xref: /freebsd/contrib/netbsd-tests/lib/libcrypt/t_crypt.c (revision 02e9120893770924227138ba49df1edb3896112a)
1 /* $NetBSD: t_crypt.c,v 1.3 2011/12/28 22:07:40 christos Exp $ */
2 
3 /*
4  * This version is derived from the original implementation of FreeSec
5  * (release 1.1) by David Burren.  I've reviewed the changes made in
6  * OpenBSD (as of 2.7) and modified the original code in a similar way
7  * where applicable.  I've also made it reentrant and made a number of
8  * other changes.
9  * - Solar Designer <solar at openwall.com>
10  */
11 
12 /*
13  * FreeSec: libcrypt for NetBSD
14  *
15  * Copyright (c) 1994 David Burren
16  * All rights reserved.
17  *
18  * Redistribution and use in source and binary forms, with or without
19  * modification, are permitted provided that the following conditions
20  * are met:
21  * 1. Redistributions of source code must retain the above copyright
22  *    notice, this list of conditions and the following disclaimer.
23  * 2. Redistributions in binary form must reproduce the above copyright
24  *    notice, this list of conditions and the following disclaimer in the
25  *    documentation and/or other materials provided with the distribution.
26  * 3. Neither the name of the author nor the names of other contributors
27  *    may be used to endorse or promote products derived from this software
28  *    without specific prior written permission.
29  *
30  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
31  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
32  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
33  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
34  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
35  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
36  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
37  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
38  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
39  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40  * SUCH DAMAGE.
41  *
42  *	$Owl: Owl/packages/glibc/crypt_freesec.c,v 1.6 2010/02/20 14:45:06 solar Exp $
43  *	Id: crypt.c,v 1.15 1994/09/13 04:58:49 davidb Exp
44  *
45  * This is an original implementation of the DES and the crypt(3) interfaces
46  * by David Burren <davidb at werj.com.au>.
47  *
48  * An excellent reference on the underlying algorithm (and related
49  * algorithms) is:
50  *
51  *	B. Schneier, Applied Cryptography: protocols, algorithms,
52  *	and source code in C, John Wiley & Sons, 1994.
53  *
54  * Note that in that book's description of DES the lookups for the initial,
55  * pbox, and final permutations are inverted (this has been brought to the
56  * attention of the author).  A list of errata for this book has been
57  * posted to the sci.crypt newsgroup by the author and is available for FTP.
58  *
59  * ARCHITECTURE ASSUMPTIONS:
60  *	This code used to have some nasty ones, but these have been removed
61  *	by now.	 The code requires a 32-bit integer type, though.
62  */
63 #include <sys/cdefs.h>
64 __RCSID("$NetBSD: t_crypt.c,v 1.3 2011/12/28 22:07:40 christos Exp $");
65 
66 #include <atf-c.h>
67 #include <stdio.h>
68 #include <string.h>
69 #include <stdlib.h>
70 #include <unistd.h>
71 
72 static const struct {
73 	const char *hash;
74 	const char *pw;
75 } tests[] = {
76 /* "new"-style */
77 /*  0 */	{ "_J9..CCCCXBrJUJV154M", "U*U*U*U*" },
78 /*  1 */	{ "_J9..CCCCXUhOBTXzaiE", "U*U***U" },
79 /*  2 */	{ "_J9..CCCC4gQ.mB/PffM", "U*U***U*" },
80 /*  3 */	{ "_J9..XXXXvlzQGqpPPdk", "*U*U*U*U" },
81 /*  4 */	{ "_J9..XXXXsqM/YSSP..Y", "*U*U*U*U*" },
82 /*  5 */	{ "_J9..XXXXVL7qJCnku0I", "*U*U*U*U*U*U*U*U" },
83 /*  6 */	{ "_J9..XXXXAj8cFbP5scI", "*U*U*U*U*U*U*U*U*" },
84 /*  7 */	{ "_J9..SDizh.vll5VED9g", "ab1234567" },
85 /*  8 */	{ "_J9..SDizRjWQ/zePPHc", "cr1234567" },
86 /*  9 */	{ "_J9..SDizxmRI1GjnQuE", "zxyDPWgydbQjgq" },
87 /* 10 */	{ "_K9..SaltNrQgIYUAeoY", "726 even" },
88 /* 11 */	{ "_J9..SDSD5YGyRCr4W4c", "" },
89 /* "old"-style, valid salts */
90 /* 12 */	{ "CCNf8Sbh3HDfQ", "U*U*U*U*" },
91 /* 13 */	{ "CCX.K.MFy4Ois", "U*U***U" },
92 /* 14 */	{ "CC4rMpbg9AMZ.", "U*U***U*" },
93 /* 15 */	{ "XXxzOu6maQKqQ", "*U*U*U*U" },
94 /* 16 */	{ "SDbsugeBiC58A", "" },
95 /* 17 */	{ "./xZjzHv5vzVE", "password" },
96 /* 18 */	{ "0A2hXM1rXbYgo", "password" },
97 /* 19 */	{ "A9RXdR23Y.cY6", "password" },
98 /* 20 */	{ "ZziFATVXHo2.6", "password" },
99 /* 21 */	{ "zZDDIZ0NOlPzw", "password" },
100 /* "old"-style, "reasonable" invalid salts, UFC-crypt behavior expected */
101 /* 22 */	{ "\001\002wyd0KZo65Jo", "password" },
102 /* 23 */	{ "a_C10Dk/ExaG.", "password" },
103 /* 24 */	{ "~\377.5OTsRVjwLo", "password" },
104 /* The below are erroneous inputs, so NULL return is expected/required */
105 /* 25 */	{ "", "" }, /* no salt */
106 /* 26 */	{ " ", "" }, /* setting string is too short */
107 /* 27 */	{ "a:", "" }, /* unsafe character */
108 /* 28 */	{ "\na", "" }, /* unsafe character */
109 /* 29 */	{ "_/......", "" }, /* setting string is too short for its type */
110 /* 30 */	{ "_........", "" }, /* zero iteration count */
111 /* 31 */	{ "_/!......", "" }, /* invalid character in count */
112 /* 32 */	{ "_/......!", "" }, /* invalid character in salt */
113 /* 33 */	{ NULL, NULL }
114 };
115 
116 ATF_TC(crypt_salts);
117 
118 ATF_TC_HEAD(crypt_salts, tc)
119 {
120 
121 	atf_tc_set_md_var(tc, "descr", "crypt(3) salt consistency checks");
122 }
123 
124 ATF_TC_BODY(crypt_salts, tc)
125 {
126 	for (size_t i = 0; tests[i].hash; i++) {
127 		char *hash = crypt(tests[i].pw, tests[i].hash);
128 #if defined(__FreeBSD__)
129 		if (i >= 22 && i != 24 && i != 25)
130 			atf_tc_expect_fail("Old-style/bad inputs fail on FreeBSD");
131 		else
132 			atf_tc_expect_pass();
133 #endif
134 		if (!hash) {
135 			ATF_CHECK_MSG(0, "Test %zu NULL\n", i);
136 			continue;
137 		}
138 		if (strcmp(hash, "*0") == 0 && strlen(tests[i].hash) < 13)
139 			continue; /* expected failure */
140 		if (strcmp(hash, tests[i].hash))
141 			ATF_CHECK_MSG(0, "Test %zu %s != %s\n",
142 			    i, hash, tests[i].hash);
143 	}
144 }
145 
146 ATF_TP_ADD_TCS(tp)
147 {
148 
149 	ATF_TP_ADD_TC(tp, crypt_salts);
150 	return atf_no_error();
151 }
152