static void fooTicket(void) { krb5_error_code ret; krb5_data data; size_t size; Ticket t; t.tkt_vno = 5; t.realm = "SU.SE"; t.sname.name_type = KRB5_NT_PRINCIPAL; t.sname.name_string.len = 1; t.sname.name_string.val = ecalloc(1, sizeof(t.sname.name_string.val[0])); t.sname.name_string.val[0] = estrdup("lha"); t.enc_part.etype = ETYPE_AES256_CTS_HMAC_SHA1_96; t.enc_part.kvno = NULL; t.enc_part.cipher.length = 6; t.enc_part.cipher.data = "hejhej"; ASN1_MALLOC_ENCODE(Ticket, data.data, data.length, &t, &size, ret); if (ret) errx(1, "ASN1_MALLOC_ENCODE(Ticket)"); rk_dumpdata("foo", data.data, data.length); free(data.data); }
static void slave_status(krb5_context context, const char *file, const char *fmt, ...) { char *status; char *fmt2; va_list args; int len; if (asprintf(&fmt2, "%s\n", fmt) == -1 || fmt2 == NULL) { (void) unlink(file); return; } va_start(args, fmt); len = vasprintf(&status, fmt2, args); free(fmt2); va_end(args); if (len < 0 || status == NULL) { (void) unlink(file); return; } krb5_warnx(context, "slave status change: %s", status); rk_dumpdata(file, status, len); free(status); }
int _hx509_write_file(const char *fn, const void *data, size_t length) { rk_dumpdata(fn, data, length); return 0; }
static int p12_store(hx509_context context, hx509_certs certs, void *data, int flags, hx509_lock lock) { struct ks_pkcs12 *p12 = data; PKCS12_PFX pfx; PKCS12_AuthenticatedSafe as; PKCS12_OctetString asdata; size_t size; int ret; memset(&as, 0, sizeof(as)); memset(&pfx, 0, sizeof(pfx)); ret = hx509_certs_iter_f(context, p12->certs, store_func, &as); if (ret) goto out; ASN1_MALLOC_ENCODE(PKCS12_AuthenticatedSafe, asdata.data, asdata.length, &as, &size, ret); free_PKCS12_AuthenticatedSafe(&as); if (ret) return ret; ret = der_parse_hex_heim_integer("03", &pfx.version); if (ret) { free(asdata.data); goto out; } pfx.authSafe.content = calloc(1, sizeof(*pfx.authSafe.content)); ASN1_MALLOC_ENCODE(PKCS12_OctetString, pfx.authSafe.content->data, pfx.authSafe.content->length, &asdata, &size, ret); free(asdata.data); if (ret) goto out; ret = der_copy_oid(&asn1_oid_id_pkcs7_data, &pfx.authSafe.contentType); if (ret) goto out; ASN1_MALLOC_ENCODE(PKCS12_PFX, asdata.data, asdata.length, &pfx, &size, ret); if (ret) goto out; #if 0 const struct _hx509_password *pw; pw = _hx509_lock_get_passwords(lock); if (pw != NULL) { pfx.macData = calloc(1, sizeof(*pfx.macData)); if (pfx.macData == NULL) { ret = ENOMEM; hx509_set_error_string(context, 0, ret, "malloc out of memory"); return ret; } if (pfx.macData == NULL) { free(asdata.data); goto out; } } ret = calculate_hash(&aspath, pw, pfx.macData); #endif rk_dumpdata(p12->fn, asdata.data, asdata.length); free(asdata.data); out: free_PKCS12_AuthenticatedSafe(&as); free_PKCS12_PFX(&pfx); return ret; }
int main(int argc, char **argv) { int idx = 0; char *buffer; char path[MAXPATHLEN]; setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx)) usage(1); if (help_flag) usage(0); if(version_flag){ print_version(NULL); exit(0); } argc -= idx; argv += idx; if (argc != 0) usage(1); buffer = emalloc(len); if (rand_method) { if (0) { } #ifndef NO_RAND_FORTUNA_METHOD else if (strcasecmp(rand_method, "fortuna") == 0) RAND_set_rand_method(RAND_fortuna_method()); #endif #ifndef NO_RAND_UNIX_METHOD else if (strcasecmp(rand_method, "unix") == 0) RAND_set_rand_method(RAND_unix_method()); #endif #ifndef NO_RAND_EGD_METHOD else if (strcasecmp(rand_method, "egd") == 0) RAND_set_rand_method(RAND_egd_method()); #endif #ifdef WIN32 else if (strcasecmp(rand_method, "w32crypto") == 0) RAND_set_rand_method(RAND_w32crypto_method()); #endif else errx(1, "unknown method %s", rand_method); } if (RAND_file_name(path, sizeof(path)) == NULL) errx(1, "RAND_file_name failed"); if (RAND_status() != 1) errx(1, "random not ready yet"); if (RAND_bytes(buffer, len) != 1) errx(1, "RAND_bytes"); if (filename) rk_dumpdata(filename, buffer, len); /* head vs tail */ if (len >= 100000) { int bit, i; double res; int bits[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; for (i = 0; i < len; i++) { unsigned char c = ((unsigned char *)buffer)[i]; for (bit = 0; bit < 8 && c; bit++) { if (c & 1) bits[bit]++; c = c >> 1; } } for (bit = 0; bit < 8; bit++) { res = ((double)abs(len - bits[bit] * 2)) / (double)len; if (res > 0.005) errx(1, "head%d vs tail%d > 0.5%%%% %lf == %d vs %d", bit, bit, res, len, bits[bit]); printf("head vs tails bit%d: %lf\n", bit, res); } }
int main(int argc, char **argv) { int idx = 0; char *buffer; char path[MAXPATHLEN]; setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx)) usage(1); if (help_flag) usage(0); if(version_flag){ print_version(NULL); exit(0); } if (argc != idx) usage(1); buffer = emalloc(len); if (rand_method) { if (0) { } #ifndef NO_RAND_FORTUNA_METHOD else if (strcasecmp(rand_method, "fortuna") == 0) RAND_set_rand_method(RAND_fortuna_method()); #endif #ifndef NO_RAND_UNIX_METHOD else if (strcasecmp(rand_method, "unix") == 0) RAND_set_rand_method(RAND_unix_method()); #endif #ifdef WIN32 else if (strcasecmp(rand_method, "w32crypto") == 0) RAND_set_rand_method(RAND_w32crypto_method()); #endif else errx(1, "unknown method %s", rand_method); } if (RAND_file_name(path, sizeof(path)) == NULL) errx(1, "RAND_file_name failed"); if (RAND_status() != 1) errx(1, "random not ready yet"); if (RAND_bytes(buffer, len) != 1) errx(1, "RAND_bytes"); if (filename) rk_dumpdata(filename, buffer, len); /* head vs tail */ if (len >= 100000) { unsigned bytes[256]; unsigned bits[8]; size_t bit, i; double res; double slen = sqrt((double)len); memset(bits, 0, sizeof(bits)); memset(bytes, 0, sizeof(bytes)); for (i = 0; i < len; i++) { unsigned char c = ((unsigned char *)buffer)[i]; bytes[c]++; for (bit = 0; bit < 8 && c; bit++) { if (c & 1) bits[bit]++; c = c >> 1; } } /* * The count for each bit value has a mean of n*p = len/2, * and a standard deviation of sqrt(n*p*q) ~ sqrt(len/4). * Normalizing by dividing by "n*p", we get a mean of 1 and * a standard deviation of sqrt(q/n*p) = 1/sqrt(len). * * A 5.33-sigma event happens 1 time in 10 million. * A 5.73-sigma event happens 1 time in 100 million. * A 6.11-sigma event happens 1 time in 1000 million. * * We tolerate 5.33-sigma events (we have 8 not entirely * independent chances of skewed results) and want to fail * with a good RNG less often than 1 time in million. */ for (bit = 0; bit < 8; bit++) { res = slen * fabs(1.0 - 2 * (double)bits[bit] / len); if (res > 5.33) errx(1, "head%d vs tail%d: %.1f-sigma (%d of %d)", (int)bit, (int)bit, res, bits[bit], len); printf("head vs tails bit%d: %f-sigma\n", (int)bit, res); } /* * The count of each byte value has a mean of n*p = len/256, * and a standard deviation of sqrt(n*p*q) ~ sqrt(len/256). * Normalizing by dividing by "n*p", we get a mean of 1 and * a standard deviation of sqrt(q/n*p) ~ 16/sqrt(len). * * We tolerate 5.73-sigma events (we have 256 not entirely * independent chances of skewed results). Note, for example, * a 5.2-sigma event was observed in ~5,000 runs. */ for (i = 0; i < 256; i++) { res = (slen / 16) * fabs(1.0 - 256 * (double)bytes[i] / len); if (res > 5.73) errx(1, "byte %d: %.1f-sigma (%d of %d)", (int) i, res, bytes[i], len); printf("byte %d: %f-sigma\n", (int)i, res); } }
int generic_test (const struct test_case *tests, unsigned ntests, size_t data_size, int (ASN1CALL *encode)(unsigned char *, size_t, void *, size_t *), int (ASN1CALL *length)(void *), int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *), int (ASN1CALL *free_data)(void *), int (*cmp)(void *a, void *b), int (ASN1CALL *copy)(const void *from, void *to)) { unsigned char *buf, *buf2; int i; int failures = 0; void *data; struct map_page *data_map, *buf_map, *buf2_map; #ifdef HAVE_SIGACTION struct sigaction sa, osa; #endif for (i = 0; i < ntests; ++i) { int ret; size_t sz, consumed_sz, length_sz, buf_sz; void *to = NULL; current_test = tests[i].name; current_state = "init"; #ifdef HAVE_SIGACTION sigemptyset (&sa.sa_mask); sa.sa_flags = 0; #ifdef SA_RESETHAND sa.sa_flags |= SA_RESETHAND; #endif sa.sa_handler = segv_handler; sigaction (SIGSEGV, &sa, &osa); #endif data = map_alloc(OVERRUN, NULL, data_size, &data_map); buf_sz = tests[i].byte_len; buf = map_alloc(UNDERRUN, NULL, buf_sz, &buf_map); current_state = "encode"; ret = (*encode) (buf + buf_sz - 1, buf_sz, tests[i].val, &sz); if (ret != 0) { printf ("encoding of %s failed %d\n", tests[i].name, ret); ++failures; continue; } if (sz != tests[i].byte_len) { printf ("encoding of %s has wrong len (%lu != %lu)\n", tests[i].name, (unsigned long)sz, (unsigned long)tests[i].byte_len); ++failures; continue; } current_state = "length"; length_sz = (*length) (tests[i].val); if (sz != length_sz) { printf ("length for %s is bad (%lu != %lu)\n", tests[i].name, (unsigned long)length_sz, (unsigned long)sz); ++failures; continue; } current_state = "memcmp"; if (memcmp (buf, tests[i].bytes, tests[i].byte_len) != 0) { printf ("encoding of %s has bad bytes:\n" "correct: ", tests[i].name); print_bytes ((unsigned char *)tests[i].bytes, tests[i].byte_len); printf ("\nactual: "); print_bytes (buf, sz); printf ("\n"); #if 0 rk_dumpdata("correct", tests[i].bytes, tests[i].byte_len); rk_dumpdata("actual", buf, sz); exit (1); #endif ++failures; continue; } buf2 = map_alloc(OVERRUN, buf, sz, &buf2_map); current_state = "decode"; ret = (*decode) (buf2, sz, data, &consumed_sz); if (ret != 0) { printf ("decoding of %s failed %d\n", tests[i].name, ret); ++failures; continue; } if (sz != consumed_sz) { printf ("different length decoding %s (%ld != %ld)\n", tests[i].name, (unsigned long)sz, (unsigned long)consumed_sz); ++failures; continue; } current_state = "cmp"; if ((*cmp)(data, tests[i].val) != 0) { printf ("%s: comparison failed\n", tests[i].name); ++failures; continue; } current_state = "copy"; if (copy) { to = emalloc(data_size); ret = (*copy)(data, to); if (ret != 0) { printf ("copy of %s failed %d\n", tests[i].name, ret); ++failures; continue; } current_state = "cmp-copy"; if ((*cmp)(data, to) != 0) { printf ("%s: copy comparison failed\n", tests[i].name); ++failures; continue; } } current_state = "free"; if (free_data) { (*free_data)(data); if (to) { (*free_data)(to); free(to); } } current_state = "free"; map_free(buf_map, tests[i].name, "encode"); map_free(buf2_map, tests[i].name, "decode"); map_free(data_map, tests[i].name, "data"); #ifdef HAVE_SIGACTION sigaction (SIGSEGV, &osa, NULL); #endif } current_state = "done"; return failures; }