masqmail-0.2

annotate src/md5/hmactest.c @ 184:b3835b6b834b

Security fix! Correct handling of seteuid() return value See Debian bug #638002, reported by John Lightsey. When possible the (already available) set_euidgid() function is used. Additionally, it is unnecessary to change the identity when writing into an already open file descriptor. This should fix the problem.
author markus schnalke <meillo@marmaro.de>
date Sat, 27 Aug 2011 18:00:40 +0200
parents 52c82d755215
children
rev   line source
meillo@0 1 #include <stdio.h>
meillo@0 2 #include <stdlib.h>
meillo@0 3 #include <sys/time.h>
meillo@0 4 #include <string.h>
meillo@0 5 #include "md5.h"
meillo@0 6 #include "hmac_md5.h"
meillo@0 7
meillo@165 8 /*
meillo@165 9 instead of pad0_copy(d, s, sz) use:
meillo@165 10 memset(d, 0, sz);
meillo@165 11 memcpy(d, s, strlen(s));
meillo@165 12
meillo@10 13 static void
meillo@10 14 pad0_copy(char *d, char *s, int sz)
meillo@0 15 {
meillo@10 16 int i = 0;
meillo@10 17 while (*s && (i < sz)) {
meillo@10 18 *(d++) = *(s++);
meillo@10 19 i++;
meillo@10 20 }
meillo@10 21 while (i <= sz) {
meillo@10 22 *(d++) = 0;
meillo@10 23 i++;
meillo@10 24 }
meillo@0 25 }
meillo@165 26 */
meillo@0 27
meillo@10 28 int
meillo@10 29 main()
meillo@0 30 {
meillo@10 31 int i;
meillo@10 32 char digest[16];
meillo@10 33 char *msgid = "<1896.697170952@postoffice.reston.mci.net>";
meillo@10 34 char secret[65];
meillo@0 35
meillo@165 36
meillo@10 37 hmac_md5("<48157.953508124@mail.class-c.net>", 34, "no!SpamAtAll", 12, digest);
meillo@10 38 for (i = 0; i < 16; i++)
meillo@165 39 printf("%.2x", 0xFF & (unsigned int) digest[i]);
meillo@165 40 printf("\n\n");
meillo@165 41
meillo@165 42
meillo@165 43 puts("---- The next two should be equal");
meillo@165 44
meillo@0 45
meillo@10 46 hmac_md5(msgid, strlen(msgid), "tanstaaftanstaaf", 16, digest);
meillo@10 47 for (i = 0; i < 16; i++)
meillo@165 48 printf("%.2x", 0xFF & (unsigned int) digest[i]);
meillo@165 49 printf("\n\n");
meillo@0 50
meillo@165 51
meillo@165 52 /* pad0_copy(secret, "tanstaaftanstaaf", 64); */
meillo@165 53 /* let's do it easier ... */
meillo@165 54 memset(secret, 0, sizeof(secret));
meillo@165 55 memcpy(secret, "tanstaaftanstaaf", 16);
meillo@10 56 hmac_md5(msgid, strlen(msgid), secret, 64, digest);
meillo@10 57 for (i = 0; i < 16; i++)
meillo@165 58 printf("%.2x", 0xFF & (unsigned int) digest[i]);
meillo@165 59 printf("\n\n");
meillo@165 60
meillo@165 61
meillo@165 62 puts("---- Following are the test vectors from RFC 2104");
meillo@165 63
meillo@165 64
meillo@165 65 char* d01 = "Hi There";
meillo@165 66 char k01[16];
meillo@165 67 for (i=0; i<16; i++) {
meillo@165 68 k01[i] = 0x0b;
meillo@165 69 }
meillo@165 70 printf("9294727a3638bb1c13f48ef8158bfc9d (should be)\n");
meillo@165 71 hmac_md5(d01, strlen(d01), k01, sizeof(k01), digest);
meillo@165 72 for (i = 0; i < 16; i++) {
meillo@165 73 printf("%.2x", 0xFF & (unsigned int) digest[i]);
meillo@165 74 }
meillo@165 75 printf(" (was computed)\n\n");
meillo@165 76
meillo@165 77
meillo@165 78 char* d02 = "what do ya want for nothing?";
meillo@165 79 char* k02 = "Jefe";
meillo@165 80 printf("750c783e6ab0b503eaa86e310a5db738 (should be)\n");
meillo@165 81 hmac_md5(d02, strlen(d02), k02, strlen(k02), digest);
meillo@165 82 for (i = 0; i < 16; i++) {
meillo@165 83 printf("%.2x", 0xFF & (unsigned int) digest[i]);
meillo@165 84 }
meillo@165 85 printf(" (was computed)\n\n");
meillo@165 86
meillo@165 87
meillo@165 88 char d03[50];
meillo@165 89 for (i=0; i<sizeof(d03); i++) {
meillo@165 90 d03[i] = 0xdd;
meillo@165 91 }
meillo@165 92 char k03[16];
meillo@165 93 for (i=0; i<sizeof(k03); i++) {
meillo@165 94 k03[i] = 0xaa;
meillo@165 95 }
meillo@165 96 printf("56be34521d144c88dbb8c733f0e8b3f6 (should be)\n");
meillo@165 97 hmac_md5(d03, sizeof(d03), k03, sizeof(k03), digest);
meillo@165 98 for (i = 0; i < 16; i++) {
meillo@165 99 printf("%.2x", 0xFF & (unsigned int) digest[i]);
meillo@165 100 }
meillo@165 101 printf(" (was computed)\n\n");
meillo@0 102
meillo@10 103 exit(0);
meillo@0 104 }