TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / 7d3b661bfebcf0c5e636f73fc5f4dab5e08f5f19 / . / library / sha1.c
blob: 7f8ec634232e966c9a44964017a5f4e58a997cc6 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
Paul Bakker77b385e2009-07-28 17:23:11 +0000[diff] [blame]4 * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
5 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]6 *
Paul Bakker77b385e2009-07-28 17:23:11 +0000[diff] [blame]7 * Joined copyright on original XySSL code with: Christophe Devine
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 */
23/*
24 * The SHA-1 standard was published by NIST in 1993.
25 *
26 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
27 */
28
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]29#include "polarssl/config.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]30
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]31#if defined(POLARSSL_SHA1_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]32
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]33#include "polarssl/sha1.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]34
35#include <string.h>
36#include <stdio.h>
37
38/*
39 * 32-bit integer manipulation macros (big endian)
40 */
41#ifndef GET_ULONG_BE
42#define GET_ULONG_BE(n,b,i) \
43{ \
44 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \
45 | ( (unsigned long) (b)[(i) + 1] << 16 ) \
46 | ( (unsigned long) (b)[(i) + 2] << 8 ) \
47 | ( (unsigned long) (b)[(i) + 3] ); \
48}
49#endif
50
51#ifndef PUT_ULONG_BE
52#define PUT_ULONG_BE(n,b,i) \
53{ \
54 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
55 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
56 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
57 (b)[(i) + 3] = (unsigned char) ( (n) ); \
58}
59#endif
60
61/*
62 * SHA-1 context setup
63 */
64void sha1_starts( sha1_context *ctx )
65{
66 ctx->total[0] = 0;
67 ctx->total[1] = 0;
68
69 ctx->state[0] = 0x67452301;
70 ctx->state[1] = 0xEFCDAB89;
71 ctx->state[2] = 0x98BADCFE;
72 ctx->state[3] = 0x10325476;
73 ctx->state[4] = 0xC3D2E1F0;
74}
75
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]76static void sha1_process( sha1_context *ctx, const unsigned char data[64] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]77{
78 unsigned long temp, W[16], A, B, C, D, E;
79
80 GET_ULONG_BE( W[ 0], data, 0 );
81 GET_ULONG_BE( W[ 1], data, 4 );
82 GET_ULONG_BE( W[ 2], data, 8 );
83 GET_ULONG_BE( W[ 3], data, 12 );
84 GET_ULONG_BE( W[ 4], data, 16 );
85 GET_ULONG_BE( W[ 5], data, 20 );
86 GET_ULONG_BE( W[ 6], data, 24 );
87 GET_ULONG_BE( W[ 7], data, 28 );
88 GET_ULONG_BE( W[ 8], data, 32 );
89 GET_ULONG_BE( W[ 9], data, 36 );
90 GET_ULONG_BE( W[10], data, 40 );
91 GET_ULONG_BE( W[11], data, 44 );
92 GET_ULONG_BE( W[12], data, 48 );
93 GET_ULONG_BE( W[13], data, 52 );
94 GET_ULONG_BE( W[14], data, 56 );
95 GET_ULONG_BE( W[15], data, 60 );
96
97#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
98
99#define R(t) \
100( \
101 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \
102 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \
103 ( W[t & 0x0F] = S(temp,1) ) \
104)
105
106#define P(a,b,c,d,e,x) \
107{ \
108 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
109}
110
111 A = ctx->state[0];
112 B = ctx->state[1];
113 C = ctx->state[2];
114 D = ctx->state[3];
115 E = ctx->state[4];
116
117#define F(x,y,z) (z ^ (x & (y ^ z)))
118#define K 0x5A827999
119
120 P( A, B, C, D, E, W[0] );
121 P( E, A, B, C, D, W[1] );
122 P( D, E, A, B, C, W[2] );
123 P( C, D, E, A, B, W[3] );
124 P( B, C, D, E, A, W[4] );
125 P( A, B, C, D, E, W[5] );
126 P( E, A, B, C, D, W[6] );
127 P( D, E, A, B, C, W[7] );
128 P( C, D, E, A, B, W[8] );
129 P( B, C, D, E, A, W[9] );
130 P( A, B, C, D, E, W[10] );
131 P( E, A, B, C, D, W[11] );
132 P( D, E, A, B, C, W[12] );
133 P( C, D, E, A, B, W[13] );
134 P( B, C, D, E, A, W[14] );
135 P( A, B, C, D, E, W[15] );
136 P( E, A, B, C, D, R(16) );
137 P( D, E, A, B, C, R(17) );
138 P( C, D, E, A, B, R(18) );
139 P( B, C, D, E, A, R(19) );
140
141#undef K
142#undef F
143
144#define F(x,y,z) (x ^ y ^ z)
145#define K 0x6ED9EBA1
146
147 P( A, B, C, D, E, R(20) );
148 P( E, A, B, C, D, R(21) );
149 P( D, E, A, B, C, R(22) );
150 P( C, D, E, A, B, R(23) );
151 P( B, C, D, E, A, R(24) );
152 P( A, B, C, D, E, R(25) );
153 P( E, A, B, C, D, R(26) );
154 P( D, E, A, B, C, R(27) );
155 P( C, D, E, A, B, R(28) );
156 P( B, C, D, E, A, R(29) );
157 P( A, B, C, D, E, R(30) );
158 P( E, A, B, C, D, R(31) );
159 P( D, E, A, B, C, R(32) );
160 P( C, D, E, A, B, R(33) );
161 P( B, C, D, E, A, R(34) );
162 P( A, B, C, D, E, R(35) );
163 P( E, A, B, C, D, R(36) );
164 P( D, E, A, B, C, R(37) );
165 P( C, D, E, A, B, R(38) );
166 P( B, C, D, E, A, R(39) );
167
168#undef K
169#undef F
170
171#define F(x,y,z) ((x & y) | (z & (x | y)))
172#define K 0x8F1BBCDC
173
174 P( A, B, C, D, E, R(40) );
175 P( E, A, B, C, D, R(41) );
176 P( D, E, A, B, C, R(42) );
177 P( C, D, E, A, B, R(43) );
178 P( B, C, D, E, A, R(44) );
179 P( A, B, C, D, E, R(45) );
180 P( E, A, B, C, D, R(46) );
181 P( D, E, A, B, C, R(47) );
182 P( C, D, E, A, B, R(48) );
183 P( B, C, D, E, A, R(49) );
184 P( A, B, C, D, E, R(50) );
185 P( E, A, B, C, D, R(51) );
186 P( D, E, A, B, C, R(52) );
187 P( C, D, E, A, B, R(53) );
188 P( B, C, D, E, A, R(54) );
189 P( A, B, C, D, E, R(55) );
190 P( E, A, B, C, D, R(56) );
191 P( D, E, A, B, C, R(57) );
192 P( C, D, E, A, B, R(58) );
193 P( B, C, D, E, A, R(59) );
194
195#undef K
196#undef F
197
198#define F(x,y,z) (x ^ y ^ z)
199#define K 0xCA62C1D6
200
201 P( A, B, C, D, E, R(60) );
202 P( E, A, B, C, D, R(61) );
203 P( D, E, A, B, C, R(62) );
204 P( C, D, E, A, B, R(63) );
205 P( B, C, D, E, A, R(64) );
206 P( A, B, C, D, E, R(65) );
207 P( E, A, B, C, D, R(66) );
208 P( D, E, A, B, C, R(67) );
209 P( C, D, E, A, B, R(68) );
210 P( B, C, D, E, A, R(69) );
211 P( A, B, C, D, E, R(70) );
212 P( E, A, B, C, D, R(71) );
213 P( D, E, A, B, C, R(72) );
214 P( C, D, E, A, B, R(73) );
215 P( B, C, D, E, A, R(74) );
216 P( A, B, C, D, E, R(75) );
217 P( E, A, B, C, D, R(76) );
218 P( D, E, A, B, C, R(77) );
219 P( C, D, E, A, B, R(78) );
220 P( B, C, D, E, A, R(79) );
221
222#undef K
223#undef F
224
225 ctx->state[0] += A;
226 ctx->state[1] += B;
227 ctx->state[2] += C;
228 ctx->state[3] += D;
229 ctx->state[4] += E;
230}
231
232/*
233 * SHA-1 process buffer
234 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]235void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]236{
237 int fill;
238 unsigned long left;
239
240 if( ilen <= 0 )
241 return;
242
243 left = ctx->total[0] & 0x3F;
244 fill = 64 - left;
245
246 ctx->total[0] += ilen;
247 ctx->total[0] &= 0xFFFFFFFF;
248
249 if( ctx->total[0] < (unsigned long) ilen )
250 ctx->total[1]++;
251
252 if( left && ilen >= fill )
253 {
254 memcpy( (void *) (ctx->buffer + left),
255 (void *) input, fill );
256 sha1_process( ctx, ctx->buffer );
257 input += fill;
258 ilen -= fill;
259 left = 0;
260 }
261
262 while( ilen >= 64 )
263 {
264 sha1_process( ctx, input );
265 input += 64;
266 ilen -= 64;
267 }
268
269 if( ilen > 0 )
270 {
271 memcpy( (void *) (ctx->buffer + left),
272 (void *) input, ilen );
273 }
274}
275
276static const unsigned char sha1_padding[64] =
277{
278 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
279 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
280 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
281 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
282};
283
284/*
285 * SHA-1 final digest
286 */
287void sha1_finish( sha1_context *ctx, unsigned char output[20] )
288{
289 unsigned long last, padn;
290 unsigned long high, low;
291 unsigned char msglen[8];
292
293 high = ( ctx->total[0] >> 29 )
294 | ( ctx->total[1] << 3 );
295 low = ( ctx->total[0] << 3 );
296
297 PUT_ULONG_BE( high, msglen, 0 );
298 PUT_ULONG_BE( low, msglen, 4 );
299
300 last = ctx->total[0] & 0x3F;
301 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
302
303 sha1_update( ctx, (unsigned char *) sha1_padding, padn );
304 sha1_update( ctx, msglen, 8 );
305
306 PUT_ULONG_BE( ctx->state[0], output, 0 );
307 PUT_ULONG_BE( ctx->state[1], output, 4 );
308 PUT_ULONG_BE( ctx->state[2], output, 8 );
309 PUT_ULONG_BE( ctx->state[3], output, 12 );
310 PUT_ULONG_BE( ctx->state[4], output, 16 );
311}
312
313/*
314 * output = SHA-1( input buffer )
315 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]316void sha1( const unsigned char *input, int ilen, unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]317{
318 sha1_context ctx;
319
320 sha1_starts( &ctx );
321 sha1_update( &ctx, input, ilen );
322 sha1_finish( &ctx, output );
323
324 memset( &ctx, 0, sizeof( sha1_context ) );
325}
326
327/*
328 * output = SHA-1( file contents )
329 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]330int sha1_file( const char *path, unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]331{
332 FILE *f;
333 size_t n;
334 sha1_context ctx;
335 unsigned char buf[1024];
336
337 if( ( f = fopen( path, "rb" ) ) == NULL )
338 return( 1 );
339
340 sha1_starts( &ctx );
341
342 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
343 sha1_update( &ctx, buf, (int) n );
344
345 sha1_finish( &ctx, output );
346
347 memset( &ctx, 0, sizeof( sha1_context ) );
348
349 if( ferror( f ) != 0 )
350 {
351 fclose( f );
352 return( 2 );
353 }
354
355 fclose( f );
356 return( 0 );
357}
358
359/*
360 * SHA-1 HMAC context setup
361 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]362void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]363{
364 int i;
365 unsigned char sum[20];
366
367 if( keylen > 64 )
368 {
369 sha1( key, keylen, sum );
370 keylen = 20;
371 key = sum;
372 }
373
374 memset( ctx->ipad, 0x36, 64 );
375 memset( ctx->opad, 0x5C, 64 );
376
377 for( i = 0; i < keylen; i++ )
378 {
379 ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
380 ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
381 }
382
383 sha1_starts( ctx );
384 sha1_update( ctx, ctx->ipad, 64 );
385
386 memset( sum, 0, sizeof( sum ) );
387}
388
389/*
390 * SHA-1 HMAC process buffer
391 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]392void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]393{
394 sha1_update( ctx, input, ilen );
395}
396
397/*
398 * SHA-1 HMAC final digest
399 */
400void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
401{
402 unsigned char tmpbuf[20];
403
404 sha1_finish( ctx, tmpbuf );
405 sha1_starts( ctx );
406 sha1_update( ctx, ctx->opad, 64 );
407 sha1_update( ctx, tmpbuf, 20 );
408 sha1_finish( ctx, output );
409
410 memset( tmpbuf, 0, sizeof( tmpbuf ) );
411}
412
413/*
Paul Bakker7d3b6612010-03-21 16:23:13 +0000[diff] [blame^]414 * SHA1 HMAC context reset
415 */
416void sha1_hmac_reset( sha1_context *ctx )
417{
418 sha1_starts( ctx );
419 sha1_update( ctx, ctx->ipad, 64 );
420}
421
422/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]423 * output = HMAC-SHA-1( hmac key, input buffer )
424 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]425void sha1_hmac( const unsigned char *key, int keylen,
426 const unsigned char *input, int ilen,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]427 unsigned char output[20] )
428{
429 sha1_context ctx;
430
431 sha1_hmac_starts( &ctx, key, keylen );
432 sha1_hmac_update( &ctx, input, ilen );
433 sha1_hmac_finish( &ctx, output );
434
435 memset( &ctx, 0, sizeof( sha1_context ) );
436}
437
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]438#if defined(POLARSSL_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]439/*
440 * FIPS-180-1 test vectors
441 */
442static unsigned char sha1_test_buf[3][57] =
443{
444 { "abc" },
445 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
446 { "" }
447};
448
449static const int sha1_test_buflen[3] =
450{
451 3, 56, 1000
452};
453
454static const unsigned char sha1_test_sum[3][20] =
455{
456 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
457 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
458 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
459 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
460 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
461 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
462};
463
464/*
465 * RFC 2202 test vectors
466 */
467static unsigned char sha1_hmac_test_key[7][26] =
468{
469 { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
470 "\x0B\x0B\x0B\x0B" },
471 { "Jefe" },
472 { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
473 "\xAA\xAA\xAA\xAA" },
474 { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
475 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
476 { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
477 "\x0C\x0C\x0C\x0C" },
478 { "" }, /* 0xAA 80 times */
479 { "" }
480};
481
482static const int sha1_hmac_test_keylen[7] =
483{
484 20, 4, 20, 25, 20, 80, 80
485};
486
487static unsigned char sha1_hmac_test_buf[7][74] =
488{
489 { "Hi There" },
490 { "what do ya want for nothing?" },
491 { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
492 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
493 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
494 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
495 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
496 { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
497 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
498 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
499 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
500 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
501 { "Test With Truncation" },
502 { "Test Using Larger Than Block-Size Key - Hash Key First" },
503 { "Test Using Larger Than Block-Size Key and Larger"
504 " Than One Block-Size Data" }
505};
506
507static const int sha1_hmac_test_buflen[7] =
508{
509 8, 28, 50, 50, 20, 54, 73
510};
511
512static const unsigned char sha1_hmac_test_sum[7][20] =
513{
514 { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
515 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
516 { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
517 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
518 { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
519 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
520 { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
521 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
522 { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
523 0x7B, 0xE1 },
524 { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
525 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
526 { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
527 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
528};
529
530/*
531 * Checkup routine
532 */
533int sha1_self_test( int verbose )
534{
535 int i, j, buflen;
536 unsigned char buf[1024];
537 unsigned char sha1sum[20];
538 sha1_context ctx;
539
540 /*
541 * SHA-1
542 */
543 for( i = 0; i < 3; i++ )
544 {
545 if( verbose != 0 )
546 printf( " SHA-1 test #%d: ", i + 1 );
547
548 sha1_starts( &ctx );
549
550 if( i == 2 )
551 {
552 memset( buf, 'a', buflen = 1000 );
553
554 for( j = 0; j < 1000; j++ )
555 sha1_update( &ctx, buf, buflen );
556 }
557 else
558 sha1_update( &ctx, sha1_test_buf[i],
559 sha1_test_buflen[i] );
560
561 sha1_finish( &ctx, sha1sum );
562
563 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
564 {
565 if( verbose != 0 )
566 printf( "failed\n" );
567
568 return( 1 );
569 }
570
571 if( verbose != 0 )
572 printf( "passed\n" );
573 }
574
575 if( verbose != 0 )
576 printf( "\n" );
577
578 for( i = 0; i < 7; i++ )
579 {
580 if( verbose != 0 )
581 printf( " HMAC-SHA-1 test #%d: ", i + 1 );
582
583 if( i == 5 || i == 6 )
584 {
585 memset( buf, '\xAA', buflen = 80 );
586 sha1_hmac_starts( &ctx, buf, buflen );
587 }
588 else
589 sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
590 sha1_hmac_test_keylen[i] );
591
592 sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
593 sha1_hmac_test_buflen[i] );
594
595 sha1_hmac_finish( &ctx, sha1sum );
596
597 buflen = ( i == 4 ) ? 12 : 20;
598
599 if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
600 {
601 if( verbose != 0 )
602 printf( "failed\n" );
603
604 return( 1 );
605 }
606
607 if( verbose != 0 )
608 printf( "passed\n" );
609 }
610
611 if( verbose != 0 )
612 printf( "\n" );
613
614 return( 0 );
615}
616
617#endif
618
619#endif