Hannes Tschofenig
Example program to test AES-GCM functionality. Used for a workshop
Embed:
(wiki syntax)
Show/hide line numbers
sha1.c
00001 /* 00002 * FIPS-180-1 compliant SHA-1 implementation 00003 * 00004 * Copyright (C) 2006-2014, Brainspark B.V. 00005 * 00006 * This file is part of PolarSSL (http://www.polarssl.org) 00007 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> 00008 * 00009 * All rights reserved. 00010 * 00011 * This program is free software; you can redistribute it and/or modify 00012 * it under the terms of the GNU General Public License as published by 00013 * the Free Software Foundation; either version 2 of the License, or 00014 * (at your option) any later version. 00015 * 00016 * This program is distributed in the hope that it will be useful, 00017 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00018 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00019 * GNU General Public License for more details. 00020 * 00021 * You should have received a copy of the GNU General Public License along 00022 * with this program; if not, write to the Free Software Foundation, Inc., 00023 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 00024 */ 00025 /* 00026 * The SHA-1 standard was published by NIST in 1993. 00027 * 00028 * http://www.itl.nist.gov/fipspubs/fip180-1.htm 00029 */ 00030 00031 #if !defined(POLARSSL_CONFIG_FILE) 00032 #include "polarssl/config.h" 00033 #else 00034 #include POLARSSL_CONFIG_FILE 00035 #endif 00036 00037 #if defined(POLARSSL_SHA1_C) 00038 00039 #include "polarssl/sha1.h" 00040 00041 #if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) 00042 #include <stdio.h> 00043 #endif 00044 00045 #if defined(POLARSSL_PLATFORM_C) 00046 #include "polarssl/platform.h" 00047 #else 00048 #define polarssl_printf printf 00049 #endif 00050 00051 #if !defined(POLARSSL_SHA1_ALT) 00052 00053 /* 00054 * 32-bit integer manipulation macros (big endian) 00055 */ 00056 #ifndef GET_UINT32_BE 00057 #define GET_UINT32_BE(n,b,i) \ 00058 { \ 00059 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ 00060 | ( (uint32_t) (b)[(i) + 1] << 16 ) \ 00061 | ( (uint32_t) (b)[(i) + 2] << 8 ) \ 00062 | ( (uint32_t) (b)[(i) + 3] ); \ 00063 } 00064 #endif 00065 00066 #ifndef PUT_UINT32_BE 00067 #define PUT_UINT32_BE(n,b,i) \ 00068 { \ 00069 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 00070 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 00071 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 00072 (b)[(i) + 3] = (unsigned char) ( (n) ); \ 00073 } 00074 #endif 00075 00076 /* 00077 * SHA-1 context setup 00078 */ 00079 void sha1_starts( sha1_context *ctx ) 00080 { 00081 ctx->total [0] = 0; 00082 ctx->total [1] = 0; 00083 00084 ctx->state [0] = 0x67452301; 00085 ctx->state [1] = 0xEFCDAB89; 00086 ctx->state [2] = 0x98BADCFE; 00087 ctx->state [3] = 0x10325476; 00088 ctx->state [4] = 0xC3D2E1F0; 00089 } 00090 00091 void sha1_process( sha1_context *ctx, const unsigned char data[64] ) 00092 { 00093 uint32_t temp, W[16], A, B, C, D, E; 00094 00095 GET_UINT32_BE( W[ 0], data, 0 ); 00096 GET_UINT32_BE( W[ 1], data, 4 ); 00097 GET_UINT32_BE( W[ 2], data, 8 ); 00098 GET_UINT32_BE( W[ 3], data, 12 ); 00099 GET_UINT32_BE( W[ 4], data, 16 ); 00100 GET_UINT32_BE( W[ 5], data, 20 ); 00101 GET_UINT32_BE( W[ 6], data, 24 ); 00102 GET_UINT32_BE( W[ 7], data, 28 ); 00103 GET_UINT32_BE( W[ 8], data, 32 ); 00104 GET_UINT32_BE( W[ 9], data, 36 ); 00105 GET_UINT32_BE( W[10], data, 40 ); 00106 GET_UINT32_BE( W[11], data, 44 ); 00107 GET_UINT32_BE( W[12], data, 48 ); 00108 GET_UINT32_BE( W[13], data, 52 ); 00109 GET_UINT32_BE( W[14], data, 56 ); 00110 GET_UINT32_BE( W[15], data, 60 ); 00111 00112 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) 00113 00114 #define R(t) \ 00115 ( \ 00116 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \ 00117 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \ 00118 ( W[t & 0x0F] = S(temp,1) ) \ 00119 ) 00120 00121 #define P(a,b,c,d,e,x) \ 00122 { \ 00123 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \ 00124 } 00125 00126 A = ctx->state [0]; 00127 B = ctx->state [1]; 00128 C = ctx->state [2]; 00129 D = ctx->state [3]; 00130 E = ctx->state [4]; 00131 00132 #define F(x,y,z) (z ^ (x & (y ^ z))) 00133 #define K 0x5A827999 00134 00135 P( A, B, C, D, E, W[0] ); 00136 P( E, A, B, C, D, W[1] ); 00137 P( D, E, A, B, C, W[2] ); 00138 P( C, D, E, A, B, W[3] ); 00139 P( B, C, D, E, A, W[4] ); 00140 P( A, B, C, D, E, W[5] ); 00141 P( E, A, B, C, D, W[6] ); 00142 P( D, E, A, B, C, W[7] ); 00143 P( C, D, E, A, B, W[8] ); 00144 P( B, C, D, E, A, W[9] ); 00145 P( A, B, C, D, E, W[10] ); 00146 P( E, A, B, C, D, W[11] ); 00147 P( D, E, A, B, C, W[12] ); 00148 P( C, D, E, A, B, W[13] ); 00149 P( B, C, D, E, A, W[14] ); 00150 P( A, B, C, D, E, W[15] ); 00151 P( E, A, B, C, D, R(16) ); 00152 P( D, E, A, B, C, R(17) ); 00153 P( C, D, E, A, B, R(18) ); 00154 P( B, C, D, E, A, R(19) ); 00155 00156 #undef K 00157 #undef F 00158 00159 #define F(x,y,z) (x ^ y ^ z) 00160 #define K 0x6ED9EBA1 00161 00162 P( A, B, C, D, E, R(20) ); 00163 P( E, A, B, C, D, R(21) ); 00164 P( D, E, A, B, C, R(22) ); 00165 P( C, D, E, A, B, R(23) ); 00166 P( B, C, D, E, A, R(24) ); 00167 P( A, B, C, D, E, R(25) ); 00168 P( E, A, B, C, D, R(26) ); 00169 P( D, E, A, B, C, R(27) ); 00170 P( C, D, E, A, B, R(28) ); 00171 P( B, C, D, E, A, R(29) ); 00172 P( A, B, C, D, E, R(30) ); 00173 P( E, A, B, C, D, R(31) ); 00174 P( D, E, A, B, C, R(32) ); 00175 P( C, D, E, A, B, R(33) ); 00176 P( B, C, D, E, A, R(34) ); 00177 P( A, B, C, D, E, R(35) ); 00178 P( E, A, B, C, D, R(36) ); 00179 P( D, E, A, B, C, R(37) ); 00180 P( C, D, E, A, B, R(38) ); 00181 P( B, C, D, E, A, R(39) ); 00182 00183 #undef K 00184 #undef F 00185 00186 #define F(x,y,z) ((x & y) | (z & (x | y))) 00187 #define K 0x8F1BBCDC 00188 00189 P( A, B, C, D, E, R(40) ); 00190 P( E, A, B, C, D, R(41) ); 00191 P( D, E, A, B, C, R(42) ); 00192 P( C, D, E, A, B, R(43) ); 00193 P( B, C, D, E, A, R(44) ); 00194 P( A, B, C, D, E, R(45) ); 00195 P( E, A, B, C, D, R(46) ); 00196 P( D, E, A, B, C, R(47) ); 00197 P( C, D, E, A, B, R(48) ); 00198 P( B, C, D, E, A, R(49) ); 00199 P( A, B, C, D, E, R(50) ); 00200 P( E, A, B, C, D, R(51) ); 00201 P( D, E, A, B, C, R(52) ); 00202 P( C, D, E, A, B, R(53) ); 00203 P( B, C, D, E, A, R(54) ); 00204 P( A, B, C, D, E, R(55) ); 00205 P( E, A, B, C, D, R(56) ); 00206 P( D, E, A, B, C, R(57) ); 00207 P( C, D, E, A, B, R(58) ); 00208 P( B, C, D, E, A, R(59) ); 00209 00210 #undef K 00211 #undef F 00212 00213 #define F(x,y,z) (x ^ y ^ z) 00214 #define K 0xCA62C1D6 00215 00216 P( A, B, C, D, E, R(60) ); 00217 P( E, A, B, C, D, R(61) ); 00218 P( D, E, A, B, C, R(62) ); 00219 P( C, D, E, A, B, R(63) ); 00220 P( B, C, D, E, A, R(64) ); 00221 P( A, B, C, D, E, R(65) ); 00222 P( E, A, B, C, D, R(66) ); 00223 P( D, E, A, B, C, R(67) ); 00224 P( C, D, E, A, B, R(68) ); 00225 P( B, C, D, E, A, R(69) ); 00226 P( A, B, C, D, E, R(70) ); 00227 P( E, A, B, C, D, R(71) ); 00228 P( D, E, A, B, C, R(72) ); 00229 P( C, D, E, A, B, R(73) ); 00230 P( B, C, D, E, A, R(74) ); 00231 P( A, B, C, D, E, R(75) ); 00232 P( E, A, B, C, D, R(76) ); 00233 P( D, E, A, B, C, R(77) ); 00234 P( C, D, E, A, B, R(78) ); 00235 P( B, C, D, E, A, R(79) ); 00236 00237 #undef K 00238 #undef F 00239 00240 ctx->state [0] += A; 00241 ctx->state [1] += B; 00242 ctx->state [2] += C; 00243 ctx->state [3] += D; 00244 ctx->state [4] += E; 00245 } 00246 00247 /* 00248 * SHA-1 process buffer 00249 */ 00250 void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) 00251 { 00252 size_t fill; 00253 uint32_t left; 00254 00255 if( ilen <= 0 ) 00256 return; 00257 00258 left = ctx->total [0] & 0x3F; 00259 fill = 64 - left; 00260 00261 ctx->total [0] += (uint32_t) ilen; 00262 ctx->total [0] &= 0xFFFFFFFF; 00263 00264 if( ctx->total [0] < (uint32_t) ilen ) 00265 ctx->total [1]++; 00266 00267 if( left && ilen >= fill ) 00268 { 00269 memcpy( (void *) (ctx->buffer + left), input, fill ); 00270 sha1_process( ctx, ctx->buffer ); 00271 input += fill; 00272 ilen -= fill; 00273 left = 0; 00274 } 00275 00276 while( ilen >= 64 ) 00277 { 00278 sha1_process( ctx, input ); 00279 input += 64; 00280 ilen -= 64; 00281 } 00282 00283 if( ilen > 0 ) 00284 memcpy( (void *) (ctx->buffer + left), input, ilen ); 00285 } 00286 00287 static const unsigned char sha1_padding[64] = 00288 { 00289 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 00290 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 00291 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 00292 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 00293 }; 00294 00295 /* 00296 * SHA-1 final digest 00297 */ 00298 void sha1_finish( sha1_context *ctx, unsigned char output[20] ) 00299 { 00300 uint32_t last, padn; 00301 uint32_t high, low; 00302 unsigned char msglen[8]; 00303 00304 high = ( ctx->total [0] >> 29 ) 00305 | ( ctx->total [1] << 3 ); 00306 low = ( ctx->total [0] << 3 ); 00307 00308 PUT_UINT32_BE( high, msglen, 0 ); 00309 PUT_UINT32_BE( low, msglen, 4 ); 00310 00311 last = ctx->total [0] & 0x3F; 00312 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); 00313 00314 sha1_update( ctx, sha1_padding, padn ); 00315 sha1_update( ctx, msglen, 8 ); 00316 00317 PUT_UINT32_BE( ctx->state [0], output, 0 ); 00318 PUT_UINT32_BE( ctx->state [1], output, 4 ); 00319 PUT_UINT32_BE( ctx->state [2], output, 8 ); 00320 PUT_UINT32_BE( ctx->state [3], output, 12 ); 00321 PUT_UINT32_BE( ctx->state [4], output, 16 ); 00322 } 00323 00324 #endif /* !POLARSSL_SHA1_ALT */ 00325 00326 /* 00327 * output = SHA-1( input buffer ) 00328 */ 00329 void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ) 00330 { 00331 sha1_context ctx; 00332 00333 sha1_starts( &ctx ); 00334 sha1_update( &ctx, input, ilen ); 00335 sha1_finish( &ctx, output ); 00336 00337 memset( &ctx, 0, sizeof( sha1_context ) ); 00338 } 00339 00340 #if defined(POLARSSL_FS_IO) 00341 /* 00342 * output = SHA-1( file contents ) 00343 */ 00344 int sha1_file( const char *path, unsigned char output[20] ) 00345 { 00346 FILE *f; 00347 size_t n; 00348 sha1_context ctx; 00349 unsigned char buf[1024]; 00350 00351 if( ( f = fopen( path, "rb" ) ) == NULL ) 00352 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR ); 00353 00354 sha1_starts( &ctx ); 00355 00356 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) 00357 sha1_update( &ctx, buf, n ); 00358 00359 sha1_finish( &ctx, output ); 00360 00361 memset( &ctx, 0, sizeof( sha1_context ) ); 00362 00363 if( ferror( f ) != 0 ) 00364 { 00365 fclose( f ); 00366 return( POLARSSL_ERR_SHA1_FILE_IO_ERROR ); 00367 } 00368 00369 fclose( f ); 00370 return( 0 ); 00371 } 00372 #endif /* POLARSSL_FS_IO */ 00373 00374 /* 00375 * SHA-1 HMAC context setup 00376 */ 00377 void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, 00378 size_t keylen ) 00379 { 00380 size_t i; 00381 unsigned char sum[20]; 00382 00383 if( keylen > 64 ) 00384 { 00385 sha1( key, keylen, sum ); 00386 keylen = 20; 00387 key = sum; 00388 } 00389 00390 memset( ctx->ipad , 0x36, 64 ); 00391 memset( ctx->opad , 0x5C, 64 ); 00392 00393 for( i = 0; i < keylen; i++ ) 00394 { 00395 ctx->ipad [i] = (unsigned char)( ctx->ipad [i] ^ key[i] ); 00396 ctx->opad [i] = (unsigned char)( ctx->opad [i] ^ key[i] ); 00397 } 00398 00399 sha1_starts( ctx ); 00400 sha1_update( ctx, ctx->ipad , 64 ); 00401 00402 memset( sum, 0, sizeof( sum ) ); 00403 } 00404 00405 /* 00406 * SHA-1 HMAC process buffer 00407 */ 00408 void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, 00409 size_t ilen ) 00410 { 00411 sha1_update( ctx, input, ilen ); 00412 } 00413 00414 /* 00415 * SHA-1 HMAC final digest 00416 */ 00417 void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ) 00418 { 00419 unsigned char tmpbuf[20]; 00420 00421 sha1_finish( ctx, tmpbuf ); 00422 sha1_starts( ctx ); 00423 sha1_update( ctx, ctx->opad , 64 ); 00424 sha1_update( ctx, tmpbuf, 20 ); 00425 sha1_finish( ctx, output ); 00426 00427 memset( tmpbuf, 0, sizeof( tmpbuf ) ); 00428 } 00429 00430 /* 00431 * SHA1 HMAC context reset 00432 */ 00433 void sha1_hmac_reset( sha1_context *ctx ) 00434 { 00435 sha1_starts( ctx ); 00436 sha1_update( ctx, ctx->ipad , 64 ); 00437 } 00438 00439 /* 00440 * output = HMAC-SHA-1( hmac key, input buffer ) 00441 */ 00442 void sha1_hmac( const unsigned char *key, size_t keylen, 00443 const unsigned char *input, size_t ilen, 00444 unsigned char output[20] ) 00445 { 00446 sha1_context ctx; 00447 00448 sha1_hmac_starts( &ctx, key, keylen ); 00449 sha1_hmac_update( &ctx, input, ilen ); 00450 sha1_hmac_finish( &ctx, output ); 00451 00452 memset( &ctx, 0, sizeof( sha1_context ) ); 00453 } 00454 00455 #if defined(POLARSSL_SELF_TEST) 00456 /* 00457 * FIPS-180-1 test vectors 00458 */ 00459 static unsigned char sha1_test_buf[3][57] = 00460 { 00461 { "abc" }, 00462 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, 00463 { "" } 00464 }; 00465 00466 static const int sha1_test_buflen[3] = 00467 { 00468 3, 56, 1000 00469 }; 00470 00471 static const unsigned char sha1_test_sum[3][20] = 00472 { 00473 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 00474 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D }, 00475 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE, 00476 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 }, 00477 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E, 00478 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F } 00479 }; 00480 00481 /* 00482 * RFC 2202 test vectors 00483 */ 00484 static unsigned char sha1_hmac_test_key[7][26] = 00485 { 00486 { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" 00487 "\x0B\x0B\x0B\x0B" }, 00488 { "Jefe" }, 00489 { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" 00490 "\xAA\xAA\xAA\xAA" }, 00491 { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" 00492 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, 00493 { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" 00494 "\x0C\x0C\x0C\x0C" }, 00495 { "" }, /* 0xAA 80 times */ 00496 { "" } 00497 }; 00498 00499 static const int sha1_hmac_test_keylen[7] = 00500 { 00501 20, 4, 20, 25, 20, 80, 80 00502 }; 00503 00504 static unsigned char sha1_hmac_test_buf[7][74] = 00505 { 00506 { "Hi There" }, 00507 { "what do ya want for nothing?" }, 00508 { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 00509 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 00510 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 00511 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" 00512 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, 00513 { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 00514 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 00515 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 00516 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" 00517 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, 00518 { "Test With Truncation" }, 00519 { "Test Using Larger Than Block-Size Key - Hash Key First" }, 00520 { "Test Using Larger Than Block-Size Key and Larger" 00521 " Than One Block-Size Data" } 00522 }; 00523 00524 static const int sha1_hmac_test_buflen[7] = 00525 { 00526 8, 28, 50, 50, 20, 54, 73 00527 }; 00528 00529 static const unsigned char sha1_hmac_test_sum[7][20] = 00530 { 00531 { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B, 00532 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 }, 00533 { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74, 00534 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 }, 00535 { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3, 00536 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 }, 00537 { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84, 00538 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA }, 00539 { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2, 00540 0x7B, 0xE1 }, 00541 { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70, 00542 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 }, 00543 { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B, 00544 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 } 00545 }; 00546 00547 /* 00548 * Checkup routine 00549 */ 00550 int sha1_self_test( int verbose ) 00551 { 00552 int i, j, buflen; 00553 unsigned char buf[1024]; 00554 unsigned char sha1sum[20]; 00555 sha1_context ctx; 00556 00557 /* 00558 * SHA-1 00559 */ 00560 for( i = 0; i < 3; i++ ) 00561 { 00562 if( verbose != 0 ) 00563 polarssl_printf( " SHA-1 test #%d: ", i + 1 ); 00564 00565 sha1_starts( &ctx ); 00566 00567 if( i == 2 ) 00568 { 00569 memset( buf, 'a', buflen = 1000 ); 00570 00571 for( j = 0; j < 1000; j++ ) 00572 sha1_update( &ctx, buf, buflen ); 00573 } 00574 else 00575 sha1_update( &ctx, sha1_test_buf[i], 00576 sha1_test_buflen[i] ); 00577 00578 sha1_finish( &ctx, sha1sum ); 00579 00580 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) 00581 { 00582 if( verbose != 0 ) 00583 polarssl_printf( "failed\n" ); 00584 00585 return( 1 ); 00586 } 00587 00588 if( verbose != 0 ) 00589 polarssl_printf( "passed\n" ); 00590 } 00591 00592 if( verbose != 0 ) 00593 polarssl_printf( "\n" ); 00594 00595 for( i = 0; i < 7; i++ ) 00596 { 00597 if( verbose != 0 ) 00598 polarssl_printf( " HMAC-SHA-1 test #%d: ", i + 1 ); 00599 00600 if( i == 5 || i == 6 ) 00601 { 00602 memset( buf, '\xAA', buflen = 80 ); 00603 sha1_hmac_starts( &ctx, buf, buflen ); 00604 } 00605 else 00606 sha1_hmac_starts( &ctx, sha1_hmac_test_key[i], 00607 sha1_hmac_test_keylen[i] ); 00608 00609 sha1_hmac_update( &ctx, sha1_hmac_test_buf[i], 00610 sha1_hmac_test_buflen[i] ); 00611 00612 sha1_hmac_finish( &ctx, sha1sum ); 00613 00614 buflen = ( i == 4 ) ? 12 : 20; 00615 00616 if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 ) 00617 { 00618 if( verbose != 0 ) 00619 polarssl_printf( "failed\n" ); 00620 00621 return( 1 ); 00622 } 00623 00624 if( verbose != 0 ) 00625 polarssl_printf( "passed\n" ); 00626 } 00627 00628 if( verbose != 0 ) 00629 polarssl_printf( "\n" ); 00630 00631 return( 0 ); 00632 } 00633 00634 #endif /* POLARSSL_SELF_TEST */ 00635 00636 #endif /* POLARSSL_SHA1_C */ 00637 00638
Generated on Tue Jul 12 2022 19:40:20 by
1.7.2