summaryrefslogtreecommitdiffstats
path: root/src/crypto/hmac
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/hmac')
-rw-r--r--src/crypto/hmac/CMakeLists.txt3
-rw-r--r--src/crypto/hmac/hmac.c72
-rw-r--r--src/crypto/hmac/hmac_test.c223
-rw-r--r--src/crypto/hmac/hmac_test.cc171
-rw-r--r--src/crypto/hmac/hmac_tests.txt102
5 files changed, 307 insertions, 264 deletions
diff --git a/src/crypto/hmac/CMakeLists.txt b/src/crypto/hmac/CMakeLists.txt
index e15c956..1a08c55 100644
--- a/src/crypto/hmac/CMakeLists.txt
+++ b/src/crypto/hmac/CMakeLists.txt
@@ -12,7 +12,8 @@ add_library(
add_executable(
hmac_test
- hmac_test.c
+ hmac_test.cc
+ $<TARGET_OBJECTS:test_support>
)
target_link_libraries(hmac_test crypto)
diff --git a/src/crypto/hmac/hmac.c b/src/crypto/hmac/hmac.c
index f179fed..b1b2623 100644
--- a/src/crypto/hmac/hmac.c
+++ b/src/crypto/hmac/hmac.c
@@ -76,7 +76,7 @@ uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
}
HMAC_CTX_init(&ctx);
- if (!HMAC_Init(&ctx, key, key_len, evp_md) ||
+ if (!HMAC_Init_ex(&ctx, key, key_len, evp_md, NULL) ||
!HMAC_Update(&ctx, data, data_len) ||
!HMAC_Final(&ctx, out, out_len)) {
out = NULL;
@@ -88,7 +88,6 @@ uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
void HMAC_CTX_init(HMAC_CTX *ctx) {
ctx->md = NULL;
- ctx->key_length = 0;
EVP_MD_CTX_init(&ctx->i_ctx);
EVP_MD_CTX_init(&ctx->o_ctx);
EVP_MD_CTX_init(&ctx->md_ctx);
@@ -103,71 +102,66 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx) {
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t key_len,
const EVP_MD *md, ENGINE *impl) {
- unsigned i, reset = 0;
- uint8_t pad[HMAC_MAX_MD_CBLOCK];
-
- if (md != NULL) {
- if (ctx->md == NULL && key == NULL && ctx->key_length == 0) {
- /* TODO(eroman): Change the API instead of this hack.
- * If a key hasn't yet been assigned to the context, then default to using
- * an all-zero key. This is to work around callers of
- * HMAC_Init_ex(key=NULL, key_len=0) intending to set a zero-length key.
- * Rather than resulting in uninitialized memory reads, it will
- * predictably use a zero key. */
- memset(ctx->key, 0, sizeof(ctx->key));
- }
- reset = 1;
- ctx->md = md;
- } else {
+ if (md == NULL) {
md = ctx->md;
}
- if (key != NULL) {
+ /* If either |key| is non-NULL or |md| has changed, initialize with a new key
+ * rather than rewinding the previous one.
+ *
+ * TODO(davidben,eroman): Passing the previous |md| with a NULL |key| is
+ * ambiguous between using the empty key and reusing the previous key. There
+ * exist callers which intend the latter, but the former is an awkward edge
+ * case. Fix to API to avoid this. */
+ if (md != ctx->md || key != NULL) {
+ size_t i;
+ uint8_t pad[HMAC_MAX_MD_CBLOCK];
+ uint8_t key_block[HMAC_MAX_MD_CBLOCK];
+ unsigned key_block_len;
+
size_t block_size = EVP_MD_block_size(md);
- reset = 1;
- assert(block_size <= sizeof(ctx->key));
+ assert(block_size <= sizeof(key_block));
if (block_size < key_len) {
+ /* Long keys are hashed. */
if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl) ||
!EVP_DigestUpdate(&ctx->md_ctx, key, key_len) ||
- !EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key, &ctx->key_length)) {
- goto err;
+ !EVP_DigestFinal_ex(&ctx->md_ctx, key_block, &key_block_len)) {
+ return 0;
}
} else {
- assert(key_len >= 0 && key_len <= sizeof(ctx->key));
- memcpy(ctx->key, key, key_len);
- ctx->key_length = key_len;
+ assert(key_len >= 0 && key_len <= sizeof(key_block));
+ memcpy(key_block, key, key_len);
+ key_block_len = (unsigned)key_len;
}
- if (ctx->key_length != HMAC_MAX_MD_CBLOCK) {
- memset(&ctx->key[ctx->key_length], 0, sizeof(ctx->key) - ctx->key_length);
+ /* Keys are then padded with zeros. */
+ if (key_block_len != HMAC_MAX_MD_CBLOCK) {
+ memset(&key_block[key_block_len], 0, sizeof(key_block) - key_block_len);
}
- }
- if (reset) {
for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) {
- pad[i] = 0x36 ^ ctx->key[i];
+ pad[i] = 0x36 ^ key_block[i];
}
if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl) ||
!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md))) {
- goto err;
+ return 0;
}
for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) {
- pad[i] = 0x5c ^ ctx->key[i];
+ pad[i] = 0x5c ^ key_block[i];
}
if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl) ||
!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md))) {
- goto err;
+ return 0;
}
+
+ ctx->md = md;
}
if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx)) {
- goto err;
+ return 0;
}
return 1;
-
-err:
- return 0;
}
int HMAC_Update(HMAC_CTX *ctx, const uint8_t *data, size_t data_len) {
@@ -200,8 +194,6 @@ int HMAC_CTX_copy_ex(HMAC_CTX *dest, const HMAC_CTX *src) {
return 0;
}
- memcpy(dest->key, src->key, HMAC_MAX_MD_CBLOCK);
- dest->key_length = src->key_length;
dest->md = src->md;
return 1;
}
diff --git a/src/crypto/hmac/hmac_test.c b/src/crypto/hmac/hmac_test.c
deleted file mode 100644
index ecc418a..0000000
--- a/src/crypto/hmac/hmac_test.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.] */
-
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/crypto.h>
-#include <openssl/digest.h>
-#include <openssl/hmac.h>
-
-
-struct test_st {
- uint8_t key[16];
- size_t key_len;
- uint8_t data[64];
- size_t data_len;
- const char *hex_digest;
-};
-
-#define NUM_TESTS 4
-
-static const struct test_st kTests[NUM_TESTS] = {
- {
- "", 0, "More text test vectors to stuff up EBCDIC machines :-)", 54,
- "e9139d1e6ee064ef8cf514fc7dc83e86",
- },
- {
- {
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b,
- },
- 16,
- "Hi There",
- 8,
- "9294727a3638bb1c13f48ef8158bfc9d",
- },
- {
- "Jefe", 4, "what do ya want for nothing?", 28,
- "750c783e6ab0b503eaa86e310a5db738",
- },
- {
- {
- 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
- 0xaa, 0xaa, 0xaa, 0xaa,
- },
- 16,
- {
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
- 0xdd, 0xdd,
- },
- 50,
- "56be34521d144c88dbb8c733f0e8b3f6",
- },
-};
-
-static char *to_hex(const uint8_t *md, size_t md_len) {
- size_t i;
- static char buf[80];
-
- for (i = 0; i < md_len; i++) {
- sprintf(&(buf[i * 2]), "%02x", md[i]);
- }
- return buf;
-}
-
-int main(int argc, char *argv[]) {
- unsigned i;
- char *p;
- int err = 0;
- uint8_t out[EVP_MAX_MD_SIZE];
- unsigned out_len;
-
- CRYPTO_library_init();
-
- for (i = 0; i < NUM_TESTS; i++) {
- const struct test_st *test = &kTests[i];
-
- /* Test using the one-shot API. */
- if (NULL == HMAC(EVP_md5(), test->key, test->key_len, test->data,
- test->data_len, out, &out_len)) {
- fprintf(stderr, "%u: HMAC failed.\n", i);
- err++;
- continue;
- }
- p = to_hex(out, out_len);
- if (strcmp(p, test->hex_digest) != 0) {
- fprintf(stderr, "%u: got %s instead of %s\n", i, p, test->hex_digest);
- err++;
- }
-
- /* Test using HMAC_CTX. */
- HMAC_CTX ctx;
- HMAC_CTX_init(&ctx);
- if (!HMAC_Init_ex(&ctx, test->key, test->key_len, EVP_md5(), NULL) ||
- !HMAC_Update(&ctx, test->data, test->data_len) ||
- !HMAC_Final(&ctx, out, &out_len)) {
- fprintf(stderr, "%u: HMAC failed.\n", i);
- err++;
- HMAC_CTX_cleanup(&ctx);
- continue;
- }
- p = to_hex(out, out_len);
- if (strcmp(p, test->hex_digest) != 0) {
- fprintf(stderr, "%u: got %s instead of %s\n", i, p, test->hex_digest);
- err++;
- }
-
- /* Test that an HMAC_CTX may be reset with the same key. */
- if (!HMAC_Init_ex(&ctx, NULL, 0, EVP_md5(), NULL) ||
- !HMAC_Update(&ctx, test->data, test->data_len) ||
- !HMAC_Final(&ctx, out, &out_len)) {
- fprintf(stderr, "%u: HMAC failed.\n", i);
- err++;
- HMAC_CTX_cleanup(&ctx);
- continue;
- }
- p = to_hex(out, out_len);
- if (strcmp(p, test->hex_digest) != 0) {
- fprintf(stderr, "%u: got %s instead of %s\n", i, p, test->hex_digest);
- err++;
- }
-
- HMAC_CTX_cleanup(&ctx);
- }
-
- /* Test that HMAC() uses the empty key when called with key = NULL. */
- const struct test_st *test = &kTests[0];
- assert(test->key_len == 0);
- if (NULL == HMAC(EVP_md5(), NULL, 0, test->data, test->data_len, out,
- &out_len)) {
- fprintf(stderr, "HMAC failed.\n");
- err++;
- } else {
- p = to_hex(out, out_len);
- if (strcmp(p, test->hex_digest) != 0) {
- fprintf(stderr, "got %s instead of %s\n", p, test->hex_digest);
- err++;
- }
- }
-
- /* Test that HMAC_Init, etc., uses the empty key when called initially with
- * key = NULL. */
- assert(test->key_len == 0);
- HMAC_CTX ctx;
- HMAC_CTX_init(&ctx);
- if (!HMAC_Init_ex(&ctx, NULL, 0, EVP_md5(), NULL) ||
- !HMAC_Update(&ctx, test->data, test->data_len) ||
- !HMAC_Final(&ctx, out, &out_len)) {
- fprintf(stderr, "HMAC failed.\n");
- err++;
- } else {
- p = to_hex(out, out_len);
- if (strcmp(p, test->hex_digest) != 0) {
- fprintf(stderr, "got %s instead of %s\n", p, test->hex_digest);
- err++;
- }
- }
- HMAC_CTX_cleanup(&ctx);
-
- if (err) {
- return 1;
- }
-
- printf("PASS\n");
- return 0;
-}
diff --git a/src/crypto/hmac/hmac_test.cc b/src/crypto/hmac/hmac_test.cc
new file mode 100644
index 0000000..d438b70
--- /dev/null
+++ b/src/crypto/hmac/hmac_test.cc
@@ -0,0 +1,171 @@
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+#include <stdio.h>
+#include <string.h>
+
+#include <string>
+#include <vector>
+
+#include <openssl/crypto.h>
+#include <openssl/digest.h>
+#include <openssl/hmac.h>
+
+#include "../test/file_test.h"
+#include "../test/scoped_types.h"
+#include "../test/stl_compat.h"
+
+
+static const EVP_MD *GetDigest(const std::string &name) {
+ if (name == "MD5") {
+ return EVP_md5();
+ } else if (name == "SHA1") {
+ return EVP_sha1();
+ } else if (name == "SHA224") {
+ return EVP_sha224();
+ } else if (name == "SHA256") {
+ return EVP_sha256();
+ } else if (name == "SHA384") {
+ return EVP_sha384();
+ } else if (name == "SHA512") {
+ return EVP_sha512();
+ }
+ return nullptr;
+}
+
+static bool TestHMAC(FileTest *t, void *arg) {
+ std::string digest_str;
+ if (!t->GetAttribute(&digest_str, "HMAC")) {
+ return false;
+ }
+ const EVP_MD *digest = GetDigest(digest_str);
+ if (digest == nullptr) {
+ t->PrintLine("Unknown digest '%s'", digest_str.c_str());
+ return false;
+ }
+
+ std::vector<uint8_t> key, input, output;
+ if (!t->GetBytes(&key, "Key") ||
+ !t->GetBytes(&input, "Input") ||
+ !t->GetBytes(&output, "Output")) {
+ return false;
+ }
+
+ // Test using the one-shot API.
+ uint8_t mac[EVP_MAX_MD_SIZE];
+ unsigned mac_len;
+ if (nullptr == HMAC(digest, bssl::vector_data(&key), key.size(),
+ bssl::vector_data(&input), input.size(), mac,
+ &mac_len) ||
+ !t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), mac,
+ mac_len)) {
+ t->PrintLine("One-shot API failed.");
+ return false;
+ }
+
+ // Test using HMAC_CTX.
+ ScopedHMAC_CTX ctx;
+ if (!HMAC_Init_ex(ctx.get(), bssl::vector_data(&key), key.size(), digest,
+ nullptr) ||
+ !HMAC_Update(ctx.get(), bssl::vector_data(&input), input.size()) ||
+ !HMAC_Final(ctx.get(), mac, &mac_len) ||
+ !t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), mac,
+ mac_len)) {
+ t->PrintLine("HMAC_CTX failed.");
+ return false;
+ }
+
+ // Test that an HMAC_CTX may be reset with the same key.
+ if (!HMAC_Init_ex(ctx.get(), nullptr, 0, digest, nullptr) ||
+ !HMAC_Update(ctx.get(), bssl::vector_data(&input), input.size()) ||
+ !HMAC_Final(ctx.get(), mac, &mac_len) ||
+ !t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), mac,
+ mac_len)) {
+ t->PrintLine("HMAC_CTX with reset failed.");
+ return false;
+ }
+
+ // Test feeding the input in byte by byte.
+ if (!HMAC_Init_ex(ctx.get(), nullptr, 0, nullptr, nullptr)) {
+ t->PrintLine("HMAC_CTX streaming failed.");
+ return false;
+ }
+ for (size_t i = 0; i < input.size(); i++) {
+ if (!HMAC_Update(ctx.get(), &input[i], 1)) {
+ t->PrintLine("HMAC_CTX streaming failed.");
+ return false;
+ }
+ }
+ if (!HMAC_Final(ctx.get(), mac, &mac_len) ||
+ !t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), mac,
+ mac_len)) {
+ t->PrintLine("HMAC_CTX streaming failed.");
+ return false;
+ }
+
+ return true;
+}
+
+int main(int argc, char *argv[]) {
+ CRYPTO_library_init();
+
+ if (argc != 2) {
+ fprintf(stderr, "%s <test file.txt>\n", argv[0]);
+ return 1;
+ }
+
+ return FileTestMain(TestHMAC, nullptr, argv[1]);
+}
diff --git a/src/crypto/hmac/hmac_tests.txt b/src/crypto/hmac/hmac_tests.txt
new file mode 100644
index 0000000..9caa3c9
--- /dev/null
+++ b/src/crypto/hmac/hmac_tests.txt
@@ -0,0 +1,102 @@
+# This test file is shared between evp_test and hmac_test, to test the legacy
+# EVP_PKEY_HMAC API.
+
+HMAC = MD5
+# Note: The empty key results in passing NULL to HMAC_Init_ex, so this tests
+# that HMAC_CTX and HMAC treat NULL as the empty key initially.
+Key =
+Input = "More text test vectors to stuff up EBCDIC machines :-)"
+Output = e9139d1e6ee064ef8cf514fc7dc83e86
+
+# HMAC tests from RFC2104
+HMAC = MD5
+Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+Input = "Hi There"
+Output = 9294727a3638bb1c13f48ef8158bfc9d
+
+HMAC = MD5
+Key = "Jefe"
+Input = "what do ya want for nothing?"
+Output = 750c783e6ab0b503eaa86e310a5db738
+
+HMAC = MD5
+Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+Input = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
+Output = 56be34521d144c88dbb8c733f0e8b3f6
+
+# HMAC tests from NIST test data
+
+HMAC = SHA1
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = 5FD596EE78D5553C8FF4E72D266DFD192366DA29
+
+HMAC = SHA1
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F10111213
+Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
+
+HMAC = SHA1
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = 2D51B2F7750E410584662E38F133435F4C4FD42A
+
+HMAC = SHA224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = C7405E3AE058E8CD30B08B4140248581ED174CB34E1224BCC1EFC81B
+
+HMAC = SHA224
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B
+Output = E3D249A8CFB67EF8B7A169E9A0A599714A2CECBA65999A51BEB8FBBE
+
+HMAC = SHA224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = 91C52509E5AF8531601AE6230099D90BEF88AAEFB961F4080ABC014D
+
+HMAC = SHA256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = 8BB9A1DB9806F20DF7F77B82138C7914D174D59E13DC4D0169C9057B133E1D62
+
+HMAC = SHA256
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Output = A28CF43130EE696A98F14A37678B56BCFCBDD9E5CF69717FECF5480F0EBDF790
+
+HMAC = SHA256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = BDCCB6C72DDEADB500AE768386CB38CC41C63DBB0878DDB9C7A38A431B78378D
+
+HMAC = SHA384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = 63C5DAA5E651847CA897C95814AB830BEDEDC7D25E83EEF9195CD45857A37F448947858F5AF50CC2B1B730DDF29671A9
+
+HMAC = SHA384
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F
+Output = 6EB242BDBB582CA17BEBFA481B1E23211464D2B7F8C20B9FF2201637B93646AF5AE9AC316E98DB45D9CAE773675EEED0
+
+HMAC = SHA384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Output = 5B664436DF69B0CA22551231A3F0A3D5B4F97991713CFA84BFF4D0792EFF96C27DCCBBB6F79B65D548B40E8564CEF594
+
+HMAC = SHA512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = FC25E240658CA785B7A811A8D3F7B4CA48CFA26A8A366BF2CD1F836B05FCB024BD36853081811D6CEA4216EBAD79DA1CFCB95EA4586B8A0CE356596A55FB1347
+
+HMAC = SHA512
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = FD44C18BDA0BB0A6CE0E82B031BF2818F6539BD56EC00BDC10A8A2D730B3634DE2545D639B0F2CF710D0692C72A1896F1F211C2B922D1A96C392E07E7EA9FEDC
+
+HMAC = SHA512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3
generated by cgit v1.1 at 2024-06-23 17:53:51 +0000