3 * Copyright (c) 2014-2015, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #include "utils/includes.h"
11 #include "utils/common.h"
12 #include "crypto/aes_siv.h"
13 #include "crypto/aes_wrap.h"
14 #include "crypto/aes.h"
15 #include "crypto/ms_funcs.h"
16 #include "crypto/crypto.h"
17 #include "crypto/sha1.h"
18 #include "crypto/sha256.h"
21 static int test_siv(void)
24 /* RFC 5297, A.1. Deterministic Authenticated Encryption Example */
26 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
27 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
28 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
29 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
32 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
33 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
34 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
37 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
38 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee
41 0x85, 0x63, 0x2d, 0x07, 0xc6, 0xe8, 0xf3, 0x7f,
42 0x95, 0x0a, 0xcd, 0x32, 0x0a, 0x2e, 0xcc, 0x93,
43 0x40, 0xc0, 0x2b, 0x96, 0x90, 0xc4, 0xdc, 0x04,
44 0xda, 0xef, 0x7f, 0x6a, 0xfe, 0x5c
46 /* RFC 5297, A.2. Nonce-Based Authenticated Encryption Example */
48 0x7f, 0x7e, 0x7d, 0x7c, 0x7b, 0x7a, 0x79, 0x78,
49 0x77, 0x76, 0x75, 0x74, 0x73, 0x72, 0x71, 0x70,
50 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
51 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
54 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
55 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
56 0xde, 0xad, 0xda, 0xda, 0xde, 0xad, 0xda, 0xda,
57 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88,
58 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00
61 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80,
65 0x09, 0xf9, 0x11, 0x02, 0x9d, 0x74, 0xe3, 0x5b,
66 0xd8, 0x41, 0x56, 0xc5, 0x63, 0x56, 0x88, 0xc0
69 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
70 0x73, 0x6f, 0x6d, 0x65, 0x20, 0x70, 0x6c, 0x61,
71 0x69, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x20, 0x74,
72 0x6f, 0x20, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70,
73 0x74, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x20,
74 0x53, 0x49, 0x56, 0x2d, 0x41, 0x45, 0x53
77 0x7b, 0xdb, 0x6e, 0x3b, 0x43, 0x26, 0x67, 0xeb,
78 0x06, 0xf4, 0xd1, 0x4b, 0xff, 0x2f, 0xbd, 0x0f,
79 0xcb, 0x90, 0x0f, 0x2f, 0xdd, 0xbe, 0x40, 0x43,
80 0x26, 0x60, 0x19, 0x65, 0xc8, 0x89, 0xbf, 0x17,
81 0xdb, 0xa7, 0x7c, 0xeb, 0x09, 0x4f, 0xa6, 0x63,
82 0xb7, 0xa3, 0xf7, 0x48, 0xba, 0x8a, 0xf8, 0x29,
83 0xea, 0x64, 0xad, 0x54, 0x4a, 0x27, 0x2e, 0x9c,
84 0x48, 0x5b, 0x62, 0xa3, 0xfd, 0x5c, 0x0d
86 u8 out[2 * AES_BLOCK_SIZE + sizeof(plaintext_2)];
90 /* RFC 5297, A.1. Deterministic Authenticated Encryption Example */
94 if (aes_siv_encrypt(key, plaintext, sizeof(plaintext),
96 wpa_printf(MSG_ERROR, "AES-SIV mode encryption failed");
99 if (os_memcmp(out, iv_c, sizeof(iv_c)) != 0) {
100 wpa_printf(MSG_ERROR,
101 "AES-SIV mode encryption returned invalid cipher text");
105 if (aes_siv_decrypt(key, iv_c, sizeof(iv_c), 1, addr, len, out)) {
106 wpa_printf(MSG_ERROR, "AES-SIV mode decryption failed");
109 if (os_memcmp(out, plaintext, sizeof(plaintext)) != 0) {
110 wpa_printf(MSG_ERROR,
111 "AES-SIV mode decryption returned invalid plain text");
115 /* RFC 5297, A.2. Nonce-Based Authenticated Encryption Example */
117 len[0] = sizeof(ad1_2);
119 len[1] = sizeof(ad2_2);
121 len[2] = sizeof(nonce_2);
123 if (aes_siv_encrypt(key_2, plaintext_2, sizeof(plaintext_2),
124 3, addr, len, out)) {
125 wpa_printf(MSG_ERROR, "AES-SIV mode encryption failed");
128 if (os_memcmp(out, iv_c_2, sizeof(iv_c_2)) != 0) {
129 wpa_printf(MSG_ERROR,
130 "AES-SIV mode encryption returned invalid cipher text");
134 if (aes_siv_decrypt(key_2, iv_c_2, sizeof(iv_c_2), 3, addr, len, out)) {
135 wpa_printf(MSG_ERROR, "AES-SIV mode decryption failed");
138 if (os_memcmp(out, plaintext_2, sizeof(plaintext_2)) != 0) {
139 wpa_printf(MSG_ERROR,
140 "AES-SIV mode decryption returned invalid plain text");
144 wpa_printf(MSG_INFO, "AES-SIV test cases passed");
145 #endif /* CONFIG_MESH */
151 /* OMAC1 AES-128 test vectors from
152 * http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/omac/omac-ad.pdf
153 * which are same as the examples from NIST SP800-38B
154 * http://csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf
157 struct omac1_test_vector {
164 static const struct omac1_test_vector omac1_test_vectors[] =
167 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
168 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
171 { 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
172 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 }
175 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
176 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
177 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
178 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
180 { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
181 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c }
184 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
185 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
186 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
187 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
188 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
189 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
190 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11 },
192 { 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
193 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27 }
196 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
197 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
198 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
199 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
200 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
201 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
202 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
203 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
204 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
205 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 },
207 { 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
208 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe }
213 static int test_omac1_vector(const struct omac1_test_vector *tv,
217 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
218 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
220 u8 msg[] = { 0x12, 0x34, 0x56 };
221 u8 result[24], result2[24];
225 if (omac1_aes_128(tv->k, tv->msg, tv->msg_len, result) ||
226 os_memcmp(result, tv->tag, 16) != 0) {
227 wpa_printf(MSG_ERROR, "OMAC1-AES-128 test vector %u failed", i);
231 if (tv->msg_len > 1) {
235 addr[1] = tv->msg + 1;
236 len[1] = tv->msg_len - 1;
238 if (omac1_aes_128_vector(tv->k, 2, addr, len, result) ||
239 os_memcmp(result, tv->tag, 16) != 0) {
240 wpa_printf(MSG_ERROR,
241 "OMAC1-AES-128(vector) test vector %u failed",
247 len[0] = tv->msg_len - 2;
248 addr[1] = tv->msg + tv->msg_len - 2;
250 addr[2] = tv->msg + tv->msg_len - 1;
253 if (omac1_aes_128_vector(tv->k, 3, addr, len, result) ||
254 os_memcmp(result, tv->tag, 16) != 0) {
255 wpa_printf(MSG_ERROR,
256 "OMAC1-AES-128(vector2) test vector %u failed",
268 if (omac1_aes_128(key, msg, sizeof(msg), result) ||
269 omac1_aes_128_vector(key, 3, addr, len, result2) ||
270 os_memcmp(result, result2, 16) != 0) {
271 wpa_printf(MSG_ERROR, "OMAC1-AES-128 short test mismatch");
279 static int test_omac1(void)
283 for (i = 0; i < ARRAY_SIZE(omac1_test_vectors); i++) {
284 if (test_omac1_vector(&omac1_test_vectors[i], i))
288 wpa_printf(MSG_INFO, "OMAC1-AES-128 test cases passed");
294 static int test_eax(void)
297 u8 msg[] = { 0xF7, 0xFB };
298 u8 key[] = { 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B,
299 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4 };
300 u8 nonce[] = { 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84,
301 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD };
302 u8 hdr[] = { 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA };
303 u8 cipher[] = { 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D,
304 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79,
306 u8 data[sizeof(msg)], tag[AES_BLOCK_SIZE];
308 os_memcpy(data, msg, sizeof(msg));
309 if (aes_128_eax_encrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
310 data, sizeof(data), tag)) {
311 wpa_printf(MSG_ERROR, "AES-128 EAX mode encryption failed");
314 if (os_memcmp(data, cipher, sizeof(data)) != 0) {
315 wpa_printf(MSG_ERROR,
316 "AES-128 EAX mode encryption returned invalid cipher text");
319 if (os_memcmp(tag, cipher + sizeof(data), AES_BLOCK_SIZE) != 0) {
320 wpa_printf(MSG_ERROR,
321 "AES-128 EAX mode encryption returned invalid tag");
325 if (aes_128_eax_decrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
326 data, sizeof(data), tag)) {
327 wpa_printf(MSG_ERROR, "AES-128 EAX mode decryption failed");
330 if (os_memcmp(data, msg, sizeof(data)) != 0) {
331 wpa_printf(MSG_ERROR,
332 "AES-128 EAX mode decryption returned invalid plain text");
336 wpa_printf(MSG_INFO, "AES-128 EAX mode test cases passed");
343 static int test_cbc(void)
345 struct cbc_test_vector {
353 { 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b,
354 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06 },
355 { 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30,
356 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41 },
358 { 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8,
359 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a },
363 { 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0,
364 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a },
365 { 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28,
366 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58 },
367 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
368 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
369 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
370 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
371 { 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a,
372 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a,
373 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9,
374 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 },
382 for (i = 0; i < ARRAY_SIZE(vectors); i++) {
383 struct cbc_test_vector *tv = &vectors[i];
385 buf = os_malloc(tv->len);
391 os_memcpy(buf, tv->plain, tv->len);
392 if (aes_128_cbc_encrypt(tv->key, tv->iv, buf, tv->len) ||
393 os_memcmp(buf, tv->cipher, tv->len) != 0) {
394 wpa_printf(MSG_ERROR, "AES-CBC encrypt %d failed", i);
398 os_memcpy(buf, tv->cipher, tv->len);
399 if (aes_128_cbc_decrypt(tv->key, tv->iv, buf, tv->len) ||
400 os_memcmp(buf, tv->plain, tv->len) != 0) {
401 wpa_printf(MSG_ERROR, "AES-CBC decrypt %d failed", i);
412 static int test_ecb(void)
415 struct ecb_test_vector {
420 /* CAVS 11.1 - ECBGFSbox128.rsp */
422 "00000000000000000000000000000000",
423 "f34481ec3cc627bacd5dc3fb08f273e6",
424 "0336763e966d92595a567cc9ce537f5e"
427 "00000000000000000000000000000000",
428 "9798c4640bad75c7c3227db910174e72",
429 "a9a1631bf4996954ebc093957b234589"
432 "00000000000000000000000000000000",
433 "96ab5c2ff612d9dfaae8c31f30c42168",
434 "ff4f8391a6a40ca5b25d23bedd44a597"
437 "00000000000000000000000000000000",
438 "6a118a874519e64e9963798a503f1d35",
439 "dc43be40be0e53712f7e2bf5ca707209"
442 "00000000000000000000000000000000",
443 "cb9fceec81286ca3e989bd979b0cb284",
444 "92beedab1895a94faa69b632e5cc47ce"
447 "00000000000000000000000000000000",
448 "b26aeb1874e47ca8358ff22378f09144",
449 "459264f4798f6a78bacb89c15ed3d601"
452 "00000000000000000000000000000000",
453 "58c8e00b2631686d54eab84b91f0aca1",
454 "08a4e2efec8a8e3312ca7460b9040bbf"
456 /* CAVS 11.1 - ECBKeySbox128.rsp */
458 "10a58869d74be5a374cf867cfb473859",
459 "00000000000000000000000000000000",
460 "6d251e6944b051e04eaa6fb4dbf78465"
463 "caea65cdbb75e9169ecd22ebe6e54675",
464 "00000000000000000000000000000000",
465 "6e29201190152df4ee058139def610bb",
470 u8 key[16], plain[16], cipher[16], out[16];
472 for (i = 0; i < ARRAY_SIZE(vectors); i++) {
473 struct ecb_test_vector *tv = &vectors[i];
475 if (hexstr2bin(tv->key, key, sizeof(key)) ||
476 hexstr2bin(tv->plaintext, plain, sizeof(plain)) ||
477 hexstr2bin(tv->ciphertext, cipher, sizeof(cipher))) {
478 wpa_printf(MSG_ERROR, "Invalid AES-ECB test vector %u",
484 if (aes_128_encrypt_block(key, plain, out) < 0 ||
485 os_memcmp(out, cipher, 16) != 0) {
486 wpa_printf(MSG_ERROR, "AES-ECB encrypt %u failed", i);
492 wpa_printf(MSG_INFO, "AES ECB mode test cases passed");
501 static int test_key_wrap(void)
505 /* RFC 3394 - Test vector 4.1 */
507 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
508 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
511 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
512 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
515 0x1F, 0xA6, 0x8B, 0x0A, 0x81, 0x12, 0xB4, 0x47,
516 0xAE, 0xF3, 0x4B, 0xD8, 0xFB, 0x5A, 0x7B, 0x82,
517 0x9D, 0x3E, 0x86, 0x23, 0x71, 0xD2, 0xCF, 0xE5
519 #ifndef CONFIG_BORINGSSL
520 /* RFC 3394 - Test vector 4.2 */
522 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
523 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
524 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
527 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
528 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
531 0x96, 0x77, 0x8B, 0x25, 0xAE, 0x6C, 0xA4, 0x35,
532 0xF9, 0x2B, 0x5B, 0x97, 0xC0, 0x50, 0xAE, 0xD2,
533 0x46, 0x8A, 0xB8, 0xA1, 0x7A, 0xD8, 0x4E, 0x5D
535 #endif /* CONFIG_BORINGSSL */
536 /* RFC 3394 - Test vector 4.3 */
538 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
539 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
540 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
541 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
544 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
545 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
548 0x64, 0xE8, 0xC3, 0xF9, 0xCE, 0x0F, 0x5B, 0xA2,
549 0x63, 0xE9, 0x77, 0x79, 0x05, 0x81, 0x8A, 0x2A,
550 0x93, 0xC8, 0x19, 0x1E, 0x7D, 0x6E, 0x8A, 0xE7,
552 #ifndef CONFIG_BORINGSSL
553 /* RFC 3394 - Test vector 4.4 */
555 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
556 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
557 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
560 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
561 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
562 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
565 0x03, 0x1D, 0x33, 0x26, 0x4E, 0x15, 0xD3, 0x32,
566 0x68, 0xF2, 0x4E, 0xC2, 0x60, 0x74, 0x3E, 0xDC,
567 0xE1, 0xC6, 0xC7, 0xDD, 0xEE, 0x72, 0x5A, 0x93,
568 0x6B, 0xA8, 0x14, 0x91, 0x5C, 0x67, 0x62, 0xD2
570 #endif /* CONFIG_BORINGSSL */
571 /* RFC 3394 - Test vector 4.5 */
573 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
574 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
575 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
576 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
579 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
580 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
581 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
584 0xA8, 0xF9, 0xBC, 0x16, 0x12, 0xC6, 0x8B, 0x3F,
585 0xF6, 0xE6, 0xF4, 0xFB, 0xE3, 0x0E, 0x71, 0xE4,
586 0x76, 0x9C, 0x8B, 0x80, 0xA3, 0x2C, 0xB8, 0x95,
587 0x8C, 0xD5, 0xD1, 0x7D, 0x6B, 0x25, 0x4D, 0xA1,
589 /* RFC 3394 - Test vector 4.6 */
591 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
592 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
593 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
594 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
597 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
598 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF,
599 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
600 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
603 0x28, 0xC9, 0xF4, 0x04, 0xC4, 0xB8, 0x10, 0xF4,
604 0xCB, 0xCC, 0xB3, 0x5C, 0xFB, 0x87, 0xF8, 0x26,
605 0x3F, 0x57, 0x86, 0xE2, 0xD8, 0x0E, 0xD3, 0x26,
606 0xCB, 0xC7, 0xF0, 0xE7, 0x1A, 0x99, 0xF4, 0x3B,
607 0xFB, 0x98, 0x8B, 0x9B, 0x7A, 0x02, 0xDD, 0x21
611 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.1");
612 if (aes_wrap(kek41, sizeof(kek41), sizeof(plain41) / 8, plain41,
614 wpa_printf(MSG_ERROR, "AES-WRAP-128 reported failure");
617 if (os_memcmp(result, crypt41, sizeof(crypt41)) != 0) {
618 wpa_printf(MSG_ERROR, "AES-WRAP-128 failed");
621 if (aes_unwrap(kek41, sizeof(kek41), sizeof(plain41) / 8, crypt41,
623 wpa_printf(MSG_ERROR, "AES-UNWRAP-128 reported failure");
626 if (os_memcmp(result, plain41, sizeof(plain41)) != 0) {
627 wpa_printf(MSG_ERROR, "AES-UNWRAP-128 failed");
631 #ifndef CONFIG_BORINGSSL
632 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.2");
633 if (aes_wrap(kek42, sizeof(kek42), sizeof(plain42) / 8, plain42,
635 wpa_printf(MSG_ERROR, "AES-WRAP-192 reported failure");
638 if (os_memcmp(result, crypt42, sizeof(crypt42)) != 0) {
639 wpa_printf(MSG_ERROR, "AES-WRAP-192 failed");
642 if (aes_unwrap(kek42, sizeof(kek42), sizeof(plain42) / 8, crypt42,
644 wpa_printf(MSG_ERROR, "AES-UNWRAP-192 reported failure");
647 if (os_memcmp(result, plain42, sizeof(plain42)) != 0) {
648 wpa_printf(MSG_ERROR, "AES-UNWRAP-192 failed");
651 #endif /* CONFIG_BORINGSSL */
653 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.3");
654 if (aes_wrap(kek43, sizeof(kek43), sizeof(plain43) / 8, plain43,
656 wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure");
659 if (os_memcmp(result, crypt43, sizeof(crypt43)) != 0) {
660 wpa_printf(MSG_ERROR, "AES-WRAP-256 failed");
663 if (aes_unwrap(kek43, sizeof(kek43), sizeof(plain43) / 8, crypt43,
665 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure");
668 if (os_memcmp(result, plain43, sizeof(plain43)) != 0) {
669 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed");
673 #ifndef CONFIG_BORINGSSL
674 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.4");
675 if (aes_wrap(kek44, sizeof(kek44), sizeof(plain44) / 8, plain44,
677 wpa_printf(MSG_ERROR, "AES-WRAP-192 reported failure");
680 if (os_memcmp(result, crypt44, sizeof(crypt44)) != 0) {
681 wpa_printf(MSG_ERROR, "AES-WRAP-192 failed");
684 if (aes_unwrap(kek44, sizeof(kek44), sizeof(plain44) / 8, crypt44,
686 wpa_printf(MSG_ERROR, "AES-UNWRAP-192 reported failure");
689 if (os_memcmp(result, plain44, sizeof(plain44)) != 0) {
690 wpa_printf(MSG_ERROR, "AES-UNWRAP-192 failed");
693 #endif /* CONFIG_BORINGSSL */
695 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.5");
696 if (aes_wrap(kek45, sizeof(kek45), sizeof(plain45) / 8, plain45,
698 wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure");
701 if (os_memcmp(result, crypt45, sizeof(crypt45)) != 0) {
702 wpa_printf(MSG_ERROR, "AES-WRAP-256 failed");
705 if (aes_unwrap(kek45, sizeof(kek45), sizeof(plain45) / 8, crypt45,
707 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure");
710 if (os_memcmp(result, plain45, sizeof(plain45)) != 0) {
711 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed");
715 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.6");
716 if (aes_wrap(kek46, sizeof(kek46), sizeof(plain46) / 8, plain46,
718 wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure");
721 if (os_memcmp(result, crypt46, sizeof(crypt46)) != 0) {
722 wpa_printf(MSG_ERROR, "AES-WRAP-256 failed");
725 if (aes_unwrap(kek46, sizeof(kek46), sizeof(plain46) / 8, crypt46,
727 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure");
730 if (os_memcmp(result, plain46, sizeof(plain46)) != 0) {
731 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed");
736 wpa_printf(MSG_INFO, "AES key wrap/unwrap test cases passed");
742 static int test_md5(void)
751 "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04"
752 "\xe9\x80\x09\x98\xec\xf8\x42\x7e"
756 "\x0c\xc1\x75\xb9\xc0\xf1\xb6\xa8"
757 "\x31\xc3\x99\xe2\x69\x77\x26\x61"
761 "\x90\x01\x50\x98\x3c\xd2\x4f\xb0"
762 "\xd6\x96\x3f\x7d\x28\xe1\x7f\x72"
766 "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d"
767 "\x52\x5a\x2f\x31\xaa\xf1\x61\xd0"
770 "abcdefghijklmnopqrstuvwxyz",
771 "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00"
772 "\x7d\xfb\x49\x6c\xca\x67\xe1\x3b"
775 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
777 "\xd1\x74\xab\x98\xd2\x77\xd9\xf5"
778 "\xa5\x61\x1c\x2c\x9f\x41\x9d\x9f"
781 "12345678901234567890123456789012345678901234567890"
782 "123456789012345678901234567890",
783 "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55"
784 "\xac\x49\xda\x2e\x21\x07\xb6\x7a"
793 for (i = 0; i < ARRAY_SIZE(tests); i++) {
794 wpa_printf(MSG_INFO, "MD5 test case %d", i);
796 addr[0] = (u8 *) tests[i].data;
797 len[0] = strlen(tests[i].data);
798 if (md5_vector(1, addr, len, hash) < 0 ||
799 os_memcmp(hash, tests[i].hash, 16) != 0) {
800 wpa_printf(MSG_INFO, " FAIL");
803 wpa_printf(MSG_INFO, " OK");
806 addr[0] = (u8 *) tests[i].data;
807 len[0] = strlen(tests[i].data);
808 addr[1] = (u8 *) tests[i].data + 1;
809 len[1] = strlen(tests[i].data) - 1;
810 if (md5_vector(1, addr, len, hash) < 0 ||
811 os_memcmp(hash, tests[i].hash, 16) != 0) {
812 wpa_printf(MSG_INFO, " FAIL");
815 wpa_printf(MSG_INFO, " OK");
820 wpa_printf(MSG_INFO, "MD5 test cases passed");
823 #else /* CONFIG_FIPS */
824 wpa_printf(MSG_INFO, "MD5 test cases skipped due to CONFIG_FIPS");
826 #endif /* CONFIG_FIPS */
830 static int test_eap_fast(void)
833 /* RFC 4851, Appendix B.1 */
834 const u8 pac_key[] = {
835 0x0B, 0x97, 0x39, 0x0F, 0x37, 0x51, 0x78, 0x09,
836 0x81, 0x1E, 0xFD, 0x9C, 0x6E, 0x65, 0x94, 0x2B,
837 0x63, 0x2C, 0xE9, 0x53, 0x89, 0x38, 0x08, 0xBA,
838 0x36, 0x0B, 0x03, 0x7C, 0xD1, 0x85, 0xE4, 0x14
841 0x3F, 0xFB, 0x11, 0xC4, 0x6C, 0xBF, 0xA5, 0x7A,
842 0x54, 0x40, 0xDA, 0xE8, 0x22, 0xD3, 0x11, 0xD3,
843 0xF7, 0x6D, 0xE4, 0x1D, 0xD9, 0x33, 0xE5, 0x93,
844 0x70, 0x97, 0xEB, 0xA9, 0xB3, 0x66, 0xF4, 0x2A,
845 0x00, 0x00, 0x00, 0x02, 0x6A, 0x66, 0x43, 0x2A,
846 0x8D, 0x14, 0x43, 0x2C, 0xEC, 0x58, 0x2D, 0x2F,
847 0xC7, 0x9C, 0x33, 0x64, 0xBA, 0x04, 0xAD, 0x3A,
848 0x52, 0x54, 0xD6, 0xA5, 0x79, 0xAD, 0x1E, 0x00
850 const u8 master_secret[] = {
851 0x4A, 0x1A, 0x51, 0x2C, 0x01, 0x60, 0xBC, 0x02,
852 0x3C, 0xCF, 0xBC, 0x83, 0x3F, 0x03, 0xBC, 0x64,
853 0x88, 0xC1, 0x31, 0x2F, 0x0B, 0xA9, 0xA2, 0x77,
854 0x16, 0xA8, 0xD8, 0xE8, 0xBD, 0xC9, 0xD2, 0x29,
855 0x38, 0x4B, 0x7A, 0x85, 0xBE, 0x16, 0x4D, 0x27,
856 0x33, 0xD5, 0x24, 0x79, 0x87, 0xB1, 0xC5, 0xA2
859 const u8 key_block[] = {
860 0x59, 0x59, 0xBE, 0x8E, 0x41, 0x3A, 0x77, 0x74,
861 0x8B, 0xB2, 0xE5, 0xD3, 0x60, 0xAC, 0x4D, 0x35,
862 0xDF, 0xFB, 0xC8, 0x1E, 0x9C, 0x24, 0x9C, 0x8B,
863 0x0E, 0xC3, 0x1D, 0x72, 0xC8, 0x84, 0x9D, 0x57,
864 0x48, 0x51, 0x2E, 0x45, 0x97, 0x6C, 0x88, 0x70,
865 0xBE, 0x5F, 0x01, 0xD3, 0x64, 0xE7, 0x4C, 0xBB,
866 0x11, 0x24, 0xE3, 0x49, 0xE2, 0x3B, 0xCD, 0xEF,
867 0x7A, 0xB3, 0x05, 0x39, 0x5D, 0x64, 0x8A, 0x44,
868 0x11, 0xB6, 0x69, 0x88, 0x34, 0x2E, 0x8E, 0x29,
869 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05,
870 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96,
871 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84,
872 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98,
873 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71
875 #endif /* CONFIG_FIPS */
877 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05,
878 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96,
879 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84,
880 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98,
881 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71
884 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
885 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
886 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
887 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
890 0x16, 0x15, 0x3C, 0x3F, 0x21, 0x55, 0xEF, 0xD9,
891 0x7F, 0x34, 0xAE, 0xC8, 0x1A, 0x4E, 0x66, 0x80,
892 0x4C, 0xC3, 0x76, 0xF2, 0x8A, 0xA9, 0x6F, 0x96,
893 0xC2, 0x54, 0x5F, 0x8C, 0xAB, 0x65, 0x02, 0xE1,
894 0x18, 0x40, 0x7B, 0x56, 0xBE, 0xEA, 0xA7, 0xC5,
895 0x76, 0x5D, 0x8F, 0x0B, 0xC5, 0x07, 0xC6, 0xB9,
896 0x04, 0xD0, 0x69, 0x56, 0x72, 0x8B, 0x6B, 0xB8,
897 0x15, 0xEC, 0x57, 0x7B
900 0x4D, 0x83, 0xA9, 0xBE, 0x6F, 0x8A, 0x74, 0xED,
901 0x6A, 0x02, 0x66, 0x0A, 0x63, 0x4D, 0x2C, 0x33,
902 0xC2, 0xDA, 0x60, 0x15, 0xC6, 0x37, 0x04, 0x51,
903 0x90, 0x38, 0x63, 0xDA, 0x54, 0x3E, 0x14, 0xB9,
904 0x27, 0x99, 0x18, 0x1E, 0x07, 0xBF, 0x0F, 0x5A,
905 0x5E, 0x3C, 0x32, 0x93, 0x80, 0x8C, 0x6C, 0x49,
906 0x67, 0xED, 0x24, 0xFE, 0x45, 0x40, 0xA0, 0x59,
907 0x5E, 0x37, 0xC2, 0xE9, 0xD0, 0x5D, 0x0A, 0xE3
910 0x3A, 0xD4, 0xAB, 0xDB, 0x76, 0xB2, 0x7F, 0x3B,
911 0xEA, 0x32, 0x2C, 0x2B, 0x74, 0xF4, 0x28, 0x55,
912 0xEF, 0x2D, 0xBA, 0x78, 0xC9, 0x57, 0x2F, 0x0D,
913 0x06, 0xCD, 0x51, 0x7C, 0x20, 0x93, 0x98, 0xA9,
914 0x76, 0xEA, 0x70, 0x21, 0xD7, 0x0E, 0x25, 0x54,
915 0x97, 0xED, 0xB2, 0x8A, 0xF6, 0xED, 0xFD, 0x0A,
916 0x2A, 0xE7, 0xA1, 0x58, 0x90, 0x10, 0x50, 0x44,
917 0xB3, 0x82, 0x85, 0xDB, 0x06, 0x14, 0xD2, 0xF9
919 /* RFC 4851, Appendix B.2 */
921 0x80, 0x0C, 0x00, 0x38, 0x00, 0x01, 0x01, 0x00,
922 0xD8, 0x6A, 0x8C, 0x68, 0x3C, 0x32, 0x31, 0xA8,
923 0x56, 0x63, 0xB6, 0x40, 0x21, 0xFE, 0x21, 0x14,
924 0x4E, 0xE7, 0x54, 0x20, 0x79, 0x2D, 0x42, 0x62,
925 0xC9, 0xBF, 0x53, 0x7F, 0x54, 0xFD, 0xAC, 0x58,
926 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF,
927 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC,
928 0x05, 0xC5, 0x5B, 0xB7
930 const u8 compound_mac[] = {
931 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF,
932 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC,
933 0x05, 0xC5, 0x5B, 0xB7
936 const u8 *simck, *cmk;
939 wpa_printf(MSG_INFO, "EAP-FAST test cases");
941 wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / master_secret");
942 if (sha1_t_prf(pac_key, sizeof(pac_key),
943 "PAC to master secret label hash",
944 seed, sizeof(seed), buf, sizeof(master_secret)) < 0 ||
945 os_memcmp(master_secret, buf, sizeof(master_secret)) != 0) {
946 wpa_printf(MSG_INFO, "T-PRF test - FAILED!");
951 wpa_printf(MSG_INFO, "- PRF (TLS, SHA1/MD5) test case / key_block");
952 if (tls_prf_sha1_md5(master_secret, sizeof(master_secret),
953 "key expansion", seed, sizeof(seed),
954 buf, sizeof(key_block)) ||
955 os_memcmp(key_block, buf, sizeof(key_block)) != 0) {
956 wpa_printf(MSG_INFO, "PRF test - FAILED!");
959 #endif /* CONFIG_FIPS */
961 wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / IMCK");
962 if (sha1_t_prf(sks, sizeof(sks), "Inner Methods Compound Keys",
963 isk, sizeof(isk), buf, sizeof(imck)) < 0 ||
964 os_memcmp(imck, buf, sizeof(imck)) != 0) {
965 wpa_printf(MSG_INFO, "T-PRF test - FAILED!");
972 wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / MSK");
973 if (sha1_t_prf(simck, 40, "Session Key Generating Function",
974 (u8 *) "", 0, buf, sizeof(msk)) < 0 ||
975 os_memcmp(msk, buf, sizeof(msk)) != 0) {
976 wpa_printf(MSG_INFO, "T-PRF test - FAILED!");
980 wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / EMSK");
981 if (sha1_t_prf(simck, 40, "Extended Session Key Generating Function",
982 (u8 *) "", 0, buf, sizeof(msk)) < 0 ||
983 os_memcmp(emsk, buf, sizeof(emsk)) != 0) {
984 wpa_printf(MSG_INFO, "T-PRF test - FAILED!");
988 wpa_printf(MSG_INFO, "- Compound MAC test case");
989 os_memset(tlv + sizeof(tlv) - 20, 0, 20);
990 if (hmac_sha1(cmk, 20, tlv, sizeof(tlv), tlv + sizeof(tlv) - 20) < 0 ||
991 os_memcmp(tlv + sizeof(tlv) - 20, compound_mac,
992 sizeof(compound_mac)) != 0) {
993 wpa_printf(MSG_INFO, "Compound MAC test - FAILED!");
1000 #endif /* EAP_FAST */
1004 static const u8 key0[] =
1006 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
1007 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
1008 0x0b, 0x0b, 0x0b, 0x0b
1010 static const u8 data0[] = "Hi There";
1011 static const u8 prf0[] =
1013 0xbc, 0xd4, 0xc6, 0x50, 0xb3, 0x0b, 0x96, 0x84,
1014 0x95, 0x18, 0x29, 0xe0, 0xd7, 0x5f, 0x9d, 0x54,
1015 0xb8, 0x62, 0x17, 0x5e, 0xd9, 0xf0, 0x06, 0x06,
1016 0xe1, 0x7d, 0x8d, 0xa3, 0x54, 0x02, 0xff, 0xee,
1017 0x75, 0xdf, 0x78, 0xc3, 0xd3, 0x1e, 0x0f, 0x88,
1018 0x9f, 0x01, 0x21, 0x20, 0xc0, 0x86, 0x2b, 0xeb,
1019 0x67, 0x75, 0x3e, 0x74, 0x39, 0xae, 0x24, 0x2e,
1020 0xdb, 0x83, 0x73, 0x69, 0x83, 0x56, 0xcf, 0x5a
1023 static const u8 key1[] = "Jefe";
1024 static const u8 data1[] = "what do ya want for nothing?";
1025 static const u8 prf1[] =
1027 0x51, 0xf4, 0xde, 0x5b, 0x33, 0xf2, 0x49, 0xad,
1028 0xf8, 0x1a, 0xeb, 0x71, 0x3a, 0x3c, 0x20, 0xf4,
1029 0xfe, 0x63, 0x14, 0x46, 0xfa, 0xbd, 0xfa, 0x58,
1030 0x24, 0x47, 0x59, 0xae, 0x58, 0xef, 0x90, 0x09,
1031 0xa9, 0x9a, 0xbf, 0x4e, 0xac, 0x2c, 0xa5, 0xfa,
1032 0x87, 0xe6, 0x92, 0xc4, 0x40, 0xeb, 0x40, 0x02,
1033 0x3e, 0x7b, 0xab, 0xb2, 0x06, 0xd6, 0x1d, 0xe7,
1034 0xb9, 0x2f, 0x41, 0x52, 0x90, 0x92, 0xb8, 0xfc
1038 static const u8 key2[] =
1040 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1041 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1042 0xaa, 0xaa, 0xaa, 0xaa
1044 static const u8 data2[] =
1046 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1047 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1048 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1049 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1050 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1051 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1054 static const u8 prf2[] =
1056 0xe1, 0xac, 0x54, 0x6e, 0xc4, 0xcb, 0x63, 0x6f,
1057 0x99, 0x76, 0x48, 0x7b, 0xe5, 0xc8, 0x6b, 0xe1,
1058 0x7a, 0x02, 0x52, 0xca, 0x5d, 0x8d, 0x8d, 0xf1,
1059 0x2c, 0xfb, 0x04, 0x73, 0x52, 0x52, 0x49, 0xce,
1060 0x9d, 0xd8, 0xd1, 0x77, 0xea, 0xd7, 0x10, 0xbc,
1061 0x9b, 0x59, 0x05, 0x47, 0x23, 0x91, 0x07, 0xae,
1062 0xf7, 0xb4, 0xab, 0xd4, 0x3d, 0x87, 0xf0, 0xa6,
1063 0x8f, 0x1c, 0xbd, 0x9e, 0x2b, 0x6f, 0x76, 0x07
1067 struct passphrase_test {
1073 static const struct passphrase_test passphrase_tests[] =
1079 0xf4, 0x2c, 0x6f, 0xc5, 0x2d, 0xf0, 0xeb, 0xef,
1080 0x9e, 0xbb, 0x4b, 0x90, 0xb3, 0x8a, 0x5f, 0x90,
1081 0x2e, 0x83, 0xfe, 0x1b, 0x13, 0x5a, 0x70, 0xe2,
1082 0x3a, 0xed, 0x76, 0x2e, 0x97, 0x10, 0xa1, 0x2e
1089 0x0d, 0xc0, 0xd6, 0xeb, 0x90, 0x55, 0x5e, 0xd6,
1090 0x41, 0x97, 0x56, 0xb9, 0xa1, 0x5e, 0xc3, 0xe3,
1091 0x20, 0x9b, 0x63, 0xdf, 0x70, 0x7d, 0xd5, 0x08,
1092 0xd1, 0x45, 0x81, 0xf8, 0x98, 0x27, 0x21, 0xaf
1096 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
1097 "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ",
1099 0xbe, 0xcb, 0x93, 0x86, 0x6b, 0xb8, 0xc3, 0x83,
1100 0x2c, 0xb7, 0x77, 0xc2, 0xf5, 0x59, 0x80, 0x7c,
1101 0x8c, 0x59, 0xaf, 0xcb, 0x6e, 0xae, 0x73, 0x48,
1102 0x85, 0x00, 0x13, 0x00, 0xa9, 0x81, 0xcc, 0x62
1107 #define NUM_PASSPHRASE_TESTS ARRAY_SIZE(passphrase_tests)
1110 struct rfc6070_test {
1118 static const struct rfc6070_test rfc6070_tests[] =
1125 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
1126 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
1127 0x2f, 0xe0, 0x37, 0xa6
1136 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
1137 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
1138 0xd8, 0xde, 0x89, 0x57
1147 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
1148 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
1149 0x65, 0xa4, 0x29, 0xc1
1153 #if 0 /* This takes quite long to derive.. */
1159 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
1160 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
1161 0x26, 0x34, 0xe9, 0x84
1167 "passwordPASSWORDpassword",
1168 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
1171 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
1172 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
1173 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
1178 #if 0 /* \0 not currently supported in passphrase parameters.. */
1184 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
1185 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3
1192 #define NUM_RFC6070_TESTS ARRAY_SIZE(rfc6070_tests)
1195 static int test_sha1(void)
1201 wpa_printf(MSG_INFO, "PRF-SHA1 test cases:");
1203 if (sha1_prf(key0, sizeof(key0), "prefix", data0, sizeof(data0) - 1,
1204 res, sizeof(prf0)) == 0 &&
1205 os_memcmp(res, prf0, sizeof(prf0)) == 0)
1206 wpa_printf(MSG_INFO, "Test case 0 - OK");
1208 wpa_printf(MSG_INFO, "Test case 0 - FAILED!");
1212 if (sha1_prf(key1, sizeof(key1) - 1, "prefix", data1, sizeof(data1) - 1,
1213 res, sizeof(prf1)) == 0 &&
1214 os_memcmp(res, prf1, sizeof(prf1)) == 0)
1215 wpa_printf(MSG_INFO, "Test case 1 - OK");
1217 wpa_printf(MSG_INFO, "Test case 1 - FAILED!");
1221 if (sha1_prf(key2, sizeof(key2), "prefix", data2, sizeof(data2),
1222 res, sizeof(prf2)) == 0 &&
1223 os_memcmp(res, prf2, sizeof(prf2)) == 0)
1224 wpa_printf(MSG_INFO, "Test case 2 - OK");
1226 wpa_printf(MSG_INFO, "Test case 2 - FAILED!");
1230 ret += test_eap_fast();
1232 wpa_printf(MSG_INFO, "PBKDF2-SHA1 Passphrase test cases:");
1233 for (i = 0; i < NUM_PASSPHRASE_TESTS; i++) {
1235 const struct passphrase_test *test = &passphrase_tests[i];
1237 if (pbkdf2_sha1(test->passphrase,
1238 (const u8 *) test->ssid, strlen(test->ssid),
1239 4096, psk, 32) == 0 &&
1240 os_memcmp(psk, test->psk, 32) == 0)
1241 wpa_printf(MSG_INFO, "Test case %d - OK", i);
1243 wpa_printf(MSG_INFO, "Test case %d - FAILED!", i);
1248 wpa_printf(MSG_INFO, "PBKDF2-SHA1 test cases (RFC 6070):");
1249 for (i = 0; i < NUM_RFC6070_TESTS; i++) {
1251 const struct rfc6070_test *test = &rfc6070_tests[i];
1253 if (pbkdf2_sha1(test->p, (const u8 *) test->s, strlen(test->s),
1254 test->c, dk, test->dk_len) == 0 &&
1255 os_memcmp(dk, test->dk, test->dk_len) == 0)
1256 wpa_printf(MSG_INFO, "Test case %d - OK", i);
1258 wpa_printf(MSG_INFO, "Test case %d - FAILED!", i);
1264 wpa_printf(MSG_INFO, "SHA1 test cases passed");
1276 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
1277 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
1278 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
1279 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
1283 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
1285 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
1286 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
1287 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
1288 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1
1293 const struct hmac_test {
1300 /* draft-ietf-ipsec-ciph-sha-256-01.txt */
1303 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1304 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1305 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1306 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20
1311 0xa2, 0x1b, 0x1f, 0x5d, 0x4c, 0xf4, 0xf7, 0x3a,
1312 0x4d, 0xd9, 0x39, 0x75, 0x0f, 0x7a, 0x06, 0x6a,
1313 0x7f, 0x98, 0xcc, 0x13, 0x1c, 0xb1, 0x6a, 0x66,
1314 0x92, 0x75, 0x90, 0x21, 0xcf, 0xab, 0x81, 0x81
1319 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1320 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1321 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1322 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20
1325 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
1328 0x10, 0x4f, 0xdc, 0x12, 0x57, 0x32, 0x8f, 0x08,
1329 0x18, 0x4b, 0xa7, 0x31, 0x31, 0xc5, 0x3c, 0xae,
1330 0xe6, 0x98, 0xe3, 0x61, 0x19, 0x42, 0x11, 0x49,
1331 0xea, 0x8c, 0x71, 0x24, 0x56, 0x69, 0x7d, 0x30
1336 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1337 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1338 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1339 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20
1342 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
1343 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
1346 0x47, 0x03, 0x05, 0xfc, 0x7e, 0x40, 0xfe, 0x34,
1347 0xd3, 0xee, 0xb3, 0xe7, 0x73, 0xd9, 0x5a, 0xab,
1348 0x73, 0xac, 0xf0, 0xfd, 0x06, 0x04, 0x47, 0xa5,
1349 0xeb, 0x45, 0x95, 0xbf, 0x33, 0xa9, 0xd1, 0xa3
1354 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
1355 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
1356 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
1357 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
1363 0x19, 0x8a, 0x60, 0x7e, 0xb4, 0x4b, 0xfb, 0xc6,
1364 0x99, 0x03, 0xa0, 0xf1, 0xcf, 0x2b, 0xbd, 0xc5,
1365 0xba, 0x0a, 0xa3, 0xf3, 0xd9, 0xae, 0x3c, 0x1c,
1366 0x7a, 0x3b, 0x16, 0x96, 0xa0, 0xb6, 0x8c, 0xf7
1372 "what do ya want for nothing?",
1375 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e,
1376 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7,
1377 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83,
1378 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43
1383 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1384 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1385 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1386 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
1390 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1391 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1392 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1393 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1394 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1395 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1400 0xcd, 0xcb, 0x12, 0x20, 0xd1, 0xec, 0xcc, 0xea,
1401 0x91, 0xe5, 0x3a, 0xba, 0x30, 0x92, 0xf9, 0x62,
1402 0xe5, 0x49, 0xfe, 0x6c, 0xe9, 0xed, 0x7f, 0xdc,
1403 0x43, 0x19, 0x1f, 0xbd, 0xe4, 0x5c, 0x30, 0xb0
1408 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1409 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1410 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1411 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
1412 0x21, 0x22, 0x23, 0x24, 0x25
1416 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1417 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1418 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1419 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1420 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1421 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1426 0xd4, 0x63, 0x3c, 0x17, 0xf6, 0xfb, 0x8d, 0x74,
1427 0x4c, 0x66, 0xde, 0xe0, 0xf8, 0xf0, 0x74, 0x55,
1428 0x6e, 0xc4, 0xaf, 0x55, 0xef, 0x07, 0x99, 0x85,
1429 0x41, 0x46, 0x8e, 0xb4, 0x9b, 0xd2, 0xe9, 0x17
1434 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
1435 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
1436 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
1437 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c
1440 "Test With Truncation",
1443 0x75, 0x46, 0xaf, 0x01, 0x84, 0x1f, 0xc0, 0x9b,
1444 0x1a, 0xb9, 0xc3, 0x74, 0x9a, 0x5f, 0x1c, 0x17,
1445 0xd4, 0xf5, 0x89, 0x66, 0x8a, 0x58, 0x7b, 0x27,
1446 0x00, 0xa9, 0xc9, 0x7c, 0x11, 0x93, 0xcf, 0x42
1451 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1452 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1453 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1454 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1455 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1456 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1457 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1458 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1459 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1460 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
1463 "Test Using Larger Than Block-Size Key - Hash Key First",
1466 0x69, 0x53, 0x02, 0x5e, 0xd9, 0x6f, 0x0c, 0x09,
1467 0xf8, 0x0a, 0x96, 0xf7, 0x8e, 0x65, 0x38, 0xdb,
1468 0xe2, 0xe7, 0xb8, 0x20, 0xe3, 0xdd, 0x97, 0x0e,
1469 0x7d, 0xdd, 0x39, 0x09, 0x1b, 0x32, 0x35, 0x2f
1474 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1475 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1476 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1477 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1478 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1479 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1480 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1481 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1482 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1483 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
1486 "Test Using Larger Than Block-Size Key and Larger Than One "
1490 0x63, 0x55, 0xac, 0x22, 0xe8, 0x90, 0xd0, 0xa3,
1491 0xc8, 0x48, 0x1a, 0x5c, 0xa4, 0x82, 0x5b, 0xc8,
1492 0x84, 0xd3, 0xe7, 0xa1, 0xff, 0x98, 0xa2, 0xfc,
1493 0x2a, 0xc7, 0xd8, 0xe0, 0x64, 0xc3, 0xb2, 0xe6
1499 static int test_sha256(void)
1507 for (i = 0; i < ARRAY_SIZE(tests); i++) {
1508 wpa_printf(MSG_INFO, "SHA256 test case %d:", i + 1);
1510 addr[0] = (u8 *) tests[i].data;
1511 len[0] = strlen(tests[i].data);
1512 sha256_vector(1, addr, len, hash);
1513 if (memcmp(hash, tests[i].hash, 32) != 0) {
1514 wpa_printf(MSG_INFO, " FAIL");
1517 wpa_printf(MSG_INFO, " OK");
1520 addr[0] = (u8 *) tests[i].data;
1522 addr[1] = (u8 *) tests[i].data + 1;
1523 len[1] = strlen(tests[i].data) - 1;
1524 sha256_vector(2, addr, len, hash);
1525 if (memcmp(hash, tests[i].hash, 32) != 0) {
1526 wpa_printf(MSG_INFO, " FAIL");
1529 wpa_printf(MSG_INFO, " OK");
1533 for (i = 0; i < ARRAY_SIZE(hmac_tests); i++) {
1534 const struct hmac_test *t = &hmac_tests[i];
1536 wpa_printf(MSG_INFO, "HMAC-SHA256 test case %d:", i + 1);
1538 if (hmac_sha256(t->key, t->key_len, t->data, t->data_len,
1540 os_memcmp(hash, t->hash, 32) != 0) {
1541 wpa_printf(MSG_INFO, " FAIL");
1544 wpa_printf(MSG_INFO, " OK");
1547 len[0] = t->data_len;
1548 if (hmac_sha256_vector(t->key, t->key_len, 1, addr, len,
1550 os_memcmp(hash, t->hash, 32) != 0) {
1551 wpa_printf(MSG_INFO, " FAIL");
1554 wpa_printf(MSG_INFO, " OK");
1559 addr[1] = t->data + 1;
1560 len[1] = t->data_len - 1;
1561 if (hmac_sha256_vector(t->key, t->key_len, 2, addr, len,
1563 os_memcmp(hash, t->hash, 32) != 0) {
1564 wpa_printf(MSG_INFO, " FAIL");
1567 wpa_printf(MSG_INFO, " OK");
1571 wpa_printf(MSG_INFO, "Test IEEE 802.11r KDF");
1572 sha256_prf((u8 *) "abc", 3, "KDF test", (u8 *) "data", 4,
1573 hash, sizeof(hash));
1574 /* TODO: add proper test case for this */
1577 wpa_printf(MSG_INFO, "SHA256 test cases passed");
1582 static int test_ms_funcs(void)
1585 /* Test vector from RFC2759 example */
1586 char *username = "User";
1587 char *password = "clientPass";
1588 u8 auth_challenge[] = {
1589 0x5B, 0x5D, 0x7C, 0x7D, 0x7B, 0x3F, 0x2F, 0x3E,
1590 0x3C, 0x2C, 0x60, 0x21, 0x32, 0x26, 0x26, 0x28
1592 u8 peer_challenge[] = {
1593 0x21, 0x40, 0x23, 0x24, 0x25, 0x5E, 0x26, 0x2A,
1594 0x28, 0x29, 0x5F, 0x2B, 0x3A, 0x33, 0x7C, 0x7E
1596 u8 password_hash[] = {
1597 0x44, 0xEB, 0xBA, 0x8D, 0x53, 0x12, 0xB8, 0xD6,
1598 0x11, 0x47, 0x44, 0x11, 0xF5, 0x69, 0x89, 0xAE
1600 u8 nt_response[] = {
1601 0x82, 0x30, 0x9E, 0xCD, 0x8D, 0x70, 0x8B, 0x5E,
1602 0xA0, 0x8F, 0xAA, 0x39, 0x81, 0xCD, 0x83, 0x54,
1603 0x42, 0x33, 0x11, 0x4A, 0x3D, 0x85, 0xD6, 0xDF
1605 u8 password_hash_hash[] = {
1606 0x41, 0xC0, 0x0C, 0x58, 0x4B, 0xD2, 0xD9, 0x1C,
1607 0x40, 0x17, 0xA2, 0xA1, 0x2F, 0xA5, 0x9F, 0x3F
1609 u8 authenticator_response[] = {
1610 0x40, 0x7A, 0x55, 0x89, 0x11, 0x5F, 0xD0, 0xD6,
1611 0x20, 0x9F, 0x51, 0x0F, 0xE9, 0xC0, 0x45, 0x66,
1612 0x93, 0x2C, 0xDA, 0x56
1615 0xFD, 0xEC, 0xE3, 0x71, 0x7A, 0x8C, 0x83, 0x8C,
1616 0xB3, 0x88, 0xE5, 0x27, 0xAE, 0x3C, 0xDD, 0x31
1618 u8 send_start_key[] = {
1619 0x8B, 0x7C, 0xDC, 0x14, 0x9B, 0x99, 0x3A, 0x1B,
1620 0xA1, 0x18, 0xCB, 0x15, 0x3F, 0x56, 0xDC, 0xCB
1625 if (nt_password_hash((u8 *) password, os_strlen(password), buf) ||
1626 os_memcmp(password_hash, buf, sizeof(password_hash)) != 0) {
1627 wpa_printf(MSG_ERROR, "nt_password_hash failed");
1631 if (generate_nt_response(auth_challenge, peer_challenge,
1632 (u8 *) username, os_strlen(username),
1633 (u8 *) password, os_strlen(password), buf) ||
1634 os_memcmp(nt_response, buf, sizeof(nt_response)) != 0) {
1635 wpa_printf(MSG_ERROR, "generate_nt_response failed");
1639 if (hash_nt_password_hash(password_hash, buf) ||
1640 os_memcmp(password_hash_hash, buf,
1641 sizeof(password_hash_hash)) != 0) {
1642 wpa_printf(MSG_ERROR, "hash_nt_password_hash failed");
1646 if (generate_authenticator_response((u8 *) password,
1647 os_strlen(password),
1648 peer_challenge, auth_challenge,
1650 os_strlen(username),
1651 nt_response, buf) ||
1652 os_memcmp(authenticator_response, buf,
1653 sizeof(authenticator_response)) != 0) {
1654 wpa_printf(MSG_ERROR, "generate_authenticator_response failed");
1658 if (get_master_key(password_hash_hash, nt_response, buf) ||
1659 os_memcmp(master_key, buf, sizeof(master_key)) != 0) {
1660 wpa_printf(MSG_ERROR, "get_master_key failed");
1664 if (get_asymetric_start_key(master_key, buf, sizeof(send_start_key),
1666 os_memcmp(send_start_key, buf, sizeof(send_start_key)) != 0) {
1667 wpa_printf(MSG_ERROR, "get_asymetric_start_key failed");
1672 wpa_printf(MSG_ERROR, "ms_funcs: %d errors", errors);
1674 wpa_printf(MSG_INFO, "ms_funcs test cases passed");
1677 #else /* CONFIG_FIPS */
1678 wpa_printf(MSG_INFO, "ms_funcs test cases skipped due to CONFIG_FIPS");
1680 #endif /* CONFIG_FIPS */
1684 int crypto_module_tests(void)
1688 wpa_printf(MSG_INFO, "crypto module tests");