1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/crypto/builtin/des/t_verify.c */
3 /*
4 * Copyright 1988, 1990 by the Massachusetts Institute of Technology.
5 * All Rights Reserved.
6 *
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
11 *
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
25 */
26 /*
27 * Copyright (C) 1998 by the FundsXpress, INC.
28 *
29 * All rights reserved.
30 *
31 * Export of this software from the United States of America may require
32 * a specific license from the United States Government. It is the
33 * responsibility of any person or organization contemplating export to
34 * obtain such a license before exporting.
35 *
36 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
37 * distribute this software and its documentation for any purpose and
38 * without fee is hereby granted, provided that the above copyright
39 * notice appear in all copies and that both that copyright notice and
40 * this permission notice appear in supporting documentation, and that
41 * the name of FundsXpress. not be used in advertising or publicity pertaining
42 * to distribution of the software without specific, written prior
43 * permission. FundsXpress makes no representations about the suitability of
44 * this software for any purpose. It is provided "as is" without express
45 * or implied warranty.
46 *
47 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
48 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
49 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
50 */
51
52 /*
53 *
54 * Program to test the correctness of the DES library
55 * implementation.
56 *
57 * exit returns 0 ==> success
58 * -1 ==> error
59 */
60
61 #include "k5-int.h"
62 #include "des_int.h"
63 #include <stdio.h>
64 #include "com_err.h"
65
66 static void do_encrypt(unsigned char *, unsigned char *);
67 static void do_decrypt(unsigned char *, unsigned char *);
68
69 char *progname;
70 int nflag = 2;
71 int vflag;
72 int mflag;
73 int zflag;
74 int pid;
75 int mit_des_debug;
76
77 unsigned char cipher_text[64];
78 unsigned char clear_text[64] = "Now is the time for all " ;
79 unsigned char clear_text2[64] = "7654321 Now is the time for ";
80 unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0};
81 unsigned char output[64];
82 unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0};
83 unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */
84 unsigned char *input;
85
86 /* 0x0123456789abcdef */
87 unsigned char default_key[8] = {
88 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
89 };
90 unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f };
91 unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 };
92 mit_des_cblock s_key;
93 unsigned char default_ivec[8] = {
94 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
95 };
96 unsigned char *ivec;
97 unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */
98
99 unsigned char cipher1[8] = {
100 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67
101 };
102 unsigned char cipher2[8] = {
103 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15
104 };
105 unsigned char cipher3[64] = {
106 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c,
107 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f,
108 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6
109 };
110 unsigned char checksum[8] = {
111 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33
112 };
113
114 unsigned char zresult[8] = {
115 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7
116 };
117
118 unsigned char mresult[8] = {
119 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96
120 };
121
122
123 /*
124 * Can also add :
125 * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?)
126 */
127
128 mit_des_key_schedule sched;
129
130 int
main(int argc,char * argv[])131 main(int argc, char *argv[])
132 {
133 /* Local Declarations */
134 size_t in_length;
135 int retval;
136 int i, j;
137
138 #ifdef WINDOWS
139 /* Set screen window buffer to infinite size -- MS default is tiny. */
140 _wsetscreenbuf (fileno (stdout), _WINBUFINF);
141 #endif
142 progname=argv[0]; /* salt away invoking program */
143
144 while (--argc > 0 && (*++argv)[0] == '-')
145 for (i=1; argv[0][i] != '\0'; i++) {
146 switch (argv[0][i]) {
147
148 /* debug flag */
149 case 'd':
150 mit_des_debug=3;
151 continue;
152
153 case 'z':
154 zflag = 1;
155 continue;
156
157 case 'm':
158 mflag = 1;
159 continue;
160
161 default:
162 printf("%s: illegal flag \"%c\" ",
163 progname,argv[0][i]);
164 exit(1);
165 }
166 };
167
168 if (argc) {
169 fprintf(stderr, "Usage: %s [-dmz]\n", progname);
170 exit(1);
171 }
172
173 /* do some initialisation */
174
175 /* use known input and key */
176
177 /* ECB zero text zero key */
178 if (zflag) {
179 input = zero_text;
180 mit_des_key_sched(zero_key, sched);
181 printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
182 do_encrypt(input,cipher_text);
183 printf("\tcipher = (low to high bytes)\n\t\t");
184 for (j = 0; j<=7; j++)
185 printf("%02x ",cipher_text[j]);
186 printf("\n");
187 do_decrypt(output,cipher_text);
188 if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
189 printf("verify: error in zero key test\n");
190 exit(-1);
191 }
192
193 exit(0);
194 }
195
196 if (mflag) {
197 input = msb_text;
198 mit_des_key_sched(key3, sched);
199 printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
200 printf("key = 0x80 01 01 01 01 01 01 01\n");
201 printf(" cipher = 0xa380e02a6be54696\n");
202 do_encrypt(input,cipher_text);
203 printf("\tcipher = (low to high bytes)\n\t\t");
204 for (j = 0; j<=7; j++) {
205 printf("%02x ",cipher_text[j]);
206 }
207 printf("\n");
208 do_decrypt(output,cipher_text);
209 if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
210 printf("verify: error in msb test\n");
211 exit(-1);
212 }
213 exit(0);
214 }
215
216 /* ECB mode Davies and Price */
217 {
218 input = zero_text;
219 mit_des_key_sched(key2, sched);
220 printf("Examples per FIPS publication 81, keys ivs and cipher\n");
221 printf("in hex. These are the correct answers, see below for\n");
222 printf("the actual answers.\n\n");
223 printf("Examples per Davies and Price.\n\n");
224 printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
225 printf("\tclear = 0\n");
226 printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
227 printf("ACTUAL ECB\n");
228 printf("\tclear \"%s\"\n", input);
229 do_encrypt(input,cipher_text);
230 printf("\tcipher = (low to high bytes)\n\t\t");
231 for (j = 0; j<=7; j++)
232 printf("%02x ",cipher_text[j]);
233 printf("\n\n");
234 do_decrypt(output,cipher_text);
235 if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
236 printf("verify: error in ECB encryption\n");
237 exit(-1);
238 }
239 else
240 printf("verify: ECB encryption is correct\n\n");
241 }
242
243 /* ECB mode */
244 {
245 mit_des_key_sched(default_key, sched);
246 input = clear_text;
247 ivec = default_ivec;
248 printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
249 printf("\tclear = \"Now is the time for all \"\n");
250 printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
251 printf("ACTUAL ECB\n\tclear \"%s\"",input);
252 do_encrypt(input,cipher_text);
253 printf("\n\tcipher = (low to high bytes)\n\t\t");
254 for (j = 0; j<=7; j++) {
255 printf("%02x ",cipher_text[j]);
256 }
257 printf("\n\n");
258 do_decrypt(output,cipher_text);
259 if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
260 printf("verify: error in ECB encryption\n");
261 exit(-1);
262 }
263 else
264 printf("verify: ECB encryption is correct\n\n");
265 }
266
267 /* CBC mode */
268 printf("EXAMPLE CBC\tkey = 0123456789abcdef");
269 printf("\tiv = 1234567890abcdef\n");
270 printf("\tclear = \"Now is the time for all \"\n");
271 printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n");
272 printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n");
273 printf("\t\t\t68 37 88 49 9a 7c 05 f6\n");
274
275 printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
276 in_length = strlen((char *)input);
277 if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input,
278 (mit_des_cblock *) cipher_text,
279 (size_t) in_length,
280 sched,
281 ivec,
282 MIT_DES_ENCRYPT))) {
283 com_err("des verify", retval, "can't encrypt");
284 exit(-1);
285 }
286 printf("\tciphertext = (low to high bytes)\n");
287 for (i = 0; i <= 2; i++) {
288 printf("\t\t");
289 for (j = 0; j <= 7; j++) {
290 printf("%02x ",cipher_text[i*8+j]);
291 }
292 printf("\n");
293 }
294 if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text,
295 (mit_des_cblock *) clear_text,
296 (size_t) in_length,
297 sched,
298 ivec,
299 MIT_DES_DECRYPT))) {
300 com_err("des verify", retval, "can't decrypt");
301 exit(-1);
302 }
303 printf("\tdecrypted clear_text = \"%s\"\n",clear_text);
304
305 if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) {
306 printf("verify: error in CBC encryption\n");
307 exit(-1);
308 }
309 else
310 printf("verify: CBC encryption is correct\n\n");
311
312 printf("EXAMPLE CBC checksum");
313 printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n");
314 printf("\tclear =\t\t\"7654321 Now is the time for \"\n");
315 printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, ");
316 printf("or some part thereof\n");
317 input = clear_text2;
318 mit_des_cbc_cksum(input,cipher_text, strlen((char *)input),
319 sched,ivec);
320 printf("ACTUAL CBC checksum\n");
321 printf("\t\tencrypted cksum = (low to high bytes)\n\t\t");
322 for (j = 0; j<=7; j++)
323 printf("%02x ",cipher_text[j]);
324 printf("\n\n");
325 if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
326 printf("verify: error in CBC checksum\n");
327 exit(-1);
328 }
329 else
330 printf("verify: CBC checksum is correct\n\n");
331
332 exit(0);
333 }
334
335 static void
do_encrypt(unsigned char * in,unsigned char * out)336 do_encrypt(unsigned char *in, unsigned char *out)
337 {
338 int i, j;
339 for (i =1; i<=nflag; i++) {
340 mit_des_cbc_encrypt((const mit_des_cblock *)in,
341 (mit_des_cblock *)out,
342 8,
343 sched,
344 zero_text,
345 MIT_DES_ENCRYPT);
346 if (mit_des_debug) {
347 printf("\nclear %s\n",in);
348 for (j = 0; j<=7; j++)
349 printf("%02X ",in[j] & 0xff);
350 printf("\tcipher ");
351 for (j = 0; j<=7; j++)
352 printf("%02X ",out[j] & 0xff);
353 }
354 }
355 }
356
357 static void
do_decrypt(unsigned char * in,unsigned char * out)358 do_decrypt(unsigned char *in, unsigned char *out)
359 /* try to invert it */
360 {
361 int i, j;
362 for (i =1; i<=nflag; i++) {
363 mit_des_cbc_encrypt((const mit_des_cblock *)out,
364 (mit_des_cblock *)in,
365 8,
366 sched,
367 zero_text,
368 MIT_DES_DECRYPT);
369 if (mit_des_debug) {
370 printf("clear %s\n",in);
371 for (j = 0; j<=7; j++)
372 printf("%02X ",in[j] & 0xff);
373 printf("\tcipher ");
374 for (j = 0; j<=7; j++)
375 printf("%02X ",out[j] & 0xff);
376 }
377 }
378 }
379
380 /*
381 * Fake out the DES library, for the purposes of testing.
382 */
383
384 int
mit_des_is_weak_key(mit_des_cblock key)385 mit_des_is_weak_key(mit_des_cblock key)
386 {
387 return 0; /* fake it out for testing */
388 }
389