diff options
| author | Rob Austein <sra@hactrn.net> | 2015-06-05 13:51:08 -0400 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2015-06-05 13:51:08 -0400 |
| commit | f7a65af3e2505642e1006fa35138e87a8f69c37c (patch) | |
| tree | 3ee125a233ba8968ff0f79c68bf1d9337c0682e5 | |
| parent | 1655dbf3b2c44d600f9c71086fb403b3490a2343 (diff) | |
HMAC for truncated SHA-512 digests would probably work better if we
used the right digest length constants. Doh.
| -rw-r--r-- | hash.c | 6 | ||||
| -rw-r--r-- | tests/test-hash.c | 11 |
2 files changed, 3 insertions, 14 deletions
@@ -172,19 +172,19 @@ const hal_hash_descriptor_t hal_hash_sha256[1] = {{ }}; const hal_hash_descriptor_t hal_hash_sha512_224[1] = {{ - SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, + SHA512_BLOCK_LEN, SHA512_224_DIGEST_LEN, sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha512_224_driver }}; const hal_hash_descriptor_t hal_hash_sha512_256[1] = {{ - SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, + SHA512_BLOCK_LEN, SHA512_256_DIGEST_LEN, sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha512_256_driver }}; const hal_hash_descriptor_t hal_hash_sha384[1] = {{ - SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, + SHA512_BLOCK_LEN, SHA384_DIGEST_LEN, sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha384_driver }}; diff --git a/tests/test-hash.c b/tests/test-hash.c index 5ae040b..d5a5a14 100644 --- a/tests/test-hash.c +++ b/tests/test-hash.c @@ -697,23 +697,12 @@ int main (int argc, char *argv[]) ok &= test_hmac(hal_hash_sha256, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha256, "HMAC-SHA-256 test case 6"); ok &= test_hmac(hal_hash_sha256, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha256, "HMAC-SHA-256 test case 7"); -#if 0 - /* - * HMAC-SHA-384 doesn't work with the test vectors provided in RFC - * 4231. I have yet to find an implementation of HMAC-SHA-384 that - * /does/ work with those test vectors. Some day we should figure - * out what's going on here, but HMAC-SHA-384 is not currently on - * our critical path, and I have more urgent things to work on, so - * for now I'm just declaring HMAC-SHA-384 unsupported and disabling - * these tests until somebody has time to sort this out. - */ ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha384, "HMAC-SHA-384 test case 1"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha384, "HMAC-SHA-384 test case 2"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_3_key, hmac_sha2_tc_3_data, hmac_sha2_tc_3_result_sha384, "HMAC-SHA-384 test case 3"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_4_key, hmac_sha2_tc_4_data, hmac_sha2_tc_4_result_sha384, "HMAC-SHA-384 test case 4"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha384, "HMAC-SHA-384 test case 6"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha384, "HMAC-SHA-384 test case 7"); -#endif ok &= test_hmac(hal_hash_sha512, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha512, "HMAC-SHA-512 test case 1"); ok &= test_hmac(hal_hash_sha512, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha512, "HMAC-SHA-512 test case 2"); |