8 unsigned char keys[12][8];
11 struct test_case test_cases[] = {
13 "Sodium Chloride", -1,
15 { 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, },
16 { 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, },
17 { 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, },
18 { 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, },
19 { 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, },
20 { 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, },
21 { 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, },
22 { 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, },
23 { 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, },
24 { 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, },
25 { 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, },
26 { 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, },
32 { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
33 { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
34 { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
35 { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
36 { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
37 { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
38 { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
39 { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
40 { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
41 { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
42 { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
43 { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
47 /* This one intentionally supplies a length shorter
48 than the string. The point of this is to ensure
49 that s[len] is not zero, so that anything actually
50 relying on that value (i.e., reading out of bounds)
51 should generate incorrect results. */
54 { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
55 { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
56 { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
57 { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
58 { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
59 { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
60 { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
61 { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
62 { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
63 { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
64 { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
65 { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
70 static void do_it (struct test_case *tcase);
73 main (int argc, char *argv[])
78 for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++)
79 do_it (&test_cases[i]);
84 do_it (struct test_case *tcase)
86 unsigned char keydata[8];
87 krb5_data salt, passwd;
91 unsigned char longpass[2048];
93 key.contents = keydata;
94 key.length = sizeof (keydata);
96 salt.data = tcase->saltstr;
97 if (tcase->saltlen == -1)
98 salt.length = strlen (tcase->saltstr);
100 salt.length = tcase->saltlen;
103 * Try passwords with lengths equal to, greater than, and less
104 * than 8 characters, since the AFS s2k algorithm does
105 * interesting stuff depending on the length.
107 passwd.data = "My Password";
108 for (i = 0; i < 12; i++) {
110 err = mit_afs_string_to_key (&key, &passwd, &salt);
112 com_err (me, err, "");
115 if (memcmp (tcase->keys[i], keydata, 8) != 0)
119 /* Run another pass to make sure the characters after the
120 password in the buffer aren't influencing the output. The
121 password is *not* required to be null-terminated. */
122 memset (longpass, '!', sizeof (longpass));
123 longpass[sizeof (longpass)-1] = '\0';
124 memcpy (longpass, "My Password", strlen ("My Password"));
125 passwd.data = (char *) longpass;
126 for (i = 0; i < 12; i++) {
128 err = mit_afs_string_to_key (&key, &passwd, &salt);
130 com_err (me, err, "");
133 if (memcmp (tcase->keys[i], keydata, 8) != 0)