]> git.zerfleddert.de Git - proxmark3-svn/blame - common/sha1.c
(implementing suggestion #94)
[proxmark3-svn] / common / sha1.c
CommitLineData
1c4c0b06 1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
4 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
5 * This file is part of mbed TLS (https://tls.mbed.org)
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 */
21/*
22 * The SHA-1 standard was published by NIST in 1993.
23 *
24 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
25 */
26
27#if !defined(POLARSSL_CONFIG_FILE)
28//#include "polarssl/config.h"
29#define POLARSSL_SHA1_C
30
31#else
32#include POLARSSL_CONFIG_FILE
33#endif
34
35#if defined(POLARSSL_SHA1_C)
36
37#include "sha1.h"
38
39#include <string.h>
40
41#if defined(POLARSSL_FS_IO)
42#include <stdio.h>
43#endif
44
45#if defined(POLARSSL_SELF_TEST)
46#if defined(POLARSSL_PLATFORM_C)
47#include "polarssl/platform.h"
48#else
49#include <stdio.h>
50#define polarssl_printf printf
51#endif /* POLARSSL_PLATFORM_C */
52#endif /* POLARSSL_SELF_TEST */
53
54/* Implementation that should never be optimized out by the compiler */
55static void polarssl_zeroize( void *v, size_t n ) {
56 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
57}
58
59#if !defined(POLARSSL_SHA1_ALT)
60
61/*
62 * 32-bit integer manipulation macros (big endian)
63 */
64#ifndef GET_UINT32_BE
65#define GET_UINT32_BE(n,b,i) \
66{ \
67 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
68 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
69 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
70 | ( (uint32_t) (b)[(i) + 3] ); \
71}
72#endif
73
74#ifndef PUT_UINT32_BE
75#define PUT_UINT32_BE(n,b,i) \
76{ \
77 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
78 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
79 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
80 (b)[(i) + 3] = (unsigned char) ( (n) ); \
81}
82#endif
83
84void sha1_init( sha1_context *ctx )
85{
86 memset( ctx, 0, sizeof( sha1_context ) );
87}
88
89void sha1_free( sha1_context *ctx )
90{
91 if( ctx == NULL )
92 return;
93
94 polarssl_zeroize( ctx, sizeof( sha1_context ) );
95}
96
97/*
98 * SHA-1 context setup
99 */
100void sha1_starts( sha1_context *ctx )
101{
102 ctx->total[0] = 0;
103 ctx->total[1] = 0;
104
105 ctx->state[0] = 0x67452301;
106 ctx->state[1] = 0xEFCDAB89;
107 ctx->state[2] = 0x98BADCFE;
108 ctx->state[3] = 0x10325476;
109 ctx->state[4] = 0xC3D2E1F0;
110}
111
112void sha1_process( sha1_context *ctx, const unsigned char data[64] )
113{
114 uint32_t temp, W[16], A, B, C, D, E;
115
116 GET_UINT32_BE( W[ 0], data, 0 );
117 GET_UINT32_BE( W[ 1], data, 4 );
118 GET_UINT32_BE( W[ 2], data, 8 );
119 GET_UINT32_BE( W[ 3], data, 12 );
120 GET_UINT32_BE( W[ 4], data, 16 );
121 GET_UINT32_BE( W[ 5], data, 20 );
122 GET_UINT32_BE( W[ 6], data, 24 );
123 GET_UINT32_BE( W[ 7], data, 28 );
124 GET_UINT32_BE( W[ 8], data, 32 );
125 GET_UINT32_BE( W[ 9], data, 36 );
126 GET_UINT32_BE( W[10], data, 40 );
127 GET_UINT32_BE( W[11], data, 44 );
128 GET_UINT32_BE( W[12], data, 48 );
129 GET_UINT32_BE( W[13], data, 52 );
130 GET_UINT32_BE( W[14], data, 56 );
131 GET_UINT32_BE( W[15], data, 60 );
132
133#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
134
135#define R(t) \
136( \
137 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
138 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
139 ( W[t & 0x0F] = S(temp,1) ) \
140)
141
142#define P(a,b,c,d,e,x) \
143{ \
144 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
145}
146
147 A = ctx->state[0];
148 B = ctx->state[1];
149 C = ctx->state[2];
150 D = ctx->state[3];
151 E = ctx->state[4];
152
153#define F(x,y,z) (z ^ (x & (y ^ z)))
154#define K 0x5A827999
155
156 P( A, B, C, D, E, W[0] );
157 P( E, A, B, C, D, W[1] );
158 P( D, E, A, B, C, W[2] );
159 P( C, D, E, A, B, W[3] );
160 P( B, C, D, E, A, W[4] );
161 P( A, B, C, D, E, W[5] );
162 P( E, A, B, C, D, W[6] );
163 P( D, E, A, B, C, W[7] );
164 P( C, D, E, A, B, W[8] );
165 P( B, C, D, E, A, W[9] );
166 P( A, B, C, D, E, W[10] );
167 P( E, A, B, C, D, W[11] );
168 P( D, E, A, B, C, W[12] );
169 P( C, D, E, A, B, W[13] );
170 P( B, C, D, E, A, W[14] );
171 P( A, B, C, D, E, W[15] );
172 P( E, A, B, C, D, R(16) );
173 P( D, E, A, B, C, R(17) );
174 P( C, D, E, A, B, R(18) );
175 P( B, C, D, E, A, R(19) );
176
177#undef K
178#undef F
179
180#define F(x,y,z) (x ^ y ^ z)
181#define K 0x6ED9EBA1
182
183 P( A, B, C, D, E, R(20) );
184 P( E, A, B, C, D, R(21) );
185 P( D, E, A, B, C, R(22) );
186 P( C, D, E, A, B, R(23) );
187 P( B, C, D, E, A, R(24) );
188 P( A, B, C, D, E, R(25) );
189 P( E, A, B, C, D, R(26) );
190 P( D, E, A, B, C, R(27) );
191 P( C, D, E, A, B, R(28) );
192 P( B, C, D, E, A, R(29) );
193 P( A, B, C, D, E, R(30) );
194 P( E, A, B, C, D, R(31) );
195 P( D, E, A, B, C, R(32) );
196 P( C, D, E, A, B, R(33) );
197 P( B, C, D, E, A, R(34) );
198 P( A, B, C, D, E, R(35) );
199 P( E, A, B, C, D, R(36) );
200 P( D, E, A, B, C, R(37) );
201 P( C, D, E, A, B, R(38) );
202 P( B, C, D, E, A, R(39) );
203
204#undef K
205#undef F
206
207#define F(x,y,z) ((x & y) | (z & (x | y)))
208#define K 0x8F1BBCDC
209
210 P( A, B, C, D, E, R(40) );
211 P( E, A, B, C, D, R(41) );
212 P( D, E, A, B, C, R(42) );
213 P( C, D, E, A, B, R(43) );
214 P( B, C, D, E, A, R(44) );
215 P( A, B, C, D, E, R(45) );
216 P( E, A, B, C, D, R(46) );
217 P( D, E, A, B, C, R(47) );
218 P( C, D, E, A, B, R(48) );
219 P( B, C, D, E, A, R(49) );
220 P( A, B, C, D, E, R(50) );
221 P( E, A, B, C, D, R(51) );
222 P( D, E, A, B, C, R(52) );
223 P( C, D, E, A, B, R(53) );
224 P( B, C, D, E, A, R(54) );
225 P( A, B, C, D, E, R(55) );
226 P( E, A, B, C, D, R(56) );
227 P( D, E, A, B, C, R(57) );
228 P( C, D, E, A, B, R(58) );
229 P( B, C, D, E, A, R(59) );
230
231#undef K
232#undef F
233
234#define F(x,y,z) (x ^ y ^ z)
235#define K 0xCA62C1D6
236
237 P( A, B, C, D, E, R(60) );
238 P( E, A, B, C, D, R(61) );
239 P( D, E, A, B, C, R(62) );
240 P( C, D, E, A, B, R(63) );
241 P( B, C, D, E, A, R(64) );
242 P( A, B, C, D, E, R(65) );
243 P( E, A, B, C, D, R(66) );
244 P( D, E, A, B, C, R(67) );
245 P( C, D, E, A, B, R(68) );
246 P( B, C, D, E, A, R(69) );
247 P( A, B, C, D, E, R(70) );
248 P( E, A, B, C, D, R(71) );
249 P( D, E, A, B, C, R(72) );
250 P( C, D, E, A, B, R(73) );
251 P( B, C, D, E, A, R(74) );
252 P( A, B, C, D, E, R(75) );
253 P( E, A, B, C, D, R(76) );
254 P( D, E, A, B, C, R(77) );
255 P( C, D, E, A, B, R(78) );
256 P( B, C, D, E, A, R(79) );
257
258#undef K
259#undef F
260
261 ctx->state[0] += A;
262 ctx->state[1] += B;
263 ctx->state[2] += C;
264 ctx->state[3] += D;
265 ctx->state[4] += E;
266}
267
268/*
269 * SHA-1 process buffer
270 */
271void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
272{
273 size_t fill;
274 uint32_t left;
275
276 if( ilen == 0 )
277 return;
278
279 left = ctx->total[0] & 0x3F;
280 fill = 64 - left;
281
282 ctx->total[0] += (uint32_t) ilen;
283 ctx->total[0] &= 0xFFFFFFFF;
284
285 if( ctx->total[0] < (uint32_t) ilen )
286 ctx->total[1]++;
287
288 if( left && ilen >= fill )
289 {
290 memcpy( (void *) (ctx->buffer + left), input, fill );
291 sha1_process( ctx, ctx->buffer );
292 input += fill;
293 ilen -= fill;
294 left = 0;
295 }
296
297 while( ilen >= 64 )
298 {
299 sha1_process( ctx, input );
300 input += 64;
301 ilen -= 64;
302 }
303
304 if( ilen > 0 )
305 memcpy( (void *) (ctx->buffer + left), input, ilen );
306}
307
308static const unsigned char sha1_padding[64] =
309{
310 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
311 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
312 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
313 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
314};
315
316/*
317 * SHA-1 final digest
318 */
319void sha1_finish( sha1_context *ctx, unsigned char output[20] )
320{
321 uint32_t last, padn;
322 uint32_t high, low;
323 unsigned char msglen[8];
324
325 high = ( ctx->total[0] >> 29 )
326 | ( ctx->total[1] << 3 );
327 low = ( ctx->total[0] << 3 );
328
329 PUT_UINT32_BE( high, msglen, 0 );
330 PUT_UINT32_BE( low, msglen, 4 );
331
332 last = ctx->total[0] & 0x3F;
333 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
334
335 sha1_update( ctx, sha1_padding, padn );
336 sha1_update( ctx, msglen, 8 );
337
338 PUT_UINT32_BE( ctx->state[0], output, 0 );
339 PUT_UINT32_BE( ctx->state[1], output, 4 );
340 PUT_UINT32_BE( ctx->state[2], output, 8 );
341 PUT_UINT32_BE( ctx->state[3], output, 12 );
342 PUT_UINT32_BE( ctx->state[4], output, 16 );
343}
344
345#endif /* !POLARSSL_SHA1_ALT */
346
347/*
348 * output = SHA-1( input buffer )
349 */
350void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
351{
352 sha1_context ctx;
353
354 sha1_init( &ctx );
355 sha1_starts( &ctx );
356 sha1_update( &ctx, input, ilen );
357 sha1_finish( &ctx, output );
358 sha1_free( &ctx );
359}
360
361#if defined(POLARSSL_FS_IO)
362/*
363 * output = SHA-1( file contents )
364 */
365int sha1_file( const char *path, unsigned char output[20] )
366{
367 FILE *f;
368 size_t n;
369 sha1_context ctx;
370 unsigned char buf[1024];
371
372 if( ( f = fopen( path, "rb" ) ) == NULL )
373 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
374
375 sha1_init( &ctx );
376 sha1_starts( &ctx );
377
378 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
379 sha1_update( &ctx, buf, n );
380
381 sha1_finish( &ctx, output );
382 sha1_free( &ctx );
383
384 if( ferror( f ) != 0 )
385 {
386 fclose( f );
387 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
388 }
389
390 fclose( f );
391 return( 0 );
392}
393#endif /* POLARSSL_FS_IO */
394
395/*
396 * SHA-1 HMAC context setup
397 */
398void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
399 size_t keylen )
400{
401 size_t i;
402 unsigned char sum[20];
403
404 if( keylen > 64 )
405 {
406 sha1( key, keylen, sum );
407 keylen = 20;
408 key = sum;
409 }
410
411 memset( ctx->ipad, 0x36, 64 );
412 memset( ctx->opad, 0x5C, 64 );
413
414 for( i = 0; i < keylen; i++ )
415 {
416 ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
417 ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
418 }
419
420 sha1_starts( ctx );
421 sha1_update( ctx, ctx->ipad, 64 );
422
423 polarssl_zeroize( sum, sizeof( sum ) );
424}
425
426/*
427 * SHA-1 HMAC process buffer
428 */
429void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
430 size_t ilen )
431{
432 sha1_update( ctx, input, ilen );
433}
434
435/*
436 * SHA-1 HMAC final digest
437 */
438void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
439{
440 unsigned char tmpbuf[20];
441
442 sha1_finish( ctx, tmpbuf );
443 sha1_starts( ctx );
444 sha1_update( ctx, ctx->opad, 64 );
445 sha1_update( ctx, tmpbuf, 20 );
446 sha1_finish( ctx, output );
447
448 polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
449}
450
451/*
452 * SHA1 HMAC context reset
453 */
454void sha1_hmac_reset( sha1_context *ctx )
455{
456 sha1_starts( ctx );
457 sha1_update( ctx, ctx->ipad, 64 );
458}
459
460/*
461 * output = HMAC-SHA-1( hmac key, input buffer )
462 */
463void sha1_hmac( const unsigned char *key, size_t keylen,
464 const unsigned char *input, size_t ilen,
465 unsigned char output[20] )
466{
467 sha1_context ctx;
468
469 sha1_init( &ctx );
470 sha1_hmac_starts( &ctx, key, keylen );
471 sha1_hmac_update( &ctx, input, ilen );
472 sha1_hmac_finish( &ctx, output );
473 sha1_free( &ctx );
474}
475
476#if defined(POLARSSL_SELF_TEST)
477/*
478 * FIPS-180-1 test vectors
479 */
480static const unsigned char sha1_test_buf[3][57] =
481{
482 { "abc" },
483 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
484 { "" }
485};
486
487static const int sha1_test_buflen[3] =
488{
489 3, 56, 1000
490};
491
492static const unsigned char sha1_test_sum[3][20] =
493{
494 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
495 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
496 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
497 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
498 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
499 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
500};
501
502/*
503 * RFC 2202 test vectors
504 */
505static const unsigned char sha1_hmac_test_key[7][26] =
506{
507 { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
508 "\x0B\x0B\x0B\x0B" },
509 { "Jefe" },
510 { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
511 "\xAA\xAA\xAA\xAA" },
512 { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
513 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
514 { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
515 "\x0C\x0C\x0C\x0C" },
516 { "" }, /* 0xAA 80 times */
517 { "" }
518};
519
520static const int sha1_hmac_test_keylen[7] =
521{
522 20, 4, 20, 25, 20, 80, 80
523};
524
525static const unsigned char sha1_hmac_test_buf[7][74] =
526{
527 { "Hi There" },
528 { "what do ya want for nothing?" },
529 { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
530 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
531 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
532 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
533 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
534 { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
535 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
536 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
537 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
538 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
539 { "Test With Truncation" },
540 { "Test Using Larger Than Block-Size Key - Hash Key First" },
541 { "Test Using Larger Than Block-Size Key and Larger"
542 " Than One Block-Size Data" }
543};
544
545static const int sha1_hmac_test_buflen[7] =
546{
547 8, 28, 50, 50, 20, 54, 73
548};
549
550static const unsigned char sha1_hmac_test_sum[7][20] =
551{
552 { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
553 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
554 { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
555 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
556 { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
557 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
558 { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
559 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
560 { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
561 0x7B, 0xE1 },
562 { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
563 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
564 { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
565 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
566};
567
568/*
569 * Checkup routine
570 */
571int sha1_self_test( int verbose )
572{
573 int i, j, buflen, ret = 0;
574 unsigned char buf[1024];
575 unsigned char sha1sum[20];
576 sha1_context ctx;
577
578 sha1_init( &ctx );
579
580 /*
581 * SHA-1
582 */
583 for( i = 0; i < 3; i++ )
584 {
585 if( verbose != 0 )
586 polarssl_printf( " SHA-1 test #%d: ", i + 1 );
587
588 sha1_starts( &ctx );
589
590 if( i == 2 )
591 {
592 memset( buf, 'a', buflen = 1000 );
593
594 for( j = 0; j < 1000; j++ )
595 sha1_update( &ctx, buf, buflen );
596 }
597 else
598 sha1_update( &ctx, sha1_test_buf[i],
599 sha1_test_buflen[i] );
600
601 sha1_finish( &ctx, sha1sum );
602
603 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
604 {
605 if( verbose != 0 )
606 polarssl_printf( "failed\n" );
607
608 ret = 1;
609 goto exit;
610 }
611
612 if( verbose != 0 )
613 polarssl_printf( "passed\n" );
614 }
615
616 if( verbose != 0 )
617 polarssl_printf( "\n" );
618
619 for( i = 0; i < 7; i++ )
620 {
621 if( verbose != 0 )
622 polarssl_printf( " HMAC-SHA-1 test #%d: ", i + 1 );
623
624 if( i == 5 || i == 6 )
625 {
626 memset( buf, 0xAA, buflen = 80 );
627 sha1_hmac_starts( &ctx, buf, buflen );
628 }
629 else
630 sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
631 sha1_hmac_test_keylen[i] );
632
633 sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
634 sha1_hmac_test_buflen[i] );
635
636 sha1_hmac_finish( &ctx, sha1sum );
637
638 buflen = ( i == 4 ) ? 12 : 20;
639
640 if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
641 {
642 if( verbose != 0 )
643 polarssl_printf( "failed\n" );
644
645 ret = 1;
646 goto exit;
647 }
648
649 if( verbose != 0 )
650 polarssl_printf( "passed\n" );
651 }
652
653 if( verbose != 0 )
654 polarssl_printf( "\n" );
655
656exit:
657 sha1_free( &ctx );
658
659 return( ret );
660}
661
662#endif /* POLARSSL_SELF_TEST */
663
664#endif /* POLARSSL_SHA1_C */
665
Impressum, Datenschutz