/* $NetBSD: t_crypt.c,v 1.3 2011/12/28 22:07:40 christos Exp $ */ /* * This version is derived from the original implementation of FreeSec * (release 1.1) by David Burren. I've reviewed the changes made in * OpenBSD (as of 2.7) and modified the original code in a similar way * where applicable. I've also made it reentrant and made a number of * other changes. * - Solar Designer */ /* * FreeSec: libcrypt for NetBSD * * Copyright (c) 1994 David Burren * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the author nor the names of other contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $Owl: Owl/packages/glibc/crypt_freesec.c,v 1.6 2010/02/20 14:45:06 solar Exp $ * Id: crypt.c,v 1.15 1994/09/13 04:58:49 davidb Exp * * This is an original implementation of the DES and the crypt(3) interfaces * by David Burren . * * An excellent reference on the underlying algorithm (and related * algorithms) is: * * B. Schneier, Applied Cryptography: protocols, algorithms, * and source code in C, John Wiley & Sons, 1994. * * Note that in that book's description of DES the lookups for the initial, * pbox, and final permutations are inverted (this has been brought to the * attention of the author). A list of errata for this book has been * posted to the sci.crypt newsgroup by the author and is available for FTP. * * ARCHITECTURE ASSUMPTIONS: * This code used to have some nasty ones, but these have been removed * by now. The code requires a 32-bit integer type, though. */ #include __RCSID("$NetBSD: t_crypt.c,v 1.3 2011/12/28 22:07:40 christos Exp $"); #include #include #include #include #include static const struct { const char *hash; const char *pw; } tests[] = { /* "new"-style */ /* 0 */ { "_J9..CCCCXBrJUJV154M", "U*U*U*U*" }, /* 1 */ { "_J9..CCCCXUhOBTXzaiE", "U*U***U" }, /* 2 */ { "_J9..CCCC4gQ.mB/PffM", "U*U***U*" }, /* 3 */ { "_J9..XXXXvlzQGqpPPdk", "*U*U*U*U" }, /* 4 */ { "_J9..XXXXsqM/YSSP..Y", "*U*U*U*U*" }, /* 5 */ { "_J9..XXXXVL7qJCnku0I", "*U*U*U*U*U*U*U*U" }, /* 6 */ { "_J9..XXXXAj8cFbP5scI", "*U*U*U*U*U*U*U*U*" }, /* 7 */ { "_J9..SDizh.vll5VED9g", "ab1234567" }, /* 8 */ { "_J9..SDizRjWQ/zePPHc", "cr1234567" }, /* 9 */ { "_J9..SDizxmRI1GjnQuE", "zxyDPWgydbQjgq" }, /* 10 */ { "_K9..SaltNrQgIYUAeoY", "726 even" }, /* 11 */ { "_J9..SDSD5YGyRCr4W4c", "" }, /* "old"-style, valid salts */ /* 12 */ { "CCNf8Sbh3HDfQ", "U*U*U*U*" }, /* 13 */ { "CCX.K.MFy4Ois", "U*U***U" }, /* 14 */ { "CC4rMpbg9AMZ.", "U*U***U*" }, /* 15 */ { "XXxzOu6maQKqQ", "*U*U*U*U" }, /* 16 */ { "SDbsugeBiC58A", "" }, /* 17 */ { "./xZjzHv5vzVE", "password" }, /* 18 */ { "0A2hXM1rXbYgo", "password" }, /* 19 */ { "A9RXdR23Y.cY6", "password" }, /* 20 */ { "ZziFATVXHo2.6", "password" }, /* 21 */ { "zZDDIZ0NOlPzw", "password" }, /* "old"-style, "reasonable" invalid salts, UFC-crypt behavior expected */ /* 22 */ { "\001\002wyd0KZo65Jo", "password" }, /* 23 */ { "a_C10Dk/ExaG.", "password" }, /* 24 */ { "~\377.5OTsRVjwLo", "password" }, /* The below are erroneous inputs, so NULL return is expected/required */ /* 25 */ { "", "" }, /* no salt */ /* 26 */ { " ", "" }, /* setting string is too short */ /* 27 */ { "a:", "" }, /* unsafe character */ /* 28 */ { "\na", "" }, /* unsafe character */ /* 29 */ { "_/......", "" }, /* setting string is too short for its type */ /* 30 */ { "_........", "" }, /* zero iteration count */ /* 31 */ { "_/!......", "" }, /* invalid character in count */ /* 32 */ { "_/......!", "" }, /* invalid character in salt */ /* 33 */ { NULL, NULL } }; ATF_TC(crypt_salts); ATF_TC_HEAD(crypt_salts, tc) { atf_tc_set_md_var(tc, "descr", "crypt(3) salt consistency checks"); } ATF_TC_BODY(crypt_salts, tc) { for (size_t i = 0; tests[i].hash; i++) { char *hash = crypt(tests[i].pw, tests[i].hash); if (!hash) { ATF_CHECK_MSG(0, "Test %zu NULL\n", i); continue; } if (strcmp(hash, "*0") == 0 && strlen(tests[i].hash) < 13) continue; /* expected failure */ if (strcmp(hash, tests[i].hash)) ATF_CHECK_MSG(0, "Test %zu %s != %s\n", i, hash, tests[i].hash); } } ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, crypt_salts); return atf_no_error(); }