ring-native 0.0.0 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/CHANGES.md +7 -0
- data/Makefile +5 -0
- data/README.md +12 -5
- data/Rakefile +4 -0
- data/ext/ring/extconf.rb +4 -5
- data/lib/ring/native.rb +3 -1
- data/lib/ring/native/version.rb +5 -1
- data/ring-native.gemspec +6 -6
- data/vendor/ring-ffi/Cargo.lock +26 -0
- data/vendor/ring-ffi/Cargo.toml +45 -0
- data/vendor/ring-ffi/LICENSE +16 -0
- data/vendor/ring-ffi/README.md +59 -0
- data/vendor/ring-ffi/src/lib.rs +79 -0
- metadata +10 -255
- data/vendor/ring/BUILDING.md +0 -40
- data/vendor/ring/Cargo.toml +0 -43
- data/vendor/ring/LICENSE +0 -185
- data/vendor/ring/Makefile +0 -35
- data/vendor/ring/PORTING.md +0 -163
- data/vendor/ring/README.md +0 -113
- data/vendor/ring/STYLE.md +0 -197
- data/vendor/ring/appveyor.yml +0 -27
- data/vendor/ring/build.rs +0 -108
- data/vendor/ring/crypto/aes/aes.c +0 -1142
- data/vendor/ring/crypto/aes/aes_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/aes/aes_test.cc +0 -93
- data/vendor/ring/crypto/aes/asm/aes-586.pl +0 -2368
- data/vendor/ring/crypto/aes/asm/aes-armv4.pl +0 -1249
- data/vendor/ring/crypto/aes/asm/aes-x86_64.pl +0 -2246
- data/vendor/ring/crypto/aes/asm/aesni-x86.pl +0 -1318
- data/vendor/ring/crypto/aes/asm/aesni-x86_64.pl +0 -2084
- data/vendor/ring/crypto/aes/asm/aesv8-armx.pl +0 -675
- data/vendor/ring/crypto/aes/asm/bsaes-armv7.pl +0 -1364
- data/vendor/ring/crypto/aes/asm/bsaes-x86_64.pl +0 -1565
- data/vendor/ring/crypto/aes/asm/vpaes-x86.pl +0 -841
- data/vendor/ring/crypto/aes/asm/vpaes-x86_64.pl +0 -1116
- data/vendor/ring/crypto/aes/internal.h +0 -87
- data/vendor/ring/crypto/aes/mode_wrappers.c +0 -61
- data/vendor/ring/crypto/bn/add.c +0 -394
- data/vendor/ring/crypto/bn/asm/armv4-mont.pl +0 -694
- data/vendor/ring/crypto/bn/asm/armv8-mont.pl +0 -1503
- data/vendor/ring/crypto/bn/asm/bn-586.pl +0 -774
- data/vendor/ring/crypto/bn/asm/co-586.pl +0 -287
- data/vendor/ring/crypto/bn/asm/rsaz-avx2.pl +0 -1882
- data/vendor/ring/crypto/bn/asm/x86-mont.pl +0 -592
- data/vendor/ring/crypto/bn/asm/x86_64-gcc.c +0 -599
- data/vendor/ring/crypto/bn/asm/x86_64-mont.pl +0 -1393
- data/vendor/ring/crypto/bn/asm/x86_64-mont5.pl +0 -3507
- data/vendor/ring/crypto/bn/bn.c +0 -352
- data/vendor/ring/crypto/bn/bn_asn1.c +0 -74
- data/vendor/ring/crypto/bn/bn_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/bn/bn_test.cc +0 -1696
- data/vendor/ring/crypto/bn/cmp.c +0 -200
- data/vendor/ring/crypto/bn/convert.c +0 -433
- data/vendor/ring/crypto/bn/ctx.c +0 -311
- data/vendor/ring/crypto/bn/div.c +0 -594
- data/vendor/ring/crypto/bn/exponentiation.c +0 -1335
- data/vendor/ring/crypto/bn/gcd.c +0 -711
- data/vendor/ring/crypto/bn/generic.c +0 -1019
- data/vendor/ring/crypto/bn/internal.h +0 -316
- data/vendor/ring/crypto/bn/montgomery.c +0 -516
- data/vendor/ring/crypto/bn/mul.c +0 -888
- data/vendor/ring/crypto/bn/prime.c +0 -829
- data/vendor/ring/crypto/bn/random.c +0 -334
- data/vendor/ring/crypto/bn/rsaz_exp.c +0 -262
- data/vendor/ring/crypto/bn/rsaz_exp.h +0 -53
- data/vendor/ring/crypto/bn/shift.c +0 -276
- data/vendor/ring/crypto/bytestring/bytestring_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/bytestring/bytestring_test.cc +0 -421
- data/vendor/ring/crypto/bytestring/cbb.c +0 -399
- data/vendor/ring/crypto/bytestring/cbs.c +0 -227
- data/vendor/ring/crypto/bytestring/internal.h +0 -46
- data/vendor/ring/crypto/chacha/chacha_generic.c +0 -140
- data/vendor/ring/crypto/chacha/chacha_vec.c +0 -323
- data/vendor/ring/crypto/chacha/chacha_vec_arm.S +0 -1447
- data/vendor/ring/crypto/chacha/chacha_vec_arm_generate.go +0 -153
- data/vendor/ring/crypto/cipher/cipher_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/cipher/e_aes.c +0 -390
- data/vendor/ring/crypto/cipher/e_chacha20poly1305.c +0 -208
- data/vendor/ring/crypto/cipher/internal.h +0 -173
- data/vendor/ring/crypto/cipher/test/aes_128_gcm_tests.txt +0 -543
- data/vendor/ring/crypto/cipher/test/aes_128_key_wrap_tests.txt +0 -9
- data/vendor/ring/crypto/cipher/test/aes_256_gcm_tests.txt +0 -475
- data/vendor/ring/crypto/cipher/test/aes_256_key_wrap_tests.txt +0 -23
- data/vendor/ring/crypto/cipher/test/chacha20_poly1305_old_tests.txt +0 -422
- data/vendor/ring/crypto/cipher/test/chacha20_poly1305_tests.txt +0 -484
- data/vendor/ring/crypto/cipher/test/cipher_test.txt +0 -100
- data/vendor/ring/crypto/constant_time_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/constant_time_test.c +0 -304
- data/vendor/ring/crypto/cpu-arm-asm.S +0 -32
- data/vendor/ring/crypto/cpu-arm.c +0 -199
- data/vendor/ring/crypto/cpu-intel.c +0 -261
- data/vendor/ring/crypto/crypto.c +0 -151
- data/vendor/ring/crypto/curve25519/asm/x25519-arm.S +0 -2118
- data/vendor/ring/crypto/curve25519/curve25519.c +0 -4888
- data/vendor/ring/crypto/curve25519/x25519_test.cc +0 -128
- data/vendor/ring/crypto/digest/md32_common.h +0 -181
- data/vendor/ring/crypto/ec/asm/p256-x86_64-asm.pl +0 -2725
- data/vendor/ring/crypto/ec/ec.c +0 -193
- data/vendor/ring/crypto/ec/ec_curves.c +0 -61
- data/vendor/ring/crypto/ec/ec_key.c +0 -228
- data/vendor/ring/crypto/ec/ec_montgomery.c +0 -114
- data/vendor/ring/crypto/ec/example_mul.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/ec/internal.h +0 -243
- data/vendor/ring/crypto/ec/oct.c +0 -253
- data/vendor/ring/crypto/ec/p256-64.c +0 -1794
- data/vendor/ring/crypto/ec/p256-x86_64-table.h +0 -9548
- data/vendor/ring/crypto/ec/p256-x86_64.c +0 -509
- data/vendor/ring/crypto/ec/simple.c +0 -1007
- data/vendor/ring/crypto/ec/util-64.c +0 -183
- data/vendor/ring/crypto/ec/wnaf.c +0 -508
- data/vendor/ring/crypto/ecdh/ecdh.c +0 -155
- data/vendor/ring/crypto/ecdsa/ecdsa.c +0 -304
- data/vendor/ring/crypto/ecdsa/ecdsa_asn1.c +0 -193
- data/vendor/ring/crypto/ecdsa/ecdsa_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/ecdsa/ecdsa_test.cc +0 -327
- data/vendor/ring/crypto/header_removed.h +0 -17
- data/vendor/ring/crypto/internal.h +0 -495
- data/vendor/ring/crypto/libring.Windows.vcxproj +0 -101
- data/vendor/ring/crypto/mem.c +0 -98
- data/vendor/ring/crypto/modes/asm/aesni-gcm-x86_64.pl +0 -1045
- data/vendor/ring/crypto/modes/asm/ghash-armv4.pl +0 -517
- data/vendor/ring/crypto/modes/asm/ghash-x86.pl +0 -1393
- data/vendor/ring/crypto/modes/asm/ghash-x86_64.pl +0 -1741
- data/vendor/ring/crypto/modes/asm/ghashv8-armx.pl +0 -422
- data/vendor/ring/crypto/modes/ctr.c +0 -226
- data/vendor/ring/crypto/modes/gcm.c +0 -1206
- data/vendor/ring/crypto/modes/gcm_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/modes/gcm_test.c +0 -348
- data/vendor/ring/crypto/modes/internal.h +0 -299
- data/vendor/ring/crypto/perlasm/arm-xlate.pl +0 -170
- data/vendor/ring/crypto/perlasm/readme +0 -100
- data/vendor/ring/crypto/perlasm/x86_64-xlate.pl +0 -1164
- data/vendor/ring/crypto/perlasm/x86asm.pl +0 -292
- data/vendor/ring/crypto/perlasm/x86gas.pl +0 -263
- data/vendor/ring/crypto/perlasm/x86masm.pl +0 -200
- data/vendor/ring/crypto/perlasm/x86nasm.pl +0 -187
- data/vendor/ring/crypto/poly1305/poly1305.c +0 -331
- data/vendor/ring/crypto/poly1305/poly1305_arm.c +0 -301
- data/vendor/ring/crypto/poly1305/poly1305_arm_asm.S +0 -2015
- data/vendor/ring/crypto/poly1305/poly1305_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/poly1305/poly1305_test.cc +0 -80
- data/vendor/ring/crypto/poly1305/poly1305_test.txt +0 -52
- data/vendor/ring/crypto/poly1305/poly1305_vec.c +0 -892
- data/vendor/ring/crypto/rand/asm/rdrand-x86_64.pl +0 -75
- data/vendor/ring/crypto/rand/internal.h +0 -32
- data/vendor/ring/crypto/rand/rand.c +0 -189
- data/vendor/ring/crypto/rand/urandom.c +0 -219
- data/vendor/ring/crypto/rand/windows.c +0 -56
- data/vendor/ring/crypto/refcount_c11.c +0 -66
- data/vendor/ring/crypto/refcount_lock.c +0 -53
- data/vendor/ring/crypto/refcount_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/refcount_test.c +0 -58
- data/vendor/ring/crypto/rsa/blinding.c +0 -462
- data/vendor/ring/crypto/rsa/internal.h +0 -108
- data/vendor/ring/crypto/rsa/padding.c +0 -300
- data/vendor/ring/crypto/rsa/rsa.c +0 -450
- data/vendor/ring/crypto/rsa/rsa_asn1.c +0 -261
- data/vendor/ring/crypto/rsa/rsa_impl.c +0 -944
- data/vendor/ring/crypto/rsa/rsa_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/rsa/rsa_test.cc +0 -437
- data/vendor/ring/crypto/sha/asm/sha-armv8.pl +0 -436
- data/vendor/ring/crypto/sha/asm/sha-x86_64.pl +0 -2390
- data/vendor/ring/crypto/sha/asm/sha256-586.pl +0 -1275
- data/vendor/ring/crypto/sha/asm/sha256-armv4.pl +0 -735
- data/vendor/ring/crypto/sha/asm/sha256-armv8.pl +0 -14
- data/vendor/ring/crypto/sha/asm/sha256-x86_64.pl +0 -14
- data/vendor/ring/crypto/sha/asm/sha512-586.pl +0 -911
- data/vendor/ring/crypto/sha/asm/sha512-armv4.pl +0 -666
- data/vendor/ring/crypto/sha/asm/sha512-armv8.pl +0 -14
- data/vendor/ring/crypto/sha/asm/sha512-x86_64.pl +0 -14
- data/vendor/ring/crypto/sha/sha1.c +0 -271
- data/vendor/ring/crypto/sha/sha256.c +0 -204
- data/vendor/ring/crypto/sha/sha512.c +0 -355
- data/vendor/ring/crypto/test/file_test.cc +0 -326
- data/vendor/ring/crypto/test/file_test.h +0 -181
- data/vendor/ring/crypto/test/malloc.cc +0 -150
- data/vendor/ring/crypto/test/scoped_types.h +0 -95
- data/vendor/ring/crypto/test/test.Windows.vcxproj +0 -35
- data/vendor/ring/crypto/test/test_util.cc +0 -46
- data/vendor/ring/crypto/test/test_util.h +0 -41
- data/vendor/ring/crypto/thread_none.c +0 -55
- data/vendor/ring/crypto/thread_pthread.c +0 -165
- data/vendor/ring/crypto/thread_test.Windows.vcxproj +0 -25
- data/vendor/ring/crypto/thread_test.c +0 -200
- data/vendor/ring/crypto/thread_win.c +0 -282
- data/vendor/ring/examples/checkdigest.rs +0 -103
- data/vendor/ring/include/openssl/aes.h +0 -121
- data/vendor/ring/include/openssl/arm_arch.h +0 -129
- data/vendor/ring/include/openssl/base.h +0 -156
- data/vendor/ring/include/openssl/bn.h +0 -794
- data/vendor/ring/include/openssl/buffer.h +0 -18
- data/vendor/ring/include/openssl/bytestring.h +0 -235
- data/vendor/ring/include/openssl/chacha.h +0 -37
- data/vendor/ring/include/openssl/cmac.h +0 -76
- data/vendor/ring/include/openssl/cpu.h +0 -184
- data/vendor/ring/include/openssl/crypto.h +0 -43
- data/vendor/ring/include/openssl/curve25519.h +0 -88
- data/vendor/ring/include/openssl/ec.h +0 -225
- data/vendor/ring/include/openssl/ec_key.h +0 -129
- data/vendor/ring/include/openssl/ecdh.h +0 -110
- data/vendor/ring/include/openssl/ecdsa.h +0 -156
- data/vendor/ring/include/openssl/err.h +0 -201
- data/vendor/ring/include/openssl/mem.h +0 -101
- data/vendor/ring/include/openssl/obj_mac.h +0 -71
- data/vendor/ring/include/openssl/opensslfeatures.h +0 -68
- data/vendor/ring/include/openssl/opensslv.h +0 -18
- data/vendor/ring/include/openssl/ossl_typ.h +0 -18
- data/vendor/ring/include/openssl/poly1305.h +0 -51
- data/vendor/ring/include/openssl/rand.h +0 -70
- data/vendor/ring/include/openssl/rsa.h +0 -399
- data/vendor/ring/include/openssl/thread.h +0 -133
- data/vendor/ring/include/openssl/type_check.h +0 -71
- data/vendor/ring/mk/Common.props +0 -63
- data/vendor/ring/mk/Windows.props +0 -42
- data/vendor/ring/mk/WindowsTest.props +0 -18
- data/vendor/ring/mk/appveyor.bat +0 -62
- data/vendor/ring/mk/bottom_of_makefile.mk +0 -54
- data/vendor/ring/mk/ring.mk +0 -266
- data/vendor/ring/mk/top_of_makefile.mk +0 -214
- data/vendor/ring/mk/travis.sh +0 -40
- data/vendor/ring/mk/update-travis-yml.py +0 -229
- data/vendor/ring/ring.sln +0 -153
- data/vendor/ring/src/aead.rs +0 -682
- data/vendor/ring/src/agreement.rs +0 -248
- data/vendor/ring/src/c.rs +0 -129
- data/vendor/ring/src/constant_time.rs +0 -37
- data/vendor/ring/src/der.rs +0 -96
- data/vendor/ring/src/digest.rs +0 -690
- data/vendor/ring/src/digest_tests.txt +0 -57
- data/vendor/ring/src/ecc.rs +0 -28
- data/vendor/ring/src/ecc_build.rs +0 -279
- data/vendor/ring/src/ecc_curves.rs +0 -117
- data/vendor/ring/src/ed25519_tests.txt +0 -2579
- data/vendor/ring/src/exe_tests.rs +0 -46
- data/vendor/ring/src/ffi.rs +0 -29
- data/vendor/ring/src/file_test.rs +0 -187
- data/vendor/ring/src/hkdf.rs +0 -153
- data/vendor/ring/src/hkdf_tests.txt +0 -59
- data/vendor/ring/src/hmac.rs +0 -414
- data/vendor/ring/src/hmac_tests.txt +0 -97
- data/vendor/ring/src/input.rs +0 -312
- data/vendor/ring/src/lib.rs +0 -41
- data/vendor/ring/src/pbkdf2.rs +0 -265
- data/vendor/ring/src/pbkdf2_tests.txt +0 -113
- data/vendor/ring/src/polyfill.rs +0 -57
- data/vendor/ring/src/rand.rs +0 -28
- data/vendor/ring/src/signature.rs +0 -314
- data/vendor/ring/third-party/NIST/README.md +0 -9
- data/vendor/ring/third-party/NIST/SHAVS/SHA1LongMsg.rsp +0 -263
- data/vendor/ring/third-party/NIST/SHAVS/SHA1Monte.rsp +0 -309
- data/vendor/ring/third-party/NIST/SHAVS/SHA1ShortMsg.rsp +0 -267
- data/vendor/ring/third-party/NIST/SHAVS/SHA224LongMsg.rsp +0 -263
- data/vendor/ring/third-party/NIST/SHAVS/SHA224Monte.rsp +0 -309
- data/vendor/ring/third-party/NIST/SHAVS/SHA224ShortMsg.rsp +0 -267
- data/vendor/ring/third-party/NIST/SHAVS/SHA256LongMsg.rsp +0 -263
- data/vendor/ring/third-party/NIST/SHAVS/SHA256Monte.rsp +0 -309
- data/vendor/ring/third-party/NIST/SHAVS/SHA256ShortMsg.rsp +0 -267
- data/vendor/ring/third-party/NIST/SHAVS/SHA384LongMsg.rsp +0 -519
- data/vendor/ring/third-party/NIST/SHAVS/SHA384Monte.rsp +0 -309
- data/vendor/ring/third-party/NIST/SHAVS/SHA384ShortMsg.rsp +0 -523
- data/vendor/ring/third-party/NIST/SHAVS/SHA512LongMsg.rsp +0 -519
- data/vendor/ring/third-party/NIST/SHAVS/SHA512Monte.rsp +0 -309
- data/vendor/ring/third-party/NIST/SHAVS/SHA512ShortMsg.rsp +0 -523
- data/vendor/ring/third-party/NIST/sha256sums.txt +0 -1
data/vendor/ring/src/hmac.rs
DELETED
@@ -1,414 +0,0 @@
|
|
1
|
-
// Copyright 2015 Brian Smith.
|
2
|
-
//
|
3
|
-
// Permission to use, copy, modify, and/or distribute this software for any
|
4
|
-
// purpose with or without fee is hereby granted, provided that the above
|
5
|
-
// copyright notice and this permission notice appear in all copies.
|
6
|
-
//
|
7
|
-
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
|
8
|
-
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
-
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
|
10
|
-
// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
-
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
12
|
-
// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
13
|
-
// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
14
|
-
|
15
|
-
//! HMAC is specified in [RFC 2104](https://tools.ietf.org/html/rfc2104).
|
16
|
-
//!
|
17
|
-
//! After a `SigningKey` or `VerificationKey` is constructed, it can be used
|
18
|
-
//! for multiple signing or verification operations. Separating the
|
19
|
-
//! construction of the key from the rest of the HMAC operation allows the
|
20
|
-
//! per-key precomputation to be done only once, instead of it being done in
|
21
|
-
//! every HMAC operation.
|
22
|
-
//!
|
23
|
-
//! Frequently all the data to be signed in a message is available in a single
|
24
|
-
//! contiguous piece. In that case, the module-level `sign` function can be
|
25
|
-
//! used. Otherwise, if the input is in multiple parts, `SigningContext` should
|
26
|
-
//! be used.
|
27
|
-
//!
|
28
|
-
//! # Use Case: Multi-party Communication
|
29
|
-
//!
|
30
|
-
//! Examples: TLS, SSH, and IPSEC record/packet authentication.
|
31
|
-
//!
|
32
|
-
//! The key that is used to sign messages to send to other parties should be a
|
33
|
-
//! `SigningKey`; `SigningContext` or `sign` should be used for the signing.
|
34
|
-
//! Each key that is used to authenticate messages received from peers should
|
35
|
-
//! be a `VerificationKey`; `verify` should be used for the authentication. All
|
36
|
-
//! of the keys should have distinct, independent, values.
|
37
|
-
//!
|
38
|
-
//! # Use Case: One-party Anti-tampering Protection
|
39
|
-
//!
|
40
|
-
//! Examples: Signed cookies, stateless CSRF protection.
|
41
|
-
//!
|
42
|
-
//! The key that is used to sign the data should be a `SigningKey`;
|
43
|
-
//! `SigningContext` or `sign` should be used for the signing. Use
|
44
|
-
//! `verify_with_own_key` to verify the signature using the signing key; this
|
45
|
-
//! is equivalent to, but more efficient than, constructing a `VerificationKey`
|
46
|
-
//! with the same value as the signing key and then calling `verify`.
|
47
|
-
//!
|
48
|
-
//! # Use Case: Key Derivation and Password Hashing
|
49
|
-
//!
|
50
|
-
//! Examples: HKDF, PBKDF2, the TLS PRF.
|
51
|
-
//!
|
52
|
-
//! All keys used during the key derivation should be `SigningKey`s;
|
53
|
-
//! `SigningContext` should usually be used for the HMAC calculations. The
|
54
|
-
//! [code for `ring::pbkdf2`](https://github.com/briansmith/ring/blob/master/src/pbkdf2.rs)
|
55
|
-
//! and the
|
56
|
-
//! [code for `ring::hkdf`](https://github.com/briansmith/ring/blob/master/src/hkdf.rs)
|
57
|
-
//! are good examples of how to use `ring::hmac` efficiently for key derivation.
|
58
|
-
//!
|
59
|
-
//! # Examples:
|
60
|
-
//!
|
61
|
-
//! ## Signing a value and verifying it wasn't tampered with
|
62
|
-
//!
|
63
|
-
//! ```
|
64
|
-
//! use ring::{digest, hmac};
|
65
|
-
//!
|
66
|
-
//! # fn main_with_result() -> Result<(), ()> {
|
67
|
-
//! let key = try!(hmac::SigningKey::generate(&digest::SHA256));
|
68
|
-
//!
|
69
|
-
//! let msg = "hello, world";
|
70
|
-
//!
|
71
|
-
//! let signature = hmac::sign(&key, msg.as_bytes());
|
72
|
-
//!
|
73
|
-
//! // [We give access to the message to an untrusted party, and they give it
|
74
|
-
//! // back to us. We need to verify they didn't tamper with it.]
|
75
|
-
//!
|
76
|
-
//! try!(hmac::verify_with_own_key(&key, msg.as_bytes(), signature.as_ref()));
|
77
|
-
//! #
|
78
|
-
//! # Ok(())
|
79
|
-
//! # }
|
80
|
-
//! #
|
81
|
-
//! # fn main() { main_with_result().unwrap() }
|
82
|
-
//! ```
|
83
|
-
//!
|
84
|
-
//! ## Using the one-shot API:
|
85
|
-
//!
|
86
|
-
//! ```
|
87
|
-
//! use ring::{digest, hmac, rand};
|
88
|
-
//!
|
89
|
-
//! # fn main_with_result() -> Result<(), ()> {
|
90
|
-
//! let msg = "hello, world";
|
91
|
-
//!
|
92
|
-
//! // The sender generates a secure key value and signs the message with it.
|
93
|
-
//! // Note that it is better to use `SigningKey::generate` to generate the key
|
94
|
-
//! // when practical.
|
95
|
-
//! let mut key_value = [0u8; 32];
|
96
|
-
//! try!(rand::fill_secure_random(&mut key_value));
|
97
|
-
//!
|
98
|
-
//! let s_key = hmac::SigningKey::new(&digest::SHA256, key_value.as_ref());
|
99
|
-
//! let signature = hmac::sign(&s_key, msg.as_bytes());
|
100
|
-
//!
|
101
|
-
//! // The receiver (somehow!) knows the key value, and uses it to verify the
|
102
|
-
//! // integrity of the message.
|
103
|
-
//! let v_key = hmac::VerificationKey::new(&digest::SHA256, key_value.as_ref());
|
104
|
-
//! try!(hmac::verify(&v_key, msg.as_bytes(), signature.as_ref()));
|
105
|
-
//! #
|
106
|
-
//! # Ok(())
|
107
|
-
//! # }
|
108
|
-
//! #
|
109
|
-
//! # fn main() { main_with_result().unwrap() }
|
110
|
-
//! ```
|
111
|
-
//!
|
112
|
-
//! ## Using the multi-part API:
|
113
|
-
//! ```
|
114
|
-
//! use ring::{digest, hmac, rand};
|
115
|
-
//!
|
116
|
-
//! # fn main_with_result() -> Result<(), ()> {
|
117
|
-
//! let parts = ["hello", ", ", "world"];
|
118
|
-
//!
|
119
|
-
//! // The sender generates a secure key value and signs the message with it.
|
120
|
-
//! // Note that it is better to use `SigningKey::generate` to generate the key
|
121
|
-
//! // when practical.
|
122
|
-
//! let mut key_value = [0u8; 48];
|
123
|
-
//! try!(rand::fill_secure_random(&mut key_value));
|
124
|
-
//!
|
125
|
-
//! let s_key = hmac::SigningKey::new(&digest::SHA384, key_value.as_ref());
|
126
|
-
//! let mut s_ctx = hmac::SigningContext::with_key(&s_key);
|
127
|
-
//! for part in &parts {
|
128
|
-
//! s_ctx.update(part.as_bytes());
|
129
|
-
//! }
|
130
|
-
//! let signature = s_ctx.sign();
|
131
|
-
//!
|
132
|
-
//! // The receiver (somehow!) knows the key value, and uses it to verify the
|
133
|
-
//! // integrity of the message.
|
134
|
-
//! let v_key = hmac::VerificationKey::new(&digest::SHA384, key_value.as_ref());
|
135
|
-
//! let mut msg = Vec::<u8>::new();
|
136
|
-
//! for part in &parts {
|
137
|
-
//! msg.extend(part.as_bytes());
|
138
|
-
//! }
|
139
|
-
//! try!(hmac::verify(&v_key, &msg.as_ref(), signature.as_ref()));
|
140
|
-
//! #
|
141
|
-
//! # Ok(())
|
142
|
-
//! # }
|
143
|
-
//! #
|
144
|
-
//! # fn main() { main_with_result().unwrap() }
|
145
|
-
//! ```
|
146
|
-
|
147
|
-
use super::{constant_time, digest, rand};
|
148
|
-
|
149
|
-
/// A key to use for HMAC signing.
|
150
|
-
pub struct SigningKey {
|
151
|
-
ctx_prototype: SigningContext,
|
152
|
-
}
|
153
|
-
|
154
|
-
impl SigningKey {
|
155
|
-
/// Generate an HMAC signing key for the given digest algorithm using
|
156
|
-
/// |ring::rand|. The key will be `digest_alg.chaining_len` bytes long. The
|
157
|
-
/// key size choice is based on the recommendation of
|
158
|
-
/// [NIST SP 800-107, Section 5.3.4: Security Effect of the HMAC Key](http://csrc.nist.gov/publications/nistpubs/800-107-rev1/sp800-107-rev1.pdf)
|
159
|
-
/// and is consistent with the key lengths chosen for TLS as described in
|
160
|
-
/// [RFC 5246, Appendix C](https://tools.ietf.org/html/rfc5246#appendix-C).
|
161
|
-
pub fn generate(digest_alg: &'static digest::Algorithm)
|
162
|
-
-> Result<SigningKey, ()> {
|
163
|
-
// XXX: There should probably be a `digest::MAX_CHAINING_LEN`, but for
|
164
|
-
// now `digest::MAX_OUTPUT_LEN` is good enough.
|
165
|
-
let mut key_data = [0u8; digest::MAX_OUTPUT_LEN];
|
166
|
-
let key_data = &mut key_data[0..digest_alg.output_len];
|
167
|
-
try!(rand::fill_secure_random(key_data));
|
168
|
-
Ok(SigningKey::new(digest_alg, key_data))
|
169
|
-
}
|
170
|
-
|
171
|
-
/// Construct an HMAC signing key using the given digest algorithm and key
|
172
|
-
/// value.
|
173
|
-
///
|
174
|
-
/// As specified in RFC 2104, if `key_value` is shorter than the digest
|
175
|
-
/// algorithm's block length (as returned by `digest::Algorithm::block_len`,
|
176
|
-
/// not the digest length returned by `digest::Algorithm::output_len`) then
|
177
|
-
/// it will be padded with zeros. Similarly, if it is longer than the block
|
178
|
-
/// length then it will be compressed using the digest algorithm.
|
179
|
-
///
|
180
|
-
/// You should not use keys larger than the `digest_alg.block_len` because
|
181
|
-
/// the truncation described above reduces their strength to only
|
182
|
-
/// `digest_alg.output_len * 8` bits. Support for such keys is likely to be
|
183
|
-
/// removed in a future version of *ring*.
|
184
|
-
pub fn new(digest_alg: &'static digest::Algorithm, key_value: &[u8])
|
185
|
-
-> SigningKey {
|
186
|
-
let mut key = SigningKey {
|
187
|
-
ctx_prototype: SigningContext {
|
188
|
-
inner: digest::Context::new(digest_alg),
|
189
|
-
outer: digest::Context::new(digest_alg)
|
190
|
-
},
|
191
|
-
};
|
192
|
-
|
193
|
-
let key_hash;
|
194
|
-
let key_value = if key_value.len() <= digest_alg.block_len {
|
195
|
-
key_value
|
196
|
-
} else {
|
197
|
-
key_hash = digest::digest(digest_alg, key_value);
|
198
|
-
key_hash.as_ref()
|
199
|
-
};
|
200
|
-
|
201
|
-
const IPAD: u8 = 0x36;
|
202
|
-
const OPAD: u8 = 0x5C;
|
203
|
-
|
204
|
-
for b in key_value {
|
205
|
-
key.ctx_prototype.inner.update(&[IPAD ^ b]);
|
206
|
-
key.ctx_prototype.outer.update(&[OPAD ^ b]);
|
207
|
-
}
|
208
|
-
|
209
|
-
// If the key is shorter than one block then act as though the key is
|
210
|
-
// padded with zeros.
|
211
|
-
for _ in key_value.len()..digest_alg.block_len {
|
212
|
-
key.ctx_prototype.inner.update(&[IPAD]);
|
213
|
-
key.ctx_prototype.outer.update(&[OPAD]);
|
214
|
-
}
|
215
|
-
|
216
|
-
key
|
217
|
-
}
|
218
|
-
|
219
|
-
pub fn digest_algorithm(&self) -> &'static digest::Algorithm {
|
220
|
-
self.ctx_prototype.inner.algorithm()
|
221
|
-
}
|
222
|
-
}
|
223
|
-
|
224
|
-
/// A context for multi-step (Init-Update-Finish) HMAC signing.
|
225
|
-
///
|
226
|
-
/// Use `sign` for single-step HMAC signing.
|
227
|
-
///
|
228
|
-
/// C analog: `HMAC_CTX`.
|
229
|
-
pub struct SigningContext {
|
230
|
-
inner: digest::Context,
|
231
|
-
outer: digest::Context,
|
232
|
-
}
|
233
|
-
|
234
|
-
impl SigningContext {
|
235
|
-
/// Constructs a new HMAC signing context using the given digest algorithm
|
236
|
-
/// and key.
|
237
|
-
///
|
238
|
-
/// C analog: `HMAC_CTX_init`
|
239
|
-
pub fn with_key(signing_key: &SigningKey) -> SigningContext {
|
240
|
-
SigningContext {
|
241
|
-
inner: signing_key.ctx_prototype.inner.clone(),
|
242
|
-
outer: signing_key.ctx_prototype.outer.clone(),
|
243
|
-
}
|
244
|
-
}
|
245
|
-
|
246
|
-
/// Updates the HMAC with all the data in `data`. `update` may be called
|
247
|
-
/// zero or more times until `finish` is called.
|
248
|
-
///
|
249
|
-
/// C analog: `HMAC_Update`
|
250
|
-
pub fn update(&mut self, data: &[u8]) {
|
251
|
-
self.inner.update(data);
|
252
|
-
}
|
253
|
-
|
254
|
-
/// Finalizes the HMAC calculation and returns the HMAC value. `sign`
|
255
|
-
/// consumes the context so it cannot be (mis-)used after `sign` has been
|
256
|
-
/// called.
|
257
|
-
///
|
258
|
-
/// It is generally not safe to implement HMAC verification by comparing
|
259
|
-
// the return value of `sign` to a signature. Use `verify` for verification
|
260
|
-
// instead.
|
261
|
-
///
|
262
|
-
/// C analog: `HMAC_Final`
|
263
|
-
pub fn sign(mut self) -> digest::Digest {
|
264
|
-
self.outer.update(self.inner.finish().as_ref());
|
265
|
-
self.outer.finish()
|
266
|
-
}
|
267
|
-
}
|
268
|
-
|
269
|
-
/// Calculates the HMAC of `data` using the key `key` in one step.
|
270
|
-
///
|
271
|
-
/// Use `SignignContext` to calculate HMACs where the input is in multiple
|
272
|
-
/// parts.
|
273
|
-
///
|
274
|
-
/// It is generally not safe to implement HMAC verification by comparing the
|
275
|
-
/// return value of `sign` to a signature. Use `verify` for verification
|
276
|
-
/// instead.
|
277
|
-
///
|
278
|
-
/// C analog: `HMAC_CTX_init` + `HMAC_Update` + `HMAC_Final`.
|
279
|
-
pub fn sign(key: &SigningKey, data: &[u8]) -> digest::Digest {
|
280
|
-
let mut ctx = SigningContext::with_key(key);
|
281
|
-
ctx.update(data);
|
282
|
-
ctx.sign()
|
283
|
-
}
|
284
|
-
|
285
|
-
/// A key to use for HMAC authentication.
|
286
|
-
pub struct VerificationKey {
|
287
|
-
wrapped: SigningKey
|
288
|
-
}
|
289
|
-
|
290
|
-
impl VerificationKey {
|
291
|
-
/// Construct an HMAC verification key using the given digest algorithm and
|
292
|
-
/// key value.
|
293
|
-
///
|
294
|
-
/// As specified in RFC 2104, if `key_value` is shorter than the digest
|
295
|
-
/// algorithm's block length (as returned by `digest::Algorithm::block_len`,
|
296
|
-
/// not the digest length returned by `digest::Algorithm::output_len`) then
|
297
|
-
/// it will be padded with zeros. Similarly, if it is longer than the block
|
298
|
-
/// length then it will be compressed using the digest algorithm.
|
299
|
-
#[inline(always)]
|
300
|
-
pub fn new(digest_alg: &'static digest::Algorithm, key_value: &[u8])
|
301
|
-
-> VerificationKey {
|
302
|
-
VerificationKey { wrapped: SigningKey::new(digest_alg, key_value) }
|
303
|
-
}
|
304
|
-
}
|
305
|
-
|
306
|
-
/// Calculates the HMAC of `data` using the key `key`, and verifies whether the
|
307
|
-
/// resultant value equals `signature`, in one step.
|
308
|
-
///
|
309
|
-
/// The verification will be done in constant time to prevent timing attacks.
|
310
|
-
///
|
311
|
-
/// C analog: `HMAC_Init` + `HMAC_Update` + `HMAC_Final` + `CRYPTO_memcmp`
|
312
|
-
#[inline(always)]
|
313
|
-
pub fn verify(key: &VerificationKey, data: &[u8], signature: &[u8])
|
314
|
-
-> Result<(), ()> {
|
315
|
-
verify_with_own_key(&key.wrapped, data, signature)
|
316
|
-
}
|
317
|
-
|
318
|
-
/// Calculates the HMAC of `data` using the signing key `key`, and verifies
|
319
|
-
/// whether the resultant value equals `signature`, in one step.
|
320
|
-
///
|
321
|
-
/// This is logically equivalent to, but more efficient than, constructing a
|
322
|
-
/// `VerificationKey` with the same value as `key` and then using `verify`.
|
323
|
-
///
|
324
|
-
/// The verification will be done in constant time to prevent timing attacks.
|
325
|
-
///
|
326
|
-
/// C analog: `HMAC_Init` + `HMAC_Update` + `HMAC_Final` + `CRYPTO_memcmp`
|
327
|
-
pub fn verify_with_own_key(key: &SigningKey, data: &[u8], signature: &[u8])
|
328
|
-
-> Result<(), ()> {
|
329
|
-
constant_time::verify_slices_are_equal(sign(&key, data).as_ref(), signature)
|
330
|
-
}
|
331
|
-
|
332
|
-
#[cfg(test)]
|
333
|
-
mod tests {
|
334
|
-
use super::super::{digest, file_test, hmac};
|
335
|
-
|
336
|
-
// Make sure that `SigningKey::generate` and `verify_with_own_key` aren't
|
337
|
-
// completely wacky.
|
338
|
-
#[test]
|
339
|
-
pub fn hmac_signing_key_coverage() {
|
340
|
-
const HELLO_WORLD_GOOD: &'static [u8] = b"hello, world";
|
341
|
-
const HELLO_WORLD_BAD: &'static [u8] = b"hello, worle";
|
342
|
-
|
343
|
-
for d in &digest::test_util::ALL_ALGORITHMS {
|
344
|
-
let key = hmac::SigningKey::generate(d).unwrap();
|
345
|
-
let signature = hmac::sign(&key, HELLO_WORLD_GOOD);
|
346
|
-
assert!(hmac::verify_with_own_key(&key, HELLO_WORLD_GOOD,
|
347
|
-
signature.as_ref()).is_ok());
|
348
|
-
assert!(hmac::verify_with_own_key(&key, HELLO_WORLD_BAD,
|
349
|
-
signature.as_ref()).is_err())
|
350
|
-
}
|
351
|
-
}
|
352
|
-
|
353
|
-
#[test]
|
354
|
-
pub fn hmac_tests() {
|
355
|
-
file_test::run("src/hmac_tests.txt", |section, test_case| {
|
356
|
-
assert_eq!(section, "");
|
357
|
-
let digest_alg = test_case.consume_digest_alg("HMAC");
|
358
|
-
let key_value = test_case.consume_bytes("Key");
|
359
|
-
let mut input = test_case.consume_bytes("Input");
|
360
|
-
let output = test_case.consume_bytes("Output");
|
361
|
-
|
362
|
-
let digest_alg = match digest_alg {
|
363
|
-
Some(digest_alg) => digest_alg,
|
364
|
-
None => { return; } // Unsupported digest algorithm
|
365
|
-
};
|
366
|
-
|
367
|
-
hmac_test_case_inner(digest_alg, &key_value[..], &input[..],
|
368
|
-
&output[..], true);
|
369
|
-
|
370
|
-
// Tamper with the input and check that verification fails.
|
371
|
-
if input.len() == 0 {
|
372
|
-
input.push(0);
|
373
|
-
} else {
|
374
|
-
input[0] ^= 1;
|
375
|
-
}
|
376
|
-
|
377
|
-
hmac_test_case_inner(digest_alg, &key_value[..], &input[..],
|
378
|
-
&output[..], false);
|
379
|
-
});
|
380
|
-
}
|
381
|
-
|
382
|
-
fn hmac_test_case_inner(digest_alg: &'static digest::Algorithm,
|
383
|
-
key_value: &[u8], input: &[u8], output: &[u8],
|
384
|
-
is_ok: bool) {
|
385
|
-
|
386
|
-
let s_key = hmac::SigningKey::new(digest_alg, key_value);
|
387
|
-
let v_key = hmac::VerificationKey::new(digest_alg, key_value);
|
388
|
-
|
389
|
-
// One-shot API.
|
390
|
-
{
|
391
|
-
let signature = hmac::sign(&s_key, input);
|
392
|
-
assert_eq!(is_ok, signature.as_ref() == output);
|
393
|
-
assert_eq!(is_ok, hmac::verify(&v_key, input, output).is_ok());
|
394
|
-
}
|
395
|
-
|
396
|
-
// Multi-part API, one single part.
|
397
|
-
{
|
398
|
-
let mut s_ctx = hmac::SigningContext::with_key(&s_key);
|
399
|
-
s_ctx.update(input);
|
400
|
-
let signature = s_ctx.sign();
|
401
|
-
assert_eq!(is_ok, signature.as_ref() == output);
|
402
|
-
}
|
403
|
-
|
404
|
-
// Multi-part API, byte by byte.
|
405
|
-
{
|
406
|
-
let mut s_ctx = hmac::SigningContext::with_key(&s_key);
|
407
|
-
for b in input {
|
408
|
-
s_ctx.update(&[*b]);
|
409
|
-
}
|
410
|
-
let signature = s_ctx.sign();
|
411
|
-
assert_eq!(is_ok, signature.as_ref() == output);
|
412
|
-
}
|
413
|
-
}
|
414
|
-
}
|
@@ -1,97 +0,0 @@
|
|
1
|
-
# HMAC tests from NIST test data
|
2
|
-
|
3
|
-
HMAC = SHA1
|
4
|
-
Input = "Sample message for keylen=blocklen"
|
5
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
|
6
|
-
Output = 5FD596EE78D5553C8FF4E72D266DFD192366DA29
|
7
|
-
|
8
|
-
HMAC = SHA1
|
9
|
-
Input = "Sample message for keylen<blocklen"
|
10
|
-
Key = 000102030405060708090A0B0C0D0E0F10111213
|
11
|
-
Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
|
12
|
-
|
13
|
-
HMAC = SHA1
|
14
|
-
Input = "Sample message for keylen=blocklen"
|
15
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
|
16
|
-
Output = 2D51B2F7750E410584662E38F133435F4C4FD42A
|
17
|
-
|
18
|
-
HMAC = SHA224
|
19
|
-
Input = "Sample message for keylen=blocklen"
|
20
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
|
21
|
-
Output = C7405E3AE058E8CD30B08B4140248581ED174CB34E1224BCC1EFC81B
|
22
|
-
|
23
|
-
HMAC = SHA224
|
24
|
-
Input = "Sample message for keylen<blocklen"
|
25
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B
|
26
|
-
Output = E3D249A8CFB67EF8B7A169E9A0A599714A2CECBA65999A51BEB8FBBE
|
27
|
-
|
28
|
-
HMAC = SHA224
|
29
|
-
Input = "Sample message for keylen=blocklen"
|
30
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
|
31
|
-
Output = 91C52509E5AF8531601AE6230099D90BEF88AAEFB961F4080ABC014D
|
32
|
-
|
33
|
-
HMAC = SHA256
|
34
|
-
Input = "Sample message for keylen=blocklen"
|
35
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
|
36
|
-
Output = 8BB9A1DB9806F20DF7F77B82138C7914D174D59E13DC4D0169C9057B133E1D62
|
37
|
-
|
38
|
-
HMAC = SHA256
|
39
|
-
Input = "Sample message for keylen<blocklen"
|
40
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
|
41
|
-
Output = A28CF43130EE696A98F14A37678B56BCFCBDD9E5CF69717FECF5480F0EBDF790
|
42
|
-
|
43
|
-
HMAC = SHA256
|
44
|
-
Input = "Sample message for keylen=blocklen"
|
45
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
|
46
|
-
Output = BDCCB6C72DDEADB500AE768386CB38CC41C63DBB0878DDB9C7A38A431B78378D
|
47
|
-
|
48
|
-
HMAC = SHA384
|
49
|
-
Input = "Sample message for keylen=blocklen"
|
50
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
|
51
|
-
Output = 63C5DAA5E651847CA897C95814AB830BEDEDC7D25E83EEF9195CD45857A37F448947858F5AF50CC2B1B730DDF29671A9
|
52
|
-
|
53
|
-
HMAC = SHA384
|
54
|
-
Input = "Sample message for keylen<blocklen"
|
55
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F
|
56
|
-
Output = 6EB242BDBB582CA17BEBFA481B1E23211464D2B7F8C20B9FF2201637B93646AF5AE9AC316E98DB45D9CAE773675EEED0
|
57
|
-
|
58
|
-
HMAC = SHA384
|
59
|
-
Input = "Sample message for keylen=blocklen"
|
60
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
|
61
|
-
Output = 5B664436DF69B0CA22551231A3F0A3D5B4F97991713CFA84BFF4D0792EFF96C27DCCBBB6F79B65D548B40E8564CEF594
|
62
|
-
|
63
|
-
HMAC = SHA512
|
64
|
-
Input = "Sample message for keylen=blocklen"
|
65
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
|
66
|
-
Output = FC25E240658CA785B7A811A8D3F7B4CA48CFA26A8A366BF2CD1F836B05FCB024BD36853081811D6CEA4216EBAD79DA1CFCB95EA4586B8A0CE356596A55FB1347
|
67
|
-
|
68
|
-
HMAC = SHA512
|
69
|
-
Input = "Sample message for keylen<blocklen"
|
70
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
|
71
|
-
Output = FD44C18BDA0BB0A6CE0E82B031BF2818F6539BD56EC00BDC10A8A2D730B3634DE2545D639B0F2CF710D0692C72A1896F1F211C2B922D1A96C392E07E7EA9FEDC
|
72
|
-
|
73
|
-
HMAC = SHA512
|
74
|
-
Input = "Sample message for keylen=blocklen"
|
75
|
-
Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
|
76
|
-
Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3
|
77
|
-
|
78
|
-
# Additional HMAC tests from OpenSSL.
|
79
|
-
HMAC = SHA1
|
80
|
-
Input = "My test data"
|
81
|
-
Key = ""
|
82
|
-
Output = 61afdecb95429ef494d61fdee15990cabf0826fc
|
83
|
-
|
84
|
-
HMAC = SHA256
|
85
|
-
Input = "My test data"
|
86
|
-
Key = ""
|
87
|
-
Output = 2274b195d90ce8e03406f4b526a47e0787a88a65479938f1a5baa3ce0f079776
|
88
|
-
|
89
|
-
HMAC = SHA256
|
90
|
-
Input = "My test data"
|
91
|
-
Key = "123456"
|
92
|
-
Output = bab53058ae861a7f191abe2d0145cbb123776a6369ee3f9d79ce455667e411dd
|
93
|
-
|
94
|
-
HMAC = SHA1
|
95
|
-
Input = "My test data"
|
96
|
-
Key = "12345"
|
97
|
-
Output = 7dbe8c764c068e3bcd6e6b0fbcd5e6fc197b15bb
|