"Fossies" - the Fresh Open Source Software Archive

Member "Digest-HMAC-1.04/t/rfc2202.t" (1 Apr 2021, 14412 Bytes) of package /linux/privat/Digest-HMAC-1.04.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 print "1..14\n";
    2 
    3 $test_case = 0;
    4 $algorithm = "";
    5 
    6 while (<DATA>) {
    7    next if /^\s+$/;            # blank lines
    8    next if /^Cheng & Glenn/;   # page header
    9    next if /^RFC 2202/;        # page header
   10    chomp;
   11    if (/^2\. Test Cases for/ .. /4\. Security Considerations/) {
   12 	if (/^\d+\. Test Cases for (\S+)/) {
   13 	    if (defined $key) { save($key, $val); undef($key) }
   14 	    $algorithm = $1;
   15         } elsif (/^(\w+(?:-\w+)*)\s+=\s+(.*)/) {
   16             save($key, $val) if defined $key;
   17 	    $key = $1;
   18 	    $val = $2;
   19 	    $test_case = $val if $key eq "test_case";
   20         } elsif (/^\s+(.*)/) {
   21 	    $val .= " $1";
   22         } elsif (/^4\. /) {
   23 	    # ignore
   24         } else {
   25 	    print ">>> $_\n";
   26         }
   27    }
   28 }
   29 close(DATA);
   30 save($key, $val) if $key;
   31 
   32 sub save
   33 {
   34     my($key,$val) = @_;
   35     if ($val =~ /^0x(..) repeated (\d+) times$/) {
   36 	$val = chr(hex($1)) x $2;
   37     } elsif ($val =~ s/^0x//) {
   38 	$val = pack("H*", $val);
   39     } elsif ($val =~ s/^\"// && $val =~ s/\"$//) {
   40 	# we already did it
   41     }
   42     $case{$algorithm}[$test_case-1]{$key} = $val;
   43 }
   44 
   45 #use Data::Dumper; print Dumper(\%case);
   46 
   47 
   48 $testno = 0;
   49 
   50 use Digest::HMAC_MD5 qw(hmac_md5);
   51 print "\n# HMAC-MD5 tests\n";
   52 foreach (@{$case{"HMAC-MD5"}}) {
   53     $testno++;
   54 
   55     # This is a temporary workaround necessitated by a DEC
   56     # compiler bug which breaks the 'x' operator.  See
   57     #
   58     #  http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/1998-12/msg01720.html
   59     #
   60     if ($^O eq 'dec_osf' and $] < 5.00503) {
   61       require Config;
   62       my $temp=\%Config::Config;  # suppress a silly warning
   63       if ($testno =~ /^(?:3|4|6|7)$/ and ! $Config::Config{gccversion}) {
   64         print "ok $testno # skipping test on this platform\n";
   65         next;
   66       }
   67     }
   68 
   69     #use Data::Dumper; print Dumper($_);
   70     warn unless length($_->{key}) == $_->{key_len};
   71     warn unless length($_->{data}) == $_->{data_len};
   72 
   73     my $failed;
   74     # Test OO interface
   75     my $hasher = Digest::HMAC_MD5->new($_->{key});
   76     $hasher->add($_->{data});
   77     $failed++ unless $hasher->digest eq $_->{digest};
   78 
   79     # Test functional interface
   80     $failed++ if hmac_md5($_->{data}, $_->{key}) ne $_->{digest};
   81     print "not " if $failed;
   82     print "ok $testno\n";
   83 }
   84 
   85 # Digest::SHA1 might fail if the SHA module is not installed
   86 eval {
   87    # use Digest::HMAC_SHA1 qw(hmac_sha1);
   88    require Digest::HMAC_SHA1;
   89    *hmac_sha1 = \&Digest::HMAC_SHA1::hmac_sha1;
   90 };
   91 if ($@) {
   92    print "\n# HMAC-SHA-1 tests skipped\n$@\n";
   93    for (8..14) { print "ok $_\n"; }
   94 }
   95 else {
   96 
   97 print "\n# HMAC-SHA-1 tests\n";
   98 foreach (@{$case{"HMAC-SHA-1"}}) {
   99     $testno++;
  100     #use Data::Dumper; print Dumper($_);
  101     warn unless length($_->{key}) == $_->{key_len};
  102     warn unless length($_->{data}) == $_->{data_len};
  103 
  104     my $failed;
  105     # Test OO interface
  106     my $hasher = Digest::HMAC_SHA1->new($_->{key});
  107     $hasher->add($_->{data});
  108     $failed++ unless $hasher->digest eq $_->{digest};
  109 
  110     # Test functional interface
  111     $failed++ if hmac_sha1($_->{data}, $_->{key}) ne $_->{digest};
  112 
  113     print "not " if $failed;
  114     print "ok $testno\n";
  115 }
  116 }
  117 
  118 __END__
  119 
  120 
  121 Network Working Group                                          P. Cheng
  122 Request for Comments: 2202                                          IBM
  123 Category: Informational                                        R. Glenn
  124                                                                    NIST
  125                                                          September 1997
  126 
  127 
  128                  Test Cases for HMAC-MD5 and HMAC-SHA-1
  129 
  130 Status of This Memo
  131 
  132    This memo provides information for the Internet community.  This memo
  133    does not specify an Internet standard of any kind.  Distribution of
  134    this memo is unlimited.
  135 
  136 Abstract
  137 
  138    This document provides two sets of test cases for HMAC-MD5 and HMAC-
  139    SHA-1, respectively. HMAC-MD5 and HMAC-SHA-1 are two constructs of
  140    the HMAC [HMAC] message authentication function using the MD5 [MD5]
  141    hash function and the SHA-1 [SHA] hash function. Both constructs are
  142    used by IPSEC [OG,CG] and other protocols to authenticate messages.
  143    The test cases and results provided in this document are meant to be
  144    used as a conformance test for HMAC-MD5 and HMAC-SHA-1
  145    implementations.
  146 
  147 1. Introduction
  148 
  149    The general method for constructing a HMAC message authentication
  150    function using a particular hash function is described in section 2
  151    of [HMAC]. We will not repeat the description here. Section 5 of
  152    [HMAC] also discusses truncating the output of HMAC; the rule is that
  153    we should keep the more significant bits (the bits in the left,
  154    assuming a network byte order (big-endian)).
  155 
  156    In sections 2 and 3 we provide test cases for HMAC-MD5 and HMAC-SHA-
  157    1, respectively. Each case includes the key, the data, and the
  158    result.  The values of keys and data are either hexadecimal numbers
  159    (prefixed by "0x") or ASCII character strings in double quotes. If a
  160    value is an ASCII character string, then the HMAC computation for the
  161    corresponding test case DOES NOT include the trailing null character
  162    ('\0') in the string.
  163 
  164 
  165 
  166 
  167 
  168 
  169 
  170 
  171 
  172 Cheng & Glenn                Informational                      [Page 1]
  173 
  174 RFC 2202         Test Cases for HMAC-MD5 and HMAC-SHA-1   September 1997
  175 
  176 
  177    The C source code of the functions used to generate HMAC-SHA-1
  178    results is listed in the Appendix. Note that these functions are
  179    meant to be simple and easy to understand; they are not optimized in
  180    any way. The C source code for computing HMAC-MD5 can be found in
  181    [MD5]; or you can do a simple modification to HMAC-SHA-1 code to get
  182    HMAC-MD5 code, as explained in the Appendix.
  183 
  184    The test cases in this document are cross-verified by three
  185    independent implementations, one from NIST and two from IBM Research.
  186    One IBM implementation uses optimized code that is very different
  187    from the code in the Appendix. An implemenation that concurs with the
  188    results provided in this document should be interoperable with other
  189    similar implemenations.  We do not claim that such an implementation
  190    is absolutely correct with respect to the HMAC definition in [HMAC].
  191 
  192 2. Test Cases for HMAC-MD5
  193 
  194 test_case =     1
  195 key =           0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
  196 key_len =       16
  197 data =          "Hi There"
  198 data_len =      8
  199 digest =        0x9294727a3638bb1c13f48ef8158bfc9d
  200 
  201 test_case =     2
  202 key =           "Jefe"
  203 key_len =       4
  204 data =          "what do ya want for nothing?"
  205 data_len =      28
  206 digest =        0x750c783e6ab0b503eaa86e310a5db738
  207 
  208 test_case =     3
  209 key =           0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
  210 key_len =       16
  211 data =          0xdd repeated 50 times
  212 data_len =      50
  213 digest =        0x56be34521d144c88dbb8c733f0e8b3f6
  214 
  215 test_case =     4
  216 key =           0x0102030405060708090a0b0c0d0e0f10111213141516171819
  217 key_len =       25
  218 data =          0xcd repeated 50 times
  219 data_len =      50
  220 digest =        0x697eaf0aca3a3aea3a75164746ffaa79
  221 
  222 
  223 
  224 
  225 
  226 
  227 
  228 Cheng & Glenn                Informational                      [Page 2]
  229 
  230 RFC 2202         Test Cases for HMAC-MD5 and HMAC-SHA-1   September 1997
  231 
  232 
  233 test_case =     5
  234 key =           0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
  235 key_len =       16
  236 data =          "Test With Truncation"
  237 data_len =      20
  238 digest =        0x56461ef2342edc00f9bab995690efd4c
  239 digest-96 =     0x56461ef2342edc00f9bab995
  240 
  241 test_case =     6
  242 key =           0xaa repeated 80 times
  243 key_len =       80
  244 data =          "Test Using Larger Than Block-Size Key - Hash Key First"
  245 data_len =      54
  246 digest =        0x6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd
  247 
  248 test_case =     7
  249 key =           0xaa repeated 80 times
  250 key_len =       80
  251 data =          "Test Using Larger Than Block-Size Key and Larger
  252                 Than One Block-Size Data"
  253 data_len =      73
  254 digest =        0x6f630fad67cda0ee1fb1f562db3aa53e
  255 
  256 3. Test Cases for HMAC-SHA-1
  257 
  258 test_case =     1
  259 key =           0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
  260 key_len =       20
  261 data =          "Hi There"
  262 data_len =      8
  263 digest =        0xb617318655057264e28bc0b6fb378c8ef146be00
  264 
  265 test_case =     2
  266 key =           "Jefe"
  267 key_len =       4
  268 data =          "what do ya want for nothing?"
  269 data_len =      28
  270 digest =        0xeffcdf6ae5eb2fa2d27416d5f184df9c259a7c79
  271 
  272 test_case =     3
  273 key =           0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
  274 key_len =       20
  275 data =          0xdd repeated 50 times
  276 data_len =      50
  277 digest =        0x125d7342b9ac11cd91a39af48aa17b4f63f175d3
  278 
  279 
  280 
  281 
  282 
  283 
  284 Cheng & Glenn                Informational                      [Page 3]
  285 
  286 RFC 2202         Test Cases for HMAC-MD5 and HMAC-SHA-1   September 1997
  287 
  288 
  289 test_case =     4
  290 key =           0x0102030405060708090a0b0c0d0e0f10111213141516171819
  291 key_len =       25
  292 data =          0xcd repeated 50 times
  293 data_len =      50
  294 digest =        0x4c9007f4026250c6bc8414f9bf50c86c2d7235da
  295 
  296 test_case =     5
  297 key =           0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
  298 key_len =       20
  299 data =          "Test With Truncation"
  300 data_len =      20
  301 digest =        0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04
  302 digest-96 =     0x4c1a03424b55e07fe7f27be1
  303 
  304 test_case =     6
  305 key =           0xaa repeated 80 times
  306 key_len =       80
  307 data =          "Test Using Larger Than Block-Size Key - Hash Key First"
  308 data_len =      54
  309 digest =        0xaa4ae5e15272d00e95705637ce8a3b55ed402112
  310 
  311 test_case =     7
  312 key =           0xaa repeated 80 times
  313 key_len =       80
  314 data =          "Test Using Larger Than Block-Size Key and Larger
  315                 Than One Block-Size Data"
  316 data_len =      73
  317 digest =        0xe8e99d0f45237d786d6bbaa7965c7808bbff1a91
  318 
  319 
  320 
  321 
  322 Cheng & Glenn                Informational                      [Page 4]
  323 
  324 RFC 2202         Test Cases for HMAC-MD5 and HMAC-SHA-1   September 1997
  325 
  326 
  327 4. Security Considerations
  328 
  329    This docuemnt raises no security issues. Discussion on the strength
  330    of the HMAC construction can be found in [HMAC].
  331 
  332 References
  333 
  334    [HMAC]    Krawczyk, H., Bellare, M., and R. Canetti,
  335              "HMAC: Keyed-Hashing for Message Authentication",
  336              RFC 2104, February 1997.
  337 
  338    [MD5]     Rivest, R., "The MD5 Message-Digest Algorithm",
  339              RFC 1321, April 1992.
  340 
  341    [SHA]     NIST, FIPS PUB 180-1: Secure Hash Standard, April 1995.
  342 
  343    [OG]      Oehler, M., and R. Glenn,
  344              "HMAC-MD5 IP Authentication with Replay Prevention",
  345              RFC 2085, February 1997.
  346 
  347    [CG]      Chang, S., and R. Glenn,
  348              "HMAC-SHA IP Authentication with Replay Prevention",
  349              Work in Progress.
  350 
  351 
  352 
  353 
  354 
  355 
  356 
  357 
  358 
  359 
  360 
  361 
  362 
  363 
  364 
  365 
  366 
  367 
  368 
  369 
  370 
  371 
  372 
  373 
  374 
  375 
  376 
  377 
  378 Cheng & Glenn                Informational                      [Page 5]
  379 
  380 RFC 2202         Test Cases for HMAC-MD5 and HMAC-SHA-1   September 1997
  381 
  382 
  383 Authors' Addresses
  384 
  385    Pau-Chen Cheng
  386    IBM T.J. Watson Research Center
  387    P.O.Box 704
  388    Yorktown Heights, NY 10598
  389 
  390    EMail: pau@watson.ibm.com
  391 
  392 
  393    Robert Glenn
  394    NIST
  395    Building 820, Room 455
  396    Gaithersburg, MD 20899
  397 
  398    EMail: rob.glenn@nist.gov
  399 
  400 
  401 
  402 
  403 
  404 
  405 
  406 
  407 
  408 
  409 
  410 
  411 
  412 
  413 
  414 
  415 
  416 
  417 
  418 
  419 
  420 
  421 
  422 
  423 
  424 
  425 
  426 
  427 
  428 
  429 
  430 
  431 
  432 
  433 
  434 Cheng & Glenn                Informational                      [Page 6]
  435 
  436 RFC 2202         Test Cases for HMAC-MD5 and HMAC-SHA-1   September 1997
  437 
  438 
  439 Appendix
  440 
  441    This appendix contains the C reference code which implements HMAC-
  442    SHA-1 using an existing SHA-1 library.  It assumes that the SHA-1
  443    library has similar API's as those of the MD5 code described in RFC
  444    1321.  The code for HMAC-MD5 is similar, just replace the strings
  445    "SHA" and "sha" with "MD5" and "md5". HMAC-MD5 code is also listed in
  446    RFC 2104.
  447 
  448    #ifndef SHA_DIGESTSIZE
  449    #define SHA_DIGESTSIZE  20
  450    #endif
  451 
  452    #ifndef SHA_BLOCKSIZE
  453    #define SHA_BLOCKSIZE   64
  454    #endif
  455 
  456    #ifndef MD5_DIGESTSIZE
  457    #define MD5_DIGESTSIZE  16
  458    #endif
  459 
  460    #ifndef MD5_BLOCKSIZE
  461    #define MD5_BLOCKSIZE   64
  462    #endif
  463 
  464    /* Function to print the digest */
  465    void
  466    pr_sha(FILE* fp, char* s, int t)
  467    {
  468            int     i ;
  469 
  470            fprintf(fp, "0x") ;
  471            for (i = 0 ; i < t ; i++)
  472                    fprintf(fp, "%02x", s[i]) ;
  473            fprintf(fp, "0) ;
  474    }
  475 
  476    void truncate
  477    (
  478     char*   d1,   /* data to be truncated */
  479     char*   d2,   /* truncated data */
  480     int     len   /* length in bytes to keep */
  481    )
  482    {
  483            int     i ;
  484            for (i = 0 ; i < len ; i++) d2[i] = d1[i];
  485    }
  486 
  487 
  488 
  489 
  490 Cheng & Glenn                Informational                      [Page 7]
  491 
  492 RFC 2202         Test Cases for HMAC-MD5 and HMAC-SHA-1   September 1997
  493 
  494 
  495    /* Function to compute the digest */
  496    void
  497    hmac_sha
  498    (
  499     char*    k,     /* secret key */
  500     int      lk,    /* length of the key in bytes */
  501     char*    d,     /* data */
  502     int      ld,    /* length of data in bytes */
  503     char*    out,   /* output buffer, at least "t" bytes */
  504     int      t
  505    )
  506    {
  507            SHA_CTX ictx, octx ;
  508            char    isha[SHA_DIGESTSIZE], osha[SHA_DIGESTSIZE] ;
  509            char    key[SHA_DIGESTSIZE] ;
  510            char    buf[SHA_BLOCKSIZE] ;
  511            int     i ;
  512 
  513            if (lk > SHA_BLOCKSIZE) {
  514 
  515                    SHA_CTX         tctx ;
  516 
  517                    SHAInit(&tctx) ;
  518                    SHAUpdate(&tctx, k, lk) ;
  519                    SHAFinal(key, &tctx) ;
  520 
  521                    k = key ;
  522                    lk = SHA_DIGESTSIZE ;
  523            }
  524 
  525            /**** Inner Digest ****/
  526 
  527            SHAInit(&ictx) ;
  528 
  529            /* Pad the key for inner digest */
  530            for (i = 0 ; i < lk ; ++i) buf[i] = k[i] ^ 0x36 ;
  531            for (i = lk ; i < SHA_BLOCKSIZE ; ++i) buf[i] = 0x36 ;
  532 
  533            SHAUpdate(&ictx, buf, SHA_BLOCKSIZE) ;
  534            SHAUpdate(&ictx, d, ld) ;
  535 
  536            SHAFinal(isha, &ictx) ;
  537 
  538            /**** Outter Digest ****/
  539 
  540            SHAInit(&octx) ;
  541 
  542            /* Pad the key for outter digest */
  543 
  544 
  545 
  546 Cheng & Glenn                Informational                      [Page 8]
  547 
  548 RFC 2202         Test Cases for HMAC-MD5 and HMAC-SHA-1   September 1997
  549 
  550 
  551            for (i = 0 ; i < lk ; ++i) buf[i] = k[i] ^ 0x5C ;
  552            for (i = lk ; i < SHA_BLOCKSIZE ; ++i) buf[i] = 0x5C ;
  553 
  554            SHAUpdate(&octx, buf, SHA_BLOCKSIZE) ;
  555            SHAUpdate(&octx, isha, SHA_DIGESTSIZE) ;
  556 
  557            SHAFinal(osha, &octx) ;
  558 
  559            /* truncate and print the results */
  560            t = t > SHA_DIGESTSIZE ? SHA_DIGESTSIZE : t ;
  561            truncate(osha, out, t) ;
  562            pr_sha(stdout, out, t) ;
  563 
  564    }
  565 
  566 
  567 
  568 
  569 
  570 
  571 
  572 
  573 
  574 
  575 
  576 
  577 
  578 
  579 
  580 
  581 
  582 
  583 
  584 
  585 
  586 
  587 
  588 
  589 
  590 
  591 
  592 
  593 
  594 
  595 
  596 
  597 
  598 
  599 
  600 
  601 
  602 Cheng & Glenn                Informational                      [Page 9]
  603