1eebd8c2dSChuck Lever // SPDX-License-Identifier: GPL-2.0
2eebd8c2dSChuck Lever /*
3eebd8c2dSChuck Lever * Copyright (c) 2022 Oracle and/or its affiliates.
4eebd8c2dSChuck Lever *
5eebd8c2dSChuck Lever * KUnit test of SunRPC's GSS Kerberos mechanism. Subsystem
6eebd8c2dSChuck Lever * name is "rpcsec_gss_krb5".
7eebd8c2dSChuck Lever */
8eebd8c2dSChuck Lever
9eebd8c2dSChuck Lever #include <kunit/test.h>
10eebd8c2dSChuck Lever #include <kunit/visibility.h>
11eebd8c2dSChuck Lever
12eebd8c2dSChuck Lever #include <linux/kernel.h>
1302142b2cSChuck Lever #include <crypto/hash.h>
14eebd8c2dSChuck Lever
15eebd8c2dSChuck Lever #include <linux/sunrpc/xdr.h>
16eebd8c2dSChuck Lever #include <linux/sunrpc/gss_krb5.h>
17eebd8c2dSChuck Lever
18eebd8c2dSChuck Lever #include "gss_krb5_internal.h"
19eebd8c2dSChuck Lever
20eebd8c2dSChuck Lever MODULE_IMPORT_NS(EXPORTED_FOR_KUNIT_TESTING);
21eebd8c2dSChuck Lever
22eebd8c2dSChuck Lever struct gss_krb5_test_param {
23eebd8c2dSChuck Lever const char *desc;
246eb6b8a4SChuck Lever u32 enctype;
25eebd8c2dSChuck Lever u32 nfold;
26b958cff6SChuck Lever u32 constant;
276eb6b8a4SChuck Lever const struct xdr_netobj *base_key;
28e1a9a384SChuck Lever const struct xdr_netobj *Ke;
296eb6b8a4SChuck Lever const struct xdr_netobj *usage;
30eebd8c2dSChuck Lever const struct xdr_netobj *plaintext;
31b958cff6SChuck Lever const struct xdr_netobj *confounder;
32eebd8c2dSChuck Lever const struct xdr_netobj *expected_result;
334d2d15c0SChuck Lever const struct xdr_netobj *expected_hmac;
34e1a9a384SChuck Lever const struct xdr_netobj *next_iv;
35eebd8c2dSChuck Lever };
36eebd8c2dSChuck Lever
gss_krb5_get_desc(const struct gss_krb5_test_param * param,char * desc)37eebd8c2dSChuck Lever static inline void gss_krb5_get_desc(const struct gss_krb5_test_param *param,
38eebd8c2dSChuck Lever char *desc)
39eebd8c2dSChuck Lever {
40eebd8c2dSChuck Lever strscpy(desc, param->desc, KUNIT_PARAM_DESC_SIZE);
41eebd8c2dSChuck Lever }
42eebd8c2dSChuck Lever
kdf_case(struct kunit * test)436eb6b8a4SChuck Lever static void kdf_case(struct kunit *test)
446eb6b8a4SChuck Lever {
456eb6b8a4SChuck Lever const struct gss_krb5_test_param *param = test->param_value;
466eb6b8a4SChuck Lever const struct gss_krb5_enctype *gk5e;
476eb6b8a4SChuck Lever struct xdr_netobj derivedkey;
486eb6b8a4SChuck Lever int err;
496eb6b8a4SChuck Lever
506eb6b8a4SChuck Lever /* Arrange */
516eb6b8a4SChuck Lever gk5e = gss_krb5_lookup_enctype(param->enctype);
52fe90151cSChuck Lever if (!gk5e)
53fe90151cSChuck Lever kunit_skip(test, "Encryption type is not available");
546eb6b8a4SChuck Lever
556eb6b8a4SChuck Lever derivedkey.data = kunit_kzalloc(test, param->expected_result->len,
566eb6b8a4SChuck Lever GFP_KERNEL);
576eb6b8a4SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, derivedkey.data);
586eb6b8a4SChuck Lever derivedkey.len = param->expected_result->len;
596eb6b8a4SChuck Lever
606eb6b8a4SChuck Lever /* Act */
616eb6b8a4SChuck Lever err = gk5e->derive_key(gk5e, param->base_key, &derivedkey,
626eb6b8a4SChuck Lever param->usage, GFP_KERNEL);
636eb6b8a4SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
646eb6b8a4SChuck Lever
656eb6b8a4SChuck Lever /* Assert */
666eb6b8a4SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
676eb6b8a4SChuck Lever memcmp(param->expected_result->data,
686eb6b8a4SChuck Lever derivedkey.data, derivedkey.len), 0,
696eb6b8a4SChuck Lever "key mismatch");
706eb6b8a4SChuck Lever }
716eb6b8a4SChuck Lever
checksum_case(struct kunit * test)7202142b2cSChuck Lever static void checksum_case(struct kunit *test)
7302142b2cSChuck Lever {
7402142b2cSChuck Lever const struct gss_krb5_test_param *param = test->param_value;
7502142b2cSChuck Lever struct xdr_buf buf = {
7602142b2cSChuck Lever .head[0].iov_len = param->plaintext->len,
7702142b2cSChuck Lever .len = param->plaintext->len,
7802142b2cSChuck Lever };
7902142b2cSChuck Lever const struct gss_krb5_enctype *gk5e;
8002142b2cSChuck Lever struct xdr_netobj Kc, checksum;
8102142b2cSChuck Lever struct crypto_ahash *tfm;
8202142b2cSChuck Lever int err;
8302142b2cSChuck Lever
8402142b2cSChuck Lever /* Arrange */
8502142b2cSChuck Lever gk5e = gss_krb5_lookup_enctype(param->enctype);
86fe90151cSChuck Lever if (!gk5e)
87fe90151cSChuck Lever kunit_skip(test, "Encryption type is not available");
8802142b2cSChuck Lever
8902142b2cSChuck Lever Kc.len = gk5e->Kc_length;
9002142b2cSChuck Lever Kc.data = kunit_kzalloc(test, Kc.len, GFP_KERNEL);
9102142b2cSChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, Kc.data);
9202142b2cSChuck Lever err = gk5e->derive_key(gk5e, param->base_key, &Kc,
9302142b2cSChuck Lever param->usage, GFP_KERNEL);
9402142b2cSChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
9502142b2cSChuck Lever
9602142b2cSChuck Lever tfm = crypto_alloc_ahash(gk5e->cksum_name, 0, CRYPTO_ALG_ASYNC);
9702142b2cSChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, tfm);
9802142b2cSChuck Lever err = crypto_ahash_setkey(tfm, Kc.data, Kc.len);
9902142b2cSChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
10002142b2cSChuck Lever
101*d5142519SChuck Lever buf.head[0].iov_base = kunit_kzalloc(test, buf.head[0].iov_len, GFP_KERNEL);
102*d5142519SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, buf.head[0].iov_base);
103*d5142519SChuck Lever memcpy(buf.head[0].iov_base, param->plaintext->data, buf.head[0].iov_len);
104*d5142519SChuck Lever
10502142b2cSChuck Lever checksum.len = gk5e->cksumlength;
10602142b2cSChuck Lever checksum.data = kunit_kzalloc(test, checksum.len, GFP_KERNEL);
10702142b2cSChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, checksum.data);
10802142b2cSChuck Lever
10902142b2cSChuck Lever /* Act */
11002142b2cSChuck Lever err = gss_krb5_checksum(tfm, NULL, 0, &buf, 0, &checksum);
11102142b2cSChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
11202142b2cSChuck Lever
11302142b2cSChuck Lever /* Assert */
11402142b2cSChuck Lever KUNIT_EXPECT_EQ_MSG(test,
11502142b2cSChuck Lever memcmp(param->expected_result->data,
11602142b2cSChuck Lever checksum.data, checksum.len), 0,
11702142b2cSChuck Lever "checksum mismatch");
11802142b2cSChuck Lever
11902142b2cSChuck Lever crypto_free_ahash(tfm);
12002142b2cSChuck Lever }
12102142b2cSChuck Lever
122eebd8c2dSChuck Lever #define DEFINE_HEX_XDR_NETOBJ(name, hex_array...) \
123eebd8c2dSChuck Lever static const u8 name ## _data[] = { hex_array }; \
124eebd8c2dSChuck Lever static const struct xdr_netobj name = { \
125eebd8c2dSChuck Lever .data = (u8 *)name##_data, \
126eebd8c2dSChuck Lever .len = sizeof(name##_data), \
127eebd8c2dSChuck Lever }
128eebd8c2dSChuck Lever
12902142b2cSChuck Lever #define DEFINE_STR_XDR_NETOBJ(name, string) \
13002142b2cSChuck Lever static const u8 name ## _str[] = string; \
13102142b2cSChuck Lever static const struct xdr_netobj name = { \
13202142b2cSChuck Lever .data = (u8 *)name##_str, \
13302142b2cSChuck Lever .len = sizeof(name##_str) - 1, \
13402142b2cSChuck Lever }
13502142b2cSChuck Lever
136eebd8c2dSChuck Lever /*
137eebd8c2dSChuck Lever * RFC 3961 Appendix A.1. n-fold
138eebd8c2dSChuck Lever *
139eebd8c2dSChuck Lever * The n-fold function is defined in section 5.1 of RFC 3961.
140eebd8c2dSChuck Lever *
141eebd8c2dSChuck Lever * This test material is copyright (C) The Internet Society (2005).
142eebd8c2dSChuck Lever */
143eebd8c2dSChuck Lever
144eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test1_plaintext,
145eebd8c2dSChuck Lever 0x30, 0x31, 0x32, 0x33, 0x34, 0x35
146eebd8c2dSChuck Lever );
147eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test1_expected_result,
148eebd8c2dSChuck Lever 0xbe, 0x07, 0x26, 0x31, 0x27, 0x6b, 0x19, 0x55
149eebd8c2dSChuck Lever );
150eebd8c2dSChuck Lever
151eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test2_plaintext,
152eebd8c2dSChuck Lever 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64
153eebd8c2dSChuck Lever );
154eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test2_expected_result,
155eebd8c2dSChuck Lever 0x78, 0xa0, 0x7b, 0x6c, 0xaf, 0x85, 0xfa
156eebd8c2dSChuck Lever );
157eebd8c2dSChuck Lever
158eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test3_plaintext,
159eebd8c2dSChuck Lever 0x52, 0x6f, 0x75, 0x67, 0x68, 0x20, 0x43, 0x6f,
160eebd8c2dSChuck Lever 0x6e, 0x73, 0x65, 0x6e, 0x73, 0x75, 0x73, 0x2c,
161eebd8c2dSChuck Lever 0x20, 0x61, 0x6e, 0x64, 0x20, 0x52, 0x75, 0x6e,
162eebd8c2dSChuck Lever 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x43, 0x6f, 0x64,
163eebd8c2dSChuck Lever 0x65
164eebd8c2dSChuck Lever );
165eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test3_expected_result,
166eebd8c2dSChuck Lever 0xbb, 0x6e, 0xd3, 0x08, 0x70, 0xb7, 0xf0, 0xe0
167eebd8c2dSChuck Lever );
168eebd8c2dSChuck Lever
169eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test4_plaintext,
170eebd8c2dSChuck Lever 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64
171eebd8c2dSChuck Lever );
172eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test4_expected_result,
173eebd8c2dSChuck Lever 0x59, 0xe4, 0xa8, 0xca, 0x7c, 0x03, 0x85, 0xc3,
174eebd8c2dSChuck Lever 0xc3, 0x7b, 0x3f, 0x6d, 0x20, 0x00, 0x24, 0x7c,
175eebd8c2dSChuck Lever 0xb6, 0xe6, 0xbd, 0x5b, 0x3e
176eebd8c2dSChuck Lever );
177eebd8c2dSChuck Lever
178eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test5_plaintext,
179eebd8c2dSChuck Lever 0x4d, 0x41, 0x53, 0x53, 0x41, 0x43, 0x48, 0x56,
180eebd8c2dSChuck Lever 0x53, 0x45, 0x54, 0x54, 0x53, 0x20, 0x49, 0x4e,
181eebd8c2dSChuck Lever 0x53, 0x54, 0x49, 0x54, 0x56, 0x54, 0x45, 0x20,
182eebd8c2dSChuck Lever 0x4f, 0x46, 0x20, 0x54, 0x45, 0x43, 0x48, 0x4e,
183eebd8c2dSChuck Lever 0x4f, 0x4c, 0x4f, 0x47, 0x59
184eebd8c2dSChuck Lever );
185eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test5_expected_result,
186eebd8c2dSChuck Lever 0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60,
187eebd8c2dSChuck Lever 0x32, 0x82, 0xb3, 0x08, 0xa5, 0x08, 0x41, 0x22,
188eebd8c2dSChuck Lever 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54, 0x0c, 0x1b
189eebd8c2dSChuck Lever );
190eebd8c2dSChuck Lever
191eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test6_plaintext,
192eebd8c2dSChuck Lever 0x51
193eebd8c2dSChuck Lever );
194eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test6_expected_result,
195eebd8c2dSChuck Lever 0x51, 0x8a, 0x54, 0xa2, 0x15, 0xa8, 0x45, 0x2a,
196eebd8c2dSChuck Lever 0x51, 0x8a, 0x54, 0xa2, 0x15, 0xa8, 0x45, 0x2a,
197eebd8c2dSChuck Lever 0x51, 0x8a, 0x54, 0xa2, 0x15
198eebd8c2dSChuck Lever );
199eebd8c2dSChuck Lever
200eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test7_plaintext,
201eebd8c2dSChuck Lever 0x62, 0x61
202eebd8c2dSChuck Lever );
203eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test7_expected_result,
204eebd8c2dSChuck Lever 0xfb, 0x25, 0xd5, 0x31, 0xae, 0x89, 0x74, 0x49,
205eebd8c2dSChuck Lever 0x9f, 0x52, 0xfd, 0x92, 0xea, 0x98, 0x57, 0xc4,
206eebd8c2dSChuck Lever 0xba, 0x24, 0xcf, 0x29, 0x7e
207eebd8c2dSChuck Lever );
208eebd8c2dSChuck Lever
209eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test_kerberos,
210eebd8c2dSChuck Lever 0x6b, 0x65, 0x72, 0x62, 0x65, 0x72, 0x6f, 0x73
211eebd8c2dSChuck Lever );
212eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test8_expected_result,
213eebd8c2dSChuck Lever 0x6b, 0x65, 0x72, 0x62, 0x65, 0x72, 0x6f, 0x73
214eebd8c2dSChuck Lever );
215eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test9_expected_result,
216eebd8c2dSChuck Lever 0x6b, 0x65, 0x72, 0x62, 0x65, 0x72, 0x6f, 0x73,
217eebd8c2dSChuck Lever 0x7b, 0x9b, 0x5b, 0x2b, 0x93, 0x13, 0x2b, 0x93
218eebd8c2dSChuck Lever );
219eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test10_expected_result,
220eebd8c2dSChuck Lever 0x83, 0x72, 0xc2, 0x36, 0x34, 0x4e, 0x5f, 0x15,
221eebd8c2dSChuck Lever 0x50, 0xcd, 0x07, 0x47, 0xe1, 0x5d, 0x62, 0xca,
222eebd8c2dSChuck Lever 0x7a, 0x5a, 0x3b, 0xce, 0xa4
223eebd8c2dSChuck Lever );
224eebd8c2dSChuck Lever DEFINE_HEX_XDR_NETOBJ(nfold_test11_expected_result,
225eebd8c2dSChuck Lever 0x6b, 0x65, 0x72, 0x62, 0x65, 0x72, 0x6f, 0x73,
226eebd8c2dSChuck Lever 0x7b, 0x9b, 0x5b, 0x2b, 0x93, 0x13, 0x2b, 0x93,
227eebd8c2dSChuck Lever 0x5c, 0x9b, 0xdc, 0xda, 0xd9, 0x5c, 0x98, 0x99,
228eebd8c2dSChuck Lever 0xc4, 0xca, 0xe4, 0xde, 0xe6, 0xd6, 0xca, 0xe4
229eebd8c2dSChuck Lever );
230eebd8c2dSChuck Lever
231eebd8c2dSChuck Lever static const struct gss_krb5_test_param rfc3961_nfold_test_params[] = {
232eebd8c2dSChuck Lever {
233eebd8c2dSChuck Lever .desc = "64-fold(\"012345\")",
234eebd8c2dSChuck Lever .nfold = 64,
235eebd8c2dSChuck Lever .plaintext = &nfold_test1_plaintext,
236eebd8c2dSChuck Lever .expected_result = &nfold_test1_expected_result,
237eebd8c2dSChuck Lever },
238eebd8c2dSChuck Lever {
239eebd8c2dSChuck Lever .desc = "56-fold(\"password\")",
240eebd8c2dSChuck Lever .nfold = 56,
241eebd8c2dSChuck Lever .plaintext = &nfold_test2_plaintext,
242eebd8c2dSChuck Lever .expected_result = &nfold_test2_expected_result,
243eebd8c2dSChuck Lever },
244eebd8c2dSChuck Lever {
245eebd8c2dSChuck Lever .desc = "64-fold(\"Rough Consensus, and Running Code\")",
246eebd8c2dSChuck Lever .nfold = 64,
247eebd8c2dSChuck Lever .plaintext = &nfold_test3_plaintext,
248eebd8c2dSChuck Lever .expected_result = &nfold_test3_expected_result,
249eebd8c2dSChuck Lever },
250eebd8c2dSChuck Lever {
251eebd8c2dSChuck Lever .desc = "168-fold(\"password\")",
252eebd8c2dSChuck Lever .nfold = 168,
253eebd8c2dSChuck Lever .plaintext = &nfold_test4_plaintext,
254eebd8c2dSChuck Lever .expected_result = &nfold_test4_expected_result,
255eebd8c2dSChuck Lever },
256eebd8c2dSChuck Lever {
257eebd8c2dSChuck Lever .desc = "192-fold(\"MASSACHVSETTS INSTITVTE OF TECHNOLOGY\")",
258eebd8c2dSChuck Lever .nfold = 192,
259eebd8c2dSChuck Lever .plaintext = &nfold_test5_plaintext,
260eebd8c2dSChuck Lever .expected_result = &nfold_test5_expected_result,
261eebd8c2dSChuck Lever },
262eebd8c2dSChuck Lever {
263eebd8c2dSChuck Lever .desc = "168-fold(\"Q\")",
264eebd8c2dSChuck Lever .nfold = 168,
265eebd8c2dSChuck Lever .plaintext = &nfold_test6_plaintext,
266eebd8c2dSChuck Lever .expected_result = &nfold_test6_expected_result,
267eebd8c2dSChuck Lever },
268eebd8c2dSChuck Lever {
269eebd8c2dSChuck Lever .desc = "168-fold(\"ba\")",
270eebd8c2dSChuck Lever .nfold = 168,
271eebd8c2dSChuck Lever .plaintext = &nfold_test7_plaintext,
272eebd8c2dSChuck Lever .expected_result = &nfold_test7_expected_result,
273eebd8c2dSChuck Lever },
274eebd8c2dSChuck Lever {
275eebd8c2dSChuck Lever .desc = "64-fold(\"kerberos\")",
276eebd8c2dSChuck Lever .nfold = 64,
277eebd8c2dSChuck Lever .plaintext = &nfold_test_kerberos,
278eebd8c2dSChuck Lever .expected_result = &nfold_test8_expected_result,
279eebd8c2dSChuck Lever },
280eebd8c2dSChuck Lever {
281eebd8c2dSChuck Lever .desc = "128-fold(\"kerberos\")",
282eebd8c2dSChuck Lever .nfold = 128,
283eebd8c2dSChuck Lever .plaintext = &nfold_test_kerberos,
284eebd8c2dSChuck Lever .expected_result = &nfold_test9_expected_result,
285eebd8c2dSChuck Lever },
286eebd8c2dSChuck Lever {
287eebd8c2dSChuck Lever .desc = "168-fold(\"kerberos\")",
288eebd8c2dSChuck Lever .nfold = 168,
289eebd8c2dSChuck Lever .plaintext = &nfold_test_kerberos,
290eebd8c2dSChuck Lever .expected_result = &nfold_test10_expected_result,
291eebd8c2dSChuck Lever },
292eebd8c2dSChuck Lever {
293eebd8c2dSChuck Lever .desc = "256-fold(\"kerberos\")",
294eebd8c2dSChuck Lever .nfold = 256,
295eebd8c2dSChuck Lever .plaintext = &nfold_test_kerberos,
296eebd8c2dSChuck Lever .expected_result = &nfold_test11_expected_result,
297eebd8c2dSChuck Lever },
298eebd8c2dSChuck Lever };
299eebd8c2dSChuck Lever
300eebd8c2dSChuck Lever /* Creates the function rfc3961_nfold_gen_params */
301eebd8c2dSChuck Lever KUNIT_ARRAY_PARAM(rfc3961_nfold, rfc3961_nfold_test_params, gss_krb5_get_desc);
302eebd8c2dSChuck Lever
rfc3961_nfold_case(struct kunit * test)303eebd8c2dSChuck Lever static void rfc3961_nfold_case(struct kunit *test)
304eebd8c2dSChuck Lever {
305eebd8c2dSChuck Lever const struct gss_krb5_test_param *param = test->param_value;
306eebd8c2dSChuck Lever u8 *result;
307eebd8c2dSChuck Lever
308eebd8c2dSChuck Lever /* Arrange */
309eebd8c2dSChuck Lever result = kunit_kzalloc(test, 4096, GFP_KERNEL);
310eebd8c2dSChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, result);
311eebd8c2dSChuck Lever
312eebd8c2dSChuck Lever /* Act */
313eebd8c2dSChuck Lever krb5_nfold(param->plaintext->len * 8, param->plaintext->data,
314eebd8c2dSChuck Lever param->expected_result->len * 8, result);
315eebd8c2dSChuck Lever
316eebd8c2dSChuck Lever /* Assert */
317eebd8c2dSChuck Lever KUNIT_EXPECT_EQ_MSG(test,
318eebd8c2dSChuck Lever memcmp(param->expected_result->data,
319eebd8c2dSChuck Lever result, param->expected_result->len), 0,
320eebd8c2dSChuck Lever "result mismatch");
321eebd8c2dSChuck Lever }
322eebd8c2dSChuck Lever
323eebd8c2dSChuck Lever static struct kunit_case rfc3961_test_cases[] = {
324eebd8c2dSChuck Lever {
325eebd8c2dSChuck Lever .name = "RFC 3961 n-fold",
326eebd8c2dSChuck Lever .run_case = rfc3961_nfold_case,
327eebd8c2dSChuck Lever .generate_params = rfc3961_nfold_gen_params,
328eebd8c2dSChuck Lever },
329fb5b855dSChuck Lever {}
330eebd8c2dSChuck Lever };
331eebd8c2dSChuck Lever
332eebd8c2dSChuck Lever static struct kunit_suite rfc3961_suite = {
333eebd8c2dSChuck Lever .name = "RFC 3961 tests",
334eebd8c2dSChuck Lever .test_cases = rfc3961_test_cases,
335eebd8c2dSChuck Lever };
336eebd8c2dSChuck Lever
337e1a9a384SChuck Lever /*
338e1a9a384SChuck Lever * From RFC 3962 Appendix B: Sample Test Vectors
339e1a9a384SChuck Lever *
340e1a9a384SChuck Lever * Some test vectors for CBC with ciphertext stealing, using an
341e1a9a384SChuck Lever * initial vector of all-zero.
342e1a9a384SChuck Lever *
343e1a9a384SChuck Lever * This test material is copyright (C) The Internet Society (2005).
344e1a9a384SChuck Lever */
345e1a9a384SChuck Lever
346e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_encryption_key,
347e1a9a384SChuck Lever 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
348e1a9a384SChuck Lever 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
349e1a9a384SChuck Lever );
350e1a9a384SChuck Lever
351e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test1_plaintext,
352e1a9a384SChuck Lever 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
353e1a9a384SChuck Lever 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
354e1a9a384SChuck Lever 0x20
355e1a9a384SChuck Lever );
356e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test1_expected_result,
357e1a9a384SChuck Lever 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
358e1a9a384SChuck Lever 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
359e1a9a384SChuck Lever 0x97
360e1a9a384SChuck Lever );
361e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test1_next_iv,
362e1a9a384SChuck Lever 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
363e1a9a384SChuck Lever 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f
364e1a9a384SChuck Lever );
365e1a9a384SChuck Lever
366e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test2_plaintext,
367e1a9a384SChuck Lever 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
368e1a9a384SChuck Lever 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
369e1a9a384SChuck Lever 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
370e1a9a384SChuck Lever 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
371e1a9a384SChuck Lever );
372e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test2_expected_result,
373e1a9a384SChuck Lever 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
374e1a9a384SChuck Lever 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
375e1a9a384SChuck Lever 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
376e1a9a384SChuck Lever 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
377e1a9a384SChuck Lever );
378e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test2_next_iv,
379e1a9a384SChuck Lever 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
380e1a9a384SChuck Lever 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22
381e1a9a384SChuck Lever );
382e1a9a384SChuck Lever
383e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test3_plaintext,
384e1a9a384SChuck Lever 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
385e1a9a384SChuck Lever 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
386e1a9a384SChuck Lever 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
387e1a9a384SChuck Lever 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43
388e1a9a384SChuck Lever );
389e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test3_expected_result,
390e1a9a384SChuck Lever 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
391e1a9a384SChuck Lever 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
392e1a9a384SChuck Lever 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
393e1a9a384SChuck Lever 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
394e1a9a384SChuck Lever );
395e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test3_next_iv,
396e1a9a384SChuck Lever 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
397e1a9a384SChuck Lever 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
398e1a9a384SChuck Lever );
399e1a9a384SChuck Lever
400e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test4_plaintext,
401e1a9a384SChuck Lever 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
402e1a9a384SChuck Lever 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
403e1a9a384SChuck Lever 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
404e1a9a384SChuck Lever 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
405e1a9a384SChuck Lever 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
406e1a9a384SChuck Lever 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c
407e1a9a384SChuck Lever );
408e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test4_expected_result,
409e1a9a384SChuck Lever 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
410e1a9a384SChuck Lever 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
411e1a9a384SChuck Lever 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
412e1a9a384SChuck Lever 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
413e1a9a384SChuck Lever 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
414e1a9a384SChuck Lever 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
415e1a9a384SChuck Lever );
416e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test4_next_iv,
417e1a9a384SChuck Lever 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
418e1a9a384SChuck Lever 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e
419e1a9a384SChuck Lever );
420e1a9a384SChuck Lever
421e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test5_plaintext,
422e1a9a384SChuck Lever 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
423e1a9a384SChuck Lever 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
424e1a9a384SChuck Lever 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
425e1a9a384SChuck Lever 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
426e1a9a384SChuck Lever 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
427e1a9a384SChuck Lever 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20
428e1a9a384SChuck Lever );
429e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test5_expected_result,
430e1a9a384SChuck Lever 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
431e1a9a384SChuck Lever 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
432e1a9a384SChuck Lever 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
433e1a9a384SChuck Lever 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
434e1a9a384SChuck Lever 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
435e1a9a384SChuck Lever 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
436e1a9a384SChuck Lever );
437e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test5_next_iv,
438e1a9a384SChuck Lever 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
439e1a9a384SChuck Lever 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
440e1a9a384SChuck Lever );
441e1a9a384SChuck Lever
442e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test6_plaintext,
443e1a9a384SChuck Lever 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
444e1a9a384SChuck Lever 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
445e1a9a384SChuck Lever 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
446e1a9a384SChuck Lever 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
447e1a9a384SChuck Lever 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
448e1a9a384SChuck Lever 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
449e1a9a384SChuck Lever 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
450e1a9a384SChuck Lever 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e
451e1a9a384SChuck Lever );
452e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test6_expected_result,
453e1a9a384SChuck Lever 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
454e1a9a384SChuck Lever 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
455e1a9a384SChuck Lever 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
456e1a9a384SChuck Lever 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
457e1a9a384SChuck Lever 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
458e1a9a384SChuck Lever 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
459e1a9a384SChuck Lever 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
460e1a9a384SChuck Lever 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
461e1a9a384SChuck Lever );
462e1a9a384SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc3962_enc_test6_next_iv,
463e1a9a384SChuck Lever 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
464e1a9a384SChuck Lever 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40
465e1a9a384SChuck Lever );
466e1a9a384SChuck Lever
467e1a9a384SChuck Lever static const struct gss_krb5_test_param rfc3962_encrypt_test_params[] = {
468e1a9a384SChuck Lever {
469e1a9a384SChuck Lever .desc = "Encrypt with aes128-cts-hmac-sha1-96 case 1",
470e1a9a384SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA1_96,
471e1a9a384SChuck Lever .Ke = &rfc3962_encryption_key,
472e1a9a384SChuck Lever .plaintext = &rfc3962_enc_test1_plaintext,
473e1a9a384SChuck Lever .expected_result = &rfc3962_enc_test1_expected_result,
474e1a9a384SChuck Lever .next_iv = &rfc3962_enc_test1_next_iv,
475e1a9a384SChuck Lever },
476e1a9a384SChuck Lever {
477e1a9a384SChuck Lever .desc = "Encrypt with aes128-cts-hmac-sha1-96 case 2",
478e1a9a384SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA1_96,
479e1a9a384SChuck Lever .Ke = &rfc3962_encryption_key,
480e1a9a384SChuck Lever .plaintext = &rfc3962_enc_test2_plaintext,
481e1a9a384SChuck Lever .expected_result = &rfc3962_enc_test2_expected_result,
482e1a9a384SChuck Lever .next_iv = &rfc3962_enc_test2_next_iv,
483e1a9a384SChuck Lever },
484e1a9a384SChuck Lever {
485e1a9a384SChuck Lever .desc = "Encrypt with aes128-cts-hmac-sha1-96 case 3",
486e1a9a384SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA1_96,
487e1a9a384SChuck Lever .Ke = &rfc3962_encryption_key,
488e1a9a384SChuck Lever .plaintext = &rfc3962_enc_test3_plaintext,
489e1a9a384SChuck Lever .expected_result = &rfc3962_enc_test3_expected_result,
490e1a9a384SChuck Lever .next_iv = &rfc3962_enc_test3_next_iv,
491e1a9a384SChuck Lever },
492e1a9a384SChuck Lever {
493e1a9a384SChuck Lever .desc = "Encrypt with aes128-cts-hmac-sha1-96 case 4",
494e1a9a384SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA1_96,
495e1a9a384SChuck Lever .Ke = &rfc3962_encryption_key,
496e1a9a384SChuck Lever .plaintext = &rfc3962_enc_test4_plaintext,
497e1a9a384SChuck Lever .expected_result = &rfc3962_enc_test4_expected_result,
498e1a9a384SChuck Lever .next_iv = &rfc3962_enc_test4_next_iv,
499e1a9a384SChuck Lever },
500e1a9a384SChuck Lever {
501e1a9a384SChuck Lever .desc = "Encrypt with aes128-cts-hmac-sha1-96 case 5",
502e1a9a384SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA1_96,
503e1a9a384SChuck Lever .Ke = &rfc3962_encryption_key,
504e1a9a384SChuck Lever .plaintext = &rfc3962_enc_test5_plaintext,
505e1a9a384SChuck Lever .expected_result = &rfc3962_enc_test5_expected_result,
506e1a9a384SChuck Lever .next_iv = &rfc3962_enc_test5_next_iv,
507e1a9a384SChuck Lever },
508e1a9a384SChuck Lever {
509e1a9a384SChuck Lever .desc = "Encrypt with aes128-cts-hmac-sha1-96 case 6",
510e1a9a384SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA1_96,
511e1a9a384SChuck Lever .Ke = &rfc3962_encryption_key,
512e1a9a384SChuck Lever .plaintext = &rfc3962_enc_test6_plaintext,
513e1a9a384SChuck Lever .expected_result = &rfc3962_enc_test6_expected_result,
514e1a9a384SChuck Lever .next_iv = &rfc3962_enc_test6_next_iv,
515e1a9a384SChuck Lever },
516e1a9a384SChuck Lever };
517e1a9a384SChuck Lever
518e1a9a384SChuck Lever /* Creates the function rfc3962_encrypt_gen_params */
519e1a9a384SChuck Lever KUNIT_ARRAY_PARAM(rfc3962_encrypt, rfc3962_encrypt_test_params,
520e1a9a384SChuck Lever gss_krb5_get_desc);
521e1a9a384SChuck Lever
522e1a9a384SChuck Lever /*
523e1a9a384SChuck Lever * This tests the implementation of the encryption part of the mechanism.
524e1a9a384SChuck Lever * It does not apply a confounder or test the result of HMAC over the
525e1a9a384SChuck Lever * plaintext.
526e1a9a384SChuck Lever */
rfc3962_encrypt_case(struct kunit * test)527e1a9a384SChuck Lever static void rfc3962_encrypt_case(struct kunit *test)
528e1a9a384SChuck Lever {
529e1a9a384SChuck Lever const struct gss_krb5_test_param *param = test->param_value;
530e1a9a384SChuck Lever struct crypto_sync_skcipher *cts_tfm, *cbc_tfm;
531e1a9a384SChuck Lever const struct gss_krb5_enctype *gk5e;
532e1a9a384SChuck Lever struct xdr_buf buf;
533e1a9a384SChuck Lever void *iv, *text;
534e1a9a384SChuck Lever u32 err;
535e1a9a384SChuck Lever
536e1a9a384SChuck Lever /* Arrange */
537e1a9a384SChuck Lever gk5e = gss_krb5_lookup_enctype(param->enctype);
538fe90151cSChuck Lever if (!gk5e)
539fe90151cSChuck Lever kunit_skip(test, "Encryption type is not available");
540e1a9a384SChuck Lever
541e1a9a384SChuck Lever cbc_tfm = crypto_alloc_sync_skcipher(gk5e->aux_cipher, 0, 0);
542e1a9a384SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cbc_tfm);
543e1a9a384SChuck Lever err = crypto_sync_skcipher_setkey(cbc_tfm, param->Ke->data, param->Ke->len);
544e1a9a384SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
545e1a9a384SChuck Lever
546e1a9a384SChuck Lever cts_tfm = crypto_alloc_sync_skcipher(gk5e->encrypt_name, 0, 0);
547e1a9a384SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cts_tfm);
548e1a9a384SChuck Lever err = crypto_sync_skcipher_setkey(cts_tfm, param->Ke->data, param->Ke->len);
549e1a9a384SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
550e1a9a384SChuck Lever
551e1a9a384SChuck Lever iv = kunit_kzalloc(test, crypto_sync_skcipher_ivsize(cts_tfm), GFP_KERNEL);
552e1a9a384SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, iv);
553e1a9a384SChuck Lever
554e1a9a384SChuck Lever text = kunit_kzalloc(test, param->plaintext->len, GFP_KERNEL);
555e1a9a384SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, text);
556e1a9a384SChuck Lever
557e1a9a384SChuck Lever memcpy(text, param->plaintext->data, param->plaintext->len);
558e1a9a384SChuck Lever memset(&buf, 0, sizeof(buf));
559e1a9a384SChuck Lever buf.head[0].iov_base = text;
560e1a9a384SChuck Lever buf.head[0].iov_len = param->plaintext->len;
561e1a9a384SChuck Lever buf.len = buf.head[0].iov_len;
562e1a9a384SChuck Lever
563e1a9a384SChuck Lever /* Act */
564e1a9a384SChuck Lever err = krb5_cbc_cts_encrypt(cts_tfm, cbc_tfm, 0, &buf, NULL,
565e1a9a384SChuck Lever iv, crypto_sync_skcipher_ivsize(cts_tfm));
566e1a9a384SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
567e1a9a384SChuck Lever
568e1a9a384SChuck Lever /* Assert */
569e1a9a384SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
570e1a9a384SChuck Lever param->expected_result->len, buf.len,
571e1a9a384SChuck Lever "ciphertext length mismatch");
572e1a9a384SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
573e1a9a384SChuck Lever memcmp(param->expected_result->data,
574e1a9a384SChuck Lever text, param->expected_result->len), 0,
575e1a9a384SChuck Lever "ciphertext mismatch");
576e1a9a384SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
577e1a9a384SChuck Lever memcmp(param->next_iv->data, iv,
578e1a9a384SChuck Lever param->next_iv->len), 0,
579e1a9a384SChuck Lever "IV mismatch");
580e1a9a384SChuck Lever
581e1a9a384SChuck Lever crypto_free_sync_skcipher(cts_tfm);
582e1a9a384SChuck Lever crypto_free_sync_skcipher(cbc_tfm);
583e1a9a384SChuck Lever }
584e1a9a384SChuck Lever
585e1a9a384SChuck Lever static struct kunit_case rfc3962_test_cases[] = {
586e1a9a384SChuck Lever {
587e1a9a384SChuck Lever .name = "RFC 3962 encryption",
588e1a9a384SChuck Lever .run_case = rfc3962_encrypt_case,
589e1a9a384SChuck Lever .generate_params = rfc3962_encrypt_gen_params,
590e1a9a384SChuck Lever },
591fb5b855dSChuck Lever {}
592e1a9a384SChuck Lever };
593e1a9a384SChuck Lever
594e1a9a384SChuck Lever static struct kunit_suite rfc3962_suite = {
595e1a9a384SChuck Lever .name = "RFC 3962 suite",
596e1a9a384SChuck Lever .test_cases = rfc3962_test_cases,
597e1a9a384SChuck Lever };
598e1a9a384SChuck Lever
59935f6e42eSChuck Lever /*
60035f6e42eSChuck Lever * From RFC 6803 Section 10. Test vectors
60135f6e42eSChuck Lever *
60235f6e42eSChuck Lever * Sample results for key derivation
60335f6e42eSChuck Lever *
60435f6e42eSChuck Lever * Copyright (c) 2012 IETF Trust and the persons identified as the
60535f6e42eSChuck Lever * document authors. All rights reserved.
60635f6e42eSChuck Lever */
60735f6e42eSChuck Lever
60835f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(camellia128_cts_cmac_basekey,
60935f6e42eSChuck Lever 0x57, 0xd0, 0x29, 0x72, 0x98, 0xff, 0xd9, 0xd3,
61035f6e42eSChuck Lever 0x5d, 0xe5, 0xa4, 0x7f, 0xb4, 0xbd, 0xe2, 0x4b
61135f6e42eSChuck Lever );
61235f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(camellia128_cts_cmac_Kc,
61335f6e42eSChuck Lever 0xd1, 0x55, 0x77, 0x5a, 0x20, 0x9d, 0x05, 0xf0,
61435f6e42eSChuck Lever 0x2b, 0x38, 0xd4, 0x2a, 0x38, 0x9e, 0x5a, 0x56
61535f6e42eSChuck Lever );
61635f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(camellia128_cts_cmac_Ke,
61735f6e42eSChuck Lever 0x64, 0xdf, 0x83, 0xf8, 0x5a, 0x53, 0x2f, 0x17,
61835f6e42eSChuck Lever 0x57, 0x7d, 0x8c, 0x37, 0x03, 0x57, 0x96, 0xab
61935f6e42eSChuck Lever );
62035f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(camellia128_cts_cmac_Ki,
62135f6e42eSChuck Lever 0x3e, 0x4f, 0xbd, 0xf3, 0x0f, 0xb8, 0x25, 0x9c,
62235f6e42eSChuck Lever 0x42, 0x5c, 0xb6, 0xc9, 0x6f, 0x1f, 0x46, 0x35
62335f6e42eSChuck Lever );
62435f6e42eSChuck Lever
62535f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(camellia256_cts_cmac_basekey,
62635f6e42eSChuck Lever 0xb9, 0xd6, 0x82, 0x8b, 0x20, 0x56, 0xb7, 0xbe,
62735f6e42eSChuck Lever 0x65, 0x6d, 0x88, 0xa1, 0x23, 0xb1, 0xfa, 0xc6,
62835f6e42eSChuck Lever 0x82, 0x14, 0xac, 0x2b, 0x72, 0x7e, 0xcf, 0x5f,
62935f6e42eSChuck Lever 0x69, 0xaf, 0xe0, 0xc4, 0xdf, 0x2a, 0x6d, 0x2c
63035f6e42eSChuck Lever );
63135f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(camellia256_cts_cmac_Kc,
63235f6e42eSChuck Lever 0xe4, 0x67, 0xf9, 0xa9, 0x55, 0x2b, 0xc7, 0xd3,
63335f6e42eSChuck Lever 0x15, 0x5a, 0x62, 0x20, 0xaf, 0x9c, 0x19, 0x22,
63435f6e42eSChuck Lever 0x0e, 0xee, 0xd4, 0xff, 0x78, 0xb0, 0xd1, 0xe6,
63535f6e42eSChuck Lever 0xa1, 0x54, 0x49, 0x91, 0x46, 0x1a, 0x9e, 0x50
63635f6e42eSChuck Lever );
63735f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(camellia256_cts_cmac_Ke,
63835f6e42eSChuck Lever 0x41, 0x2a, 0xef, 0xc3, 0x62, 0xa7, 0x28, 0x5f,
63935f6e42eSChuck Lever 0xc3, 0x96, 0x6c, 0x6a, 0x51, 0x81, 0xe7, 0x60,
64035f6e42eSChuck Lever 0x5a, 0xe6, 0x75, 0x23, 0x5b, 0x6d, 0x54, 0x9f,
64135f6e42eSChuck Lever 0xbf, 0xc9, 0xab, 0x66, 0x30, 0xa4, 0xc6, 0x04
64235f6e42eSChuck Lever );
64335f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(camellia256_cts_cmac_Ki,
64435f6e42eSChuck Lever 0xfa, 0x62, 0x4f, 0xa0, 0xe5, 0x23, 0x99, 0x3f,
64535f6e42eSChuck Lever 0xa3, 0x88, 0xae, 0xfd, 0xc6, 0x7e, 0x67, 0xeb,
64635f6e42eSChuck Lever 0xcd, 0x8c, 0x08, 0xe8, 0xa0, 0x24, 0x6b, 0x1d,
64735f6e42eSChuck Lever 0x73, 0xb0, 0xd1, 0xdd, 0x9f, 0xc5, 0x82, 0xb0
64835f6e42eSChuck Lever );
64935f6e42eSChuck Lever
65035f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(usage_checksum,
65135f6e42eSChuck Lever 0x00, 0x00, 0x00, 0x02, KEY_USAGE_SEED_CHECKSUM
65235f6e42eSChuck Lever );
65335f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(usage_encryption,
65435f6e42eSChuck Lever 0x00, 0x00, 0x00, 0x02, KEY_USAGE_SEED_ENCRYPTION
65535f6e42eSChuck Lever );
65635f6e42eSChuck Lever DEFINE_HEX_XDR_NETOBJ(usage_integrity,
65735f6e42eSChuck Lever 0x00, 0x00, 0x00, 0x02, KEY_USAGE_SEED_INTEGRITY
65835f6e42eSChuck Lever );
65935f6e42eSChuck Lever
66035f6e42eSChuck Lever static const struct gss_krb5_test_param rfc6803_kdf_test_params[] = {
66135f6e42eSChuck Lever {
66235f6e42eSChuck Lever .desc = "Derive Kc subkey for camellia128-cts-cmac",
66335f6e42eSChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
66435f6e42eSChuck Lever .base_key = &camellia128_cts_cmac_basekey,
66535f6e42eSChuck Lever .usage = &usage_checksum,
66635f6e42eSChuck Lever .expected_result = &camellia128_cts_cmac_Kc,
66735f6e42eSChuck Lever },
66835f6e42eSChuck Lever {
66935f6e42eSChuck Lever .desc = "Derive Ke subkey for camellia128-cts-cmac",
67035f6e42eSChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
67135f6e42eSChuck Lever .base_key = &camellia128_cts_cmac_basekey,
67235f6e42eSChuck Lever .usage = &usage_encryption,
67335f6e42eSChuck Lever .expected_result = &camellia128_cts_cmac_Ke,
67435f6e42eSChuck Lever },
67535f6e42eSChuck Lever {
67635f6e42eSChuck Lever .desc = "Derive Ki subkey for camellia128-cts-cmac",
67735f6e42eSChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
67835f6e42eSChuck Lever .base_key = &camellia128_cts_cmac_basekey,
67935f6e42eSChuck Lever .usage = &usage_integrity,
68035f6e42eSChuck Lever .expected_result = &camellia128_cts_cmac_Ki,
68135f6e42eSChuck Lever },
68235f6e42eSChuck Lever {
68335f6e42eSChuck Lever .desc = "Derive Kc subkey for camellia256-cts-cmac",
68435f6e42eSChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
68535f6e42eSChuck Lever .base_key = &camellia256_cts_cmac_basekey,
68635f6e42eSChuck Lever .usage = &usage_checksum,
68735f6e42eSChuck Lever .expected_result = &camellia256_cts_cmac_Kc,
68835f6e42eSChuck Lever },
68935f6e42eSChuck Lever {
69035f6e42eSChuck Lever .desc = "Derive Ke subkey for camellia256-cts-cmac",
69135f6e42eSChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
69235f6e42eSChuck Lever .base_key = &camellia256_cts_cmac_basekey,
69335f6e42eSChuck Lever .usage = &usage_encryption,
69435f6e42eSChuck Lever .expected_result = &camellia256_cts_cmac_Ke,
69535f6e42eSChuck Lever },
69635f6e42eSChuck Lever {
69735f6e42eSChuck Lever .desc = "Derive Ki subkey for camellia256-cts-cmac",
69835f6e42eSChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
69935f6e42eSChuck Lever .base_key = &camellia256_cts_cmac_basekey,
70035f6e42eSChuck Lever .usage = &usage_integrity,
70135f6e42eSChuck Lever .expected_result = &camellia256_cts_cmac_Ki,
70235f6e42eSChuck Lever },
70335f6e42eSChuck Lever };
70435f6e42eSChuck Lever
70535f6e42eSChuck Lever /* Creates the function rfc6803_kdf_gen_params */
70635f6e42eSChuck Lever KUNIT_ARRAY_PARAM(rfc6803_kdf, rfc6803_kdf_test_params, gss_krb5_get_desc);
70735f6e42eSChuck Lever
70802142b2cSChuck Lever /*
70902142b2cSChuck Lever * From RFC 6803 Section 10. Test vectors
71002142b2cSChuck Lever *
71102142b2cSChuck Lever * Sample checksums.
71202142b2cSChuck Lever *
71302142b2cSChuck Lever * Copyright (c) 2012 IETF Trust and the persons identified as the
71402142b2cSChuck Lever * document authors. All rights reserved.
71502142b2cSChuck Lever *
71602142b2cSChuck Lever * XXX: These tests are likely to fail on EBCDIC or Unicode platforms.
71702142b2cSChuck Lever */
71802142b2cSChuck Lever DEFINE_STR_XDR_NETOBJ(rfc6803_checksum_test1_plaintext,
71902142b2cSChuck Lever "abcdefghijk");
72002142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test1_basekey,
72102142b2cSChuck Lever 0x1d, 0xc4, 0x6a, 0x8d, 0x76, 0x3f, 0x4f, 0x93,
72202142b2cSChuck Lever 0x74, 0x2b, 0xcb, 0xa3, 0x38, 0x75, 0x76, 0xc3
72302142b2cSChuck Lever );
72402142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test1_usage,
72502142b2cSChuck Lever 0x00, 0x00, 0x00, 0x07, KEY_USAGE_SEED_CHECKSUM
72602142b2cSChuck Lever );
72702142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test1_expected_result,
72802142b2cSChuck Lever 0x11, 0x78, 0xe6, 0xc5, 0xc4, 0x7a, 0x8c, 0x1a,
72902142b2cSChuck Lever 0xe0, 0xc4, 0xb9, 0xc7, 0xd4, 0xeb, 0x7b, 0x6b
73002142b2cSChuck Lever );
73102142b2cSChuck Lever
73202142b2cSChuck Lever DEFINE_STR_XDR_NETOBJ(rfc6803_checksum_test2_plaintext,
73302142b2cSChuck Lever "ABCDEFGHIJKLMNOPQRSTUVWXYZ");
73402142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test2_basekey,
73502142b2cSChuck Lever 0x50, 0x27, 0xbc, 0x23, 0x1d, 0x0f, 0x3a, 0x9d,
73602142b2cSChuck Lever 0x23, 0x33, 0x3f, 0x1c, 0xa6, 0xfd, 0xbe, 0x7c
73702142b2cSChuck Lever );
73802142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test2_usage,
73902142b2cSChuck Lever 0x00, 0x00, 0x00, 0x08, KEY_USAGE_SEED_CHECKSUM
74002142b2cSChuck Lever );
74102142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test2_expected_result,
74202142b2cSChuck Lever 0xd1, 0xb3, 0x4f, 0x70, 0x04, 0xa7, 0x31, 0xf2,
74302142b2cSChuck Lever 0x3a, 0x0c, 0x00, 0xbf, 0x6c, 0x3f, 0x75, 0x3a
74402142b2cSChuck Lever );
74502142b2cSChuck Lever
74602142b2cSChuck Lever DEFINE_STR_XDR_NETOBJ(rfc6803_checksum_test3_plaintext,
74702142b2cSChuck Lever "123456789");
74802142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test3_basekey,
74902142b2cSChuck Lever 0xb6, 0x1c, 0x86, 0xcc, 0x4e, 0x5d, 0x27, 0x57,
75002142b2cSChuck Lever 0x54, 0x5a, 0xd4, 0x23, 0x39, 0x9f, 0xb7, 0x03,
75102142b2cSChuck Lever 0x1e, 0xca, 0xb9, 0x13, 0xcb, 0xb9, 0x00, 0xbd,
75202142b2cSChuck Lever 0x7a, 0x3c, 0x6d, 0xd8, 0xbf, 0x92, 0x01, 0x5b
75302142b2cSChuck Lever );
75402142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test3_usage,
75502142b2cSChuck Lever 0x00, 0x00, 0x00, 0x09, KEY_USAGE_SEED_CHECKSUM
75602142b2cSChuck Lever );
75702142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test3_expected_result,
75802142b2cSChuck Lever 0x87, 0xa1, 0x2c, 0xfd, 0x2b, 0x96, 0x21, 0x48,
75902142b2cSChuck Lever 0x10, 0xf0, 0x1c, 0x82, 0x6e, 0x77, 0x44, 0xb1
76002142b2cSChuck Lever );
76102142b2cSChuck Lever
76202142b2cSChuck Lever DEFINE_STR_XDR_NETOBJ(rfc6803_checksum_test4_plaintext,
76302142b2cSChuck Lever "!@#$%^&*()!@#$%^&*()!@#$%^&*()");
76402142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test4_basekey,
76502142b2cSChuck Lever 0x32, 0x16, 0x4c, 0x5b, 0x43, 0x4d, 0x1d, 0x15,
76602142b2cSChuck Lever 0x38, 0xe4, 0xcf, 0xd9, 0xbe, 0x80, 0x40, 0xfe,
76702142b2cSChuck Lever 0x8c, 0x4a, 0xc7, 0xac, 0xc4, 0xb9, 0x3d, 0x33,
76802142b2cSChuck Lever 0x14, 0xd2, 0x13, 0x36, 0x68, 0x14, 0x7a, 0x05
76902142b2cSChuck Lever );
77002142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test4_usage,
77102142b2cSChuck Lever 0x00, 0x00, 0x00, 0x0a, KEY_USAGE_SEED_CHECKSUM
77202142b2cSChuck Lever );
77302142b2cSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_checksum_test4_expected_result,
77402142b2cSChuck Lever 0x3f, 0xa0, 0xb4, 0x23, 0x55, 0xe5, 0x2b, 0x18,
77502142b2cSChuck Lever 0x91, 0x87, 0x29, 0x4a, 0xa2, 0x52, 0xab, 0x64
77602142b2cSChuck Lever );
77702142b2cSChuck Lever
77802142b2cSChuck Lever static const struct gss_krb5_test_param rfc6803_checksum_test_params[] = {
77902142b2cSChuck Lever {
78002142b2cSChuck Lever .desc = "camellia128-cts-cmac checksum test 1",
78102142b2cSChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
78202142b2cSChuck Lever .base_key = &rfc6803_checksum_test1_basekey,
78302142b2cSChuck Lever .usage = &rfc6803_checksum_test1_usage,
78402142b2cSChuck Lever .plaintext = &rfc6803_checksum_test1_plaintext,
78502142b2cSChuck Lever .expected_result = &rfc6803_checksum_test1_expected_result,
78602142b2cSChuck Lever },
78702142b2cSChuck Lever {
78802142b2cSChuck Lever .desc = "camellia128-cts-cmac checksum test 2",
78902142b2cSChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
79002142b2cSChuck Lever .base_key = &rfc6803_checksum_test2_basekey,
79102142b2cSChuck Lever .usage = &rfc6803_checksum_test2_usage,
79202142b2cSChuck Lever .plaintext = &rfc6803_checksum_test2_plaintext,
79302142b2cSChuck Lever .expected_result = &rfc6803_checksum_test2_expected_result,
79402142b2cSChuck Lever },
79502142b2cSChuck Lever {
79602142b2cSChuck Lever .desc = "camellia256-cts-cmac checksum test 3",
79702142b2cSChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
79802142b2cSChuck Lever .base_key = &rfc6803_checksum_test3_basekey,
79902142b2cSChuck Lever .usage = &rfc6803_checksum_test3_usage,
80002142b2cSChuck Lever .plaintext = &rfc6803_checksum_test3_plaintext,
80102142b2cSChuck Lever .expected_result = &rfc6803_checksum_test3_expected_result,
80202142b2cSChuck Lever },
80302142b2cSChuck Lever {
80402142b2cSChuck Lever .desc = "camellia256-cts-cmac checksum test 4",
80502142b2cSChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
80602142b2cSChuck Lever .base_key = &rfc6803_checksum_test4_basekey,
80702142b2cSChuck Lever .usage = &rfc6803_checksum_test4_usage,
80802142b2cSChuck Lever .plaintext = &rfc6803_checksum_test4_plaintext,
80902142b2cSChuck Lever .expected_result = &rfc6803_checksum_test4_expected_result,
81002142b2cSChuck Lever },
81102142b2cSChuck Lever };
81202142b2cSChuck Lever
81302142b2cSChuck Lever /* Creates the function rfc6803_checksum_gen_params */
81402142b2cSChuck Lever KUNIT_ARRAY_PARAM(rfc6803_checksum, rfc6803_checksum_test_params,
81502142b2cSChuck Lever gss_krb5_get_desc);
81602142b2cSChuck Lever
817b958cff6SChuck Lever /*
818b958cff6SChuck Lever * From RFC 6803 Section 10. Test vectors
819b958cff6SChuck Lever *
820b958cff6SChuck Lever * Sample encryptions (all using the default cipher state)
821b958cff6SChuck Lever *
822b958cff6SChuck Lever * Copyright (c) 2012 IETF Trust and the persons identified as the
823b958cff6SChuck Lever * document authors. All rights reserved.
824b958cff6SChuck Lever *
825b958cff6SChuck Lever * Key usage values are from errata 4326 against RFC 6803.
826b958cff6SChuck Lever */
827b958cff6SChuck Lever
828b958cff6SChuck Lever static const struct xdr_netobj rfc6803_enc_empty_plaintext = {
829b958cff6SChuck Lever .len = 0,
830b958cff6SChuck Lever };
831b958cff6SChuck Lever
832b958cff6SChuck Lever DEFINE_STR_XDR_NETOBJ(rfc6803_enc_1byte_plaintext, "1");
833b958cff6SChuck Lever DEFINE_STR_XDR_NETOBJ(rfc6803_enc_9byte_plaintext, "9 bytesss");
834b958cff6SChuck Lever DEFINE_STR_XDR_NETOBJ(rfc6803_enc_13byte_plaintext, "13 bytes byte");
835b958cff6SChuck Lever DEFINE_STR_XDR_NETOBJ(rfc6803_enc_30byte_plaintext,
836b958cff6SChuck Lever "30 bytes bytes bytes bytes byt"
837b958cff6SChuck Lever );
838b958cff6SChuck Lever
839b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test1_confounder,
840b958cff6SChuck Lever 0xb6, 0x98, 0x22, 0xa1, 0x9a, 0x6b, 0x09, 0xc0,
841b958cff6SChuck Lever 0xeb, 0xc8, 0x55, 0x7d, 0x1f, 0x1b, 0x6c, 0x0a
842b958cff6SChuck Lever );
843b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test1_basekey,
844b958cff6SChuck Lever 0x1d, 0xc4, 0x6a, 0x8d, 0x76, 0x3f, 0x4f, 0x93,
845b958cff6SChuck Lever 0x74, 0x2b, 0xcb, 0xa3, 0x38, 0x75, 0x76, 0xc3
846b958cff6SChuck Lever );
847b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test1_expected_result,
848b958cff6SChuck Lever 0xc4, 0x66, 0xf1, 0x87, 0x10, 0x69, 0x92, 0x1e,
849b958cff6SChuck Lever 0xdb, 0x7c, 0x6f, 0xde, 0x24, 0x4a, 0x52, 0xdb,
850b958cff6SChuck Lever 0x0b, 0xa1, 0x0e, 0xdc, 0x19, 0x7b, 0xdb, 0x80,
851b958cff6SChuck Lever 0x06, 0x65, 0x8c, 0xa3, 0xcc, 0xce, 0x6e, 0xb8
852b958cff6SChuck Lever );
853b958cff6SChuck Lever
854b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test2_confounder,
855b958cff6SChuck Lever 0x6f, 0x2f, 0xc3, 0xc2, 0xa1, 0x66, 0xfd, 0x88,
856b958cff6SChuck Lever 0x98, 0x96, 0x7a, 0x83, 0xde, 0x95, 0x96, 0xd9
857b958cff6SChuck Lever );
858b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test2_basekey,
859b958cff6SChuck Lever 0x50, 0x27, 0xbc, 0x23, 0x1d, 0x0f, 0x3a, 0x9d,
860b958cff6SChuck Lever 0x23, 0x33, 0x3f, 0x1c, 0xa6, 0xfd, 0xbe, 0x7c
861b958cff6SChuck Lever );
862b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test2_expected_result,
863b958cff6SChuck Lever 0x84, 0x2d, 0x21, 0xfd, 0x95, 0x03, 0x11, 0xc0,
864b958cff6SChuck Lever 0xdd, 0x46, 0x4a, 0x3f, 0x4b, 0xe8, 0xd6, 0xda,
865b958cff6SChuck Lever 0x88, 0xa5, 0x6d, 0x55, 0x9c, 0x9b, 0x47, 0xd3,
866b958cff6SChuck Lever 0xf9, 0xa8, 0x50, 0x67, 0xaf, 0x66, 0x15, 0x59,
867b958cff6SChuck Lever 0xb8
868b958cff6SChuck Lever );
869b958cff6SChuck Lever
870b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test3_confounder,
871b958cff6SChuck Lever 0xa5, 0xb4, 0xa7, 0x1e, 0x07, 0x7a, 0xee, 0xf9,
872b958cff6SChuck Lever 0x3c, 0x87, 0x63, 0xc1, 0x8f, 0xdb, 0x1f, 0x10
873b958cff6SChuck Lever );
874b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test3_basekey,
875b958cff6SChuck Lever 0xa1, 0xbb, 0x61, 0xe8, 0x05, 0xf9, 0xba, 0x6d,
876b958cff6SChuck Lever 0xde, 0x8f, 0xdb, 0xdd, 0xc0, 0x5c, 0xde, 0xa0
877b958cff6SChuck Lever );
878b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test3_expected_result,
879b958cff6SChuck Lever 0x61, 0x9f, 0xf0, 0x72, 0xe3, 0x62, 0x86, 0xff,
880b958cff6SChuck Lever 0x0a, 0x28, 0xde, 0xb3, 0xa3, 0x52, 0xec, 0x0d,
881b958cff6SChuck Lever 0x0e, 0xdf, 0x5c, 0x51, 0x60, 0xd6, 0x63, 0xc9,
882b958cff6SChuck Lever 0x01, 0x75, 0x8c, 0xcf, 0x9d, 0x1e, 0xd3, 0x3d,
883b958cff6SChuck Lever 0x71, 0xdb, 0x8f, 0x23, 0xaa, 0xbf, 0x83, 0x48,
884b958cff6SChuck Lever 0xa0
885b958cff6SChuck Lever );
886b958cff6SChuck Lever
887b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test4_confounder,
888b958cff6SChuck Lever 0x19, 0xfe, 0xe4, 0x0d, 0x81, 0x0c, 0x52, 0x4b,
889b958cff6SChuck Lever 0x5b, 0x22, 0xf0, 0x18, 0x74, 0xc6, 0x93, 0xda
890b958cff6SChuck Lever );
891b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test4_basekey,
892b958cff6SChuck Lever 0x2c, 0xa2, 0x7a, 0x5f, 0xaf, 0x55, 0x32, 0x24,
893b958cff6SChuck Lever 0x45, 0x06, 0x43, 0x4e, 0x1c, 0xef, 0x66, 0x76
894b958cff6SChuck Lever );
895b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test4_expected_result,
896b958cff6SChuck Lever 0xb8, 0xec, 0xa3, 0x16, 0x7a, 0xe6, 0x31, 0x55,
897b958cff6SChuck Lever 0x12, 0xe5, 0x9f, 0x98, 0xa7, 0xc5, 0x00, 0x20,
898b958cff6SChuck Lever 0x5e, 0x5f, 0x63, 0xff, 0x3b, 0xb3, 0x89, 0xaf,
899b958cff6SChuck Lever 0x1c, 0x41, 0xa2, 0x1d, 0x64, 0x0d, 0x86, 0x15,
900b958cff6SChuck Lever 0xc9, 0xed, 0x3f, 0xbe, 0xb0, 0x5a, 0xb6, 0xac,
901b958cff6SChuck Lever 0xb6, 0x76, 0x89, 0xb5, 0xea
902b958cff6SChuck Lever );
903b958cff6SChuck Lever
904b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test5_confounder,
905b958cff6SChuck Lever 0xca, 0x7a, 0x7a, 0xb4, 0xbe, 0x19, 0x2d, 0xab,
906b958cff6SChuck Lever 0xd6, 0x03, 0x50, 0x6d, 0xb1, 0x9c, 0x39, 0xe2
907b958cff6SChuck Lever );
908b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test5_basekey,
909b958cff6SChuck Lever 0x78, 0x24, 0xf8, 0xc1, 0x6f, 0x83, 0xff, 0x35,
910b958cff6SChuck Lever 0x4c, 0x6b, 0xf7, 0x51, 0x5b, 0x97, 0x3f, 0x43
911b958cff6SChuck Lever );
912b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test5_expected_result,
913b958cff6SChuck Lever 0xa2, 0x6a, 0x39, 0x05, 0xa4, 0xff, 0xd5, 0x81,
914b958cff6SChuck Lever 0x6b, 0x7b, 0x1e, 0x27, 0x38, 0x0d, 0x08, 0x09,
915b958cff6SChuck Lever 0x0c, 0x8e, 0xc1, 0xf3, 0x04, 0x49, 0x6e, 0x1a,
916b958cff6SChuck Lever 0xbd, 0xcd, 0x2b, 0xdc, 0xd1, 0xdf, 0xfc, 0x66,
917b958cff6SChuck Lever 0x09, 0x89, 0xe1, 0x17, 0xa7, 0x13, 0xdd, 0xbb,
918b958cff6SChuck Lever 0x57, 0xa4, 0x14, 0x6c, 0x15, 0x87, 0xcb, 0xa4,
919b958cff6SChuck Lever 0x35, 0x66, 0x65, 0x59, 0x1d, 0x22, 0x40, 0x28,
920b958cff6SChuck Lever 0x2f, 0x58, 0x42, 0xb1, 0x05, 0xa5
921b958cff6SChuck Lever );
922b958cff6SChuck Lever
923b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test6_confounder,
924b958cff6SChuck Lever 0x3c, 0xbb, 0xd2, 0xb4, 0x59, 0x17, 0x94, 0x10,
925b958cff6SChuck Lever 0x67, 0xf9, 0x65, 0x99, 0xbb, 0x98, 0x92, 0x6c
926b958cff6SChuck Lever );
927b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test6_basekey,
928b958cff6SChuck Lever 0xb6, 0x1c, 0x86, 0xcc, 0x4e, 0x5d, 0x27, 0x57,
929b958cff6SChuck Lever 0x54, 0x5a, 0xd4, 0x23, 0x39, 0x9f, 0xb7, 0x03,
930b958cff6SChuck Lever 0x1e, 0xca, 0xb9, 0x13, 0xcb, 0xb9, 0x00, 0xbd,
931b958cff6SChuck Lever 0x7a, 0x3c, 0x6d, 0xd8, 0xbf, 0x92, 0x01, 0x5b
932b958cff6SChuck Lever );
933b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test6_expected_result,
934b958cff6SChuck Lever 0x03, 0x88, 0x6d, 0x03, 0x31, 0x0b, 0x47, 0xa6,
935b958cff6SChuck Lever 0xd8, 0xf0, 0x6d, 0x7b, 0x94, 0xd1, 0xdd, 0x83,
936b958cff6SChuck Lever 0x7e, 0xcc, 0xe3, 0x15, 0xef, 0x65, 0x2a, 0xff,
937b958cff6SChuck Lever 0x62, 0x08, 0x59, 0xd9, 0x4a, 0x25, 0x92, 0x66
938b958cff6SChuck Lever );
939b958cff6SChuck Lever
940b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test7_confounder,
941b958cff6SChuck Lever 0xde, 0xf4, 0x87, 0xfc, 0xeb, 0xe6, 0xde, 0x63,
942b958cff6SChuck Lever 0x46, 0xd4, 0xda, 0x45, 0x21, 0xbb, 0xa2, 0xd2
943b958cff6SChuck Lever );
944b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test7_basekey,
945b958cff6SChuck Lever 0x1b, 0x97, 0xfe, 0x0a, 0x19, 0x0e, 0x20, 0x21,
946b958cff6SChuck Lever 0xeb, 0x30, 0x75, 0x3e, 0x1b, 0x6e, 0x1e, 0x77,
947b958cff6SChuck Lever 0xb0, 0x75, 0x4b, 0x1d, 0x68, 0x46, 0x10, 0x35,
948b958cff6SChuck Lever 0x58, 0x64, 0x10, 0x49, 0x63, 0x46, 0x38, 0x33
949b958cff6SChuck Lever );
950b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test7_expected_result,
951b958cff6SChuck Lever 0x2c, 0x9c, 0x15, 0x70, 0x13, 0x3c, 0x99, 0xbf,
952b958cff6SChuck Lever 0x6a, 0x34, 0xbc, 0x1b, 0x02, 0x12, 0x00, 0x2f,
953b958cff6SChuck Lever 0xd1, 0x94, 0x33, 0x87, 0x49, 0xdb, 0x41, 0x35,
954b958cff6SChuck Lever 0x49, 0x7a, 0x34, 0x7c, 0xfc, 0xd9, 0xd1, 0x8a,
955b958cff6SChuck Lever 0x12
956b958cff6SChuck Lever );
957b958cff6SChuck Lever
958b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test8_confounder,
959b958cff6SChuck Lever 0xad, 0x4f, 0xf9, 0x04, 0xd3, 0x4e, 0x55, 0x53,
960b958cff6SChuck Lever 0x84, 0xb1, 0x41, 0x00, 0xfc, 0x46, 0x5f, 0x88
961b958cff6SChuck Lever );
962b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test8_basekey,
963b958cff6SChuck Lever 0x32, 0x16, 0x4c, 0x5b, 0x43, 0x4d, 0x1d, 0x15,
964b958cff6SChuck Lever 0x38, 0xe4, 0xcf, 0xd9, 0xbe, 0x80, 0x40, 0xfe,
965b958cff6SChuck Lever 0x8c, 0x4a, 0xc7, 0xac, 0xc4, 0xb9, 0x3d, 0x33,
966b958cff6SChuck Lever 0x14, 0xd2, 0x13, 0x36, 0x68, 0x14, 0x7a, 0x05
967b958cff6SChuck Lever );
968b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test8_expected_result,
969b958cff6SChuck Lever 0x9c, 0x6d, 0xe7, 0x5f, 0x81, 0x2d, 0xe7, 0xed,
970b958cff6SChuck Lever 0x0d, 0x28, 0xb2, 0x96, 0x35, 0x57, 0xa1, 0x15,
971b958cff6SChuck Lever 0x64, 0x09, 0x98, 0x27, 0x5b, 0x0a, 0xf5, 0x15,
972b958cff6SChuck Lever 0x27, 0x09, 0x91, 0x3f, 0xf5, 0x2a, 0x2a, 0x9c,
973b958cff6SChuck Lever 0x8e, 0x63, 0xb8, 0x72, 0xf9, 0x2e, 0x64, 0xc8,
974b958cff6SChuck Lever 0x39
975b958cff6SChuck Lever );
976b958cff6SChuck Lever
977b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test9_confounder,
978b958cff6SChuck Lever 0xcf, 0x9b, 0xca, 0x6d, 0xf1, 0x14, 0x4e, 0x0c,
979b958cff6SChuck Lever 0x0a, 0xf9, 0xb8, 0xf3, 0x4c, 0x90, 0xd5, 0x14
980b958cff6SChuck Lever );
981b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test9_basekey,
982b958cff6SChuck Lever 0xb0, 0x38, 0xb1, 0x32, 0xcd, 0x8e, 0x06, 0x61,
983b958cff6SChuck Lever 0x22, 0x67, 0xfa, 0xb7, 0x17, 0x00, 0x66, 0xd8,
984b958cff6SChuck Lever 0x8a, 0xec, 0xcb, 0xa0, 0xb7, 0x44, 0xbf, 0xc6,
985b958cff6SChuck Lever 0x0d, 0xc8, 0x9b, 0xca, 0x18, 0x2d, 0x07, 0x15
986b958cff6SChuck Lever );
987b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test9_expected_result,
988b958cff6SChuck Lever 0xee, 0xec, 0x85, 0xa9, 0x81, 0x3c, 0xdc, 0x53,
989b958cff6SChuck Lever 0x67, 0x72, 0xab, 0x9b, 0x42, 0xde, 0xfc, 0x57,
990b958cff6SChuck Lever 0x06, 0xf7, 0x26, 0xe9, 0x75, 0xdd, 0xe0, 0x5a,
991b958cff6SChuck Lever 0x87, 0xeb, 0x54, 0x06, 0xea, 0x32, 0x4c, 0xa1,
992b958cff6SChuck Lever 0x85, 0xc9, 0x98, 0x6b, 0x42, 0xaa, 0xbe, 0x79,
993b958cff6SChuck Lever 0x4b, 0x84, 0x82, 0x1b, 0xee
994b958cff6SChuck Lever );
995b958cff6SChuck Lever
996b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test10_confounder,
997b958cff6SChuck Lever 0x64, 0x4d, 0xef, 0x38, 0xda, 0x35, 0x00, 0x72,
998b958cff6SChuck Lever 0x75, 0x87, 0x8d, 0x21, 0x68, 0x55, 0xe2, 0x28
999b958cff6SChuck Lever );
1000b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test10_basekey,
1001b958cff6SChuck Lever 0xcc, 0xfc, 0xd3, 0x49, 0xbf, 0x4c, 0x66, 0x77,
1002b958cff6SChuck Lever 0xe8, 0x6e, 0x4b, 0x02, 0xb8, 0xea, 0xb9, 0x24,
1003b958cff6SChuck Lever 0xa5, 0x46, 0xac, 0x73, 0x1c, 0xf9, 0xbf, 0x69,
1004b958cff6SChuck Lever 0x89, 0xb9, 0x96, 0xe7, 0xd6, 0xbf, 0xbb, 0xa7
1005b958cff6SChuck Lever );
1006b958cff6SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc6803_enc_test10_expected_result,
1007b958cff6SChuck Lever 0x0e, 0x44, 0x68, 0x09, 0x85, 0x85, 0x5f, 0x2d,
1008b958cff6SChuck Lever 0x1f, 0x18, 0x12, 0x52, 0x9c, 0xa8, 0x3b, 0xfd,
1009b958cff6SChuck Lever 0x8e, 0x34, 0x9d, 0xe6, 0xfd, 0x9a, 0xda, 0x0b,
1010b958cff6SChuck Lever 0xaa, 0xa0, 0x48, 0xd6, 0x8e, 0x26, 0x5f, 0xeb,
1011b958cff6SChuck Lever 0xf3, 0x4a, 0xd1, 0x25, 0x5a, 0x34, 0x49, 0x99,
1012b958cff6SChuck Lever 0xad, 0x37, 0x14, 0x68, 0x87, 0xa6, 0xc6, 0x84,
1013b958cff6SChuck Lever 0x57, 0x31, 0xac, 0x7f, 0x46, 0x37, 0x6a, 0x05,
1014b958cff6SChuck Lever 0x04, 0xcd, 0x06, 0x57, 0x14, 0x74
1015b958cff6SChuck Lever );
1016b958cff6SChuck Lever
1017b958cff6SChuck Lever static const struct gss_krb5_test_param rfc6803_encrypt_test_params[] = {
1018b958cff6SChuck Lever {
1019b958cff6SChuck Lever .desc = "Encrypt empty plaintext with camellia128-cts-cmac",
1020b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
1021b958cff6SChuck Lever .constant = 0,
1022b958cff6SChuck Lever .base_key = &rfc6803_enc_test1_basekey,
1023b958cff6SChuck Lever .plaintext = &rfc6803_enc_empty_plaintext,
1024b958cff6SChuck Lever .confounder = &rfc6803_enc_test1_confounder,
1025b958cff6SChuck Lever .expected_result = &rfc6803_enc_test1_expected_result,
1026b958cff6SChuck Lever },
1027b958cff6SChuck Lever {
1028b958cff6SChuck Lever .desc = "Encrypt 1 byte with camellia128-cts-cmac",
1029b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
1030b958cff6SChuck Lever .constant = 1,
1031b958cff6SChuck Lever .base_key = &rfc6803_enc_test2_basekey,
1032b958cff6SChuck Lever .plaintext = &rfc6803_enc_1byte_plaintext,
1033b958cff6SChuck Lever .confounder = &rfc6803_enc_test2_confounder,
1034b958cff6SChuck Lever .expected_result = &rfc6803_enc_test2_expected_result,
1035b958cff6SChuck Lever },
1036b958cff6SChuck Lever {
1037b958cff6SChuck Lever .desc = "Encrypt 9 bytes with camellia128-cts-cmac",
1038b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
1039b958cff6SChuck Lever .constant = 2,
1040b958cff6SChuck Lever .base_key = &rfc6803_enc_test3_basekey,
1041b958cff6SChuck Lever .plaintext = &rfc6803_enc_9byte_plaintext,
1042b958cff6SChuck Lever .confounder = &rfc6803_enc_test3_confounder,
1043b958cff6SChuck Lever .expected_result = &rfc6803_enc_test3_expected_result,
1044b958cff6SChuck Lever },
1045b958cff6SChuck Lever {
1046b958cff6SChuck Lever .desc = "Encrypt 13 bytes with camellia128-cts-cmac",
1047b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
1048b958cff6SChuck Lever .constant = 3,
1049b958cff6SChuck Lever .base_key = &rfc6803_enc_test4_basekey,
1050b958cff6SChuck Lever .plaintext = &rfc6803_enc_13byte_plaintext,
1051b958cff6SChuck Lever .confounder = &rfc6803_enc_test4_confounder,
1052b958cff6SChuck Lever .expected_result = &rfc6803_enc_test4_expected_result,
1053b958cff6SChuck Lever },
1054b958cff6SChuck Lever {
1055b958cff6SChuck Lever .desc = "Encrypt 30 bytes with camellia128-cts-cmac",
1056b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
1057b958cff6SChuck Lever .constant = 4,
1058b958cff6SChuck Lever .base_key = &rfc6803_enc_test5_basekey,
1059b958cff6SChuck Lever .plaintext = &rfc6803_enc_30byte_plaintext,
1060b958cff6SChuck Lever .confounder = &rfc6803_enc_test5_confounder,
1061b958cff6SChuck Lever .expected_result = &rfc6803_enc_test5_expected_result,
1062b958cff6SChuck Lever },
1063b958cff6SChuck Lever {
1064b958cff6SChuck Lever .desc = "Encrypt empty plaintext with camellia256-cts-cmac",
1065b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
1066b958cff6SChuck Lever .constant = 0,
1067b958cff6SChuck Lever .base_key = &rfc6803_enc_test6_basekey,
1068b958cff6SChuck Lever .plaintext = &rfc6803_enc_empty_plaintext,
1069b958cff6SChuck Lever .confounder = &rfc6803_enc_test6_confounder,
1070b958cff6SChuck Lever .expected_result = &rfc6803_enc_test6_expected_result,
1071b958cff6SChuck Lever },
1072b958cff6SChuck Lever {
1073b958cff6SChuck Lever .desc = "Encrypt 1 byte with camellia256-cts-cmac",
1074b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
1075b958cff6SChuck Lever .constant = 1,
1076b958cff6SChuck Lever .base_key = &rfc6803_enc_test7_basekey,
1077b958cff6SChuck Lever .plaintext = &rfc6803_enc_1byte_plaintext,
1078b958cff6SChuck Lever .confounder = &rfc6803_enc_test7_confounder,
1079b958cff6SChuck Lever .expected_result = &rfc6803_enc_test7_expected_result,
1080b958cff6SChuck Lever },
1081b958cff6SChuck Lever {
1082b958cff6SChuck Lever .desc = "Encrypt 9 bytes with camellia256-cts-cmac",
1083b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
1084b958cff6SChuck Lever .constant = 2,
1085b958cff6SChuck Lever .base_key = &rfc6803_enc_test8_basekey,
1086b958cff6SChuck Lever .plaintext = &rfc6803_enc_9byte_plaintext,
1087b958cff6SChuck Lever .confounder = &rfc6803_enc_test8_confounder,
1088b958cff6SChuck Lever .expected_result = &rfc6803_enc_test8_expected_result,
1089b958cff6SChuck Lever },
1090b958cff6SChuck Lever {
1091b958cff6SChuck Lever .desc = "Encrypt 13 bytes with camellia256-cts-cmac",
1092b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
1093b958cff6SChuck Lever .constant = 3,
1094b958cff6SChuck Lever .base_key = &rfc6803_enc_test9_basekey,
1095b958cff6SChuck Lever .plaintext = &rfc6803_enc_13byte_plaintext,
1096b958cff6SChuck Lever .confounder = &rfc6803_enc_test9_confounder,
1097b958cff6SChuck Lever .expected_result = &rfc6803_enc_test9_expected_result,
1098b958cff6SChuck Lever },
1099b958cff6SChuck Lever {
1100b958cff6SChuck Lever .desc = "Encrypt 30 bytes with camellia256-cts-cmac",
1101b958cff6SChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
1102b958cff6SChuck Lever .constant = 4,
1103b958cff6SChuck Lever .base_key = &rfc6803_enc_test10_basekey,
1104b958cff6SChuck Lever .plaintext = &rfc6803_enc_30byte_plaintext,
1105b958cff6SChuck Lever .confounder = &rfc6803_enc_test10_confounder,
1106b958cff6SChuck Lever .expected_result = &rfc6803_enc_test10_expected_result,
1107b958cff6SChuck Lever },
1108b958cff6SChuck Lever };
1109b958cff6SChuck Lever
1110b958cff6SChuck Lever /* Creates the function rfc6803_encrypt_gen_params */
1111b958cff6SChuck Lever KUNIT_ARRAY_PARAM(rfc6803_encrypt, rfc6803_encrypt_test_params,
1112b958cff6SChuck Lever gss_krb5_get_desc);
1113b958cff6SChuck Lever
rfc6803_encrypt_case(struct kunit * test)1114b958cff6SChuck Lever static void rfc6803_encrypt_case(struct kunit *test)
1115b958cff6SChuck Lever {
1116b958cff6SChuck Lever const struct gss_krb5_test_param *param = test->param_value;
1117b958cff6SChuck Lever struct crypto_sync_skcipher *cts_tfm, *cbc_tfm;
1118b958cff6SChuck Lever const struct gss_krb5_enctype *gk5e;
1119b958cff6SChuck Lever struct xdr_netobj Ke, Ki, checksum;
1120b958cff6SChuck Lever u8 usage_data[GSS_KRB5_K5CLENGTH];
1121b958cff6SChuck Lever struct xdr_netobj usage = {
1122b958cff6SChuck Lever .data = usage_data,
1123b958cff6SChuck Lever .len = sizeof(usage_data),
1124b958cff6SChuck Lever };
1125b958cff6SChuck Lever struct crypto_ahash *ahash_tfm;
1126b958cff6SChuck Lever unsigned int blocksize;
1127b958cff6SChuck Lever struct xdr_buf buf;
1128b958cff6SChuck Lever void *text;
1129b958cff6SChuck Lever size_t len;
1130b958cff6SChuck Lever u32 err;
1131b958cff6SChuck Lever
1132b958cff6SChuck Lever /* Arrange */
1133b958cff6SChuck Lever gk5e = gss_krb5_lookup_enctype(param->enctype);
1134fe90151cSChuck Lever if (!gk5e)
1135fe90151cSChuck Lever kunit_skip(test, "Encryption type is not available");
1136b958cff6SChuck Lever
1137c8bc3466SDavid Howells memset(usage_data, 0, sizeof(usage_data));
1138b958cff6SChuck Lever usage.data[3] = param->constant;
1139b958cff6SChuck Lever
1140b958cff6SChuck Lever Ke.len = gk5e->Ke_length;
1141b958cff6SChuck Lever Ke.data = kunit_kzalloc(test, Ke.len, GFP_KERNEL);
1142b958cff6SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, Ke.data);
1143b958cff6SChuck Lever usage.data[4] = KEY_USAGE_SEED_ENCRYPTION;
1144b958cff6SChuck Lever err = gk5e->derive_key(gk5e, param->base_key, &Ke, &usage, GFP_KERNEL);
1145b958cff6SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1146b958cff6SChuck Lever
1147b958cff6SChuck Lever cbc_tfm = crypto_alloc_sync_skcipher(gk5e->aux_cipher, 0, 0);
1148b958cff6SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cbc_tfm);
1149b958cff6SChuck Lever err = crypto_sync_skcipher_setkey(cbc_tfm, Ke.data, Ke.len);
1150b958cff6SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1151b958cff6SChuck Lever
1152b958cff6SChuck Lever cts_tfm = crypto_alloc_sync_skcipher(gk5e->encrypt_name, 0, 0);
1153b958cff6SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cts_tfm);
1154b958cff6SChuck Lever err = crypto_sync_skcipher_setkey(cts_tfm, Ke.data, Ke.len);
1155b958cff6SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1156b958cff6SChuck Lever blocksize = crypto_sync_skcipher_blocksize(cts_tfm);
1157b958cff6SChuck Lever
1158b958cff6SChuck Lever len = param->confounder->len + param->plaintext->len + blocksize;
1159b958cff6SChuck Lever text = kunit_kzalloc(test, len, GFP_KERNEL);
1160b958cff6SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, text);
1161b958cff6SChuck Lever memcpy(text, param->confounder->data, param->confounder->len);
1162b958cff6SChuck Lever memcpy(text + param->confounder->len, param->plaintext->data,
1163b958cff6SChuck Lever param->plaintext->len);
1164b958cff6SChuck Lever
1165b958cff6SChuck Lever memset(&buf, 0, sizeof(buf));
1166b958cff6SChuck Lever buf.head[0].iov_base = text;
1167b958cff6SChuck Lever buf.head[0].iov_len = param->confounder->len + param->plaintext->len;
1168b958cff6SChuck Lever buf.len = buf.head[0].iov_len;
1169b958cff6SChuck Lever
1170b958cff6SChuck Lever checksum.len = gk5e->cksumlength;
1171b958cff6SChuck Lever checksum.data = kunit_kzalloc(test, checksum.len, GFP_KERNEL);
1172b958cff6SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, checksum.data);
1173b958cff6SChuck Lever
1174b958cff6SChuck Lever Ki.len = gk5e->Ki_length;
1175b958cff6SChuck Lever Ki.data = kunit_kzalloc(test, Ki.len, GFP_KERNEL);
1176b958cff6SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, Ki.data);
1177b958cff6SChuck Lever usage.data[4] = KEY_USAGE_SEED_INTEGRITY;
1178b958cff6SChuck Lever err = gk5e->derive_key(gk5e, param->base_key, &Ki,
1179b958cff6SChuck Lever &usage, GFP_KERNEL);
1180b958cff6SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1181b958cff6SChuck Lever ahash_tfm = crypto_alloc_ahash(gk5e->cksum_name, 0, CRYPTO_ALG_ASYNC);
1182b958cff6SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ahash_tfm);
1183b958cff6SChuck Lever err = crypto_ahash_setkey(ahash_tfm, Ki.data, Ki.len);
1184b958cff6SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1185b958cff6SChuck Lever
1186b958cff6SChuck Lever /* Act */
1187b958cff6SChuck Lever err = gss_krb5_checksum(ahash_tfm, NULL, 0, &buf, 0, &checksum);
1188b958cff6SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1189b958cff6SChuck Lever
1190b958cff6SChuck Lever err = krb5_cbc_cts_encrypt(cts_tfm, cbc_tfm, 0, &buf, NULL, NULL, 0);
1191b958cff6SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1192b958cff6SChuck Lever
1193b958cff6SChuck Lever /* Assert */
1194b958cff6SChuck Lever KUNIT_EXPECT_EQ_MSG(test, param->expected_result->len,
1195b958cff6SChuck Lever buf.len + checksum.len,
1196b958cff6SChuck Lever "ciphertext length mismatch");
1197b958cff6SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
1198b958cff6SChuck Lever memcmp(param->expected_result->data,
1199b958cff6SChuck Lever buf.head[0].iov_base, buf.len), 0,
1200b958cff6SChuck Lever "encrypted result mismatch");
1201b958cff6SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
1202b958cff6SChuck Lever memcmp(param->expected_result->data +
1203b958cff6SChuck Lever (param->expected_result->len - checksum.len),
1204b958cff6SChuck Lever checksum.data, checksum.len), 0,
1205b958cff6SChuck Lever "HMAC mismatch");
1206b958cff6SChuck Lever
1207b958cff6SChuck Lever crypto_free_ahash(ahash_tfm);
1208b958cff6SChuck Lever crypto_free_sync_skcipher(cts_tfm);
1209b958cff6SChuck Lever crypto_free_sync_skcipher(cbc_tfm);
1210b958cff6SChuck Lever }
1211b958cff6SChuck Lever
121235f6e42eSChuck Lever static struct kunit_case rfc6803_test_cases[] = {
121335f6e42eSChuck Lever {
121435f6e42eSChuck Lever .name = "RFC 6803 key derivation",
121535f6e42eSChuck Lever .run_case = kdf_case,
121635f6e42eSChuck Lever .generate_params = rfc6803_kdf_gen_params,
121735f6e42eSChuck Lever },
121802142b2cSChuck Lever {
121902142b2cSChuck Lever .name = "RFC 6803 checksum",
122002142b2cSChuck Lever .run_case = checksum_case,
122102142b2cSChuck Lever .generate_params = rfc6803_checksum_gen_params,
122202142b2cSChuck Lever },
1223b958cff6SChuck Lever {
1224b958cff6SChuck Lever .name = "RFC 6803 encryption",
1225b958cff6SChuck Lever .run_case = rfc6803_encrypt_case,
1226b958cff6SChuck Lever .generate_params = rfc6803_encrypt_gen_params,
1227b958cff6SChuck Lever },
1228fb5b855dSChuck Lever {}
122935f6e42eSChuck Lever };
123035f6e42eSChuck Lever
123135f6e42eSChuck Lever static struct kunit_suite rfc6803_suite = {
123235f6e42eSChuck Lever .name = "RFC 6803 suite",
123335f6e42eSChuck Lever .test_cases = rfc6803_test_cases,
123435f6e42eSChuck Lever };
123535f6e42eSChuck Lever
1236fcbad14bSChuck Lever /*
1237fcbad14bSChuck Lever * From RFC 8009 Appendix A. Test Vectors
1238fcbad14bSChuck Lever *
1239fcbad14bSChuck Lever * Sample results for SHA-2 enctype key derivation
1240fcbad14bSChuck Lever *
1241fcbad14bSChuck Lever * This test material is copyright (c) 2016 IETF Trust and the
1242fcbad14bSChuck Lever * persons identified as the document authors. All rights reserved.
1243fcbad14bSChuck Lever */
1244fcbad14bSChuck Lever
1245fcbad14bSChuck Lever DEFINE_HEX_XDR_NETOBJ(aes128_cts_hmac_sha256_128_basekey,
1246fcbad14bSChuck Lever 0x37, 0x05, 0xd9, 0x60, 0x80, 0xc1, 0x77, 0x28,
1247fcbad14bSChuck Lever 0xa0, 0xe8, 0x00, 0xea, 0xb6, 0xe0, 0xd2, 0x3c
1248fcbad14bSChuck Lever );
1249fcbad14bSChuck Lever DEFINE_HEX_XDR_NETOBJ(aes128_cts_hmac_sha256_128_Kc,
1250fcbad14bSChuck Lever 0xb3, 0x1a, 0x01, 0x8a, 0x48, 0xf5, 0x47, 0x76,
1251fcbad14bSChuck Lever 0xf4, 0x03, 0xe9, 0xa3, 0x96, 0x32, 0x5d, 0xc3
1252fcbad14bSChuck Lever );
1253fcbad14bSChuck Lever DEFINE_HEX_XDR_NETOBJ(aes128_cts_hmac_sha256_128_Ke,
1254fcbad14bSChuck Lever 0x9b, 0x19, 0x7d, 0xd1, 0xe8, 0xc5, 0x60, 0x9d,
1255fcbad14bSChuck Lever 0x6e, 0x67, 0xc3, 0xe3, 0x7c, 0x62, 0xc7, 0x2e
1256fcbad14bSChuck Lever );
1257fcbad14bSChuck Lever DEFINE_HEX_XDR_NETOBJ(aes128_cts_hmac_sha256_128_Ki,
1258fcbad14bSChuck Lever 0x9f, 0xda, 0x0e, 0x56, 0xab, 0x2d, 0x85, 0xe1,
1259fcbad14bSChuck Lever 0x56, 0x9a, 0x68, 0x86, 0x96, 0xc2, 0x6a, 0x6c
1260fcbad14bSChuck Lever );
1261fcbad14bSChuck Lever
1262fcbad14bSChuck Lever DEFINE_HEX_XDR_NETOBJ(aes256_cts_hmac_sha384_192_basekey,
1263fcbad14bSChuck Lever 0x6d, 0x40, 0x4d, 0x37, 0xfa, 0xf7, 0x9f, 0x9d,
1264fcbad14bSChuck Lever 0xf0, 0xd3, 0x35, 0x68, 0xd3, 0x20, 0x66, 0x98,
1265fcbad14bSChuck Lever 0x00, 0xeb, 0x48, 0x36, 0x47, 0x2e, 0xa8, 0xa0,
1266fcbad14bSChuck Lever 0x26, 0xd1, 0x6b, 0x71, 0x82, 0x46, 0x0c, 0x52
1267fcbad14bSChuck Lever );
1268fcbad14bSChuck Lever DEFINE_HEX_XDR_NETOBJ(aes256_cts_hmac_sha384_192_Kc,
1269fcbad14bSChuck Lever 0xef, 0x57, 0x18, 0xbe, 0x86, 0xcc, 0x84, 0x96,
1270fcbad14bSChuck Lever 0x3d, 0x8b, 0xbb, 0x50, 0x31, 0xe9, 0xf5, 0xc4,
1271fcbad14bSChuck Lever 0xba, 0x41, 0xf2, 0x8f, 0xaf, 0x69, 0xe7, 0x3d
1272fcbad14bSChuck Lever );
1273fcbad14bSChuck Lever DEFINE_HEX_XDR_NETOBJ(aes256_cts_hmac_sha384_192_Ke,
1274fcbad14bSChuck Lever 0x56, 0xab, 0x22, 0xbe, 0xe6, 0x3d, 0x82, 0xd7,
1275fcbad14bSChuck Lever 0xbc, 0x52, 0x27, 0xf6, 0x77, 0x3f, 0x8e, 0xa7,
1276fcbad14bSChuck Lever 0xa5, 0xeb, 0x1c, 0x82, 0x51, 0x60, 0xc3, 0x83,
1277fcbad14bSChuck Lever 0x12, 0x98, 0x0c, 0x44, 0x2e, 0x5c, 0x7e, 0x49
1278fcbad14bSChuck Lever );
1279fcbad14bSChuck Lever DEFINE_HEX_XDR_NETOBJ(aes256_cts_hmac_sha384_192_Ki,
1280fcbad14bSChuck Lever 0x69, 0xb1, 0x65, 0x14, 0xe3, 0xcd, 0x8e, 0x56,
1281fcbad14bSChuck Lever 0xb8, 0x20, 0x10, 0xd5, 0xc7, 0x30, 0x12, 0xb6,
1282fcbad14bSChuck Lever 0x22, 0xc4, 0xd0, 0x0f, 0xfc, 0x23, 0xed, 0x1f
1283fcbad14bSChuck Lever );
1284fcbad14bSChuck Lever
1285fcbad14bSChuck Lever static const struct gss_krb5_test_param rfc8009_kdf_test_params[] = {
1286fcbad14bSChuck Lever {
1287fcbad14bSChuck Lever .desc = "Derive Kc subkey for aes128-cts-hmac-sha256-128",
1288fcbad14bSChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
1289fcbad14bSChuck Lever .base_key = &aes128_cts_hmac_sha256_128_basekey,
1290fcbad14bSChuck Lever .usage = &usage_checksum,
1291fcbad14bSChuck Lever .expected_result = &aes128_cts_hmac_sha256_128_Kc,
1292fcbad14bSChuck Lever },
1293fcbad14bSChuck Lever {
1294fcbad14bSChuck Lever .desc = "Derive Ke subkey for aes128-cts-hmac-sha256-128",
1295fcbad14bSChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
1296fcbad14bSChuck Lever .base_key = &aes128_cts_hmac_sha256_128_basekey,
1297fcbad14bSChuck Lever .usage = &usage_encryption,
1298fcbad14bSChuck Lever .expected_result = &aes128_cts_hmac_sha256_128_Ke,
1299fcbad14bSChuck Lever },
1300fcbad14bSChuck Lever {
1301fcbad14bSChuck Lever .desc = "Derive Ki subkey for aes128-cts-hmac-sha256-128",
1302fcbad14bSChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
1303fcbad14bSChuck Lever .base_key = &aes128_cts_hmac_sha256_128_basekey,
1304fcbad14bSChuck Lever .usage = &usage_integrity,
1305fcbad14bSChuck Lever .expected_result = &aes128_cts_hmac_sha256_128_Ki,
1306fcbad14bSChuck Lever },
1307fcbad14bSChuck Lever {
1308fcbad14bSChuck Lever .desc = "Derive Kc subkey for aes256-cts-hmac-sha384-192",
1309fcbad14bSChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
1310fcbad14bSChuck Lever .base_key = &aes256_cts_hmac_sha384_192_basekey,
1311fcbad14bSChuck Lever .usage = &usage_checksum,
1312fcbad14bSChuck Lever .expected_result = &aes256_cts_hmac_sha384_192_Kc,
1313fcbad14bSChuck Lever },
1314fcbad14bSChuck Lever {
1315fcbad14bSChuck Lever .desc = "Derive Ke subkey for aes256-cts-hmac-sha384-192",
1316fcbad14bSChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
1317fcbad14bSChuck Lever .base_key = &aes256_cts_hmac_sha384_192_basekey,
1318fcbad14bSChuck Lever .usage = &usage_encryption,
1319fcbad14bSChuck Lever .expected_result = &aes256_cts_hmac_sha384_192_Ke,
1320fcbad14bSChuck Lever },
1321fcbad14bSChuck Lever {
1322fcbad14bSChuck Lever .desc = "Derive Ki subkey for aes256-cts-hmac-sha384-192",
1323fcbad14bSChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
1324fcbad14bSChuck Lever .base_key = &aes256_cts_hmac_sha384_192_basekey,
1325fcbad14bSChuck Lever .usage = &usage_integrity,
1326fcbad14bSChuck Lever .expected_result = &aes256_cts_hmac_sha384_192_Ki,
1327fcbad14bSChuck Lever },
1328fcbad14bSChuck Lever };
1329fcbad14bSChuck Lever
1330fcbad14bSChuck Lever /* Creates the function rfc8009_kdf_gen_params */
1331fcbad14bSChuck Lever KUNIT_ARRAY_PARAM(rfc8009_kdf, rfc8009_kdf_test_params, gss_krb5_get_desc);
1332fcbad14bSChuck Lever
1333003caf4fSChuck Lever /*
1334003caf4fSChuck Lever * From RFC 8009 Appendix A. Test Vectors
1335003caf4fSChuck Lever *
1336003caf4fSChuck Lever * These sample checksums use the above sample key derivation results,
1337003caf4fSChuck Lever * including use of the same base-key and key usage values.
1338003caf4fSChuck Lever *
1339003caf4fSChuck Lever * This test material is copyright (c) 2016 IETF Trust and the
1340003caf4fSChuck Lever * persons identified as the document authors. All rights reserved.
1341003caf4fSChuck Lever */
1342003caf4fSChuck Lever
1343003caf4fSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_checksum_plaintext,
1344003caf4fSChuck Lever 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1345003caf4fSChuck Lever 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1346003caf4fSChuck Lever 0x10, 0x11, 0x12, 0x13, 0x14
1347003caf4fSChuck Lever );
1348003caf4fSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_checksum_test1_expected_result,
1349003caf4fSChuck Lever 0xd7, 0x83, 0x67, 0x18, 0x66, 0x43, 0xd6, 0x7b,
1350003caf4fSChuck Lever 0x41, 0x1c, 0xba, 0x91, 0x39, 0xfc, 0x1d, 0xee
1351003caf4fSChuck Lever );
1352003caf4fSChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_checksum_test2_expected_result,
1353003caf4fSChuck Lever 0x45, 0xee, 0x79, 0x15, 0x67, 0xee, 0xfc, 0xa3,
1354003caf4fSChuck Lever 0x7f, 0x4a, 0xc1, 0xe0, 0x22, 0x2d, 0xe8, 0x0d,
1355003caf4fSChuck Lever 0x43, 0xc3, 0xbf, 0xa0, 0x66, 0x99, 0x67, 0x2a
1356003caf4fSChuck Lever );
1357003caf4fSChuck Lever
1358003caf4fSChuck Lever static const struct gss_krb5_test_param rfc8009_checksum_test_params[] = {
1359003caf4fSChuck Lever {
1360003caf4fSChuck Lever .desc = "Checksum with aes128-cts-hmac-sha256-128",
1361003caf4fSChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
1362003caf4fSChuck Lever .base_key = &aes128_cts_hmac_sha256_128_basekey,
1363003caf4fSChuck Lever .usage = &usage_checksum,
1364003caf4fSChuck Lever .plaintext = &rfc8009_checksum_plaintext,
1365003caf4fSChuck Lever .expected_result = &rfc8009_checksum_test1_expected_result,
1366003caf4fSChuck Lever },
1367003caf4fSChuck Lever {
1368003caf4fSChuck Lever .desc = "Checksum with aes256-cts-hmac-sha384-192",
1369003caf4fSChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
1370003caf4fSChuck Lever .base_key = &aes256_cts_hmac_sha384_192_basekey,
1371003caf4fSChuck Lever .usage = &usage_checksum,
1372003caf4fSChuck Lever .plaintext = &rfc8009_checksum_plaintext,
1373003caf4fSChuck Lever .expected_result = &rfc8009_checksum_test2_expected_result,
1374003caf4fSChuck Lever },
1375003caf4fSChuck Lever };
1376003caf4fSChuck Lever
1377003caf4fSChuck Lever /* Creates the function rfc8009_checksum_gen_params */
1378003caf4fSChuck Lever KUNIT_ARRAY_PARAM(rfc8009_checksum, rfc8009_checksum_test_params,
1379003caf4fSChuck Lever gss_krb5_get_desc);
1380003caf4fSChuck Lever
13814d2d15c0SChuck Lever /*
13824d2d15c0SChuck Lever * From RFC 8009 Appendix A. Test Vectors
13834d2d15c0SChuck Lever *
13844d2d15c0SChuck Lever * Sample encryptions (all using the default cipher state):
13854d2d15c0SChuck Lever * --------------------------------------------------------
13864d2d15c0SChuck Lever *
13874d2d15c0SChuck Lever * These sample encryptions use the above sample key derivation results,
13884d2d15c0SChuck Lever * including use of the same base-key and key usage values.
13894d2d15c0SChuck Lever *
13904d2d15c0SChuck Lever * This test material is copyright (c) 2016 IETF Trust and the
13914d2d15c0SChuck Lever * persons identified as the document authors. All rights reserved.
13924d2d15c0SChuck Lever */
13934d2d15c0SChuck Lever
13944d2d15c0SChuck Lever static const struct xdr_netobj rfc8009_enc_empty_plaintext = {
13954d2d15c0SChuck Lever .len = 0,
13964d2d15c0SChuck Lever };
13974d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_short_plaintext,
13984d2d15c0SChuck Lever 0x00, 0x01, 0x02, 0x03, 0x04, 0x05
13994d2d15c0SChuck Lever );
14004d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_block_plaintext,
14014d2d15c0SChuck Lever 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
14024d2d15c0SChuck Lever 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
14034d2d15c0SChuck Lever );
14044d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_long_plaintext,
14054d2d15c0SChuck Lever 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
14064d2d15c0SChuck Lever 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
14074d2d15c0SChuck Lever 0x10, 0x11, 0x12, 0x13, 0x14
14084d2d15c0SChuck Lever );
14094d2d15c0SChuck Lever
14104d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test1_confounder,
14114d2d15c0SChuck Lever 0x7e, 0x58, 0x95, 0xea, 0xf2, 0x67, 0x24, 0x35,
14124d2d15c0SChuck Lever 0xba, 0xd8, 0x17, 0xf5, 0x45, 0xa3, 0x71, 0x48
14134d2d15c0SChuck Lever );
14144d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test1_expected_result,
14154d2d15c0SChuck Lever 0xef, 0x85, 0xfb, 0x89, 0x0b, 0xb8, 0x47, 0x2f,
14164d2d15c0SChuck Lever 0x4d, 0xab, 0x20, 0x39, 0x4d, 0xca, 0x78, 0x1d
14174d2d15c0SChuck Lever );
14184d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test1_expected_hmac,
14194d2d15c0SChuck Lever 0xad, 0x87, 0x7e, 0xda, 0x39, 0xd5, 0x0c, 0x87,
14204d2d15c0SChuck Lever 0x0c, 0x0d, 0x5a, 0x0a, 0x8e, 0x48, 0xc7, 0x18
14214d2d15c0SChuck Lever );
14224d2d15c0SChuck Lever
14234d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test2_confounder,
14244d2d15c0SChuck Lever 0x7b, 0xca, 0x28, 0x5e, 0x2f, 0xd4, 0x13, 0x0f,
14254d2d15c0SChuck Lever 0xb5, 0x5b, 0x1a, 0x5c, 0x83, 0xbc, 0x5b, 0x24
14264d2d15c0SChuck Lever );
14274d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test2_expected_result,
14284d2d15c0SChuck Lever 0x84, 0xd7, 0xf3, 0x07, 0x54, 0xed, 0x98, 0x7b,
14294d2d15c0SChuck Lever 0xab, 0x0b, 0xf3, 0x50, 0x6b, 0xeb, 0x09, 0xcf,
14304d2d15c0SChuck Lever 0xb5, 0x54, 0x02, 0xce, 0xf7, 0xe6
14314d2d15c0SChuck Lever );
14324d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test2_expected_hmac,
14334d2d15c0SChuck Lever 0x87, 0x7c, 0xe9, 0x9e, 0x24, 0x7e, 0x52, 0xd1,
14344d2d15c0SChuck Lever 0x6e, 0xd4, 0x42, 0x1d, 0xfd, 0xf8, 0x97, 0x6c
14354d2d15c0SChuck Lever );
14364d2d15c0SChuck Lever
14374d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test3_confounder,
14384d2d15c0SChuck Lever 0x56, 0xab, 0x21, 0x71, 0x3f, 0xf6, 0x2c, 0x0a,
14394d2d15c0SChuck Lever 0x14, 0x57, 0x20, 0x0f, 0x6f, 0xa9, 0x94, 0x8f
14404d2d15c0SChuck Lever );
14414d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test3_expected_result,
14424d2d15c0SChuck Lever 0x35, 0x17, 0xd6, 0x40, 0xf5, 0x0d, 0xdc, 0x8a,
14434d2d15c0SChuck Lever 0xd3, 0x62, 0x87, 0x22, 0xb3, 0x56, 0x9d, 0x2a,
14444d2d15c0SChuck Lever 0xe0, 0x74, 0x93, 0xfa, 0x82, 0x63, 0x25, 0x40,
14454d2d15c0SChuck Lever 0x80, 0xea, 0x65, 0xc1, 0x00, 0x8e, 0x8f, 0xc2
14464d2d15c0SChuck Lever );
14474d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test3_expected_hmac,
14484d2d15c0SChuck Lever 0x95, 0xfb, 0x48, 0x52, 0xe7, 0xd8, 0x3e, 0x1e,
14494d2d15c0SChuck Lever 0x7c, 0x48, 0xc3, 0x7e, 0xeb, 0xe6, 0xb0, 0xd3
14504d2d15c0SChuck Lever );
14514d2d15c0SChuck Lever
14524d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test4_confounder,
14534d2d15c0SChuck Lever 0xa7, 0xa4, 0xe2, 0x9a, 0x47, 0x28, 0xce, 0x10,
14544d2d15c0SChuck Lever 0x66, 0x4f, 0xb6, 0x4e, 0x49, 0xad, 0x3f, 0xac
14554d2d15c0SChuck Lever );
14564d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test4_expected_result,
14574d2d15c0SChuck Lever 0x72, 0x0f, 0x73, 0xb1, 0x8d, 0x98, 0x59, 0xcd,
14584d2d15c0SChuck Lever 0x6c, 0xcb, 0x43, 0x46, 0x11, 0x5c, 0xd3, 0x36,
14594d2d15c0SChuck Lever 0xc7, 0x0f, 0x58, 0xed, 0xc0, 0xc4, 0x43, 0x7c,
14604d2d15c0SChuck Lever 0x55, 0x73, 0x54, 0x4c, 0x31, 0xc8, 0x13, 0xbc,
14614d2d15c0SChuck Lever 0xe1, 0xe6, 0xd0, 0x72, 0xc1
14624d2d15c0SChuck Lever );
14634d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test4_expected_hmac,
14644d2d15c0SChuck Lever 0x86, 0xb3, 0x9a, 0x41, 0x3c, 0x2f, 0x92, 0xca,
14654d2d15c0SChuck Lever 0x9b, 0x83, 0x34, 0xa2, 0x87, 0xff, 0xcb, 0xfc
14664d2d15c0SChuck Lever );
14674d2d15c0SChuck Lever
14684d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test5_confounder,
14694d2d15c0SChuck Lever 0xf7, 0x64, 0xe9, 0xfa, 0x15, 0xc2, 0x76, 0x47,
14704d2d15c0SChuck Lever 0x8b, 0x2c, 0x7d, 0x0c, 0x4e, 0x5f, 0x58, 0xe4
14714d2d15c0SChuck Lever );
14724d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test5_expected_result,
14734d2d15c0SChuck Lever 0x41, 0xf5, 0x3f, 0xa5, 0xbf, 0xe7, 0x02, 0x6d,
14744d2d15c0SChuck Lever 0x91, 0xfa, 0xf9, 0xbe, 0x95, 0x91, 0x95, 0xa0
14754d2d15c0SChuck Lever );
14764d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test5_expected_hmac,
14774d2d15c0SChuck Lever 0x58, 0x70, 0x72, 0x73, 0xa9, 0x6a, 0x40, 0xf0,
14784d2d15c0SChuck Lever 0xa0, 0x19, 0x60, 0x62, 0x1a, 0xc6, 0x12, 0x74,
14794d2d15c0SChuck Lever 0x8b, 0x9b, 0xbf, 0xbe, 0x7e, 0xb4, 0xce, 0x3c
14804d2d15c0SChuck Lever );
14814d2d15c0SChuck Lever
14824d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test6_confounder,
14834d2d15c0SChuck Lever 0xb8, 0x0d, 0x32, 0x51, 0xc1, 0xf6, 0x47, 0x14,
14844d2d15c0SChuck Lever 0x94, 0x25, 0x6f, 0xfe, 0x71, 0x2d, 0x0b, 0x9a
14854d2d15c0SChuck Lever );
14864d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test6_expected_result,
14874d2d15c0SChuck Lever 0x4e, 0xd7, 0xb3, 0x7c, 0x2b, 0xca, 0xc8, 0xf7,
14884d2d15c0SChuck Lever 0x4f, 0x23, 0xc1, 0xcf, 0x07, 0xe6, 0x2b, 0xc7,
14894d2d15c0SChuck Lever 0xb7, 0x5f, 0xb3, 0xf6, 0x37, 0xb9
14904d2d15c0SChuck Lever );
14914d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test6_expected_hmac,
14924d2d15c0SChuck Lever 0xf5, 0x59, 0xc7, 0xf6, 0x64, 0xf6, 0x9e, 0xab,
14934d2d15c0SChuck Lever 0x7b, 0x60, 0x92, 0x23, 0x75, 0x26, 0xea, 0x0d,
14944d2d15c0SChuck Lever 0x1f, 0x61, 0xcb, 0x20, 0xd6, 0x9d, 0x10, 0xf2
14954d2d15c0SChuck Lever );
14964d2d15c0SChuck Lever
14974d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test7_confounder,
14984d2d15c0SChuck Lever 0x53, 0xbf, 0x8a, 0x0d, 0x10, 0x52, 0x65, 0xd4,
14994d2d15c0SChuck Lever 0xe2, 0x76, 0x42, 0x86, 0x24, 0xce, 0x5e, 0x63
15004d2d15c0SChuck Lever );
15014d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test7_expected_result,
15024d2d15c0SChuck Lever 0xbc, 0x47, 0xff, 0xec, 0x79, 0x98, 0xeb, 0x91,
15034d2d15c0SChuck Lever 0xe8, 0x11, 0x5c, 0xf8, 0xd1, 0x9d, 0xac, 0x4b,
15044d2d15c0SChuck Lever 0xbb, 0xe2, 0xe1, 0x63, 0xe8, 0x7d, 0xd3, 0x7f,
15054d2d15c0SChuck Lever 0x49, 0xbe, 0xca, 0x92, 0x02, 0x77, 0x64, 0xf6
15064d2d15c0SChuck Lever );
15074d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test7_expected_hmac,
15084d2d15c0SChuck Lever 0x8c, 0xf5, 0x1f, 0x14, 0xd7, 0x98, 0xc2, 0x27,
15094d2d15c0SChuck Lever 0x3f, 0x35, 0xdf, 0x57, 0x4d, 0x1f, 0x93, 0x2e,
15104d2d15c0SChuck Lever 0x40, 0xc4, 0xff, 0x25, 0x5b, 0x36, 0xa2, 0x66
15114d2d15c0SChuck Lever );
15124d2d15c0SChuck Lever
15134d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test8_confounder,
15144d2d15c0SChuck Lever 0x76, 0x3e, 0x65, 0x36, 0x7e, 0x86, 0x4f, 0x02,
15154d2d15c0SChuck Lever 0xf5, 0x51, 0x53, 0xc7, 0xe3, 0xb5, 0x8a, 0xf1
15164d2d15c0SChuck Lever );
15174d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test8_expected_result,
15184d2d15c0SChuck Lever 0x40, 0x01, 0x3e, 0x2d, 0xf5, 0x8e, 0x87, 0x51,
15194d2d15c0SChuck Lever 0x95, 0x7d, 0x28, 0x78, 0xbc, 0xd2, 0xd6, 0xfe,
15204d2d15c0SChuck Lever 0x10, 0x1c, 0xcf, 0xd5, 0x56, 0xcb, 0x1e, 0xae,
15214d2d15c0SChuck Lever 0x79, 0xdb, 0x3c, 0x3e, 0xe8, 0x64, 0x29, 0xf2,
15224d2d15c0SChuck Lever 0xb2, 0xa6, 0x02, 0xac, 0x86
15234d2d15c0SChuck Lever );
15244d2d15c0SChuck Lever DEFINE_HEX_XDR_NETOBJ(rfc8009_enc_test8_expected_hmac,
15254d2d15c0SChuck Lever 0xfe, 0xf6, 0xec, 0xb6, 0x47, 0xd6, 0x29, 0x5f,
15264d2d15c0SChuck Lever 0xae, 0x07, 0x7a, 0x1f, 0xeb, 0x51, 0x75, 0x08,
15274d2d15c0SChuck Lever 0xd2, 0xc1, 0x6b, 0x41, 0x92, 0xe0, 0x1f, 0x62
15284d2d15c0SChuck Lever );
15294d2d15c0SChuck Lever
15304d2d15c0SChuck Lever static const struct gss_krb5_test_param rfc8009_encrypt_test_params[] = {
15314d2d15c0SChuck Lever {
15324d2d15c0SChuck Lever .desc = "Encrypt empty plaintext with aes128-cts-hmac-sha256-128",
15334d2d15c0SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
15344d2d15c0SChuck Lever .plaintext = &rfc8009_enc_empty_plaintext,
15354d2d15c0SChuck Lever .confounder = &rfc8009_enc_test1_confounder,
15364d2d15c0SChuck Lever .base_key = &aes128_cts_hmac_sha256_128_basekey,
15374d2d15c0SChuck Lever .expected_result = &rfc8009_enc_test1_expected_result,
15384d2d15c0SChuck Lever .expected_hmac = &rfc8009_enc_test1_expected_hmac,
15394d2d15c0SChuck Lever },
15404d2d15c0SChuck Lever {
15414d2d15c0SChuck Lever .desc = "Encrypt short plaintext with aes128-cts-hmac-sha256-128",
15424d2d15c0SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
15434d2d15c0SChuck Lever .plaintext = &rfc8009_enc_short_plaintext,
15444d2d15c0SChuck Lever .confounder = &rfc8009_enc_test2_confounder,
15454d2d15c0SChuck Lever .base_key = &aes128_cts_hmac_sha256_128_basekey,
15464d2d15c0SChuck Lever .expected_result = &rfc8009_enc_test2_expected_result,
15474d2d15c0SChuck Lever .expected_hmac = &rfc8009_enc_test2_expected_hmac,
15484d2d15c0SChuck Lever },
15494d2d15c0SChuck Lever {
15504d2d15c0SChuck Lever .desc = "Encrypt block plaintext with aes128-cts-hmac-sha256-128",
15514d2d15c0SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
15524d2d15c0SChuck Lever .plaintext = &rfc8009_enc_block_plaintext,
15534d2d15c0SChuck Lever .confounder = &rfc8009_enc_test3_confounder,
15544d2d15c0SChuck Lever .base_key = &aes128_cts_hmac_sha256_128_basekey,
15554d2d15c0SChuck Lever .expected_result = &rfc8009_enc_test3_expected_result,
15564d2d15c0SChuck Lever .expected_hmac = &rfc8009_enc_test3_expected_hmac,
15574d2d15c0SChuck Lever },
15584d2d15c0SChuck Lever {
15594d2d15c0SChuck Lever .desc = "Encrypt long plaintext with aes128-cts-hmac-sha256-128",
15604d2d15c0SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
15614d2d15c0SChuck Lever .plaintext = &rfc8009_enc_long_plaintext,
15624d2d15c0SChuck Lever .confounder = &rfc8009_enc_test4_confounder,
15634d2d15c0SChuck Lever .base_key = &aes128_cts_hmac_sha256_128_basekey,
15644d2d15c0SChuck Lever .expected_result = &rfc8009_enc_test4_expected_result,
15654d2d15c0SChuck Lever .expected_hmac = &rfc8009_enc_test4_expected_hmac,
15664d2d15c0SChuck Lever },
15674d2d15c0SChuck Lever {
15684d2d15c0SChuck Lever .desc = "Encrypt empty plaintext with aes256-cts-hmac-sha384-192",
15694d2d15c0SChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
15704d2d15c0SChuck Lever .plaintext = &rfc8009_enc_empty_plaintext,
15714d2d15c0SChuck Lever .confounder = &rfc8009_enc_test5_confounder,
15724d2d15c0SChuck Lever .base_key = &aes256_cts_hmac_sha384_192_basekey,
15734d2d15c0SChuck Lever .expected_result = &rfc8009_enc_test5_expected_result,
15744d2d15c0SChuck Lever .expected_hmac = &rfc8009_enc_test5_expected_hmac,
15754d2d15c0SChuck Lever },
15764d2d15c0SChuck Lever {
15774d2d15c0SChuck Lever .desc = "Encrypt short plaintext with aes256-cts-hmac-sha384-192",
15784d2d15c0SChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
15794d2d15c0SChuck Lever .plaintext = &rfc8009_enc_short_plaintext,
15804d2d15c0SChuck Lever .confounder = &rfc8009_enc_test6_confounder,
15814d2d15c0SChuck Lever .base_key = &aes256_cts_hmac_sha384_192_basekey,
15824d2d15c0SChuck Lever .expected_result = &rfc8009_enc_test6_expected_result,
15834d2d15c0SChuck Lever .expected_hmac = &rfc8009_enc_test6_expected_hmac,
15844d2d15c0SChuck Lever },
15854d2d15c0SChuck Lever {
15864d2d15c0SChuck Lever .desc = "Encrypt block plaintext with aes256-cts-hmac-sha384-192",
15874d2d15c0SChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
15884d2d15c0SChuck Lever .plaintext = &rfc8009_enc_block_plaintext,
15894d2d15c0SChuck Lever .confounder = &rfc8009_enc_test7_confounder,
15904d2d15c0SChuck Lever .base_key = &aes256_cts_hmac_sha384_192_basekey,
15914d2d15c0SChuck Lever .expected_result = &rfc8009_enc_test7_expected_result,
15924d2d15c0SChuck Lever .expected_hmac = &rfc8009_enc_test7_expected_hmac,
15934d2d15c0SChuck Lever },
15944d2d15c0SChuck Lever {
15954d2d15c0SChuck Lever .desc = "Encrypt long plaintext with aes256-cts-hmac-sha384-192",
15964d2d15c0SChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
15974d2d15c0SChuck Lever .plaintext = &rfc8009_enc_long_plaintext,
15984d2d15c0SChuck Lever .confounder = &rfc8009_enc_test8_confounder,
15994d2d15c0SChuck Lever .base_key = &aes256_cts_hmac_sha384_192_basekey,
16004d2d15c0SChuck Lever .expected_result = &rfc8009_enc_test8_expected_result,
16014d2d15c0SChuck Lever .expected_hmac = &rfc8009_enc_test8_expected_hmac,
16024d2d15c0SChuck Lever },
16034d2d15c0SChuck Lever };
16044d2d15c0SChuck Lever
16054d2d15c0SChuck Lever /* Creates the function rfc8009_encrypt_gen_params */
16064d2d15c0SChuck Lever KUNIT_ARRAY_PARAM(rfc8009_encrypt, rfc8009_encrypt_test_params,
16074d2d15c0SChuck Lever gss_krb5_get_desc);
16084d2d15c0SChuck Lever
rfc8009_encrypt_case(struct kunit * test)16094d2d15c0SChuck Lever static void rfc8009_encrypt_case(struct kunit *test)
16104d2d15c0SChuck Lever {
16114d2d15c0SChuck Lever const struct gss_krb5_test_param *param = test->param_value;
16124d2d15c0SChuck Lever struct crypto_sync_skcipher *cts_tfm, *cbc_tfm;
16134d2d15c0SChuck Lever const struct gss_krb5_enctype *gk5e;
16144d2d15c0SChuck Lever struct xdr_netobj Ke, Ki, checksum;
16154d2d15c0SChuck Lever u8 usage_data[GSS_KRB5_K5CLENGTH];
16164d2d15c0SChuck Lever struct xdr_netobj usage = {
16174d2d15c0SChuck Lever .data = usage_data,
16184d2d15c0SChuck Lever .len = sizeof(usage_data),
16194d2d15c0SChuck Lever };
16204d2d15c0SChuck Lever struct crypto_ahash *ahash_tfm;
16214d2d15c0SChuck Lever struct xdr_buf buf;
16224d2d15c0SChuck Lever void *text;
16234d2d15c0SChuck Lever size_t len;
16244d2d15c0SChuck Lever u32 err;
16254d2d15c0SChuck Lever
16264d2d15c0SChuck Lever /* Arrange */
16274d2d15c0SChuck Lever gk5e = gss_krb5_lookup_enctype(param->enctype);
1628fe90151cSChuck Lever if (!gk5e)
1629fe90151cSChuck Lever kunit_skip(test, "Encryption type is not available");
16304d2d15c0SChuck Lever
16314d2d15c0SChuck Lever *(__be32 *)usage.data = cpu_to_be32(2);
16324d2d15c0SChuck Lever
16334d2d15c0SChuck Lever Ke.len = gk5e->Ke_length;
16344d2d15c0SChuck Lever Ke.data = kunit_kzalloc(test, Ke.len, GFP_KERNEL);
16354d2d15c0SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, Ke.data);
16364d2d15c0SChuck Lever usage.data[4] = KEY_USAGE_SEED_ENCRYPTION;
16374d2d15c0SChuck Lever err = gk5e->derive_key(gk5e, param->base_key, &Ke,
16384d2d15c0SChuck Lever &usage, GFP_KERNEL);
16394d2d15c0SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
16404d2d15c0SChuck Lever
16414d2d15c0SChuck Lever cbc_tfm = crypto_alloc_sync_skcipher(gk5e->aux_cipher, 0, 0);
16424d2d15c0SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cbc_tfm);
16434d2d15c0SChuck Lever err = crypto_sync_skcipher_setkey(cbc_tfm, Ke.data, Ke.len);
16444d2d15c0SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
16454d2d15c0SChuck Lever
16464d2d15c0SChuck Lever cts_tfm = crypto_alloc_sync_skcipher(gk5e->encrypt_name, 0, 0);
16474d2d15c0SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cts_tfm);
16484d2d15c0SChuck Lever err = crypto_sync_skcipher_setkey(cts_tfm, Ke.data, Ke.len);
16494d2d15c0SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
16504d2d15c0SChuck Lever
16514d2d15c0SChuck Lever len = param->confounder->len + param->plaintext->len;
16524d2d15c0SChuck Lever text = kunit_kzalloc(test, len, GFP_KERNEL);
16534d2d15c0SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, text);
16544d2d15c0SChuck Lever memcpy(text, param->confounder->data, param->confounder->len);
16554d2d15c0SChuck Lever memcpy(text + param->confounder->len, param->plaintext->data,
16564d2d15c0SChuck Lever param->plaintext->len);
16574d2d15c0SChuck Lever
16584d2d15c0SChuck Lever memset(&buf, 0, sizeof(buf));
16594d2d15c0SChuck Lever buf.head[0].iov_base = text;
16604d2d15c0SChuck Lever buf.head[0].iov_len = param->confounder->len + param->plaintext->len;
16614d2d15c0SChuck Lever buf.len = buf.head[0].iov_len;
16624d2d15c0SChuck Lever
16634d2d15c0SChuck Lever checksum.len = gk5e->cksumlength;
16644d2d15c0SChuck Lever checksum.data = kunit_kzalloc(test, checksum.len, GFP_KERNEL);
16654d2d15c0SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, checksum.data);
16664d2d15c0SChuck Lever
16674d2d15c0SChuck Lever Ki.len = gk5e->Ki_length;
16684d2d15c0SChuck Lever Ki.data = kunit_kzalloc(test, Ki.len, GFP_KERNEL);
16694d2d15c0SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, Ki.data);
16704d2d15c0SChuck Lever usage.data[4] = KEY_USAGE_SEED_INTEGRITY;
16714d2d15c0SChuck Lever err = gk5e->derive_key(gk5e, param->base_key, &Ki,
16724d2d15c0SChuck Lever &usage, GFP_KERNEL);
16734d2d15c0SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
16744d2d15c0SChuck Lever
16754d2d15c0SChuck Lever ahash_tfm = crypto_alloc_ahash(gk5e->cksum_name, 0, CRYPTO_ALG_ASYNC);
16764d2d15c0SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ahash_tfm);
16774d2d15c0SChuck Lever err = crypto_ahash_setkey(ahash_tfm, Ki.data, Ki.len);
16784d2d15c0SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
16794d2d15c0SChuck Lever
16804d2d15c0SChuck Lever /* Act */
16814d2d15c0SChuck Lever err = krb5_cbc_cts_encrypt(cts_tfm, cbc_tfm, 0, &buf, NULL, NULL, 0);
16824d2d15c0SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
16834d2d15c0SChuck Lever err = krb5_etm_checksum(cts_tfm, ahash_tfm, &buf, 0, &checksum);
16844d2d15c0SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
16854d2d15c0SChuck Lever
16864d2d15c0SChuck Lever /* Assert */
16874d2d15c0SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
16884d2d15c0SChuck Lever param->expected_result->len, buf.len,
16894d2d15c0SChuck Lever "ciphertext length mismatch");
16904d2d15c0SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
16914d2d15c0SChuck Lever memcmp(param->expected_result->data,
16924d2d15c0SChuck Lever buf.head[0].iov_base,
16934d2d15c0SChuck Lever param->expected_result->len), 0,
16944d2d15c0SChuck Lever "ciphertext mismatch");
16954d2d15c0SChuck Lever KUNIT_EXPECT_EQ_MSG(test, memcmp(param->expected_hmac->data,
16964d2d15c0SChuck Lever checksum.data,
16974d2d15c0SChuck Lever checksum.len), 0,
16984d2d15c0SChuck Lever "HMAC mismatch");
16994d2d15c0SChuck Lever
17004d2d15c0SChuck Lever crypto_free_ahash(ahash_tfm);
17014d2d15c0SChuck Lever crypto_free_sync_skcipher(cts_tfm);
17024d2d15c0SChuck Lever crypto_free_sync_skcipher(cbc_tfm);
17034d2d15c0SChuck Lever }
17044d2d15c0SChuck Lever
1705fcbad14bSChuck Lever static struct kunit_case rfc8009_test_cases[] = {
1706fcbad14bSChuck Lever {
1707fcbad14bSChuck Lever .name = "RFC 8009 key derivation",
1708fcbad14bSChuck Lever .run_case = kdf_case,
1709fcbad14bSChuck Lever .generate_params = rfc8009_kdf_gen_params,
1710fcbad14bSChuck Lever },
1711003caf4fSChuck Lever {
1712003caf4fSChuck Lever .name = "RFC 8009 checksum",
1713003caf4fSChuck Lever .run_case = checksum_case,
1714003caf4fSChuck Lever .generate_params = rfc8009_checksum_gen_params,
1715003caf4fSChuck Lever },
17164d2d15c0SChuck Lever {
17174d2d15c0SChuck Lever .name = "RFC 8009 encryption",
17184d2d15c0SChuck Lever .run_case = rfc8009_encrypt_case,
17194d2d15c0SChuck Lever .generate_params = rfc8009_encrypt_gen_params,
17204d2d15c0SChuck Lever },
1721fb5b855dSChuck Lever {}
1722fcbad14bSChuck Lever };
1723fcbad14bSChuck Lever
1724fcbad14bSChuck Lever static struct kunit_suite rfc8009_suite = {
1725fcbad14bSChuck Lever .name = "RFC 8009 suite",
1726fcbad14bSChuck Lever .test_cases = rfc8009_test_cases,
1727fcbad14bSChuck Lever };
1728fcbad14bSChuck Lever
1729c4a9f055SChuck Lever /*
1730c4a9f055SChuck Lever * Encryption self-tests
1731c4a9f055SChuck Lever */
1732c4a9f055SChuck Lever
1733c4a9f055SChuck Lever DEFINE_STR_XDR_NETOBJ(encrypt_selftest_plaintext,
1734c4a9f055SChuck Lever "This is the plaintext for the encryption self-test.");
1735c4a9f055SChuck Lever
1736c4a9f055SChuck Lever static const struct gss_krb5_test_param encrypt_selftest_params[] = {
1737c4a9f055SChuck Lever {
1738c4a9f055SChuck Lever .desc = "aes128-cts-hmac-sha1-96 encryption self-test",
1739c4a9f055SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA1_96,
1740c4a9f055SChuck Lever .Ke = &rfc3962_encryption_key,
1741c4a9f055SChuck Lever .plaintext = &encrypt_selftest_plaintext,
1742c4a9f055SChuck Lever },
1743c4a9f055SChuck Lever {
1744c4a9f055SChuck Lever .desc = "aes256-cts-hmac-sha1-96 encryption self-test",
1745c4a9f055SChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA1_96,
1746c4a9f055SChuck Lever .Ke = &rfc3962_encryption_key,
1747c4a9f055SChuck Lever .plaintext = &encrypt_selftest_plaintext,
1748c4a9f055SChuck Lever },
1749c4a9f055SChuck Lever {
1750c4a9f055SChuck Lever .desc = "camellia128-cts-cmac encryption self-test",
1751c4a9f055SChuck Lever .enctype = ENCTYPE_CAMELLIA128_CTS_CMAC,
1752c4a9f055SChuck Lever .Ke = &camellia128_cts_cmac_Ke,
1753c4a9f055SChuck Lever .plaintext = &encrypt_selftest_plaintext,
1754c4a9f055SChuck Lever },
1755c4a9f055SChuck Lever {
1756c4a9f055SChuck Lever .desc = "camellia256-cts-cmac encryption self-test",
1757c4a9f055SChuck Lever .enctype = ENCTYPE_CAMELLIA256_CTS_CMAC,
1758c4a9f055SChuck Lever .Ke = &camellia256_cts_cmac_Ke,
1759c4a9f055SChuck Lever .plaintext = &encrypt_selftest_plaintext,
1760c4a9f055SChuck Lever },
1761c4a9f055SChuck Lever {
1762c4a9f055SChuck Lever .desc = "aes128-cts-hmac-sha256-128 encryption self-test",
1763c4a9f055SChuck Lever .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128,
1764c4a9f055SChuck Lever .Ke = &aes128_cts_hmac_sha256_128_Ke,
1765c4a9f055SChuck Lever .plaintext = &encrypt_selftest_plaintext,
1766c4a9f055SChuck Lever },
1767c4a9f055SChuck Lever {
1768c4a9f055SChuck Lever .desc = "aes256-cts-hmac-sha384-192 encryption self-test",
1769c4a9f055SChuck Lever .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192,
1770c4a9f055SChuck Lever .Ke = &aes256_cts_hmac_sha384_192_Ke,
1771c4a9f055SChuck Lever .plaintext = &encrypt_selftest_plaintext,
1772c4a9f055SChuck Lever },
1773c4a9f055SChuck Lever };
1774c4a9f055SChuck Lever
1775c4a9f055SChuck Lever /* Creates the function encrypt_selftest_gen_params */
1776c4a9f055SChuck Lever KUNIT_ARRAY_PARAM(encrypt_selftest, encrypt_selftest_params,
1777c4a9f055SChuck Lever gss_krb5_get_desc);
1778c4a9f055SChuck Lever
1779c4a9f055SChuck Lever /*
1780c4a9f055SChuck Lever * Encrypt and decrypt plaintext, and ensure the input plaintext
1781c4a9f055SChuck Lever * matches the output plaintext. A confounder is not added in this
1782c4a9f055SChuck Lever * case.
1783c4a9f055SChuck Lever */
encrypt_selftest_case(struct kunit * test)1784c4a9f055SChuck Lever static void encrypt_selftest_case(struct kunit *test)
1785c4a9f055SChuck Lever {
1786c4a9f055SChuck Lever const struct gss_krb5_test_param *param = test->param_value;
1787c4a9f055SChuck Lever struct crypto_sync_skcipher *cts_tfm, *cbc_tfm;
1788c4a9f055SChuck Lever const struct gss_krb5_enctype *gk5e;
1789c4a9f055SChuck Lever struct xdr_buf buf;
1790c4a9f055SChuck Lever void *text;
1791c4a9f055SChuck Lever int err;
1792c4a9f055SChuck Lever
1793c4a9f055SChuck Lever /* Arrange */
1794c4a9f055SChuck Lever gk5e = gss_krb5_lookup_enctype(param->enctype);
1795fe90151cSChuck Lever if (!gk5e)
1796fe90151cSChuck Lever kunit_skip(test, "Encryption type is not available");
1797c4a9f055SChuck Lever
1798c4a9f055SChuck Lever cbc_tfm = crypto_alloc_sync_skcipher(gk5e->aux_cipher, 0, 0);
1799c4a9f055SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cbc_tfm);
1800c4a9f055SChuck Lever err = crypto_sync_skcipher_setkey(cbc_tfm, param->Ke->data, param->Ke->len);
1801c4a9f055SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1802c4a9f055SChuck Lever
1803c4a9f055SChuck Lever cts_tfm = crypto_alloc_sync_skcipher(gk5e->encrypt_name, 0, 0);
1804c4a9f055SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cts_tfm);
1805c4a9f055SChuck Lever err = crypto_sync_skcipher_setkey(cts_tfm, param->Ke->data, param->Ke->len);
1806c4a9f055SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1807c4a9f055SChuck Lever
1808c4a9f055SChuck Lever text = kunit_kzalloc(test, roundup(param->plaintext->len,
1809c4a9f055SChuck Lever crypto_sync_skcipher_blocksize(cbc_tfm)),
1810c4a9f055SChuck Lever GFP_KERNEL);
1811c4a9f055SChuck Lever KUNIT_ASSERT_NOT_ERR_OR_NULL(test, text);
1812c4a9f055SChuck Lever
1813c4a9f055SChuck Lever memcpy(text, param->plaintext->data, param->plaintext->len);
1814c4a9f055SChuck Lever memset(&buf, 0, sizeof(buf));
1815c4a9f055SChuck Lever buf.head[0].iov_base = text;
1816c4a9f055SChuck Lever buf.head[0].iov_len = param->plaintext->len;
1817c4a9f055SChuck Lever buf.len = buf.head[0].iov_len;
1818c4a9f055SChuck Lever
1819c4a9f055SChuck Lever /* Act */
1820c4a9f055SChuck Lever err = krb5_cbc_cts_encrypt(cts_tfm, cbc_tfm, 0, &buf, NULL, NULL, 0);
1821c4a9f055SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1822c4a9f055SChuck Lever err = krb5_cbc_cts_decrypt(cts_tfm, cbc_tfm, 0, &buf);
1823c4a9f055SChuck Lever KUNIT_ASSERT_EQ(test, err, 0);
1824c4a9f055SChuck Lever
1825c4a9f055SChuck Lever /* Assert */
1826c4a9f055SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
1827c4a9f055SChuck Lever param->plaintext->len, buf.len,
1828c4a9f055SChuck Lever "length mismatch");
1829c4a9f055SChuck Lever KUNIT_EXPECT_EQ_MSG(test,
1830c4a9f055SChuck Lever memcmp(param->plaintext->data,
1831c4a9f055SChuck Lever buf.head[0].iov_base, buf.len), 0,
1832c4a9f055SChuck Lever "plaintext mismatch");
1833c4a9f055SChuck Lever
1834c4a9f055SChuck Lever crypto_free_sync_skcipher(cts_tfm);
1835c4a9f055SChuck Lever crypto_free_sync_skcipher(cbc_tfm);
1836c4a9f055SChuck Lever }
1837c4a9f055SChuck Lever
1838c4a9f055SChuck Lever static struct kunit_case encryption_test_cases[] = {
1839c4a9f055SChuck Lever {
1840c4a9f055SChuck Lever .name = "Encryption self-tests",
1841c4a9f055SChuck Lever .run_case = encrypt_selftest_case,
1842c4a9f055SChuck Lever .generate_params = encrypt_selftest_gen_params,
1843c4a9f055SChuck Lever },
1844fb5b855dSChuck Lever {}
1845c4a9f055SChuck Lever };
1846c4a9f055SChuck Lever
1847c4a9f055SChuck Lever static struct kunit_suite encryption_test_suite = {
1848c4a9f055SChuck Lever .name = "Encryption test suite",
1849c4a9f055SChuck Lever .test_cases = encryption_test_cases,
1850c4a9f055SChuck Lever };
1851c4a9f055SChuck Lever
1852e1a9a384SChuck Lever kunit_test_suites(&rfc3961_suite,
185335f6e42eSChuck Lever &rfc3962_suite,
1854fcbad14bSChuck Lever &rfc6803_suite,
1855c4a9f055SChuck Lever &rfc8009_suite,
1856c4a9f055SChuck Lever &encryption_test_suite);
1857eebd8c2dSChuck Lever
1858eebd8c2dSChuck Lever MODULE_DESCRIPTION("Test RPCSEC GSS Kerberos 5 functions");
1859eebd8c2dSChuck Lever MODULE_LICENSE("GPL");
1860