зеркало из https://github.com/github/putty.git
Add comprehensive DES test vectors.
I found some that look pretty good - in particular exercising every entry in every S-box. These will come in useful when I finish writing a replacement for the venerable current DES implementation.
This commit is contained in:
Родитель
9f530d8c55
Коммит
f71dce662e
|
@ -977,6 +977,151 @@ class standard_test_vectors(MyTestBase):
|
||||||
vector('aes256', fullkey[:32], plaintext,
|
vector('aes256', fullkey[:32], plaintext,
|
||||||
unhex('8ea2b7ca516745bfeafc49904b496089'))
|
unhex('8ea2b7ca516745bfeafc49904b496089'))
|
||||||
|
|
||||||
|
def testDES(self):
|
||||||
|
c = ssh2_cipher_new("des")
|
||||||
|
def vector(key, plaintext, ciphertext):
|
||||||
|
key = unhex(key)
|
||||||
|
plaintext = unhex(plaintext)
|
||||||
|
ciphertext = unhex(ciphertext)
|
||||||
|
|
||||||
|
# Similarly to above, we fake DES ECB by using DES CBC and
|
||||||
|
# resetting the IV to zero all the time
|
||||||
|
ssh2_cipher_setkey(c, key)
|
||||||
|
ssh2_cipher_setiv(c, b'\x00' * 8)
|
||||||
|
self.assertEqualBin(ssh2_cipher_encrypt(c, plaintext), ciphertext)
|
||||||
|
ssh2_cipher_setiv(c, b'\x00' * 8)
|
||||||
|
self.assertEqualBin(ssh2_cipher_decrypt(c, ciphertext), plaintext)
|
||||||
|
|
||||||
|
# Source: FIPS SP PUB 500-20
|
||||||
|
|
||||||
|
# 'Initial permutation and expansion tests': key fixed at 8
|
||||||
|
# copies of the byte 01, but ciphertext and plaintext in turn
|
||||||
|
# run through all possible values with exactly 1 bit set.
|
||||||
|
# Expected plaintexts and ciphertexts (respectively) listed in
|
||||||
|
# the arrays below.
|
||||||
|
ipe_key = '01' * 8
|
||||||
|
ipe_plaintexts = [
|
||||||
|
'166B40B44ABA4BD6', '06E7EA22CE92708F', 'D2FD8867D50D2DFE', 'CC083F1E6D9E85F6',
|
||||||
|
'5B711BC4CEEBF2EE', '0953E2258E8E90A1', 'E07C30D7E4E26E12', '2FBC291A570DB5C4',
|
||||||
|
'DD7C0BBD61FAFD54', '48221B9937748A23', 'E643D78090CA4207', '8405D1ABE24FB942',
|
||||||
|
'CE332329248F3228', '1D1CA853AE7C0C5F', '5D86CB23639DBEA9', '1029D55E880EC2D0',
|
||||||
|
'8DD45A2DDF90796C', 'CAFFC6AC4542DE31', 'EA51D3975595B86B', '8B54536F2F3E64A8',
|
||||||
|
'866ECEDD8072BB0E', '79E90DBC98F92CCA', 'AB6A20C0620D1C6F', '25EB5FC3F8CF0621',
|
||||||
|
'4D49DB1532919C9F', '814EEB3B91D90726', '5E0905517BB59BCF', 'CA3A2B036DBC8502',
|
||||||
|
'FA0752B07D9C4AB8', 'B160E4680F6C696F', 'DF98C8276F54B04B', 'E943D7568AEC0C5C',
|
||||||
|
'AEB5F5EDE22D1A36', 'E428581186EC8F46', 'E1652C6B138C64A5', 'D106FF0BED5255D7',
|
||||||
|
'9D64555A9A10B852', 'F02B263B328E2B60', '64FEED9C724C2FAF', '750D079407521363',
|
||||||
|
'FBE00A8A1EF8AD72', 'A484C3AD38DC9C19', '12A9F5817FF2D65D', 'E7FCE22557D23C97',
|
||||||
|
'329A8ED523D71AEC', 'E19E275D846A1298', '889DE068A16F0BE6', '2B9F982F20037FA9',
|
||||||
|
'F356834379D165CD', 'ECBFE3BD3F591A5E', 'E6D5F82752AD63D1', 'ADD0CC8D6E5DEBA1',
|
||||||
|
'F15D0F286B65BD28', 'B8061B7ECD9A21E5', '424250B37C3DD951', 'D9031B0271BD5A0A',
|
||||||
|
'0D9F279BA5D87260', '6CC5DEFAAF04512F', '55579380D77138EF', '20B9E767B2FB1456',
|
||||||
|
'4BD388FF6CD81D4F', '2E8653104F3834EA', 'DD7F121CA5015619', '95F8A5E5DD31D900',
|
||||||
|
]
|
||||||
|
ipe_ciphertexts = [
|
||||||
|
'166B40B44ABA4BD6', '06E7EA22CE92708F', 'D2FD8867D50D2DFE', 'CC083F1E6D9E85F6',
|
||||||
|
'5B711BC4CEEBF2EE', '0953E2258E8E90A1', 'E07C30D7E4E26E12', '2FBC291A570DB5C4',
|
||||||
|
'DD7C0BBD61FAFD54', '48221B9937748A23', 'E643D78090CA4207', '8405D1ABE24FB942',
|
||||||
|
'CE332329248F3228', '1D1CA853AE7C0C5F', '5D86CB23639DBEA9', '1029D55E880EC2D0',
|
||||||
|
'8DD45A2DDF90796C', 'CAFFC6AC4542DE31', 'EA51D3975595B86B', '8B54536F2F3E64A8',
|
||||||
|
'866ECEDD8072BB0E', '79E90DBC98F92CCA', 'AB6A20C0620D1C6F', '25EB5FC3F8CF0621',
|
||||||
|
'4D49DB1532919C9F', '814EEB3B91D90726', '5E0905517BB59BCF', 'CA3A2B036DBC8502',
|
||||||
|
'FA0752B07D9C4AB8', 'B160E4680F6C696F', 'DF98C8276F54B04B', 'E943D7568AEC0C5C',
|
||||||
|
'AEB5F5EDE22D1A36', 'E428581186EC8F46', 'E1652C6B138C64A5', 'D106FF0BED5255D7',
|
||||||
|
'9D64555A9A10B852', 'F02B263B328E2B60', '64FEED9C724C2FAF', '750D079407521363',
|
||||||
|
'FBE00A8A1EF8AD72', 'A484C3AD38DC9C19', '12A9F5817FF2D65D', 'E7FCE22557D23C97',
|
||||||
|
'329A8ED523D71AEC', 'E19E275D846A1298', '889DE068A16F0BE6', '2B9F982F20037FA9',
|
||||||
|
'F356834379D165CD', 'ECBFE3BD3F591A5E', 'E6D5F82752AD63D1', 'ADD0CC8D6E5DEBA1',
|
||||||
|
'F15D0F286B65BD28', 'B8061B7ECD9A21E5', '424250B37C3DD951', 'D9031B0271BD5A0A',
|
||||||
|
'0D9F279BA5D87260', '6CC5DEFAAF04512F', '55579380D77138EF', '20B9E767B2FB1456',
|
||||||
|
'4BD388FF6CD81D4F', '2E8653104F3834EA', 'DD7F121CA5015619', '95F8A5E5DD31D900',
|
||||||
|
]
|
||||||
|
ipe_single_bits = ["{:016x}".format(1 << bit) for bit in range(64)]
|
||||||
|
for plaintext, ciphertext in zip(ipe_plaintexts, ipe_single_bits):
|
||||||
|
vector(ipe_key, plaintext, ciphertext)
|
||||||
|
for plaintext, ciphertext in zip(ipe_single_bits, ipe_ciphertexts):
|
||||||
|
vector(ipe_key, plaintext, ciphertext)
|
||||||
|
|
||||||
|
# 'Key permutation tests': plaintext fixed at all zeroes, key
|
||||||
|
# is a succession of tweaks of the previous key made by
|
||||||
|
# replacing each 01 byte in turn with one containing a
|
||||||
|
# different single set bit (e.g. 01 20 01 01 01 01 01 01).
|
||||||
|
# Expected ciphertexts listed.
|
||||||
|
kp_ciphertexts = [
|
||||||
|
'95A8D72813DAA94D', '0EEC1487DD8C26D5', '7AD16FFB79C45926', 'D3746294CA6A6CF3',
|
||||||
|
'809F5F873C1FD761', 'C02FAFFEC989D1FC', '4615AA1D33E72F10', '2055123350C00858',
|
||||||
|
'DF3B99D6577397C8', '31FE17369B5288C9', 'DFDD3CC64DAE1642', '178C83CE2B399D94',
|
||||||
|
'50F636324A9B7F80', 'A8468EE3BC18F06D', 'A2DC9E92FD3CDE92', 'CAC09F797D031287',
|
||||||
|
'90BA680B22AEB525', 'CE7A24F350E280B6', '882BFF0AA01A0B87', '25610288924511C2',
|
||||||
|
'C71516C29C75D170', '5199C29A52C9F059', 'C22F0A294A71F29F', 'EE371483714C02EA',
|
||||||
|
'A81FBD448F9E522F', '4F644C92E192DFED', '1AFA9A66A6DF92AE', 'B3C1CC715CB879D8',
|
||||||
|
'19D032E64AB0BD8B', '3CFAA7A7DC8720DC', 'B7265F7F447AC6F3', '9DB73B3C0D163F54',
|
||||||
|
'8181B65BABF4A975', '93C9B64042EAA240', '5570530829705592', '8638809E878787A0',
|
||||||
|
'41B9A79AF79AC208', '7A9BE42F2009A892', '29038D56BA6D2745', '5495C6ABF1E5DF51',
|
||||||
|
'AE13DBD561488933', '024D1FFA8904E389', 'D1399712F99BF02E', '14C1D7C1CFFEC79E',
|
||||||
|
'1DE5279DAE3BED6F', 'E941A33F85501303', 'DA99DBBC9A03F379', 'B7FC92F91D8E92E9',
|
||||||
|
'AE8E5CAA3CA04E85', '9CC62DF43B6EED74', 'D863DBB5C59A91A0', 'A1AB2190545B91D7',
|
||||||
|
'0875041E64C570F7', '5A594528BEBEF1CC', 'FCDB3291DE21F0C0', '869EFD7F9F265A09',
|
||||||
|
]
|
||||||
|
kp_key_repl_bytes = ["{:02x}".format(0x80>>i) for i in range(7)]
|
||||||
|
kp_keys = ['01'*j + b + '01'*(7-j)
|
||||||
|
for j in range(8) for b in kp_key_repl_bytes]
|
||||||
|
kp_plaintext = '0' * 16
|
||||||
|
for key, ciphertext in zip(kp_keys, kp_ciphertexts):
|
||||||
|
vector(key, kp_plaintext, ciphertext)
|
||||||
|
|
||||||
|
# 'Data permutation test': plaintext fixed at all zeroes,
|
||||||
|
# pairs of key and expected ciphertext listed below.
|
||||||
|
dp_keys_and_ciphertexts = [
|
||||||
|
'1046913489980131:88D55E54F54C97B4', '1007103489988020:0C0CC00C83EA48FD',
|
||||||
|
'10071034C8980120:83BC8EF3A6570183', '1046103489988020:DF725DCAD94EA2E9',
|
||||||
|
'1086911519190101:E652B53B550BE8B0', '1086911519580101:AF527120C485CBB0',
|
||||||
|
'5107B01519580101:0F04CE393DB926D5', '1007B01519190101:C9F00FFC74079067',
|
||||||
|
'3107915498080101:7CFD82A593252B4E', '3107919498080101:CB49A2F9E91363E3',
|
||||||
|
'10079115B9080140:00B588BE70D23F56', '3107911598080140:406A9A6AB43399AE',
|
||||||
|
'1007D01589980101:6CB773611DCA9ADA', '9107911589980101:67FD21C17DBB5D70',
|
||||||
|
'9107D01589190101:9592CB4110430787', '1007D01598980120:A6B7FF68A318DDD3',
|
||||||
|
'1007940498190101:4D102196C914CA16', '0107910491190401:2DFA9F4573594965',
|
||||||
|
'0107910491190101:B46604816C0E0774', '0107940491190401:6E7E6221A4F34E87',
|
||||||
|
'19079210981A0101:AA85E74643233199', '1007911998190801:2E5A19DB4D1962D6',
|
||||||
|
'10079119981A0801:23A866A809D30894', '1007921098190101:D812D961F017D320',
|
||||||
|
'100791159819010B:055605816E58608F', '1004801598190101:ABD88E8B1B7716F1',
|
||||||
|
'1004801598190102:537AC95BE69DA1E1', '1004801598190108:AED0F6AE3C25CDD8',
|
||||||
|
'1002911498100104:B3E35A5EE53E7B8D', '1002911598190104:61C79C71921A2EF8',
|
||||||
|
'1002911598100201:E2F5728F0995013C', '1002911698100101:1AEAC39A61F0A464',
|
||||||
|
]
|
||||||
|
dp_plaintext = '0' * 16
|
||||||
|
for key_and_ciphertext in dp_keys_and_ciphertexts:
|
||||||
|
key, ciphertext = key_and_ciphertext.split(":")
|
||||||
|
vector(key, dp_plaintext, ciphertext)
|
||||||
|
|
||||||
|
# Tests intended to select every entry in every S-box. Full
|
||||||
|
# arbitrary triples (key, plaintext, ciphertext).
|
||||||
|
sb_complete_tests = [
|
||||||
|
'7CA110454A1A6E57:01A1D6D039776742:690F5B0D9A26939B',
|
||||||
|
'0131D9619DC1376E:5CD54CA83DEF57DA:7A389D10354BD271',
|
||||||
|
'07A1133E4A0B2686:0248D43806F67172:868EBB51CAB4599A',
|
||||||
|
'3849674C2602319E:51454B582DDF440A:7178876E01F19B2A',
|
||||||
|
'04B915BA43FEB5B6:42FD443059577FA2:AF37FB421F8C4095',
|
||||||
|
'0113B970FD34F2CE:059B5E0851CF143A:86A560F10EC6D85B',
|
||||||
|
'0170F175468FB5E6:0756D8E0774761D2:0CD3DA020021DC09',
|
||||||
|
'43297FAD38E373FE:762514B829BF486A:EA676B2CB7DB2B7A',
|
||||||
|
'07A7137045DA2A16:3BDD119049372802:DFD64A815CAF1A0F',
|
||||||
|
'04689104C2FD3B2F:26955F6835AF609A:5C513C9C4886C088',
|
||||||
|
'37D06BB516CB7546:164D5E404F275232:0A2AEEAE3FF4AB77',
|
||||||
|
'1F08260D1AC2465E:6B056E18759F5CCA:EF1BF03E5DFA575A',
|
||||||
|
'584023641ABA6176:004BD6EF09176062:88BF0DB6D70DEE56',
|
||||||
|
'025816164629B007:480D39006EE762F2:A1F9915541020B56',
|
||||||
|
'49793EBC79B3258F:437540C8698F3CFA:6FBF1CAFCFFD0556',
|
||||||
|
'4FB05E1515AB73A7:072D43A077075292:2F22E49BAB7CA1AC',
|
||||||
|
'49E95D6D4CA229BF:02FE55778117F12A:5A6B612CC26CCE4A',
|
||||||
|
'018310DC409B26D6:1D9D5C5018F728C2:5F4C038ED12B2E41',
|
||||||
|
'1C587F1C13924FEF:305532286D6F295A:63FAC0D034D9F793',
|
||||||
|
]
|
||||||
|
for test in sb_complete_tests:
|
||||||
|
key, plaintext, ciphertext = test.split(":")
|
||||||
|
vector(key, plaintext, ciphertext)
|
||||||
|
|
||||||
def testMD5(self):
|
def testMD5(self):
|
||||||
MD5 = lambda s: hash_str('md5', s)
|
MD5 = lambda s: hash_str('md5', s)
|
||||||
|
|
||||||
|
|
|
@ -268,7 +268,6 @@ static const ssh2_cipheralg *get_ssh2_cipheralg(BinarySource *in)
|
||||||
{"3des_ctr", &ssh_3des_ssh2_ctr},
|
{"3des_ctr", &ssh_3des_ssh2_ctr},
|
||||||
{"3des", &ssh_3des_ssh2},
|
{"3des", &ssh_3des_ssh2},
|
||||||
{"des", &ssh_des_ssh2},
|
{"des", &ssh_des_ssh2},
|
||||||
{"des_sshcom", &ssh_des_sshcom_ssh2},
|
|
||||||
{"aes256_ctr", &ssh_aes256_sdctr},
|
{"aes256_ctr", &ssh_aes256_sdctr},
|
||||||
{"aes256_ctr_hw", &ssh_aes256_sdctr_hw},
|
{"aes256_ctr_hw", &ssh_aes256_sdctr_hw},
|
||||||
{"aes256_ctr_sw", &ssh_aes256_sdctr_sw},
|
{"aes256_ctr_sw", &ssh_aes256_sdctr_sw},
|
||||||
|
|
Загрузка…
Ссылка в новой задаче