diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2004-02-09 22:08:09 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2004-02-09 22:08:09 +0000 |
| commit | f7f601d95224e4cbcec5215610e61088718f10fa (patch) | |
| tree | 26eba3c46ce9c5f4944181f46ba041f5cf05d9e0 /src/lib | |
| parent | abc5739f84e5d9e317295eb9e036aeacdc250cfc (diff) | |
| download | krb5-f7f601d95224e4cbcec5215610e61088718f10fa.tar.gz krb5-f7f601d95224e4cbcec5215610e61088718f10fa.tar.xz krb5-f7f601d95224e4cbcec5215610e61088718f10fa.zip | |
* t_cts.c (test_cts): Process encryption and decryption IVs separately, make
sure they match, and display the value.
ticket: 2223
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16039 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/crypto/ChangeLog | 5 | ||||
| -rw-r--r-- | src/lib/crypto/t_cts.c | 31 |
2 files changed, 33 insertions, 3 deletions
diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog index 241723997..bb9484a5d 100644 --- a/src/lib/crypto/ChangeLog +++ b/src/lib/crypto/ChangeLog @@ -1,3 +1,8 @@ +2004-02-09 Ken Raeburn <raeburn@mit.edu> + + * t_cts.c (test_cts): Process encryption and decryption IVs + separately, make sure they match, and display the value. + 2003-12-13 Ken Raeburn <raeburn@mit.edu> * etypes.c (krb5_enctypes_list): Fill in required_ctype field. diff --git a/src/lib/crypto/t_cts.c b/src/lib/crypto/t_cts.c index 5bf1ecba9..b105bd275 100644 --- a/src/lib/crypto/t_cts.c +++ b/src/lib/crypto/t_cts.c @@ -120,27 +120,52 @@ static void test_cts() krb5_data *); int i; - char outbuf[64]; - krb5_data in, out; + char outbuf[64], encivbuf[16], decivbuf[16], outbuf2[64]; + krb5_data in, out, enciv, deciv, out2; krb5_keyblock key; krb5_error_code err; in.data = input; out.data = outbuf; + out2.data = outbuf2; + enciv.length = deciv.length = 16; + enciv.data = encivbuf; + deciv.data = decivbuf; key.contents = aeskey; key.length = 16; + memset(enciv.data, 0, 16); printk("AES 128-bit key", &key); for (i = 0; i < sizeof(lengths)/sizeof(lengths[0]); i++) { + memset(enciv.data, 0, 16); + memset(deciv.data, 0, 16); + printf("\n"); in.length = out.length = lengths[i]; - err = krb5int_aes_encrypt(&key, 0, &in, &out); + printd("IV", &enciv); + err = krb5int_aes_encrypt(&key, &enciv, &in, &out); if (err) { printf("error %ld from krb5int_aes_encrypt\n", (long)err); exit(1); } printd("Input", &in); printd("Output", &out); + printd("Next IV", &enciv); + out2.length = out.length; + err = krb5int_aes_decrypt(&key, &deciv, &out, &out2); + if (err) { + printf("error %ld from krb5int_aes_decrypt\n", (long)err); + exit(1); + } + if (out2.length != in.length + || memcmp(in.data, out2.data, in.length)) { + printd("Decryption result DOESN'T MATCH", &out2); + exit(1); + } + if (memcmp(enciv.data, deciv.data, 16)) { + printd("Decryption IV result DOESN'T MATCH", &deciv); + exit(1); + } } } |