From 828e091013197fa2d32fd07132f8d613793a4aab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Tvrd=C3=ADk?= Date: Wed, 22 Apr 2015 11:02:46 +0200 Subject: [PATCH] Add SHA-1 and HMAC-SHA1 libraries with unit tests Refactore MD5 tests --- lib/Modules | 3 + lib/md5_test.c | 23 ++-- lib/sha1.c | 311 +++++++++++++++++++++++++++++++++++++++++++ lib/sha1.h | 83 ++++++++++++ lib/sha1_hmac.c | 111 +++++++++++++++ lib/sha1_hmac_test.c | 202 ++++++++++++++++++++++++++++ lib/sha1_test.c | 79 +++++++++++ lib/unaligned.h | 46 +++++++ 8 files changed, 843 insertions(+), 15 deletions(-) create mode 100644 lib/sha1.c create mode 100644 lib/sha1.h create mode 100644 lib/sha1_hmac.c create mode 100644 lib/sha1_hmac_test.c create mode 100644 lib/sha1_test.c diff --git a/lib/Modules b/lib/Modules index 75cb5fc9..f483da23 100644 --- a/lib/Modules +++ b/lib/Modules @@ -1,3 +1,6 @@ +sha1.c +sha1.h +sha1_hmac.c birdlib.h bitops.c bitops.h diff --git a/lib/md5_test.c b/lib/md5_test.c index fcce0cb6..10da0c4d 100644 --- a/lib/md5_test.c +++ b/lib/md5_test.c @@ -13,27 +13,21 @@ #include "lib/md5.h" #include "lib/md5.c" /* REMOVE ME */ -#define MD5_BYTES 16 -#define MD5_CHARS 32 +#define MD5_SIZE 16 +#define MD5_HEX_SIZE 33 static void -get_md5(unsigned char hash[MD5_BYTES], unsigned char const *str) +get_md5(const char *str, char (*out_hash)[MD5_HEX_SIZE]) { + unsigned char hash[MD5_SIZE]; struct MD5Context ctxt; MD5Init(&ctxt); MD5Update(&ctxt, str, strlen(str)); MD5Final(hash, &ctxt); -} - -static void -compute_md5(const char *str, char (*out_hash)[MD5_CHARS+1]) -{ - unsigned char hash[MD5_BYTES]; - get_md5(hash, str); int i; - for(i = 0; i < MD5_BYTES; i++) + for(i = 0; i < MD5_SIZE; i++) sprintf(*out_hash + i*2, "%02x", hash[i]); } @@ -42,8 +36,7 @@ t_md5(void) { struct in_out { char *in; - char out[MD5_CHARS+1]; - char fn_out[MD5_CHARS+1]; + char out[MD5_HEX_SIZE]; } in_out[] = { { .in = "", @@ -75,7 +68,7 @@ t_md5(void) }, }; - bt_assert_fn_in_out(compute_md5, in_out, "'%s'", "'%s'"); + bt_assert_fn_in_out(get_md5, in_out, "'%s'", "'%s'"); return BT_SUCCESS; } @@ -85,7 +78,7 @@ main(int argc, char *argv[]) { bt_init(argc, argv); - bt_test_suite(t_md5, "Test Suite from RFC1321"); + bt_test_suite(t_md5, "Test Suite by RFC 1321"); return bt_end(); } diff --git a/lib/sha1.c b/lib/sha1.c new file mode 100644 index 00000000..00b6f467 --- /dev/null +++ b/lib/sha1.c @@ -0,0 +1,311 @@ +/* + * BIRD -- SHA-1 Hash Function (FIPS 180-1, RFC 3174) + * + * (c) 2015 CZ.NIC z.s.p.o. + * + * Based on the code from libucw6.4 + * (c) 2008--2009 Martin Mares + * + * Can be freely distributed and used under the terms of the GNU GPL. + */ + +#include "lib/null.h" +#include "lib/sha1.h" +#include "lib/unaligned.h" + +#include + +void +sha1_init(sha1_context *hd) +{ + hd->h0 = 0x67452301; + hd->h1 = 0xefcdab89; + hd->h2 = 0x98badcfe; + hd->h3 = 0x10325476; + hd->h4 = 0xc3d2e1f0; + hd->nblocks = 0; + hd->count = 0; +} + +/* + * Transform the message X which consists of 16 32-bit-words + */ +static void +transform(sha1_context *hd, const byte *data) +{ + u32 a,b,c,d,e,tm; + u32 x[16]; + + /* Get values from the chaining vars. */ + a = hd->h0; + b = hd->h1; + c = hd->h2; + d = hd->h3; + e = hd->h4; + +#ifdef CPU_BIG_ENDIAN + memcpy( x, data, 64 ); +#else + { + int i; + for (i=0; i<16; i++) + x[i] = get_u32_be(data+4*i); + } +#endif + + +#define K1 0x5A827999L +#define K2 0x6ED9EBA1L +#define K3 0x8F1BBCDCL +#define K4 0xCA62C1D6L +#define F1(x,y,z) ( z ^ ( x & ( y ^ z ) ) ) +#define F2(x,y,z) ( x ^ y ^ z ) +#define F3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) ) +#define F4(x,y,z) ( x ^ y ^ z ) + + +#define M(i) ( tm = x[i&0x0f] ^ x[(i-14)&0x0f] \ + ^ x[(i-8)&0x0f] ^ x[(i-3)&0x0f] \ + , (x[i&0x0f] = ROL(tm, 1)) ) + +#define ROL(x, bits) (((x) << (bits)) | ((uint)(x) >> (sizeof(uint)*8 - (bits)))) /** Bitwise rotation of an unsigned int to the left **/ + + #define R(a,b,c,d,e,f,k,m) do { e += ROL( a, 5 ) \ + + f( b, c, d ) \ + + k \ + + m; \ + b = ROL( b, 30 ); \ + } while(0) + R( a, b, c, d, e, F1, K1, x[ 0] ); + R( e, a, b, c, d, F1, K1, x[ 1] ); + R( d, e, a, b, c, F1, K1, x[ 2] ); + R( c, d, e, a, b, F1, K1, x[ 3] ); + R( b, c, d, e, a, F1, K1, x[ 4] ); + R( a, b, c, d, e, F1, K1, x[ 5] ); + R( e, a, b, c, d, F1, K1, x[ 6] ); + R( d, e, a, b, c, F1, K1, x[ 7] ); + R( c, d, e, a, b, F1, K1, x[ 8] ); + R( b, c, d, e, a, F1, K1, x[ 9] ); + R( a, b, c, d, e, F1, K1, x[10] ); + R( e, a, b, c, d, F1, K1, x[11] ); + R( d, e, a, b, c, F1, K1, x[12] ); + R( c, d, e, a, b, F1, K1, x[13] ); + R( b, c, d, e, a, F1, K1, x[14] ); + R( a, b, c, d, e, F1, K1, x[15] ); + R( e, a, b, c, d, F1, K1, M(16) ); + R( d, e, a, b, c, F1, K1, M(17) ); + R( c, d, e, a, b, F1, K1, M(18) ); + R( b, c, d, e, a, F1, K1, M(19) ); + R( a, b, c, d, e, F2, K2, M(20) ); + R( e, a, b, c, d, F2, K2, M(21) ); + R( d, e, a, b, c, F2, K2, M(22) ); + R( c, d, e, a, b, F2, K2, M(23) ); + R( b, c, d, e, a, F2, K2, M(24) ); + R( a, b, c, d, e, F2, K2, M(25) ); + R( e, a, b, c, d, F2, K2, M(26) ); + R( d, e, a, b, c, F2, K2, M(27) ); + R( c, d, e, a, b, F2, K2, M(28) ); + R( b, c, d, e, a, F2, K2, M(29) ); + R( a, b, c, d, e, F2, K2, M(30) ); + R( e, a, b, c, d, F2, K2, M(31) ); + R( d, e, a, b, c, F2, K2, M(32) ); + R( c, d, e, a, b, F2, K2, M(33) ); + R( b, c, d, e, a, F2, K2, M(34) ); + R( a, b, c, d, e, F2, K2, M(35) ); + R( e, a, b, c, d, F2, K2, M(36) ); + R( d, e, a, b, c, F2, K2, M(37) ); + R( c, d, e, a, b, F2, K2, M(38) ); + R( b, c, d, e, a, F2, K2, M(39) ); + R( a, b, c, d, e, F3, K3, M(40) ); + R( e, a, b, c, d, F3, K3, M(41) ); + R( d, e, a, b, c, F3, K3, M(42) ); + R( c, d, e, a, b, F3, K3, M(43) ); + R( b, c, d, e, a, F3, K3, M(44) ); + R( a, b, c, d, e, F3, K3, M(45) ); + R( e, a, b, c, d, F3, K3, M(46) ); + R( d, e, a, b, c, F3, K3, M(47) ); + R( c, d, e, a, b, F3, K3, M(48) ); + R( b, c, d, e, a, F3, K3, M(49) ); + R( a, b, c, d, e, F3, K3, M(50) ); + R( e, a, b, c, d, F3, K3, M(51) ); + R( d, e, a, b, c, F3, K3, M(52) ); + R( c, d, e, a, b, F3, K3, M(53) ); + R( b, c, d, e, a, F3, K3, M(54) ); + R( a, b, c, d, e, F3, K3, M(55) ); + R( e, a, b, c, d, F3, K3, M(56) ); + R( d, e, a, b, c, F3, K3, M(57) ); + R( c, d, e, a, b, F3, K3, M(58) ); + R( b, c, d, e, a, F3, K3, M(59) ); + R( a, b, c, d, e, F4, K4, M(60) ); + R( e, a, b, c, d, F4, K4, M(61) ); + R( d, e, a, b, c, F4, K4, M(62) ); + R( c, d, e, a, b, F4, K4, M(63) ); + R( b, c, d, e, a, F4, K4, M(64) ); + R( a, b, c, d, e, F4, K4, M(65) ); + R( e, a, b, c, d, F4, K4, M(66) ); + R( d, e, a, b, c, F4, K4, M(67) ); + R( c, d, e, a, b, F4, K4, M(68) ); + R( b, c, d, e, a, F4, K4, M(69) ); + R( a, b, c, d, e, F4, K4, M(70) ); + R( e, a, b, c, d, F4, K4, M(71) ); + R( d, e, a, b, c, F4, K4, M(72) ); + R( c, d, e, a, b, F4, K4, M(73) ); + R( b, c, d, e, a, F4, K4, M(74) ); + R( a, b, c, d, e, F4, K4, M(75) ); + R( e, a, b, c, d, F4, K4, M(76) ); + R( d, e, a, b, c, F4, K4, M(77) ); + R( c, d, e, a, b, F4, K4, M(78) ); + R( b, c, d, e, a, F4, K4, M(79) ); + + /* Update chaining vars. */ + hd->h0 += a; + hd->h1 += b; + hd->h2 += c; + hd->h3 += d; + hd->h4 += e; +} + + +/* + * Update the message digest with the contents + * of INBUF with length INLEN. + */ +void +sha1_update(sha1_context *hd, const byte *inbuf, uint inlen) +{ + if( hd->count == 64 ) /* flush the buffer */ + { + transform( hd, hd->buf ); + hd->count = 0; + hd->nblocks++; + } + if( !inbuf ) + return; + + if( hd->count ) + { + for( ; inlen && hd->count < 64; inlen-- ) + hd->buf[hd->count++] = *inbuf++; + sha1_update( hd, NULL, 0 ); + if( !inlen ) + return; + } + + while( inlen >= 64 ) + { + transform( hd, inbuf ); + hd->count = 0; + hd->nblocks++; + inlen -= 64; + inbuf += 64; + } + for( ; inlen && hd->count < 64; inlen-- ) + hd->buf[hd->count++] = *inbuf++; +} + + +/* + * The routine final terminates the computation and + * returns the digest. + * The handle is prepared for a new cycle, but adding bytes to the + * handle will the destroy the returned buffer. + * Returns: 20 bytes representing the digest. + */ + +byte * +sha1_final(sha1_context *hd) +{ + u32 t, msb, lsb; + byte *p; + + sha1_update(hd, NULL, 0); /* flush */; + + t = hd->nblocks; + /* multiply by 64 to make a byte count */ + lsb = t << 6; + msb = t >> 26; + /* add the count */ + t = lsb; + if( (lsb += hd->count) < t ) + msb++; + /* multiply by 8 to make a bit count */ + t = lsb; + lsb <<= 3; + msb <<= 3; + msb |= t >> 29; + + if( hd->count < 56 ) /* enough room */ + { + hd->buf[hd->count++] = 0x80; /* pad */ + while( hd->count < 56 ) + hd->buf[hd->count++] = 0; /* pad */ + } + else /* need one extra block */ + { + hd->buf[hd->count++] = 0x80; /* pad character */ + while( hd->count < 64 ) + hd->buf[hd->count++] = 0; + sha1_update(hd, NULL, 0); /* flush */; + memset(hd->buf, 0, 56 ); /* fill next block with zeroes */ + } + /* append the 64 bit count */ + hd->buf[56] = msb >> 24; + hd->buf[57] = msb >> 16; + hd->buf[58] = msb >> 8; + hd->buf[59] = msb ; + hd->buf[60] = lsb >> 24; + hd->buf[61] = lsb >> 16; + hd->buf[62] = lsb >> 8; + hd->buf[63] = lsb ; + transform( hd, hd->buf ); + + p = hd->buf; +#define X(a) do { put_u32_be(p, hd->h##a); p += 4; } while(0) + X(0); + X(1); + X(2); + X(3); + X(4); +#undef X + + return hd->buf; +} + +/* + * Shortcut function which puts the hash value of the supplied buffer + * into outbuf which must have a size of 20 bytes. + */ +void +sha1_hash_buffer(byte *outbuf, const byte *buffer, uint length) +{ + sha1_context hd; + + sha1_init(&hd); + sha1_update(&hd, buffer, length); + memcpy(outbuf, sha1_final(&hd), SHA1_SIZE); +} + +#ifdef TEST + +#include +#include +#include + +int main(void) +{ + sha1_context hd; + byte buf[3]; + int cnt; + + sha1_init(&hd); + while ((cnt = read(0, buf, sizeof(buf))) > 0) + sha1_update(&hd, buf, cnt); + + char text[SHA1_HEX_SIZE]; + mem_to_hex(text, sha1_final(&hd), SHA1_SIZE, 0); + puts(text); + + return 0; +} + +#endif diff --git a/lib/sha1.h b/lib/sha1.h new file mode 100644 index 00000000..862e40fe --- /dev/null +++ b/lib/sha1.h @@ -0,0 +1,83 @@ +/* + * BIRD -- SHA-1 Hash Function (FIPS 180-1, RFC 3174) + * + * (c) 2015 CZ.NIC z.s.p.o. + * + * Based on the code from libucw6.4 + * (c) 2008--2009 Martin Mares + * + * Can be freely distributed and used under the terms of the GNU GPL. + */ + +#ifndef _BIRD_SHA1_H +#define _BIRD_SHA1_H + +#include "sysdep/config.h" + +/** + * Internal SHA1 state. + * You should use it just as an opaque handle only. + */ +typedef struct { + u32 h0,h1,h2,h3,h4; + u32 nblocks; + byte buf[64]; + int count; +} sha1_context; + +void sha1_init(sha1_context *hd); /** Initialize new algorithm run in the @hd context. **/ +/** + * Push another @inlen bytes of data pointed to by @inbuf onto the + * SHA1 hash currently in @hd. You can call this any times you want on + * the same hash (and you do not need to reinitialize it by + * @sha1_init()). It has the same effect as concatenating all the data + * together and passing them at once. + */ +void sha1_update(sha1_context *hd, const byte *inbuf, uint inlen); +/** + * No more @sha1_update() calls will be done. This terminates the hash + * and returns a pointer to it. + * + * Note that the pointer points into data in the @hd context. If it ceases + * to exist, the pointer becomes invalid. + * + * To convert the hash to its usual hexadecimal representation, see + * <>. + */ +byte *sha1_final(sha1_context *hd); + +/** + * A convenience one-shot function for SHA1 hash. + * It is equivalent to this snippet of code: + * + * sha1_context hd; + * sha1_init(&hd); + * sha1_update(&hd, buffer, length); + * memcpy(outbuf, sha1_final(&hd), SHA1_SIZE); + */ +void sha1_hash_buffer(byte *outbuf, const byte *buffer, uint length); + +/** + * SHA1 HMAC message authentication. If you provide @key and @data, + * the result will be stored in @outbuf. + */ +void sha1_hmac(byte *outbuf, const byte *key, uint keylen, const byte *data, uint datalen); + +/** + * The HMAC also exists in a stream version in a way analogous to the + * plain SHA1. Pass this as a context. + */ +typedef struct { + sha1_context ictx; + sha1_context octx; +} sha1_hmac_context; + +void sha1_hmac_init(sha1_hmac_context *hd, const byte *key, uint keylen); /** Initialize HMAC with context @hd and the given key. See sha1_init(). */ +void sha1_hmac_update(sha1_hmac_context *hd, const byte *data, uint datalen); /** Hash another @datalen bytes of data. See sha1_update(). */ +byte *sha1_hmac_final(sha1_hmac_context *hd); /** Terminate the HMAC and return a pointer to the allocated hash. See sha1_final(). */ + +#define SHA1_SIZE 20 /** Size of the SHA1 hash in its binary representation **/ +#define SHA1_HEX_SIZE 41 /** Buffer length for a string containing SHA1 in hexadecimal format. **/ +#define SHA1_BLOCK_SIZE 64 /** SHA1 splits input to blocks of this size. **/ + +#endif diff --git a/lib/sha1_hmac.c b/lib/sha1_hmac.c new file mode 100644 index 00000000..6eaabea3 --- /dev/null +++ b/lib/sha1_hmac.c @@ -0,0 +1,111 @@ +/* + * BIRD -- HMAC-SHA1 Message Authentication (RFC 2202) + * + * (c) 2015 CZ.NIC z.s.p.o. + * + * Based on the code from libucw6.4 + * (c) 2008--2009 Martin Mares + * + * Can be freely distributed and used under the terms of the GNU GPL. + */ + +#include "lib/sha1.h" +#include "lib/unaligned.h" + +#include + +void +sha1_hmac_init(sha1_hmac_context *hd, const byte *key, uint keylen) +{ + byte keybuf[SHA1_BLOCK_SIZE], buf[SHA1_BLOCK_SIZE]; + + // Hash the key if necessary + if (keylen <= SHA1_BLOCK_SIZE) + { + memcpy(keybuf, key, keylen); + bzero(keybuf + keylen, SHA1_BLOCK_SIZE - keylen); + } + else + { + sha1_hash_buffer(keybuf, key, keylen); + bzero(keybuf + SHA1_SIZE, SHA1_BLOCK_SIZE - SHA1_SIZE); + } + + // Initialize the inner digest + sha1_init(&hd->ictx); + int i; + for (i = 0; i < SHA1_BLOCK_SIZE; i++) + buf[i] = keybuf[i] ^ 0x36; + sha1_update(&hd->ictx, buf, SHA1_BLOCK_SIZE); + + // Initialize the outer digest + sha1_init(&hd->octx); + for (i = 0; i < SHA1_BLOCK_SIZE; i++) + buf[i] = keybuf[i] ^ 0x5c; + sha1_update(&hd->octx, buf, SHA1_BLOCK_SIZE); +} + +void +sha1_hmac_update(sha1_hmac_context *hd, const byte *data, uint datalen) +{ + // Just update the inner digest + sha1_update(&hd->ictx, data, datalen); +} + +byte *sha1_hmac_final(sha1_hmac_context *hd) +{ + // Finish the inner digest + byte *isha = sha1_final(&hd->ictx); + + // Finish the outer digest + sha1_update(&hd->octx, isha, SHA1_SIZE); + return sha1_final(&hd->octx); +} + +void +sha1_hmac(byte *outbuf, const byte *key, uint keylen, const byte *data, uint datalen) +{ + sha1_hmac_context hd; + sha1_hmac_init(&hd, key, keylen); + sha1_hmac_update(&hd, data, datalen); + byte *osha = sha1_hmac_final(&hd); + memcpy(outbuf, osha, SHA1_SIZE); +} + +#ifdef TEST + +#include +#include + +static uint rd(char *dest) +{ + char buf[1024]; + if (!fgets(buf, sizeof(buf), stdin)) + die("fgets()"); + *strchr(buf, '\n') = 0; + if (buf[0] == '0' && buf[1] == 'x') + { + const char *e = hex_to_mem(dest, buf+2, 1024, 0); + ASSERT(!*e); + return (e-buf-2)/2; + } + else + { + strcpy(dest, buf); + return strlen(dest); + } +} + +int main(void) +{ + char key[1024], data[1024]; + byte hmac[SHA1_SIZE]; + uint kl = rd(key); + uint dl = rd(data); + sha1_hmac(hmac, key, kl, data, dl); + mem_to_hex(data, hmac, SHA1_SIZE, 0); + puts(data); + return 0; +} + +#endif diff --git a/lib/sha1_hmac_test.c b/lib/sha1_hmac_test.c new file mode 100644 index 00000000..1ac30692 --- /dev/null +++ b/lib/sha1_hmac_test.c @@ -0,0 +1,202 @@ +/* + * BIRD Library -- HMAC-SHA1 Message Authentication Tests + * + * (c) 2015 CZ.NIC z.s.p.o. + * + * Can be freely distributed and used under the terms of the GNU GPL. + */ + +#include + +#include "test/birdtest.h" +#include "sysdep/config.h" +#include "lib/sha1.h" +#include "lib/sha1.c" /* REMOVE ME */ +#include "lib/sha1_hmac.c" /* REMOVE ME */ + +#define HMAC_BUFFER_SIZE 80 +struct hmac_data_in { + byte key[HMAC_BUFFER_SIZE]; + uint key_len; + byte data[HMAC_BUFFER_SIZE]; + uint data_len; +}; + +static void +get_sha1_hmac(const struct hmac_data_in in, char (*out_hash)[SHA1_HEX_SIZE]) +{ + sha1_hmac_context ctx; + sha1_hmac_init(&ctx, in.key, in.key_len); + sha1_hmac_update(&ctx, in.data, in.data_len); + byte *hash_byte = sha1_hmac_final(&ctx); + + int i; + for (i = 0; i < SHA1_SIZE; i++) + sprintf(*out_hash + i*2, "%02x", hash_byte[i]); +} + +static int +t_sha1(void) +{ + struct in_out { + struct hmac_data_in in; + char out[SHA1_HEX_SIZE]; + } in_out[] = { + { + .in = { + .key = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + }, + .key_len = 20, + .data = "Hi There", + .data_len = 8, + }, + .out = "b617318655057264e28bc0b6fb378c8ef146be00", + }, + { + .in = { + .key = "Jefe", + .key_len = 4, + .data = "what do ya want for nothing?", + .data_len = 28, + }, + .out = "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79", + }, + { + .in = { + .key = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + }, + .key_len = 20, + .data = { + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + }, + .data_len = 50, + }, + .out = "125d7342b9ac11cd91a39af48aa17b4f63f175d3", + }, + { + .in = { + .key = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, + 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, + }, + .key_len = 25, + .data = { + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + }, + .data_len = 50, + }, + .out = "4c9007f4026250c6bc8414f9bf50c86c2d7235da", + }, + { + .in = { + .key = { + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + }, + .key_len = 20, + .data = "Test With Truncation", + .data_len = 20, + }, + .out = "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04", + }, + { + .in = { + .key = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + }, + .key_len = 80, + .data = "Test Using Larger Than Block-Size Key - Hash Key First", + .data_len = 54, + }, + .out = "aa4ae5e15272d00e95705637ce8a3b55ed402112", + }, + { + .in = { + .key = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + }, + .key_len = 80, + .data = "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", + .data_len = 73, + }, + .out = "e8e99d0f45237d786d6bbaa7965c7808bbff1a91", + }, + { + .in = { + .key = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + }, + .key_len = 80, + .data = "Test Using Larger Than Block-Size Key - Hash Key First", + .data_len = 54, + }, + .out = "aa4ae5e15272d00e95705637ce8a3b55ed402112", + }, + { + .in = { + .key = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + }, + .key_len = 80, + .data = "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", + .data_len = 73, + }, + .out = "e8e99d0f45237d786d6bbaa7965c7808bbff1a91", + }, + }; + + bt_assert_fn_in_out(get_sha1_hmac, in_out, NULL, "'%s'"); + + return BT_SUCCESS; +} + +int +main(int argc, char *argv[]) +{ + bt_init(argc, argv); + + bt_test_suite(t_sha1, "Test Suite by RFC 2202"); + + return bt_end(); +} diff --git a/lib/sha1_test.c b/lib/sha1_test.c new file mode 100644 index 00000000..595ad15b --- /dev/null +++ b/lib/sha1_test.c @@ -0,0 +1,79 @@ +/* + * BIRD Library -- SHA-1 Hash Function Tests + * + * (c) 2015 CZ.NIC z.s.p.o. + * + * Can be freely distributed and used under the terms of the GNU GPL. + */ + +#include + +#include "test/birdtest.h" +#include "sysdep/config.h" +#include "lib/sha1.h" +#include "lib/sha1.c" /* REMOVE ME */ + +static void +get_sha1(const char *str, char (*out_hash)[SHA1_HEX_SIZE]) +{ + sha1_context ctx; + sha1_init(&ctx); + sha1_update(&ctx, str, strlen(str)); + byte *hash = sha1_final(&ctx); + + int i; + for(i = 0; i < SHA1_SIZE; i++) + sprintf(*out_hash + i*2, "%02x", hash[i]); +} + +static int +t_sha1(void) +{ + struct in_out { + char *in; + char out[SHA1_HEX_SIZE]; + } in_out[] = { + { + .in = "", + .out = "da39a3ee5e6b4b0d3255bfef95601890afd80709", + }, + { + .in = "a", + .out = "86f7e437faa5a7fce15d1ddcb9eaeaea377667b8", + }, + { + .in = "abc", + .out = "a9993e364706816aba3e25717850c26c9cd0d89d", + }, + { + .in = "message digest", + .out = "c12252ceda8be8994d5fa0290a47231c1d16aae3", + }, + { + .in = "abcdefghijklmnopqrstuvwxyz", + .out = "32d10c7b8cf96570ca04ce37f2a19d84240d3a89", + }, + { + .in = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + .out = "761c457bf73b14d27e9e9265c46f4b4dda11f940", + }, + { + .in = "12345678901234567890123456789012345678901234567890123456789012345678901234567890", + .out = "50abf5706a150990a08b2c5ea40fa0e585554732", + }, + }; + + bt_assert_fn_in_out(get_sha1, in_out, "'%s'", "'%s'"); + + return BT_SUCCESS; +} + +int +main(int argc, char *argv[]) +{ + bt_init(argc, argv); + + bt_test_suite(t_sha1, "Test Suite by RFC 1321 (it is for MD5)"); + + return bt_end(); +} diff --git a/lib/unaligned.h b/lib/unaligned.h index af655204..eea9eabe 100644 --- a/lib/unaligned.h +++ b/lib/unaligned.h @@ -18,6 +18,7 @@ */ #include "lib/string.h" +#include static inline u16 get_u16(void *p) @@ -49,4 +50,49 @@ put_u32(void *p, u32 x) memcpy(p, &x, 4); } +/* Big endian format */ + +#if defined(CPU_BIG_ENDIAN) +static inline uint get_u16_be(const void *p) { return *(u16 *)p; } /** Read 16-bit integer value from an unaligned sequence of 2 bytes (big-endian version). **/ +static inline u32 get_u32_be(const void *p) { return *(u32 *)p; } /** Read 32-bit integer value from an unaligned sequence of 4 bytes (big-endian version). **/ +static inline u64 get_u64_be(const void *p) { return *(u64 *)p; } /** Read 64-bit integer value from an unaligned sequence of 8 bytes (big-endian version). **/ +static inline void put_u16_be(void *p, uint x) { *(u16 *)p = x; } /** Write 16-bit integer value to an unaligned sequence of 2 bytes (big-endian version). **/ +static inline void put_u32_be(void *p, u32 x) { *(u32 *)p = x; } /** Write 32-bit integer value to an unaligned sequence of 4 bytes (big-endian version). **/ +static inline void put_u64_be(void *p, u64 x) { *(u64 *)p = x; } /** Write 64-bit integer value to an unaligned sequence of 8 bytes (big-endian version). **/ +#else +static inline uint get_u16_be(const void *p) +{ + const byte *c = (const byte *)p; + return (c[0] << 8) | c[1]; +} +static inline u32 get_u32_be(const void *p) +{ + const byte *c = (const byte *)p; + return (c[0] << 24) | (c[1] << 16) | (c[2] << 8) | c[3]; +} +static inline u64 get_u64_be(const void *p) +{ + return ((u64) get_u32_be(p) << 32) | get_u32_be((const byte *)p+4); +} +static inline void put_u16_be(void *p, uint x) +{ + byte *c = (byte *)p; + c[0] = x >> 8; + c[1] = x; +} +static inline void put_u32_be(void *p, u32 x) +{ + byte *c = (byte *)p; + c[0] = x >> 24; + c[1] = x >> 16; + c[2] = x >> 8; + c[3] = x; +} +static inline void put_u64_be(void *p, u64 x) +{ + put_u32_be(p, x >> 32); + put_u32_be((byte *)p+4, x); +} +#endif + #endif