fate: add test vectors for HMAC SHA and SHA-2
[libav.git] / libavutil / hmac.c
1 /*
2 * Copyright (C) 2012 Martin Storsjo
3 *
4 * This file is part of Libav.
5 *
6 * Libav is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * Libav is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with Libav; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <string.h>
22
23 #include "attributes.h"
24 #include "hmac.h"
25 #include "md5.h"
26 #include "sha.h"
27 #include "mem.h"
28
29 #define MAX_HASHLEN 32
30 #define MAX_BLOCKLEN 64
31
32 struct AVHMAC {
33 void *hash;
34 int blocklen, hashlen;
35 void (*final)(void*, uint8_t*);
36 void (*update)(void*, const uint8_t*, int len);
37 void (*init)(void*);
38 uint8_t key[MAX_BLOCKLEN];
39 int keylen;
40 };
41
42 #define DEFINE_SHA(bits) \
43 static av_cold void sha ## bits ##_init(void *ctx) \
44 { \
45 av_sha_init(ctx, bits); \
46 }
47
48 DEFINE_SHA(160)
49 DEFINE_SHA(224)
50 DEFINE_SHA(256)
51
52 AVHMAC *av_hmac_alloc(enum AVHMACType type)
53 {
54 AVHMAC *c = av_mallocz(sizeof(*c));
55 if (!c)
56 return NULL;
57 switch (type) {
58 case AV_HMAC_MD5:
59 c->blocklen = 64;
60 c->hashlen = 16;
61 c->init = av_md5_init;
62 c->update = av_md5_update;
63 c->final = av_md5_final;
64 c->hash = av_md5_alloc();
65 break;
66 case AV_HMAC_SHA1:
67 c->blocklen = 64;
68 c->hashlen = 20;
69 c->init = sha160_init;
70 c->update = av_sha_update;
71 c->final = av_sha_final;
72 c->hash = av_sha_alloc();
73 break;
74 case AV_HMAC_SHA224:
75 c->blocklen = 64;
76 c->hashlen = 28;
77 c->init = sha224_init;
78 c->update = av_sha_update;
79 c->final = av_sha_final;
80 c->hash = av_sha_alloc();
81 break;
82 case AV_HMAC_SHA256:
83 c->blocklen = 64;
84 c->hashlen = 32;
85 c->init = sha256_init;
86 c->update = av_sha_update;
87 c->final = av_sha_final;
88 c->hash = av_sha_alloc();
89 break;
90 default:
91 av_free(c);
92 return NULL;
93 }
94 if (!c->hash) {
95 av_free(c);
96 return NULL;
97 }
98 return c;
99 }
100
101 void av_hmac_free(AVHMAC *c)
102 {
103 if (!c)
104 return;
105 av_free(c->hash);
106 av_free(c);
107 }
108
109 void av_hmac_init(AVHMAC *c, const uint8_t *key, unsigned int keylen)
110 {
111 int i;
112 uint8_t block[MAX_BLOCKLEN];
113 if (keylen > c->blocklen) {
114 c->init(c->hash);
115 c->update(c->hash, key, keylen);
116 c->final(c->hash, c->key);
117 c->keylen = c->hashlen;
118 } else {
119 memcpy(c->key, key, keylen);
120 c->keylen = keylen;
121 }
122 c->init(c->hash);
123 for (i = 0; i < c->keylen; i++)
124 block[i] = c->key[i] ^ 0x36;
125 for (i = c->keylen; i < c->blocklen; i++)
126 block[i] = 0x36;
127 c->update(c->hash, block, c->blocklen);
128 }
129
130 void av_hmac_update(AVHMAC *c, const uint8_t *data, unsigned int len)
131 {
132 c->update(c->hash, data, len);
133 }
134
135 int av_hmac_final(AVHMAC *c, uint8_t *out, unsigned int outlen)
136 {
137 uint8_t block[MAX_BLOCKLEN];
138 int i;
139 if (outlen < c->hashlen)
140 return AVERROR(EINVAL);
141 c->final(c->hash, out);
142 c->init(c->hash);
143 for (i = 0; i < c->keylen; i++)
144 block[i] = c->key[i] ^ 0x5C;
145 for (i = c->keylen; i < c->blocklen; i++)
146 block[i] = 0x5C;
147 c->update(c->hash, block, c->blocklen);
148 c->update(c->hash, out, c->hashlen);
149 c->final(c->hash, out);
150 return c->hashlen;
151 }
152
153 int av_hmac_calc(AVHMAC *c, const uint8_t *data, unsigned int len,
154 const uint8_t *key, unsigned int keylen,
155 uint8_t *out, unsigned int outlen)
156 {
157 av_hmac_init(c, key, keylen);
158 av_hmac_update(c, data, len);
159 return av_hmac_final(c, out, outlen);
160 }
161
162 #ifdef TEST
163 #include <stdio.h>
164
165 static void test(AVHMAC *hmac, const uint8_t *key, int keylen,
166 const uint8_t *data, int datalen)
167 {
168 uint8_t buf[MAX_HASHLEN];
169 int out, i;
170 // Some of the test vectors are strings, where sizeof() includes the
171 // trailing null byte - remove that.
172 if (!key[keylen - 1])
173 keylen--;
174 if (!data[datalen - 1])
175 datalen--;
176 out = av_hmac_calc(hmac, data, datalen, key, keylen, buf, sizeof(buf));
177 for (i = 0; i < out; i++)
178 printf("%02x", buf[i]);
179 printf("\n");
180 }
181
182 int main(void)
183 {
184 uint8_t key1[20], key3[131], data3[50];
185 enum AVHMACType i = AV_HMAC_SHA224;
186 const uint8_t key2[] = "Jefe";
187 const uint8_t data1[] = "Hi There";
188 const uint8_t data2[] = "what do ya want for nothing?";
189 const uint8_t data4[] = "Test Using Larger Than Block-Size Key - Hash Key First";
190 const uint8_t data5[] = "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data";
191 const uint8_t data6[] = "This is a test using a larger than block-size key and a larger "
192 "than block-size data. The key needs to be hashed before being used"
193 " by the HMAC algorithm.";
194 AVHMAC *hmac = av_hmac_alloc(AV_HMAC_MD5);
195 if (!hmac)
196 return 1;
197 memset(key1, 0x0b, sizeof(key1));
198 memset(key3, 0xaa, sizeof(key3));
199 memset(data3, 0xdd, sizeof(data3));
200 // RFC 2202 test vectors
201 test(hmac, key1, 16, data1, sizeof(data1));
202 test(hmac, key2, sizeof(key2), data2, sizeof(data2));
203 test(hmac, key3, 16, data3, sizeof(data3));
204 test(hmac, key3, 80, data4, sizeof(data4));
205 test(hmac, key3, 80, data5, sizeof(data5));
206 av_hmac_free(hmac);
207
208 /* SHA-1 */
209 hmac = av_hmac_alloc(AV_HMAC_SHA1);
210 if (!hmac)
211 return 1;
212 // RFC 2202 test vectors
213 test(hmac, key1, sizeof(key1), data1, sizeof(data1));
214 test(hmac, key2, sizeof(key2), data2, sizeof(data2));
215 test(hmac, key3, 20, data3, sizeof(data3));
216 test(hmac, key3, 80, data4, sizeof(data4));
217 test(hmac, key3, 80, data5, sizeof(data5));
218 av_hmac_free(hmac);
219
220 /* SHA-2 */
221 while (i <= AV_HMAC_SHA256) {
222 hmac = av_hmac_alloc(i);
223 // RFC 4231 test vectors
224 test(hmac, key1, sizeof(key1), data1, sizeof(data1));
225 test(hmac, key2, sizeof(key2), data2, sizeof(data2));
226 test(hmac, key3, 20, data3, sizeof(data3));
227 test(hmac, key3, sizeof(key3), data4, sizeof(data4));
228 test(hmac, key3, sizeof(key3), data6, sizeof(data6));
229 av_hmac_free(hmac);
230 i++;
231 }
232 return 0;
233 }
234 #endif /* TEST */