NetServices Stack source

Dependents:   HelloWorld ServoInterfaceBoardExample1 4180_Lab4

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers sha1.c Source File

sha1.c

00001 /*
00002  *  FIPS-180-1 compliant SHA-1 implementation
00003  *
00004  *  Copyright (C) 2006-2010, Paul Bakker <polarssl_maintainer at polarssl.org>
00005  *  All rights reserved.
00006  *
00007  *  This program is free software; you can redistribute it and/or modify
00008  *  it under the terms of the GNU General Public License as published by
00009  *  the Free Software Foundation; either version 2 of the License, or
00010  *  (at your option) any later version.
00011  *
00012  *  This program is distributed in the hope that it will be useful,
00013  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00014  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00015  *  GNU General Public License for more details.
00016  *
00017  *  You should have received a copy of the GNU General Public License along
00018  *  with this program; if not, write to the Free Software Foundation, Inc.,
00019  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
00020  */
00021 /*
00022  *  The SHA-1 standard was published by NIST in 1993.
00023  *
00024  *  http://www.itl.nist.gov/fipspubs/fip180-1.htm
00025  */
00026 
00027 #include "sha1config.h"
00028 
00029 #if defined(POLARSSL_SHA1_C)
00030 
00031 #include "sha1.h"
00032 
00033 #include <string.h>
00034 #include <stdio.h>
00035 
00036 /*
00037  * 32-bit integer manipulation macros (big endian)
00038  */
00039 #ifndef GET_ULONG_BE
00040 #define GET_ULONG_BE(n,b,i)                             \
00041 {                                                       \
00042     (n) = ( (unsigned long) (b)[(i)    ] << 24 )        \
00043         | ( (unsigned long) (b)[(i) + 1] << 16 )        \
00044         | ( (unsigned long) (b)[(i) + 2] <<  8 )        \
00045         | ( (unsigned long) (b)[(i) + 3]       );       \
00046 }
00047 #endif
00048 
00049 #ifndef PUT_ULONG_BE
00050 #define PUT_ULONG_BE(n,b,i)                             \
00051 {                                                       \
00052     (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
00053     (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
00054     (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
00055     (b)[(i) + 3] = (unsigned char) ( (n)       );       \
00056 }
00057 #endif
00058 
00059 /*
00060  * SHA-1 context setup
00061  */
00062 void sha1_starts( sha1_context *ctx )
00063 {
00064     ctx->total[0] = 0;
00065     ctx->total[1] = 0;
00066 
00067     ctx->state[0] = 0x67452301;
00068     ctx->state[1] = 0xEFCDAB89;
00069     ctx->state[2] = 0x98BADCFE;
00070     ctx->state[3] = 0x10325476;
00071     ctx->state[4] = 0xC3D2E1F0;
00072 }
00073 
00074 static void sha1_process( sha1_context *ctx, const unsigned char data[64] )
00075 {
00076     unsigned long temp, W[16], A, B, C, D, E;
00077 
00078     GET_ULONG_BE( W[ 0], data,  0 );
00079     GET_ULONG_BE( W[ 1], data,  4 );
00080     GET_ULONG_BE( W[ 2], data,  8 );
00081     GET_ULONG_BE( W[ 3], data, 12 );
00082     GET_ULONG_BE( W[ 4], data, 16 );
00083     GET_ULONG_BE( W[ 5], data, 20 );
00084     GET_ULONG_BE( W[ 6], data, 24 );
00085     GET_ULONG_BE( W[ 7], data, 28 );
00086     GET_ULONG_BE( W[ 8], data, 32 );
00087     GET_ULONG_BE( W[ 9], data, 36 );
00088     GET_ULONG_BE( W[10], data, 40 );
00089     GET_ULONG_BE( W[11], data, 44 );
00090     GET_ULONG_BE( W[12], data, 48 );
00091     GET_ULONG_BE( W[13], data, 52 );
00092     GET_ULONG_BE( W[14], data, 56 );
00093     GET_ULONG_BE( W[15], data, 60 );
00094 
00095 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
00096 
00097 #define R(t)                                            \
00098 (                                                       \
00099     temp = W[(t -  3) & 0x0F] ^ W[(t - 8) & 0x0F] ^     \
00100            W[(t - 14) & 0x0F] ^ W[ t      & 0x0F],      \
00101     ( W[t & 0x0F] = S(temp,1) )                         \
00102 )
00103 
00104 #define P(a,b,c,d,e,x)                                  \
00105 {                                                       \
00106     e += S(a,5) + F(b,c,d) + K + x; b = S(b,30);        \
00107 }
00108 
00109     A = ctx->state[0];
00110     B = ctx->state[1];
00111     C = ctx->state[2];
00112     D = ctx->state[3];
00113     E = ctx->state[4];
00114 
00115 #define F(x,y,z) (z ^ (x & (y ^ z)))
00116 #define K 0x5A827999
00117 
00118     P( A, B, C, D, E, W[0]  );
00119     P( E, A, B, C, D, W[1]  );
00120     P( D, E, A, B, C, W[2]  );
00121     P( C, D, E, A, B, W[3]  );
00122     P( B, C, D, E, A, W[4]  );
00123     P( A, B, C, D, E, W[5]  );
00124     P( E, A, B, C, D, W[6]  );
00125     P( D, E, A, B, C, W[7]  );
00126     P( C, D, E, A, B, W[8]  );
00127     P( B, C, D, E, A, W[9]  );
00128     P( A, B, C, D, E, W[10] );
00129     P( E, A, B, C, D, W[11] );
00130     P( D, E, A, B, C, W[12] );
00131     P( C, D, E, A, B, W[13] );
00132     P( B, C, D, E, A, W[14] );
00133     P( A, B, C, D, E, W[15] );
00134     P( E, A, B, C, D, R(16) );
00135     P( D, E, A, B, C, R(17) );
00136     P( C, D, E, A, B, R(18) );
00137     P( B, C, D, E, A, R(19) );
00138 
00139 #undef K
00140 #undef F
00141 
00142 #define F(x,y,z) (x ^ y ^ z)
00143 #define K 0x6ED9EBA1
00144 
00145     P( A, B, C, D, E, R(20) );
00146     P( E, A, B, C, D, R(21) );
00147     P( D, E, A, B, C, R(22) );
00148     P( C, D, E, A, B, R(23) );
00149     P( B, C, D, E, A, R(24) );
00150     P( A, B, C, D, E, R(25) );
00151     P( E, A, B, C, D, R(26) );
00152     P( D, E, A, B, C, R(27) );
00153     P( C, D, E, A, B, R(28) );
00154     P( B, C, D, E, A, R(29) );
00155     P( A, B, C, D, E, R(30) );
00156     P( E, A, B, C, D, R(31) );
00157     P( D, E, A, B, C, R(32) );
00158     P( C, D, E, A, B, R(33) );
00159     P( B, C, D, E, A, R(34) );
00160     P( A, B, C, D, E, R(35) );
00161     P( E, A, B, C, D, R(36) );
00162     P( D, E, A, B, C, R(37) );
00163     P( C, D, E, A, B, R(38) );
00164     P( B, C, D, E, A, R(39) );
00165 
00166 #undef K
00167 #undef F
00168 
00169 #define F(x,y,z) ((x & y) | (z & (x | y)))
00170 #define K 0x8F1BBCDC
00171 
00172     P( A, B, C, D, E, R(40) );
00173     P( E, A, B, C, D, R(41) );
00174     P( D, E, A, B, C, R(42) );
00175     P( C, D, E, A, B, R(43) );
00176     P( B, C, D, E, A, R(44) );
00177     P( A, B, C, D, E, R(45) );
00178     P( E, A, B, C, D, R(46) );
00179     P( D, E, A, B, C, R(47) );
00180     P( C, D, E, A, B, R(48) );
00181     P( B, C, D, E, A, R(49) );
00182     P( A, B, C, D, E, R(50) );
00183     P( E, A, B, C, D, R(51) );
00184     P( D, E, A, B, C, R(52) );
00185     P( C, D, E, A, B, R(53) );
00186     P( B, C, D, E, A, R(54) );
00187     P( A, B, C, D, E, R(55) );
00188     P( E, A, B, C, D, R(56) );
00189     P( D, E, A, B, C, R(57) );
00190     P( C, D, E, A, B, R(58) );
00191     P( B, C, D, E, A, R(59) );
00192 
00193 #undef K
00194 #undef F
00195 
00196 #define F(x,y,z) (x ^ y ^ z)
00197 #define K 0xCA62C1D6
00198 
00199     P( A, B, C, D, E, R(60) );
00200     P( E, A, B, C, D, R(61) );
00201     P( D, E, A, B, C, R(62) );
00202     P( C, D, E, A, B, R(63) );
00203     P( B, C, D, E, A, R(64) );
00204     P( A, B, C, D, E, R(65) );
00205     P( E, A, B, C, D, R(66) );
00206     P( D, E, A, B, C, R(67) );
00207     P( C, D, E, A, B, R(68) );
00208     P( B, C, D, E, A, R(69) );
00209     P( A, B, C, D, E, R(70) );
00210     P( E, A, B, C, D, R(71) );
00211     P( D, E, A, B, C, R(72) );
00212     P( C, D, E, A, B, R(73) );
00213     P( B, C, D, E, A, R(74) );
00214     P( A, B, C, D, E, R(75) );
00215     P( E, A, B, C, D, R(76) );
00216     P( D, E, A, B, C, R(77) );
00217     P( C, D, E, A, B, R(78) );
00218     P( B, C, D, E, A, R(79) );
00219 
00220 #undef K
00221 #undef F
00222 
00223     ctx->state[0] += A;
00224     ctx->state[1] += B;
00225     ctx->state[2] += C;
00226     ctx->state[3] += D;
00227     ctx->state[4] += E;
00228 }
00229 
00230 /*
00231  * SHA-1 process buffer
00232  */
00233 void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen )
00234 {
00235     int fill;
00236     unsigned long left;
00237 
00238     if( ilen <= 0 )
00239         return;
00240 
00241     left = ctx->total[0] & 0x3F;
00242     fill = 64 - left;
00243 
00244     ctx->total[0] += ilen;
00245     ctx->total[0] &= 0xFFFFFFFF;
00246 
00247     if( ctx->total[0] < (unsigned long) ilen )
00248         ctx->total[1]++;
00249 
00250     if( left && ilen >= fill )
00251     {
00252         memcpy( (void *) (ctx->buffer + left),
00253                 (void *) input, fill );
00254         sha1_process( ctx, ctx->buffer );
00255         input += fill;
00256         ilen  -= fill;
00257         left = 0;
00258     }
00259 
00260     while( ilen >= 64 )
00261     {
00262         sha1_process( ctx, input );
00263         input += 64;
00264         ilen  -= 64;
00265     }
00266 
00267     if( ilen > 0 )
00268     {
00269         memcpy( (void *) (ctx->buffer + left),
00270                 (void *) input, ilen );
00271     }
00272 }
00273 
00274 static const unsigned char sha1_padding[64] =
00275 {
00276  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
00277     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
00278     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
00279     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
00280 };
00281 
00282 /*
00283  * SHA-1 final digest
00284  */
00285 void sha1_finish( sha1_context *ctx, unsigned char output[20] )
00286 {
00287     unsigned long last, padn;
00288     unsigned long high, low;
00289     unsigned char msglen[8];
00290 
00291     high = ( ctx->total[0] >> 29 )
00292          | ( ctx->total[1] <<  3 );
00293     low  = ( ctx->total[0] <<  3 );
00294 
00295     PUT_ULONG_BE( high, msglen, 0 );
00296     PUT_ULONG_BE( low,  msglen, 4 );
00297 
00298     last = ctx->total[0] & 0x3F;
00299     padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
00300 
00301     sha1_update( ctx, (unsigned char *) sha1_padding, padn );
00302     sha1_update( ctx, msglen, 8 );
00303 
00304     PUT_ULONG_BE( ctx->state[0], output,  0 );
00305     PUT_ULONG_BE( ctx->state[1], output,  4 );
00306     PUT_ULONG_BE( ctx->state[2], output,  8 );
00307     PUT_ULONG_BE( ctx->state[3], output, 12 );
00308     PUT_ULONG_BE( ctx->state[4], output, 16 );
00309 }
00310 
00311 /*
00312  * output = SHA-1( input buffer )
00313  */
00314 void sha1( const unsigned char *input, int ilen, unsigned char output[20] )
00315 {
00316     sha1_context ctx;
00317 
00318     sha1_starts( &ctx );
00319     sha1_update( &ctx, input, ilen );
00320     sha1_finish( &ctx, output );
00321 
00322     memset( &ctx, 0, sizeof( sha1_context ) );
00323 }
00324 
00325 /*
00326  * output = SHA-1( file contents )
00327  */
00328 #if 0 //No need for that
00329 int sha1_file( const char *path, unsigned char output[20] )
00330 {
00331     FILE *f;
00332     size_t n;
00333     sha1_context ctx;
00334     unsigned char buf[1024];
00335 
00336     if( ( f = fopen( path, "rb" ) ) == NULL )
00337         return( 1 );
00338 
00339     sha1_starts( &ctx );
00340 
00341     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
00342         sha1_update( &ctx, buf, (int) n );
00343 
00344     sha1_finish( &ctx, output );
00345 
00346     memset( &ctx, 0, sizeof( sha1_context ) );
00347 
00348     if( ferror( f ) != 0 )
00349     {
00350         fclose( f );
00351         return( 2 );
00352     }
00353 
00354     fclose( f );
00355     return( 0 );
00356 }
00357 #endif
00358 
00359 /*
00360  * SHA-1 HMAC context setup
00361  */
00362 void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen )
00363 {
00364     int i;
00365     unsigned char sum[20];
00366 
00367     if( keylen > 64 )
00368     {
00369         sha1( key, keylen, sum );
00370         keylen = 20;
00371         key = sum;
00372     }
00373 
00374     memset( ctx->ipad, 0x36, 64 );
00375     memset( ctx->opad, 0x5C, 64 );
00376 
00377     for( i = 0; i < keylen; i++ )
00378     {
00379         ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
00380         ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
00381     }
00382 
00383     sha1_starts( ctx );
00384     sha1_update( ctx, ctx->ipad, 64 );
00385 
00386     memset( sum, 0, sizeof( sum ) );
00387 }
00388 
00389 /*
00390  * SHA-1 HMAC process buffer
00391  */
00392 void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen )
00393 {
00394     sha1_update( ctx, input, ilen );
00395 }
00396 
00397 /*
00398  * SHA-1 HMAC final digest
00399  */
00400 void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
00401 {
00402     unsigned char tmpbuf[20];
00403 
00404     sha1_finish( ctx, tmpbuf );
00405     sha1_starts( ctx );
00406     sha1_update( ctx, ctx->opad, 64 );
00407     sha1_update( ctx, tmpbuf, 20 );
00408     sha1_finish( ctx, output );
00409 
00410     memset( tmpbuf, 0, sizeof( tmpbuf ) );
00411 }
00412 
00413 /*
00414  * SHA1 HMAC context reset
00415  */
00416 void sha1_hmac_reset( sha1_context *ctx )
00417 {
00418     sha1_starts( ctx );
00419     sha1_update( ctx, ctx->ipad, 64 );
00420 }
00421 
00422 /*
00423  * output = HMAC-SHA-1( hmac key, input buffer )
00424  */
00425 void sha1_hmac( const unsigned char *key, int keylen,
00426                 const unsigned char *input, int ilen,
00427                 unsigned char output[20] )
00428 {
00429     sha1_context ctx;
00430 
00431     sha1_hmac_starts( &ctx, key, keylen );
00432     sha1_hmac_update( &ctx, input, ilen );
00433     sha1_hmac_finish( &ctx, output );
00434 
00435     memset( &ctx, 0, sizeof( sha1_context ) );
00436 }
00437 
00438 #if defined(POLARSSL_SELF_TEST)
00439 /*
00440  * FIPS-180-1 test vectors
00441  */
00442 static unsigned char sha1_test_buf[3][57] = 
00443 {
00444     { "abc" },
00445     { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
00446     { "" }
00447 };
00448 
00449 static const int sha1_test_buflen[3] =
00450 {
00451     3, 56, 1000
00452 };
00453 
00454 static const unsigned char sha1_test_sum[3][20] =
00455 {
00456     { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
00457       0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
00458     { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
00459       0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
00460     { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
00461       0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
00462 };
00463 
00464 /*
00465  * RFC 2202 test vectors
00466  */
00467 static unsigned char sha1_hmac_test_key[7][26] =
00468 {
00469     { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
00470       "\x0B\x0B\x0B\x0B" },
00471     { "Jefe" },
00472     { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
00473       "\xAA\xAA\xAA\xAA" },
00474     { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
00475       "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
00476     { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
00477       "\x0C\x0C\x0C\x0C" },
00478     { "" }, /* 0xAA 80 times */
00479     { "" }
00480 };
00481 
00482 static const int sha1_hmac_test_keylen[7] =
00483 {
00484     20, 4, 20, 25, 20, 80, 80
00485 };
00486 
00487 static unsigned char sha1_hmac_test_buf[7][74] =
00488 {
00489     { "Hi There" },
00490     { "what do ya want for nothing?" },
00491     { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
00492       "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
00493       "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
00494       "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
00495       "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
00496     { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
00497       "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
00498       "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
00499       "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
00500       "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
00501     { "Test With Truncation" },
00502     { "Test Using Larger Than Block-Size Key - Hash Key First" },
00503     { "Test Using Larger Than Block-Size Key and Larger"
00504       " Than One Block-Size Data" }
00505 };
00506 
00507 static const int sha1_hmac_test_buflen[7] =
00508 {
00509     8, 28, 50, 50, 20, 54, 73
00510 };
00511 
00512 static const unsigned char sha1_hmac_test_sum[7][20] =
00513 {
00514     { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
00515       0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
00516     { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
00517       0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
00518     { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
00519       0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
00520     { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
00521       0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
00522     { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
00523       0x7B, 0xE1 },
00524     { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
00525       0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
00526     { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
00527       0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
00528 };
00529 
00530 /*
00531  * Checkup routine
00532  */
00533 int sha1_self_test( int verbose )
00534 {
00535     int i, j, buflen;
00536     unsigned char buf[1024];
00537     unsigned char sha1sum[20];
00538     sha1_context ctx;
00539 
00540     /*
00541      * SHA-1
00542      */
00543     for( i = 0; i < 3; i++ )
00544     {
00545         if( verbose != 0 )
00546             printf( "  SHA-1 test #%d: ", i + 1 );
00547 
00548         sha1_starts( &ctx );
00549 
00550         if( i == 2 )
00551         {
00552             memset( buf, 'a', buflen = 1000 );
00553 
00554             for( j = 0; j < 1000; j++ )
00555                 sha1_update( &ctx, buf, buflen );
00556         }
00557         else
00558             sha1_update( &ctx, sha1_test_buf[i],
00559                                sha1_test_buflen[i] );
00560 
00561         sha1_finish( &ctx, sha1sum );
00562 
00563         if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
00564         {
00565             if( verbose != 0 )
00566                 printf( "failed\n" );
00567 
00568             return( 1 );
00569         }
00570 
00571         if( verbose != 0 )
00572             printf( "passed\n" );
00573     }
00574 
00575     if( verbose != 0 )
00576         printf( "\n" );
00577 
00578     for( i = 0; i < 7; i++ )
00579     {
00580         if( verbose != 0 )
00581             printf( "  HMAC-SHA-1 test #%d: ", i + 1 );
00582 
00583         if( i == 5 || i == 6 )
00584         {
00585             memset( buf, '\xAA', buflen = 80 );
00586             sha1_hmac_starts( &ctx, buf, buflen );
00587         }
00588         else
00589             sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
00590                                     sha1_hmac_test_keylen[i] );
00591 
00592         sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
00593                                 sha1_hmac_test_buflen[i] );
00594 
00595         sha1_hmac_finish( &ctx, sha1sum );
00596 
00597         buflen = ( i == 4 ) ? 12 : 20;
00598 
00599         if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
00600         {
00601             if( verbose != 0 )
00602                 printf( "failed\n" );
00603 
00604             return( 1 );
00605         }
00606 
00607         if( verbose != 0 )
00608             printf( "passed\n" );
00609     }
00610 
00611     if( verbose != 0 )
00612         printf( "\n" );
00613 
00614     return( 0 );
00615 }
00616 
00617 #endif
00618 
00619 #endif