]> git.zerfleddert.de Git - proxmark3-svn/blame - common/sha1.c
CHG: increased debug output for Em410x
[proxmark3-svn] / common / sha1.c
CommitLineData
ea75b30c 1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
4 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
5 *
6 * This file is part of mbed TLS (https://tls.mbed.org)
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 */
22/*
23 * The SHA-1 standard was published by NIST in 1993.
24 *
25 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
26 */
27
28#if !defined(POLARSSL_CONFIG_FILE)
29//#include "polarssl/config.h"
30#define POLARSSL_SHA1_C
31
32#else
33#include POLARSSL_CONFIG_FILE
34#endif
35
36#if defined(POLARSSL_SHA1_C)
37
38#include "sha1.h"
39
40#include <string.h>
41
42#if defined(POLARSSL_FS_IO)
43#include <stdio.h>
44#endif
45
46#if defined(POLARSSL_SELF_TEST)
47#if defined(POLARSSL_PLATFORM_C)
48#include "polarssl/platform.h"
49#else
50#include <stdio.h>
51#define polarssl_printf printf
52#endif /* POLARSSL_PLATFORM_C */
53#endif /* POLARSSL_SELF_TEST */
54
55/* Implementation that should never be optimized out by the compiler */
56static void polarssl_zeroize( void *v, size_t n ) {
57 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
58}
59
60#if !defined(POLARSSL_SHA1_ALT)
61
62/*
63 * 32-bit integer manipulation macros (big endian)
64 */
65#ifndef GET_UINT32_BE
66#define GET_UINT32_BE(n,b,i) \
67{ \
68 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
69 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
70 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
71 | ( (uint32_t) (b)[(i) + 3] ); \
72}
73#endif
74
75#ifndef PUT_UINT32_BE
76#define PUT_UINT32_BE(n,b,i) \
77{ \
78 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
79 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
80 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
81 (b)[(i) + 3] = (unsigned char) ( (n) ); \
82}
83#endif
84
85void sha1_init( sha1_context *ctx )
86{
87 memset( ctx, 0, sizeof( sha1_context ) );
88}
89
90void sha1_free( sha1_context *ctx )
91{
92 if( ctx == NULL )
93 return;
94
95 polarssl_zeroize( ctx, sizeof( sha1_context ) );
96}
97
98/*
99 * SHA-1 context setup
100 */
101void sha1_starts( sha1_context *ctx )
102{
103 ctx->total[0] = 0;
104 ctx->total[1] = 0;
105
106 ctx->state[0] = 0x67452301;
107 ctx->state[1] = 0xEFCDAB89;
108 ctx->state[2] = 0x98BADCFE;
109 ctx->state[3] = 0x10325476;
110 ctx->state[4] = 0xC3D2E1F0;
111}
112
113void sha1_process( sha1_context *ctx, const unsigned char data[64] )
114{
115 uint32_t temp, W[16], A, B, C, D, E;
116
117 GET_UINT32_BE( W[ 0], data, 0 );
118 GET_UINT32_BE( W[ 1], data, 4 );
119 GET_UINT32_BE( W[ 2], data, 8 );
120 GET_UINT32_BE( W[ 3], data, 12 );
121 GET_UINT32_BE( W[ 4], data, 16 );
122 GET_UINT32_BE( W[ 5], data, 20 );
123 GET_UINT32_BE( W[ 6], data, 24 );
124 GET_UINT32_BE( W[ 7], data, 28 );
125 GET_UINT32_BE( W[ 8], data, 32 );
126 GET_UINT32_BE( W[ 9], data, 36 );
127 GET_UINT32_BE( W[10], data, 40 );
128 GET_UINT32_BE( W[11], data, 44 );
129 GET_UINT32_BE( W[12], data, 48 );
130 GET_UINT32_BE( W[13], data, 52 );
131 GET_UINT32_BE( W[14], data, 56 );
132 GET_UINT32_BE( W[15], data, 60 );
133
134#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
135
136#define R(t) \
137( \
138 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
139 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
140 ( W[t & 0x0F] = S(temp,1) ) \
141)
142
143#define P(a,b,c,d,e,x) \
144{ \
145 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
146}
147
148 A = ctx->state[0];
149 B = ctx->state[1];
150 C = ctx->state[2];
151 D = ctx->state[3];
152 E = ctx->state[4];
153
154#define F(x,y,z) (z ^ (x & (y ^ z)))
155#define K 0x5A827999
156
157 P( A, B, C, D, E, W[0] );
158 P( E, A, B, C, D, W[1] );
159 P( D, E, A, B, C, W[2] );
160 P( C, D, E, A, B, W[3] );
161 P( B, C, D, E, A, W[4] );
162 P( A, B, C, D, E, W[5] );
163 P( E, A, B, C, D, W[6] );
164 P( D, E, A, B, C, W[7] );
165 P( C, D, E, A, B, W[8] );
166 P( B, C, D, E, A, W[9] );
167 P( A, B, C, D, E, W[10] );
168 P( E, A, B, C, D, W[11] );
169 P( D, E, A, B, C, W[12] );
170 P( C, D, E, A, B, W[13] );
171 P( B, C, D, E, A, W[14] );
172 P( A, B, C, D, E, W[15] );
173 P( E, A, B, C, D, R(16) );
174 P( D, E, A, B, C, R(17) );
175 P( C, D, E, A, B, R(18) );
176 P( B, C, D, E, A, R(19) );
177
178#undef K
179#undef F
180
181#define F(x,y,z) (x ^ y ^ z)
182#define K 0x6ED9EBA1
183
184 P( A, B, C, D, E, R(20) );
185 P( E, A, B, C, D, R(21) );
186 P( D, E, A, B, C, R(22) );
187 P( C, D, E, A, B, R(23) );
188 P( B, C, D, E, A, R(24) );
189 P( A, B, C, D, E, R(25) );
190 P( E, A, B, C, D, R(26) );
191 P( D, E, A, B, C, R(27) );
192 P( C, D, E, A, B, R(28) );
193 P( B, C, D, E, A, R(29) );
194 P( A, B, C, D, E, R(30) );
195 P( E, A, B, C, D, R(31) );
196 P( D, E, A, B, C, R(32) );
197 P( C, D, E, A, B, R(33) );
198 P( B, C, D, E, A, R(34) );
199 P( A, B, C, D, E, R(35) );
200 P( E, A, B, C, D, R(36) );
201 P( D, E, A, B, C, R(37) );
202 P( C, D, E, A, B, R(38) );
203 P( B, C, D, E, A, R(39) );
204
205#undef K
206#undef F
207
208#define F(x,y,z) ((x & y) | (z & (x | y)))
209#define K 0x8F1BBCDC
210
211 P( A, B, C, D, E, R(40) );
212 P( E, A, B, C, D, R(41) );
213 P( D, E, A, B, C, R(42) );
214 P( C, D, E, A, B, R(43) );
215 P( B, C, D, E, A, R(44) );
216 P( A, B, C, D, E, R(45) );
217 P( E, A, B, C, D, R(46) );
218 P( D, E, A, B, C, R(47) );
219 P( C, D, E, A, B, R(48) );
220 P( B, C, D, E, A, R(49) );
221 P( A, B, C, D, E, R(50) );
222 P( E, A, B, C, D, R(51) );
223 P( D, E, A, B, C, R(52) );
224 P( C, D, E, A, B, R(53) );
225 P( B, C, D, E, A, R(54) );
226 P( A, B, C, D, E, R(55) );
227 P( E, A, B, C, D, R(56) );
228 P( D, E, A, B, C, R(57) );
229 P( C, D, E, A, B, R(58) );
230 P( B, C, D, E, A, R(59) );
231
232#undef K
233#undef F
234
235#define F(x,y,z) (x ^ y ^ z)
236#define K 0xCA62C1D6
237
238 P( A, B, C, D, E, R(60) );
239 P( E, A, B, C, D, R(61) );
240 P( D, E, A, B, C, R(62) );
241 P( C, D, E, A, B, R(63) );
242 P( B, C, D, E, A, R(64) );
243 P( A, B, C, D, E, R(65) );
244 P( E, A, B, C, D, R(66) );
245 P( D, E, A, B, C, R(67) );
246 P( C, D, E, A, B, R(68) );
247 P( B, C, D, E, A, R(69) );
248 P( A, B, C, D, E, R(70) );
249 P( E, A, B, C, D, R(71) );
250 P( D, E, A, B, C, R(72) );
251 P( C, D, E, A, B, R(73) );
252 P( B, C, D, E, A, R(74) );
253 P( A, B, C, D, E, R(75) );
254 P( E, A, B, C, D, R(76) );
255 P( D, E, A, B, C, R(77) );
256 P( C, D, E, A, B, R(78) );
257 P( B, C, D, E, A, R(79) );
258
259#undef K
260#undef F
261
262 ctx->state[0] += A;
263 ctx->state[1] += B;
264 ctx->state[2] += C;
265 ctx->state[3] += D;
266 ctx->state[4] += E;
267}
268
269/*
270 * SHA-1 process buffer
271 */
272void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
273{
274 size_t fill;
275 uint32_t left;
276
277 if( ilen == 0 )
278 return;
279
280 left = ctx->total[0] & 0x3F;
281 fill = 64 - left;
282
283 ctx->total[0] += (uint32_t) ilen;
284 ctx->total[0] &= 0xFFFFFFFF;
285
286 if( ctx->total[0] < (uint32_t) ilen )
287 ctx->total[1]++;
288
289 if( left && ilen >= fill )
290 {
291 memcpy( (void *) (ctx->buffer + left), input, fill );
292 sha1_process( ctx, ctx->buffer );
293 input += fill;
294 ilen -= fill;
295 left = 0;
296 }
297
298 while( ilen >= 64 )
299 {
300 sha1_process( ctx, input );
301 input += 64;
302 ilen -= 64;
303 }
304
305 if( ilen > 0 )
306 memcpy( (void *) (ctx->buffer + left), input, ilen );
307}
308
309static const unsigned char sha1_padding[64] =
310{
311 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
312 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
313 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
314 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
315};
316
317/*
318 * SHA-1 final digest
319 */
320void sha1_finish( sha1_context *ctx, unsigned char output[20] )
321{
322 uint32_t last, padn;
323 uint32_t high, low;
324 unsigned char msglen[8];
325
326 high = ( ctx->total[0] >> 29 )
327 | ( ctx->total[1] << 3 );
328 low = ( ctx->total[0] << 3 );
329
330 PUT_UINT32_BE( high, msglen, 0 );
331 PUT_UINT32_BE( low, msglen, 4 );
332
333 last = ctx->total[0] & 0x3F;
334 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
335
336 sha1_update( ctx, sha1_padding, padn );
337 sha1_update( ctx, msglen, 8 );
338
339 PUT_UINT32_BE( ctx->state[0], output, 0 );
340 PUT_UINT32_BE( ctx->state[1], output, 4 );
341 PUT_UINT32_BE( ctx->state[2], output, 8 );
342 PUT_UINT32_BE( ctx->state[3], output, 12 );
343 PUT_UINT32_BE( ctx->state[4], output, 16 );
344}
345
346#endif /* !POLARSSL_SHA1_ALT */
347
348/*
349 * output = SHA-1( input buffer )
350 */
351void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
352{
353 sha1_context ctx;
354
355 sha1_init( &ctx );
356 sha1_starts( &ctx );
357 sha1_update( &ctx, input, ilen );
358 sha1_finish( &ctx, output );
359 sha1_free( &ctx );
360}
361
362#if defined(POLARSSL_FS_IO)
363/*
364 * output = SHA-1( file contents )
365 */
366int sha1_file( const char *path, unsigned char output[20] )
367{
368 FILE *f;
369 size_t n;
370 sha1_context ctx;
371 unsigned char buf[1024];
372
373 if( ( f = fopen( path, "rb" ) ) == NULL )
374 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
375
376 sha1_init( &ctx );
377 sha1_starts( &ctx );
378
379 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
380 sha1_update( &ctx, buf, n );
381
382 sha1_finish( &ctx, output );
383 sha1_free( &ctx );
384
385 if( ferror( f ) != 0 )
386 {
387 fclose( f );
388 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
389 }
390
391 fclose( f );
392 return( 0 );
393}
394#endif /* POLARSSL_FS_IO */
395
396/*
397 * SHA-1 HMAC context setup
398 */
399void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
400 size_t keylen )
401{
402 size_t i;
403 unsigned char sum[20];
404
405 if( keylen > 64 )
406 {
407 sha1( key, keylen, sum );
408 keylen = 20;
409 key = sum;
410 }
411
412 memset( ctx->ipad, 0x36, 64 );
413 memset( ctx->opad, 0x5C, 64 );
414
415 for( i = 0; i < keylen; i++ )
416 {
417 ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
418 ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
419 }
420
421 sha1_starts( ctx );
422 sha1_update( ctx, ctx->ipad, 64 );
423
424 polarssl_zeroize( sum, sizeof( sum ) );
425}
426
427/*
428 * SHA-1 HMAC process buffer
429 */
430void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
431 size_t ilen )
432{
433 sha1_update( ctx, input, ilen );
434}
435
436/*
437 * SHA-1 HMAC final digest
438 */
439void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
440{
441 unsigned char tmpbuf[20];
442
443 sha1_finish( ctx, tmpbuf );
444 sha1_starts( ctx );
445 sha1_update( ctx, ctx->opad, 64 );
446 sha1_update( ctx, tmpbuf, 20 );
447 sha1_finish( ctx, output );
448
449 polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
450}
451
452/*
453 * SHA1 HMAC context reset
454 */
455void sha1_hmac_reset( sha1_context *ctx )
456{
457 sha1_starts( ctx );
458 sha1_update( ctx, ctx->ipad, 64 );
459}
460
461/*
462 * output = HMAC-SHA-1( hmac key, input buffer )
463 */
464void sha1_hmac( const unsigned char *key, size_t keylen,
465 const unsigned char *input, size_t ilen,
466 unsigned char output[20] )
467{
468 sha1_context ctx;
469
470 sha1_init( &ctx );
471 sha1_hmac_starts( &ctx, key, keylen );
472 sha1_hmac_update( &ctx, input, ilen );
473 sha1_hmac_finish( &ctx, output );
474 sha1_free( &ctx );
475}
476
477#if defined(POLARSSL_SELF_TEST)
478/*
479 * FIPS-180-1 test vectors
480 */
481static const unsigned char sha1_test_buf[3][57] =
482{
483 { "abc" },
484 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
485 { "" }
486};
487
488static const int sha1_test_buflen[3] =
489{
490 3, 56, 1000
491};
492
493static const unsigned char sha1_test_sum[3][20] =
494{
495 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
496 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
497 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
498 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
499 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
500 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
501};
502
503/*
504 * RFC 2202 test vectors
505 */
506static const unsigned char sha1_hmac_test_key[7][26] =
507{
508 { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
509 "\x0B\x0B\x0B\x0B" },
510 { "Jefe" },
511 { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
512 "\xAA\xAA\xAA\xAA" },
513 { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
514 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
515 { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
516 "\x0C\x0C\x0C\x0C" },
517 { "" }, /* 0xAA 80 times */
518 { "" }
519};
520
521static const int sha1_hmac_test_keylen[7] =
522{
523 20, 4, 20, 25, 20, 80, 80
524};
525
526static const unsigned char sha1_hmac_test_buf[7][74] =
527{
528 { "Hi There" },
529 { "what do ya want for nothing?" },
530 { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
531 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
532 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
533 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
534 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
535 { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
536 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
537 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
538 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
539 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
540 { "Test With Truncation" },
541 { "Test Using Larger Than Block-Size Key - Hash Key First" },
542 { "Test Using Larger Than Block-Size Key and Larger"
543 " Than One Block-Size Data" }
544};
545
546static const int sha1_hmac_test_buflen[7] =
547{
548 8, 28, 50, 50, 20, 54, 73
549};
550
551static const unsigned char sha1_hmac_test_sum[7][20] =
552{
553 { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
554 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
555 { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
556 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
557 { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
558 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
559 { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
560 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
561 { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
562 0x7B, 0xE1 },
563 { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
564 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
565 { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
566 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
567};
568
569/*
570 * Checkup routine
571 */
572int sha1_self_test( int verbose )
573{
574 int i, j, buflen, ret = 0;
575 unsigned char buf[1024];
576 unsigned char sha1sum[20];
577 sha1_context ctx;
578
579 sha1_init( &ctx );
580
581 /*
582 * SHA-1
583 */
584 for( i = 0; i < 3; i++ )
585 {
586 if( verbose != 0 )
587 polarssl_printf( " SHA-1 test #%d: ", i + 1 );
588
589 sha1_starts( &ctx );
590
591 if( i == 2 )
592 {
593 memset( buf, 'a', buflen = 1000 );
594
595 for( j = 0; j < 1000; j++ )
596 sha1_update( &ctx, buf, buflen );
597 }
598 else
599 sha1_update( &ctx, sha1_test_buf[i],
600 sha1_test_buflen[i] );
601
602 sha1_finish( &ctx, sha1sum );
603
604 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
605 {
606 if( verbose != 0 )
607 polarssl_printf( "failed\n" );
608
609 ret = 1;
610 goto exit;
611 }
612
613 if( verbose != 0 )
614 polarssl_printf( "passed\n" );
615 }
616
617 if( verbose != 0 )
618 polarssl_printf( "\n" );
619
620 for( i = 0; i < 7; i++ )
621 {
622 if( verbose != 0 )
623 polarssl_printf( " HMAC-SHA-1 test #%d: ", i + 1 );
624
625 if( i == 5 || i == 6 )
626 {
627 memset( buf, 0xAA, buflen = 80 );
628 sha1_hmac_starts( &ctx, buf, buflen );
629 }
630 else
631 sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
632 sha1_hmac_test_keylen[i] );
633
634 sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
635 sha1_hmac_test_buflen[i] );
636
637 sha1_hmac_finish( &ctx, sha1sum );
638
639 buflen = ( i == 4 ) ? 12 : 20;
640
641 if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
642 {
643 if( verbose != 0 )
644 polarssl_printf( "failed\n" );
645
646 ret = 1;
647 goto exit;
648 }
649
650 if( verbose != 0 )
651 polarssl_printf( "passed\n" );
652 }
653
654 if( verbose != 0 )
655 polarssl_printf( "\n" );
656
657exit:
658 sha1_free( &ctx );
659
660 return( ret );
661}
662
663#endif /* POLARSSL_SELF_TEST */
664
665#endif /* POLARSSL_SHA1_C */
Impressum, Datenschutz