Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp1069700rwb; Fri, 13 Jan 2023 07:35:02 -0800 (PST) X-Google-Smtp-Source: AMrXdXuqyAhFD8kxJsZpbdFqRNmbT4q8FrAFgni3pBV+SB/Xu8uGjzqXpHgIgaWhRYelXJqzEIQj X-Received: by 2002:a17:907:c007:b0:7ae:1724:88dd with SMTP id ss7-20020a170907c00700b007ae172488ddmr75551611ejc.73.1673624102627; Fri, 13 Jan 2023 07:35:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673624102; cv=none; d=google.com; s=arc-20160816; b=O8nZdY2Z4LBKsgZosxXZat+9Z7yuRIVcd0eqvcv/NNhSufzQqMm1ZuMGyHN/CqarwG tt3Z0rc5u57LLZegVrp4hm+3IJi3n4VVMz1QWe+hJvNV9ZcEGfZtVQJpVnNF9bgvwsxX LyD4C4qMHFqcyIuQabJOl0sGdQz2ocAlAbhY/A+E3y6s0BGNaI7LCKGTTNGcvxQXMORc R3ky5JKGo9EbtRW5tzzBubcRZasQ+lv82IVj74x0EbfuODVvIT3gCaCL9c4s/0/dNWtq l8jpR7ugJf+Z+JN481LUQeKNMapeQoAd8r0PTOZl+2Zcz9imOcAYGLL9P4qgjLSmg7bd NEog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:cc:to:from :subject:dkim-signature; bh=XXIF4QBNhrHppN1W7iUukXyGu5RP+KoSk1TxvAqO11U=; b=xF9PZNJ/5pMBjQRtb6MDs4m9mNI6H5ZuJmnphNr1saWHgvPGg2AbbRWZb06OMmRRfm QN4YzPCyhYnpdnJG03WVDyMAHresQgMCdYZluC9lfS4U59xXxq6XI5TrzRQ2DHeJR09B ULmW+HfwQWn/u2BsqVSQHTxhPXpLuw/97dkhQlwPXwU1KtF8FH3f4PczSl+bKl6QL7lp sGZxAPctlFqKzyoO02ePgc+fxZbFzCd44/F41FxbwDJiPEaQEFXwnHyO7/xUFKWrFNwc nvjwBFeWYNea8QXaNE+LufwAa1nqifQr8Te2Y9WAC3chxL3/zs9HpFmo1eGnQAuIlMOM HGPA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NTtlIJvC; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id xj4-20020a170906db0400b0084c3ce2f3dasi22147347ejb.738.2023.01.13.07.34.38; Fri, 13 Jan 2023 07:35:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NTtlIJvC; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229599AbjAMPc4 (ORCPT + 99 others); Fri, 13 Jan 2023 10:32:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52012 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230259AbjAMPb7 (ORCPT ); Fri, 13 Jan 2023 10:31:59 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4378A7BCF7 for ; Fri, 13 Jan 2023 07:25:38 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id F01ABB8217A for ; Fri, 13 Jan 2023 15:25:36 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5A651C433EF; Fri, 13 Jan 2023 15:25:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1673623535; bh=g8WJ6fhL8jNraM89KSl6j4lzOWM+L9xF2xxiCmeUPR4=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=NTtlIJvCg03sqNQ6CDLDvvMOYPx6RgBxyPR10n6006gzvVMuMgSpDhQ3qj+RQDsNz tBHe9h8Em0hWtSXFfC3qhnQ7cH+8NSCilt5QGW8Blfq6YJp3XTovXTrHveajw65rnG tv8whQ7FFeCWR1/U9YfFaXmB65/Kp/wFDznABuJHQyXm8UMb0Lv2A9fA9YCHBdm3IU MVTaHJnAs2lpaF2hIZ7Kd4Ska6TujQLXWp3LAIu2Fzij6lcVO5Ft/IvInxVceftk5A zmo9EfY80yTASq8KE8M+lzeFWe1kmsoyRQ5vciMq8isNjkEWbFK46E2KIf0Qtp+Gd8 g4M+Nu889UXnw== Subject: [PATCH v1 39/41] SUNRPC: Add RFC 8009 checksum KUnit tests From: Chuck Lever To: linux-nfs@vger.kernel.org Cc: dhowells@redhat.com, simo@redhat.com Date: Fri, 13 Jan 2023 10:25:34 -0500 Message-ID: <167362353459.8960.14610209769312450607.stgit@bazille.1015granger.net> In-Reply-To: <167362164696.8960.16701168753472560115.stgit@bazille.1015granger.net> References: <167362164696.8960.16701168753472560115.stgit@bazille.1015granger.net> User-Agent: StGit/1.5 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Chuck Lever RFC 8009 provides sample checksum results. Add KUnit tests to ensure our implementation derives the expected results for the provided sample input. Tested-by: Scott Mayhew Signed-off-by: Chuck Lever --- net/sunrpc/auth_gss/gss_krb5_test.c | 53 +++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/net/sunrpc/auth_gss/gss_krb5_test.c b/net/sunrpc/auth_gss/gss_krb5_test.c index ad4737b60b56..0399f8338066 100644 --- a/net/sunrpc/auth_gss/gss_krb5_test.c +++ b/net/sunrpc/auth_gss/gss_krb5_test.c @@ -1514,12 +1514,65 @@ static const struct gss_krb5_test_param rfc8009_kdf_test_params[] = { /* Creates the function rfc8009_kdf_gen_params */ KUNIT_ARRAY_PARAM(rfc8009_kdf, rfc8009_kdf_test_params, gss_krb5_get_desc); +/* + * From RFC 8009 Appendix A. Test Vectors + * + * These sample checksums use the above sample key derivation results, + * including use of the same base-key and key usage values. + * + * This test material is copyright (c) 2016 IETF Trust and the + * persons identified as the document authors. All rights reserved. + */ + +DEFINE_HEX_XDR_NETOBJ(rfc8009_checksum_plaintext, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14 +); +DEFINE_HEX_XDR_NETOBJ(rfc8009_checksum_test1_expected_result, + 0xd7, 0x83, 0x67, 0x18, 0x66, 0x43, 0xd6, 0x7b, + 0x41, 0x1c, 0xba, 0x91, 0x39, 0xfc, 0x1d, 0xee +); +DEFINE_HEX_XDR_NETOBJ(rfc8009_checksum_test2_expected_result, + 0x45, 0xee, 0x79, 0x15, 0x67, 0xee, 0xfc, 0xa3, + 0x7f, 0x4a, 0xc1, 0xe0, 0x22, 0x2d, 0xe8, 0x0d, + 0x43, 0xc3, 0xbf, 0xa0, 0x66, 0x99, 0x67, 0x2a +); + +static const struct gss_krb5_test_param rfc8009_checksum_test_params[] = { + { + .desc = "Checksum with aes128-cts-hmac-sha256-128", + .enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128, + .base_key = &aes128_cts_hmac_sha256_128_basekey, + .usage = &usage_checksum, + .plaintext = &rfc8009_checksum_plaintext, + .expected_result = &rfc8009_checksum_test1_expected_result, + }, + { + .desc = "Checksum with aes256-cts-hmac-sha384-192", + .enctype = ENCTYPE_AES256_CTS_HMAC_SHA384_192, + .base_key = &aes256_cts_hmac_sha384_192_basekey, + .usage = &usage_checksum, + .plaintext = &rfc8009_checksum_plaintext, + .expected_result = &rfc8009_checksum_test2_expected_result, + }, +}; + +/* Creates the function rfc8009_checksum_gen_params */ +KUNIT_ARRAY_PARAM(rfc8009_checksum, rfc8009_checksum_test_params, + gss_krb5_get_desc); + static struct kunit_case rfc8009_test_cases[] = { { .name = "RFC 8009 key derivation", .run_case = kdf_case, .generate_params = rfc8009_kdf_gen_params, }, + { + .name = "RFC 8009 checksum", + .run_case = checksum_case, + .generate_params = rfc8009_checksum_gen_params, + }, }; static struct kunit_suite rfc8009_suite = {