 0x6e, 0xae, 0x73, 0x48,
285 0x85, 0x00, 0x13, 0x00, 0xa9, 0x81, 0xcc, 0x62
290 #define NUM_PASSPHRASE_TESTS \
291 (sizeof(passphrase_tests) / sizeof(passphrase_tests[0]))
294 struct rfc6070_test {
302 static struct rfc6070_test rfc6070_tests[] =
309 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
310 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
311 0x2f, 0xe0, 0x37, 0xa6
320 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
321 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
322 0xd8, 0xde, 0x89, 0x57
331 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
332 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
333 0x65, 0xa4, 0x29, 0xc1
337 #if 0 /* This takes quite long to derive.. */
343 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
344 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
345 0x26, 0x34, 0xe9, 0x84
351 "passwordPASSWORDpassword",
352 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
355 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
356 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
357 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
362 #if 0 /* \0 not currently supported in passphrase parameters.. */
368 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
369 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3
376 #define NUM_RFC6070_TESTS \
377 (sizeof(rfc6070_tests) / sizeof(rfc6070_tests[0]))
380 int main(int argc, char *argv[])
386 printf("PRF-SHA1 test cases:\n");
388 sha1_prf(key0, sizeof(key0), "prefix", data0, sizeof(data0) - 1,
390 if (memcmp(res, prf0, sizeof(prf0)) == 0)
391 printf("Test case 0 - OK\n");
393 printf("Test case 0 - FAILED!\n");
397 sha1_prf(key1, sizeof(key1) - 1, "prefix", data1, sizeof(data1) - 1,
399 if (memcmp(res, prf1, sizeof(prf1)) == 0)
400 printf("Test case 1 - OK\n");
402 printf("Test case 1 - FAILED!\n");
406 sha1_prf(key2, sizeof(key2), "prefix", data2, sizeof(data2),
408 if (memcmp(res, prf2, sizeof(prf2)) == 0)
409 printf("Test case 2 - OK\n");
411 printf("Test case 2 - FAILED!\n");
415 ret += test_eap_fast();
417 printf("PBKDF2-SHA1 Passphrase test cases:\n");
418 for (i = 0; i < NUM_PASSPHRASE_TESTS; i++) {
420 struct passphrase_test *test = &passphrase_tests[i];
421 pbkdf2_sha1(test->passphrase,
422 test->ssid, strlen(test->ssid),
424 if (memcmp(psk, test->psk, 32) == 0)
425 printf("Test case %d - OK\n", i);
427 printf("Test case %d - FAILED!\n", i);
432 printf("PBKDF2-SHA1 test cases (RFC 6070):\n");
433 for (i = 0; i < NUM_RFC6070_TESTS; i++) {
435 struct rfc6070_test *test = &rfc6070_tests[i];
436 pbkdf2_sha1(test->p, test->s, strlen(test->s), test->c,
438 if (memcmp(dk, test->dk, test->dk_len) == 0)
439 printf("Test case %d - OK\n", i);
441 printf("Test case %d - FAILED!\n", i);
projects / mech_eap.git / blob