3 * Copyright (c) 2014-2015, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #include "utils/includes.h"
11 #include "utils/common.h"
12 #include "crypto/aes_siv.h"
13 #include "crypto/aes_wrap.h"
14 #include "crypto/aes.h"
15 #include "crypto/ms_funcs.h"
16 #include "crypto/crypto.h"
17 #include "crypto/sha1.h"
18 #include "crypto/sha256.h"
21 static int test_siv(void)
24 /* RFC 5297, A.1. Deterministic Authenticated Encryption Example */
26 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
27 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
28 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
29 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
32 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
33 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
34 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
37 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
38 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee
41 0x85, 0x63, 0x2d, 0x07, 0xc6, 0xe8, 0xf3, 0x7f,
42 0x95, 0x0a, 0xcd, 0x32, 0x0a, 0x2e, 0xcc, 0x93,
43 0x40, 0xc0, 0x2b, 0x96, 0x90, 0xc4, 0xdc, 0x04,
44 0xda, 0xef, 0x7f, 0x6a, 0xfe, 0x5c
46 /* RFC 5297, A.2. Nonce-Based Authenticated Encryption Example */
48 0x7f, 0x7e, 0x7d, 0x7c, 0x7b, 0x7a, 0x79, 0x78,
49 0x77, 0x76, 0x75, 0x74, 0x73, 0x72, 0x71, 0x70,
50 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
51 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
54 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
55 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
56 0xde, 0xad, 0xda, 0xda, 0xde, 0xad, 0xda, 0xda,
57 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88,
58 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00
61 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80,
65 0x09, 0xf9, 0x11, 0x02, 0x9d, 0x74, 0xe3, 0x5b,
66 0xd8, 0x41, 0x56, 0xc5, 0x63, 0x56, 0x88, 0xc0
69 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
70 0x73, 0x6f, 0x6d, 0x65, 0x20, 0x70, 0x6c, 0x61,
71 0x69, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x20, 0x74,
72 0x6f, 0x20, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70,
73 0x74, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x20,
74 0x53, 0x49, 0x56, 0x2d, 0x41, 0x45, 0x53
77 0x7b, 0xdb, 0x6e, 0x3b, 0x43, 0x26, 0x67, 0xeb,
78 0x06, 0xf4, 0xd1, 0x4b, 0xff, 0x2f, 0xbd, 0x0f,
79 0xcb, 0x90, 0x0f, 0x2f, 0xdd, 0xbe, 0x40, 0x43,
80 0x26, 0x60, 0x19, 0x65, 0xc8, 0x89, 0xbf, 0x17,
81 0xdb, 0xa7, 0x7c, 0xeb, 0x09, 0x4f, 0xa6, 0x63,
82 0xb7, 0xa3, 0xf7, 0x48, 0xba, 0x8a, 0xf8, 0x29,
83 0xea, 0x64, 0xad, 0x54, 0x4a, 0x27, 0x2e, 0x9c,
84 0x48, 0x5b, 0x62, 0xa3, 0xfd, 0x5c, 0x0d
86 u8 out[2 * AES_BLOCK_SIZE + sizeof(plaintext_2)];
90 /* RFC 5297, A.1. Deterministic Authenticated Encryption Example */
94 if (aes_siv_encrypt(key, plaintext, sizeof(plaintext),
96 wpa_printf(MSG_ERROR, "AES-SIV mode encryption failed");
99 if (os_memcmp(out, iv_c, sizeof(iv_c)) != 0) {
100 wpa_printf(MSG_ERROR,
101 "AES-SIV mode encryption returned invalid cipher text");
105 if (aes_siv_decrypt(key, iv_c, sizeof(iv_c), 1, addr, len, out)) {
106 wpa_printf(MSG_ERROR, "AES-SIV mode decryption failed");
109 if (os_memcmp(out, plaintext, sizeof(plaintext)) != 0) {
110 wpa_printf(MSG_ERROR,
111 "AES-SIV mode decryption returned invalid plain text");
115 /* RFC 5297, A.2. Nonce-Based Authenticated Encryption Example */
117 len[0] = sizeof(ad1_2);
119 len[1] = sizeof(ad2_2);
121 len[2] = sizeof(nonce_2);
123 if (aes_siv_encrypt(key_2, plaintext_2, sizeof(plaintext_2),
124 3, addr, len, out)) {
125 wpa_printf(MSG_ERROR, "AES-SIV mode encryption failed");
128 if (os_memcmp(out, iv_c_2, sizeof(iv_c_2)) != 0) {
129 wpa_printf(MSG_ERROR,
130 "AES-SIV mode encryption returned invalid cipher text");
134 if (aes_siv_decrypt(key_2, iv_c_2, sizeof(iv_c_2), 3, addr, len, out)) {
135 wpa_printf(MSG_ERROR, "AES-SIV mode decryption failed");
138 if (os_memcmp(out, plaintext_2, sizeof(plaintext_2)) != 0) {
139 wpa_printf(MSG_ERROR,
140 "AES-SIV mode decryption returned invalid plain text");
144 wpa_printf(MSG_INFO, "AES-SIV test cases passed");
145 #endif /* CONFIG_MESH */
151 /* OMAC1 AES-128 test vectors from
152 * http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/omac/omac-ad.pdf
153 * which are same as the examples from NIST SP800-38B
154 * http://csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf
157 struct omac1_test_vector {
164 static struct omac1_test_vector omac1_test_vectors[] =
167 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
168 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
171 { 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
172 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 }
175 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
176 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
177 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
178 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
180 { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
181 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c }
184 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
185 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
186 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
187 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
188 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
189 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
190 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11 },
192 { 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
193 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27 }
196 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
197 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
198 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
199 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
200 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
201 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
202 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
203 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
204 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
205 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 },
207 { 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
208 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe }
213 static int test_omac1_vector(struct omac1_test_vector *tv, unsigned int i)
216 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
217 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
219 u8 msg[] = { 0x12, 0x34, 0x56 };
220 u8 result[24], result2[24];
224 if (omac1_aes_128(tv->k, tv->msg, tv->msg_len, result) ||
225 os_memcmp(result, tv->tag, 16) != 0) {
226 wpa_printf(MSG_ERROR, "OMAC1-AES-128 test vector %u failed", i);
230 if (tv->msg_len > 1) {
234 addr[1] = tv->msg + 1;
235 len[1] = tv->msg_len - 1;
237 if (omac1_aes_128_vector(tv->k, 2, addr, len, result) ||
238 os_memcmp(result, tv->tag, 16) != 0) {
239 wpa_printf(MSG_ERROR,
240 "OMAC1-AES-128(vector) test vector %u failed",
246 len[0] = tv->msg_len - 2;
247 addr[1] = tv->msg + tv->msg_len - 2;
249 addr[2] = tv->msg + tv->msg_len - 1;
252 if (omac1_aes_128_vector(tv->k, 3, addr, len, result) ||
253 os_memcmp(result, tv->tag, 16) != 0) {
254 wpa_printf(MSG_ERROR,
255 "OMAC1-AES-128(vector2) test vector %u failed",
267 if (omac1_aes_128(key, msg, sizeof(msg), result) ||
268 omac1_aes_128_vector(key, 3, addr, len, result2) ||
269 os_memcmp(result, result2, 16) != 0) {
270 wpa_printf(MSG_ERROR, "OMAC1-AES-128 short test mismatch");
278 static int test_omac1(void)
282 for (i = 0; i < ARRAY_SIZE(omac1_test_vectors); i++) {
283 if (test_omac1_vector(&omac1_test_vectors[i], i))
287 wpa_printf(MSG_INFO, "OMAC1-AES-128 test cases passed");
293 static int test_eax(void)
296 u8 msg[] = { 0xF7, 0xFB };
297 u8 key[] = { 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B,
298 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4 };
299 u8 nonce[] = { 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84,
300 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD };
301 u8 hdr[] = { 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA };
302 u8 cipher[] = { 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D,
303 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79,
305 u8 data[sizeof(msg)], tag[AES_BLOCK_SIZE];
307 os_memcpy(data, msg, sizeof(msg));
308 if (aes_128_eax_encrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
309 data, sizeof(data), tag)) {
310 wpa_printf(MSG_ERROR, "AES-128 EAX mode encryption failed");
313 if (os_memcmp(data, cipher, sizeof(data)) != 0) {
314 wpa_printf(MSG_ERROR,
315 "AES-128 EAX mode encryption returned invalid cipher text");
318 if (os_memcmp(tag, cipher + sizeof(data), AES_BLOCK_SIZE) != 0) {
319 wpa_printf(MSG_ERROR,
320 "AES-128 EAX mode encryption returned invalid tag");
324 if (aes_128_eax_decrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
325 data, sizeof(data), tag)) {
326 wpa_printf(MSG_ERROR, "AES-128 EAX mode decryption failed");
329 if (os_memcmp(data, msg, sizeof(data)) != 0) {
330 wpa_printf(MSG_ERROR,
331 "AES-128 EAX mode decryption returned invalid plain text");
335 wpa_printf(MSG_INFO, "AES-128 EAX mode test cases passed");
342 static int test_cbc(void)
344 struct cbc_test_vector {
352 { 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b,
353 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06 },
354 { 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30,
355 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41 },
357 { 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8,
358 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a },
362 { 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0,
363 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a },
364 { 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28,
365 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58 },
366 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
367 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
368 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
369 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
370 { 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a,
371 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a,
372 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9,
373 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 },
381 for (i = 0; i < ARRAY_SIZE(vectors); i++) {
382 struct cbc_test_vector *tv = &vectors[i];
384 buf = os_malloc(tv->len);
390 os_memcpy(buf, tv->plain, tv->len);
391 if (aes_128_cbc_encrypt(tv->key, tv->iv, buf, tv->len) ||
392 os_memcmp(buf, tv->cipher, tv->len) != 0) {
393 wpa_printf(MSG_ERROR, "AES-CBC encrypt %d failed", i);
397 os_memcpy(buf, tv->cipher, tv->len);
398 if (aes_128_cbc_decrypt(tv->key, tv->iv, buf, tv->len) ||
399 os_memcmp(buf, tv->plain, tv->len) != 0) {
400 wpa_printf(MSG_ERROR, "AES-CBC decrypt %d failed", i);
411 static int test_ecb(void)
414 struct ecb_test_vector {
419 /* CAVS 11.1 - ECBGFSbox128.rsp */
421 "00000000000000000000000000000000",
422 "f34481ec3cc627bacd5dc3fb08f273e6",
423 "0336763e966d92595a567cc9ce537f5e"
426 "00000000000000000000000000000000",
427 "9798c4640bad75c7c3227db910174e72",
428 "a9a1631bf4996954ebc093957b234589"
431 "00000000000000000000000000000000",
432 "96ab5c2ff612d9dfaae8c31f30c42168",
433 "ff4f8391a6a40ca5b25d23bedd44a597"
436 "00000000000000000000000000000000",
437 "6a118a874519e64e9963798a503f1d35",
438 "dc43be40be0e53712f7e2bf5ca707209"
441 "00000000000000000000000000000000",
442 "cb9fceec81286ca3e989bd979b0cb284",
443 "92beedab1895a94faa69b632e5cc47ce"
446 "00000000000000000000000000000000",
447 "b26aeb1874e47ca8358ff22378f09144",
448 "459264f4798f6a78bacb89c15ed3d601"
451 "00000000000000000000000000000000",
452 "58c8e00b2631686d54eab84b91f0aca1",
453 "08a4e2efec8a8e3312ca7460b9040bbf"
455 /* CAVS 11.1 - ECBKeySbox128.rsp */
457 "10a58869d74be5a374cf867cfb473859",
458 "00000000000000000000000000000000",
459 "6d251e6944b051e04eaa6fb4dbf78465"
462 "caea65cdbb75e9169ecd22ebe6e54675",
463 "00000000000000000000000000000000",
464 "6e29201190152df4ee058139def610bb",
469 u8 key[16], plain[16], cipher[16], out[16];
471 for (i = 0; i < ARRAY_SIZE(vectors); i++) {
472 struct ecb_test_vector *tv = &vectors[i];
474 if (hexstr2bin(tv->key, key, sizeof(key)) ||
475 hexstr2bin(tv->plaintext, plain, sizeof(plain)) ||
476 hexstr2bin(tv->ciphertext, cipher, sizeof(cipher))) {
477 wpa_printf(MSG_ERROR, "Invalid AES-ECB test vector %u",
483 if (aes_128_encrypt_block(key, plain, out) < 0 ||
484 os_memcmp(out, cipher, 16) != 0) {
485 wpa_printf(MSG_ERROR, "AES-ECB encrypt %u failed", i);
491 wpa_printf(MSG_INFO, "AES ECB mode test cases passed");
500 static int test_key_wrap(void)
504 /* RFC 3394 - Test vector 4.1 */
506 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
507 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
510 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
511 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
514 0x1F, 0xA6, 0x8B, 0x0A, 0x81, 0x12, 0xB4, 0x47,
515 0xAE, 0xF3, 0x4B, 0xD8, 0xFB, 0x5A, 0x7B, 0x82,
516 0x9D, 0x3E, 0x86, 0x23, 0x71, 0xD2, 0xCF, 0xE5
518 /* RFC 3394 - Test vector 4.2 */
520 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
521 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
522 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
525 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
526 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
529 0x96, 0x77, 0x8B, 0x25, 0xAE, 0x6C, 0xA4, 0x35,
530 0xF9, 0x2B, 0x5B, 0x97, 0xC0, 0x50, 0xAE, 0xD2,
531 0x46, 0x8A, 0xB8, 0xA1, 0x7A, 0xD8, 0x4E, 0x5D
533 /* RFC 3394 - Test vector 4.3 */
535 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
536 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
537 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
538 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
541 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
542 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
545 0x64, 0xE8, 0xC3, 0xF9, 0xCE, 0x0F, 0x5B, 0xA2,
546 0x63, 0xE9, 0x77, 0x79, 0x05, 0x81, 0x8A, 0x2A,
547 0x93, 0xC8, 0x19, 0x1E, 0x7D, 0x6E, 0x8A, 0xE7,
549 /* RFC 3394 - Test vector 4.4 */
551 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
552 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
553 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
556 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
557 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
558 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
561 0x03, 0x1D, 0x33, 0x26, 0x4E, 0x15, 0xD3, 0x32,
562 0x68, 0xF2, 0x4E, 0xC2, 0x60, 0x74, 0x3E, 0xDC,
563 0xE1, 0xC6, 0xC7, 0xDD, 0xEE, 0x72, 0x5A, 0x93,
564 0x6B, 0xA8, 0x14, 0x91, 0x5C, 0x67, 0x62, 0xD2
566 /* RFC 3394 - Test vector 4.5 */
568 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
569 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
570 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
571 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
574 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
575 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
576 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
579 0xA8, 0xF9, 0xBC, 0x16, 0x12, 0xC6, 0x8B, 0x3F,
580 0xF6, 0xE6, 0xF4, 0xFB, 0xE3, 0x0E, 0x71, 0xE4,
581 0x76, 0x9C, 0x8B, 0x80, 0xA3, 0x2C, 0xB8, 0x95,
582 0x8C, 0xD5, 0xD1, 0x7D, 0x6B, 0x25, 0x4D, 0xA1,
584 /* RFC 3394 - Test vector 4.6 */
586 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
587 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
588 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
589 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
592 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
593 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF,
594 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
595 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
598 0x28, 0xC9, 0xF4, 0x04, 0xC4, 0xB8, 0x10, 0xF4,
599 0xCB, 0xCC, 0xB3, 0x5C, 0xFB, 0x87, 0xF8, 0x26,
600 0x3F, 0x57, 0x86, 0xE2, 0xD8, 0x0E, 0xD3, 0x26,
601 0xCB, 0xC7, 0xF0, 0xE7, 0x1A, 0x99, 0xF4, 0x3B,
602 0xFB, 0x98, 0x8B, 0x9B, 0x7A, 0x02, 0xDD, 0x21
606 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.1");
607 if (aes_wrap(kek41, sizeof(kek41), sizeof(plain41) / 8, plain41,
609 wpa_printf(MSG_ERROR, "AES-WRAP-128 reported failure");
612 if (os_memcmp(result, crypt41, sizeof(crypt41)) != 0) {
613 wpa_printf(MSG_ERROR, "AES-WRAP-128 failed");
616 if (aes_unwrap(kek41, sizeof(kek41), sizeof(plain41) / 8, crypt41,
618 wpa_printf(MSG_ERROR, "AES-UNWRAP-128 reported failure");
621 if (os_memcmp(result, plain41, sizeof(plain41)) != 0) {
622 wpa_printf(MSG_ERROR, "AES-UNWRAP-128 failed");
626 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.2");
627 if (aes_wrap(kek42, sizeof(kek42), sizeof(plain42) / 8, plain42,
629 wpa_printf(MSG_ERROR, "AES-WRAP-192 reported failure");
632 if (os_memcmp(result, crypt42, sizeof(crypt42)) != 0) {
633 wpa_printf(MSG_ERROR, "AES-WRAP-192 failed");
636 if (aes_unwrap(kek42, sizeof(kek42), sizeof(plain42) / 8, crypt42,
638 wpa_printf(MSG_ERROR, "AES-UNWRAP-192 reported failure");
641 if (os_memcmp(result, plain42, sizeof(plain42)) != 0) {
642 wpa_printf(MSG_ERROR, "AES-UNWRAP-192 failed");
646 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.3");
647 if (aes_wrap(kek43, sizeof(kek43), sizeof(plain43) / 8, plain43,
649 wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure");
652 if (os_memcmp(result, crypt43, sizeof(crypt43)) != 0) {
653 wpa_printf(MSG_ERROR, "AES-WRAP-256 failed");
656 if (aes_unwrap(kek43, sizeof(kek43), sizeof(plain43) / 8, crypt43,
658 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure");
661 if (os_memcmp(result, plain43, sizeof(plain43)) != 0) {
662 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed");
666 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.4");
667 if (aes_wrap(kek44, sizeof(kek44), sizeof(plain44) / 8, plain44,
669 wpa_printf(MSG_ERROR, "AES-WRAP-192 reported failure");
672 if (os_memcmp(result, crypt44, sizeof(crypt44)) != 0) {
673 wpa_printf(MSG_ERROR, "AES-WRAP-192 failed");
676 if (aes_unwrap(kek44, sizeof(kek44), sizeof(plain44) / 8, crypt44,
678 wpa_printf(MSG_ERROR, "AES-UNWRAP-192 reported failure");
681 if (os_memcmp(result, plain44, sizeof(plain44)) != 0) {
682 wpa_printf(MSG_ERROR, "AES-UNWRAP-192 failed");
686 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.5");
687 if (aes_wrap(kek45, sizeof(kek45), sizeof(plain45) / 8, plain45,
689 wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure");
692 if (os_memcmp(result, crypt45, sizeof(crypt45)) != 0) {
693 wpa_printf(MSG_ERROR, "AES-WRAP-256 failed");
696 if (aes_unwrap(kek45, sizeof(kek45), sizeof(plain45) / 8, crypt45,
698 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure");
701 if (os_memcmp(result, plain45, sizeof(plain45)) != 0) {
702 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed");
706 wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.6");
707 if (aes_wrap(kek46, sizeof(kek46), sizeof(plain46) / 8, plain46,
709 wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure");
712 if (os_memcmp(result, crypt46, sizeof(crypt46)) != 0) {
713 wpa_printf(MSG_ERROR, "AES-WRAP-256 failed");
716 if (aes_unwrap(kek46, sizeof(kek46), sizeof(plain46) / 8, crypt46,
718 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure");
721 if (os_memcmp(result, plain46, sizeof(plain46)) != 0) {
722 wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed");
727 wpa_printf(MSG_INFO, "AES key wrap/unwrap test cases passed");
733 static int test_md5(void)
741 "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04"
742 "\xe9\x80\x09\x98\xec\xf8\x42\x7e"
746 "\x0c\xc1\x75\xb9\xc0\xf1\xb6\xa8"
747 "\x31\xc3\x99\xe2\x69\x77\x26\x61"
751 "\x90\x01\x50\x98\x3c\xd2\x4f\xb0"
752 "\xd6\x96\x3f\x7d\x28\xe1\x7f\x72"
756 "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d"
757 "\x52\x5a\x2f\x31\xaa\xf1\x61\xd0"
760 "abcdefghijklmnopqrstuvwxyz",
761 "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00"
762 "\x7d\xfb\x49\x6c\xca\x67\xe1\x3b"
765 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
767 "\xd1\x74\xab\x98\xd2\x77\xd9\xf5"
768 "\xa5\x61\x1c\x2c\x9f\x41\x9d\x9f"
771 "12345678901234567890123456789012345678901234567890"
772 "123456789012345678901234567890",
773 "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55"
774 "\xac\x49\xda\x2e\x21\x07\xb6\x7a"
783 for (i = 0; i < ARRAY_SIZE(tests); i++) {
784 wpa_printf(MSG_INFO, "MD5 test case %d", i);
786 addr[0] = (u8 *) tests[i].data;
787 len[0] = strlen(tests[i].data);
788 if (md5_vector(1, addr, len, hash) < 0 ||
789 os_memcmp(hash, tests[i].hash, 16) != 0) {
790 wpa_printf(MSG_INFO, " FAIL");
793 wpa_printf(MSG_INFO, " OK");
796 addr[0] = (u8 *) tests[i].data;
797 len[0] = strlen(tests[i].data);
798 addr[1] = (u8 *) tests[i].data + 1;
799 len[1] = strlen(tests[i].data) - 1;
800 if (md5_vector(1, addr, len, hash) < 0 ||
801 os_memcmp(hash, tests[i].hash, 16) != 0) {
802 wpa_printf(MSG_INFO, " FAIL");
805 wpa_printf(MSG_INFO, " OK");
810 wpa_printf(MSG_INFO, "MD5 test cases passed");
816 static int test_eap_fast(void)
819 /* RFC 4851, Appendix B.1 */
820 const u8 pac_key[] = {
821 0x0B, 0x97, 0x39, 0x0F, 0x37, 0x51, 0x78, 0x09,
822 0x81, 0x1E, 0xFD, 0x9C, 0x6E, 0x65, 0x94, 0x2B,
823 0x63, 0x2C, 0xE9, 0x53, 0x89, 0x38, 0x08, 0xBA,
824 0x36, 0x0B, 0x03, 0x7C, 0xD1, 0x85, 0xE4, 0x14
827 0x3F, 0xFB, 0x11, 0xC4, 0x6C, 0xBF, 0xA5, 0x7A,
828 0x54, 0x40, 0xDA, 0xE8, 0x22, 0xD3, 0x11, 0xD3,
829 0xF7, 0x6D, 0xE4, 0x1D, 0xD9, 0x33, 0xE5, 0x93,
830 0x70, 0x97, 0xEB, 0xA9, 0xB3, 0x66, 0xF4, 0x2A,
831 0x00, 0x00, 0x00, 0x02, 0x6A, 0x66, 0x43, 0x2A,
832 0x8D, 0x14, 0x43, 0x2C, 0xEC, 0x58, 0x2D, 0x2F,
833 0xC7, 0x9C, 0x33, 0x64, 0xBA, 0x04, 0xAD, 0x3A,
834 0x52, 0x54, 0xD6, 0xA5, 0x79, 0xAD, 0x1E, 0x00
836 const u8 master_secret[] = {
837 0x4A, 0x1A, 0x51, 0x2C, 0x01, 0x60, 0xBC, 0x02,
838 0x3C, 0xCF, 0xBC, 0x83, 0x3F, 0x03, 0xBC, 0x64,
839 0x88, 0xC1, 0x31, 0x2F, 0x0B, 0xA9, 0xA2, 0x77,
840 0x16, 0xA8, 0xD8, 0xE8, 0xBD, 0xC9, 0xD2, 0x29,
841 0x38, 0x4B, 0x7A, 0x85, 0xBE, 0x16, 0x4D, 0x27,
842 0x33, 0xD5, 0x24, 0x79, 0x87, 0xB1, 0xC5, 0xA2
844 const u8 key_block[] = {
845 0x59, 0x59, 0xBE, 0x8E, 0x41, 0x3A, 0x77, 0x74,
846 0x8B, 0xB2, 0xE5, 0xD3, 0x60, 0xAC, 0x4D, 0x35,
847 0xDF, 0xFB, 0xC8, 0x1E, 0x9C, 0x24, 0x9C, 0x8B,
848 0x0E, 0xC3, 0x1D, 0x72, 0xC8, 0x84, 0x9D, 0x57,
849 0x48, 0x51, 0x2E, 0x45, 0x97, 0x6C, 0x88, 0x70,
850 0xBE, 0x5F, 0x01, 0xD3, 0x64, 0xE7, 0x4C, 0xBB,
851 0x11, 0x24, 0xE3, 0x49, 0xE2, 0x3B, 0xCD, 0xEF,
852 0x7A, 0xB3, 0x05, 0x39, 0x5D, 0x64, 0x8A, 0x44,
853 0x11, 0xB6, 0x69, 0x88, 0x34, 0x2E, 0x8E, 0x29,
854 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05,
855 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96,
856 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84,
857 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98,
858 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71
861 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05,
862 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96,
863 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84,
864 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98,
865 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71
868 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
869 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
870 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
871 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
874 0x16, 0x15, 0x3C, 0x3F, 0x21, 0x55, 0xEF, 0xD9,
875 0x7F, 0x34, 0xAE, 0xC8, 0x1A, 0x4E, 0x66, 0x80,
876 0x4C, 0xC3, 0x76, 0xF2, 0x8A, 0xA9, 0x6F, 0x96,
877 0xC2, 0x54, 0x5F, 0x8C, 0xAB, 0x65, 0x02, 0xE1,
878 0x18, 0x40, 0x7B, 0x56, 0xBE, 0xEA, 0xA7, 0xC5,
879 0x76, 0x5D, 0x8F, 0x0B, 0xC5, 0x07, 0xC6, 0xB9,
880 0x04, 0xD0, 0x69, 0x56, 0x72, 0x8B, 0x6B, 0xB8,
881 0x15, 0xEC, 0x57, 0x7B
884 0x4D, 0x83, 0xA9, 0xBE, 0x6F, 0x8A, 0x74, 0xED,
885 0x6A, 0x02, 0x66, 0x0A, 0x63, 0x4D, 0x2C, 0x33,
886 0xC2, 0xDA, 0x60, 0x15, 0xC6, 0x37, 0x04, 0x51,
887 0x90, 0x38, 0x63, 0xDA, 0x54, 0x3E, 0x14, 0xB9,
888 0x27, 0x99, 0x18, 0x1E, 0x07, 0xBF, 0x0F, 0x5A,
889 0x5E, 0x3C, 0x32, 0x93, 0x80, 0x8C, 0x6C, 0x49,
890 0x67, 0xED, 0x24, 0xFE, 0x45, 0x40, 0xA0, 0x59,
891 0x5E, 0x37, 0xC2, 0xE9, 0xD0, 0x5D, 0x0A, 0xE3
894 0x3A, 0xD4, 0xAB, 0xDB, 0x76, 0xB2, 0x7F, 0x3B,
895 0xEA, 0x32, 0x2C, 0x2B, 0x74, 0xF4, 0x28, 0x55,
896 0xEF, 0x2D, 0xBA, 0x78, 0xC9, 0x57, 0x2F, 0x0D,
897 0x06, 0xCD, 0x51, 0x7C, 0x20, 0x93, 0x98, 0xA9,
898 0x76, 0xEA, 0x70, 0x21, 0xD7, 0x0E, 0x25, 0x54,
899 0x97, 0xED, 0xB2, 0x8A, 0xF6, 0xED, 0xFD, 0x0A,
900 0x2A, 0xE7, 0xA1, 0x58, 0x90, 0x10, 0x50, 0x44,
901 0xB3, 0x82, 0x85, 0xDB, 0x06, 0x14, 0xD2, 0xF9
903 /* RFC 4851, Appendix B.2 */
905 0x80, 0x0C, 0x00, 0x38, 0x00, 0x01, 0x01, 0x00,
906 0xD8, 0x6A, 0x8C, 0x68, 0x3C, 0x32, 0x31, 0xA8,
907 0x56, 0x63, 0xB6, 0x40, 0x21, 0xFE, 0x21, 0x14,
908 0x4E, 0xE7, 0x54, 0x20, 0x79, 0x2D, 0x42, 0x62,
909 0xC9, 0xBF, 0x53, 0x7F, 0x54, 0xFD, 0xAC, 0x58,
910 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF,
911 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC,
912 0x05, 0xC5, 0x5B, 0xB7
914 const u8 compound_mac[] = {
915 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF,
916 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC,
917 0x05, 0xC5, 0x5B, 0xB7
920 const u8 *simck, *cmk;
923 wpa_printf(MSG_INFO, "EAP-FAST test cases");
925 wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / master_secret");
926 if (sha1_t_prf(pac_key, sizeof(pac_key),
927 "PAC to master secret label hash",
928 seed, sizeof(seed), buf, sizeof(master_secret)) < 0 ||
929 os_memcmp(master_secret, buf, sizeof(master_secret)) != 0) {
930 wpa_printf(MSG_INFO, "T-PRF test - FAILED!");
934 wpa_printf(MSG_INFO, "- PRF (TLS, SHA1/MD5) test case / key_block");
935 if (tls_prf_sha1_md5(master_secret, sizeof(master_secret),
936 "key expansion", seed, sizeof(seed),
937 buf, sizeof(key_block)) ||
938 os_memcmp(key_block, buf, sizeof(key_block)) != 0) {
939 wpa_printf(MSG_INFO, "PRF test - FAILED!");
943 wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / IMCK");
944 if (sha1_t_prf(sks, sizeof(sks), "Inner Methods Compound Keys",
945 isk, sizeof(isk), buf, sizeof(imck)) < 0 ||
946 os_memcmp(imck, buf, sizeof(imck)) != 0) {
947 wpa_printf(MSG_INFO, "T-PRF test - FAILED!");
954 wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / MSK");
955 if (sha1_t_prf(simck, 40, "Session Key Generating Function",
956 (u8 *) "", 0, buf, sizeof(msk)) < 0 ||
957 os_memcmp(msk, buf, sizeof(msk)) != 0) {
958 wpa_printf(MSG_INFO, "T-PRF test - FAILED!");
962 wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / EMSK");
963 if (sha1_t_prf(simck, 40, "Extended Session Key Generating Function",
964 (u8 *) "", 0, buf, sizeof(msk)) < 0 ||
965 os_memcmp(emsk, buf, sizeof(emsk)) != 0) {
966 wpa_printf(MSG_INFO, "T-PRF test - FAILED!");
970 wpa_printf(MSG_INFO, "- Compound MAC test case");
971 os_memset(tlv + sizeof(tlv) - 20, 0, 20);
972 if (hmac_sha1(cmk, 20, tlv, sizeof(tlv), tlv + sizeof(tlv) - 20) < 0 ||
973 os_memcmp(tlv + sizeof(tlv) - 20, compound_mac,
974 sizeof(compound_mac)) != 0) {
975 wpa_printf(MSG_INFO, "Compound MAC test - FAILED!");
982 #endif /* EAP_FAST */
988 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
989 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
990 0x0b, 0x0b, 0x0b, 0x0b
992 static u8 data0[] = "Hi There";
995 0xbc, 0xd4, 0xc6, 0x50, 0xb3, 0x0b, 0x96, 0x84,
996 0x95, 0x18, 0x29, 0xe0, 0xd7, 0x5f, 0x9d, 0x54,
997 0xb8, 0x62, 0x17, 0x5e, 0xd9, 0xf0, 0x06, 0x06,
998 0xe1, 0x7d, 0x8d, 0xa3, 0x54, 0x02, 0xff, 0xee,
999 0x75, 0xdf, 0x78, 0xc3, 0xd3, 0x1e, 0x0f, 0x88,
1000 0x9f, 0x01, 0x21, 0x20, 0xc0, 0x86, 0x2b, 0xeb,
1001 0x67, 0x75, 0x3e, 0x74, 0x39, 0xae, 0x24, 0x2e,
1002 0xdb, 0x83, 0x73, 0x69, 0x83, 0x56, 0xcf, 0x5a
1005 static u8 key1[] = "Jefe";
1006 static u8 data1[] = "what do ya want for nothing?";
1009 0x51, 0xf4, 0xde, 0x5b, 0x33, 0xf2, 0x49, 0xad,
1010 0xf8, 0x1a, 0xeb, 0x71, 0x3a, 0x3c, 0x20, 0xf4,
1011 0xfe, 0x63, 0x14, 0x46, 0xfa, 0xbd, 0xfa, 0x58,
1012 0x24, 0x47, 0x59, 0xae, 0x58, 0xef, 0x90, 0x09,
1013 0xa9, 0x9a, 0xbf, 0x4e, 0xac, 0x2c, 0xa5, 0xfa,
1014 0x87, 0xe6, 0x92, 0xc4, 0x40, 0xeb, 0x40, 0x02,
1015 0x3e, 0x7b, 0xab, 0xb2, 0x06, 0xd6, 0x1d, 0xe7,
1016 0xb9, 0x2f, 0x41, 0x52, 0x90, 0x92, 0xb8, 0xfc
1022 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1023 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1024 0xaa, 0xaa, 0xaa, 0xaa
1028 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1029 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1030 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1031 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1032 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1033 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1038 0xe1, 0xac, 0x54, 0x6e, 0xc4, 0xcb, 0x63, 0x6f,
1039 0x99, 0x76, 0x48, 0x7b, 0xe5, 0xc8, 0x6b, 0xe1,
1040 0x7a, 0x02, 0x52, 0xca, 0x5d, 0x8d, 0x8d, 0xf1,
1041 0x2c, 0xfb, 0x04, 0x73, 0x52, 0x52, 0x49, 0xce,
1042 0x9d, 0xd8, 0xd1, 0x77, 0xea, 0xd7, 0x10, 0xbc,
1043 0x9b, 0x59, 0x05, 0x47, 0x23, 0x91, 0x07, 0xae,
1044 0xf7, 0xb4, 0xab, 0xd4, 0x3d, 0x87, 0xf0, 0xa6,
1045 0x8f, 0x1c, 0xbd, 0x9e, 0x2b, 0x6f, 0x76, 0x07
1049 struct passphrase_test {
1055 static struct passphrase_test passphrase_tests[] =
1061 0xf4, 0x2c, 0x6f, 0xc5, 0x2d, 0xf0, 0xeb, 0xef,
1062 0x9e, 0xbb, 0x4b, 0x90, 0xb3, 0x8a, 0x5f, 0x90,
1063 0x2e, 0x83, 0xfe, 0x1b, 0x13, 0x5a, 0x70, 0xe2,
1064 0x3a, 0xed, 0x76, 0x2e, 0x97, 0x10, 0xa1, 0x2e
1071 0x0d, 0xc0, 0xd6, 0xeb, 0x90, 0x55, 0x5e, 0xd6,
1072 0x41, 0x97, 0x56, 0xb9, 0xa1, 0x5e, 0xc3, 0xe3,
1073 0x20, 0x9b, 0x63, 0xdf, 0x70, 0x7d, 0xd5, 0x08,
1074 0xd1, 0x45, 0x81, 0xf8, 0x98, 0x27, 0x21, 0xaf
1078 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
1079 "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ",
1081 0xbe, 0xcb, 0x93, 0x86, 0x6b, 0xb8, 0xc3, 0x83,
1082 0x2c, 0xb7, 0x77, 0xc2, 0xf5, 0x59, 0x80, 0x7c,
1083 0x8c, 0x59, 0xaf, 0xcb, 0x6e, 0xae, 0x73, 0x48,
1084 0x85, 0x00, 0x13, 0x00, 0xa9, 0x81, 0xcc, 0x62
1089 #define NUM_PASSPHRASE_TESTS ARRAY_SIZE(passphrase_tests)
1092 struct rfc6070_test {
1100 static struct rfc6070_test rfc6070_tests[] =
1107 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
1108 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
1109 0x2f, 0xe0, 0x37, 0xa6
1118 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
1119 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
1120 0xd8, 0xde, 0x89, 0x57
1129 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
1130 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
1131 0x65, 0xa4, 0x29, 0xc1
1135 #if 0 /* This takes quite long to derive.. */
1141 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
1142 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
1143 0x26, 0x34, 0xe9, 0x84
1149 "passwordPASSWORDpassword",
1150 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
1153 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
1154 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
1155 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
1160 #if 0 /* \0 not currently supported in passphrase parameters.. */
1166 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
1167 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3
1174 #define NUM_RFC6070_TESTS ARRAY_SIZE(rfc6070_tests)
1177 static int test_sha1(void)
1183 wpa_printf(MSG_INFO, "PRF-SHA1 test cases:");
1185 if (sha1_prf(key0, sizeof(key0), "prefix", data0, sizeof(data0) - 1,
1186 res, sizeof(prf0)) == 0 &&
1187 os_memcmp(res, prf0, sizeof(prf0)) == 0)
1188 wpa_printf(MSG_INFO, "Test case 0 - OK");
1190 wpa_printf(MSG_INFO, "Test case 0 - FAILED!");
1194 if (sha1_prf(key1, sizeof(key1) - 1, "prefix", data1, sizeof(data1) - 1,
1195 res, sizeof(prf1)) == 0 &&
1196 os_memcmp(res, prf1, sizeof(prf1)) == 0)
1197 wpa_printf(MSG_INFO, "Test case 1 - OK");
1199 wpa_printf(MSG_INFO, "Test case 1 - FAILED!");
1203 if (sha1_prf(key2, sizeof(key2), "prefix", data2, sizeof(data2),
1204 res, sizeof(prf2)) == 0 &&
1205 os_memcmp(res, prf2, sizeof(prf2)) == 0)
1206 wpa_printf(MSG_INFO, "Test case 2 - OK");
1208 wpa_printf(MSG_INFO, "Test case 2 - FAILED!");
1212 ret += test_eap_fast();
1214 wpa_printf(MSG_INFO, "PBKDF2-SHA1 Passphrase test cases:");
1215 for (i = 0; i < NUM_PASSPHRASE_TESTS; i++) {
1217 struct passphrase_test *test = &passphrase_tests[i];
1219 if (pbkdf2_sha1(test->passphrase,
1220 (const u8 *) test->ssid, strlen(test->ssid),
1221 4096, psk, 32) == 0 &&
1222 os_memcmp(psk, test->psk, 32) == 0)
1223 wpa_printf(MSG_INFO, "Test case %d - OK", i);
1225 wpa_printf(MSG_INFO, "Test case %d - FAILED!", i);
1230 wpa_printf(MSG_INFO, "PBKDF2-SHA1 test cases (RFC 6070):");
1231 for (i = 0; i < NUM_RFC6070_TESTS; i++) {
1233 struct rfc6070_test *test = &rfc6070_tests[i];
1235 if (pbkdf2_sha1(test->p, (const u8 *) test->s, strlen(test->s),
1236 test->c, dk, test->dk_len) == 0 &&
1237 os_memcmp(dk, test->dk, test->dk_len) == 0)
1238 wpa_printf(MSG_INFO, "Test case %d - OK", i);
1240 wpa_printf(MSG_INFO, "Test case %d - FAILED!", i);
1246 wpa_printf(MSG_INFO, "SHA1 test cases passed");
1258 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
1259 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
1260 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
1261 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
1265 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
1267 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
1268 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
1269 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
1270 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1
1282 /* draft-ietf-ipsec-ciph-sha-256-01.txt */
1285 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1286 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1287 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1288 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20
1293 0xa2, 0x1b, 0x1f, 0x5d, 0x4c, 0xf4, 0xf7, 0x3a,
1294 0x4d, 0xd9, 0x39, 0x75, 0x0f, 0x7a, 0x06, 0x6a,
1295 0x7f, 0x98, 0xcc, 0x13, 0x1c, 0xb1, 0x6a, 0x66,
1296 0x92, 0x75, 0x90, 0x21, 0xcf, 0xab, 0x81, 0x81
1301 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1302 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1303 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1304 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20
1307 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
1310 0x10, 0x4f, 0xdc, 0x12, 0x57, 0x32, 0x8f, 0x08,
1311 0x18, 0x4b, 0xa7, 0x31, 0x31, 0xc5, 0x3c, 0xae,
1312 0xe6, 0x98, 0xe3, 0x61, 0x19, 0x42, 0x11, 0x49,
1313 0xea, 0x8c, 0x71, 0x24, 0x56, 0x69, 0x7d, 0x30
1318 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1319 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1320 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1321 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20
1324 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
1325 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
1328 0x47, 0x03, 0x05, 0xfc, 0x7e, 0x40, 0xfe, 0x34,
1329 0xd3, 0xee, 0xb3, 0xe7, 0x73, 0xd9, 0x5a, 0xab,
1330 0x73, 0xac, 0xf0, 0xfd, 0x06, 0x04, 0x47, 0xa5,
1331 0xeb, 0x45, 0x95, 0xbf, 0x33, 0xa9, 0xd1, 0xa3
1336 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
1337 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
1338 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
1339 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
1345 0x19, 0x8a, 0x60, 0x7e, 0xb4, 0x4b, 0xfb, 0xc6,
1346 0x99, 0x03, 0xa0, 0xf1, 0xcf, 0x2b, 0xbd, 0xc5,
1347 0xba, 0x0a, 0xa3, 0xf3, 0xd9, 0xae, 0x3c, 0x1c,
1348 0x7a, 0x3b, 0x16, 0x96, 0xa0, 0xb6, 0x8c, 0xf7
1354 "what do ya want for nothing?",
1357 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e,
1358 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7,
1359 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83,
1360 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43
1365 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1366 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1367 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1368 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
1372 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1373 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1374 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1375 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1376 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1377 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
1382 0xcd, 0xcb, 0x12, 0x20, 0xd1, 0xec, 0xcc, 0xea,
1383 0x91, 0xe5, 0x3a, 0xba, 0x30, 0x92, 0xf9, 0x62,
1384 0xe5, 0x49, 0xfe, 0x6c, 0xe9, 0xed, 0x7f, 0xdc,
1385 0x43, 0x19, 0x1f, 0xbd, 0xe4, 0x5c, 0x30, 0xb0
1390 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1391 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1392 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1393 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
1394 0x21, 0x22, 0x23, 0x24, 0x25
1398 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1399 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1400 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1401 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1402 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1403 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1408 0xd4, 0x63, 0x3c, 0x17, 0xf6, 0xfb, 0x8d, 0x74,
1409 0x4c, 0x66, 0xde, 0xe0, 0xf8, 0xf0, 0x74, 0x55,
1410 0x6e, 0xc4, 0xaf, 0x55, 0xef, 0x07, 0x99, 0x85,
1411 0x41, 0x46, 0x8e, 0xb4, 0x9b, 0xd2, 0xe9, 0x17
1416 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
1417 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
1418 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
1419 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c
1422 "Test With Truncation",
1425 0x75, 0x46, 0xaf, 0x01, 0x84, 0x1f, 0xc0, 0x9b,
1426 0x1a, 0xb9, 0xc3, 0x74, 0x9a, 0x5f, 0x1c, 0x17,
1427 0xd4, 0xf5, 0x89, 0x66, 0x8a, 0x58, 0x7b, 0x27,
1428 0x00, 0xa9, 0xc9, 0x7c, 0x11, 0x93, 0xcf, 0x42
1433 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1434 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1435 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1436 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1437 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1438 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1439 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1440 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1441 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1442 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
1445 "Test Using Larger Than Block-Size Key - Hash Key First",
1448 0x69, 0x53, 0x02, 0x5e, 0xd9, 0x6f, 0x0c, 0x09,
1449 0xf8, 0x0a, 0x96, 0xf7, 0x8e, 0x65, 0x38, 0xdb,
1450 0xe2, 0xe7, 0xb8, 0x20, 0xe3, 0xdd, 0x97, 0x0e,
1451 0x7d, 0xdd, 0x39, 0x09, 0x1b, 0x32, 0x35, 0x2f
1456 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1457 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1458 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1459 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1460 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1461 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1462 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1463 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1464 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
1465 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
1468 "Test Using Larger Than Block-Size Key and Larger Than One "
1472 0x63, 0x55, 0xac, 0x22, 0xe8, 0x90, 0xd0, 0xa3,
1473 0xc8, 0x48, 0x1a, 0x5c, 0xa4, 0x82, 0x5b, 0xc8,
1474 0x84, 0xd3, 0xe7, 0xa1, 0xff, 0x98, 0xa2, 0xfc,
1475 0x2a, 0xc7, 0xd8, 0xe0, 0x64, 0xc3, 0xb2, 0xe6
1481 static int test_sha256(void)
1489 for (i = 0; i < ARRAY_SIZE(tests); i++) {
1490 wpa_printf(MSG_INFO, "SHA256 test case %d:", i + 1);
1492 addr[0] = (u8 *) tests[i].data;
1493 len[0] = strlen(tests[i].data);
1494 sha256_vector(1, addr, len, hash);
1495 if (memcmp(hash, tests[i].hash, 32) != 0) {
1496 wpa_printf(MSG_INFO, " FAIL");
1499 wpa_printf(MSG_INFO, " OK");
1502 addr[0] = (u8 *) tests[i].data;
1504 addr[1] = (u8 *) tests[i].data + 1;
1505 len[1] = strlen(tests[i].data) - 1;
1506 sha256_vector(2, addr, len, hash);
1507 if (memcmp(hash, tests[i].hash, 32) != 0) {
1508 wpa_printf(MSG_INFO, " FAIL");
1511 wpa_printf(MSG_INFO, " OK");
1515 for (i = 0; i < ARRAY_SIZE(hmac_tests); i++) {
1516 struct hmac_test *t = &hmac_tests[i];
1518 wpa_printf(MSG_INFO, "HMAC-SHA256 test case %d:", i + 1);
1520 if (hmac_sha256(t->key, t->key_len, t->data, t->data_len,
1522 os_memcmp(hash, t->hash, 32) != 0) {
1523 wpa_printf(MSG_INFO, " FAIL");
1526 wpa_printf(MSG_INFO, " OK");
1529 len[0] = t->data_len;
1530 if (hmac_sha256_vector(t->key, t->key_len, 1, addr, len,
1532 os_memcmp(hash, t->hash, 32) != 0) {
1533 wpa_printf(MSG_INFO, " FAIL");
1536 wpa_printf(MSG_INFO, " OK");
1541 addr[1] = t->data + 1;
1542 len[1] = t->data_len - 1;
1543 if (hmac_sha256_vector(t->key, t->key_len, 2, addr, len,
1545 os_memcmp(hash, t->hash, 32) != 0) {
1546 wpa_printf(MSG_INFO, " FAIL");
1549 wpa_printf(MSG_INFO, " OK");
1553 wpa_printf(MSG_INFO, "Test IEEE 802.11r KDF");
1554 sha256_prf((u8 *) "abc", 3, "KDF test", (u8 *) "data", 4,
1555 hash, sizeof(hash));
1556 /* TODO: add proper test case for this */
1559 wpa_printf(MSG_INFO, "SHA256 test cases passed");
1564 static int test_ms_funcs(void)
1566 /* Test vector from RFC2759 example */
1567 char *username = "User";
1568 char *password = "clientPass";
1569 u8 auth_challenge[] = {
1570 0x5B, 0x5D, 0x7C, 0x7D, 0x7B, 0x3F, 0x2F, 0x3E,
1571 0x3C, 0x2C, 0x60, 0x21, 0x32, 0x26, 0x26, 0x28
1573 u8 peer_challenge[] = {
1574 0x21, 0x40, 0x23, 0x24, 0x25, 0x5E, 0x26, 0x2A,
1575 0x28, 0x29, 0x5F, 0x2B, 0x3A, 0x33, 0x7C, 0x7E
1577 u8 password_hash[] = {
1578 0x44, 0xEB, 0xBA, 0x8D, 0x53, 0x12, 0xB8, 0xD6,
1579 0x11, 0x47, 0x44, 0x11, 0xF5, 0x69, 0x89, 0xAE
1581 u8 nt_response[] = {
1582 0x82, 0x30, 0x9E, 0xCD, 0x8D, 0x70, 0x8B, 0x5E,
1583 0xA0, 0x8F, 0xAA, 0x39, 0x81, 0xCD, 0x83, 0x54,
1584 0x42, 0x33, 0x11, 0x4A, 0x3D, 0x85, 0xD6, 0xDF
1586 u8 password_hash_hash[] = {
1587 0x41, 0xC0, 0x0C, 0x58, 0x4B, 0xD2, 0xD9, 0x1C,
1588 0x40, 0x17, 0xA2, 0xA1, 0x2F, 0xA5, 0x9F, 0x3F
1590 u8 authenticator_response[] = {
1591 0x40, 0x7A, 0x55, 0x89, 0x11, 0x5F, 0xD0, 0xD6,
1592 0x20, 0x9F, 0x51, 0x0F, 0xE9, 0xC0, 0x45, 0x66,
1593 0x93, 0x2C, 0xDA, 0x56
1596 0xFD, 0xEC, 0xE3, 0x71, 0x7A, 0x8C, 0x83, 0x8C,
1597 0xB3, 0x88, 0xE5, 0x27, 0xAE, 0x3C, 0xDD, 0x31
1599 u8 send_start_key[] = {
1600 0x8B, 0x7C, 0xDC, 0x14, 0x9B, 0x99, 0x3A, 0x1B,
1601 0xA1, 0x18, 0xCB, 0x15, 0x3F, 0x56, 0xDC, 0xCB
1606 if (nt_password_hash((u8 *) password, os_strlen(password), buf) ||
1607 os_memcmp(password_hash, buf, sizeof(password_hash)) != 0) {
1608 wpa_printf(MSG_ERROR, "nt_password_hash failed");
1612 if (generate_nt_response(auth_challenge, peer_challenge,
1613 (u8 *) username, os_strlen(username),
1614 (u8 *) password, os_strlen(password), buf) ||
1615 os_memcmp(nt_response, buf, sizeof(nt_response)) != 0) {
1616 wpa_printf(MSG_ERROR, "generate_nt_response failed");
1620 if (hash_nt_password_hash(password_hash, buf) ||
1621 os_memcmp(password_hash_hash, buf,
1622 sizeof(password_hash_hash)) != 0) {
1623 wpa_printf(MSG_ERROR, "hash_nt_password_hash failed");
1627 if (generate_authenticator_response((u8 *) password,
1628 os_strlen(password),
1629 peer_challenge, auth_challenge,
1631 os_strlen(username),
1632 nt_response, buf) ||
1633 os_memcmp(authenticator_response, buf,
1634 sizeof(authenticator_response)) != 0) {
1635 wpa_printf(MSG_ERROR, "generate_authenticator_response failed");
1639 if (get_master_key(password_hash_hash, nt_response, buf) ||
1640 os_memcmp(master_key, buf, sizeof(master_key)) != 0) {
1641 wpa_printf(MSG_ERROR, "get_master_key failed");
1645 if (get_asymetric_start_key(master_key, buf, sizeof(send_start_key),
1647 os_memcmp(send_start_key, buf, sizeof(send_start_key)) != 0) {
1648 wpa_printf(MSG_ERROR, "get_asymetric_start_key failed");
1653 wpa_printf(MSG_ERROR, "ms_funcs: %d errors", errors);
1655 wpa_printf(MSG_INFO, "ms_funcs test cases passed");
1661 int crypto_module_tests(void)
1665 wpa_printf(MSG_INFO, "crypto module tests");