From 45f8c29307d7f223a8225a994c3eac1b5b778113 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Apr 20 2009 14:00:13 +0000 Subject: Merge branch 'master' of git.fedoraproject.org:/git/hmaccalc --- diff --git a/Makefile.am b/Makefile.am index 68b43c0..5cd6245 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,5 +1,5 @@ EXTRA_DIST = hmaccalc.spec LICENSE README -SUBDIRS = src +SUBDIRS = src test VERSION=$(shell rpm -q --specfile $(top_srcdir)/hmaccalc.spec --qf '%{version}\n' | head -n1) RELEASE=$(shell rpm -q --specfile $(top_srcdir)/hmaccalc.spec --qf '%{release}\n' | head -n1) diff --git a/configure.ac b/configure.ac index e8eccdc..34d76f8 100644 --- a/configure.ac +++ b/configure.ac @@ -1,15 +1,27 @@ -AC_INIT(hmaccalc,0.9.5) +AC_INIT(hmaccalc,0.9.6) AM_INIT_AUTOMAKE(foreign) AC_PROG_CC PKG_CHECK_MODULES(NSS,nss) AC_CONFIG_HEADER(src/config.h) + +mybindir=`eval echo "$bindir" | sed s,^NONE,"$prefix",` +mybindir=`eval echo "$mybindir" | sed s,^NONE,"$ac_default_prefix",` + CHECK_DIRECTORY= AC_ARG_ENABLE(sum-directory, AS_HELP_STRING([--enable-sum-directory=],[directory in which the binary's checksum file can be found (default is the same as the binary)]), if test x$enableval != xno ; then - CHECK_DIRECTORY="$enableval" - CHECK_DIRECTORY_OR_BINDIR="$enableval" + if test x$enableval != xyes ; then + # a specific choice + CHECK_DIRECTORY="$enableval" + CHECK_DIRECTORY_OR_BINDIR="$enableval" + else + # "yes" + CHECK_DIRECTORY="$mybindir" + CHECK_DIRECTORY_OR_BINDIR='$(bindir)' + fi else + # "no" CHECK_DIRECTORY= CHECK_DIRECTORY_OR_BINDIR='$(bindir)' fi, @@ -35,6 +47,25 @@ AC_SUBST(CHECK_DIRECTORY) AC_SUBST(CHECK_DIRECTORY_OR_BINDIR) AC_SUBST(CHECK_PREFIX) AC_SUBST(CHECK_SUFFIX) +AC_ARG_ENABLE(non-fips, + AS_HELP_STRING([--enable-non-fips],[enable md2/md4/md5 variations]), + if test x$enableval != xno ; then + NON_FIPS=true + FIPS_MAN=".\\\" " + NON_FIPS_MAN= + else + NON_FIPS=false + FIPS_MAN= + NON_FIPS_MAN=".\\\" " + fi, + NON_FIPS=false + FIPS_MAN= + NON_FIPS_MAN=".\\\" " +) +AM_CONDITIONAL(NON_FIPS,test x$NON_FIPS = xtrue) +AC_SUBST(FIPS_MAN) +AC_SUBST(NON_FIPS_MAN) + AC_DEFINE_UNQUOTED(CHECK_DIRECTORY,"$CHECK_DIRECTORY",[Define to the directory which contains the hmac for a binary.]) AC_DEFINE_UNQUOTED(CHECK_PREFIX,"$CHECK_PREFIX",[Define to the prefix which contains the hmac for a binary.]) AC_DEFINE_UNQUOTED(CHECK_SUFFIX,"$CHECK_SUFFIX",[Define to the suffix which contains the hmac for a binary.]) @@ -43,4 +74,4 @@ AC_DEFINE(PATHSEP,':',[Define to the character which separates portions of the P DEFAULT_CONFIG_DIR=/etc/pki/nssdb AC_DEFINE_UNQUOTED(DEFAULT_CONFIG_DIR,"$DEFAULT_CONFIG_DIR",[Define to the default location of the NSS configuration directory.]) AC_SUBST(DEFAULT_CONFIG_DIR) -AC_OUTPUT(Makefile src/Makefile src/sha512hmac.8) +AC_OUTPUT(Makefile src/Makefile src/sha512hmac.8 test/Makefile) diff --git a/hmaccalc.spec b/hmaccalc.spec index a489fb5..23dcc45 100644 --- a/hmaccalc.spec +++ b/hmaccalc.spec @@ -12,7 +12,7 @@ %{nil} Name: hmaccalc -Version: 0.9.5 +Version: 0.9.6 Release: 1%{?dist} Summary: Tools for computing and checking HMAC values for files @@ -43,6 +43,9 @@ make install DESTDIR=$RPM_BUILD_ROOT %clean rm -rf $RPM_BUILD_ROOT +%check +make check + %files %defattr(-,root,root,-) %doc README LICENSE @@ -58,6 +61,11 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/*/* %changelog +* Wed Apr 8 2009 Nalin Dahyabhai 0.9.6-1 +- fix 'make check' by using binaries built with a different path for their + own check files +- add a non-fips compile-time option, which we don't use + * Mon Mar 30 2009 Nalin Dahyabhai - handle '-' as indicating that stdin should be used for the input file diff --git a/src/Makefile.am b/src/Makefile.am index 0c45d87..18f5696 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,9 +1,12 @@ AM_CFLAGS = @NSS_CFLAGS@ LDADD = @NSS_LIBS@ -noinst_PROGRAMS = hmac run-test +noinst_PROGRAMS = hmac bin_PROGRAMS = sha512hmac sha384hmac sha256hmac sha1hmac man_MANS = sha512hmac.8 $(srcdir)/sha384hmac.8 $(srcdir)/sha256hmac.8 $(srcdir)/sha1hmac.8 -EXTRA_DIST = sha512hmac.8.in sha384hmac.8 sha256hmac.8 sha1hmac.8 run-tests.sh +EXTRA_DIST = sha512hmac.8.in sha384hmac.8 sha256hmac.8 sha1hmac.8 \ + md5hmac.8 md4hmac.8 md2hmac.8 + +HERE_CFLAGS = -DMAKE_CHECK_DIRECTORY=\"$(abs_builddir)\" sumdir = @CHECK_DIRECTORY_OR_BINDIR@ sum_DATA = \ @@ -12,7 +15,7 @@ sum_DATA = \ @CHECK_PREFIX@sha256hmac.@CHECK_SUFFIX@ \ @CHECK_PREFIX@sha1hmac.@CHECK_SUFFIX@ noinst_DATA = @CHECK_PREFIX@hmac.@CHECK_SUFFIX@ -CLEANFILES = $(sum_DATA) $(noinst_DATA) +CLEANFILES = $(sum_DATA) $(noinst_DATA) $(non_fips_programs) $(non_fips_data) @CHECK_PREFIX@sha512hmac.@CHECK_SUFFIX@: sha512hmac $(builddir)/$^ -S > $(builddir)/$@ @CHECK_PREFIX@sha384hmac.@CHECK_SUFFIX@: sha384hmac @@ -24,5 +27,21 @@ CLEANFILES = $(sum_DATA) $(noinst_DATA) @CHECK_PREFIX@hmac.@CHECK_SUFFIX@: hmac $(builddir)/$^ -S > $(builddir)/$@ -check: - $(builddir)/run-tests.sh $(builddir) +non_fips_programs = md5hmac md4hmac md2hmac +non_fips_data = \ + @CHECK_PREFIX@md5hmac.@CHECK_SUFFIX@ \ + @CHECK_PREFIX@md4hmac.@CHECK_SUFFIX@ \ + @CHECK_PREFIX@md2hmac.@CHECK_SUFFIX@ +@CHECK_PREFIX@md5hmac.@CHECK_SUFFIX@: md5hmac + $(builddir)/$^ -S > $(builddir)/$@ +@CHECK_PREFIX@md4hmac.@CHECK_SUFFIX@: md4hmac + $(builddir)/$^ -S > $(builddir)/$@ +@CHECK_PREFIX@md2hmac.@CHECK_SUFFIX@: md2hmac + $(builddir)/$^ -S > $(builddir)/$@ + +if NON_FIPS +AM_CFLAGS += -DNON_FIPS=1 +bin_PROGRAMS += $(non_fips_programs) +sum_DATA += $(non_fips_data) +man_MANS += $(srcdir)/md5hmac.8 $(srcdir)/md4hmac.8 $(srcdir)/md2hmac.8 +endif diff --git a/src/hmac.c b/src/hmac.c index e1b4ec0..10b0235 100644 --- a/src/hmac.c +++ b/src/hmac.c @@ -124,7 +124,7 @@ prepare_key_file(const char *keyopt, SECOidTag tag, unsigned int length, total; FILE *fp; PK11Context *ctx; - char buf[BUFSIZ]; + unsigned char buf[BUFSIZ]; SECStatus status; fp = fopen(keyopt, "r"); @@ -203,7 +203,8 @@ compute_one(const char *filename, int unprelink, struct hashinfo *algorithm, { SECStatus status; PK11Context *ctx; - unsigned char buf[BUFSIZ], tempfile[PATH_MAX]; + unsigned char buf[BUFSIZ]; + char tempfile[PATH_MAX]; FILE *fp; size_t n; int pfd[2], tempfd; @@ -390,6 +391,7 @@ compute_one(const char *filename, int unprelink, struct hashinfo *algorithm, return SECSuccess; } +#ifndef NON_FIPS static SECStatus enable_fips(void) { @@ -413,6 +415,7 @@ enable_fips(void) } } } +#endif #ifdef CHECK_SUFFIX /* Build the name of the file, based on a (possibly relative) filename, which @@ -421,11 +424,15 @@ static char * build_sum_filename(const char *path) { char *name; +#ifdef MAKE_CHECK_DIRECTORY + const char *directory = MAKE_CHECK_DIRECTORY; +#else #ifdef CHECK_DIRECTORY const char *directory = CHECK_DIRECTORY; #else const char *directory = NULL; #endif +#endif const char *p, *q; char cwd[PATH_MAX]; name = NULL; @@ -493,7 +500,7 @@ build_sum_filename(const char *path) static void truncate_hex(char *hex, int bits) { - unsigned int term, final, val; + unsigned int term, final; const char hexchars[] = "00112233445566778899aAbBcCdDeEfF", *p; term = howmany(bits, 4); hex[term] = '\0'; @@ -724,12 +731,14 @@ main(int argc, char **argv) fprintf(stderr, "Error initializing NSS.\n"); exit(status); } +#ifndef NON_FIPS status = enable_fips(); if (status != SECSuccess) { fprintf(stderr, "Error ensuring FIPS mode.\n"); NSS_Shutdown(); exit(status); } +#endif /* Allocate space to store the result. (This will be used as temporary * storage for the on-disk sum of this binary, and if we're computing @@ -886,8 +895,9 @@ main(int argc, char **argv) fclose(fp); /* Compare the just-read value to the just-computed * value. */ - if (strncasecmp(result, hex_result, - default_algorithm->digestsize) != 0) { + if (strncasecmp((const char *) result, + hex_result, + default_algorithm->digestsize * 2) != 0) { fprintf(stderr, "SELF TEST FAILED (%s)\n", filename); free(filename); diff --git a/src/md2hmac.8 b/src/md2hmac.8 new file mode 100644 index 0000000..bfd8ff2 --- /dev/null +++ b/src/md2hmac.8 @@ -0,0 +1 @@ +.so man8/sha512hmac.8 diff --git a/src/md2hmac.c b/src/md2hmac.c new file mode 100644 index 0000000..2ab833b --- /dev/null +++ b/src/md2hmac.c @@ -0,0 +1,2 @@ +#define DEFAULT_HASH "md2" +#include "hmac.c" diff --git a/src/md4hmac.8 b/src/md4hmac.8 new file mode 100644 index 0000000..bfd8ff2 --- /dev/null +++ b/src/md4hmac.8 @@ -0,0 +1 @@ +.so man8/sha512hmac.8 diff --git a/src/md4hmac.c b/src/md4hmac.c new file mode 100644 index 0000000..5b54eae --- /dev/null +++ b/src/md4hmac.c @@ -0,0 +1,2 @@ +#define DEFAULT_HASH "md4" +#include "hmac.c" diff --git a/src/md5hmac.8 b/src/md5hmac.8 new file mode 100644 index 0000000..bfd8ff2 --- /dev/null +++ b/src/md5hmac.8 @@ -0,0 +1 @@ +.so man8/sha512hmac.8 diff --git a/src/md5hmac.c b/src/md5hmac.c new file mode 100644 index 0000000..e315c27 --- /dev/null +++ b/src/md5hmac.c @@ -0,0 +1,2 @@ +#define DEFAULT_HASH "md5" +#include "hmac.c" diff --git a/src/run-test.c b/src/run-test.c deleted file mode 100644 index ce3c7ed..0000000 --- a/src/run-test.c +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Copyright 2009 Red Hat, Inc. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN - * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF - * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include -#include -#include -#include -#include -#include - -int -main(int argc, char **argv) -{ - const char *tool, *key, *data, *result, *p; - const char digits[] = "00112233445566778899aAbBcCdDeEfF"; - char keyfile[PATH_MAX], datafile[PATH_MAX], checkfile[PATH_MAX], - cmd[PATH_MAX * 4 + 4], *truncate; - int fd, status, i; - unsigned char c; - FILE *fp; - if (argc < 4) { - printf("Incorrect invocation.\n"); - exit(1); - } - tool = argv[1]; - key = argv[2]; - data = argv[3]; - result = argv[4]; - truncate = argv[5]; /* either NULL or a value */ - strcpy(keyfile, "keyXXXXXX"); - fd = mkstemp(keyfile); - if (fd == -1) { - printf("Error creating temporary file.\n"); - exit(1); - } - close(fd); - strcpy(datafile, "dataXXXXXX"); - fd = mkstemp(datafile); - if (fd == -1) { - printf("Error creating temporary file.\n"); - unlink(keyfile); - exit(1); - } - close(fd); - strcpy(checkfile, "checkXXXXXX"); - fd = mkstemp(checkfile); - if (fd == -1) { - printf("Error creating temporary file.\n"); - unlink(keyfile); - unlink(datafile); - exit(1); - } - close(fd); - fp = fopen(keyfile, "w"); - if (strncmp(key, "0x", 2) == 0) { - for (i = 2, c = 0; key[i] != '\0'; i++) { - p = strchr(digits, key[i]); - if ((i % 2) == 1) { - c <<= 4; - } - if (p != NULL) { - c |= ((p - digits) / 2); - } - if ((i % 2) == 1) { - fputc(c, fp); - c = 0; - } - } - } else { - fprintf(fp, "%s", key); - } - fflush(fp); - fsync(fileno(fp)); - fclose(fp); - fp = fopen(datafile, "w"); - if (strncmp(data, "0x", 2) == 0) { - for (i = 2, c = 0; data[i] != '\0'; i++) { - p = strchr(digits, data[i]); - if ((i % 2) == 1) { - c <<= 4; - } - if (p != NULL) { - c |= ((p - digits) / 2); - } - if ((i % 2) == 1) { - fputc(c, fp); - c = 0; - } - } - } else { - fprintf(fp, "%s", data); - } - fflush(fp); - fsync(fileno(fp)); - fclose(fp); - if (strncmp(result, "0x", 2) == 0) { - fp = fopen(checkfile, "w"); - fprintf(fp, "%s %s\n", result + 2, datafile); - fflush(fp); - fsync(fileno(fp)); - fclose(fp); - } else { - printf("Error writing expected result to temporary file.\n"); - status = 1; - goto finish; - } - sprintf(cmd, "%s -q -k \"%s\" -c \"%s\" %s %s", - tool, keyfile, checkfile, - truncate ? "-t" : "", truncate ? truncate : ""); - status = system(cmd); -finish: - unlink(keyfile); - unlink(datafile); - unlink(checkfile); - return status ? 1 : 0; -} diff --git a/src/run-tests.sh b/src/run-tests.sh deleted file mode 100755 index f2e66b3..0000000 --- a/src/run-tests.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/sh -e -# Depends on having been built with --disable-sum-directory. -PATH=${1:-`pwd`}:"$PATH" -# RFC 2202, section 3, #1 -run-test sha1hmac 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0xb617318655057264e28bc0b6fb378c8ef146be00 -# RFC 2202, section 3, #2 -run-test sha1hmac "Jefe" "what do ya want for nothing?" 0xeffcdf6ae5eb2fa2d27416d5f184df9c259a7c79 -# RFC 2202, section 3, #3 -run-test sha1hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd 0x125d7342b9ac11cd91a39af48aa17b4f63f175d3 -# RFC 2202, section 3, #4 -run-test sha1hmac 0x0102030405060708090a0b0c0d0e0f10111213141516171819 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd 0x4c9007f4026250c6bc8414f9bf50c86c2d7235da -# RFC 2202, section 3, #5 -run-test sha1hmac 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c "Test With Truncation" 0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04 -# RFC 2202, section 3, #6 -run-test sha1hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa "Test Using Larger Than Block-Size Key - Hash Key First" 0xaa4ae5e15272d00e95705637ce8a3b55ed402112 -# RFC 2202, section 3, #7 -run-test sha1hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" 0xe8e99d0f45237d786d6bbaa7965c7808bbff1a91 -# RFC 4231, section 4.2 -run-test sha256hmac 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0xb0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7 -run-test sha384hmac 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0xafd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6 -run-test sha512hmac 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0x87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854 -# RFC 4231, section 4.3 -run-test sha256hmac "Jefe" "what do ya want for nothing?" 0x5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843 -run-test sha384hmac "Jefe" "what do ya want for nothing?" 0xaf45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649 -run-test sha512hmac "Jefe" "what do ya want for nothing?" 0x164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737 -# RFC 4231, section 4.4 -run-test sha256hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd 0x773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe -run-test sha384hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd 0x88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27 -run-test sha512hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd 0xfa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb -# RFC 4231, section 4.5 -run-test sha256hmac 0x0102030405060708090a0b0c0d0e0f10111213141516171819 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd 0x82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b -run-test sha384hmac 0x0102030405060708090a0b0c0d0e0f10111213141516171819 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd 0x3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb -run-test sha512hmac 0x0102030405060708090a0b0c0d0e0f10111213141516171819 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd 0xb0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd -# RFC 4231, section 4.6 -run-test sha256hmac 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c 0x546573742057697468205472756e636174696f6e 0xa3b6167473100ee06e0c796c2955552b 128 -run-test sha384hmac 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c 0x546573742057697468205472756e636174696f6e 0x3abf34c3503b2a23a46efc619baef897 128 -run-test sha512hmac 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c 0x546573742057697468205472756e636174696f6e 0x415fad6271580a531d4179bc891d87a6 128 -# RFC 4231, section 4.7 -run-test sha256hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374 0x60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54 -run-test sha384hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374 0x4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952 -run-test sha512hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374 0x80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598 -# RFC 4231, section 4.8 -run-test sha256hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e 0x9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2 -run-test sha384hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e 0x6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e -run-test sha512hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e 0xe37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58 -echo OK diff --git a/src/sha512hmac.8.in b/src/sha512hmac.8.in index 3933d18..bffe922 100644 --- a/src/sha512hmac.8.in +++ b/src/sha512hmac.8.in @@ -1,4 +1,4 @@ -.TH sha512hmac 8 2009/03/19 "Red Hat Linux" "System Administrator's Manual" +.TH sha512hmac 8 2009/03/19 "hmaccalc @VERSION@" "System Administrator's Manual" .SH NAME sha512hmac \- compute and check HMAC values @@ -9,8 +9,11 @@ sha512hmac [OPTIONS] [-u | -k keyfile | -K key] [-c file [-q] | file [...] ] .SH DESCRIPTION The \fIsha512hmac\fP command can compute and/or verify HMAC and unkeyed checksum values for the contents of files. Variations such as -\fIsha384hmac\fP, \fIsha256hmac\fP, and \fIsha1hmac\fP all operate similarly -except for using different digest algorithms. +\fIsha384hmac\fP, \fIsha256hmac\fP, +@FIPS_MAN@and \fIsha1hmac\fP +@NON_FIPS_MAN@ \fIsha1hmac\fP, \fImd5hmac\fP, \fImd4hmac\fP, and \fImd2hmac\fP +all operate similarly +except that they use different digest algorithms. .SH SELF-TEST As a safety measure, the tool will always attempt to verify a previously- @@ -68,6 +71,9 @@ Attempt to pass all input files through \fIprelink -y\fP before processing their contents. The tool always attempts to do so when computing or performing a self-check. +@NON_FIPS_MAN@.SH WARNING +@NON_FIPS_MAN@Calculations are not performed in a FIPS-compliant mode. + .SH EXAMPLES Example output from \fIsha1hmac\fP, for files on the developer's system: e64db5e8a9b8a40091e5302fa4de0bfc6c5d19d0 /etc/passwd @@ -80,9 +86,9 @@ Example output from \fIsha1hmac\fP, for files on the developer's system: .br .SH BUGS -Probably, but let's hope not. If you find any, please either file them in the -bug database at http://bugzilla.redhat.com/ against the "hmaccalc" component, -or in the trac instance at https://fedorahosted.org/hmaccalc/. +Probably, but let's hope not. If you find any, please either report them in +the bug database at http://bugzilla.redhat.com/ against the "hmaccalc" +component, or in the trac instance at https://fedorahosted.org/hmaccalc/. .SH AUTHOR Nalin Dahyabhai diff --git a/test/Makefile.am b/test/Makefile.am new file mode 100644 index 0000000..779159a --- /dev/null +++ b/test/Makefile.am @@ -0,0 +1,23 @@ +AM_CFLAGS = @NSS_CFLAGS@ -DMAKE_CHECK_DIRECTORY=\"$(abs_builddir)\" +LDADD = @NSS_LIBS@ + +EXTRA_DIST = $(check_SCRIPTS) +check_SCRIPTS = run-tests.sh +check_PROGRAMS = run-test sha512hmac sha384hmac sha256hmac sha1hmac + +check_DATA = \ + @CHECK_PREFIX@sha512hmac.@CHECK_SUFFIX@ \ + @CHECK_PREFIX@sha384hmac.@CHECK_SUFFIX@ \ + @CHECK_PREFIX@sha256hmac.@CHECK_SUFFIX@ \ + @CHECK_PREFIX@sha1hmac.@CHECK_SUFFIX@ +@CHECK_PREFIX@sha512hmac.@CHECK_SUFFIX@: sha512hmac + $(builddir)/$^ -S > $(builddir)/$@ +@CHECK_PREFIX@sha384hmac.@CHECK_SUFFIX@: sha384hmac + $(builddir)/$^ -S > $(builddir)/$@ +@CHECK_PREFIX@sha256hmac.@CHECK_SUFFIX@: sha256hmac + $(builddir)/$^ -S > $(builddir)/$@ +@CHECK_PREFIX@sha1hmac.@CHECK_SUFFIX@: sha1hmac + $(builddir)/$^ -S > $(builddir)/$@ + +check: + $(builddir)/run-tests.sh $(builddir) diff --git a/test/run-test.c b/test/run-test.c new file mode 100644 index 0000000..ce3c7ed --- /dev/null +++ b/test/run-test.c @@ -0,0 +1,145 @@ +/* + * Copyright 2009 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, and the entire permission notice in its entirety, + * including the disclaimer of warranties. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior + * written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN + * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include +#include +#include +#include +#include +#include + +int +main(int argc, char **argv) +{ + const char *tool, *key, *data, *result, *p; + const char digits[] = "00112233445566778899aAbBcCdDeEfF"; + char keyfile[PATH_MAX], datafile[PATH_MAX], checkfile[PATH_MAX], + cmd[PATH_MAX * 4 + 4], *truncate; + int fd, status, i; + unsigned char c; + FILE *fp; + if (argc < 4) { + printf("Incorrect invocation.\n"); + exit(1); + } + tool = argv[1]; + key = argv[2]; + data = argv[3]; + result = argv[4]; + truncate = argv[5]; /* either NULL or a value */ + strcpy(keyfile, "keyXXXXXX"); + fd = mkstemp(keyfile); + if (fd == -1) { + printf("Error creating temporary file.\n"); + exit(1); + } + close(fd); + strcpy(datafile, "dataXXXXXX"); + fd = mkstemp(datafile); + if (fd == -1) { + printf("Error creating temporary file.\n"); + unlink(keyfile); + exit(1); + } + close(fd); + strcpy(checkfile, "checkXXXXXX"); + fd = mkstemp(checkfile); + if (fd == -1) { + printf("Error creating temporary file.\n"); + unlink(keyfile); + unlink(datafile); + exit(1); + } + close(fd); + fp = fopen(keyfile, "w"); + if (strncmp(key, "0x", 2) == 0) { + for (i = 2, c = 0; key[i] != '\0'; i++) { + p = strchr(digits, key[i]); + if ((i % 2) == 1) { + c <<= 4; + } + if (p != NULL) { + c |= ((p - digits) / 2); + } + if ((i % 2) == 1) { + fputc(c, fp); + c = 0; + } + } + } else { + fprintf(fp, "%s", key); + } + fflush(fp); + fsync(fileno(fp)); + fclose(fp); + fp = fopen(datafile, "w"); + if (strncmp(data, "0x", 2) == 0) { + for (i = 2, c = 0; data[i] != '\0'; i++) { + p = strchr(digits, data[i]); + if ((i % 2) == 1) { + c <<= 4; + } + if (p != NULL) { + c |= ((p - digits) / 2); + } + if ((i % 2) == 1) { + fputc(c, fp); + c = 0; + } + } + } else { + fprintf(fp, "%s", data); + } + fflush(fp); + fsync(fileno(fp)); + fclose(fp); + if (strncmp(result, "0x", 2) == 0) { + fp = fopen(checkfile, "w"); + fprintf(fp, "%s %s\n", result + 2, datafile); + fflush(fp); + fsync(fileno(fp)); + fclose(fp); + } else { + printf("Error writing expected result to temporary file.\n"); + status = 1; + goto finish; + } + sprintf(cmd, "%s -q -k \"%s\" -c \"%s\" %s %s", + tool, keyfile, checkfile, + truncate ? "-t" : "", truncate ? truncate : ""); + status = system(cmd); +finish: + unlink(keyfile); + unlink(datafile); + unlink(checkfile); + return status ? 1 : 0; +} diff --git a/test/run-tests.sh b/test/run-tests.sh new file mode 100755 index 0000000..f2e66b3 --- /dev/null +++ b/test/run-tests.sh @@ -0,0 +1,46 @@ +#!/bin/sh -e +# Depends on having been built with --disable-sum-directory. +PATH=${1:-`pwd`}:"$PATH" +# RFC 2202, section 3, #1 +run-test sha1hmac 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0xb617318655057264e28bc0b6fb378c8ef146be00 +# RFC 2202, section 3, #2 +run-test sha1hmac "Jefe" "what do ya want for nothing?" 0xeffcdf6ae5eb2fa2d27416d5f184df9c259a7c79 +# RFC 2202, section 3, #3 +run-test sha1hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd 0x125d7342b9ac11cd91a39af48aa17b4f63f175d3 +# RFC 2202, section 3, #4 +run-test sha1hmac 0x0102030405060708090a0b0c0d0e0f10111213141516171819 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd 0x4c9007f4026250c6bc8414f9bf50c86c2d7235da +# RFC 2202, section 3, #5 +run-test sha1hmac 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c "Test With Truncation" 0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04 +# RFC 2202, section 3, #6 +run-test sha1hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa "Test Using Larger Than Block-Size Key - Hash Key First" 0xaa4ae5e15272d00e95705637ce8a3b55ed402112 +# RFC 2202, section 3, #7 +run-test sha1hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" 0xe8e99d0f45237d786d6bbaa7965c7808bbff1a91 +# RFC 4231, section 4.2 +run-test sha256hmac 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0xb0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7 +run-test sha384hmac 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0xafd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6 +run-test sha512hmac 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0x87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854 +# RFC 4231, section 4.3 +run-test sha256hmac "Jefe" "what do ya want for nothing?" 0x5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843 +run-test sha384hmac "Jefe" "what do ya want for nothing?" 0xaf45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649 +run-test sha512hmac "Jefe" "what do ya want for nothing?" 0x164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737 +# RFC 4231, section 4.4 +run-test sha256hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd 0x773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe +run-test sha384hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd 0x88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27 +run-test sha512hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd 0xfa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb +# RFC 4231, section 4.5 +run-test sha256hmac 0x0102030405060708090a0b0c0d0e0f10111213141516171819 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd 0x82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b +run-test sha384hmac 0x0102030405060708090a0b0c0d0e0f10111213141516171819 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd 0x3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb +run-test sha512hmac 0x0102030405060708090a0b0c0d0e0f10111213141516171819 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd 0xb0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd +# RFC 4231, section 4.6 +run-test sha256hmac 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c 0x546573742057697468205472756e636174696f6e 0xa3b6167473100ee06e0c796c2955552b 128 +run-test sha384hmac 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c 0x546573742057697468205472756e636174696f6e 0x3abf34c3503b2a23a46efc619baef897 128 +run-test sha512hmac 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c 0x546573742057697468205472756e636174696f6e 0x415fad6271580a531d4179bc891d87a6 128 +# RFC 4231, section 4.7 +run-test sha256hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374 0x60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54 +run-test sha384hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374 0x4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952 +run-test sha512hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374 0x80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598 +# RFC 4231, section 4.8 +run-test sha256hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e 0x9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2 +run-test sha384hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e 0x6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e +run-test sha512hmac 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0x5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e 0xe37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58 +echo OK