diff options
-rw-r--r-- | hash.c | 184 | ||||
-rw-r--r-- | tests/test-hash.c | 472 |
2 files changed, 645 insertions, 11 deletions
@@ -45,8 +45,19 @@ #include "cryptech.h" -/* Longest digest block we support at the moment */ +/* + * Longest block and digest we support at the moment. + */ + #define MAX_BLOCK_LEN SHA512_BLOCK_LEN +#define MAX_DIGEST_LEN SHA512_DIGEST_LEN + +/* + * HMAC magic numbers. + */ + +#define HMAC_IPAD 0x36 +#define HMAC_OPAD 0x5c /* * Driver. This encapsulates whatever per-algorithm voodoo we need @@ -87,10 +98,22 @@ typedef struct { } internal_hash_state_t; /* - * Drivers and descriptors for known digest algorithms. + * HMAC state. */ -/* Drivers */ +typedef struct { + internal_hash_state_t hash_state; /* Hash state */ + uint8_t keybuf[MAX_BLOCK_LEN]; /* HMAC key */ + size_t keylen; /* Length of HMAC key */ +} internal_hmac_state_t; + +/* + * Drivers for known digest algorithms. + * + * Initialization of the core_name field is not a typo, we're + * concatenating two string constants and trusting the compiler to + * whine if the resulting string doesn't fit into the field. + */ static const driver_t sha1_driver = { SHA1_LENGTH_LEN, @@ -134,41 +157,46 @@ static const driver_t sha512_driver = { MODE_SHA_512 }; -/* Descriptors */ +/* + * Descriptors. Yes, the {hash,hmac}_state_length fields are a bit + * repetitive given that they (currently) have the same value + * regardless of algorithm, but we don't want to wire in that + * assumption, so it's simplest to be explicit. + */ const hal_hash_descriptor_t hal_hash_sha1 = { SHA1_BLOCK_LEN, SHA1_DIGEST_LEN, - sizeof(internal_hash_state_t), 0, + sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha1_driver }; const hal_hash_descriptor_t hal_hash_sha256 = { SHA256_BLOCK_LEN, SHA256_DIGEST_LEN, - sizeof(internal_hash_state_t), 0, + sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha256_driver }; const hal_hash_descriptor_t hal_hash_sha512_224 = { SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, - sizeof(internal_hash_state_t), 0, + sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha512_224_driver }; const hal_hash_descriptor_t hal_hash_sha512_256 = { SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, - sizeof(internal_hash_state_t), 0, + sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha512_256_driver }; const hal_hash_descriptor_t hal_hash_sha384 = { SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, - sizeof(internal_hash_state_t), 0, + sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha384_driver }; const hal_hash_descriptor_t hal_hash_sha512 = { SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, - sizeof(internal_hash_state_t), 0, + sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha512_driver }; @@ -292,7 +320,7 @@ static hal_error_t hash_read_digest(const driver_t * const driver, */ hal_error_t hal_hash_update(hal_hash_state_t opaque_state, /* Opaque state block */ - const uint8_t * const data_buffer, /* Data to be hashed */ + const uint8_t * const data_buffer, /* Data to be hashed */ size_t data_buffer_length) /* Length of data_buffer */ { internal_hash_state_t *state = opaque_state.state; @@ -424,6 +452,140 @@ hal_error_t hal_hash_finalize(hal_hash_state_t opaque_state, /* Opaqu } /* + * Initialize HMAC state. + */ + +hal_error_t hal_hmac_initialize(const hal_hash_descriptor_t * const descriptor, + hal_hmac_state_t *opaque_state, + void *state_buffer, const size_t state_length, + const uint8_t * const key, const size_t key_length) +{ + const driver_t * const driver = check_driver(descriptor); + internal_hmac_state_t *state = state_buffer; + internal_hash_state_t *h = &state->hash_state; + hal_hash_state_t oh; + hal_error_t err; + int i; + + if (descriptor == NULL || driver == NULL || state == NULL || opaque_state == NULL || + state_length < descriptor->hmac_state_length) + return HAL_ERROR_BAD_ARGUMENTS; + + /* + * RFC 2104 frowns upon keys shorter than the digest length. + */ + + if (key_length < descriptor->digest_length) + return HAL_ERROR_UNSUPPORTED_KEY; + + if ((err = hal_hash_initialize(descriptor, &oh, h, sizeof(*h))) != HAL_OK) + return err; + + memset(state->keybuf, 0, sizeof(state->keybuf)); + + /* + * If the supplied HMAC key is longer than the hash block length, we + * need to hash the supplied HMAC key to get the real HMAC key. + * Otherwise, we just use the supplied HMAC key directly. + */ + + if (key_length > descriptor->block_length) { + if ((err = hal_hash_update(oh, key, key_length)) != HAL_OK || + (err = hal_hash_finalize(oh, state->keybuf, sizeof(state->keybuf))) != HAL_OK || + (err = hal_hash_initialize(descriptor, &oh, h, sizeof(*h))) != HAL_OK) + return err; + state->keylen = descriptor->digest_length; + } + + else { + memcpy(state->keybuf, key, key_length); + state->keylen = key_length; + } + + /* + * XOR the key with the IPAD value, then start the inner hash. + */ + + for (i = 0; i < state->keylen; i++) + state->keybuf[i] ^= HMAC_IPAD; + + if ((err = hal_hash_update(oh, state->keybuf, state->keylen)) != HAL_OK) + return err; + + /* + * Prepare the key for the final hash. Since we just XORed key with + * IPAD, we need to XOR with both IPAD and OPAD to get key XOR OPAD. + */ + + for (i = 0; i < state->keylen; i++) + state->keybuf[i] ^= HMAC_IPAD ^ HMAC_OPAD; + + /* + * If we had some good way of saving all of our state (including + * state internal to the hash core), this would be a good place to + * do it, since it might speed up algorithms like PBKDF2 which do + * repeated HMAC operations using the same key. Revisit this if and + * when the hash cores support such a thing. + */ + + opaque_state->state = state; + + return HAL_OK; +} + +/* + * Add data to HMAC. + */ + +hal_error_t hal_hmac_update(const hal_hmac_state_t opaque_state, + const uint8_t * data, const size_t length) +{ + internal_hmac_state_t *state = opaque_state.state; + internal_hash_state_t *h = &state->hash_state; + hal_hash_state_t oh = { h }; + + if (state == NULL || data == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + + return hal_hash_update(oh, data, length); +} + +/* + * Finish and return HMAC. + */ + +hal_error_t hal_hmac_finalize(const hal_hmac_state_t opaque_state, + uint8_t *hmac, const size_t length) +{ + internal_hmac_state_t *state = opaque_state.state; + internal_hash_state_t *h = &state->hash_state; + const hal_hash_descriptor_t *descriptor; + hal_hash_state_t oh = { h }; + uint8_t d[MAX_DIGEST_LEN]; + hal_error_t err; + + if (state == NULL || hmac == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + + descriptor = h->descriptor; + assert(descriptor != NULL && descriptor->digest_length <= sizeof(d)); + + /* + * Finish up inner hash and extract digest, then perform outer hash + * to get HMAC. Key was prepared for this in hal_hmac_initialize(). + */ + + if ((err = hal_hash_finalize(oh, d, sizeof(d))) != HAL_OK || + (err = hal_hash_initialize(descriptor, &oh, h, sizeof(*h))) != HAL_OK || + (err = hal_hash_update(oh, state->keybuf, state->keylen)) != HAL_OK || + (err = hal_hash_update(oh, d, descriptor->digest_length)) != HAL_OK || + (err = hal_hash_finalize(oh, hmac, length)) != HAL_OK) + return err; + + return HAL_OK; +} + +/* * "Any programmer who fails to comply with the standard naming, formatting, * or commenting conventions should be shot. If it so happens that it is * inconvenient to shoot him, then he is to be politely requested to recode diff --git a/tests/test-hash.c b/tests/test-hash.c index 92acdfd..7cb3ce7 100644 --- a/tests/test-hash.c +++ b/tests/test-hash.c @@ -124,6 +124,379 @@ static const uint8_t sha512_double_digest[] = { /* 64 bytes */ 0x87, 0x4b, 0xe9, 0x09 }; +/* HMAC-SHA-1 test cases from RFC 2202. */ + +static const uint8_t hmac_sha1_tc_1_key[] = { /* 20 bytes */ + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b +}; + +/* 'Hi There' */ +static const uint8_t hmac_sha1_tc_1_data[] = { /* 8 bytes */ + 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 +}; + +static const uint8_t hmac_sha1_tc_1_result_sha1[] = { /* 20 bytes */ + 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xe2, 0x8b, 0xc0, 0xb6, + 0xfb, 0x37, 0x8c, 0x8e, 0xf1, 0x46, 0xbe, 0x00 +}; + +/* 'Jefe' */ +static const uint8_t hmac_sha1_tc_2_key[] = { /* 4 bytes */ + 0x4a, 0x65, 0x66, 0x65 +}; + +/* 'what do ya want for nothing?' */ +static const uint8_t hmac_sha1_tc_2_data[] = { /* 28 bytes */ + 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, 0x79, 0x61, 0x20, 0x77, + 0x61, 0x6e, 0x74, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, + 0x69, 0x6e, 0x67, 0x3f +}; + +static const uint8_t hmac_sha1_tc_2_result_sha1[] = { /* 20 bytes */ + 0xef, 0xfc, 0xdf, 0x6a, 0xe5, 0xeb, 0x2f, 0xa2, 0xd2, 0x74, 0x16, 0xd5, + 0xf1, 0x84, 0xdf, 0x9c, 0x25, 0x9a, 0x7c, 0x79 +}; + +static const uint8_t hmac_sha1_tc_3_key[] = { /* 20 bytes */ + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa +}; + +static const uint8_t hmac_sha1_tc_3_data[] = { /* 50 bytes */ + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd +}; + +static const uint8_t hmac_sha1_tc_3_result_sha1[] = { /* 20 bytes */ + 0x12, 0x5d, 0x73, 0x42, 0xb9, 0xac, 0x11, 0xcd, 0x91, 0xa3, 0x9a, 0xf4, + 0x8a, 0xa1, 0x7b, 0x4f, 0x63, 0xf1, 0x75, 0xd3 +}; + +static const uint8_t hmac_sha1_tc_4_key[] = { /* 25 bytes */ + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, + 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19 +}; + +static const uint8_t hmac_sha1_tc_4_data[] = { /* 50 bytes */ + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd +}; + +static const uint8_t hmac_sha1_tc_4_result_sha1[] = { /* 20 bytes */ + 0x4c, 0x90, 0x07, 0xf4, 0x02, 0x62, 0x50, 0xc6, 0xbc, 0x84, 0x14, 0xf9, + 0xbf, 0x50, 0xc8, 0x6c, 0x2d, 0x72, 0x35, 0xda +}; + +static const uint8_t hmac_sha1_tc_5_key[] = { /* 20 bytes */ + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c +}; + +/* 'Test With Truncation' */ +static const uint8_t hmac_sha1_tc_5_data[] = { /* 20 bytes */ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x57, 0x69, 0x74, 0x68, 0x20, 0x54, 0x72, + 0x75, 0x6e, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e +}; + +static const uint8_t hmac_sha1_tc_5_result_sha1[] = { /* 20 bytes */ + 0x4c, 0x1a, 0x03, 0x42, 0x4b, 0x55, 0xe0, 0x7f, 0xe7, 0xf2, 0x7b, 0xe1, + 0xd5, 0x8b, 0xb9, 0x32, 0x4a, 0x9a, 0x5a, 0x04 +}; + +static const uint8_t hmac_sha1_tc_6_key[] = { /* 80 bytes */ + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa +}; + +/* 'Test Using Larger Than Block-Size Key - Hash Key First' */ +static const uint8_t hmac_sha1_tc_6_data[] = { /* 54 bytes */ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x4c, + 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20, 0x4b, 0x65, + 0x79, 0x20, 0x2d, 0x20, 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, + 0x20, 0x46, 0x69, 0x72, 0x73, 0x74 +}; + +static const uint8_t hmac_sha1_tc_6_result_sha1[] = { /* 20 bytes */ + 0xaa, 0x4a, 0xe5, 0xe1, 0x52, 0x72, 0xd0, 0x0e, 0x95, 0x70, 0x56, 0x37, + 0xce, 0x8a, 0x3b, 0x55, 0xed, 0x40, 0x21, 0x12 +}; + +static const uint8_t hmac_sha1_tc_7_key[] = { /* 80 bytes */ + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa +}; + +/* 'Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data' */ +static const uint8_t hmac_sha1_tc_7_data[] = { /* 73 bytes */ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x4c, + 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20, 0x4b, 0x65, + 0x79, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x4c, 0x61, 0x72, 0x67, 0x65, 0x72, + 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x4f, 0x6e, 0x65, 0x20, 0x42, 0x6c, + 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20, 0x44, 0x61, 0x74, 0x61 +}; + +static const uint8_t hmac_sha1_tc_7_result_sha1[] = { /* 20 bytes */ + 0xe8, 0xe9, 0x9d, 0x0f, 0x45, 0x23, 0x7d, 0x78, 0x6d, 0x6b, 0xba, 0xa7, + 0x96, 0x5c, 0x78, 0x08, 0xbb, 0xff, 0x1a, 0x91 +}; + +/* HMAC-SHA-2 test cases from RFC 4231. */ + +static const uint8_t hmac_sha2_tc_1_key[] = { /* 20 bytes */ + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b +}; + +/* 'Hi There' */ +static const uint8_t hmac_sha2_tc_1_data[] = { /* 8 bytes */ + 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 +}; + +static const uint8_t hmac_sha2_tc_1_result_sha256[] = { /* 32 bytes */ + 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, + 0xaf, 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, + 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 +}; + +static const uint8_t hmac_sha2_tc_1_result_sha384[] = { /* 48 bytes */ + 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 0x6b, 0x08, 0x25, 0xf4, + 0xab, 0x46, 0x90, 0x7f, 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, + 0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb, 0xc5, 0x9c, 0xfa, 0xea, 0x9e, 0xa9, + 0x07, 0x6e, 0xde, 0x7f, 0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6 +}; + +static const uint8_t hmac_sha2_tc_1_result_sha512[] = { /* 64 bytes */ + 0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, + 0x1a, 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, + 0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, + 0xd6, 0xb8, 0xa7, 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, + 0xbe, 0x9d, 0x91, 0x4e, 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, + 0x3a, 0x12, 0x68, 0x54 +}; + +/* 'Jefe' */ +static const uint8_t hmac_sha2_tc_2_key[] = { /* 4 bytes */ + 0x4a, 0x65, 0x66, 0x65 +}; + +/* 'what do ya want for nothing?' */ +static const uint8_t hmac_sha2_tc_2_data[] = { /* 28 bytes */ + 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, 0x79, 0x61, 0x20, 0x77, + 0x61, 0x6e, 0x74, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, + 0x69, 0x6e, 0x67, 0x3f +}; + +static const uint8_t hmac_sha2_tc_2_result_sha256[] = { /* 32 bytes */ + 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, 0x6a, 0x04, 0x24, 0x26, + 0x08, 0x95, 0x75, 0xc7, 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, + 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 +}; + +static const uint8_t hmac_sha2_tc_2_result_sha384[] = { /* 48 bytes */ + 0xaf, 0x45, 0xd2, 0xe3, 0x76, 0x48, 0x40, 0x31, 0x61, 0x7f, 0x78, 0xd2, + 0xb5, 0x8a, 0x6b, 0x1b, 0x9c, 0x7e, 0xf4, 0x64, 0xf5, 0xa0, 0x1b, 0x47, + 0xe4, 0x2e, 0xc3, 0x73, 0x63, 0x22, 0x44, 0x5e, 0x8e, 0x22, 0x40, 0xca, + 0x5e, 0x69, 0xe2, 0xc7, 0x8b, 0x32, 0x39, 0xec, 0xfa, 0xb2, 0x16, 0x49 +}; + +static const uint8_t hmac_sha2_tc_2_result_sha512[] = { /* 64 bytes */ + 0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2, 0xe3, 0x95, 0xfb, 0xe7, + 0x3b, 0x56, 0xe0, 0xa3, 0x87, 0xbd, 0x64, 0x22, 0x2e, 0x83, 0x1f, 0xd6, + 0x10, 0x27, 0x0c, 0xd7, 0xea, 0x25, 0x05, 0x54, 0x97, 0x58, 0xbf, 0x75, + 0xc0, 0x5a, 0x99, 0x4a, 0x6d, 0x03, 0x4f, 0x65, 0xf8, 0xf0, 0xe6, 0xfd, + 0xca, 0xea, 0xb1, 0xa3, 0x4d, 0x4a, 0x6b, 0x4b, 0x63, 0x6e, 0x07, 0x0a, + 0x38, 0xbc, 0xe7, 0x37 +}; + +static const uint8_t hmac_sha2_tc_3_key[] = { /* 20 bytes */ + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa +}; + +static const uint8_t hmac_sha2_tc_3_data[] = { /* 50 bytes */ + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd +}; + +static const uint8_t hmac_sha2_tc_3_result_sha256[] = { /* 32 bytes */ + 0x77, 0x3e, 0xa9, 0x1e, 0x36, 0x80, 0x0e, 0x46, 0x85, 0x4d, 0xb8, 0xeb, + 0xd0, 0x91, 0x81, 0xa7, 0x29, 0x59, 0x09, 0x8b, 0x3e, 0xf8, 0xc1, 0x22, + 0xd9, 0x63, 0x55, 0x14, 0xce, 0xd5, 0x65, 0xfe +}; + +static const uint8_t hmac_sha2_tc_3_result_sha384[] = { /* 48 bytes */ + 0x88, 0x06, 0x26, 0x08, 0xd3, 0xe6, 0xad, 0x8a, 0x0a, 0xa2, 0xac, 0xe0, + 0x14, 0xc8, 0xa8, 0x6f, 0x0a, 0xa6, 0x35, 0xd9, 0x47, 0xac, 0x9f, 0xeb, + 0xe8, 0x3e, 0xf4, 0xe5, 0x59, 0x66, 0x14, 0x4b, 0x2a, 0x5a, 0xb3, 0x9d, + 0xc1, 0x38, 0x14, 0xb9, 0x4e, 0x3a, 0xb6, 0xe1, 0x01, 0xa3, 0x4f, 0x27 +}; + +static const uint8_t hmac_sha2_tc_3_result_sha512[] = { /* 64 bytes */ + 0xfa, 0x73, 0xb0, 0x08, 0x9d, 0x56, 0xa2, 0x84, 0xef, 0xb0, 0xf0, 0x75, + 0x6c, 0x89, 0x0b, 0xe9, 0xb1, 0xb5, 0xdb, 0xdd, 0x8e, 0xe8, 0x1a, 0x36, + 0x55, 0xf8, 0x3e, 0x33, 0xb2, 0x27, 0x9d, 0x39, 0xbf, 0x3e, 0x84, 0x82, + 0x79, 0xa7, 0x22, 0xc8, 0x06, 0xb4, 0x85, 0xa4, 0x7e, 0x67, 0xc8, 0x07, + 0xb9, 0x46, 0xa3, 0x37, 0xbe, 0xe8, 0x94, 0x26, 0x74, 0x27, 0x88, 0x59, + 0xe1, 0x32, 0x92, 0xfb +}; + +static const uint8_t hmac_sha2_tc_4_key[] = { /* 25 bytes */ + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, + 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19 +}; + +static const uint8_t hmac_sha2_tc_4_data[] = { /* 50 bytes */ + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd +}; + +static const uint8_t hmac_sha2_tc_4_result_sha256[] = { /* 32 bytes */ + 0x82, 0x55, 0x8a, 0x38, 0x9a, 0x44, 0x3c, 0x0e, 0xa4, 0xcc, 0x81, 0x98, + 0x99, 0xf2, 0x08, 0x3a, 0x85, 0xf0, 0xfa, 0xa3, 0xe5, 0x78, 0xf8, 0x07, + 0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29, 0x66, 0x5b +}; + +static const uint8_t hmac_sha2_tc_4_result_sha384[] = { /* 48 bytes */ + 0x3e, 0x8a, 0x69, 0xb7, 0x78, 0x3c, 0x25, 0x85, 0x19, 0x33, 0xab, 0x62, + 0x90, 0xaf, 0x6c, 0xa7, 0x7a, 0x99, 0x81, 0x48, 0x08, 0x50, 0x00, 0x9c, + 0xc5, 0x57, 0x7c, 0x6e, 0x1f, 0x57, 0x3b, 0x4e, 0x68, 0x01, 0xdd, 0x23, + 0xc4, 0xa7, 0xd6, 0x79, 0xcc, 0xf8, 0xa3, 0x86, 0xc6, 0x74, 0xcf, 0xfb +}; + +static const uint8_t hmac_sha2_tc_4_result_sha512[] = { /* 64 bytes */ + 0xb0, 0xba, 0x46, 0x56, 0x37, 0x45, 0x8c, 0x69, 0x90, 0xe5, 0xa8, 0xc5, + 0xf6, 0x1d, 0x4a, 0xf7, 0xe5, 0x76, 0xd9, 0x7f, 0xf9, 0x4b, 0x87, 0x2d, + 0xe7, 0x6f, 0x80, 0x50, 0x36, 0x1e, 0xe3, 0xdb, 0xa9, 0x1c, 0xa5, 0xc1, + 0x1a, 0xa2, 0x5e, 0xb4, 0xd6, 0x79, 0x27, 0x5c, 0xc5, 0x78, 0x80, 0x63, + 0xa5, 0xf1, 0x97, 0x41, 0x12, 0x0c, 0x4f, 0x2d, 0xe2, 0xad, 0xeb, 0xeb, + 0x10, 0xa2, 0x98, 0xdd +}; + +/* Skipping HMAC-SHA-2 test case 5. */ + +static const uint8_t hmac_sha2_tc_6_key[] = { /* 131 bytes */ + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa +}; + +/* 'Test Using Larger Than Block-Size Key - Hash Key First' */ +static const uint8_t hmac_sha2_tc_6_data[] = { /* 54 bytes */ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x4c, + 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20, 0x4b, 0x65, + 0x79, 0x20, 0x2d, 0x20, 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, + 0x20, 0x46, 0x69, 0x72, 0x73, 0x74 +}; + +static const uint8_t hmac_sha2_tc_6_result_sha256[] = { /* 32 bytes */ + 0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a, 0x26, 0xaa, + 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28, 0xc5, 0x14, + 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54 +}; + +static const uint8_t hmac_sha2_tc_6_result_sha384[] = { /* 48 bytes */ + 0x4e, 0xce, 0x08, 0x44, 0x85, 0x81, 0x3e, 0x90, 0x88, 0xd2, 0xc6, 0x3a, + 0x04, 0x1b, 0xc5, 0xb4, 0x4f, 0x9e, 0xf1, 0x01, 0x2a, 0x2b, 0x58, 0x8f, + 0x3c, 0xd1, 0x1f, 0x05, 0x03, 0x3a, 0xc4, 0xc6, 0x0c, 0x2e, 0xf6, 0xab, + 0x40, 0x30, 0xfe, 0x82, 0x96, 0x24, 0x8d, 0xf1, 0x63, 0xf4, 0x49, 0x52 +}; + +static const uint8_t hmac_sha2_tc_6_result_sha512[] = { /* 64 bytes */ + 0x80, 0xb2, 0x42, 0x63, 0xc7, 0xc1, 0xa3, 0xeb, 0xb7, 0x14, 0x93, 0xc1, + 0xdd, 0x7b, 0xe8, 0xb4, 0x9b, 0x46, 0xd1, 0xf4, 0x1b, 0x4a, 0xee, 0xc1, + 0x12, 0x1b, 0x01, 0x37, 0x83, 0xf8, 0xf3, 0x52, 0x6b, 0x56, 0xd0, 0x37, + 0xe0, 0x5f, 0x25, 0x98, 0xbd, 0x0f, 0xd2, 0x21, 0x5d, 0x6a, 0x1e, 0x52, + 0x95, 0xe6, 0x4f, 0x73, 0xf6, 0x3f, 0x0a, 0xec, 0x8b, 0x91, 0x5a, 0x98, + 0x5d, 0x78, 0x65, 0x98 +}; + +static const uint8_t hmac_sha2_tc_7_key[] = { /* 131 bytes */ + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa +}; + +/* 'This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.' */ +static const uint8_t hmac_sha2_tc_7_data[] = { /* 152 bytes */ + 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, 0x74, 0x65, + 0x73, 0x74, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x61, 0x20, 0x6c, + 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x74, 0x68, 0x61, 0x6e, 0x20, 0x62, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x6b, 0x65, + 0x79, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x61, 0x20, 0x6c, 0x61, 0x72, 0x67, + 0x65, 0x72, 0x20, 0x74, 0x68, 0x61, 0x6e, 0x20, 0x62, 0x6c, 0x6f, 0x63, + 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x2e, + 0x20, 0x54, 0x68, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x6e, 0x65, 0x65, + 0x64, 0x73, 0x20, 0x74, 0x6f, 0x20, 0x62, 0x65, 0x20, 0x68, 0x61, 0x73, + 0x68, 0x65, 0x64, 0x20, 0x62, 0x65, 0x66, 0x6f, 0x72, 0x65, 0x20, 0x62, + 0x65, 0x69, 0x6e, 0x67, 0x20, 0x75, 0x73, 0x65, 0x64, 0x20, 0x62, 0x79, + 0x20, 0x74, 0x68, 0x65, 0x20, 0x48, 0x4d, 0x41, 0x43, 0x20, 0x61, 0x6c, + 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x2e +}; + +static const uint8_t hmac_sha2_tc_7_result_sha256[] = { /* 32 bytes */ + 0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, 0x27, 0x63, 0x5f, 0xbc, + 0xd5, 0xb0, 0xe9, 0x44, 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07, 0x13, 0x93, + 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2 +}; + +static const uint8_t hmac_sha2_tc_7_result_sha384[] = { /* 48 bytes */ + 0x66, 0x17, 0x17, 0x8e, 0x94, 0x1f, 0x02, 0x0d, 0x35, 0x1e, 0x2f, 0x25, + 0x4e, 0x8f, 0xd3, 0x2c, 0x60, 0x24, 0x20, 0xfe, 0xb0, 0xb8, 0xfb, 0x9a, + 0xdc, 0xce, 0xbb, 0x82, 0x46, 0x1e, 0x99, 0xc5, 0xa6, 0x78, 0xcc, 0x31, + 0xe7, 0x99, 0x17, 0x6d, 0x38, 0x60, 0xe6, 0x11, 0x0c, 0x46, 0x52, 0x3e +}; + +static const uint8_t hmac_sha2_tc_7_result_sha512[] = { /* 64 bytes */ + 0xe3, 0x7b, 0x6a, 0x77, 0x5d, 0xc8, 0x7d, 0xba, 0xa4, 0xdf, 0xa9, 0xf9, + 0x6e, 0x5e, 0x3f, 0xfd, 0xde, 0xbd, 0x71, 0xf8, 0x86, 0x72, 0x89, 0x86, + 0x5d, 0xf5, 0xa3, 0x2d, 0x20, 0xcd, 0xc9, 0x44, 0xb6, 0x02, 0x2c, 0xac, + 0x3c, 0x49, 0x82, 0xb1, 0x0d, 0x5e, 0xeb, 0x55, 0xc3, 0xe4, 0xde, 0x15, + 0x13, 0x46, 0x76, 0xfb, 0x6d, 0xe0, 0x44, 0x60, 0x65, 0xc9, 0x74, 0x40, + 0xfa, 0x8c, 0x6a, 0x58 +}; + static int _test_hash(const hal_hash_descriptor_t * const descriptor, const uint8_t * const data, const size_t data_len, const uint8_t * const result, const size_t result_len, @@ -187,9 +560,76 @@ static int _test_hash(const hal_hash_descriptor_t * const descriptor, return 1; } +static int _test_hmac(const hal_hash_descriptor_t * const descriptor, + const uint8_t * const key, const size_t key_len, + const uint8_t * const data, const size_t data_len, + const uint8_t * const result, const size_t result_len, + const char * const label) +{ + uint8_t statebuf[1024], digest[512]; + hal_hmac_state_t state; + hal_error_t err; + + assert(descriptor != NULL && data != NULL && result != NULL && label != NULL); + assert(result_len <= sizeof(digest)); + assert(descriptor->hmac_state_length <= sizeof(statebuf)); + + printf("Starting %s test\n", label); + + err = hal_hash_core_present(descriptor); + + switch (err) { + + case HAL_OK: + break; + + case HAL_ERROR_IO_UNEXPECTED: + printf("Core not present, skipping test\n"); + return 1; + + default: + printf("Failed while checking for core: %s\n", hal_error_string(err)); + return 0; + } + + if ((err = hal_hmac_initialize(descriptor, &state, statebuf, sizeof(statebuf), key, key_len)) != HAL_OK) { + printf("Failed while initializing HMAC: %s\n", hal_error_string(err)); + return 0; + } + + if ((err = hal_hmac_update(state, data, data_len)) != HAL_OK) { + printf("Failed while updating HMAC: %s\n", hal_error_string(err)); + return 0; + } + + if ((err = hal_hmac_finalize(state, digest, sizeof(digest))) != HAL_OK) { + printf("Failed while finalizing HMAC: %s\n", hal_error_string(err)); + return 0; + } + + printf("Comparing result with known value\n"); + if (memcmp(result, digest, result_len)) { + size_t i; + printf("MISMATCH\nExpected:"); + for (i = 0; i < result_len; i++) + printf(" %02x", result[i]); + printf("\nGot: "); + for (i = 0; i < result_len; i++) + printf(" %02x", digest[i]); + printf("\n"); + return 0; + } + + printf("OK\n"); + return 1; +} + #define test_hash(_desc_, _data_, _result_, _label_) \ _test_hash(_desc_, _data_, sizeof(_data_), _result_, sizeof(_result_), _label_) +#define test_hmac(_desc_, _key_, _data_, _result_, _label_) \ + _test_hmac(_desc_, _key_, sizeof(_key_), _data_, sizeof(_data_), _result_, sizeof(_result_), _label_) + int main (int argc, char *argv[]) { int ok = 1; @@ -212,5 +652,37 @@ int main (int argc, char *argv[]) ok &= test_hash(&hal_hash_sha512, nist_1024_single, sha512_single_digest, "SHA-512 single block"); ok &= test_hash(&hal_hash_sha512, nist_1024_double, sha512_double_digest, "SHA-512 double block"); + ok &= test_hmac(&hal_hash_sha1, hmac_sha1_tc_1_key, hmac_sha1_tc_1_data, hmac_sha1_tc_1_result_sha1, "HMAC-SHA-1 test case 1"); + ok &= test_hmac(&hal_hash_sha1, hmac_sha1_tc_2_key, hmac_sha1_tc_2_data, hmac_sha1_tc_2_result_sha1, "HMAC-SHA-1 test case 2"); + ok &= test_hmac(&hal_hash_sha1, hmac_sha1_tc_3_key, hmac_sha1_tc_3_data, hmac_sha1_tc_3_result_sha1, "HMAC-SHA-1 test case 3"); + ok &= test_hmac(&hal_hash_sha1, hmac_sha1_tc_4_key, hmac_sha1_tc_4_data, hmac_sha1_tc_4_result_sha1, "HMAC-SHA-1 test case 4"); + ok &= test_hmac(&hal_hash_sha1, hmac_sha1_tc_5_key, hmac_sha1_tc_5_data, hmac_sha1_tc_5_result_sha1, "HMAC-SHA-1 test case 5"); + ok &= test_hmac(&hal_hash_sha1, hmac_sha1_tc_6_key, hmac_sha1_tc_6_data, hmac_sha1_tc_6_result_sha1, "HMAC-SHA-1 test case 6"); + ok &= test_hmac(&hal_hash_sha1, hmac_sha1_tc_7_key, hmac_sha1_tc_7_data, hmac_sha1_tc_7_result_sha1, "HMAC-SHA-1 test case 7"); + + ok &= test_hmac(&hal_hash_sha256, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha256, "HMAC-SHA-256 test case 1"); + ok &= test_hmac(&hal_hash_sha384, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha384, "HMAC-SHA-384 test case 1"); + ok &= test_hmac(&hal_hash_sha512, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha512, "HMAC-SHA-512 test case 1"); + + ok &= test_hmac(&hal_hash_sha256, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha256, "HMAC-SHA-256 test case 2"); + ok &= test_hmac(&hal_hash_sha384, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha384, "HMAC-SHA-384 test case 2"); + ok &= test_hmac(&hal_hash_sha512, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha512, "HMAC-SHA-512 test case 2"); + + ok &= test_hmac(&hal_hash_sha256, hmac_sha2_tc_3_key, hmac_sha2_tc_3_data, hmac_sha2_tc_3_result_sha256, "HMAC-SHA-256 test case 3"); + ok &= test_hmac(&hal_hash_sha384, hmac_sha2_tc_3_key, hmac_sha2_tc_3_data, hmac_sha2_tc_3_result_sha384, "HMAC-SHA-384 test case 3"); + ok &= test_hmac(&hal_hash_sha512, hmac_sha2_tc_3_key, hmac_sha2_tc_3_data, hmac_sha2_tc_3_result_sha512, "HMAC-SHA-512 test case 3"); + + ok &= test_hmac(&hal_hash_sha256, hmac_sha2_tc_4_key, hmac_sha2_tc_4_data, hmac_sha2_tc_4_result_sha256, "HMAC-SHA-256 test case 4"); + ok &= test_hmac(&hal_hash_sha384, hmac_sha2_tc_4_key, hmac_sha2_tc_4_data, hmac_sha2_tc_4_result_sha384, "HMAC-SHA-384 test case 4"); + ok &= test_hmac(&hal_hash_sha512, hmac_sha2_tc_4_key, hmac_sha2_tc_4_data, hmac_sha2_tc_4_result_sha512, "HMAC-SHA-512 test case 4"); + + ok &= test_hmac(&hal_hash_sha256, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha256, "HMAC-SHA-256 test case 6"); + ok &= test_hmac(&hal_hash_sha384, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha384, "HMAC-SHA-384 test case 6"); + ok &= test_hmac(&hal_hash_sha512, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha512, "HMAC-SHA-512 test case 6"); + + ok &= test_hmac(&hal_hash_sha256, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha256, "HMAC-SHA-256 test case 7"); + ok &= test_hmac(&hal_hash_sha384, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha384, "HMAC-SHA-384 test case 7"); + ok &= test_hmac(&hal_hash_sha512, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha512, "HMAC-SHA-512 test case 7"); + return !ok; } |