@brix-crypto/crypto-js 0.0.1-security → 4.2.3

package/test/des-test.js

@@ -0,0 +1,104 @@
+YUI.add('algo-des-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'DES',
+
+        testEncrypt1: function () {
+            Y.Assert.areEqual('95a8d72813daa94d', C.DES.encrypt(C.enc.Hex.parse('0000000000000000'), C.enc.Hex.parse('8000000000000000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt2: function () {
+            Y.Assert.areEqual('1de5279dae3bed6f', C.DES.encrypt(C.enc.Hex.parse('0000000000000000'), C.enc.Hex.parse('0000000000002000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt3: function () {
+            Y.Assert.areEqual('1d1ca853ae7c0c5f', C.DES.encrypt(C.enc.Hex.parse('0000000000002000'), C.enc.Hex.parse('0000000000000000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt4: function () {
+            Y.Assert.areEqual('ac978c247863388f', C.DES.encrypt(C.enc.Hex.parse('3232323232323232'), C.enc.Hex.parse('3232323232323232'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt5: function () {
+            Y.Assert.areEqual('3af1703d76442789', C.DES.encrypt(C.enc.Hex.parse('6464646464646464'), C.enc.Hex.parse('6464646464646464'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testEncrypt6: function () {
+            Y.Assert.areEqual('a020003c5554f34c', C.DES.encrypt(C.enc.Hex.parse('9696969696969696'), C.enc.Hex.parse('9696969696969696'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+        },
+
+        testDecrypt1: function () {
+            Y.Assert.areEqual('0000000000000000', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('95a8d72813daa94d') }), C.enc.Hex.parse('8000000000000000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt2: function () {
+            Y.Assert.areEqual('0000000000000000', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('1de5279dae3bed6f') }), C.enc.Hex.parse('0000000000002000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt3: function () {
+            Y.Assert.areEqual('0000000000002000', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('1d1ca853ae7c0c5f') }), C.enc.Hex.parse('0000000000000000'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt4: function () {
+            Y.Assert.areEqual('3232323232323232', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('ac978c247863388f') }), C.enc.Hex.parse('3232323232323232'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt5: function () {
+            Y.Assert.areEqual('6464646464646464', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('3af1703d76442789') }), C.enc.Hex.parse('6464646464646464'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testDecrypt6: function () {
+            Y.Assert.areEqual('9696969696969696', C.DES.decrypt(C.lib.CipherParams.create({ ciphertext: C.enc.Hex.parse('a020003c5554f34c') }), C.enc.Hex.parse('9696969696969696'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+        },
+
+        testMultiPart: function () {
+            var des = C.algo.DES.createEncryptor(C.enc.Hex.parse('0123456789abcdef'), { mode: C.mode.ECB, padding: C.pad.NoPadding });
+            var ciphertext1 = des.process(C.enc.Hex.parse('001122334455'));
+            var ciphertext2 = des.process(C.enc.Hex.parse('66778899aa'));
+            var ciphertext3 = des.process(C.enc.Hex.parse('bbccddeeff'));
+            var ciphertext4 = des.finalize();
+
+            Y.Assert.areEqual(C.DES.encrypt(C.enc.Hex.parse('00112233445566778899aabbccddeeff'), C.enc.Hex.parse('0123456789abcdef'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString(), ciphertext1.concat(ciphertext2).concat(ciphertext3).concat(ciphertext4).toString());
+        },
+
+        testInputIntegrity: function () {
+            var message = C.enc.Hex.parse('00112233445566778899aabbccddeeff');
+            var key = C.enc.Hex.parse('0001020304050607');
+            var iv = C.enc.Hex.parse('08090a0b0c0d0e0f');
+
+            var expectedMessage = message.toString();
+            var expectedKey = key.toString();
+            var expectedIv = iv.toString();
+
+            C.DES.encrypt(message, key, { iv: iv });
+
+            Y.Assert.areEqual(expectedMessage, message.toString());
+            Y.Assert.areEqual(expectedKey, key.toString());
+            Y.Assert.areEqual(expectedIv, iv.toString());
+        },
+
+        testHelper: function () {
+            // Save original random method
+            var random = C.lib.WordArray.random;
+
+            // Replace random method with one that returns a predictable value
+            C.lib.WordArray.random = function (nBytes) {
+                var words = [];
+                for (var i = 0; i < nBytes; i += 4) {
+                    words.push([0x11223344]);
+                }
+
+                return C.lib.WordArray.create(words, nBytes);
+            };
+
+            // Test
+            Y.Assert.areEqual(C.algo.DES.createEncryptor(C.SHA256('Jefe'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).finalize('Hi There').toString(), C.DES.encrypt('Hi There', C.SHA256('Jefe'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).ciphertext.toString());
+            Y.Assert.areEqual(C.lib.SerializableCipher.encrypt(C.algo.DES, 'Hi There', C.SHA256('Jefe'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString(), C.DES.encrypt('Hi There', C.SHA256('Jefe'), { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+            Y.Assert.areEqual(C.lib.PasswordBasedCipher.encrypt(C.algo.DES, 'Hi There', 'Jefe', { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString(), C.DES.encrypt('Hi There', 'Jefe', { mode: C.mode.ECB, padding: C.pad.NoPadding }).toString());
+
+            // Restore random method
+            C.lib.WordArray.random = random;
+        }
+    }));
+}, '$Rev$');

package/test/enc-base64-test.js

@@ -0,0 +1,71 @@
+YUI.add('enc-base64-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Base64',
+
+        testStringify0: function () {
+            Y.Assert.areEqual('', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 0)));
+        },
+
+        testStringify1: function () {
+            Y.Assert.areEqual('Zg==', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 1)));
+        },
+
+        testStringify2: function () {
+            Y.Assert.areEqual('Zm8=', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 2)));
+        },
+
+        testStringify3: function () {
+            Y.Assert.areEqual('Zm9v', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 3)));
+        },
+
+        testStringify4: function () {
+            Y.Assert.areEqual('Zm9vYg==', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 4)));
+        },
+
+        testStringify5: function () {
+            Y.Assert.areEqual('Zm9vYmE=', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 5)));
+        },
+
+        testStringify6: function () {
+            Y.Assert.areEqual('Zm9vYmFy', C.enc.Base64.stringify(C.lib.WordArray.create([0x666f6f62, 0x61720000], 6)));
+        },
+
+        testStringify15: function () {
+            Y.Assert.areEqual('Pj4+Pz8/Pj4+Pz8/PS8r', C.enc.Base64.stringify(C.lib.WordArray.create([0x3e3e3e3f, 0x3f3f3e3e, 0x3e3f3f3f, 0x3d2f2b00], 15)));
+        },
+
+        testParse0: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 0).toString(), C.enc.Base64.parse('').toString());
+        },
+
+        testParse1: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 1).toString(), C.enc.Base64.parse('Zg==').toString());
+        },
+
+        testParse2: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 2).toString(), C.enc.Base64.parse('Zm8=').toString());
+        },
+
+        testParse3: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 3).toString(), C.enc.Base64.parse('Zm9v').toString());
+        },
+
+        testParse4: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 4).toString(), C.enc.Base64.parse('Zm9vYg==').toString());
+        },
+
+        testParse5: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 5).toString(), C.enc.Base64.parse('Zm9vYmE=').toString());
+        },
+
+        testParse6: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x666f6f62, 0x61720000], 6).toString(), C.enc.Base64.parse('Zm9vYmFy').toString());
+        },
+
+        testParse15: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x3e3e3e3f, 0x3f3f3e3e, 0x3e3f3f3f, 0x3d2f2b00], 15).toString(), C.enc.Base64.parse('Pj4+Pz8/Pj4+Pz8/PS8r').toString());
+        }
+    }));
+}, '$Rev$');

package/test/enc-hex-test.js

@@ -0,0 +1,15 @@
+YUI.add('enc-hex-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Hex',
+
+        testStringify: function () {
+            Y.Assert.areEqual('12345678', C.enc.Hex.stringify(C.lib.WordArray.create([0x12345678])));
+        },
+
+        testParse: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x12345678]).toString(), C.enc.Hex.parse('12345678').toString());
+        }
+    }));
+}, '$Rev$');

package/test/enc-latin1-test.js

@@ -0,0 +1,15 @@
+YUI.add('enc-latin1-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Latin1',
+
+        testStringify: function () {
+            Y.Assert.areEqual('\x12\x34\x56\x78', C.enc.Latin1.stringify(C.lib.WordArray.create([0x12345678])));
+        },
+
+        testParse: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x12345678]).toString(), C.enc.Latin1.parse('\x12\x34\x56\x78').toString());
+        }
+    }));
+}, '$Rev$');

package/test/enc-utf16-test.js

@@ -0,0 +1,55 @@
+YUI.add('enc-utf16-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Utf16',
+
+        testStringify1: function () {
+            Y.Assert.areEqual('z', C.enc.Utf16.stringify(C.lib.WordArray.create([0x007a0000], 2)));
+        },
+
+        testStringify2: function () {
+            Y.Assert.areEqual('水', C.enc.Utf16.stringify(C.lib.WordArray.create([0x6c340000], 2)));
+        },
+
+        testStringify3: function () {
+            Y.Assert.areEqual('𐀀', C.enc.Utf16.stringify(C.lib.WordArray.create([0xd800dc00], 4)));
+        },
+
+        testStringify4: function () {
+            Y.Assert.areEqual('𝄞', C.enc.Utf16.stringify(C.lib.WordArray.create([0xd834dd1e], 4)));
+        },
+
+        testStringify5: function () {
+            Y.Assert.areEqual('􏿽', C.enc.Utf16.stringify(C.lib.WordArray.create([0xdbffdffd], 4)));
+        },
+
+        testStringifyLE: function () {
+            Y.Assert.areEqual('􏿽', C.enc.Utf16LE.stringify(C.lib.WordArray.create([0xffdbfddf], 4)));
+        },
+
+        testParse1: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x007a0000], 2).toString(), C.enc.Utf16.parse('z').toString());
+        },
+
+        testParse2: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x6c340000], 2).toString(), C.enc.Utf16.parse('水').toString());
+        },
+
+        testParse3: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xd800dc00], 4).toString(), C.enc.Utf16.parse('𐀀').toString());
+        },
+
+        testParse4: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xd834dd1e], 4).toString(), C.enc.Utf16.parse('𝄞').toString());
+        },
+
+        testParse5: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xdbffdffd], 4).toString(), C.enc.Utf16.parse('􏿽').toString());
+        },
+
+        testParseLE: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xffdbfddf], 4).toString(), C.enc.Utf16LE.parse('􏿽').toString());
+        }
+    }));
+}, '$Rev$');

package/test/enc-utf8-test.js

@@ -0,0 +1,39 @@
+YUI.add('enc-utf8-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'Utf8',
+
+        testStringify1: function () {
+            Y.Assert.areEqual('$', C.enc.Utf8.stringify(C.lib.WordArray.create([0x24000000], 1)));
+        },
+
+        testStringify2: function () {
+            Y.Assert.areEqual('¢', C.enc.Utf8.stringify(C.lib.WordArray.create([0xc2a20000], 2)));
+        },
+
+        testStringify3: function () {
+            Y.Assert.areEqual('€', C.enc.Utf8.stringify(C.lib.WordArray.create([0xe282ac00], 3)));
+        },
+
+        testStringify4: function () {
+            Y.Assert.areEqual('𤭢', C.enc.Utf8.stringify(C.lib.WordArray.create([0xf0a4ada2], 4)));
+        },
+
+        testParse1: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0x24000000], 1).toString(), C.enc.Utf8.parse('$').toString());
+        },
+
+        testParse2: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xc2a20000], 2).toString(), C.enc.Utf8.parse('¢').toString());
+        },
+
+        testParse3: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xe282ac00], 3).toString(), C.enc.Utf8.parse('€').toString());
+        },
+
+        testParse4: function () {
+            Y.Assert.areEqual(C.lib.WordArray.create([0xf0a4ada2], 4).toString(), C.enc.Utf8.parse('𤭢').toString());
+        }
+    }));
+}, '$Rev$');

package/test/evpkdf-profile.js

@@ -0,0 +1,11 @@
+YUI.add('algo-evpkdf-profile', function (Y) {
+    var C = CryptoJS;
+
+    Y.Profiler.add({
+        name: 'EvpKDF',
+
+        profileKeySize256Iterations20: function () {
+            C.algo.EvpKDF.create({ keySize: 256/32, iterations: 20 }).compute('password', 'ATHENA.MIT.EDUraeburn');
+        }
+    });
+}, '$Rev$');

package/test/evpkdf-test.js

@@ -0,0 +1,32 @@
+YUI.add('algo-evpkdf-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'EvpKDF',
+
+        testVector: function () {
+            Y.Assert.areEqual('fdbdf3419fff98bdb0241390f62a9db35f4aba29d77566377997314ebfc709f20b5ca7b1081f94b1ac12e3c8ba87d05a', C.EvpKDF('password', 'saltsalt', { keySize: (256+128)/32 }).toString());
+        },
+
+        // There are no official test vectors that I could find, and the EVP implementation is short on comments.
+        // Need to use the C code to generate more test vectors.
+        // The iteration count in particular needs to be tested.
+
+        testInputIntegrity: function () {
+            var password = C.lib.WordArray.create([0x12345678]);
+            var salt = C.lib.WordArray.create([0x12345678]);
+
+            var expectedPassword = password.toString();
+            var expectedSalt = salt.toString();
+
+            C.EvpKDF(password, salt);
+
+            Y.Assert.areEqual(expectedPassword, password.toString());
+            Y.Assert.areEqual(expectedSalt, salt.toString());
+        },
+
+        testHelper: function () {
+            Y.Assert.areEqual(C.algo.EvpKDF.create({ keySize: (256+128)/32 }).compute('password', 'saltsalt').toString(), C.EvpKDF('password', 'saltsalt', { keySize: (256+128)/32 }).toString());
+        }
+    }));
+}, '$Rev$');

package/test/format-openssl-test.js

@@ -0,0 +1,37 @@
+YUI.add('format-openssl-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'OpenSSLFormatter',
+
+        setUp: function () {
+            this.data = {};
+
+            this.data.ciphertext = C.lib.WordArray.create([0x00010203, 0x04050607, 0x08090a0b, 0x0c0d0e0f]);
+            this.data.salt = C.lib.WordArray.create([0x01234567, 0x89abcdef]);
+        },
+
+        testSaltedToString: function () {
+            Y.Assert.areEqual(C.enc.Latin1.parse('Salted__').concat(this.data.salt).concat(this.data.ciphertext).toString(C.enc.Base64), C.format.OpenSSL.stringify(C.lib.CipherParams.create({ ciphertext: this.data.ciphertext, salt: this.data.salt })));
+        },
+
+        testUnsaltedToString: function () {
+            Y.Assert.areEqual(this.data.ciphertext.toString(C.enc.Base64), C.format.OpenSSL.stringify(C.lib.CipherParams.create({ ciphertext: this.data.ciphertext })));
+        },
+
+        testSaltedFromString: function () {
+            var openSSLStr = C.format.OpenSSL.stringify(C.lib.CipherParams.create({ ciphertext: this.data.ciphertext, salt: this.data.salt }));
+            var cipherParams = C.format.OpenSSL.parse(openSSLStr);
+
+            Y.Assert.areEqual(this.data.ciphertext.toString(), cipherParams.ciphertext.toString());
+            Y.Assert.areEqual(this.data.salt.toString(), cipherParams.salt.toString());
+        },
+
+        testUnsaltedFromString: function () {
+            var openSSLStr = C.format.OpenSSL.stringify(C.lib.CipherParams.create({ ciphertext: this.data.ciphertext }));
+            var cipherParams = C.format.OpenSSL.parse(openSSLStr);
+
+            Y.Assert.areEqual(this.data.ciphertext.toString(), cipherParams.ciphertext.toString());
+        }
+    }));
+}, '$Rev$');

package/test/hmac-md5-profile.js

@@ -0,0 +1,30 @@
+YUI.add('algo-hmac-md5-profile', function (Y) {
+    var C = CryptoJS;
+
+    Y.Profiler.add({
+        name: 'HMAC MD5',
+
+        setUp: function () {
+            this.data = {
+                key: C.lib.WordArray.random(128/8)
+            };
+        },
+
+        profileSinglePartMessage: function () {
+            var singlePartMessage = '';
+            for (var i = 0; i < 500; i++) {
+                singlePartMessage += '12345678901234567890123456789012345678901234567890';
+            }
+
+            C.algo.HMAC.create(C.algo.MD5, this.data.key).finalize(singlePartMessage) + '';
+        },
+
+        profileMultiPartMessage: function () {
+            var hmac = C.algo.HMAC.create(C.algo.MD5, this.data.key);
+            for (var i = 0; i < 500; i++) {
+                hmac.update('12345678901234567890123456789012345678901234567890');
+            }
+            hmac.finalize() + '';
+        }
+    });
+}, '$Rev$');

package/test/hmac-md5-test.js

@@ -0,0 +1,59 @@
+YUI.add('algo-hmac-md5-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'HMAC MD5',
+
+        testVector1: function () {
+            Y.Assert.areEqual('9294727a3638bb1c13f48ef8158bfc9d', C.HmacMD5('Hi There', C.enc.Hex.parse('0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b')).toString());
+        },
+
+        testVector2: function () {
+            Y.Assert.areEqual('750c783e6ab0b503eaa86e310a5db738', C.HmacMD5('what do ya want for nothing?', 'Jefe').toString());
+        },
+
+        testVector3: function () {
+            Y.Assert.areEqual('56be34521d144c88dbb8c733f0e8b3f6', C.HmacMD5(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString());
+        },
+
+        testVector4: function () {
+            Y.Assert.areEqual('7ee2a3cc979ab19865704644ce13355c', C.HmacMD5('ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'A').toString());
+        },
+
+        testVector5: function () {
+            Y.Assert.areEqual('0e1bd89c43e3e6e3b3f8cf1d5ba4f77a', C.HmacMD5('abcdefghijklmnopqrstuvwxyz', 'A').toString());
+        },
+
+        testUpdate: function () {
+            var hmac = C.algo.HMAC.create(C.algo.MD5, C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+
+            Y.Assert.areEqual(C.HmacMD5(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString(), hmac.finalize().toString());
+        },
+
+        testInputIntegrity: function () {
+            var message = C.lib.WordArray.create([0x12345678]);
+            var key = C.lib.WordArray.create([0x12345678]);
+
+            var expectedMessage = message.toString();
+            var expectedKey = key.toString();
+
+            C.HmacMD5(message, key);
+
+            Y.Assert.areEqual(expectedMessage, message.toString());
+            Y.Assert.areEqual(expectedKey, key.toString());
+        },
+
+        testRespectKeySigBytes: function () {
+            var key = C.lib.WordArray.random(8);
+            key.sigBytes = 4;
+
+            var keyClamped = key.clone();
+            keyClamped.clamp();
+
+            Y.Assert.areEqual(CryptoJS.HmacSHA256("Message", keyClamped).toString(), CryptoJS.HmacSHA256("Message", key).toString());
+        }
+    }));
+}, '$Rev$');

package/test/hmac-sha224-test.js

@@ -0,0 +1,59 @@
+YUI.add('algo-hmac-sha224-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'HMAC SHA224',
+
+        testVector1: function () {
+            Y.Assert.areEqual('4e841ce7a4ae83fbcf71e3cd64bfbf277f73a14680aae8c518ac7861', C.HmacSHA224('Hi There', C.enc.Hex.parse('0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b')).toString());
+        },
+
+        testVector2: function () {
+            Y.Assert.areEqual('a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44', C.HmacSHA224('what do ya want for nothing?', 'Jefe').toString());
+        },
+
+        testVector3: function () {
+            Y.Assert.areEqual('cbff7c2716bbaa7c77bed4f491d3e8456cb6c574e92f672b291acf5b', C.HmacSHA224(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString());
+        },
+
+        testVector4: function () {
+            Y.Assert.areEqual('61bf669da4fdcd8e5c3bd09ebbb4a986d3d1b298d3ca05c511f7aeff', C.HmacSHA224('ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'A').toString());
+        },
+
+        testVector5: function () {
+            Y.Assert.areEqual('16fc69ada3c3edc1fe9144d6b98d93393833ae442bedf681110a1176', C.HmacSHA224('abcdefghijklmnopqrstuvwxyz', 'A').toString());
+        },
+
+        testUpdate: function () {
+            var hmac = C.algo.HMAC.create(C.algo.SHA224, C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+
+            Y.Assert.areEqual(C.HmacSHA224(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString(), hmac.finalize().toString());
+        },
+
+        testInputIntegrity: function () {
+            var message = C.lib.WordArray.create([0x12345678]);
+            var key = C.lib.WordArray.create([0x12345678]);
+
+            var expectedMessage = message.toString();
+            var expectedKey = key.toString();
+
+            C.HmacSHA224(message, key);
+
+            Y.Assert.areEqual(expectedMessage, message.toString());
+            Y.Assert.areEqual(expectedKey, key.toString());
+        },
+
+        testRespectKeySigBytes: function () {
+            var key = C.lib.WordArray.random(8);
+            key.sigBytes = 4;
+
+            var keyClamped = key.clone();
+            keyClamped.clamp();
+
+            Y.Assert.areEqual(CryptoJS.HmacSHA224("Message", keyClamped).toString(), CryptoJS.HmacSHA224("Message", key).toString());
+        }
+    }));
+}, '$Rev$');

package/test/hmac-sha256-test.js

@@ -0,0 +1,59 @@
+YUI.add('algo-hmac-sha256-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'HMAC SHA256',
+
+        testVector1: function () {
+            Y.Assert.areEqual('492ce020fe2534a5789dc3848806c78f4f6711397f08e7e7a12ca5a4483c8aa6', C.HmacSHA256('Hi There', C.enc.Hex.parse('0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b')).toString());
+        },
+
+        testVector2: function () {
+            Y.Assert.areEqual('5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843', C.HmacSHA256('what do ya want for nothing?', 'Jefe').toString());
+        },
+
+        testVector3: function () {
+            Y.Assert.areEqual('7dda3cc169743a6484649f94f0eda0f9f2ff496a9733fb796ed5adb40a44c3c1', C.HmacSHA256(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString());
+        },
+
+        testVector4: function () {
+            Y.Assert.areEqual('a89dc8178c1184a62df87adaa77bf86e93064863d93c5131140b0ae98b866687', C.HmacSHA256('ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'A').toString());
+        },
+
+        testVector5: function () {
+            Y.Assert.areEqual('d8cb78419c02fe20b90f8b77427dd9f81817a751d74c2e484e0ac5fc4e6ca986', C.HmacSHA256('abcdefghijklmnopqrstuvwxyz', 'A').toString());
+        },
+
+        testUpdate: function () {
+            var hmac = C.algo.HMAC.create(C.algo.SHA256, C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+
+            Y.Assert.areEqual(C.HmacSHA256(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString(), hmac.finalize().toString());
+        },
+
+        testInputIntegrity: function () {
+            var message = C.lib.WordArray.create([0x12345678]);
+            var key = C.lib.WordArray.create([0x12345678]);
+
+            var expectedMessage = message.toString();
+            var expectedKey = key.toString();
+
+            C.HmacSHA256(message, key);
+
+            Y.Assert.areEqual(expectedMessage, message.toString());
+            Y.Assert.areEqual(expectedKey, key.toString());
+        },
+
+        testRespectKeySigBytes: function () {
+            var key = C.lib.WordArray.random(8);
+            key.sigBytes = 4;
+
+            var keyClamped = key.clone();
+            keyClamped.clamp();
+
+            Y.Assert.areEqual(CryptoJS.HmacSHA256("Message", keyClamped).toString(), CryptoJS.HmacSHA256("Message", key).toString());
+        }
+    }));
+}, '$Rev$');

package/test/hmac-sha384-test.js

@@ -0,0 +1,59 @@
+YUI.add('algo-hmac-sha384-test', function (Y) {
+    var C = CryptoJS;
+
+    Y.Test.Runner.add(new Y.Test.Case({
+        name: 'HMAC SHA384',
+
+        testVector1: function () {
+            Y.Assert.areEqual('7afaa633e20d379b02395915fbc385ff8dc27dcd3885e1068ab942eeab52ec1f20ad382a92370d8b2e0ac8b83c4d53bf', C.HmacSHA384('Hi There', C.enc.Hex.parse('0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b')).toString());
+        },
+
+        testVector2: function () {
+            Y.Assert.areEqual('af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649', C.HmacSHA384('what do ya want for nothing?', 'Jefe').toString());
+        },
+
+        testVector3: function () {
+            Y.Assert.areEqual('1383e82e28286b91f4cc7afbd13d5b5c6f887c05e7c4542484043a37a5fe45802a9470fb663bd7b6570fe2f503fc92f5', C.HmacSHA384(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString());
+        },
+
+        testVector4: function () {
+            Y.Assert.areEqual('365dfb271adb8e30fe6c74220b75df1b38c2d19b9d37f2e5a0ec2f3f22bd0406bf5b786e98d81b82c36d3d8a1be6cd07', C.HmacSHA384('ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'A').toString());
+        },
+
+        testVector5: function () {
+            Y.Assert.areEqual('a8357d5e84da64140e41545562ae0782e2a58e39c6cd98939fad8d9080e774c84b7eaca4ba07f6dbf0f12eab912c5285', C.HmacSHA384('abcdefghijklmnopqrstuvwxyz', 'A').toString());
+        },
+
+        testUpdate: function () {
+            var hmac = C.algo.HMAC.create(C.algo.SHA384, C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+            hmac.update(C.enc.Hex.parse('dddddddddddddddddddddddddddddddd'));
+
+            Y.Assert.areEqual(C.HmacSHA384(C.enc.Hex.parse('dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd'), C.enc.Hex.parse('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')).toString(), hmac.finalize().toString());
+        },
+
+        testInputIntegrity: function () {
+            var message = C.lib.WordArray.create([0x12345678]);
+            var key = C.lib.WordArray.create([0x12345678]);
+
+            var expectedMessage = message.toString();
+            var expectedKey = key.toString();
+
+            C.HmacSHA384(message, key);
+
+            Y.Assert.areEqual(expectedMessage, message.toString());
+            Y.Assert.areEqual(expectedKey, key.toString());
+        },
+
+        testRespectKeySigBytes: function () {
+            var key = C.lib.WordArray.random(8);
+            key.sigBytes = 4;
+
+            var keyClamped = key.clone();
+            keyClamped.clamp();
+
+            Y.Assert.areEqual(CryptoJS.HmacSHA384("Message", keyClamped).toString(), CryptoJS.HmacSHA384("Message", key).toString());
+        }
+    }));
+}, '$Rev$');