From acbcb8f7e37b1c0ff872fdbb74df7de690bc2c6f Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Sun, 14 Aug 2011 09:27:45 +0200 Subject: [PATCH] hmac: Implementation of HMAC in glib This implements g_hmac_xxx() functionality using the standard checksum functions supported by glib. HMAC is a secure way to hash a key and a password. Many other approaches fraught with append and prepend issues. Includes test cases defined in relevant RFCs https://bugzilla.gnome.org/show_bug.cgi?id=652480 --- docs/reference/glib/glib-sections.txt | 16 ++ glib/Makefile.am | 2 + glib/ghmac.c | 388 ++++++++++++++++++++++++++++++++++ glib/ghmac.h | 71 +++++++ glib/glib.h | 1 + glib/glib.symbols | 9 + glib/tests/.gitignore | 1 + glib/tests/Makefile.am | 3 + glib/tests/hmac.c | 268 +++++++++++++++++++++++ 9 files changed, 759 insertions(+) create mode 100644 glib/ghmac.c create mode 100644 glib/ghmac.h create mode 100644 glib/tests/hmac.c diff --git a/docs/reference/glib/glib-sections.txt b/docs/reference/glib/glib-sections.txt index 853c793..62a3071 100644 --- a/docs/reference/glib/glib-sections.txt +++ b/docs/reference/glib/glib-sections.txt @@ -2829,6 +2829,22 @@ g_compute_checksum_for_string
+Data HMACs +hmac +GHmac +g_hmac_new +g_hmac_copy +g_hmac_ref +g_hmac_unref +g_hmac_update +g_hmac_get_string +g_hmac_get_digest + +g_compute_hmac_for_data +g_compute_hmac_for_string +
+ +
Testing testing g_test_minimized_result diff --git a/glib/Makefile.am b/glib/Makefile.am index 3823caf..1703277 100644 --- a/glib/Makefile.am +++ b/glib/Makefile.am @@ -135,6 +135,7 @@ libglib_2_0_la_SOURCES = \ gerror.c \ gfileutils.c \ ghash.c \ + ghmac.c \ ghook.c \ ghostutils.c \ giochannel.c \ @@ -243,6 +244,7 @@ glibsubinclude_HEADERS = \ gerror.h \ gfileutils.h \ ghash.h \ + ghmac.h \ ghook.h \ ghostutils.h \ gi18n.h \ diff --git a/glib/ghmac.c b/glib/ghmac.c new file mode 100644 index 0000000..617a5b2 --- /dev/null +++ b/glib/ghmac.c @@ -0,0 +1,388 @@ +/* ghmac.h - data hashing functions + * + * Copyright (C) 2011 Collabora Ltd. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + * + * Author: Stef Walter + */ + +#include "config.h" + +#include + +#include "ghmac.h" + +#include "glib/galloca.h" +#include "gatomic.h" +#include "gmem.h" +#include "gstrfuncs.h" +#include "gtestutils.h" +#include "gtypes.h" +#include "glibintl.h" + + +/** + * SECTION:hmac + * @title: Secure HMAC Digests + * @short_description: Computes the HMAC for data + * + * HMACs should be used when producing a cookie or hash based on data and a key. + * Simple mechanisms for using SHA1 and other algorithms to digest a key and + * data together are vulnerable to various security issues. HMAC uses algorithms + * like SHA1 in a secure way to produce a digest of a key and data. + * + * Both the key and data are arbitrary byte arrays of bytes or characters. + * + * Support for HMAC Digests has been added in GLib 2.30 + **/ + +struct _GHmac +{ + int ref_count; + GChecksumType digest_type; + GChecksum *digesti; + GChecksum *digesto; +}; + +/** + * g_hmac_new: + * @digest_type: the desired type of digest + * @key: (array length=key_len): the key for the HMAC + * @key_len: the length of the keys + * + * Creates a new #GHmac, using the digest algorithm @digest_type. + * If the @digest_type is not known, %NULL is returned. + * A #GHmac can be used to compute the HMAC of a key and an + * arbitrary binary blob, using different hashing algorithms. + * + * A #GHmac works by feeding a binary blob through g_hmac_update() + * until the data is complete; the digest can then be extracted + * using g_hmac_get_string(), which will return the checksum as a + * hexadecimal string; or g_hmac_get_digest(), which will return a + * array of raw bytes. Once either g_hmac_get_string() or + * g_hmac_get_digest() have been called on a #GHmac, the HMAC + * will be closed and it won't be possible to call g_hmac_update() + * on it anymore. + * + * Return value: the newly created #GHmac, or %NULL. + * Use g_hmac_unref() to free the memory allocated by it. + * + * Since: 2.30 + */ +GHmac * +g_hmac_new (GChecksumType digest_type, + const guchar *key, + gsize key_len) +{ + GChecksum *checksum; + GHmac *hmac; + guchar *buffer; + guchar *pad; + gsize i, len; + gsize block_size; + + checksum = g_checksum_new (digest_type); + g_return_val_if_fail (checksum != NULL, NULL); + + switch (digest_type) + { + case G_CHECKSUM_MD5: + case G_CHECKSUM_SHA1: + block_size = 64; /* RFC 2104 */ + break; + case G_CHECKSUM_SHA256: + block_size = 64; /* RFC draft-kelly-ipsec-ciph-sha2-01 */ + break; + default: + g_return_val_if_reached (NULL); + } + + hmac = g_slice_new0 (GHmac); + hmac->ref_count = 1; + hmac->digest_type = digest_type; + hmac->digesti = checksum; + hmac->digesto = g_checksum_new (digest_type); + + buffer = g_alloca (block_size); + pad = g_alloca (block_size); + + memset (buffer, 0, block_size); + + /* If the key is too long, hash it */ + if (key_len > block_size) + { + len = block_size; + g_checksum_update (hmac->digesti, key, key_len); + g_checksum_get_digest (hmac->digesti, buffer, &len); + g_checksum_reset (hmac->digesti); + } + + /* Otherwise pad it with zeros */ + else + { + memcpy (buffer, key, key_len); + } + + /* First pad */ + for (i = 0; i < block_size; i++) + pad[i] = 0x36 ^ buffer[i]; /* ipad value */ + g_checksum_update (hmac->digesti, pad, block_size); + + /* Second pad */ + for (i = 0; i < block_size; i++) + pad[i] = 0x5c ^ buffer[i]; /* opad value */ + g_checksum_update (hmac->digesto, pad, block_size); + + return hmac; +} + +/** + * g_hmac_copy: + * @hmac: the #GHmac to copy + * + * Copies a #GHmac. If @hmac has been closed, by calling + * g_hmac_get_string() or g_hmac_get_digest(), the copied + * HMAC will be closed as well. + * + * Return value: the copy of the passed #GHmac. Use g_hmac_unref() + * when finished using it. + * + * Since: 2.30 + */ +GHmac * +g_hmac_copy (const GHmac *hmac) +{ + GHmac *copy; + + g_return_val_if_fail (hmac != NULL, NULL); + + copy = g_slice_new (GHmac); + copy->digest_type = hmac->digest_type; + copy->digesti = g_checksum_copy (hmac->digesti); + copy->digesto = g_checksum_copy (hmac->digesto); + + return copy; +} + +/** + * g_hmac_ref: + * @hmac: a valid #GHmac. + * + * Atomically increments the reference count of @hmac by one. + * This function is MT-safe and may be called from any thread. + * + * Return value: the passed in #GHmac. + * + * Since: 2.30 + **/ +GHmac * +g_hmac_ref (GHmac *hmac) +{ + g_return_val_if_fail (hmac != NULL, NULL); + + g_atomic_int_inc (&hmac->ref_count); + + return hmac; +} + +/** + * g_hmac_unref: + * @hmac: a #GHmac + * + * Atomically decrements the reference count of @hmac by one. + * If the reference count drops to 0, all keys and values will be + * destroyed, and all memory allocated by the hash table is released. + * This function is MT-safe and may be called from any thread. + * Frees the memory allocated for @hmac. + * + * Since: 2.30 + */ +void +g_hmac_unref (GHmac *hmac) +{ + g_return_if_fail (hmac != NULL); + + if (g_atomic_int_dec_and_test (&hmac->ref_count)) + { + g_checksum_free (hmac->digesti); + g_checksum_free (hmac->digesto); + g_slice_free (GHmac, hmac); + } +} + +/** + * g_hmac_update: + * @hmac: a #GHmac + * @data: (array length=length): buffer used to compute the checksum + * @length: size of the buffer, or -1 if it is a null-terminated string. + * + * Feeds @data into an existing #GHmac. The HMAC must still be + * open, that is g_hmac_get_string() or g_hmac_get_digest() must + * not have been called on @hmac. + * + * Since: 2.30 + */ +void +g_hmac_update (GHmac *hmac, + const guchar *data, + gssize length) +{ + g_return_if_fail (hmac != NULL); + g_return_if_fail (length == 0 || data != NULL); + + g_checksum_update (hmac->digesti, data, length); +} + +/** + * g_hmac_get_string: + * @hmac: a #GHmac + * + * Gets the HMAC as an hexadecimal string. + * + * Once this function has been called the #GHmac can no longer be + * updated with g_hmac_update(). + * + * The hexadecimal characters will be lower case. + * + * Return value: the hexadecimal representation of the HMAC. The + * returned string is owned by the HMAC and should not be modified + * or freed. + * + * Since: 2.30 + */ +const gchar * +g_hmac_get_string (GHmac *hmac) +{ + guint8 *buffer; + gsize digest_len; + + g_return_val_if_fail (hmac != NULL, NULL); + + digest_len = g_checksum_type_get_length (hmac->digest_type); + buffer = g_malloc (digest_len); + + g_hmac_get_digest (hmac, buffer, &digest_len); + return g_checksum_get_string (hmac->digesto); +} + +/** + * g_checksum_get_digest: + * @hmac: a #GHmac + * @buffer: output buffer + * @digest_len: an inout parameter. The caller initializes it to the size of @buffer. + * After the call it contains the length of the digest. + * + * Gets the digest from @checksum as a raw binary array and places it + * into @buffer. The size of the digest depends on the type of checksum. + * + * Once this function has been called, the #GHmac is closed and can + * no longer be updated with g_checksum_update(). + * + * Since: 2.30 + */ +void +g_hmac_get_digest (GHmac *hmac, + guint8 *buffer, + gsize *digest_len) +{ + gsize len; + + g_return_if_fail (hmac != NULL); + + len = g_checksum_type_get_length (hmac->digest_type); + g_return_if_fail (*digest_len >= len); + + /* Use the same buffer, because we can :) */ + g_checksum_get_digest (hmac->digesti, buffer, &len); + g_checksum_update (hmac->digesto, buffer, len); + g_checksum_get_digest (hmac->digesto, buffer, digest_len); +} + +/** + * g_compute_hmac_for_data: + * @digest_type: a #GChecksumType to use for the HMAC + * @key: (array length=key_len): the key to use in the HMAC + * @key_len: the length of the key + * @data: binary blob to compute the HMAC of + * @length: length of @data + * + * Computes the HMAC for a binary @data of @length. This is a + * convenience wrapper for g_hmac_new(), g_hmac_get_string() + * and g_hmac_unref(). + * + * The hexadecimal string returned will be in lower case. + * + * Return value: the HMAC of the binary data as a string in hexadecimal. + * The returned string should be freed with g_free() when done using it. + * + * Since: 2.30 + */ +gchar * +g_compute_hmac_for_data (GChecksumType digest_type, + const guchar *key, + gsize key_len, + const guchar *data, + gsize length) +{ + GHmac *hmac; + gchar *retval; + + g_return_val_if_fail (length == 0 || data != NULL, NULL); + + hmac = g_hmac_new (digest_type, key, key_len); + if (!hmac) + return NULL; + + g_hmac_update (hmac, data, length); + retval = g_strdup (g_hmac_get_string (hmac)); + g_hmac_unref (hmac); + + return retval; +} + +/** + * g_compute_hmac_for_string: + * @digest_type: a #GChecksumType to use for the HMAC + * @key: (array length=key_len): the key to use in the HMAC + * @key_len: the length of the key + * @str: the string to compute the HMAC for + * @length: the length of the string, or -1 if the string is null-terminated. + * + * Computes the HMAC for a string. + * + * The hexadecimal string returned will be in lower case. + * + * Return value: the HMAC as a hexadecimal string. The returned string + * should be freed with g_free() when done using it. + * + * Since: 2.30 + */ +gchar * +g_compute_hmac_for_string (GChecksumType digest_type, + const guchar *key, + gsize key_len, + const gchar *str, + gssize length) +{ + g_return_val_if_fail (length == 0 || str != NULL, NULL); + + if (length < 0) + length = strlen (str); + + return g_compute_hmac_for_data (digest_type, key, key_len, + (const guchar *) str, length); +} diff --git a/glib/ghmac.h b/glib/ghmac.h new file mode 100644 index 0000000..856abbf --- /dev/null +++ b/glib/ghmac.h @@ -0,0 +1,71 @@ +/* ghmac.h - secure data hashing + * + * Copyright (C) 2011 Stef Walter + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#if defined(G_DISABLE_SINGLE_INCLUDES) && !defined (__GLIB_H_INSIDE__) && !defined (GLIB_COMPILATION) +#error "Only can be included directly." +#endif + +#ifndef __G_HMAC_H__ +#define __G_HMAC_H__ + +#include +#include "gchecksum.h" + +G_BEGIN_DECLS + +/** + * GHmac: + * + * An opaque structure representing a HMAC operation. + * To create a new GHmac, use g_hmac_new(). To free + * a GHmac, use g_hmac_unref(). + * + * Since: 2.30 + */ +typedef struct _GHmac GHmac; + +GHmac * g_hmac_new (GChecksumType digest_type, + const guchar *key, + gsize key_len); +GHmac * g_hmac_copy (const GHmac *hmac); +GHmac * g_hmac_ref (GHmac *hmac); +void g_hmac_unref (GHmac *hmac); +void g_hmac_update (GHmac *hmac, + const guchar *data, + gssize length); +const gchar * g_hmac_get_string (GHmac *hmac); +void g_hmac_get_digest (GHmac *hmac, + guint8 *buffer, + gsize *digest_len); + +gchar *g_compute_hmac_for_data (GChecksumType digest_type, + const guchar *key, + gsize key_len, + const guchar *data, + gsize length); +gchar *g_compute_hmac_for_string (GChecksumType digest_type, + const guchar *key, + gsize key_len, + const gchar *str, + gssize length); + +G_END_DECLS + +#endif /* __G_CHECKSUM_H__ */ diff --git a/glib/glib.h b/glib/glib.h index 06d0190..ebbbebd 100644 --- a/glib/glib.h +++ b/glib/glib.h @@ -48,6 +48,7 @@ #include #include #include +#include #include #include #include diff --git a/glib/glib.symbols b/glib/glib.symbols index ba24a19..01bda12 100644 --- a/glib/glib.symbols +++ b/glib/glib.symbols @@ -387,6 +387,15 @@ g_hash_table_iter_get_hash_table g_hash_table_iter_remove g_hash_table_iter_replace g_hash_table_iter_steal +g_hmac_new +g_hmac_copy +g_hmac_ref +g_hmac_unref +g_hmac_update +g_hmac_get_string +g_hmac_get_digest +g_compute_hmac_for_data +g_compute_hmac_for_string g_hook_alloc g_hook_compare_ids g_hook_destroy diff --git a/glib/tests/.gitignore b/glib/tests/.gitignore index 4a8de9b..514e02c 100644 --- a/glib/tests/.gitignore +++ b/glib/tests/.gitignore @@ -16,6 +16,7 @@ fileutils gdatetime gvariant hash +hmac hostutils keyfile list diff --git a/glib/tests/Makefile.am b/glib/tests/Makefile.am index a127d58..3f4bd14 100644 --- a/glib/tests/Makefile.am +++ b/glib/tests/Makefile.am @@ -113,6 +113,9 @@ unicode_LDADD = $(progs_ldadd) TEST_PROGS += checksum checksum_LDADD = $(progs_ldadd) +TEST_PROGS += hmac +hmac_LDADD = $(progs_ldadd) + TEST_PROGS += hash hash_LDADD = $(progs_ldadd) diff --git a/glib/tests/hmac.c b/glib/tests/hmac.c new file mode 100644 index 0000000..db6e271 --- /dev/null +++ b/glib/tests/hmac.c @@ -0,0 +1,268 @@ +#include "config.h" + +#include +#include +#ifdef HAVE_UNISTD_H +#include +#endif +#include + +/* HMAC-MD5 test vectors as per RFC 2202 */ + +/* Test 1 */ +guint8 key_md5_test1[] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; +guint8 result_md5_test1[] = { + 0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c, 0x13, 0xf4, + 0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d }; + +/* Test 2 */ +guint8 result_md5_test2[] = { + 0x75, 0x0c, 0x78, 0x3e, 0x6a, 0xb0, 0xb5, 0x03, 0xea, 0xa8, + 0x6e, 0x31, 0x0a, 0x5d, 0xb7, 0x38 }; + +/* Test 3 */ +guint8 key_md5_test3[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; +guint8 data_md5_test3[] = { + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd }; +guint8 result_md5_test3[] = { + 0x56, 0xbe, 0x34, 0x52, 0x1d, 0x14, 0x4c, 0x88, 0xdb, 0xb8, + 0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6 }; + +/* Test 4 */ +guint8 key_md5_test4[] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, + 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19 }; +guint8 data_md5_test4[] = { + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd }; +guint8 result_md5_test4[] = { + 0x69, 0x7e, 0xaf, 0x0a, 0xca, 0x3a, 0x3a, 0xea, 0x3a, 0x75, + 0x16, 0x47, 0x46, 0xff, 0xaa, 0x79 }; + +/* Test 5 */ +guint8 key_md5_test5[] = { + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c}; +guint8 result_md5_test5[] = { + 0x56, 0x46, 0x1e, 0xf2, 0x34, 0x2e, 0xdc, 0x00, 0xf9, 0xba, + 0xb9, 0x95, 0x69, 0x0e, 0xfd, 0x4c }; + +/* Test 6 */ +guint8 key_md5_test6[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; +guint8 result_md5_test6[] = { + 0x6b, 0x1a, 0xb7, 0xfe, 0x4b, 0xd7, 0xbf, 0x8f, 0x0b, 0x62, + 0xe6, 0xce, 0x61, 0xb9, 0xd0, 0xcd }; + +/* Test 6 */ +guint8 key_md5_test7[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; +guint8 result_md5_test7[] = { + 0x6f, 0x63, 0x0f, 0xad, 0x67, 0xcd, 0xa0, 0xee, 0x1f, 0xb1, + 0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e }; + +/* HMAC-SHA1 test vectors as per RFC 2202 */ + +/* Test 1 */ +guint8 key_sha1_test1[] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; +guint8 result_sha1_test1[] = { + 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xe2, 0x8b, + 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e, 0xf1, 0x46, 0xbe, 0x00 }; + +/* Test 2 */ +guint8 result_sha1_test2[] = { + 0xef, 0xfc, 0xdf, 0x6a, 0xe5, 0xeb, 0x2f, 0xa2, 0xd2, 0x74, + 0x16, 0xd5, 0xf1, 0x84, 0xdf, 0x9c, 0x25, 0x9a, 0x7c, 0x79 }; + +/* Test 3 */ +guint8 key_sha1_test3[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; +guint8 data_sha1_test3[] = { + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd }; +guint8 result_sha1_test3[] = { + 0x12, 0x5d, 0x73, 0x42, 0xb9, 0xac, 0x11, 0xcd, 0x91, 0xa3, + 0x9a, 0xf4, 0x8a, 0xa1, 0x7b, 0x4f, 0x63, 0xf1, 0x75, 0xd3 }; + +/* Test 4 */ +guint8 key_sha1_test4[] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, + 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19 }; +guint8 data_sha1_test4[] = { + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd }; +guint8 result_sha1_test4[] = { + 0x4c, 0x90, 0x07, 0xf4, 0x02, 0x62, 0x50, 0xc6, 0xbc, 0x84, + 0x14, 0xf9, 0xbf, 0x50, 0xc8, 0x6c, 0x2d, 0x72, 0x35, 0xda }; + +/* Test 5 */ +guint8 key_sha1_test5[] = { + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c }; +guint8 result_sha1_test5[] = { + 0x4c, 0x1a, 0x03, 0x42, 0x4b, 0x55, 0xe0, 0x7f, 0xe7, 0xf2, + 0x7b, 0xe1, 0xd5, 0x8b, 0xb9, 0x32, 0x4a, 0x9a, 0x5a, 0x04 }; + +/* Test 6 & 7*/ +guint8 key_sha1_test6_7[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; + +guint8 result_sha1_test6[] = { + 0xaa, 0x4a, 0xe5, 0xe1, 0x52, 0x72, 0xd0, 0x0e, 0x95, 0x70, + 0x56, 0x37, 0xce, 0x8a, 0x3b, 0x55, 0xed, 0x40, 0x21, 0x12 }; + +guint8 result_sha1_test7[] = { + 0xe8, 0xe9, 0x9d, 0xf, 0x45, 0x23, 0x7d, 0x78, 0x6d, 0x6b, + 0xba, 0xa7, 0x96, 0x5c, 0x78, 0x8, 0xbb, 0xff, 0x1a, 0x91 }; + + +typedef struct { + GChecksumType digest_type; + gpointer key; + gsize key_len; + gpointer data; + gsize data_len; + gpointer result; +} HmacCase; + +HmacCase hmac_md5_tests[] = { + { G_CHECKSUM_MD5, key_md5_test1, 16, "Hi There", 8, result_md5_test1 }, + { G_CHECKSUM_MD5, "Jefe", 4, "what do ya want for nothing?", 28, + result_md5_test2 }, + { G_CHECKSUM_MD5, key_md5_test3, 16, data_md5_test3, 50, + result_md5_test3 }, + { G_CHECKSUM_MD5, key_md5_test4, 25, data_md5_test4, 50, + result_md5_test4 }, + { G_CHECKSUM_MD5, key_md5_test5, 16, "Test With Truncation", 20, + result_md5_test5 }, + { G_CHECKSUM_MD5, key_md5_test6, 80, + "Test Using Larger Than Block-Size Key - Hash Key First", 54, + result_md5_test6 }, + { G_CHECKSUM_MD5, key_md5_test7, 80, + "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", + 73, result_md5_test7 }, + { -1, NULL, 0, NULL, 0, NULL }, +}; + +HmacCase hmac_sha1_tests[] = { + { G_CHECKSUM_SHA1, key_sha1_test1, 20, "Hi There", 8, result_sha1_test1 }, + { G_CHECKSUM_SHA1, "Jefe", 4, "what do ya want for nothing?", 28, + result_sha1_test2 }, + { G_CHECKSUM_SHA1, key_sha1_test3, 20, data_sha1_test3, 50, + result_sha1_test3 }, + { G_CHECKSUM_SHA1, key_sha1_test4, 25, data_sha1_test4, 50, + result_sha1_test4 }, + { G_CHECKSUM_SHA1, key_sha1_test5, 20, "Test With Truncation", 20, + result_sha1_test5 }, + { G_CHECKSUM_SHA1, key_sha1_test6_7, 80, + "Test Using Larger Than Block-Size Key - Hash Key First", 54, + result_sha1_test6 }, + { G_CHECKSUM_SHA1, key_sha1_test6_7, 80, + "Test Using Larger Than Block-Size Key and Larger" \ + " Than One Block-Size Data", 73, result_sha1_test7, }, + { -1, NULL, 0, NULL, 0, NULL }, +}; + +static void +test_hmac (HmacCase *t) +{ + GHmac *hmac; + gsize digest_len, hmac_len; + gpointer digest; + + hmac_len = digest_len = g_checksum_type_get_length (t->digest_type); + digest = g_malloc (hmac_len); + + hmac = g_hmac_new (t->digest_type, t->key, t->key_len); + g_hmac_update (hmac, t->data, t->data_len); + g_hmac_get_digest (hmac, digest, &digest_len); + + g_assert_cmpuint (digest_len, ==, hmac_len); + g_assert (memcmp (digest, t->result, digest_len) == 0); + + g_free (digest); + g_hmac_unref (hmac); +} + +static void +test_hmac_ref_unref (void) +{ + GHmac *hmac, *check; + + hmac = g_hmac_new (G_CHECKSUM_SHA1, (guchar*)"aaa", 3); + check = g_hmac_ref (hmac); + g_assert (check == hmac); + g_hmac_unref (check); + g_hmac_unref (hmac); +} + +int +main (int argc, + char **argv) +{ + int i; + g_test_init (&argc, &argv, NULL); + + for (i = 0 ; hmac_sha1_tests[i].key_len > 0 ; i++) + { + gchar *name = g_strdup_printf ("/hmac/sha1-%d", i + 1); + g_test_add_data_func (name, hmac_sha1_tests + i, + (void (*)(const void *)) test_hmac); + g_free (name); + } + + for (i = 0 ; hmac_md5_tests[i].key_len > 0 ; i++) + { + gchar *name = g_strdup_printf ("/hmac/md5-%d", i + 1); + g_test_add_data_func (name, hmac_md5_tests + i, + (void (*)(const void *)) test_hmac); + g_free (name); + } + + g_test_add_func ("/hmac/ref-unref", test_hmac_ref_unref); + + return g_test_run (); +} -- 2.7.4