1/* hmac-tests.c - HMAC selftests. 2 * Copyright (C) 2008 Free Software Foundation, Inc. 3 * 4 * This file is part of Libgcrypt. 5 * 6 * Libgcrypt is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU Lesser General Public License as 8 * published by the Free Software Foundation; either version 2.1 of 9 * the License, or (at your option) any later version. 10 * 11 * Libgcrypt is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this program; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 20/* 21 Although algorithm self-tests are usually implemented in the module 22 implementing the algorithm, the case for HMAC is different because 23 HMAC is implemnetd on a higher level using a special feature of the 24 gcry_md_ functions. It would be possible to do this also in the 25 digest algorithm modules, but that would blow up the code too much 26 and spread the hmac tests over several modules. 27 28 Thus we implement all HMAC tests in this test module and provide a 29 function to run the tests. 30*/ 31 32#include <config.h> 33#include <stdio.h> 34#include <stdlib.h> 35#include <string.h> 36#ifdef HAVE_STDINT_H 37# include <stdint.h> 38#endif 39 40#include "g10lib.h" 41#include "cipher.h" 42#include "hmac256.h" 43 44/* Check one HMAC with digest ALGO using the regualr HAMC 45 API. (DATA,DATALEN) is the data to be MACed, (KEY,KEYLEN) the key 46 and (EXPECT,EXPECTLEN) the expected result. Returns NULL on 47 succdess or a string describing the failure. */ 48static const char * 49check_one (int algo, 50 const void *data, size_t datalen, 51 const void *key, size_t keylen, 52 const void *expect, size_t expectlen) 53{ 54 gcry_md_hd_t hd; 55 const unsigned char *digest; 56 57/* printf ("HMAC algo %d\n", algo); */ 58 if (_gcry_md_get_algo_dlen (algo) != expectlen) 59 return "invalid tests data"; 60 if (_gcry_md_open (&hd, algo, GCRY_MD_FLAG_HMAC)) 61 return "gcry_md_open failed"; 62 if (_gcry_md_setkey (hd, key, keylen)) 63 { 64 _gcry_md_close (hd); 65 return "gcry_md_setkey failed"; 66 } 67 _gcry_md_write (hd, data, datalen); 68 digest = _gcry_md_read (hd, algo); 69 if (!digest) 70 { 71 _gcry_md_close (hd); 72 return "gcry_md_read failed"; 73 } 74 if (memcmp (digest, expect, expectlen)) 75 { 76/* int i; */ 77 78/* fputs (" {", stdout); */ 79/* for (i=0; i < expectlen-1; i++) */ 80/* { */ 81/* if (i && !(i % 8)) */ 82/* fputs ("\n ", stdout); */ 83/* printf (" 0x%02x,", digest[i]); */ 84/* } */ 85/* printf (" 0x%02x } },\n", digest[i]); */ 86 87 _gcry_md_close (hd); 88 return "does not match"; 89 } 90 _gcry_md_close (hd); 91 return NULL; 92} 93 94 95static gpg_err_code_t 96selftests_sha1 (int extended, selftest_report_func_t report) 97{ 98 const char *what; 99 const char *errtxt; 100 unsigned char key[128]; 101 int i, j; 102 103 what = "FIPS-198a, A.1"; 104 for (i=0; i < 64; i++) 105 key[i] = i; 106 errtxt = check_one (GCRY_MD_SHA1, 107 "Sample #1", 9, 108 key, 64, 109 "\x4f\x4c\xa3\xd5\xd6\x8b\xa7\xcc\x0a\x12" 110 "\x08\xc9\xc6\x1e\x9c\x5d\xa0\x40\x3c\x0a", 20); 111 if (errtxt) 112 goto failed; 113 114 if (extended) 115 { 116 what = "FIPS-198a, A.2"; 117 for (i=0, j=0x30; i < 20; i++) 118 key[i] = j++; 119 errtxt = check_one (GCRY_MD_SHA1, 120 "Sample #2", 9, 121 key, 20, 122 "\x09\x22\xd3\x40\x5f\xaa\x3d\x19\x4f\x82" 123 "\xa4\x58\x30\x73\x7d\x5c\xc6\xc7\x5d\x24", 20); 124 if (errtxt) 125 goto failed; 126 127 what = "FIPS-198a, A.3"; 128 for (i=0, j=0x50; i < 100; i++) 129 key[i] = j++; 130 errtxt = check_one (GCRY_MD_SHA1, 131 "Sample #3", 9, 132 key, 100, 133 "\xbc\xf4\x1e\xab\x8b\xb2\xd8\x02\xf3\xd0" 134 "\x5c\xaf\x7c\xb0\x92\xec\xf8\xd1\xa3\xaa", 20 ); 135 if (errtxt) 136 goto failed; 137 138 what = "FIPS-198a, A.4"; 139 for (i=0, j=0x70; i < 49; i++) 140 key[i] = j++; 141 errtxt = check_one (GCRY_MD_SHA1, 142 "Sample #4", 9, 143 key, 49, 144 "\x9e\xa8\x86\xef\xe2\x68\xdb\xec\xce\x42" 145 "\x0c\x75\x24\xdf\x32\xe0\x75\x1a\x2a\x26", 20 ); 146 if (errtxt) 147 goto failed; 148 } 149 150 return 0; /* Succeeded. */ 151 152 failed: 153 if (report) 154 report ("hmac", GCRY_MD_SHA1, what, errtxt); 155 return GPG_ERR_SELFTEST_FAILED; 156} 157 158 159 160static gpg_err_code_t 161selftests_sha224 (int extended, selftest_report_func_t report) 162{ 163 static struct 164 { 165 const char * const desc; 166 const char * const data; 167 const char * const key; 168 const char expect[28]; 169 } tv[] = 170 { 171 { "data-28 key-4", 172 "what do ya want for nothing?", 173 "Jefe", 174 { 0xa3, 0x0e, 0x01, 0x09, 0x8b, 0xc6, 0xdb, 0xbf, 175 0x45, 0x69, 0x0f, 0x3a, 0x7e, 0x9e, 0x6d, 0x0f, 176 0x8b, 0xbe, 0xa2, 0xa3, 0x9e, 0x61, 0x48, 0x00, 177 0x8f, 0xd0, 0x5e, 0x44 } }, 178 179 { "data-9 key-20", 180 "Hi There", 181 "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" 182 "\x0b\x0b\x0b\x0b", 183 { 0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 184 0x68, 0x32, 0x10, 0x7c, 0xd4, 0x9d, 0xf3, 0x3f, 185 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 186 0x53, 0x68, 0x4b, 0x22 } }, 187 188 { "data-50 key-20", 189 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 190 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 191 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 192 "\xdd\xdd", 193 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 194 "\xaa\xaa\xaa\xaa", 195 { 0x7f, 0xb3, 0xcb, 0x35, 0x88, 0xc6, 0xc1, 0xf6, 196 0xff, 0xa9, 0x69, 0x4d, 0x7d, 0x6a, 0xd2, 0x64, 197 0x93, 0x65, 0xb0, 0xc1, 0xf6, 0x5d, 0x69, 0xd1, 198 0xec, 0x83, 0x33, 0xea } }, 199 200 { "data-50 key-26", 201 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 202 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 203 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 204 "\xcd\xcd", 205 "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" 206 "\x11\x12\x13\x14\x15\x16\x17\x18\x19", 207 { 0x6c, 0x11, 0x50, 0x68, 0x74, 0x01, 0x3c, 0xac, 208 0x6a, 0x2a, 0xbc, 0x1b, 0xb3, 0x82, 0x62, 0x7c, 209 0xec, 0x6a, 0x90, 0xd8, 0x6e, 0xfc, 0x01, 0x2d, 210 0xe7, 0xaf, 0xec, 0x5a } }, 211 212 { "data-54 key-131", 213 "Test Using Larger Than Block-Size Key - Hash Key First", 214 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 215 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 216 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 217 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 218 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 219 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 220 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 221 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 222 "\xaa\xaa\xaa", 223 { 0x95, 0xe9, 0xa0, 0xdb, 0x96, 0x20, 0x95, 0xad, 224 0xae, 0xbe, 0x9b, 0x2d, 0x6f, 0x0d, 0xbc, 0xe2, 225 0xd4, 0x99, 0xf1, 0x12, 0xf2, 0xd2, 0xb7, 0x27, 226 0x3f, 0xa6, 0x87, 0x0e } }, 227 228 { "data-152 key-131", 229 "This is a test using a larger than block-size key and a larger " 230 "than block-size data. The key needs to be hashed before being " 231 "used by the HMAC algorithm.", 232 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 233 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 234 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 235 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 236 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 237 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 238 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 239 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 240 "\xaa\xaa\xaa", 241 { 0x3a, 0x85, 0x41, 0x66, 0xac, 0x5d, 0x9f, 0x02, 242 0x3f, 0x54, 0xd5, 0x17, 0xd0, 0xb3, 0x9d, 0xbd, 243 0x94, 0x67, 0x70, 0xdb, 0x9c, 0x2b, 0x95, 0xc9, 244 0xf6, 0xf5, 0x65, 0xd1 } }, 245 246 { NULL } 247 }; 248 const char *what; 249 const char *errtxt; 250 int tvidx; 251 252 for (tvidx=0; tv[tvidx].desc; tvidx++) 253 { 254 what = tv[tvidx].desc; 255 errtxt = check_one (GCRY_MD_SHA224, 256 tv[tvidx].data, strlen (tv[tvidx].data), 257 tv[tvidx].key, strlen (tv[tvidx].key), 258 tv[tvidx].expect, DIM (tv[tvidx].expect) ); 259 if (errtxt) 260 goto failed; 261 if (!extended) 262 break; 263 } 264 265 return 0; /* Succeeded. */ 266 267 failed: 268 if (report) 269 report ("hmac", GCRY_MD_SHA224, what, errtxt); 270 return GPG_ERR_SELFTEST_FAILED; 271} 272 273 274static gpg_err_code_t 275selftests_sha256 (int extended, selftest_report_func_t report) 276{ 277 static struct 278 { 279 const char * const desc; 280 const char * const data; 281 const char * const key; 282 const char expect[32]; 283 } tv[] = 284 { 285 { "data-28 key-4", 286 "what do ya want for nothing?", 287 "Jefe", 288 { 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, 289 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, 290 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, 291 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 } }, 292 293 { "data-9 key-20", 294 "Hi There", 295 "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" 296 "\x0b\x0b\x0b\x0b", 297 { 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 298 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b, 299 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 300 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 } }, 301 302 { "data-50 key-20", 303 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 304 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 305 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 306 "\xdd\xdd", 307 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 308 "\xaa\xaa\xaa\xaa", 309 { 0x77, 0x3e, 0xa9, 0x1e, 0x36, 0x80, 0x0e, 0x46, 310 0x85, 0x4d, 0xb8, 0xeb, 0xd0, 0x91, 0x81, 0xa7, 311 0x29, 0x59, 0x09, 0x8b, 0x3e, 0xf8, 0xc1, 0x22, 312 0xd9, 0x63, 0x55, 0x14, 0xce, 0xd5, 0x65, 0xfe } }, 313 314 { "data-50 key-26", 315 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 316 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 317 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 318 "\xcd\xcd", 319 "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" 320 "\x11\x12\x13\x14\x15\x16\x17\x18\x19", 321 { 0x82, 0x55, 0x8a, 0x38, 0x9a, 0x44, 0x3c, 0x0e, 322 0xa4, 0xcc, 0x81, 0x98, 0x99, 0xf2, 0x08, 0x3a, 323 0x85, 0xf0, 0xfa, 0xa3, 0xe5, 0x78, 0xf8, 0x07, 324 0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29, 0x66, 0x5b } }, 325 326 { "data-54 key-131", 327 "Test Using Larger Than Block-Size Key - Hash Key First", 328 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 329 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 330 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 331 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 332 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 333 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 334 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 335 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 336 "\xaa\xaa\xaa", 337 { 0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 338 0x0d, 0x8a, 0x26, 0xaa, 0xcb, 0xf5, 0xb7, 0x7f, 339 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28, 0xc5, 0x14, 340 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54 } }, 341 342 { "data-152 key-131", 343 "This is a test using a larger than block-size key and a larger " 344 "than block-size data. The key needs to be hashed before being " 345 "used by the HMAC algorithm.", 346 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 347 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 348 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 349 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 350 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 351 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 352 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 353 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 354 "\xaa\xaa\xaa", 355 { 0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, 356 0x27, 0x63, 0x5f, 0xbc, 0xd5, 0xb0, 0xe9, 0x44, 357 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07, 0x13, 0x93, 358 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2 } }, 359 360 { NULL } 361 }; 362 const char *what; 363 const char *errtxt; 364 int tvidx; 365 366 for (tvidx=0; tv[tvidx].desc; tvidx++) 367 { 368 hmac256_context_t hmachd; 369 const unsigned char *digest; 370 size_t dlen; 371 372 what = tv[tvidx].desc; 373 errtxt = check_one (GCRY_MD_SHA256, 374 tv[tvidx].data, strlen (tv[tvidx].data), 375 tv[tvidx].key, strlen (tv[tvidx].key), 376 tv[tvidx].expect, DIM (tv[tvidx].expect) ); 377 if (errtxt) 378 goto failed; 379 380 hmachd = _gcry_hmac256_new (tv[tvidx].key, strlen (tv[tvidx].key)); 381 if (!hmachd) 382 { 383 errtxt = "_gcry_hmac256_new failed"; 384 goto failed; 385 } 386 _gcry_hmac256_update (hmachd, tv[tvidx].data, strlen (tv[tvidx].data)); 387 digest = _gcry_hmac256_finalize (hmachd, &dlen); 388 if (!digest) 389 { 390 errtxt = "_gcry_hmac256_finalize failed"; 391 _gcry_hmac256_release (hmachd); 392 goto failed; 393 } 394 if (dlen != DIM (tv[tvidx].expect) 395 || memcmp (digest, tv[tvidx].expect, DIM (tv[tvidx].expect))) 396 { 397 errtxt = "does not match in second implementation"; 398 _gcry_hmac256_release (hmachd); 399 goto failed; 400 } 401 _gcry_hmac256_release (hmachd); 402 403 if (!extended) 404 break; 405 } 406 407 return 0; /* Succeeded. */ 408 409 failed: 410 if (report) 411 report ("hmac", GCRY_MD_SHA256, what, errtxt); 412 return GPG_ERR_SELFTEST_FAILED; 413} 414 415 416static gpg_err_code_t 417selftests_sha384 (int extended, selftest_report_func_t report) 418{ 419 static struct 420 { 421 const char * const desc; 422 const char * const data; 423 const char * const key; 424 const char expect[48]; 425 } tv[] = 426 { 427 { "data-28 key-4", 428 "what do ya want for nothing?", 429 "Jefe", 430 { 0xaf, 0x45, 0xd2, 0xe3, 0x76, 0x48, 0x40, 0x31, 431 0x61, 0x7f, 0x78, 0xd2, 0xb5, 0x8a, 0x6b, 0x1b, 432 0x9c, 0x7e, 0xf4, 0x64, 0xf5, 0xa0, 0x1b, 0x47, 433 0xe4, 0x2e, 0xc3, 0x73, 0x63, 0x22, 0x44, 0x5e, 434 0x8e, 0x22, 0x40, 0xca, 0x5e, 0x69, 0xe2, 0xc7, 435 0x8b, 0x32, 0x39, 0xec, 0xfa, 0xb2, 0x16, 0x49 } }, 436 437 { "data-9 key-20", 438 "Hi There", 439 "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" 440 "\x0b\x0b\x0b\x0b", 441 { 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 442 0x6b, 0x08, 0x25, 0xf4, 0xab, 0x46, 0x90, 0x7f, 443 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, 444 0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb, 0xc5, 0x9c, 445 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, 446 0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6 } }, 447 448 { "data-50 key-20", 449 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 450 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 451 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 452 "\xdd\xdd", 453 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 454 "\xaa\xaa\xaa\xaa", 455 { 0x88, 0x06, 0x26, 0x08, 0xd3, 0xe6, 0xad, 0x8a, 456 0x0a, 0xa2, 0xac, 0xe0, 0x14, 0xc8, 0xa8, 0x6f, 457 0x0a, 0xa6, 0x35, 0xd9, 0x47, 0xac, 0x9f, 0xeb, 458 0xe8, 0x3e, 0xf4, 0xe5, 0x59, 0x66, 0x14, 0x4b, 459 0x2a, 0x5a, 0xb3, 0x9d, 0xc1, 0x38, 0x14, 0xb9, 460 0x4e, 0x3a, 0xb6, 0xe1, 0x01, 0xa3, 0x4f, 0x27 } }, 461 462 { "data-50 key-26", 463 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 464 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 465 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 466 "\xcd\xcd", 467 "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" 468 "\x11\x12\x13\x14\x15\x16\x17\x18\x19", 469 { 0x3e, 0x8a, 0x69, 0xb7, 0x78, 0x3c, 0x25, 0x85, 470 0x19, 0x33, 0xab, 0x62, 0x90, 0xaf, 0x6c, 0xa7, 471 0x7a, 0x99, 0x81, 0x48, 0x08, 0x50, 0x00, 0x9c, 472 0xc5, 0x57, 0x7c, 0x6e, 0x1f, 0x57, 0x3b, 0x4e, 473 0x68, 0x01, 0xdd, 0x23, 0xc4, 0xa7, 0xd6, 0x79, 474 0xcc, 0xf8, 0xa3, 0x86, 0xc6, 0x74, 0xcf, 0xfb } }, 475 476 { "data-54 key-131", 477 "Test Using Larger Than Block-Size Key - Hash Key First", 478 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 479 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 480 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 481 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 482 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 483 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 484 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 485 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 486 "\xaa\xaa\xaa", 487 { 0x4e, 0xce, 0x08, 0x44, 0x85, 0x81, 0x3e, 0x90, 488 0x88, 0xd2, 0xc6, 0x3a, 0x04, 0x1b, 0xc5, 0xb4, 489 0x4f, 0x9e, 0xf1, 0x01, 0x2a, 0x2b, 0x58, 0x8f, 490 0x3c, 0xd1, 0x1f, 0x05, 0x03, 0x3a, 0xc4, 0xc6, 491 0x0c, 0x2e, 0xf6, 0xab, 0x40, 0x30, 0xfe, 0x82, 492 0x96, 0x24, 0x8d, 0xf1, 0x63, 0xf4, 0x49, 0x52 } }, 493 494 { "data-152 key-131", 495 "This is a test using a larger than block-size key and a larger " 496 "than block-size data. The key needs to be hashed before being " 497 "used by the HMAC algorithm.", 498 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 499 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 500 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 501 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 502 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 503 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 504 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 505 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 506 "\xaa\xaa\xaa", 507 { 0x66, 0x17, 0x17, 0x8e, 0x94, 0x1f, 0x02, 0x0d, 508 0x35, 0x1e, 0x2f, 0x25, 0x4e, 0x8f, 0xd3, 0x2c, 509 0x60, 0x24, 0x20, 0xfe, 0xb0, 0xb8, 0xfb, 0x9a, 510 0xdc, 0xce, 0xbb, 0x82, 0x46, 0x1e, 0x99, 0xc5, 511 0xa6, 0x78, 0xcc, 0x31, 0xe7, 0x99, 0x17, 0x6d, 512 0x38, 0x60, 0xe6, 0x11, 0x0c, 0x46, 0x52, 0x3e } }, 513 514 { NULL } 515 }; 516 const char *what; 517 const char *errtxt; 518 int tvidx; 519 520 for (tvidx=0; tv[tvidx].desc; tvidx++) 521 { 522 what = tv[tvidx].desc; 523 errtxt = check_one (GCRY_MD_SHA384, 524 tv[tvidx].data, strlen (tv[tvidx].data), 525 tv[tvidx].key, strlen (tv[tvidx].key), 526 tv[tvidx].expect, DIM (tv[tvidx].expect) ); 527 if (errtxt) 528 goto failed; 529 if (!extended) 530 break; 531 } 532 533 return 0; /* Succeeded. */ 534 535 failed: 536 if (report) 537 report ("hmac", GCRY_MD_SHA384, what, errtxt); 538 return GPG_ERR_SELFTEST_FAILED; 539} 540 541 542static gpg_err_code_t 543selftests_sha512 (int extended, selftest_report_func_t report) 544{ 545 static struct 546 { 547 const char * const desc; 548 const char * const data; 549 const char * const key; 550 const char expect[64]; 551 } tv[] = 552 { 553 { "data-28 key-4", 554 "what do ya want for nothing?", 555 "Jefe", 556 { 0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2, 557 0xe3, 0x95, 0xfb, 0xe7, 0x3b, 0x56, 0xe0, 0xa3, 558 0x87, 0xbd, 0x64, 0x22, 0x2e, 0x83, 0x1f, 0xd6, 559 0x10, 0x27, 0x0c, 0xd7, 0xea, 0x25, 0x05, 0x54, 560 0x97, 0x58, 0xbf, 0x75, 0xc0, 0x5a, 0x99, 0x4a, 561 0x6d, 0x03, 0x4f, 0x65, 0xf8, 0xf0, 0xe6, 0xfd, 562 0xca, 0xea, 0xb1, 0xa3, 0x4d, 0x4a, 0x6b, 0x4b, 563 0x63, 0x6e, 0x07, 0x0a, 0x38, 0xbc, 0xe7, 0x37 } }, 564 565 { "data-9 key-20", 566 "Hi There", 567 "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" 568 "\x0b\x0b\x0b\x0b", 569 { 0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 570 0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0, 571 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 572 0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 573 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7, 0x02, 574 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 575 0xbe, 0x9d, 0x91, 0x4e, 0xeb, 0x61, 0xf1, 0x70, 576 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54 } }, 577 578 { "data-50 key-20", 579 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 580 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 581 "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" 582 "\xdd\xdd", 583 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 584 "\xaa\xaa\xaa\xaa", 585 { 0xfa, 0x73, 0xb0, 0x08, 0x9d, 0x56, 0xa2, 0x84, 586 0xef, 0xb0, 0xf0, 0x75, 0x6c, 0x89, 0x0b, 0xe9, 587 0xb1, 0xb5, 0xdb, 0xdd, 0x8e, 0xe8, 0x1a, 0x36, 588 0x55, 0xf8, 0x3e, 0x33, 0xb2, 0x27, 0x9d, 0x39, 589 0xbf, 0x3e, 0x84, 0x82, 0x79, 0xa7, 0x22, 0xc8, 590 0x06, 0xb4, 0x85, 0xa4, 0x7e, 0x67, 0xc8, 0x07, 591 0xb9, 0x46, 0xa3, 0x37, 0xbe, 0xe8, 0x94, 0x26, 592 0x74, 0x27, 0x88, 0x59, 0xe1, 0x32, 0x92, 0xfb } }, 593 594 { "data-50 key-26", 595 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 596 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 597 "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" 598 "\xcd\xcd", 599 "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" 600 "\x11\x12\x13\x14\x15\x16\x17\x18\x19", 601 { 0xb0, 0xba, 0x46, 0x56, 0x37, 0x45, 0x8c, 0x69, 602 0x90, 0xe5, 0xa8, 0xc5, 0xf6, 0x1d, 0x4a, 0xf7, 603 0xe5, 0x76, 0xd9, 0x7f, 0xf9, 0x4b, 0x87, 0x2d, 604 0xe7, 0x6f, 0x80, 0x50, 0x36, 0x1e, 0xe3, 0xdb, 605 0xa9, 0x1c, 0xa5, 0xc1, 0x1a, 0xa2, 0x5e, 0xb4, 606 0xd6, 0x79, 0x27, 0x5c, 0xc5, 0x78, 0x80, 0x63, 607 0xa5, 0xf1, 0x97, 0x41, 0x12, 0x0c, 0x4f, 0x2d, 608 0xe2, 0xad, 0xeb, 0xeb, 0x10, 0xa2, 0x98, 0xdd } }, 609 610 { "data-54 key-131", 611 "Test Using Larger Than Block-Size Key - Hash Key First", 612 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 613 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 614 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 615 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 616 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 617 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 618 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 619 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 620 "\xaa\xaa\xaa", 621 { 0x80, 0xb2, 0x42, 0x63, 0xc7, 0xc1, 0xa3, 0xeb, 622 0xb7, 0x14, 0x93, 0xc1, 0xdd, 0x7b, 0xe8, 0xb4, 623 0x9b, 0x46, 0xd1, 0xf4, 0x1b, 0x4a, 0xee, 0xc1, 624 0x12, 0x1b, 0x01, 0x37, 0x83, 0xf8, 0xf3, 0x52, 625 0x6b, 0x56, 0xd0, 0x37, 0xe0, 0x5f, 0x25, 0x98, 626 0xbd, 0x0f, 0xd2, 0x21, 0x5d, 0x6a, 0x1e, 0x52, 627 0x95, 0xe6, 0x4f, 0x73, 0xf6, 0x3f, 0x0a, 0xec, 628 0x8b, 0x91, 0x5a, 0x98, 0x5d, 0x78, 0x65, 0x98 } }, 629 630 { "data-152 key-131", 631 "This is a test using a larger than block-size key and a larger " 632 "than block-size data. The key needs to be hashed before being " 633 "used by the HMAC algorithm.", 634 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 635 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 636 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 637 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 638 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 639 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 640 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 641 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" 642 "\xaa\xaa\xaa", 643 { 0xe3, 0x7b, 0x6a, 0x77, 0x5d, 0xc8, 0x7d, 0xba, 644 0xa4, 0xdf, 0xa9, 0xf9, 0x6e, 0x5e, 0x3f, 0xfd, 645 0xde, 0xbd, 0x71, 0xf8, 0x86, 0x72, 0x89, 0x86, 646 0x5d, 0xf5, 0xa3, 0x2d, 0x20, 0xcd, 0xc9, 0x44, 647 0xb6, 0x02, 0x2c, 0xac, 0x3c, 0x49, 0x82, 0xb1, 648 0x0d, 0x5e, 0xeb, 0x55, 0xc3, 0xe4, 0xde, 0x15, 649 0x13, 0x46, 0x76, 0xfb, 0x6d, 0xe0, 0x44, 0x60, 650 0x65, 0xc9, 0x74, 0x40, 0xfa, 0x8c, 0x6a, 0x58 } }, 651 652 { NULL } 653 }; 654 const char *what; 655 const char *errtxt; 656 int tvidx; 657 658 for (tvidx=0; tv[tvidx].desc; tvidx++) 659 { 660 what = tv[tvidx].desc; 661 errtxt = check_one (GCRY_MD_SHA512, 662 tv[tvidx].data, strlen (tv[tvidx].data), 663 tv[tvidx].key, strlen (tv[tvidx].key), 664 tv[tvidx].expect, DIM (tv[tvidx].expect) ); 665 if (errtxt) 666 goto failed; 667 if (!extended) 668 break; 669 } 670 671 return 0; /* Succeeded. */ 672 673 failed: 674 if (report) 675 report ("hmac", GCRY_MD_SHA512, what, errtxt); 676 return GPG_ERR_SELFTEST_FAILED; 677} 678 679 680 681/* Run a full self-test for ALGO and return 0 on success. */ 682static gpg_err_code_t 683run_selftests (int algo, int extended, selftest_report_func_t report) 684{ 685 gpg_err_code_t ec; 686 687 switch (algo) 688 { 689 case GCRY_MD_SHA1: 690 ec = selftests_sha1 (extended, report); 691 break; 692 case GCRY_MD_SHA224: 693 ec = selftests_sha224 (extended, report); 694 break; 695 case GCRY_MD_SHA256: 696 ec = selftests_sha256 (extended, report); 697 break; 698 case GCRY_MD_SHA384: 699 ec = selftests_sha384 (extended, report); 700 break; 701 case GCRY_MD_SHA512: 702 ec = selftests_sha512 (extended, report); 703 break; 704 default: 705 ec = GPG_ERR_DIGEST_ALGO; 706 break; 707 } 708 return ec; 709} 710 711 712 713 714/* Run the selftests for HMAC with digest algorithm ALGO with optional 715 reporting function REPORT. */ 716gpg_error_t 717_gcry_hmac_selftest (int algo, int extended, selftest_report_func_t report) 718{ 719 gcry_err_code_t ec = 0; 720 721 if (!gcry_md_test_algo (algo)) 722 { 723 ec = run_selftests (algo, extended, report); 724 } 725 else 726 { 727 ec = GPG_ERR_DIGEST_ALGO; 728 if (report) 729 report ("hmac", algo, "module", "algorithm not available"); 730 } 731 return gpg_error (ec); 732} 733