TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c38b2f5bcf7af32a9cdff4850345cdae1949439f / . / library / sha1.c
blob: 0ebdc1e1356501d57be39a8fa954ad7c2937f10e [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * FIPS-180-1 compliant SHA-1 implementation
3 *
Paul Bakkerfc8c4362010-03-21 17:37:16 +0000[diff] [blame]4 * Copyright (C) 2006-2010, Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakker77b385e2009-07-28 17:23:11 +0000[diff] [blame]5 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]6 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 */
21/*
22 * The SHA-1 standard was published by NIST in 1993.
23 *
24 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
25 */
26
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]27#include "polarssl/config.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]28
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]29#if defined(POLARSSL_SHA1_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]30
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]31#include "polarssl/sha1.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]32
33#include <string.h>
34#include <stdio.h>
35
36/*
37 * 32-bit integer manipulation macros (big endian)
38 */
39#ifndef GET_ULONG_BE
40#define GET_ULONG_BE(n,b,i) \
41{ \
42 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \
43 | ( (unsigned long) (b)[(i) + 1] << 16 ) \
44 | ( (unsigned long) (b)[(i) + 2] << 8 ) \
45 | ( (unsigned long) (b)[(i) + 3] ); \
46}
47#endif
48
49#ifndef PUT_ULONG_BE
50#define PUT_ULONG_BE(n,b,i) \
51{ \
52 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
53 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
54 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
55 (b)[(i) + 3] = (unsigned char) ( (n) ); \
56}
57#endif
58
59/*
60 * SHA-1 context setup
61 */
62void sha1_starts( sha1_context *ctx )
63{
64 ctx->total[0] = 0;
65 ctx->total[1] = 0;
66
67 ctx->state[0] = 0x67452301;
68 ctx->state[1] = 0xEFCDAB89;
69 ctx->state[2] = 0x98BADCFE;
70 ctx->state[3] = 0x10325476;
71 ctx->state[4] = 0xC3D2E1F0;
72}
73
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]74static void sha1_process( sha1_context *ctx, const unsigned char data[64] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]75{
76 unsigned long temp, W[16], A, B, C, D, E;
77
78 GET_ULONG_BE( W[ 0], data, 0 );
79 GET_ULONG_BE( W[ 1], data, 4 );
80 GET_ULONG_BE( W[ 2], data, 8 );
81 GET_ULONG_BE( W[ 3], data, 12 );
82 GET_ULONG_BE( W[ 4], data, 16 );
83 GET_ULONG_BE( W[ 5], data, 20 );
84 GET_ULONG_BE( W[ 6], data, 24 );
85 GET_ULONG_BE( W[ 7], data, 28 );
86 GET_ULONG_BE( W[ 8], data, 32 );
87 GET_ULONG_BE( W[ 9], data, 36 );
88 GET_ULONG_BE( W[10], data, 40 );
89 GET_ULONG_BE( W[11], data, 44 );
90 GET_ULONG_BE( W[12], data, 48 );
91 GET_ULONG_BE( W[13], data, 52 );
92 GET_ULONG_BE( W[14], data, 56 );
93 GET_ULONG_BE( W[15], data, 60 );
94
95#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
96
97#define R(t) \
98( \
99 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \
100 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \
101 ( W[t & 0x0F] = S(temp,1) ) \
102)
103
104#define P(a,b,c,d,e,x) \
105{ \
106 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
107}
108
109 A = ctx->state[0];
110 B = ctx->state[1];
111 C = ctx->state[2];
112 D = ctx->state[3];
113 E = ctx->state[4];
114
115#define F(x,y,z) (z ^ (x & (y ^ z)))
116#define K 0x5A827999
117
118 P( A, B, C, D, E, W[0] );
119 P( E, A, B, C, D, W[1] );
120 P( D, E, A, B, C, W[2] );
121 P( C, D, E, A, B, W[3] );
122 P( B, C, D, E, A, W[4] );
123 P( A, B, C, D, E, W[5] );
124 P( E, A, B, C, D, W[6] );
125 P( D, E, A, B, C, W[7] );
126 P( C, D, E, A, B, W[8] );
127 P( B, C, D, E, A, W[9] );
128 P( A, B, C, D, E, W[10] );
129 P( E, A, B, C, D, W[11] );
130 P( D, E, A, B, C, W[12] );
131 P( C, D, E, A, B, W[13] );
132 P( B, C, D, E, A, W[14] );
133 P( A, B, C, D, E, W[15] );
134 P( E, A, B, C, D, R(16) );
135 P( D, E, A, B, C, R(17) );
136 P( C, D, E, A, B, R(18) );
137 P( B, C, D, E, A, R(19) );
138
139#undef K
140#undef F
141
142#define F(x,y,z) (x ^ y ^ z)
143#define K 0x6ED9EBA1
144
145 P( A, B, C, D, E, R(20) );
146 P( E, A, B, C, D, R(21) );
147 P( D, E, A, B, C, R(22) );
148 P( C, D, E, A, B, R(23) );
149 P( B, C, D, E, A, R(24) );
150 P( A, B, C, D, E, R(25) );
151 P( E, A, B, C, D, R(26) );
152 P( D, E, A, B, C, R(27) );
153 P( C, D, E, A, B, R(28) );
154 P( B, C, D, E, A, R(29) );
155 P( A, B, C, D, E, R(30) );
156 P( E, A, B, C, D, R(31) );
157 P( D, E, A, B, C, R(32) );
158 P( C, D, E, A, B, R(33) );
159 P( B, C, D, E, A, R(34) );
160 P( A, B, C, D, E, R(35) );
161 P( E, A, B, C, D, R(36) );
162 P( D, E, A, B, C, R(37) );
163 P( C, D, E, A, B, R(38) );
164 P( B, C, D, E, A, R(39) );
165
166#undef K
167#undef F
168
169#define F(x,y,z) ((x & y) | (z & (x | y)))
170#define K 0x8F1BBCDC
171
172 P( A, B, C, D, E, R(40) );
173 P( E, A, B, C, D, R(41) );
174 P( D, E, A, B, C, R(42) );
175 P( C, D, E, A, B, R(43) );
176 P( B, C, D, E, A, R(44) );
177 P( A, B, C, D, E, R(45) );
178 P( E, A, B, C, D, R(46) );
179 P( D, E, A, B, C, R(47) );
180 P( C, D, E, A, B, R(48) );
181 P( B, C, D, E, A, R(49) );
182 P( A, B, C, D, E, R(50) );
183 P( E, A, B, C, D, R(51) );
184 P( D, E, A, B, C, R(52) );
185 P( C, D, E, A, B, R(53) );
186 P( B, C, D, E, A, R(54) );
187 P( A, B, C, D, E, R(55) );
188 P( E, A, B, C, D, R(56) );
189 P( D, E, A, B, C, R(57) );
190 P( C, D, E, A, B, R(58) );
191 P( B, C, D, E, A, R(59) );
192
193#undef K
194#undef F
195
196#define F(x,y,z) (x ^ y ^ z)
197#define K 0xCA62C1D6
198
199 P( A, B, C, D, E, R(60) );
200 P( E, A, B, C, D, R(61) );
201 P( D, E, A, B, C, R(62) );
202 P( C, D, E, A, B, R(63) );
203 P( B, C, D, E, A, R(64) );
204 P( A, B, C, D, E, R(65) );
205 P( E, A, B, C, D, R(66) );
206 P( D, E, A, B, C, R(67) );
207 P( C, D, E, A, B, R(68) );
208 P( B, C, D, E, A, R(69) );
209 P( A, B, C, D, E, R(70) );
210 P( E, A, B, C, D, R(71) );
211 P( D, E, A, B, C, R(72) );
212 P( C, D, E, A, B, R(73) );
213 P( B, C, D, E, A, R(74) );
214 P( A, B, C, D, E, R(75) );
215 P( E, A, B, C, D, R(76) );
216 P( D, E, A, B, C, R(77) );
217 P( C, D, E, A, B, R(78) );
218 P( B, C, D, E, A, R(79) );
219
220#undef K
221#undef F
222
223 ctx->state[0] += A;
224 ctx->state[1] += B;
225 ctx->state[2] += C;
226 ctx->state[3] += D;
227 ctx->state[4] += E;
228}
229
230/*
231 * SHA-1 process buffer
232 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]233void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]234{
235 int fill;
236 unsigned long left;
237
238 if( ilen <= 0 )
239 return;
240
241 left = ctx->total[0] & 0x3F;
242 fill = 64 - left;
243
244 ctx->total[0] += ilen;
245 ctx->total[0] &= 0xFFFFFFFF;
246
247 if( ctx->total[0] < (unsigned long) ilen )
248 ctx->total[1]++;
249
250 if( left && ilen >= fill )
251 {
252 memcpy( (void *) (ctx->buffer + left),
253 (void *) input, fill );
254 sha1_process( ctx, ctx->buffer );
255 input += fill;
256 ilen -= fill;
257 left = 0;
258 }
259
260 while( ilen >= 64 )
261 {
262 sha1_process( ctx, input );
263 input += 64;
264 ilen -= 64;
265 }
266
267 if( ilen > 0 )
268 {
269 memcpy( (void *) (ctx->buffer + left),
270 (void *) input, ilen );
271 }
272}
273
274static const unsigned char sha1_padding[64] =
275{
276 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
277 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
278 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
279 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
280};
281
282/*
283 * SHA-1 final digest
284 */
285void sha1_finish( sha1_context *ctx, unsigned char output[20] )
286{
287 unsigned long last, padn;
288 unsigned long high, low;
289 unsigned char msglen[8];
290
291 high = ( ctx->total[0] >> 29 )
292 | ( ctx->total[1] << 3 );
293 low = ( ctx->total[0] << 3 );
294
295 PUT_ULONG_BE( high, msglen, 0 );
296 PUT_ULONG_BE( low, msglen, 4 );
297
298 last = ctx->total[0] & 0x3F;
299 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
300
301 sha1_update( ctx, (unsigned char *) sha1_padding, padn );
302 sha1_update( ctx, msglen, 8 );
303
304 PUT_ULONG_BE( ctx->state[0], output, 0 );
305 PUT_ULONG_BE( ctx->state[1], output, 4 );
306 PUT_ULONG_BE( ctx->state[2], output, 8 );
307 PUT_ULONG_BE( ctx->state[3], output, 12 );
308 PUT_ULONG_BE( ctx->state[4], output, 16 );
309}
310
311/*
312 * output = SHA-1( input buffer )
313 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]314void sha1( const unsigned char *input, int ilen, unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]315{
316 sha1_context ctx;
317
318 sha1_starts( &ctx );
319 sha1_update( &ctx, input, ilen );
320 sha1_finish( &ctx, output );
321
322 memset( &ctx, 0, sizeof( sha1_context ) );
323}
324
325/*
326 * output = SHA-1( file contents )
327 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]328int sha1_file( const char *path, unsigned char output[20] )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]329{
330 FILE *f;
331 size_t n;
332 sha1_context ctx;
333 unsigned char buf[1024];
334
335 if( ( f = fopen( path, "rb" ) ) == NULL )
336 return( 1 );
337
338 sha1_starts( &ctx );
339
340 while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
341 sha1_update( &ctx, buf, (int) n );
342
343 sha1_finish( &ctx, output );
344
345 memset( &ctx, 0, sizeof( sha1_context ) );
346
347 if( ferror( f ) != 0 )
348 {
349 fclose( f );
350 return( 2 );
351 }
352
353 fclose( f );
354 return( 0 );
355}
356
357/*
358 * SHA-1 HMAC context setup
359 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]360void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]361{
362 int i;
363 unsigned char sum[20];
364
365 if( keylen > 64 )
366 {
367 sha1( key, keylen, sum );
368 keylen = 20;
369 key = sum;
370 }
371
372 memset( ctx->ipad, 0x36, 64 );
373 memset( ctx->opad, 0x5C, 64 );
374
375 for( i = 0; i < keylen; i++ )
376 {
377 ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
378 ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
379 }
380
381 sha1_starts( ctx );
382 sha1_update( ctx, ctx->ipad, 64 );
383
384 memset( sum, 0, sizeof( sum ) );
385}
386
387/*
388 * SHA-1 HMAC process buffer
389 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]390void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]391{
392 sha1_update( ctx, input, ilen );
393}
394
395/*
396 * SHA-1 HMAC final digest
397 */
398void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
399{
400 unsigned char tmpbuf[20];
401
402 sha1_finish( ctx, tmpbuf );
403 sha1_starts( ctx );
404 sha1_update( ctx, ctx->opad, 64 );
405 sha1_update( ctx, tmpbuf, 20 );
406 sha1_finish( ctx, output );
407
408 memset( tmpbuf, 0, sizeof( tmpbuf ) );
409}
410
411/*
Paul Bakker7d3b6612010-03-21 16:23:13 +0000[diff] [blame]412 * SHA1 HMAC context reset
413 */
414void sha1_hmac_reset( sha1_context *ctx )
415{
416 sha1_starts( ctx );
417 sha1_update( ctx, ctx->ipad, 64 );
418}
419
420/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]421 * output = HMAC-SHA-1( hmac key, input buffer )
422 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]423void sha1_hmac( const unsigned char *key, int keylen,
424 const unsigned char *input, int ilen,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]425 unsigned char output[20] )
426{
427 sha1_context ctx;
428
429 sha1_hmac_starts( &ctx, key, keylen );
430 sha1_hmac_update( &ctx, input, ilen );
431 sha1_hmac_finish( &ctx, output );
432
433 memset( &ctx, 0, sizeof( sha1_context ) );
434}
435
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]436#if defined(POLARSSL_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]437/*
438 * FIPS-180-1 test vectors
439 */
440static unsigned char sha1_test_buf[3][57] =
441{
442 { "abc" },
443 { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
444 { "" }
445};
446
447static const int sha1_test_buflen[3] =
448{
449 3, 56, 1000
450};
451
452static const unsigned char sha1_test_sum[3][20] =
453{
454 { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
455 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
456 { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
457 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
458 { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
459 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
460};
461
462/*
463 * RFC 2202 test vectors
464 */
465static unsigned char sha1_hmac_test_key[7][26] =
466{
467 { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
468 "\x0B\x0B\x0B\x0B" },
469 { "Jefe" },
470 { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
471 "\xAA\xAA\xAA\xAA" },
472 { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
473 "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
474 { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
475 "\x0C\x0C\x0C\x0C" },
476 { "" }, /* 0xAA 80 times */
477 { "" }
478};
479
480static const int sha1_hmac_test_keylen[7] =
481{
482 20, 4, 20, 25, 20, 80, 80
483};
484
485static unsigned char sha1_hmac_test_buf[7][74] =
486{
487 { "Hi There" },
488 { "what do ya want for nothing?" },
489 { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
490 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
491 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
492 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
493 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
494 { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
495 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
496 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
497 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
498 "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
499 { "Test With Truncation" },
500 { "Test Using Larger Than Block-Size Key - Hash Key First" },
501 { "Test Using Larger Than Block-Size Key and Larger"
502 " Than One Block-Size Data" }
503};
504
505static const int sha1_hmac_test_buflen[7] =
506{
507 8, 28, 50, 50, 20, 54, 73
508};
509
510static const unsigned char sha1_hmac_test_sum[7][20] =
511{
512 { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
513 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
514 { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
515 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
516 { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
517 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
518 { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
519 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
520 { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
521 0x7B, 0xE1 },
522 { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
523 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
524 { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
525 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
526};
527
528/*
529 * Checkup routine
530 */
531int sha1_self_test( int verbose )
532{
533 int i, j, buflen;
534 unsigned char buf[1024];
535 unsigned char sha1sum[20];
536 sha1_context ctx;
537
538 /*
539 * SHA-1
540 */
541 for( i = 0; i < 3; i++ )
542 {
543 if( verbose != 0 )
544 printf( " SHA-1 test #%d: ", i + 1 );
545
546 sha1_starts( &ctx );
547
548 if( i == 2 )
549 {
550 memset( buf, 'a', buflen = 1000 );
551
552 for( j = 0; j < 1000; j++ )
553 sha1_update( &ctx, buf, buflen );
554 }
555 else
556 sha1_update( &ctx, sha1_test_buf[i],
557 sha1_test_buflen[i] );
558
559 sha1_finish( &ctx, sha1sum );
560
561 if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
562 {
563 if( verbose != 0 )
564 printf( "failed\n" );
565
566 return( 1 );
567 }
568
569 if( verbose != 0 )
570 printf( "passed\n" );
571 }
572
573 if( verbose != 0 )
574 printf( "\n" );
575
576 for( i = 0; i < 7; i++ )
577 {
578 if( verbose != 0 )
579 printf( " HMAC-SHA-1 test #%d: ", i + 1 );
580
581 if( i == 5 || i == 6 )
582 {
583 memset( buf, '\xAA', buflen = 80 );
584 sha1_hmac_starts( &ctx, buf, buflen );
585 }
586 else
587 sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
588 sha1_hmac_test_keylen[i] );
589
590 sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
591 sha1_hmac_test_buflen[i] );
592
593 sha1_hmac_finish( &ctx, sha1sum );
594
595 buflen = ( i == 4 ) ? 12 : 20;
596
597 if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
598 {
599 if( verbose != 0 )
600 printf( "failed\n" );
601
602 return( 1 );
603 }
604
605 if( verbose != 0 )
606 printf( "passed\n" );
607 }
608
609 if( verbose != 0 )
610 printf( "\n" );
611
612 return( 0 );
613}
614
615#endif
616
617#endif