Roman Peniaev | 35c31fe | 2014-07-21 21:53:44 +0900 | [diff] [blame] | 1 | /* |
| 2 | * HMAC-SHA-224/256/384/512 implementation |
| 3 | * Last update: 06/15/2005 |
| 4 | * Issue date: 06/15/2005 |
| 5 | * |
| 6 | * Since this code has been incorporated into a GPLv2 project, it is |
| 7 | * distributed under GPLv2 inside mmc-utils. The original BSD license |
| 8 | * that the code was released under is included below for clarity. |
| 9 | * |
| 10 | * Copyright (C) 2005 Olivier Gay <olivier.gay@a3.epfl.ch> |
| 11 | * All rights reserved. |
| 12 | * |
| 13 | * Redistribution and use in source and binary forms, with or without |
| 14 | * modification, are permitted provided that the following conditions |
| 15 | * are met: |
| 16 | * 1. Redistributions of source code must retain the above copyright |
| 17 | * notice, this list of conditions and the following disclaimer. |
| 18 | * 2. Redistributions in binary form must reproduce the above copyright |
| 19 | * notice, this list of conditions and the following disclaimer in the |
| 20 | * documentation and/or other materials provided with the distribution. |
| 21 | * 3. Neither the name of the project nor the names of its contributors |
| 22 | * may be used to endorse or promote products derived from this software |
| 23 | * without specific prior written permission. |
| 24 | * |
| 25 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
| 26 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 27 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 28 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
| 29 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 30 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 31 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 32 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 33 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 34 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 35 | * SUCH DAMAGE. |
| 36 | */ |
| 37 | |
| 38 | #include <string.h> |
| 39 | |
| 40 | #include "hmac_sha2.h" |
| 41 | |
| 42 | /* HMAC-SHA-224 functions */ |
| 43 | |
| 44 | void hmac_sha224_init(hmac_sha224_ctx *ctx, const unsigned char *key, |
| 45 | unsigned int key_size) |
| 46 | { |
| 47 | unsigned int fill; |
| 48 | unsigned int num; |
| 49 | |
| 50 | const unsigned char *key_used; |
| 51 | unsigned char key_temp[SHA224_DIGEST_SIZE]; |
| 52 | int i; |
| 53 | |
| 54 | if (key_size == SHA224_BLOCK_SIZE) { |
| 55 | key_used = key; |
| 56 | num = SHA224_BLOCK_SIZE; |
| 57 | } else { |
| 58 | if (key_size > SHA224_BLOCK_SIZE){ |
| 59 | num = SHA224_DIGEST_SIZE; |
| 60 | sha224(key, key_size, key_temp); |
| 61 | key_used = key_temp; |
| 62 | } else { /* key_size > SHA224_BLOCK_SIZE */ |
| 63 | key_used = key; |
| 64 | num = key_size; |
| 65 | } |
| 66 | fill = SHA224_BLOCK_SIZE - num; |
| 67 | |
| 68 | memset(ctx->block_ipad + num, 0x36, fill); |
| 69 | memset(ctx->block_opad + num, 0x5c, fill); |
| 70 | } |
| 71 | |
| 72 | for (i = 0; i < (int) num; i++) { |
| 73 | ctx->block_ipad[i] = key_used[i] ^ 0x36; |
| 74 | ctx->block_opad[i] = key_used[i] ^ 0x5c; |
| 75 | } |
| 76 | |
| 77 | sha224_init(&ctx->ctx_inside); |
| 78 | sha224_update(&ctx->ctx_inside, ctx->block_ipad, SHA224_BLOCK_SIZE); |
| 79 | |
| 80 | sha224_init(&ctx->ctx_outside); |
| 81 | sha224_update(&ctx->ctx_outside, ctx->block_opad, |
| 82 | SHA224_BLOCK_SIZE); |
| 83 | |
| 84 | /* for hmac_reinit */ |
| 85 | memcpy(&ctx->ctx_inside_reinit, &ctx->ctx_inside, |
| 86 | sizeof(sha224_ctx)); |
| 87 | memcpy(&ctx->ctx_outside_reinit, &ctx->ctx_outside, |
| 88 | sizeof(sha224_ctx)); |
| 89 | } |
| 90 | |
| 91 | void hmac_sha224_reinit(hmac_sha224_ctx *ctx) |
| 92 | { |
| 93 | memcpy(&ctx->ctx_inside, &ctx->ctx_inside_reinit, |
| 94 | sizeof(sha224_ctx)); |
| 95 | memcpy(&ctx->ctx_outside, &ctx->ctx_outside_reinit, |
| 96 | sizeof(sha224_ctx)); |
| 97 | } |
| 98 | |
| 99 | void hmac_sha224_update(hmac_sha224_ctx *ctx, const unsigned char *message, |
| 100 | unsigned int message_len) |
| 101 | { |
| 102 | sha224_update(&ctx->ctx_inside, message, message_len); |
| 103 | } |
| 104 | |
| 105 | void hmac_sha224_final(hmac_sha224_ctx *ctx, unsigned char *mac, |
| 106 | unsigned int mac_size) |
| 107 | { |
| 108 | unsigned char digest_inside[SHA224_DIGEST_SIZE]; |
| 109 | unsigned char mac_temp[SHA224_DIGEST_SIZE]; |
| 110 | |
| 111 | sha224_final(&ctx->ctx_inside, digest_inside); |
| 112 | sha224_update(&ctx->ctx_outside, digest_inside, SHA224_DIGEST_SIZE); |
| 113 | sha224_final(&ctx->ctx_outside, mac_temp); |
| 114 | memcpy(mac, mac_temp, mac_size); |
| 115 | } |
| 116 | |
| 117 | void hmac_sha224(const unsigned char *key, unsigned int key_size, |
| 118 | const unsigned char *message, unsigned int message_len, |
| 119 | unsigned char *mac, unsigned mac_size) |
| 120 | { |
| 121 | hmac_sha224_ctx ctx; |
| 122 | |
| 123 | hmac_sha224_init(&ctx, key, key_size); |
| 124 | hmac_sha224_update(&ctx, message, message_len); |
| 125 | hmac_sha224_final(&ctx, mac, mac_size); |
| 126 | } |
| 127 | |
| 128 | /* HMAC-SHA-256 functions */ |
| 129 | |
| 130 | void hmac_sha256_init(hmac_sha256_ctx *ctx, const unsigned char *key, |
| 131 | unsigned int key_size) |
| 132 | { |
| 133 | unsigned int fill; |
| 134 | unsigned int num; |
| 135 | |
| 136 | const unsigned char *key_used; |
| 137 | unsigned char key_temp[SHA256_DIGEST_SIZE]; |
| 138 | int i; |
| 139 | |
| 140 | if (key_size == SHA256_BLOCK_SIZE) { |
| 141 | key_used = key; |
| 142 | num = SHA256_BLOCK_SIZE; |
| 143 | } else { |
| 144 | if (key_size > SHA256_BLOCK_SIZE){ |
| 145 | num = SHA256_DIGEST_SIZE; |
| 146 | sha256(key, key_size, key_temp); |
| 147 | key_used = key_temp; |
| 148 | } else { /* key_size > SHA256_BLOCK_SIZE */ |
| 149 | key_used = key; |
| 150 | num = key_size; |
| 151 | } |
| 152 | fill = SHA256_BLOCK_SIZE - num; |
| 153 | |
| 154 | memset(ctx->block_ipad + num, 0x36, fill); |
| 155 | memset(ctx->block_opad + num, 0x5c, fill); |
| 156 | } |
| 157 | |
| 158 | for (i = 0; i < (int) num; i++) { |
| 159 | ctx->block_ipad[i] = key_used[i] ^ 0x36; |
| 160 | ctx->block_opad[i] = key_used[i] ^ 0x5c; |
| 161 | } |
| 162 | |
| 163 | sha256_init(&ctx->ctx_inside); |
| 164 | sha256_update(&ctx->ctx_inside, ctx->block_ipad, SHA256_BLOCK_SIZE); |
| 165 | |
| 166 | sha256_init(&ctx->ctx_outside); |
| 167 | sha256_update(&ctx->ctx_outside, ctx->block_opad, |
| 168 | SHA256_BLOCK_SIZE); |
| 169 | |
| 170 | /* for hmac_reinit */ |
| 171 | memcpy(&ctx->ctx_inside_reinit, &ctx->ctx_inside, |
| 172 | sizeof(sha256_ctx)); |
| 173 | memcpy(&ctx->ctx_outside_reinit, &ctx->ctx_outside, |
| 174 | sizeof(sha256_ctx)); |
| 175 | } |
| 176 | |
| 177 | void hmac_sha256_reinit(hmac_sha256_ctx *ctx) |
| 178 | { |
| 179 | memcpy(&ctx->ctx_inside, &ctx->ctx_inside_reinit, |
| 180 | sizeof(sha256_ctx)); |
| 181 | memcpy(&ctx->ctx_outside, &ctx->ctx_outside_reinit, |
| 182 | sizeof(sha256_ctx)); |
| 183 | } |
| 184 | |
| 185 | void hmac_sha256_update(hmac_sha256_ctx *ctx, const unsigned char *message, |
| 186 | unsigned int message_len) |
| 187 | { |
| 188 | sha256_update(&ctx->ctx_inside, message, message_len); |
| 189 | } |
| 190 | |
| 191 | void hmac_sha256_final(hmac_sha256_ctx *ctx, unsigned char *mac, |
| 192 | unsigned int mac_size) |
| 193 | { |
| 194 | unsigned char digest_inside[SHA256_DIGEST_SIZE]; |
| 195 | unsigned char mac_temp[SHA256_DIGEST_SIZE]; |
| 196 | |
| 197 | sha256_final(&ctx->ctx_inside, digest_inside); |
| 198 | sha256_update(&ctx->ctx_outside, digest_inside, SHA256_DIGEST_SIZE); |
| 199 | sha256_final(&ctx->ctx_outside, mac_temp); |
| 200 | memcpy(mac, mac_temp, mac_size); |
| 201 | } |
| 202 | |
| 203 | void hmac_sha256(const unsigned char *key, unsigned int key_size, |
| 204 | const unsigned char *message, unsigned int message_len, |
| 205 | unsigned char *mac, unsigned mac_size) |
| 206 | { |
| 207 | hmac_sha256_ctx ctx; |
| 208 | |
| 209 | hmac_sha256_init(&ctx, key, key_size); |
| 210 | hmac_sha256_update(&ctx, message, message_len); |
| 211 | hmac_sha256_final(&ctx, mac, mac_size); |
| 212 | } |
| 213 | |
| 214 | /* HMAC-SHA-384 functions */ |
| 215 | |
| 216 | void hmac_sha384_init(hmac_sha384_ctx *ctx, const unsigned char *key, |
| 217 | unsigned int key_size) |
| 218 | { |
| 219 | unsigned int fill; |
| 220 | unsigned int num; |
| 221 | |
| 222 | const unsigned char *key_used; |
| 223 | unsigned char key_temp[SHA384_DIGEST_SIZE]; |
| 224 | int i; |
| 225 | |
| 226 | if (key_size == SHA384_BLOCK_SIZE) { |
| 227 | key_used = key; |
| 228 | num = SHA384_BLOCK_SIZE; |
| 229 | } else { |
| 230 | if (key_size > SHA384_BLOCK_SIZE){ |
| 231 | num = SHA384_DIGEST_SIZE; |
| 232 | sha384(key, key_size, key_temp); |
| 233 | key_used = key_temp; |
| 234 | } else { /* key_size > SHA384_BLOCK_SIZE */ |
| 235 | key_used = key; |
| 236 | num = key_size; |
| 237 | } |
| 238 | fill = SHA384_BLOCK_SIZE - num; |
| 239 | |
| 240 | memset(ctx->block_ipad + num, 0x36, fill); |
| 241 | memset(ctx->block_opad + num, 0x5c, fill); |
| 242 | } |
| 243 | |
| 244 | for (i = 0; i < (int) num; i++) { |
| 245 | ctx->block_ipad[i] = key_used[i] ^ 0x36; |
| 246 | ctx->block_opad[i] = key_used[i] ^ 0x5c; |
| 247 | } |
| 248 | |
| 249 | sha384_init(&ctx->ctx_inside); |
| 250 | sha384_update(&ctx->ctx_inside, ctx->block_ipad, SHA384_BLOCK_SIZE); |
| 251 | |
| 252 | sha384_init(&ctx->ctx_outside); |
| 253 | sha384_update(&ctx->ctx_outside, ctx->block_opad, |
| 254 | SHA384_BLOCK_SIZE); |
| 255 | |
| 256 | /* for hmac_reinit */ |
| 257 | memcpy(&ctx->ctx_inside_reinit, &ctx->ctx_inside, |
| 258 | sizeof(sha384_ctx)); |
| 259 | memcpy(&ctx->ctx_outside_reinit, &ctx->ctx_outside, |
| 260 | sizeof(sha384_ctx)); |
| 261 | } |
| 262 | |
| 263 | void hmac_sha384_reinit(hmac_sha384_ctx *ctx) |
| 264 | { |
| 265 | memcpy(&ctx->ctx_inside, &ctx->ctx_inside_reinit, |
| 266 | sizeof(sha384_ctx)); |
| 267 | memcpy(&ctx->ctx_outside, &ctx->ctx_outside_reinit, |
| 268 | sizeof(sha384_ctx)); |
| 269 | } |
| 270 | |
| 271 | void hmac_sha384_update(hmac_sha384_ctx *ctx, const unsigned char *message, |
| 272 | unsigned int message_len) |
| 273 | { |
| 274 | sha384_update(&ctx->ctx_inside, message, message_len); |
| 275 | } |
| 276 | |
| 277 | void hmac_sha384_final(hmac_sha384_ctx *ctx, unsigned char *mac, |
| 278 | unsigned int mac_size) |
| 279 | { |
| 280 | unsigned char digest_inside[SHA384_DIGEST_SIZE]; |
| 281 | unsigned char mac_temp[SHA384_DIGEST_SIZE]; |
| 282 | |
| 283 | sha384_final(&ctx->ctx_inside, digest_inside); |
| 284 | sha384_update(&ctx->ctx_outside, digest_inside, SHA384_DIGEST_SIZE); |
| 285 | sha384_final(&ctx->ctx_outside, mac_temp); |
| 286 | memcpy(mac, mac_temp, mac_size); |
| 287 | } |
| 288 | |
| 289 | void hmac_sha384(const unsigned char *key, unsigned int key_size, |
| 290 | const unsigned char *message, unsigned int message_len, |
| 291 | unsigned char *mac, unsigned mac_size) |
| 292 | { |
| 293 | hmac_sha384_ctx ctx; |
| 294 | |
| 295 | hmac_sha384_init(&ctx, key, key_size); |
| 296 | hmac_sha384_update(&ctx, message, message_len); |
| 297 | hmac_sha384_final(&ctx, mac, mac_size); |
| 298 | } |
| 299 | |
| 300 | /* HMAC-SHA-512 functions */ |
| 301 | |
| 302 | void hmac_sha512_init(hmac_sha512_ctx *ctx, const unsigned char *key, |
| 303 | unsigned int key_size) |
| 304 | { |
| 305 | unsigned int fill; |
| 306 | unsigned int num; |
| 307 | |
| 308 | const unsigned char *key_used; |
| 309 | unsigned char key_temp[SHA512_DIGEST_SIZE]; |
| 310 | int i; |
| 311 | |
| 312 | if (key_size == SHA512_BLOCK_SIZE) { |
| 313 | key_used = key; |
| 314 | num = SHA512_BLOCK_SIZE; |
| 315 | } else { |
| 316 | if (key_size > SHA512_BLOCK_SIZE){ |
| 317 | num = SHA512_DIGEST_SIZE; |
| 318 | sha512(key, key_size, key_temp); |
| 319 | key_used = key_temp; |
| 320 | } else { /* key_size > SHA512_BLOCK_SIZE */ |
| 321 | key_used = key; |
| 322 | num = key_size; |
| 323 | } |
| 324 | fill = SHA512_BLOCK_SIZE - num; |
| 325 | |
| 326 | memset(ctx->block_ipad + num, 0x36, fill); |
| 327 | memset(ctx->block_opad + num, 0x5c, fill); |
| 328 | } |
| 329 | |
| 330 | for (i = 0; i < (int) num; i++) { |
| 331 | ctx->block_ipad[i] = key_used[i] ^ 0x36; |
| 332 | ctx->block_opad[i] = key_used[i] ^ 0x5c; |
| 333 | } |
| 334 | |
| 335 | sha512_init(&ctx->ctx_inside); |
| 336 | sha512_update(&ctx->ctx_inside, ctx->block_ipad, SHA512_BLOCK_SIZE); |
| 337 | |
| 338 | sha512_init(&ctx->ctx_outside); |
| 339 | sha512_update(&ctx->ctx_outside, ctx->block_opad, |
| 340 | SHA512_BLOCK_SIZE); |
| 341 | |
| 342 | /* for hmac_reinit */ |
| 343 | memcpy(&ctx->ctx_inside_reinit, &ctx->ctx_inside, |
| 344 | sizeof(sha512_ctx)); |
| 345 | memcpy(&ctx->ctx_outside_reinit, &ctx->ctx_outside, |
| 346 | sizeof(sha512_ctx)); |
| 347 | } |
| 348 | |
| 349 | void hmac_sha512_reinit(hmac_sha512_ctx *ctx) |
| 350 | { |
| 351 | memcpy(&ctx->ctx_inside, &ctx->ctx_inside_reinit, |
| 352 | sizeof(sha512_ctx)); |
| 353 | memcpy(&ctx->ctx_outside, &ctx->ctx_outside_reinit, |
| 354 | sizeof(sha512_ctx)); |
| 355 | } |
| 356 | |
| 357 | void hmac_sha512_update(hmac_sha512_ctx *ctx, const unsigned char *message, |
| 358 | unsigned int message_len) |
| 359 | { |
| 360 | sha512_update(&ctx->ctx_inside, message, message_len); |
| 361 | } |
| 362 | |
| 363 | void hmac_sha512_final(hmac_sha512_ctx *ctx, unsigned char *mac, |
| 364 | unsigned int mac_size) |
| 365 | { |
| 366 | unsigned char digest_inside[SHA512_DIGEST_SIZE]; |
| 367 | unsigned char mac_temp[SHA512_DIGEST_SIZE]; |
| 368 | |
| 369 | sha512_final(&ctx->ctx_inside, digest_inside); |
| 370 | sha512_update(&ctx->ctx_outside, digest_inside, SHA512_DIGEST_SIZE); |
| 371 | sha512_final(&ctx->ctx_outside, mac_temp); |
| 372 | memcpy(mac, mac_temp, mac_size); |
| 373 | } |
| 374 | |
| 375 | void hmac_sha512(const unsigned char *key, unsigned int key_size, |
| 376 | const unsigned char *message, unsigned int message_len, |
| 377 | unsigned char *mac, unsigned mac_size) |
| 378 | { |
| 379 | hmac_sha512_ctx ctx; |
| 380 | |
| 381 | hmac_sha512_init(&ctx, key, key_size); |
| 382 | hmac_sha512_update(&ctx, message, message_len); |
| 383 | hmac_sha512_final(&ctx, mac, mac_size); |
| 384 | } |
| 385 | |
| 386 | #ifdef TEST_VECTORS |
| 387 | |
| 388 | /* IETF Validation tests */ |
| 389 | |
| 390 | #include <stdio.h> |
| 391 | #include <stdlib.h> |
| 392 | |
| 393 | void test(const char *vector, unsigned char *digest, |
| 394 | unsigned int digest_size) |
| 395 | { |
| 396 | char output[2 * SHA512_DIGEST_SIZE + 1]; |
| 397 | int i; |
| 398 | |
| 399 | output[2 * digest_size] = '\0'; |
| 400 | |
| 401 | for (i = 0; i < (int) digest_size ; i++) { |
| 402 | sprintf(output + 2*i, "%02x", digest[i]); |
| 403 | } |
| 404 | |
| 405 | printf("H: %s\n", output); |
| 406 | if (strcmp(vector, output)) { |
| 407 | fprintf(stderr, "Test failed.\n"); |
| 408 | exit(1); |
| 409 | } |
| 410 | } |
| 411 | |
| 412 | int main(void) |
| 413 | { |
| 414 | static const char *vectors[] = |
| 415 | { |
| 416 | /* HMAC-SHA-224 */ |
| 417 | "896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22", |
| 418 | "a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44", |
| 419 | "7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea", |
| 420 | "6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a", |
| 421 | "0e2aea68a90c8d37c988bcdb9fca6fa8", |
| 422 | "95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e", |
| 423 | "3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1", |
| 424 | /* HMAC-SHA-256 */ |
| 425 | "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7", |
| 426 | "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843", |
| 427 | "773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe", |
| 428 | "82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b", |
| 429 | "a3b6167473100ee06e0c796c2955552b", |
| 430 | "60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54", |
| 431 | "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2", |
| 432 | /* HMAC-SHA-384 */ |
| 433 | "afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59c" |
| 434 | "faea9ea9076ede7f4af152e8b2fa9cb6", |
| 435 | "af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e" |
| 436 | "8e2240ca5e69e2c78b3239ecfab21649", |
| 437 | "88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b" |
| 438 | "2a5ab39dc13814b94e3ab6e101a34f27", |
| 439 | "3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e" |
| 440 | "6801dd23c4a7d679ccf8a386c674cffb", |
| 441 | "3abf34c3503b2a23a46efc619baef897", |
| 442 | "4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c6" |
| 443 | "0c2ef6ab4030fe8296248df163f44952", |
| 444 | "6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5" |
| 445 | "a678cc31e799176d3860e6110c46523e", |
| 446 | /* HMAC-SHA-512 */ |
| 447 | "87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cde" |
| 448 | "daa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854", |
| 449 | "164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea250554" |
| 450 | "9758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737", |
| 451 | "fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39" |
| 452 | "bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb", |
| 453 | "b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3db" |
| 454 | "a91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd", |
| 455 | "415fad6271580a531d4179bc891d87a6", |
| 456 | "80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f352" |
| 457 | "6b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598", |
| 458 | "e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944" |
| 459 | "b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58" |
| 460 | }; |
| 461 | |
| 462 | static char *messages[] = |
| 463 | { |
| 464 | "Hi There", |
| 465 | "what do ya want for nothing?", |
| 466 | NULL, |
| 467 | NULL, |
| 468 | "Test With Truncation", |
| 469 | "Test Using Larger Than Block-Size Key - Hash Key First", |
| 470 | "This is a test using a larger than block-size key " |
| 471 | "and a larger than block-size data. The key needs" |
| 472 | " to be hashed before being used by the HMAC algorithm." |
| 473 | }; |
| 474 | |
| 475 | unsigned char mac[SHA512_DIGEST_SIZE]; |
| 476 | unsigned char *keys[7]; |
| 477 | unsigned int keys_len[7] = {20, 4, 20, 25, 20, 131, 131}; |
| 478 | unsigned int messages2and3_len = 50; |
| 479 | unsigned int mac_224_size, mac_256_size, mac_384_size, mac_512_size; |
| 480 | int i; |
| 481 | |
| 482 | for (i = 0; i < 7; i++) { |
| 483 | keys[i] = malloc(keys_len[i]); |
| 484 | if (keys[i] == NULL) { |
| 485 | fprintf(stderr, "Can't allocate memory\n"); |
| 486 | return 1; |
| 487 | } |
| 488 | } |
| 489 | |
| 490 | memset(keys[0], 0x0b, keys_len[0]); |
| 491 | strcpy((char *) keys[1], "Jefe"); |
| 492 | memset(keys[2], 0xaa, keys_len[2]); |
| 493 | for (i = 0; i < (int) keys_len[3]; i++) |
| 494 | keys[3][i] = (unsigned char) i + 1; |
| 495 | memset(keys[4], 0x0c, keys_len[4]); |
| 496 | memset(keys[5], 0xaa, keys_len[5]); |
| 497 | memset(keys[6], 0xaa, keys_len[6]); |
| 498 | |
| 499 | messages[2] = malloc(messages2and3_len + 1); |
| 500 | messages[3] = malloc(messages2and3_len + 1); |
| 501 | |
| 502 | if (messages[2] == NULL || messages[3] == NULL) { |
| 503 | fprintf(stderr, "Can't allocate memory\n"); |
| 504 | return 1; |
| 505 | } |
| 506 | |
| 507 | messages[2][messages2and3_len] = '\0'; |
| 508 | messages[3][messages2and3_len] = '\0'; |
| 509 | |
| 510 | memset(messages[2], 0xdd, messages2and3_len); |
| 511 | memset(messages[3], 0xcd, messages2and3_len); |
| 512 | |
| 513 | printf("HMAC-SHA-2 IETF Validation tests\n\n"); |
| 514 | |
| 515 | for (i = 0; i < 7; i++) { |
| 516 | if (i != 4) { |
| 517 | mac_224_size = SHA224_DIGEST_SIZE; |
| 518 | mac_256_size = SHA256_DIGEST_SIZE; |
| 519 | mac_384_size = SHA384_DIGEST_SIZE; |
| 520 | mac_512_size = SHA512_DIGEST_SIZE; |
| 521 | } else { |
| 522 | mac_224_size = 128 / 8; mac_256_size = 128 / 8; |
| 523 | mac_384_size = 128 / 8; mac_512_size = 128 / 8; |
| 524 | } |
| 525 | |
| 526 | printf("Test %d:\n", i + 1); |
| 527 | |
| 528 | hmac_sha224(keys[i], keys_len[i], (unsigned char *) messages[i], |
| 529 | strlen(messages[i]), mac, mac_224_size); |
| 530 | test(vectors[i], mac, mac_224_size); |
| 531 | hmac_sha256(keys[i], keys_len[i], (unsigned char *) messages[i], |
| 532 | strlen(messages[i]), mac, mac_256_size); |
| 533 | test(vectors[7 + i], mac, mac_256_size); |
| 534 | hmac_sha384(keys[i], keys_len[i], (unsigned char *) messages[i], |
| 535 | strlen(messages[i]), mac, mac_384_size); |
| 536 | test(vectors[14 + i], mac, mac_384_size); |
| 537 | hmac_sha512(keys[i], keys_len[i], (unsigned char *) messages[i], |
| 538 | strlen(messages[i]), mac, mac_512_size); |
| 539 | test(vectors[21 + i], mac, mac_512_size); |
| 540 | } |
| 541 | |
| 542 | printf("All tests passed.\n"); |
| 543 | |
| 544 | return 0; |
| 545 | } |
| 546 | |
| 547 | #endif /* TEST_VECTORS */ |
| 548 | |