mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SHA256, SHA384 and SHA512 error propagation. Major impact on Hmac functions with error propagation.

Browse Source
This commit is contained in:
Moisés Guimarães 2014-04-14 10:36:17 -03:00
parent 644bb9c524
commit 32e2d7016f
8 changed files with 303 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
ctaocrypt/src/ecc.c
View File

@ -3834,9 +3834,15 @@ int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
HmacUpdate(&hmac, out, msgSz);
HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
HmacFinal(&hmac, out+msgSz);
ret = HmacUpdate(&hmac, out, msgSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, out+msgSz);
if (ret != 0)
return ret;
}
break;
@ -3939,9 +3945,15 @@ int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
HmacUpdate(&hmac, msg, msgSz-digestSz);
HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
HmacFinal(&hmac, verify);
ret = HmacUpdate(&hmac, msg, msgSz-digestSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, verify);
if (ret != 0)
return ret;
if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) {
return -1;

172
ctaocrypt/src/hmac.c
View File

@ -172,8 +172,14 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
XMEMCPY(ip, key, length);
}
else {
Sha256Update(&hmac->hash.sha256, key, length);
Sha256Final(&hmac->hash.sha256, ip);
ret = Sha256Update(&hmac->hash.sha256, key, length);
if (ret != 0)
return ret;
ret = Sha256Final(&hmac->hash.sha256, ip);
if (ret != 0)
return ret;
length = SHA256_DIGEST_SIZE;
}
}
@ -188,8 +194,14 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
XMEMCPY(ip, key, length);
}
else {
Sha384Update(&hmac->hash.sha384, key, length);
Sha384Final(&hmac->hash.sha384, ip);
ret = Sha384Update(&hmac->hash.sha384, key, length);
if (ret != 0)
return ret;
ret = Sha384Final(&hmac->hash.sha384, ip);
if (ret != 0)
return ret;
length = SHA384_DIGEST_SIZE;
}
}
@ -204,8 +216,14 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
XMEMCPY(ip, key, length);
}
else {
Sha512Update(&hmac->hash.sha512, key, length);
Sha512Final(&hmac->hash.sha512, ip);
ret = Sha512Update(&hmac->hash.sha512, key, length);
if (ret != 0)
return ret;
ret = Sha512Final(&hmac->hash.sha512, ip);
if (ret != 0)
return ret;
length = SHA512_DIGEST_SIZE;
}
}
@ -242,8 +260,10 @@ int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
}
static void HmacKeyInnerHash(Hmac* hmac)
static int HmacKeyInnerHash(Hmac* hmac)
{
int ret = 0;
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
@ -259,22 +279,28 @@ static void HmacKeyInnerHash(Hmac* hmac)
#ifndef NO_SHA256
case SHA256:
Sha256Update(&hmac->hash.sha256,
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->ipad, SHA256_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
Sha384Update(&hmac->hash.sha384,
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->ipad, SHA384_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
Sha512Update(&hmac->hash.sha512,
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->ipad, SHA512_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
@ -290,18 +316,25 @@ static void HmacKeyInnerHash(Hmac* hmac)
}
hmac->innerHashKeyed = 1;
return ret;
}
int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
{
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumUpdate(hmac, msg, length);
#endif
if (!hmac->innerHashKeyed)
HmacKeyInnerHash(hmac);
if (!hmac->innerHashKeyed) {
ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) {
#ifndef NO_MD5
@ -318,19 +351,25 @@ int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
#ifndef NO_SHA256
case SHA256:
Sha256Update(&hmac->hash.sha256, msg, length);
ret = Sha256Update(&hmac->hash.sha256, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
Sha384Update(&hmac->hash.sha384, msg, length);
ret = Sha384Update(&hmac->hash.sha384, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
Sha512Update(&hmac->hash.sha512, msg, length);
ret = Sha512Update(&hmac->hash.sha512, msg, length);
if (ret != 0)
return ret;
break;
#endif
@ -350,13 +389,18 @@ int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
int HmacFinal(Hmac* hmac, byte* hash)
{
int ret;
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumFinal(hmac, hash);
#endif
if (!hmac->innerHashKeyed)
HmacKeyInnerHash(hmac);
if (!hmac->innerHashKeyed) {
ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) {
#ifndef NO_MD5
@ -390,14 +434,23 @@ int HmacFinal(Hmac* hmac, byte* hash)
#ifndef NO_SHA256
case SHA256:
{
Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
ret = Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
Sha256Update(&hmac->hash.sha256,
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->opad, SHA256_BLOCK_SIZE);
Sha256Update(&hmac->hash.sha256,
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
Sha256Final(&hmac->hash.sha256, hash);
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha256Final(&hmac->hash.sha256, hash);
if (ret != 0)
return ret;
}
break;
#endif
@ -405,14 +458,23 @@ int HmacFinal(Hmac* hmac, byte* hash)
#ifdef CYASSL_SHA384
case SHA384:
{
Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
ret = Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
Sha384Update(&hmac->hash.sha384,
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->opad, SHA384_BLOCK_SIZE);
Sha384Update(&hmac->hash.sha384,
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
if (ret != 0)
return ret;
Sha384Final(&hmac->hash.sha384, hash);
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha384Final(&hmac->hash.sha384, hash);
if (ret != 0)
return ret;
}
break;
#endif
@ -420,14 +482,23 @@ int HmacFinal(Hmac* hmac, byte* hash)
#ifdef CYASSL_SHA512
case SHA512:
{
Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash);
ret = Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
Sha512Update(&hmac->hash.sha512,
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->opad, SHA512_BLOCK_SIZE);
Sha512Update(&hmac->hash.sha512,
(byte*) hmac->innerHash, SHA512_DIGEST_SIZE);
if (ret != 0)
return ret;
Sha512Final(&hmac->hash.sha512, hash);
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->innerHash, SHA512_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha512Final(&hmac->hash.sha512, hash);
if (ret != 0)
return ret;
}
break;
#endif
@ -646,6 +717,7 @@ int HKDF(int type, const byte* inKey, word32 inKeySz,
int hashSz = GetHashSizeByType(type);
word32 outIdx = 0;
byte n = 0x1;
int ret;
if (hashSz < 0)
return BAD_FUNC_ARG;
@ -657,23 +729,35 @@ int HKDF(int type, const byte* inKey, word32 inKeySz,
saltSz = hashSz;
}
if (HmacSetKey(&myHmac, type, localSalt, saltSz) != 0)
return BAD_FUNC_ARG;
HmacUpdate(&myHmac, inKey, inKeySz);
HmacFinal(&myHmac, prk);
ret = HmacSetKey(&myHmac, type, localSalt, saltSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&myHmac, inKey, inKeySz);
if (ret != 0)
return ret;
ret = HmacFinal(&myHmac, prk);
if (ret != 0)
return ret;
while (outIdx < outSz) {
int tmpSz = (n == 1) ? 0 : hashSz;
word32 left = outSz - outIdx;
if (HmacSetKey(&myHmac, type, prk, hashSz) != 0)
return BAD_FUNC_ARG;
HmacUpdate(&myHmac, tmp, tmpSz);
HmacUpdate(&myHmac, info, infoSz);
HmacUpdate(&myHmac, &n, 1);
HmacFinal(&myHmac, tmp);
ret = HmacSetKey(&myHmac, type, prk, hashSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&myHmac, tmp, tmpSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&myHmac, info, infoSz);
if (ret != 0)
return ret;
ret = HmacUpdate(&myHmac, &n, 1);
if (ret != 0)
return ret;
ret = HmacFinal(&myHmac, tmp);
if (ret != 0)
return ret;
left = min(left, (word32)hashSz);
XMEMCPY(out+outIdx, tmp, left);

23
ctaocrypt/src/pwdbased.c
View File

@ -151,21 +151,34 @@ int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
while (kLen) {
int currentLen;
HmacUpdate(&hmac, salt, sLen);
ret = HmacUpdate(&hmac, salt, sLen);
if (ret != 0)
return ret;
/* encode i */
for (j = 0; j < 4; j++) {
byte b = (byte)(i >> ((3-j) * 8));
HmacUpdate(&hmac, &b, 1);
ret = HmacUpdate(&hmac, &b, 1);
if (ret != 0)
return ret;
}
HmacFinal(&hmac, buffer);
ret = HmacFinal(&hmac, buffer);
if (ret != 0)
return ret;
currentLen = min(kLen, hLen);
XMEMCPY(output, buffer, currentLen);
for (j = 1; j < iterations; j++) {
HmacUpdate(&hmac, buffer, hLen);
HmacFinal(&hmac, buffer);
ret = HmacUpdate(&hmac, buffer, hLen);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, buffer);
if (ret != 0)
return ret;
xorbuf(output, buffer, currentLen);
}

60
ctaocrypt/test/test.c
View File

@ -1149,10 +1149,14 @@ int hmac_md5_test(void)
#endif
ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4011;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4015;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4016;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4017;
if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
return -20 - i;
@ -1220,10 +1224,14 @@ int hmac_sha_test(void)
#endif
ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4012;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4018;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4019;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4020;
if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
return -20 - i;
@ -1295,10 +1303,14 @@ int hmac_sha256_test(void)
#endif
ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i]));
if (ret != 0)
return -4013;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4021;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4022;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4023;
if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
return -20 - i;
@ -1371,10 +1383,14 @@ int hmac_blake2b_test(void)
ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i],
(word32)strlen(keys[i]));
if (ret != 0)
return -4014;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4024;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4025;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4026;
if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0)
return -20 - i;
@ -1443,10 +1459,14 @@ int hmac_sha384_test(void)
for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i]));
if (ret != 0)
return -4015;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4027;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4028;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4029;
if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
return -20 - i;
@ -1515,10 +1535,14 @@ int hmac_sha512_test(void)
for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i]));
if (ret != 0)
return -4016;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4030;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4031;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4032;
if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0)
return -20 - i;

24
cyassl/test.h
View File

@ -1345,9 +1345,15 @@ static INLINE int myMacEncryptCb(CYASSL* ssl, unsigned char* macOut,
CyaSSL_GetMacSecret(ssl, macVerify), CyaSSL_GetHmacSize(ssl));
if (ret != 0)
return ret;
HmacUpdate(&hmac, myInner, sizeof(myInner));
HmacUpdate(&hmac, macIn, macInSz);
HmacFinal(&hmac, macOut);
ret = HmacUpdate(&hmac, myInner, sizeof(myInner));
if (ret != 0)
return ret;
ret = HmacUpdate(&hmac, macIn, macInSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, macOut);
if (ret != 0)
return ret;
/* encrypt setup on first time */
@ -1454,9 +1460,15 @@ static INLINE int myDecryptVerifyCb(CYASSL* ssl,
CyaSSL_GetMacSecret(ssl, macVerify), digestSz);
if (ret != 0)
return ret;
HmacUpdate(&hmac, myInner, sizeof(myInner));
HmacUpdate(&hmac, decOut + ivExtra, macInSz);
HmacFinal(&hmac, verify);
ret = HmacUpdate(&hmac, myInner, sizeof(myInner));
if (ret != 0)
return ret;
ret = HmacUpdate(&hmac, decOut + ivExtra, macInSz);
if (ret != 0)
return ret;
ret = HmacFinal(&hmac, verify);
if (ret != 0)
return ret;
if (memcmp(verify, decOut + decSz - digestSz - pad - padByte,
digestSz) != 0) {

48
mcapi/mcapi_test.c
View File

@ -407,10 +407,18 @@ static int check_hmac(void)
}
CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
if (ret != 0) {
printf("hmac sha update default failed\n");
return -1;
}
CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
HmacFinal(&defHmac, defDigest);
ret = HmacFinal(&defHmac, defDigest);
if (ret != 0) {
printf("hmac sha final default failed\n");
return -1;
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
printf("hmac sha final memcmp fialed\n");
@ -427,10 +435,18 @@ static int check_hmac(void)
}
CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
if (ret != 0) {
printf("hmac sha256 update default failed\n");
return -1;
}
CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
HmacFinal(&defHmac, defDigest);
ret = HmacFinal(&defHmac, defDigest);
if (ret != 0) {
printf("hmac sha256 final default failed\n");
return -1;
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
printf("hmac sha256 final memcmp fialed\n");
@ -447,10 +463,18 @@ static int check_hmac(void)
}
CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
if (ret != 0) {
printf("hmac sha384 update default failed\n");
return -1;
}
CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
HmacFinal(&defHmac, defDigest);
ret = HmacFinal(&defHmac, defDigest);
if (ret != 0) {
printf("hmac sha384 final default failed\n");
return -1;
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
printf("hmac sha384 final memcmp fialed\n");
@ -467,10 +491,18 @@ static int check_hmac(void)
}
CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
if (ret != 0) {
printf("hmac sha512 update default failed\n");
return -1;
}
CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
HmacFinal(&defHmac, defDigest);
ret = HmacFinal(&defHmac, defDigest);
if (ret != 0) {
printf("hmac sha512 final default failed\n");
return -1;
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
printf("hmac sha512 final memcmp fialed\n");

19
src/ssl.c
View File

@ -7342,28 +7342,31 @@ int CyaSSL_set_compression(CYASSL* ssl)
unsigned char* md, unsigned int* md_len)
{
Hmac hmac;
int ret;
CYASSL_ENTER("HMAC");
if (!md) return NULL; /* no static buffer support */
if (XSTRNCMP(evp_md, "MD5", 3) == 0) {
ret = HmacSetKey(&hmac, MD5, (const byte*)key, key_len);
if (HmacSetKey(&hmac, MD5, (const byte*)key, key_len) != 0)
return NULL;
if (md_len) *md_len = MD5_DIGEST_SIZE;
}
else if (XSTRNCMP(evp_md, "SHA", 3) == 0) {
ret = HmacSetKey(&hmac, SHA, (const byte*)key, key_len);
if (HmacSetKey(&hmac, SHA, (const byte*)key, key_len) != 0)
return NULL;
if (md_len) *md_len = SHA_DIGEST_SIZE;
}
else
return NULL;
if (ret != 0)
if (HmacUpdate(&hmac, d, n) != 0)
return NULL;
HmacUpdate(&hmac, d, n);
HmacFinal(&hmac, md);
if (HmacFinal(&hmac, md) != 0)
return NULL;
return md;
}
@ -10847,6 +10850,7 @@ static int initGlobalRNG = 0;
if (ctx && data) {
CYASSL_MSG("updating hmac");
HmacUpdate(&ctx->hmac, data, (word32)len);
/* OpenSSL compat, no error */
}
}
@ -10859,6 +10863,7 @@ static int initGlobalRNG = 0;
if (ctx && hash) {
CYASSL_MSG("final hmac");
HmacFinal(&ctx->hmac, hash);
/* OpenSSL compat, no error */
if (len) {
CYASSL_MSG("setting output len");

38
tests/hash.c
View File

@ -611,9 +611,13 @@ int hmac_md5_test(void)
ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4014;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4015;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4016;
if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
return -20 - i;
@ -672,10 +676,14 @@ int hmac_sha_test(void)
for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4015;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4017;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4018;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4019;
if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
return -20 - i;
@ -737,10 +745,14 @@ int hmac_sha256_test(void)
for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac,SHA256, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4016;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4020;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4021;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4022;
if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
return -20 - i;
@ -806,10 +818,14 @@ int hmac_sha384_test(void)
for (i = 0; i < times; ++i) {
ret = HmacSetKey(&hmac,SHA384, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4017;
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
return -4023;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4024;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4025;
if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
return -20 - i;