From f7a65af3e2505642e1006fa35138e87a8f69c37c Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Fri, 5 Jun 2015 13:51:08 -0400 Subject: HMAC for truncated SHA-512 digests would probably work better if we used the right digest length constants. Doh. --- hash.c | 6 +++--- tests/test-hash.c | 11 ----------- 2 files changed, 3 insertions(+), 14 deletions(-) diff --git a/hash.c b/hash.c index e0445f5..637eb7e 100644 --- a/hash.c +++ b/hash.c @@ -172,19 +172,19 @@ const hal_hash_descriptor_t hal_hash_sha256[1] = {{ }}; const hal_hash_descriptor_t hal_hash_sha512_224[1] = {{ - SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, + SHA512_BLOCK_LEN, SHA512_224_DIGEST_LEN, sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha512_224_driver }}; const hal_hash_descriptor_t hal_hash_sha512_256[1] = {{ - SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, + SHA512_BLOCK_LEN, SHA512_256_DIGEST_LEN, sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha512_256_driver }}; const hal_hash_descriptor_t hal_hash_sha384[1] = {{ - SHA512_BLOCK_LEN, SHA512_DIGEST_LEN, + SHA512_BLOCK_LEN, SHA384_DIGEST_LEN, sizeof(internal_hash_state_t), sizeof(internal_hmac_state_t), &sha384_driver }}; diff --git a/tests/test-hash.c b/tests/test-hash.c index 5ae040b..d5a5a14 100644 --- a/tests/test-hash.c +++ b/tests/test-hash.c @@ -697,23 +697,12 @@ int main (int argc, char *argv[]) ok &= test_hmac(hal_hash_sha256, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha256, "HMAC-SHA-256 test case 6"); ok &= test_hmac(hal_hash_sha256, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha256, "HMAC-SHA-256 test case 7"); -#if 0 - /* - * HMAC-SHA-384 doesn't work with the test vectors provided in RFC - * 4231. I have yet to find an implementation of HMAC-SHA-384 that - * /does/ work with those test vectors. Some day we should figure - * out what's going on here, but HMAC-SHA-384 is not currently on - * our critical path, and I have more urgent things to work on, so - * for now I'm just declaring HMAC-SHA-384 unsupported and disabling - * these tests until somebody has time to sort this out. - */ ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha384, "HMAC-SHA-384 test case 1"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha384, "HMAC-SHA-384 test case 2"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_3_key, hmac_sha2_tc_3_data, hmac_sha2_tc_3_result_sha384, "HMAC-SHA-384 test case 3"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_4_key, hmac_sha2_tc_4_data, hmac_sha2_tc_4_result_sha384, "HMAC-SHA-384 test case 4"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_6_key, hmac_sha2_tc_6_data, hmac_sha2_tc_6_result_sha384, "HMAC-SHA-384 test case 6"); ok &= test_hmac(hal_hash_sha384, hmac_sha2_tc_7_key, hmac_sha2_tc_7_data, hmac_sha2_tc_7_result_sha384, "HMAC-SHA-384 test case 7"); -#endif ok &= test_hmac(hal_hash_sha512, hmac_sha2_tc_1_key, hmac_sha2_tc_1_data, hmac_sha2_tc_1_result_sha512, "HMAC-SHA-512 test case 1"); ok &= test_hmac(hal_hash_sha512, hmac_sha2_tc_2_key, hmac_sha2_tc_2_data, hmac_sha2_tc_2_result_sha512, "HMAC-SHA-512 test case 2"); -- cgit v1.2.3