You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/11/24 04:45:29 UTC
svn commit: r597792 - in
/directory/apacheds/branches/bigbang/kerberos-shared/src:
main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/
test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/
Author: erodriguez
Date: Fri Nov 23 19:45:27 2007
New Revision: 597792
URL: http://svn.apache.org/viewvc?rev=597792&view=rev
Log:
Corrected padding algorithm error in DES encryption types (DIRSERVER-1100):
o Corrected padding algorithm error in DesCbcCrcEncryption.
o Also corrected padding algorithm error in DesCbcMd5Encryption, however algorithm error had no effect.
o Added new test cases for above encryption types.
Added:
directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java (with props)
directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java (with props)
Modified:
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java?rev=597792&r1=597791&r2=597792&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java Fri Nov 23 19:45:27 2007
@@ -123,10 +123,9 @@
// build the ciphertext structure
byte[] conFounder = getRandomBytes( getConfounderLength() );
byte[] zeroedChecksum = new byte[getChecksumLength()];
- byte[] paddedPlainText = padString( plainText );
- byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
- byte[] checksumBytes = calculateIntegrity( dataBytes, null, usage );
+ byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, plainText ) );
byte[] paddedDataBytes = padString( dataBytes );
+ byte[] checksumBytes = calculateIntegrity( paddedDataBytes, null, usage );
// lay the checksum into the ciphertext
for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java?rev=597792&r1=597791&r2=597792&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java Fri Nov 23 19:45:27 2007
@@ -115,10 +115,9 @@
// build the ciphertext structure
byte[] conFounder = getRandomBytes( getConfounderLength() );
byte[] zeroedChecksum = new byte[getChecksumLength()];
- byte[] paddedPlainText = padString( plainText );
- byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
- byte[] checksumBytes = calculateIntegrity( dataBytes, null, usage );
+ byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, plainText ) );
byte[] paddedDataBytes = padString( dataBytes );
+ byte[] checksumBytes = calculateIntegrity( paddedDataBytes, null, usage );
// lay the checksum into the ciphertext
for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
Added: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java?rev=597792&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java (added)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java Fri Nov 23 19:45:27 2007
@@ -0,0 +1,124 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import junit.framework.TestCase;
+
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * Test case for the DES-CBC-CRC encryption type.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class DesCbcCrcEncryptionTest extends TestCase
+{
+ private static final char[] PASSWORD = "password".toCharArray();
+
+
+ /**
+ * Test successful encryption and decryption when the plaintext size is less than the block size.
+ *
+ * @throws Exception
+ */
+ public void testPlainTextSizeLessThanBlockSize() throws Exception
+ {
+ KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" );
+ byte[] keyBytes = key.getEncoded();
+ EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_CRC, keyBytes );
+
+ byte[] plainText =
+ { 1, 2, 3, 4, 5, 6, 7 };
+
+ DesCbcCrcEncryption encryption = new DesCbcCrcEncryption();
+ EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null );
+
+ byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null );
+
+ assertTrue( beginsWith( plainText, recoveredText ) );
+ }
+
+
+ /**
+ * Test successful encryption and decryption when the plaintext size equals the block size.
+ *
+ * @throws Exception
+ */
+ public void testPlainTextSizeEqualsBlockSize() throws Exception
+ {
+ KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" );
+ byte[] keyBytes = key.getEncoded();
+ EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_CRC, keyBytes );
+
+ byte[] plainText =
+ { 1, 2, 3, 4, 5, 6, 7, 8 };
+
+ DesCbcCrcEncryption encryption = new DesCbcCrcEncryption();
+ EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null );
+
+ byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null );
+
+ assertTrue( beginsWith( plainText, recoveredText ) );
+ }
+
+
+ /**
+ * Test successful encryption and decryption when the plaintext size is greater than the block size.
+ *
+ * @throws Exception
+ */
+ public void testPlainTextSizeGreaterThanBlockSize() throws Exception
+ {
+ KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" );
+ byte[] keyBytes = key.getEncoded();
+ EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_CRC, keyBytes );
+
+ byte[] plainText =
+ { 1, 2, 3, 4, 5, 6, 7, 8, 9 };
+
+ DesCbcCrcEncryption encryption = new DesCbcCrcEncryption();
+ EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null );
+
+ byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null );
+
+ assertTrue( beginsWith( plainText, recoveredText ) );
+ }
+
+
+ private boolean beginsWith( byte[] plainText, byte[] recoveredText )
+ {
+ for ( int i = 0; i < plainText.length; i++ )
+ {
+ if ( plainText[i] != recoveredText[i] )
+ {
+ return false;
+ }
+ }
+
+ return true;
+ }
+}
Propchange: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryptionTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java?rev=597792&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java (added)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java Fri Nov 23 19:45:27 2007
@@ -0,0 +1,124 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import junit.framework.TestCase;
+
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * Test case for the DES-CBC-MD5 encryption type.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class DesCbcMd5EncryptionTest extends TestCase
+{
+ private static final char[] PASSWORD = "password".toCharArray();
+
+
+ /**
+ * Test successful encryption and decryption when the plaintext size is less than the block size.
+ *
+ * @throws Exception
+ */
+ public void testPlainTextSizeLessThanBlockSize() throws Exception
+ {
+ KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" );
+ byte[] keyBytes = key.getEncoded();
+ EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes );
+
+ byte[] plainText =
+ { 1, 2, 3, 4, 5, 6, 7 };
+
+ DesCbcMd5Encryption encryption = new DesCbcMd5Encryption();
+ EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null );
+
+ byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null );
+
+ assertTrue( beginsWith( plainText, recoveredText ) );
+ }
+
+
+ /**
+ * Test successful encryption and decryption when the plaintext size equals the block size.
+ *
+ * @throws Exception
+ */
+ public void testPlainTextSizeEqualsBlockSize() throws Exception
+ {
+ KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" );
+ byte[] keyBytes = key.getEncoded();
+ EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes );
+
+ byte[] plainText =
+ { 1, 2, 3, 4, 5, 6, 7, 8 };
+
+ DesCbcMd5Encryption encryption = new DesCbcMd5Encryption();
+ EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null );
+
+ byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null );
+
+ assertTrue( beginsWith( plainText, recoveredText ) );
+ }
+
+
+ /**
+ * Test successful encryption and decryption when the plaintext size is greater than the block size.
+ *
+ * @throws Exception
+ */
+ public void testPlainTextSizeGreaterThanBlockSize() throws Exception
+ {
+ KerberosKey key = new KerberosKey( new KerberosPrincipal( "hnelson@EXAMPLE.COM" ), PASSWORD, "DES" );
+ byte[] keyBytes = key.getEncoded();
+ EncryptionKey encryptionKey = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes );
+
+ byte[] plainText =
+ { 1, 2, 3, 4, 5, 6, 7, 8, 9 };
+
+ DesCbcMd5Encryption encryption = new DesCbcMd5Encryption();
+ EncryptedData encryptedData = encryption.getEncryptedData( encryptionKey, plainText, null );
+
+ byte[] recoveredText = encryption.getDecryptedData( encryptionKey, encryptedData, null );
+
+ assertTrue( beginsWith( plainText, recoveredText ) );
+ }
+
+
+ private boolean beginsWith( byte[] plainText, byte[] recoveredText )
+ {
+ for ( int i = 0; i < plainText.length; i++ )
+ {
+ if ( plainText[i] != recoveredText[i] )
+ {
+ return false;
+ }
+ }
+
+ return true;
+ }
+}
Propchange: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5EncryptionTest.java
------------------------------------------------------------------------------
svn:eol-style = native