PolarSSL v1.1.4
|
00001 /* 00002 * FIPS-180-1 compliant SHA-1 implementation 00003 * 00004 * Copyright (C) 2006-2010, Brainspark B.V. 00005 * 00006 * This file is part of PolarSSL (http://www.polarssl.org) 00007 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> 00008 * 00009 * All rights reserved. 00010 * 00011 * This program is free software; you can redistribute it and/or modify 00012 * it under the terms of the GNU General Public License as published by 00013 * the Free Software Foundation; either version 2 of the License, or 00014 * (at your option) any later version. 00015 * 00016 * This program is distributed in the hope that it will be useful, 00017 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00018 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00019 * GNU General Public License for more details. 00020 * 00021 * You should have received a copy of the GNU General Public License along 00022 * with this program; if not, write to the Free Software Foundation, Inc., 00023 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 00024 */ 00025 /* 00026 * The SHA-1 standard was published by NIST in 1993. 00027 * 00028 * http://www.itl.nist.gov/fipspubs/fip180-1.htm 00029 */ 00030 00031 #include "polarssl/config.h" 00032 00033 #if defined(POLARSSL_SHA1_C) 00034 00035 #include "polarssl/sha1.h" 00036 00037 #if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) 00038 #include <stdio.h> 00039 #endif 00040 00041 /* 00042 * 32-bit integer manipulation macros (big endian) 00043 */ 00044 #ifndef GET_ULONG_BE 00045 #define GET_ULONG_BE(n,b,i) \ 00046 { \ 00047 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \ 00048 | ( (unsigned long) (b)[(i) + 1] << 16 ) \ 00049 | ( (unsigned long) (b)[(i) + 2] << 8 ) \ 00050 | ( (unsigned long) (b)[(i) + 3] ); \ 00051 } 00052 #endif 00053 00054 #ifndef PUT_ULONG_BE 00055 #define PUT_ULONG_BE(n,b,i) \ 00056 { \ 00057 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 00058 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 00059 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 00060 (b)[(i) + 3] = (unsigned char) ( (n) ); \ 00061 } 00062 #endif 00063 00064 /* 00065 * SHA-1 context setup 00066 */ 00067 void sha1_starts( sha1_context *ctx ) 00068 { 00069 ctx->total[0] = 0; 00070 ctx->total[1] = 0; 00071 00072 ctx->state[0] = 0x67452301; 00073 ctx->state[1] = 0xEFCDAB89; 00074 ctx->state[2] = 0x98BADCFE; 00075 ctx->state[3] = 0x10325476; 00076 ctx->state[4] = 0xC3D2E1F0; 00077 } 00078 00079 static void sha1_process( sha1_context *ctx, const unsigned char data[64] ) 00080 { 00081 unsigned long temp, W[16], A, B, C, D, E; 00082 00083 GET_ULONG_BE( W[ 0], data, 0 ); 00084 GET_ULONG_BE( W[ 1], data, 4 ); 00085 GET_ULONG_BE( W[ 2], data, 8 ); 00086 GET_ULONG_BE( W[ 3], data, 12 ); 00087 GET_ULONG_BE( W[ 4], data, 16 ); 00088 GET_ULONG_BE( W[ 5], data, 20 ); 00089 GET_ULONG_BE( W[ 6], data, 24 ); 00090 GET_ULONG_BE( W[ 7], data, 28 ); 00091 GET_ULONG_BE( W[ 8], data, 32 ); 00092 GET_ULONG_BE( W[ 9], data, 36 ); 00093 GET_ULONG_BE( W[10], data, 40 ); 00094 GET_ULONG_BE( W[11], data, 44 ); 00095 GET_ULONG_BE( W[12], data, 48 ); 00096 GET_ULONG_BE( W[13], data, 52 ); 00097 GET_ULONG_BE( W[14], data, 56 ); 00098 GET_ULONG_BE( W[15], data, 60 ); 00099 00100 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) 00101 00102 #define R(t) \ 00103 ( \ 00104 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \ 00105 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \ 00106 ( W[t & 0x0F] = S(temp,1) ) \ 00107 ) 00108 00109 #define P(a,b,c,d,e,x) \ 00110 { \ 00111 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \ 00112 } 00113 00114 A = ctx->state[0]; 00115 B = ctx->state[1]; 00116 C = ctx->state[2]; 00117 D = ctx->state[3]; 00118 E = ctx->state[4]; 00119 00120 #define F(x,y,z) (z ^ (x & (y ^ z))) 00121 #define K 0x5A827999 00122 00123 P( A, B, C, D, E, W[0] ); 00124 P( E, A, B, C, D, W[1] ); 00125 P( D, E, A, B, C, W[2] ); 00126 P( C, D, E, A, B, W[3] ); 00127 P( B, C, D, E, A, W[4] ); 00128 P( A, B, C, D, E, W[5] ); 00129 P( E, A, B, C, D, W[6] ); 00130 P( D, E, A, B, C, W[7] ); 00131 P( C, D, E, A, B, W[8] ); 00132 P( B, C, D, E, A, W[9] ); 00133 P( A, B, C, D, E, W[10] ); 00134 P( E, A, B, C, D, W[11] ); 00135 P( D, E, A, B, C, W[12] ); 00136 P( C, D, E, A, B, W[13] ); 00137 P( B, C, D, E, A, W[14] ); 00138 P( A, B, C, D, E, W[15] ); 00139 P( E, A, B, C, D, R(16) ); 00140 P( D, E, A, B, C, R(17) ); 00141 P( C, D, E, A, B, R(18) ); 00142 P( B, C, D, E, A, R(19) ); 00143 00144 #undef K 00145 #undef F 00146 00147 #define F(x,y,z) (x ^ y ^ z) 00148 #define K 0x6ED9EBA1 00149 00150 P( A, B, C, D, E, R(20) ); 00151 P( E, A, B, C, D, R(21) ); 00152 P( D, E, A, B, C, R(22) ); 00153 P( C, D, E, A, B, R(23) ); 00154 P( B, C, D, E, A, R(24) ); 00155 P( A, B, C, D, E, R(25) ); 00156 P( E, A, B, C, D, R(26) ); 00157 P( D, E, A, B, C, R(27) ); 00158 P( C, D, E, A, B, R(28) ); 00159 P( B, C, D, E, A, R(29) ); 00160 P( A, B, C, D, E, R(30) ); 00161 P( E, A, B, C, D, R(31) ); 00162 P( D, E, A, B, C, R(32) ); 00163 P( C, D, E, A, B, R(33) ); 00164 P( B, C, D, E, A, R(34) ); 00165 P( A, B, C, D, E, R(35) ); 00166 P( E, A, B, C, D, R(36) ); 00167 P( D, E, A, B, C, R(37) ); 00168 P( C, D, E, A, B, R(38) ); 00169 P( B, C, D, E, A, R(39) ); 00170 00171 #undef K 00172 #undef F 00173 00174 #define F(x,y,z) ((x & y) | (z & (x | y))) 00175 #define K 0x8F1BBCDC 00176 00177 P( A, B, C, D, E, R(40) ); 00178 P( E, A, B, C, D, R(41) ); 00179 P( D, E, A, B, C, R(42) ); 00180 P( C, D, E, A, B, R(43) ); 00181 P( B, C, D, E, A, R(44) ); 00182 P( A, B, C, D, E, R(45) ); 00183 P( E, A, B, C, D, R(46) ); 00184 P( D, E, A, B, C, R(47) ); 00185 P( C, D, E, A, B, R(48) ); 00186 P( B, C, D, E, A, R(49) ); 00187 P( A, B, C, D, E, R(50) ); 00188 P( E, A, B, C, D, R(51) ); 00189 P( D, E, A, B, C, R(52) ); 00190 P( C, D, E, A, B, R(53) ); 00191 P( B, C, D, E, A, R(54) ); 00192 P( A, B, C, D, E, R(55) ); 00193 P( E, A, B, C, D, R(56) ); 00194 P( D, E, A, B, C, R(57) ); 00195 P( C, D, E, A, B, R(58) ); 00196 P( B, C, D, E, A, R(59) ); 00197 00198 #undef K 00199 #undef F 00200 00201 #define F(x,y,z) (x ^ y ^ z) 00202 #define K 0xCA62C1D6 00203 00204 P( A, B, C, D, E, R(60) ); 00205 P( E, A, B, C, D, R(61) ); 00206 P( D, E, A, B, C, R(62) ); 00207 P( C, D, E, A, B, R(63) ); 00208 P( B, C, D, E, A, R(64) ); 00209 P( A, B, C, D, E, R(65) ); 00210 P( E, A, B, C, D, R(66) ); 00211 P( D, E, A, B, C, R(67) ); 00212 P( C, D, E, A, B, R(68) ); 00213 P( B, C, D, E, A, R(69) ); 00214 P( A, B, C, D, E, R(70) ); 00215 P( E, A, B, C, D, R(71) ); 00216 P( D, E, A, B, C, R(72) ); 00217 P( C, D, E, A, B, R(73) ); 00218 P( B, C, D, E, A, R(74) ); 00219 P( A, B, C, D, E, R(75) ); 00220 P( E, A, B, C, D, R(76) ); 00221 P( D, E, A, B, C, R(77) ); 00222 P( C, D, E, A, B, R(78) ); 00223 P( B, C, D, E, A, R(79) ); 00224 00225 #undef K 00226 #undef F 00227 00228 ctx->state[0] += A; 00229 ctx->state[1] += B; 00230 ctx->state[2] += C; 00231 ctx->state[3] += D; 00232 ctx->state[4] += E; 00233 } 00234 00235 /* 00236 * SHA-1 process buffer 00237 */ 00238 void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) 00239 { 00240 size_t fill; 00241 unsigned long left; 00242 00243 if( ilen <= 0 ) 00244 return; 00245 00246 left = ctx->total[0] & 0x3F; 00247 fill = 64 - left; 00248 00249 ctx->total[0] += (unsigned long) ilen; 00250 ctx->total[0] &= 0xFFFFFFFF; 00251 00252 if( ctx->total[0] < (unsigned long) ilen ) 00253 ctx->total[1]++; 00254 00255 if( left && ilen >= fill ) 00256 { 00257 memcpy( (void *) (ctx->buffer + left), 00258 (void *) input, fill ); 00259 sha1_process( ctx, ctx->buffer ); 00260 input += fill; 00261 ilen -= fill; 00262 left = 0; 00263 } 00264 00265 while( ilen >= 64 ) 00266 { 00267 sha1_process( ctx, input ); 00268 input += 64; 00269 ilen -= 64; 00270 } 00271 00272 if( ilen > 0 ) 00273 { 00274 memcpy( (void *) (ctx->buffer + left), 00275 (void *) input, ilen ); 00276 } 00277 } 00278 00279 static const unsigned char sha1_padding[64] = 00280 { 00281 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 00282 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 00283 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 00284 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 00285 }; 00286 00287 /* 00288 * SHA-1 final digest 00289 */ 00290 void sha1_finish( sha1_context *ctx, unsigned char output[20] ) 00291 { 00292 unsigned long last, padn; 00293 unsigned long high, low; 00294 unsigned char msglen[8]; 00295 00296 high = ( ctx->total[0] >> 29 ) 00297 | ( ctx->total[1] << 3 ); 00298 low = ( ctx->total[0] << 3 ); 00299 00300 PUT_ULONG_BE( high, msglen, 0 ); 00301 PUT_ULONG_BE( low, msglen, 4 ); 00302 00303 last = ctx->total[0] & 0x3F; 00304 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); 00305 00306 sha1_update( ctx, (unsigned char *) sha1_padding, padn ); 00307 sha1_update( ctx, msglen, 8 ); 00308 00309 PUT_ULONG_BE( ctx->state[0], output, 0 ); 00310 PUT_ULONG_BE( ctx->state[1], output, 4 ); 00311 PUT_ULONG_BE( ctx->state[2], output, 8 ); 00312 PUT_ULONG_BE( ctx->state[3], output, 12 ); 00313 PUT_ULONG_BE( ctx->state[4], output, 16 ); 00314 } 00315 00316 /* 00317 * output = SHA-1( input buffer ) 00318 */ 00319 void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ) 00320 { 00321 sha1_context ctx; 00322 00323 sha1_starts( &ctx ); 00324 sha1_update( &ctx, input, ilen ); 00325 sha1_finish( &ctx, output ); 00326 00327 memset( &ctx, 0, sizeof( sha1_context ) ); 00328 } 00329 00330 #if defined(POLARSSL_FS_IO) 00331 /* 00332 * output = SHA-1( file contents ) 00333 */ 00334 int sha1_file( const char *path, unsigned char output[20] ) 00335 { 00336 FILE *f; 00337 size_t n; 00338 sha1_context ctx; 00339 unsigned char buf[1024]; 00340 00341 if( ( f = fopen( path, "rb" ) ) == NULL ) 00342 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR ); 00343 00344 sha1_starts( &ctx ); 00345 00346 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) 00347 sha1_update( &ctx, buf, n ); 00348 00349 sha1_finish( &ctx, output ); 00350 00351 memset( &ctx, 0, sizeof( sha1_context ) ); 00352 00353 if( ferror( f ) != 0 ) 00354 { 00355 fclose( f ); 00356 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR ); 00357 } 00358 00359 fclose( f ); 00360 return( 0 ); 00361 } 00362 #endif /* POLARSSL_FS_IO */ 00363 00364 /* 00365 * SHA-1 HMAC context setup 00366 */ 00367 void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen ) 00368 { 00369 size_t i; 00370 unsigned char sum[20]; 00371 00372 if( keylen > 64 ) 00373 { 00374 sha1( key, keylen, sum ); 00375 keylen = 20; 00376 key = sum; 00377 } 00378 00379 memset( ctx->ipad, 0x36, 64 ); 00380 memset( ctx->opad, 0x5C, 64 ); 00381 00382 for( i = 0; i < keylen; i++ ) 00383 { 00384 ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); 00385 ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); 00386 } 00387 00388 sha1_starts( ctx ); 00389 sha1_update( ctx, ctx->ipad, 64 ); 00390 00391 memset( sum, 0, sizeof( sum ) ); 00392 } 00393 00394 /* 00395 * SHA-1 HMAC process buffer 00396 */ 00397 void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) 00398 { 00399 sha1_update( ctx, input, ilen ); 00400 } 00401 00402 /* 00403 * SHA-1 HMAC final digest 00404 */ 00405 void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ) 00406 { 00407 unsigned char tmpbuf[20]; 00408 00409 sha1_finish( ctx, tmpbuf ); 00410 sha1_starts( ctx ); 00411 sha1_update( ctx, ctx->opad, 64 ); 00412 sha1_update( ctx, tmpbuf, 20 ); 00413 sha1_finish( ctx, output ); 00414 00415 memset( tmpbuf, 0, sizeof( tmpbuf ) ); 00416 } 00417 00418 /* 00419 * SHA1 HMAC context reset 00420 */ 00421 void sha1_hmac_reset( sha1_context *ctx ) 00422 { 00423 sha1_starts( ctx ); 00424 sha1_update( ctx, ctx->ipad, 64 ); 00425 } 00426 00427 /* 00428 * output = HMAC-SHA-1( hmac key, input buffer ) 00429 */ 00430 void sha1_hmac( const unsigned char *key, size_t keylen, 00431 const unsigned char *input, size_t ilen, 00432 unsigned char output[20] ) 00433 { 00434 sha1_context ctx; 00435 00436 sha1_hmac_starts( &ctx, key, keylen ); 00437 sha1_hmac_update( &ctx, input, ilen ); 00438 sha1_hmac_finish( &ctx, output ); 00439 00440 memset( &ctx, 0, sizeof( sha1_context ) ); 00441 } 00442 00443 #if defined(POLARSSL_SELF_TEST) 00444 /* 00445 * FIPS-180-1 test vectors 00446 */ 00447 static unsigned char sha1_test_buf[3][57] = 00448 { 00449 { "abc" }, 00450 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, 00451 { "" } 00452 }; 00453 00454 static const int sha1_test_buflen[3] = 00455 { 00456 3, 56, 1000 00457 }; 00458 00459 static const unsigned char sha1_test_sum[3][20] = 00460 { 00461 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 00462 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D }, 00463 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE, 00464 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 }, 00465 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E, 00466 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F } 00467 }; 00468 00469 /* 00470 * RFC 2202 test vectors 00471 */ 00472 static unsigned char sha1_hmac_test_key[7][26] = 00473 { 00474 { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" 00475 "\x0B\x0B\x0B\x0B" }, 00476 { "Jefe" }, 00477 { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" 00478 "\xAA\xAA\xAA\xAA" }, 00479 { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" 00480 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, 00481 { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" 00482 "\x0C\x0C\x0C\x0C" }, 00483 { "" }, /* 0xAA 80 times */ 00484 { "" } 00485 }; 00486 00487 static const int sha1_hmac_test_keylen[7] = 00488 { 00489 20, 4, 20, 25, 20, 80, 80 00490 }; 00491 00492 static unsigned char sha1_hmac_test_buf[7][74] = 00493 { 00494 { "Hi There" }, 00495 { "what do ya want for nothing?" }, 00496 { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 00497 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 00498 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 00499 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 00500 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, 00501 { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 00502 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 00503 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 00504 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 00505 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, 00506 { "Test With Truncation" }, 00507 { "Test Using Larger Than Block-Size Key - Hash Key First" }, 00508 { "Test Using Larger Than Block-Size Key and Larger" 00509 " Than One Block-Size Data" } 00510 }; 00511 00512 static const int sha1_hmac_test_buflen[7] = 00513 { 00514 8, 28, 50, 50, 20, 54, 73 00515 }; 00516 00517 static const unsigned char sha1_hmac_test_sum[7][20] = 00518 { 00519 { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B, 00520 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 }, 00521 { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74, 00522 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 }, 00523 { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3, 00524 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 }, 00525 { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84, 00526 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA }, 00527 { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2, 00528 0x7B, 0xE1 }, 00529 { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70, 00530 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 }, 00531 { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B, 00532 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 } 00533 }; 00534 00535 /* 00536 * Checkup routine 00537 */ 00538 int sha1_self_test( int verbose ) 00539 { 00540 int i, j, buflen; 00541 unsigned char buf[1024]; 00542 unsigned char sha1sum[20]; 00543 sha1_context ctx; 00544 00545 /* 00546 * SHA-1 00547 */ 00548 for( i = 0; i < 3; i++ ) 00549 { 00550 if( verbose != 0 ) 00551 printf( " SHA-1 test #%d: ", i + 1 ); 00552 00553 sha1_starts( &ctx ); 00554 00555 if( i == 2 ) 00556 { 00557 memset( buf, 'a', buflen = 1000 ); 00558 00559 for( j = 0; j < 1000; j++ ) 00560 sha1_update( &ctx, buf, buflen ); 00561 } 00562 else 00563 sha1_update( &ctx, sha1_test_buf[i], 00564 sha1_test_buflen[i] ); 00565 00566 sha1_finish( &ctx, sha1sum ); 00567 00568 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) 00569 { 00570 if( verbose != 0 ) 00571 printf( "failed\n" ); 00572 00573 return( 1 ); 00574 } 00575 00576 if( verbose != 0 ) 00577 printf( "passed\n" ); 00578 } 00579 00580 if( verbose != 0 ) 00581 printf( "\n" ); 00582 00583 for( i = 0; i < 7; i++ ) 00584 { 00585 if( verbose != 0 ) 00586 printf( " HMAC-SHA-1 test #%d: ", i + 1 ); 00587 00588 if( i == 5 || i == 6 ) 00589 { 00590 memset( buf, '\xAA', buflen = 80 ); 00591 sha1_hmac_starts( &ctx, buf, buflen ); 00592 } 00593 else 00594 sha1_hmac_starts( &ctx, sha1_hmac_test_key[i], 00595 sha1_hmac_test_keylen[i] ); 00596 00597 sha1_hmac_update( &ctx, sha1_hmac_test_buf[i], 00598 sha1_hmac_test_buflen[i] ); 00599 00600 sha1_hmac_finish( &ctx, sha1sum ); 00601 00602 buflen = ( i == 4 ) ? 12 : 20; 00603 00604 if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 ) 00605 { 00606 if( verbose != 0 ) 00607 printf( "failed\n" ); 00608 00609 return( 1 ); 00610 } 00611 00612 if( verbose != 0 ) 00613 printf( "passed\n" ); 00614 } 00615 00616 if( verbose != 0 ) 00617 printf( "\n" ); 00618 00619 return( 0 ); 00620 } 00621 00622 #endif 00623 00624 #endif