"Fossies" - the Fresh Open Source Software Archive 
Member "Digest-HMAC-1.04/t/rfc2202.t" (1 Apr 2021, 14412 Bytes) of package /linux/privat/Digest-HMAC-1.04.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
1 print "1..14\n";
2
3 $test_case = 0;
4 $algorithm = "";
5
6 while (<DATA>) {
7 next if /^\s+$/; # blank lines
8 next if /^Cheng & Glenn/; # page header
9 next if /^RFC 2202/; # page header
10 chomp;
11 if (/^2\. Test Cases for/ .. /4\. Security Considerations/) {
12 if (/^\d+\. Test Cases for (\S+)/) {
13 if (defined $key) { save($key, $val); undef($key) }
14 $algorithm = $1;
15 } elsif (/^(\w+(?:-\w+)*)\s+=\s+(.*)/) {
16 save($key, $val) if defined $key;
17 $key = $1;
18 $val = $2;
19 $test_case = $val if $key eq "test_case";
20 } elsif (/^\s+(.*)/) {
21 $val .= " $1";
22 } elsif (/^4\. /) {
23 # ignore
24 } else {
25 print ">>> $_\n";
26 }
27 }
28 }
29 close(DATA);
30 save($key, $val) if $key;
31
32 sub save
33 {
34 my($key,$val) = @_;
35 if ($val =~ /^0x(..) repeated (\d+) times$/) {
36 $val = chr(hex($1)) x $2;
37 } elsif ($val =~ s/^0x//) {
38 $val = pack("H*", $val);
39 } elsif ($val =~ s/^\"// && $val =~ s/\"$//) {
40 # we already did it
41 }
42 $case{$algorithm}[$test_case-1]{$key} = $val;
43 }
44
45 #use Data::Dumper; print Dumper(\%case);
46
47
48 $testno = 0;
49
50 use Digest::HMAC_MD5 qw(hmac_md5);
51 print "\n# HMAC-MD5 tests\n";
52 foreach (@{$case{"HMAC-MD5"}}) {
53 $testno++;
54
55 # This is a temporary workaround necessitated by a DEC
56 # compiler bug which breaks the 'x' operator. See
57 #
58 # http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/1998-12/msg01720.html
59 #
60 if ($^O eq 'dec_osf' and $] < 5.00503) {
61 require Config;
62 my $temp=\%Config::Config; # suppress a silly warning
63 if ($testno =~ /^(?:3|4|6|7)$/ and ! $Config::Config{gccversion}) {
64 print "ok $testno # skipping test on this platform\n";
65 next;
66 }
67 }
68
69 #use Data::Dumper; print Dumper($_);
70 warn unless length($_->{key}) == $_->{key_len};
71 warn unless length($_->{data}) == $_->{data_len};
72
73 my $failed;
74 # Test OO interface
75 my $hasher = Digest::HMAC_MD5->new($_->{key});
76 $hasher->add($_->{data});
77 $failed++ unless $hasher->digest eq $_->{digest};
78
79 # Test functional interface
80 $failed++ if hmac_md5($_->{data}, $_->{key}) ne $_->{digest};
81 print "not " if $failed;
82 print "ok $testno\n";
83 }
84
85 # Digest::SHA1 might fail if the SHA module is not installed
86 eval {
87 # use Digest::HMAC_SHA1 qw(hmac_sha1);
88 require Digest::HMAC_SHA1;
89 *hmac_sha1 = \&Digest::HMAC_SHA1::hmac_sha1;
90 };
91 if ($@) {
92 print "\n# HMAC-SHA-1 tests skipped\n$@\n";
93 for (8..14) { print "ok $_\n"; }
94 }
95 else {
96
97 print "\n# HMAC-SHA-1 tests\n";
98 foreach (@{$case{"HMAC-SHA-1"}}) {
99 $testno++;
100 #use Data::Dumper; print Dumper($_);
101 warn unless length($_->{key}) == $_->{key_len};
102 warn unless length($_->{data}) == $_->{data_len};
103
104 my $failed;
105 # Test OO interface
106 my $hasher = Digest::HMAC_SHA1->new($_->{key});
107 $hasher->add($_->{data});
108 $failed++ unless $hasher->digest eq $_->{digest};
109
110 # Test functional interface
111 $failed++ if hmac_sha1($_->{data}, $_->{key}) ne $_->{digest};
112
113 print "not " if $failed;
114 print "ok $testno\n";
115 }
116 }
117
118 __END__
119
120
121 Network Working Group P. Cheng
122 Request for Comments: 2202 IBM
123 Category: Informational R. Glenn
124 NIST
125 September 1997
126
127
128 Test Cases for HMAC-MD5 and HMAC-SHA-1
129
130 Status of This Memo
131
132 This memo provides information for the Internet community. This memo
133 does not specify an Internet standard of any kind. Distribution of
134 this memo is unlimited.
135
136 Abstract
137
138 This document provides two sets of test cases for HMAC-MD5 and HMAC-
139 SHA-1, respectively. HMAC-MD5 and HMAC-SHA-1 are two constructs of
140 the HMAC [HMAC] message authentication function using the MD5 [MD5]
141 hash function and the SHA-1 [SHA] hash function. Both constructs are
142 used by IPSEC [OG,CG] and other protocols to authenticate messages.
143 The test cases and results provided in this document are meant to be
144 used as a conformance test for HMAC-MD5 and HMAC-SHA-1
145 implementations.
146
147 1. Introduction
148
149 The general method for constructing a HMAC message authentication
150 function using a particular hash function is described in section 2
151 of [HMAC]. We will not repeat the description here. Section 5 of
152 [HMAC] also discusses truncating the output of HMAC; the rule is that
153 we should keep the more significant bits (the bits in the left,
154 assuming a network byte order (big-endian)).
155
156 In sections 2 and 3 we provide test cases for HMAC-MD5 and HMAC-SHA-
157 1, respectively. Each case includes the key, the data, and the
158 result. The values of keys and data are either hexadecimal numbers
159 (prefixed by "0x") or ASCII character strings in double quotes. If a
160 value is an ASCII character string, then the HMAC computation for the
161 corresponding test case DOES NOT include the trailing null character
162 ('\0') in the string.
163
164
165
166
167
168
169
170
171
172 Cheng & Glenn Informational [Page 1]
173 �
174 RFC 2202 Test Cases for HMAC-MD5 and HMAC-SHA-1 September 1997
175
176
177 The C source code of the functions used to generate HMAC-SHA-1
178 results is listed in the Appendix. Note that these functions are
179 meant to be simple and easy to understand; they are not optimized in
180 any way. The C source code for computing HMAC-MD5 can be found in
181 [MD5]; or you can do a simple modification to HMAC-SHA-1 code to get
182 HMAC-MD5 code, as explained in the Appendix.
183
184 The test cases in this document are cross-verified by three
185 independent implementations, one from NIST and two from IBM Research.
186 One IBM implementation uses optimized code that is very different
187 from the code in the Appendix. An implemenation that concurs with the
188 results provided in this document should be interoperable with other
189 similar implemenations. We do not claim that such an implementation
190 is absolutely correct with respect to the HMAC definition in [HMAC].
191
192 2. Test Cases for HMAC-MD5
193
194 test_case = 1
195 key = 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
196 key_len = 16
197 data = "Hi There"
198 data_len = 8
199 digest = 0x9294727a3638bb1c13f48ef8158bfc9d
200
201 test_case = 2
202 key = "Jefe"
203 key_len = 4
204 data = "what do ya want for nothing?"
205 data_len = 28
206 digest = 0x750c783e6ab0b503eaa86e310a5db738
207
208 test_case = 3
209 key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
210 key_len = 16
211 data = 0xdd repeated 50 times
212 data_len = 50
213 digest = 0x56be34521d144c88dbb8c733f0e8b3f6
214
215 test_case = 4
216 key = 0x0102030405060708090a0b0c0d0e0f10111213141516171819
217 key_len = 25
218 data = 0xcd repeated 50 times
219 data_len = 50
220 digest = 0x697eaf0aca3a3aea3a75164746ffaa79
221
222
223
224
225
226
227
228 Cheng & Glenn Informational [Page 2]
229 �
230 RFC 2202 Test Cases for HMAC-MD5 and HMAC-SHA-1 September 1997
231
232
233 test_case = 5
234 key = 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
235 key_len = 16
236 data = "Test With Truncation"
237 data_len = 20
238 digest = 0x56461ef2342edc00f9bab995690efd4c
239 digest-96 = 0x56461ef2342edc00f9bab995
240
241 test_case = 6
242 key = 0xaa repeated 80 times
243 key_len = 80
244 data = "Test Using Larger Than Block-Size Key - Hash Key First"
245 data_len = 54
246 digest = 0x6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd
247
248 test_case = 7
249 key = 0xaa repeated 80 times
250 key_len = 80
251 data = "Test Using Larger Than Block-Size Key and Larger
252 Than One Block-Size Data"
253 data_len = 73
254 digest = 0x6f630fad67cda0ee1fb1f562db3aa53e
255
256 3. Test Cases for HMAC-SHA-1
257
258 test_case = 1
259 key = 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
260 key_len = 20
261 data = "Hi There"
262 data_len = 8
263 digest = 0xb617318655057264e28bc0b6fb378c8ef146be00
264
265 test_case = 2
266 key = "Jefe"
267 key_len = 4
268 data = "what do ya want for nothing?"
269 data_len = 28
270 digest = 0xeffcdf6ae5eb2fa2d27416d5f184df9c259a7c79
271
272 test_case = 3
273 key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
274 key_len = 20
275 data = 0xdd repeated 50 times
276 data_len = 50
277 digest = 0x125d7342b9ac11cd91a39af48aa17b4f63f175d3
278
279
280
281
282
283
284 Cheng & Glenn Informational [Page 3]
285 �
286 RFC 2202 Test Cases for HMAC-MD5 and HMAC-SHA-1 September 1997
287
288
289 test_case = 4
290 key = 0x0102030405060708090a0b0c0d0e0f10111213141516171819
291 key_len = 25
292 data = 0xcd repeated 50 times
293 data_len = 50
294 digest = 0x4c9007f4026250c6bc8414f9bf50c86c2d7235da
295
296 test_case = 5
297 key = 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
298 key_len = 20
299 data = "Test With Truncation"
300 data_len = 20
301 digest = 0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04
302 digest-96 = 0x4c1a03424b55e07fe7f27be1
303
304 test_case = 6
305 key = 0xaa repeated 80 times
306 key_len = 80
307 data = "Test Using Larger Than Block-Size Key - Hash Key First"
308 data_len = 54
309 digest = 0xaa4ae5e15272d00e95705637ce8a3b55ed402112
310
311 test_case = 7
312 key = 0xaa repeated 80 times
313 key_len = 80
314 data = "Test Using Larger Than Block-Size Key and Larger
315 Than One Block-Size Data"
316 data_len = 73
317 digest = 0xe8e99d0f45237d786d6bbaa7965c7808bbff1a91
318
319
320
321
322 Cheng & Glenn Informational [Page 4]
323 �
324 RFC 2202 Test Cases for HMAC-MD5 and HMAC-SHA-1 September 1997
325
326
327 4. Security Considerations
328
329 This docuemnt raises no security issues. Discussion on the strength
330 of the HMAC construction can be found in [HMAC].
331
332 References
333
334 [HMAC] Krawczyk, H., Bellare, M., and R. Canetti,
335 "HMAC: Keyed-Hashing for Message Authentication",
336 RFC 2104, February 1997.
337
338 [MD5] Rivest, R., "The MD5 Message-Digest Algorithm",
339 RFC 1321, April 1992.
340
341 [SHA] NIST, FIPS PUB 180-1: Secure Hash Standard, April 1995.
342
343 [OG] Oehler, M., and R. Glenn,
344 "HMAC-MD5 IP Authentication with Replay Prevention",
345 RFC 2085, February 1997.
346
347 [CG] Chang, S., and R. Glenn,
348 "HMAC-SHA IP Authentication with Replay Prevention",
349 Work in Progress.
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378 Cheng & Glenn Informational [Page 5]
379 �
380 RFC 2202 Test Cases for HMAC-MD5 and HMAC-SHA-1 September 1997
381
382
383 Authors' Addresses
384
385 Pau-Chen Cheng
386 IBM T.J. Watson Research Center
387 P.O.Box 704
388 Yorktown Heights, NY 10598
389
390 EMail: pau@watson.ibm.com
391
392
393 Robert Glenn
394 NIST
395 Building 820, Room 455
396 Gaithersburg, MD 20899
397
398 EMail: rob.glenn@nist.gov
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434 Cheng & Glenn Informational [Page 6]
435 �
436 RFC 2202 Test Cases for HMAC-MD5 and HMAC-SHA-1 September 1997
437
438
439 Appendix
440
441 This appendix contains the C reference code which implements HMAC-
442 SHA-1 using an existing SHA-1 library. It assumes that the SHA-1
443 library has similar API's as those of the MD5 code described in RFC
444 1321. The code for HMAC-MD5 is similar, just replace the strings
445 "SHA" and "sha" with "MD5" and "md5". HMAC-MD5 code is also listed in
446 RFC 2104.
447
448 #ifndef SHA_DIGESTSIZE
449 #define SHA_DIGESTSIZE 20
450 #endif
451
452 #ifndef SHA_BLOCKSIZE
453 #define SHA_BLOCKSIZE 64
454 #endif
455
456 #ifndef MD5_DIGESTSIZE
457 #define MD5_DIGESTSIZE 16
458 #endif
459
460 #ifndef MD5_BLOCKSIZE
461 #define MD5_BLOCKSIZE 64
462 #endif
463
464 /* Function to print the digest */
465 void
466 pr_sha(FILE* fp, char* s, int t)
467 {
468 int i ;
469
470 fprintf(fp, "0x") ;
471 for (i = 0 ; i < t ; i++)
472 fprintf(fp, "%02x", s[i]) ;
473 fprintf(fp, "0) ;
474 }
475
476 void truncate
477 (
478 char* d1, /* data to be truncated */
479 char* d2, /* truncated data */
480 int len /* length in bytes to keep */
481 )
482 {
483 int i ;
484 for (i = 0 ; i < len ; i++) d2[i] = d1[i];
485 }
486
487
488
489
490 Cheng & Glenn Informational [Page 7]
491 �
492 RFC 2202 Test Cases for HMAC-MD5 and HMAC-SHA-1 September 1997
493
494
495 /* Function to compute the digest */
496 void
497 hmac_sha
498 (
499 char* k, /* secret key */
500 int lk, /* length of the key in bytes */
501 char* d, /* data */
502 int ld, /* length of data in bytes */
503 char* out, /* output buffer, at least "t" bytes */
504 int t
505 )
506 {
507 SHA_CTX ictx, octx ;
508 char isha[SHA_DIGESTSIZE], osha[SHA_DIGESTSIZE] ;
509 char key[SHA_DIGESTSIZE] ;
510 char buf[SHA_BLOCKSIZE] ;
511 int i ;
512
513 if (lk > SHA_BLOCKSIZE) {
514
515 SHA_CTX tctx ;
516
517 SHAInit(&tctx) ;
518 SHAUpdate(&tctx, k, lk) ;
519 SHAFinal(key, &tctx) ;
520
521 k = key ;
522 lk = SHA_DIGESTSIZE ;
523 }
524
525 /**** Inner Digest ****/
526
527 SHAInit(&ictx) ;
528
529 /* Pad the key for inner digest */
530 for (i = 0 ; i < lk ; ++i) buf[i] = k[i] ^ 0x36 ;
531 for (i = lk ; i < SHA_BLOCKSIZE ; ++i) buf[i] = 0x36 ;
532
533 SHAUpdate(&ictx, buf, SHA_BLOCKSIZE) ;
534 SHAUpdate(&ictx, d, ld) ;
535
536 SHAFinal(isha, &ictx) ;
537
538 /**** Outter Digest ****/
539
540 SHAInit(&octx) ;
541
542 /* Pad the key for outter digest */
543
544
545
546 Cheng & Glenn Informational [Page 8]
547 �
548 RFC 2202 Test Cases for HMAC-MD5 and HMAC-SHA-1 September 1997
549
550
551 for (i = 0 ; i < lk ; ++i) buf[i] = k[i] ^ 0x5C ;
552 for (i = lk ; i < SHA_BLOCKSIZE ; ++i) buf[i] = 0x5C ;
553
554 SHAUpdate(&octx, buf, SHA_BLOCKSIZE) ;
555 SHAUpdate(&octx, isha, SHA_DIGESTSIZE) ;
556
557 SHAFinal(osha, &octx) ;
558
559 /* truncate and print the results */
560 t = t > SHA_DIGESTSIZE ? SHA_DIGESTSIZE : t ;
561 truncate(osha, out, t) ;
562 pr_sha(stdout, out, t) ;
563
564 }
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602 Cheng & Glenn Informational [Page 9]
603 �