PolarSSL v1.3.8
sha1.c
Go to the documentation of this file.
1 /*
2  * FIPS-180-1 compliant SHA-1 implementation
3  *
4  * Copyright (C) 2006-2014, Brainspark B.V.
5  *
6  * This file is part of PolarSSL (http://www.polarssl.org)
7  * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8  *
9  * All rights reserved.
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License along
22  * with this program; if not, write to the Free Software Foundation, Inc.,
23  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24  */
25 /*
26  * The SHA-1 standard was published by NIST in 1993.
27  *
28  * http://www.itl.nist.gov/fipspubs/fip180-1.htm
29  */
30 
31 #if !defined(POLARSSL_CONFIG_FILE)
32 #include "polarssl/config.h"
33 #else
34 #include POLARSSL_CONFIG_FILE
35 #endif
36 
37 #if defined(POLARSSL_SHA1_C)
38 
39 #include "polarssl/sha1.h"
40 
41 #if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
42 #include <stdio.h>
43 #endif
44 
45 #if defined(POLARSSL_PLATFORM_C)
46 #include "polarssl/platform.h"
47 #else
48 #define polarssl_printf printf
49 #endif
50 
51 /* Implementation that should never be optimized out by the compiler */
52 static void polarssl_zeroize( void *v, size_t n ) {
53  volatile unsigned char *p = v; while( n-- ) *p++ = 0;
54 }
55 
56 #if !defined(POLARSSL_SHA1_ALT)
57 
58 /*
59  * 32-bit integer manipulation macros (big endian)
60  */
61 #ifndef GET_UINT32_BE
62 #define GET_UINT32_BE(n,b,i) \
63 { \
64  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
65  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
66  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
67  | ( (uint32_t) (b)[(i) + 3] ); \
68 }
69 #endif
70 
71 #ifndef PUT_UINT32_BE
72 #define PUT_UINT32_BE(n,b,i) \
73 { \
74  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
75  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
76  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
77  (b)[(i) + 3] = (unsigned char) ( (n) ); \
78 }
79 #endif
80 
81 void sha1_init( sha1_context *ctx )
82 {
83  memset( ctx, 0, sizeof( sha1_context ) );
84 }
85 
86 void sha1_free( sha1_context *ctx )
87 {
88  if( ctx == NULL )
89  return;
90 
91  polarssl_zeroize( ctx, sizeof( sha1_context ) );
92 }
93 
94 /*
95  * SHA-1 context setup
96  */
97 void sha1_starts( sha1_context *ctx )
98 {
99  ctx->total[0] = 0;
100  ctx->total[1] = 0;
101 
102  ctx->state[0] = 0x67452301;
103  ctx->state[1] = 0xEFCDAB89;
104  ctx->state[2] = 0x98BADCFE;
105  ctx->state[3] = 0x10325476;
106  ctx->state[4] = 0xC3D2E1F0;
107 }
108 
109 void sha1_process( sha1_context *ctx, const unsigned char data[64] )
110 {
111  uint32_t temp, W[16], A, B, C, D, E;
112 
113  GET_UINT32_BE( W[ 0], data, 0 );
114  GET_UINT32_BE( W[ 1], data, 4 );
115  GET_UINT32_BE( W[ 2], data, 8 );
116  GET_UINT32_BE( W[ 3], data, 12 );
117  GET_UINT32_BE( W[ 4], data, 16 );
118  GET_UINT32_BE( W[ 5], data, 20 );
119  GET_UINT32_BE( W[ 6], data, 24 );
120  GET_UINT32_BE( W[ 7], data, 28 );
121  GET_UINT32_BE( W[ 8], data, 32 );
122  GET_UINT32_BE( W[ 9], data, 36 );
123  GET_UINT32_BE( W[10], data, 40 );
124  GET_UINT32_BE( W[11], data, 44 );
125  GET_UINT32_BE( W[12], data, 48 );
126  GET_UINT32_BE( W[13], data, 52 );
127  GET_UINT32_BE( W[14], data, 56 );
128  GET_UINT32_BE( W[15], data, 60 );
129 
130 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
131 
132 #define R(t) \
133 ( \
134  temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
135  W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
136  ( W[t & 0x0F] = S(temp,1) ) \
137 )
138 
139 #define P(a,b,c,d,e,x) \
140 { \
141  e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
142 }
143 
144  A = ctx->state[0];
145  B = ctx->state[1];
146  C = ctx->state[2];
147  D = ctx->state[3];
148  E = ctx->state[4];
149 
150 #define F(x,y,z) (z ^ (x & (y ^ z)))
151 #define K 0x5A827999
152 
153  P( A, B, C, D, E, W[0] );
154  P( E, A, B, C, D, W[1] );
155  P( D, E, A, B, C, W[2] );
156  P( C, D, E, A, B, W[3] );
157  P( B, C, D, E, A, W[4] );
158  P( A, B, C, D, E, W[5] );
159  P( E, A, B, C, D, W[6] );
160  P( D, E, A, B, C, W[7] );
161  P( C, D, E, A, B, W[8] );
162  P( B, C, D, E, A, W[9] );
163  P( A, B, C, D, E, W[10] );
164  P( E, A, B, C, D, W[11] );
165  P( D, E, A, B, C, W[12] );
166  P( C, D, E, A, B, W[13] );
167  P( B, C, D, E, A, W[14] );
168  P( A, B, C, D, E, W[15] );
169  P( E, A, B, C, D, R(16) );
170  P( D, E, A, B, C, R(17) );
171  P( C, D, E, A, B, R(18) );
172  P( B, C, D, E, A, R(19) );
173 
174 #undef K
175 #undef F
176 
177 #define F(x,y,z) (x ^ y ^ z)
178 #define K 0x6ED9EBA1
179 
180  P( A, B, C, D, E, R(20) );
181  P( E, A, B, C, D, R(21) );
182  P( D, E, A, B, C, R(22) );
183  P( C, D, E, A, B, R(23) );
184  P( B, C, D, E, A, R(24) );
185  P( A, B, C, D, E, R(25) );
186  P( E, A, B, C, D, R(26) );
187  P( D, E, A, B, C, R(27) );
188  P( C, D, E, A, B, R(28) );
189  P( B, C, D, E, A, R(29) );
190  P( A, B, C, D, E, R(30) );
191  P( E, A, B, C, D, R(31) );
192  P( D, E, A, B, C, R(32) );
193  P( C, D, E, A, B, R(33) );
194  P( B, C, D, E, A, R(34) );
195  P( A, B, C, D, E, R(35) );
196  P( E, A, B, C, D, R(36) );
197  P( D, E, A, B, C, R(37) );
198  P( C, D, E, A, B, R(38) );
199  P( B, C, D, E, A, R(39) );
200 
201 #undef K
202 #undef F
203 
204 #define F(x,y,z) ((x & y) | (z & (x | y)))
205 #define K 0x8F1BBCDC
206 
207  P( A, B, C, D, E, R(40) );
208  P( E, A, B, C, D, R(41) );
209  P( D, E, A, B, C, R(42) );
210  P( C, D, E, A, B, R(43) );
211  P( B, C, D, E, A, R(44) );
212  P( A, B, C, D, E, R(45) );
213  P( E, A, B, C, D, R(46) );
214  P( D, E, A, B, C, R(47) );
215  P( C, D, E, A, B, R(48) );
216  P( B, C, D, E, A, R(49) );
217  P( A, B, C, D, E, R(50) );
218  P( E, A, B, C, D, R(51) );
219  P( D, E, A, B, C, R(52) );
220  P( C, D, E, A, B, R(53) );
221  P( B, C, D, E, A, R(54) );
222  P( A, B, C, D, E, R(55) );
223  P( E, A, B, C, D, R(56) );
224  P( D, E, A, B, C, R(57) );
225  P( C, D, E, A, B, R(58) );
226  P( B, C, D, E, A, R(59) );
227 
228 #undef K
229 #undef F
230 
231 #define F(x,y,z) (x ^ y ^ z)
232 #define K 0xCA62C1D6
233 
234  P( A, B, C, D, E, R(60) );
235  P( E, A, B, C, D, R(61) );
236  P( D, E, A, B, C, R(62) );
237  P( C, D, E, A, B, R(63) );
238  P( B, C, D, E, A, R(64) );
239  P( A, B, C, D, E, R(65) );
240  P( E, A, B, C, D, R(66) );
241  P( D, E, A, B, C, R(67) );
242  P( C, D, E, A, B, R(68) );
243  P( B, C, D, E, A, R(69) );
244  P( A, B, C, D, E, R(70) );
245  P( E, A, B, C, D, R(71) );
246  P( D, E, A, B, C, R(72) );
247  P( C, D, E, A, B, R(73) );
248  P( B, C, D, E, A, R(74) );
249  P( A, B, C, D, E, R(75) );
250  P( E, A, B, C, D, R(76) );
251  P( D, E, A, B, C, R(77) );
252  P( C, D, E, A, B, R(78) );
253  P( B, C, D, E, A, R(79) );
254 
255 #undef K
256 #undef F
257 
258  ctx->state[0] += A;
259  ctx->state[1] += B;
260  ctx->state[2] += C;
261  ctx->state[3] += D;
262  ctx->state[4] += E;
263 }
264 
265 /*
266  * SHA-1 process buffer
267  */
268 void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
269 {
270  size_t fill;
271  uint32_t left;
272 
273  if( ilen == 0 )
274  return;
275 
276  left = ctx->total[0] & 0x3F;
277  fill = 64 - left;
278 
279  ctx->total[0] += (uint32_t) ilen;
280  ctx->total[0] &= 0xFFFFFFFF;
281 
282  if( ctx->total[0] < (uint32_t) ilen )
283  ctx->total[1]++;
284 
285  if( left && ilen >= fill )
286  {
287  memcpy( (void *) (ctx->buffer + left), input, fill );
288  sha1_process( ctx, ctx->buffer );
289  input += fill;
290  ilen -= fill;
291  left = 0;
292  }
293 
294  while( ilen >= 64 )
295  {
296  sha1_process( ctx, input );
297  input += 64;
298  ilen -= 64;
299  }
300 
301  if( ilen > 0 )
302  memcpy( (void *) (ctx->buffer + left), input, ilen );
303 }
304 
305 static const unsigned char sha1_padding[64] =
306 {
307  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
308  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
309  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
310  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
311 };
312 
313 /*
314  * SHA-1 final digest
315  */
316 void sha1_finish( sha1_context *ctx, unsigned char output[20] )
317 {
318  uint32_t last, padn;
319  uint32_t high, low;
320  unsigned char msglen[8];
321 
322  high = ( ctx->total[0] >> 29 )
323  | ( ctx->total[1] << 3 );
324  low = ( ctx->total[0] << 3 );
325 
326  PUT_UINT32_BE( high, msglen, 0 );
327  PUT_UINT32_BE( low, msglen, 4 );
328 
329  last = ctx->total[0] & 0x3F;
330  padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
331 
332  sha1_update( ctx, sha1_padding, padn );
333  sha1_update( ctx, msglen, 8 );
334 
335  PUT_UINT32_BE( ctx->state[0], output, 0 );
336  PUT_UINT32_BE( ctx->state[1], output, 4 );
337  PUT_UINT32_BE( ctx->state[2], output, 8 );
338  PUT_UINT32_BE( ctx->state[3], output, 12 );
339  PUT_UINT32_BE( ctx->state[4], output, 16 );
340 }
341 
342 #endif /* !POLARSSL_SHA1_ALT */
343 
344 /*
345  * output = SHA-1( input buffer )
346  */
347 void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
348 {
349  sha1_context ctx;
350 
351  sha1_init( &ctx );
352  sha1_starts( &ctx );
353  sha1_update( &ctx, input, ilen );
354  sha1_finish( &ctx, output );
355  sha1_free( &ctx );
356 }
357 
358 #if defined(POLARSSL_FS_IO)
359 /*
360  * output = SHA-1( file contents )
361  */
362 int sha1_file( const char *path, unsigned char output[20] )
363 {
364  FILE *f;
365  size_t n;
366  sha1_context ctx;
367  unsigned char buf[1024];
368 
369  if( ( f = fopen( path, "rb" ) ) == NULL )
371 
372  sha1_init( &ctx );
373  sha1_starts( &ctx );
374 
375  while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
376  sha1_update( &ctx, buf, n );
377 
378  sha1_finish( &ctx, output );
379  sha1_free( &ctx );
380 
381  if( ferror( f ) != 0 )
382  {
383  fclose( f );
385  }
386 
387  fclose( f );
388  return( 0 );
389 }
390 #endif /* POLARSSL_FS_IO */
391 
392 /*
393  * SHA-1 HMAC context setup
394  */
395 void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
396  size_t keylen )
397 {
398  size_t i;
399  unsigned char sum[20];
400 
401  if( keylen > 64 )
402  {
403  sha1( key, keylen, sum );
404  keylen = 20;
405  key = sum;
406  }
407 
408  memset( ctx->ipad, 0x36, 64 );
409  memset( ctx->opad, 0x5C, 64 );
410 
411  for( i = 0; i < keylen; i++ )
412  {
413  ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
414  ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
415  }
416 
417  sha1_starts( ctx );
418  sha1_update( ctx, ctx->ipad, 64 );
419 
420  polarssl_zeroize( sum, sizeof( sum ) );
421 }
422 
423 /*
424  * SHA-1 HMAC process buffer
425  */
426 void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
427  size_t ilen )
428 {
429  sha1_update( ctx, input, ilen );
430 }
431 
432 /*
433  * SHA-1 HMAC final digest
434  */
435 void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
436 {
437  unsigned char tmpbuf[20];
438 
439  sha1_finish( ctx, tmpbuf );
440  sha1_starts( ctx );
441  sha1_update( ctx, ctx->opad, 64 );
442  sha1_update( ctx, tmpbuf, 20 );
443  sha1_finish( ctx, output );
444 
445  polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
446 }
447 
448 /*
449  * SHA1 HMAC context reset
450  */
451 void sha1_hmac_reset( sha1_context *ctx )
452 {
453  sha1_starts( ctx );
454  sha1_update( ctx, ctx->ipad, 64 );
455 }
456 
457 /*
458  * output = HMAC-SHA-1( hmac key, input buffer )
459  */
460 void sha1_hmac( const unsigned char *key, size_t keylen,
461  const unsigned char *input, size_t ilen,
462  unsigned char output[20] )
463 {
464  sha1_context ctx;
465 
466  sha1_init( &ctx );
467  sha1_hmac_starts( &ctx, key, keylen );
468  sha1_hmac_update( &ctx, input, ilen );
469  sha1_hmac_finish( &ctx, output );
470  sha1_free( &ctx );
471 }
472 
473 #if defined(POLARSSL_SELF_TEST)
474 /*
475  * FIPS-180-1 test vectors
476  */
477 static unsigned char sha1_test_buf[3][57] =
478 {
479  { "abc" },
480  { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
481  { "" }
482 };
483 
484 static const int sha1_test_buflen[3] =
485 {
486  3, 56, 1000
487 };
488 
489 static const unsigned char sha1_test_sum[3][20] =
490 {
491  { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
492  0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
493  { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
494  0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
495  { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
496  0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
497 };
498 
499 /*
500  * RFC 2202 test vectors
501  */
502 static unsigned char sha1_hmac_test_key[7][26] =
503 {
504  { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
505  "\x0B\x0B\x0B\x0B" },
506  { "Jefe" },
507  { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
508  "\xAA\xAA\xAA\xAA" },
509  { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
510  "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
511  { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
512  "\x0C\x0C\x0C\x0C" },
513  { "" }, /* 0xAA 80 times */
514  { "" }
515 };
516 
517 static const int sha1_hmac_test_keylen[7] =
518 {
519  20, 4, 20, 25, 20, 80, 80
520 };
521 
522 static unsigned char sha1_hmac_test_buf[7][74] =
523 {
524  { "Hi There" },
525  { "what do ya want for nothing?" },
526  { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
527  "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
528  "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
529  "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
530  "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
531  { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
532  "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
533  "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
534  "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
535  "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
536  { "Test With Truncation" },
537  { "Test Using Larger Than Block-Size Key - Hash Key First" },
538  { "Test Using Larger Than Block-Size Key and Larger"
539  " Than One Block-Size Data" }
540 };
541 
542 static const int sha1_hmac_test_buflen[7] =
543 {
544  8, 28, 50, 50, 20, 54, 73
545 };
546 
547 static const unsigned char sha1_hmac_test_sum[7][20] =
548 {
549  { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
550  0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
551  { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
552  0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
553  { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
554  0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
555  { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
556  0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
557  { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
558  0x7B, 0xE1 },
559  { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
560  0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
561  { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
562  0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
563 };
564 
565 /*
566  * Checkup routine
567  */
568 int sha1_self_test( int verbose )
569 {
570  int i, j, buflen, ret = 0;
571  unsigned char buf[1024];
572  unsigned char sha1sum[20];
573  sha1_context ctx;
574 
575  sha1_init( &ctx );
576 
577  /*
578  * SHA-1
579  */
580  for( i = 0; i < 3; i++ )
581  {
582  if( verbose != 0 )
583  polarssl_printf( " SHA-1 test #%d: ", i + 1 );
584 
585  sha1_starts( &ctx );
586 
587  if( i == 2 )
588  {
589  memset( buf, 'a', buflen = 1000 );
590 
591  for( j = 0; j < 1000; j++ )
592  sha1_update( &ctx, buf, buflen );
593  }
594  else
595  sha1_update( &ctx, sha1_test_buf[i],
596  sha1_test_buflen[i] );
597 
598  sha1_finish( &ctx, sha1sum );
599 
600  if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
601  {
602  if( verbose != 0 )
603  polarssl_printf( "failed\n" );
604 
605  ret = 1;
606  goto exit;
607  }
608 
609  if( verbose != 0 )
610  polarssl_printf( "passed\n" );
611  }
612 
613  if( verbose != 0 )
614  polarssl_printf( "\n" );
615 
616  for( i = 0; i < 7; i++ )
617  {
618  if( verbose != 0 )
619  polarssl_printf( " HMAC-SHA-1 test #%d: ", i + 1 );
620 
621  if( i == 5 || i == 6 )
622  {
623  memset( buf, '\xAA', buflen = 80 );
624  sha1_hmac_starts( &ctx, buf, buflen );
625  }
626  else
627  sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
628  sha1_hmac_test_keylen[i] );
629 
630  sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
631  sha1_hmac_test_buflen[i] );
632 
633  sha1_hmac_finish( &ctx, sha1sum );
634 
635  buflen = ( i == 4 ) ? 12 : 20;
636 
637  if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
638  {
639  if( verbose != 0 )
640  polarssl_printf( "failed\n" );
641 
642  ret = 1;
643  goto exit;
644  }
645 
646  if( verbose != 0 )
647  polarssl_printf( "passed\n" );
648  }
649 
650  if( verbose != 0 )
651  polarssl_printf( "\n" );
652 
653 exit:
654  sha1_free( &ctx );
655 
656  return( ret );
657 }
658 
659 #endif /* POLARSSL_SELF_TEST */
660 
661 #endif /* POLARSSL_SHA1_C */
void sha1_hmac_finish(sha1_context *ctx, unsigned char output[20])
SHA-1 HMAC final digest.
int sha1_self_test(int verbose)
Checkup routine.
SHA-1 context structure.
Definition: sha1.h:58
void sha1(const unsigned char *input, size_t ilen, unsigned char output[20])
Output = SHA-1( input buffer )
void sha1_finish(sha1_context *ctx, unsigned char output[20])
SHA-1 final digest.
uint32_t state[5]
Definition: sha1.h:61
void sha1_hmac(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[20])
Output = HMAC-SHA-1( hmac key, input buffer )
Configuration options (set of defines)
unsigned char buffer[64]
Definition: sha1.h:62
PolarSSL Platform abstraction layer.
void sha1_hmac_reset(sha1_context *ctx)
SHA-1 HMAC context reset.
int sha1_file(const char *path, unsigned char output[20])
Output = SHA-1( file contents )
void sha1_free(sha1_context *ctx)
Clear SHA-1 context.
void sha1_hmac_starts(sha1_context *ctx, const unsigned char *key, size_t keylen)
SHA-1 HMAC context setup.
void sha1_starts(sha1_context *ctx)
SHA-1 context setup.
SHA-1 cryptographic hash function.
unsigned char ipad[64]
Definition: sha1.h:64
#define polarssl_printf
Definition: platform.h:109
void sha1_init(sha1_context *ctx)
Initialize SHA-1 context.
void sha1_update(sha1_context *ctx, const unsigned char *input, size_t ilen)
SHA-1 process buffer.
unsigned char opad[64]
Definition: sha1.h:65
void sha1_process(sha1_context *ctx, const unsigned char data[64])
void sha1_hmac_update(sha1_context *ctx, const unsigned char *input, size_t ilen)
SHA-1 HMAC process buffer.
uint32_t total[2]
Definition: sha1.h:60
#define POLARSSL_ERR_SHA1_FILE_IO_ERROR
Read/write error in file.
Definition: sha1.h:45