Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/tests/asn.1/make-vectors.c
34907 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/* tests/asn.1/make-vectors.c - Generate ASN.1 test vectors using asn1c */

3
/*

4
 * Copyright (C) 2011 by the Massachusetts Institute of Technology.

5
 * All rights reserved.

6
 *

7
 * Export of this software from the United States of America may

8
 *   require a specific license from the United States Government.

9
 *   It is the responsibility of any person or organization contemplating

10
 *   export to obtain such a license before exporting.

11
 *

12
 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and

13
 * distribute this software and its documentation for any purpose and

14
 * without fee is hereby granted, provided that the above copyright

15
 * notice appear in all copies and that both that copyright notice and

16
 * this permission notice appear in supporting documentation, and that

17
 * the name of M.I.T. not be used in advertising or publicity pertaining

18
 * to distribution of the software without specific, written prior

19
 * permission.  Furthermore if you modify this software you must label

20
 * your software as modified software and not distribute it in such a

21
 * fashion that it might be confused with the original M.I.T. software.

22
 * M.I.T. makes no representations about the suitability of

23
 * this software for any purpose.  It is provided "as is" without express

24
 * or implied warranty.

25
 */

26


27
/*

28
 * This program generates test vectors using asn1c, to be included in other

29
 * test programs which exercise the krb5 ASN.1 encoder and decoder functions.

30
 * It is intended to be used via "make test-vectors".  Currently, test vectors

31
 * are only generated for a subset of newer ASN.1 objects.

32
 */

33


34
#include <PrincipalName.h>

35
#include <KRB5PrincipalName.h>

36
#include <OtherInfo.h>

37
#include <PkinitSuppPubInfo.h>

38
#include <OTP-TOKENINFO.h>

39
#include <PA-OTP-CHALLENGE.h>

40
#include <PA-OTP-REQUEST.h>

41
#include <PA-OTP-ENC-REQUEST.h>

42
#include <AD-CAMMAC.h>

43
#include <SPAKESecondFactor.h>

44
#include <PA-SPAKE.h>

45


46
static unsigned char buf[8192];

47
static size_t buf_pos;

48


49
/* PrincipalName and KRB5PrincipalName */

50
static KerberosString_t comp_1 = { "hftsai", 6 };

51
static KerberosString_t comp_2 = { "extra", 5 };

52
static KerberosString_t *comps[] = { &comp_1, &comp_2 };

53
static PrincipalName_t princ = { 1, { comps, 2, 2 } };

54
static KRB5PrincipalName_t krb5princ = { { "ATHENA.MIT.EDU", 14 },

55
                                         { 1, { comps, 2, 2 } } };

56


57
/* OtherInfo */

58
static unsigned int krb5_arcs[] = { 1, 2, 840, 113554, 1, 2, 2 };

59
static OCTET_STRING_t krb5data_ostring = { "krb5data", 8 };

60
static OtherInfo_t other_info = {

61
    { 0 }, { 0 }, { 0 },        /* Initialized in main() */

62
    &krb5data_ostring, NULL

63
};

64


65
/* PkinitSuppPubInfo */

66
static PkinitSuppPubInfo_t supp_pub_info = { 1, { "krb5data", 8 },

67
                                             { "krb5data", 8 } };

68


69
/* Minimal OTP-TOKENINFO */

70
static OTP_TOKENINFO_t token_info_1 = { { "\0\0\0\0", 4, 0 } };

71


72
/* Maximal OTP-TOKENINFO */

73
static UTF8String_t vendor = { "Examplecorp", 11 };

74
static OCTET_STRING_t challenge = { "hark!", 5 };

75
static Int32_t otp_length = 10;

76
static OTPFormat_t otp_format; /* Initialized to 2 in main(). */

77
static OCTET_STRING_t token_id = { "yourtoken", 9 };

78
static AnyURI_t otp_alg = { "urn:ietf:params:xml:ns:keyprov:pskc:hotp", 40 };

79
static unsigned int sha256_arcs[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 };

80
static unsigned int sha1_arcs[] = { 1, 3, 14, 3, 2, 26 };

81
static AlgorithmIdentifier_t alg_sha256, alg_sha1; /* Initialized in main(). */

82
static AlgorithmIdentifier_t *algs[] = { &alg_sha256, &alg_sha1 };

83
static struct supportedHashAlg hash_algs = { algs, 2, 2 };

84
static Int32_t iter_count = 1000;

85
/* Flags are nextOTP | combine | collect-pin | must-encrypt-nonce |

86
 * separate-pin-required | check-digit */

87
static OTP_TOKENINFO_t token_info_2 = { { "\x77\0\0\0", 4, 0 }, &vendor,

88
                                        &challenge, &otp_length, &otp_format,

89
                                        &token_id, &otp_alg, &hash_algs,

90
                                        &iter_count };

91


92
/* Minimal PA-OTP-CHALLENGE */

93
static OTP_TOKENINFO_t *tinfo_1[] = { &token_info_1 };

94
static PA_OTP_CHALLENGE_t challenge_1 = { { "minnonce", 8 }, NULL,

95
                                          { { tinfo_1, 1, 1 } } };

96


97
/* Maximal PA-OTP-CHALLENGE */

98
static OTP_TOKENINFO_t *tinfo_2[] = { &token_info_1, &token_info_2 };

99
static UTF8String_t service = { "testservice", 11 };

100
static KerberosString_t salt = { "keysalt", 7 };

101
static OCTET_STRING_t s2kparams = { "1234", 4 };

102
static PA_OTP_CHALLENGE_t challenge_2 = { { "maxnonce", 8 }, &service,

103
                                          { { tinfo_2, 2, 2 } }, &salt,

104
                                          &s2kparams };

105


106
/* Minimal PA-OTP-REQUEST */

107
static UInt32_t kvno = 5;

108
static PA_OTP_REQUEST_t request_1 = { { "\0\0\0\0", 4, 0 }, NULL,

109
                                      { 0, &kvno,

110
                                        { "krbASN.1 test message", 21 } } };

111


112
/* Maximal PA-OTP-REQUEST */

113
/* Flags are nextOTP | combine */

114
static OCTET_STRING_t nonce = { "nonce", 5 };

115
static OCTET_STRING_t otp_value = { "frogs", 5 };

116
static UTF8String_t otp_pin = { "myfirstpin", 10 };

117
/* Corresponds to Unix time 771228197 */

118
static KerberosTime_t otp_time = { "19940610060317Z", 15 };

119
static OCTET_STRING_t counter = { "346", 3 };

120
static PA_OTP_REQUEST_t request_2 = { { "\x60\0\0\0", 4, 0 }, &nonce,

121
                                      { 0, &kvno,

122
                                        { "krbASN.1 test message", 21 } },

123
                                      &alg_sha256, &iter_count, &otp_value,

124
                                      &otp_pin, &challenge, &otp_time,

125
                                      &counter, &otp_format, &token_id,

126
                                      &otp_alg, &vendor };

127


128
/* PA-OTP-ENC-REQUEST */

129
static PA_OTP_ENC_REQUEST_t enc_request = { { "krb5data", 8 } };

130


131
/*

132
 * There is no ASN.1 name for a single authorization data element, so asn1c

133
 * declares it as "struct Member" in an inner scope.  This structure must be

134
 * laid out identically to that one.

135
 */

136
struct ad_element {

137
    Int32_t ad_type;

138
    OCTET_STRING_t ad_data;

139
    asn_struct_ctx_t _asn_ctx;

140
};

141


142
/* Authorization data elements and lists, for use in CAMMAC */

143
static struct ad_element ad_1 = { 1, { "ad1", 3 } };

144
static struct ad_element ad_2 = { 2, { "ad2", 3 } };

145
static struct ad_element *adlist_1[] = { &ad_1 };

146
static struct ad_element *adlist_2[] = { &ad_1, &ad_2 };

147


148
/* Minimal Verifier */

149
static Verifier_t verifier_1 = { Verifier_PR_mac,

150
                                 { { NULL, NULL, NULL,

151
                                     { 1, { "cksum1", 6 } } } } };

152


153
/* Maximal Verifier */

154
static Int32_t enctype = 16;

155
static Verifier_t verifier_2 = { Verifier_PR_mac,

156
                                 { { &princ, &kvno, &enctype,

157
                                     { 1, { "cksum2", 6 } } } } };

158


159
/* Minimal CAMMAC */

160
static AD_CAMMAC_t cammac_1 = { { { (void *)adlist_1, 1, 1 } },

161
                                NULL, NULL, NULL };

162


163
/* Maximal CAMMAC */

164
static Verifier_MAC_t vmac_1 = { &princ, &kvno, &enctype,

165
                                 { 1, { "cksumkdc", 8 } } };

166
static Verifier_MAC_t vmac_2 = { &princ, &kvno, &enctype,

167
                                 { 1, { "cksumsvc", 8 } } };

168
static Verifier_t *verifiers[] = { &verifier_1, &verifier_2 };

169
static struct other_verifiers overfs = { { verifiers, 2, 2 } };

170
static AD_CAMMAC_t cammac_2 = { { { (void *)adlist_2, 2, 2 } },

171
                                &vmac_1, &vmac_2, &overfs };

172


173
/* SPAKESecondFactor */

174
static SPAKESecondFactor_t factor_1 = { 1, NULL };

175
static OCTET_STRING_t factor_data = { "fdata", 5 };

176
static SPAKESecondFactor_t factor_2 = { 2, &factor_data };

177


178
/* PA-SPAKE (support) */

179
static Int32_t group_1 = 1, group_2 = 2, *groups[] = { &group_1, &group_2 };

180
static PA_SPAKE_t pa_spake_1 = { PA_SPAKE_PR_support,

181
                                 { .support = { { groups, 2, 2 } } } };

182


183
/* PA-SPAKE (challenge) */

184
static SPAKESecondFactor_t *factors[2] = { &factor_1, &factor_2 };

185
static PA_SPAKE_t pa_spake_2 = { PA_SPAKE_PR_challenge,

186
                                 { .challenge = { 1, { "T value", 7 },

187
                                                  { factors, 2, 2 } } } };

188


189
/* PA-SPAKE (response) */

190
UInt32_t enctype_5 = 5;

191
static PA_SPAKE_t pa_spake_3 = { PA_SPAKE_PR_response,

192
                                 { .response = { { "S value", 7 },

193
                                                 { 0, &enctype_5,

194
                                                   { "krbASN.1 test message",

195
                                                     21 } } } } };

196


197
/* PA-SPAKE (encdata) */

198
static PA_SPAKE_t pa_spake_4 = { PA_SPAKE_PR_encdata,

199
                                 { .encdata = { 0, &enctype_5,

200
                                                { "krbASN.1 test message",

201
                                                  21 } } } };

202


203
static int

204
consume(const void *data, size_t size, void *dummy)

205
{

206
    memcpy(buf + buf_pos, data, size);

207
    buf_pos += size;

208
    return 0;

209
}

210


211
/* Display a C string literal representing the contents of buf, and

212
 * reinitialize buf_pos for the next encoding operation. */

213
static void

214
printbuf(void)

215
{

216
    size_t i;

217


218
    for (i = 0; i < buf_pos; i++) {

219
        printf("%02X", buf[i]);

220
        if (i + 1 < buf_pos)

221
            printf(" ");

222
    }

223
    buf_pos = 0;

224
}

225


226
int

227
main(void)

228
{

229
    /* Initialize values which can't use static initializers. */

230
    asn_long2INTEGER(&otp_format, 2);  /* Alphanumeric */

231
    OBJECT_IDENTIFIER_set_arcs(&alg_sha256.algorithm, sha256_arcs,

232
                               sizeof(*sha256_arcs),

233
                               sizeof(sha256_arcs) / sizeof(*sha256_arcs));

234
    OBJECT_IDENTIFIER_set_arcs(&alg_sha1.algorithm, sha1_arcs,

235
                               sizeof(*sha1_arcs),

236
                               sizeof(sha1_arcs) / sizeof(*sha1_arcs));

237
    OBJECT_IDENTIFIER_set_arcs(&other_info.algorithmID.algorithm, krb5_arcs,

238
                               sizeof(*krb5_arcs),

239
                               sizeof(krb5_arcs) / sizeof(*krb5_arcs));

240


241
    printf("PrincipalName:\n");

242
    der_encode(&asn_DEF_PrincipalName, &princ, consume, NULL);

243
    printbuf();

244


245
    /* Print this encoding and also use it to initialize two fields of

246
     * other_info. */

247
    printf("\nKRB5PrincipalName:\n");

248
    der_encode(&asn_DEF_KRB5PrincipalName, &krb5princ, consume, NULL);

249
    OCTET_STRING_fromBuf(&other_info.partyUInfo, buf, buf_pos);

250
    OCTET_STRING_fromBuf(&other_info.partyVInfo, buf, buf_pos);

251
    printbuf();

252


253
    printf("\nOtherInfo:\n");

254
    der_encode(&asn_DEF_OtherInfo, &other_info, consume, NULL);

255
    printbuf();

256
    free(other_info.partyUInfo.buf);

257
    free(other_info.partyVInfo.buf);

258


259
    printf("\nPkinitSuppPubInfo:\n");

260
    der_encode(&asn_DEF_PkinitSuppPubInfo, &supp_pub_info, consume, NULL);

261
    printbuf();

262


263
    printf("\nMinimal OTP-TOKEN-INFO:\n");

264
    der_encode(&asn_DEF_OTP_TOKENINFO, &token_info_1, consume, NULL);

265
    printbuf();

266


267
    printf("\nMaximal OTP-TOKEN-INFO:\n");

268
    der_encode(&asn_DEF_OTP_TOKENINFO, &token_info_2, consume, NULL);

269
    printbuf();

270


271
    printf("\nMinimal PA-OTP-CHALLENGE:\n");

272
    der_encode(&asn_DEF_PA_OTP_CHALLENGE, &challenge_1, consume, NULL);

273
    printbuf();

274


275
    printf("\nMaximal PA-OTP-CHALLENGE:\n");

276
    der_encode(&asn_DEF_PA_OTP_CHALLENGE, &challenge_2, consume, NULL);

277
    printbuf();

278


279
    printf("\nMinimal PA-OTP-REQUEST:\n");

280
    der_encode(&asn_DEF_PA_OTP_REQUEST, &request_1, consume, NULL);

281
    printbuf();

282


283
    printf("\nMaximal PA-OTP-REQUEST:\n");

284
    der_encode(&asn_DEF_PA_OTP_REQUEST, &request_2, consume, NULL);

285
    printbuf();

286


287
    printf("\nPA-OTP-ENC-REQUEST:\n");

288
    der_encode(&asn_DEF_PA_OTP_ENC_REQUEST, &enc_request, consume, NULL);

289
    printbuf();

290


291
    printf("\nMinimal Verifier:\n");

292
    der_encode(&asn_DEF_Verifier, &verifier_1, consume, NULL);

293
    printbuf();

294


295
    printf("\nMaximal Verifier:\n");

296
    der_encode(&asn_DEF_Verifier, &verifier_2, consume, NULL);

297
    printbuf();

298


299
    printf("\nMinimal AD-CAMMAC:\n");

300
    der_encode(&asn_DEF_AD_CAMMAC, &cammac_1, consume, NULL);

301
    printbuf();

302


303
    printf("\nMaximal AD-CAMMAC:\n");

304
    der_encode(&asn_DEF_AD_CAMMAC, &cammac_2, consume, NULL);

305
    printbuf();

306


307
    printf("\nMinimal SPAKESecondFactor:\n");

308
    der_encode(&asn_DEF_SPAKESecondFactor, &factor_1, consume, NULL);

309
    printbuf();

310


311
    printf("\nMaximal SPAKESecondFactor:\n");

312
    der_encode(&asn_DEF_SPAKESecondFactor, &factor_2, consume, NULL);

313
    printbuf();

314


315
    printf("\nPA-SPAKE (support):\n");

316
    der_encode(&asn_DEF_PA_SPAKE, &pa_spake_1, consume, NULL);

317
    printbuf();

318


319
    printf("\nPA-SPAKE (challenge):\n");

320
    der_encode(&asn_DEF_PA_SPAKE, &pa_spake_2, consume, NULL);

321
    printbuf();

322


323
    printf("\nPA-SPAKE (response):\n");

324
    der_encode(&asn_DEF_PA_SPAKE, &pa_spake_3, consume, NULL);

325
    printbuf();

326


327
    printf("\nPA-SPAKE (encdata):\n");

328
    der_encode(&asn_DEF_PA_SPAKE, &pa_spake_4, consume, NULL);

329
    printbuf();

330


331
    printf("\n");

332
    return 0;

333
}

334


335