You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/13 23:34:49 UTC
[3/3] directory-kerberos git commit: Added test for the des key maker
for intermediate steps
Added test for the des key maker for intermediate steps
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/33cde404
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/33cde404
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/33cde404
Branch: refs/heads/fixdes
Commit: 33cde40470beafb60aa264283122998c11965af3
Parents: 0ce18e3
Author: Drankye <dr...@gmail.com>
Authored: Wed Jan 14 06:34:04 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Wed Jan 14 06:34:04 2015 +0800
----------------------------------------------------------------------
.../kerb/crypto/key/AbstractKeyMaker.java | 17 ++++--
.../kerberos/kerb/crypto/key/Des3KeyMaker.java | 13 +----
.../kerberos/kerb/crypto/key/DesKeyMaker.java | 47 ++++++++++++----
.../kerberos/kerb/crypto/DesKeyMakerTest.java | 59 ++++++++++++++++++++
4 files changed, 110 insertions(+), 26 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/33cde404/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java
index 1738788..69b5576 100644
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java
+++ b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java
@@ -44,12 +44,19 @@ public abstract class AbstractKeyMaker implements KeyMaker {
return new byte[0];
}
- protected static char[] makePasswdSalt(String password, String salt) {
- char[] result = new char[password.length() + salt.length()];
- System.arraycopy(password.toCharArray(), 0, result, 0, password.length());
- System.arraycopy(salt.toCharArray(), 0, result, password.length(), salt.length());
+ /**
+ * Visible for test
+ */
+ public static byte[] makePasswdSalt(String password, String salt) {
+ char[] chars = new char[password.length() + salt.length()];
+ System.arraycopy(password.toCharArray(), 0, chars, 0, password.length());
+ System.arraycopy(salt.toCharArray(), 0, chars, password.length(), salt.length());
- return result;
+ try {
+ return new String(chars).getBytes("UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException("Character decoding failed", e);
+ }
}
protected static int getIterCount(byte[] param, int defCount) {
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/33cde404/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java
index f8df6a5..9b98a5e 100644
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java
+++ b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java
@@ -24,8 +24,6 @@ import org.apache.kerberos.kerb.crypto.Des;
import org.apache.kerberos.kerb.crypto.Nfold;
import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import java.io.UnsupportedEncodingException;
-
public class Des3KeyMaker extends DkKeyMaker {
public Des3KeyMaker(EncryptProvider encProvider) {
@@ -34,15 +32,10 @@ public class Des3KeyMaker extends DkKeyMaker {
@Override
public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
- char[] passwdSalt = makePasswdSalt(string, salt);
+ byte[] utf8Bytes = makePasswdSalt(string, salt);
int keyInputSize = encProvider().keyInputSize();
- try {
- byte[] utf8Bytes = new String(passwdSalt).getBytes("UTF-8");
- byte[] tmpKey = random2Key(Nfold.nfold(utf8Bytes, keyInputSize));
- return dk(tmpKey, KERBEROS_CONSTANT);
- } catch (UnsupportedEncodingException e) {
- throw new KrbException("str2key failed", e);
- }
+ byte[] tmpKey = random2Key(Nfold.nfold(utf8Bytes, keyInputSize));
+ return dk(tmpKey, KERBEROS_CONSTANT);
}
@Override
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/33cde404/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
index 4ad6d98..5feab96 100644
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
+++ b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
@@ -52,8 +52,7 @@ public class DesKeyMaker extends AbstractKeyMaker {
throw new KrbException(error);
}
- char[] passwdSalt = makePasswdSalt(string, salt);
- byte[] key = toKey(passwdSalt);
+ byte[] key = toKey(string, salt);
return key;
}
@@ -74,15 +73,30 @@ public class DesKeyMaker extends AbstractKeyMaker {
return(key);
}
*/
- private byte[] toKey(char[] passwdChars) throws KrbException {
- int keySize = encProvider().keySize();
+ private byte[] toKey(String string, String salt) throws KrbException {
+ byte[] bytes = makePasswdSalt(string, salt);
+ // padded with zero-valued octets to a multiple of eight octets.
+ byte[] paddedBytes = BytesUtil.padding(bytes, 8);
- byte[] bytes = (new String(passwdChars)).getBytes();
+ byte[] fanFoldedKey = fanFold(string, salt, paddedBytes);
- // padded with zero-valued octets to a multiple of eight octets.
- byte[] paddedBytes = BytesUtil.padding(bytes, keySize);
+ byte[] intermediateKey = intermediateKey(fanFoldedKey);
+
+ byte[] key = desEncryptedKey(intermediateKey, paddedBytes);
+ return key;
+ }
+
+ /**
+ * Visible for test
+ */
+ public static byte[] fanFold(String string, String salt, byte[] paddedBytes) {
+ if (paddedBytes == null) {
+ byte[] bytes = makePasswdSalt(string, salt);
+ // padded with zero-valued octets to a multiple of eight octets.
+ paddedBytes = BytesUtil.padding(bytes, 8);
+ }
- int blocksOfbytes8 = paddedBytes.length / keySize;
+ int blocksOfbytes8 = paddedBytes.length / 8;
boolean odd = true;
byte[] bits56 = new byte[8];
byte[] tempString = new byte[8];
@@ -92,16 +106,27 @@ public class DesKeyMaker extends AbstractKeyMaker {
if (odd) {
reverse(bits56);
}
- odd = ! odd;
+ odd = !odd;
BytesUtil.xor(bits56, 0, tempString);
}
- byte[] keyBytes = addParityBits(tempString);
+ return tempString;
+ }
+
+ /**
+ * Visible for test
+ */
+ public static byte[] intermediateKey(byte[] fanFoldedKey) {
+ byte[] keyBytes = addParityBits(fanFoldedKey);
keyCorrection(keyBytes);
+ return keyBytes;
+ }
+
+ private byte[] desEncryptedKey(byte[] intermediateKey, byte[] originalBytes) throws KrbException {
byte[] resultKey = null;
if (encProvider().supportCbcMac()) {
- resultKey = encProvider().cbcMac(keyBytes, keyBytes, paddedBytes);
+ resultKey = encProvider().cbcMac(intermediateKey, intermediateKey, originalBytes);
} else {
throw new KrbException("cbcMac should be supported by the provider: "
+ encProvider().getClass());
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/33cde404/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
new file mode 100644
index 0000000..3027e6c
--- /dev/null
+++ b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
@@ -0,0 +1,59 @@
+package org.apache.kerberos.kerb.crypto;
+
+import org.apache.kerberos.kerb.crypto.key.DesKeyMaker;
+import org.haox.util.HexUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class DesKeyMakerTest {
+
+ /**
+ * The class used to store the test values
+ */
+ private static class TestCase {
+ String salt;
+ String passwd;
+ String passwdSaltBytes;
+ String fanFoldedKey;
+ String intermediateKey;
+ String finalKey;
+
+ private TestCase(String salt, String passwd, String passwdSaltBytes,
+ String fanFoldedKey, String intermediateKey, String finalKey) {
+ this.salt = salt;
+ this.passwd = passwd;
+ this.passwdSaltBytes = passwdSaltBytes;
+ this.fanFoldedKey = fanFoldedKey;
+ this.intermediateKey = intermediateKey;
+ this.finalKey = finalKey;
+ }
+ }
+
+ /**
+ * Actually do the test
+ */
+ private void test(TestCase tc) {
+ byte[] expectedValue = HexUtil.hex2bytes(tc.passwdSaltBytes);
+ byte[] value = DesKeyMaker.makePasswdSalt(tc.passwd, tc.salt);
+ Assert.assertArrayEquals("PasswdSalt bytes", expectedValue, value);
+
+ expectedValue = HexUtil.hex2bytes(tc.fanFoldedKey);
+ value = DesKeyMaker.fanFold(tc.salt, tc.passwd, null);
+ Assert.assertArrayEquals("FanFold result", expectedValue, value);
+
+ expectedValue = HexUtil.hex2bytes(tc.intermediateKey);
+ value = DesKeyMaker.intermediateKey(value);
+ Assert.assertArrayEquals("IntermediateKey result", expectedValue, value);
+
+ // finalKey check ignored here and it's done in String2keyTest.
+ }
+
+ @Test
+ public void testCase1() {
+ TestCase tc = new TestCase("ATHENA.MIT.EDUraeburn",
+ "password", "70617373776f7264415448454e412e4d49542e4544557261656275726e",
+ "c01e38688ac86c2e", "c11f38688ac86d2f", "cbc22fae235298e3");
+
+ test(tc);
+ }
+}