1 /*
2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * HMAC low level APIs are deprecated for public use, but still ok for internal
12 * use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <stdio.h>
17 #include <string.h>
18 #include <stdlib.h>
19
20 #include "internal/nelem.h"
21
22 # include <openssl/hmac.h>
23 # include <openssl/sha.h>
24 # ifndef OPENSSL_NO_MD5
25 # include <openssl/md5.h>
26 # endif
27
28 # ifdef CHARSET_EBCDIC
29 # include <openssl/ebcdic.h>
30 # endif
31
32 #include "testutil.h"
33
34 # ifndef OPENSSL_NO_MD5
35 static struct test_st {
36 const char key[16];
37 int key_len;
38 const unsigned char data[64];
39 int data_len;
40 const char *digest;
41 } test[8] = {
42 {
43 "", 0, "More text test vectors to stuff up EBCDIC machines :-)", 54,
44 "e9139d1e6ee064ef8cf514fc7dc83e86",
45 },
46 {
47 "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
48 16, "Hi There", 8,
49 "9294727a3638bb1c13f48ef8158bfc9d",
50 },
51 {
52 "Jefe", 4, "what do ya want for nothing?", 28,
53 "750c783e6ab0b503eaa86e310a5db738",
54 },
55 {
56 "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa",
57 16, {
58 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
59 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
60 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
61 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
62 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd
63 }, 50, "56be34521d144c88dbb8c733f0e8b3f6",
64 },
65 {
66 "", 0, "My test data", 12,
67 "61afdecb95429ef494d61fdee15990cabf0826fc"
68 },
69 {
70 "", 0, "My test data", 12,
71 "2274b195d90ce8e03406f4b526a47e0787a88a65479938f1a5baa3ce0f079776"
72 },
73 {
74 "123456", 6, "My test data", 12,
75 "bab53058ae861a7f191abe2d0145cbb123776a6369ee3f9d79ce455667e411dd"
76 },
77 {
78 "12345", 5, "My test data again", 18,
79 "a12396ceddd2a85f4c656bc1e0aa50c78cffde3e"
80 }
81 };
82 # endif
83
84 static char *pt(unsigned char *md, unsigned int len);
85
86
87 # ifndef OPENSSL_NO_MD5
test_hmac_md5(int idx)88 static int test_hmac_md5(int idx)
89 {
90 char *p;
91 # ifdef CHARSET_EBCDIC
92 ebcdic2ascii(test[0].data, test[0].data, test[0].data_len);
93 ebcdic2ascii(test[1].data, test[1].data, test[1].data_len);
94 ebcdic2ascii(test[2].key, test[2].key, test[2].key_len);
95 ebcdic2ascii(test[2].data, test[2].data, test[2].data_len);
96 # endif
97
98 p = pt(HMAC(EVP_md5(),
99 test[idx].key, test[idx].key_len,
100 test[idx].data, test[idx].data_len, NULL, NULL),
101 MD5_DIGEST_LENGTH);
102
103 return TEST_ptr(p) && TEST_str_eq(p, test[idx].digest);
104 }
105 # endif
106
test_hmac_bad(void)107 static int test_hmac_bad(void)
108 {
109 HMAC_CTX *ctx = NULL;
110 int ret = 0;
111
112 ctx = HMAC_CTX_new();
113 if (!TEST_ptr(ctx)
114 || !TEST_ptr_null(HMAC_CTX_get_md(ctx))
115 || !TEST_false(HMAC_Init_ex(ctx, NULL, 0, NULL, NULL))
116 || !TEST_false(HMAC_Update(ctx, test[4].data, test[4].data_len))
117 || !TEST_false(HMAC_Init_ex(ctx, NULL, 0, EVP_sha1(), NULL))
118 || !TEST_false(HMAC_Update(ctx, test[4].data, test[4].data_len)))
119 goto err;
120
121 ret = 1;
122 err:
123 HMAC_CTX_free(ctx);
124 return ret;
125 }
126
test_hmac_run(void)127 static int test_hmac_run(void)
128 {
129 char *p;
130 HMAC_CTX *ctx = NULL;
131 unsigned char buf[EVP_MAX_MD_SIZE];
132 unsigned int len;
133 int ret = 0;
134
135 if (!TEST_ptr(ctx = HMAC_CTX_new()))
136 return 0;
137 HMAC_CTX_reset(ctx);
138
139 if (!TEST_ptr(ctx)
140 || !TEST_ptr_null(HMAC_CTX_get_md(ctx))
141 || !TEST_false(HMAC_Init_ex(ctx, NULL, 0, NULL, NULL))
142 || !TEST_false(HMAC_Update(ctx, test[4].data, test[4].data_len))
143 || !TEST_false(HMAC_Init_ex(ctx, test[4].key, -1, EVP_sha1(), NULL)))
144 goto err;
145
146 if (!TEST_true(HMAC_Init_ex(ctx, test[4].key, test[4].key_len, EVP_sha1(), NULL))
147 || !TEST_true(HMAC_Update(ctx, test[4].data, test[4].data_len))
148 || !TEST_true(HMAC_Final(ctx, buf, &len)))
149 goto err;
150
151 p = pt(buf, len);
152 if (!TEST_ptr(p) || !TEST_str_eq(p, test[4].digest))
153 goto err;
154
155 if (!TEST_false(HMAC_Init_ex(ctx, NULL, 0, EVP_sha256(), NULL)))
156 goto err;
157
158 if (!TEST_true(HMAC_Init_ex(ctx, test[5].key, test[5].key_len, EVP_sha256(), NULL))
159 || !TEST_ptr_eq(HMAC_CTX_get_md(ctx), EVP_sha256())
160 || !TEST_true(HMAC_Update(ctx, test[5].data, test[5].data_len))
161 || !TEST_true(HMAC_Final(ctx, buf, &len)))
162 goto err;
163
164 p = pt(buf, len);
165 if (!TEST_ptr(p) || !TEST_str_eq(p, test[5].digest))
166 goto err;
167
168 if (!TEST_true(HMAC_Init_ex(ctx, test[6].key, test[6].key_len, NULL, NULL))
169 || !TEST_true(HMAC_Update(ctx, test[6].data, test[6].data_len))
170 || !TEST_true(HMAC_Final(ctx, buf, &len)))
171 goto err;
172 p = pt(buf, len);
173 if (!TEST_ptr(p) || !TEST_str_eq(p, test[6].digest))
174 goto err;
175
176 /* Test reusing a key */
177 if (!TEST_true(HMAC_Init_ex(ctx, NULL, 0, NULL, NULL))
178 || !TEST_true(HMAC_Update(ctx, test[6].data, test[6].data_len))
179 || !TEST_true(HMAC_Final(ctx, buf, &len)))
180 goto err;
181 p = pt(buf, len);
182 if (!TEST_ptr(p) || !TEST_str_eq(p, test[6].digest))
183 goto err;
184
185 /*
186 * Test reusing a key where the digest is provided again but is the same as
187 * last time
188 */
189 if (!TEST_true(HMAC_Init_ex(ctx, NULL, 0, EVP_sha256(), NULL))
190 || !TEST_true(HMAC_Update(ctx, test[6].data, test[6].data_len))
191 || !TEST_true(HMAC_Final(ctx, buf, &len)))
192 goto err;
193 p = pt(buf, len);
194 if (!TEST_ptr(p) || !TEST_str_eq(p, test[6].digest))
195 goto err;
196
197 ret = 1;
198 err:
199 HMAC_CTX_free(ctx);
200 return ret;
201 }
202
203
test_hmac_single_shot(void)204 static int test_hmac_single_shot(void)
205 {
206 char *p;
207
208 /* Test single-shot with NULL key. */
209 p = pt(HMAC(EVP_sha1(), NULL, 0, test[4].data, test[4].data_len,
210 NULL, NULL), SHA_DIGEST_LENGTH);
211 if (!TEST_ptr(p) || !TEST_str_eq(p, test[4].digest))
212 return 0;
213
214 return 1;
215 }
216
217
test_hmac_copy(void)218 static int test_hmac_copy(void)
219 {
220 char *p;
221 HMAC_CTX *ctx = NULL, *ctx2 = NULL;
222 unsigned char buf[EVP_MAX_MD_SIZE];
223 unsigned int len;
224 int ret = 0;
225
226 ctx = HMAC_CTX_new();
227 ctx2 = HMAC_CTX_new();
228 if (!TEST_ptr(ctx) || !TEST_ptr(ctx2))
229 goto err;
230
231 if (!TEST_true(HMAC_Init_ex(ctx, test[7].key, test[7].key_len, EVP_sha1(), NULL))
232 || !TEST_true(HMAC_Update(ctx, test[7].data, test[7].data_len))
233 || !TEST_true(HMAC_CTX_copy(ctx2, ctx))
234 || !TEST_true(HMAC_Final(ctx2, buf, &len)))
235 goto err;
236
237 p = pt(buf, len);
238 if (!TEST_ptr(p) || !TEST_str_eq(p, test[7].digest))
239 goto err;
240
241 ret = 1;
242 err:
243 HMAC_CTX_free(ctx2);
244 HMAC_CTX_free(ctx);
245 return ret;
246 }
247
test_hmac_copy_uninited(void)248 static int test_hmac_copy_uninited(void)
249 {
250 const unsigned char key[24] = {0};
251 const unsigned char ct[166] = {0};
252 EVP_PKEY *pkey = NULL;
253 EVP_MD_CTX *ctx = NULL;
254 EVP_MD_CTX *ctx_tmp = NULL;
255 int res = 0;
256
257 if (!TEST_ptr(ctx = EVP_MD_CTX_new())
258 || !TEST_ptr(pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,
259 key, sizeof(key)))
260 || !TEST_true(EVP_DigestSignInit(ctx, NULL, EVP_sha1(), NULL, pkey))
261 || !TEST_ptr(ctx_tmp = EVP_MD_CTX_new())
262 || !TEST_true(EVP_MD_CTX_copy(ctx_tmp, ctx)))
263 goto err;
264 EVP_MD_CTX_free(ctx);
265 ctx = ctx_tmp;
266 ctx_tmp = NULL;
267
268 if (!TEST_true(EVP_DigestSignUpdate(ctx, ct, sizeof(ct))))
269 goto err;
270 res = 1;
271 err:
272 EVP_MD_CTX_free(ctx);
273 EVP_MD_CTX_free(ctx_tmp);
274 EVP_PKEY_free(pkey);
275 return res;
276 }
277
278 #ifndef OPENSSL_NO_MD5
279 # define OSSL_HEX_CHARS_PER_BYTE 2
pt(unsigned char * md,unsigned int len)280 static char *pt(unsigned char *md, unsigned int len)
281 {
282 unsigned int i;
283 static char buf[201];
284
285 if (md == NULL)
286 return NULL;
287 for (i = 0; i < len && (i + 1) * OSSL_HEX_CHARS_PER_BYTE < sizeof(buf); i++)
288 BIO_snprintf(buf + i * OSSL_HEX_CHARS_PER_BYTE,
289 OSSL_HEX_CHARS_PER_BYTE + 1, "%02x", md[i]);
290 return buf;
291 }
292 #endif
293
294 static struct test_chunks_st {
295 const char *md_name;
296 char key[256];
297 int key_len;
298 int chunks;
299 int chunk_size[10];
300 const char *digest;
301 } test_chunks[12] = {
302 {
303 "SHA224",
304 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", 64,
305 4, { 1, 50, 200, 4000 },
306 "40821a39dd54f01443b3f96b9370a15023fbdd819a074ffc4b703c77"
307 },
308 {
309 "SHA224",
310 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
311 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
312 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", 192,
313 10, { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 },
314 "55ffa85e53e9a68f41c8d653c60b4ada9566d22aed3811834882661c"
315 },
316 {
317 "SHA224", "0123456789abcdef0123456789abcdef", 32,
318 4, { 100, 4096, 100, 3896 },
319 "0fd18e7d8e974f401b29bf0502a71f6a9b77804e9191380ce9f48377"
320 },
321 {
322 "SHA256",
323 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", 64,
324 4, { 1, 50, 200, 4000 },
325 "f67a46fa77c66d3ea5b3ffb9a10afb3e501eaadd16b15978fdee9f014a782140"
326 },
327 {
328 "SHA256",
329 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
330 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
331 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", 192,
332 10, { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 },
333 "21a6f61ed6dbec30b58557a80988ff610d69b50b2e96d75863ab50f99da58c9d"
334 },
335 {
336 "SHA256", "0123456789abcdef0123456789abcdef", 32,
337 4, { 100, 4096, 100, 3896 },
338 "7bfd45c1bdde9b79244816b0aea0a67ea954a182e74c60410bfbc1fdc4842660"
339 },
340 {
341 "SHA384",
342 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", 64,
343 4, { 1, 50, 200, 4000 },
344 "e270e3c8ca3f2796a0c29cc7569fcec7584b04db26da64326aca0d17bd7731de"
345 "938694b273f3dafe6e2dc123cde26640"
346 },
347 {
348 "SHA384",
349 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
350 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
351 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", 192,
352 10, { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 },
353 "7036fd7d251298975acd18938471243e92fffe67be158f16c910c400576592d2"
354 "618c3c077ef25d703312668bd2d813ff"
355 },
356 {
357 "SHA384", "0123456789abcdef0123456789abcdef", 32,
358 4, { 100, 8192, 100, 8092 },
359 "0af8224145bd0812d2e34ba1f980ed4d218461271a54cce75dc43d36eda01e4e"
360 "ff4299c1ebf533a7ae636fa3e6aff903"
361 },
362 {
363 "SHA512",
364 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", 64,
365 4, { 1, 50, 200, 4000 },
366 "4016e960e2342553d4b9d34fb57355ab8b7f33af5dc2676fc1189e94b38f2b2c"
367 "a0ec8dc3c8b95fb1109d58480cea1e8f88e02f34ad79b303e4809373c46c1b16"
368 },
369 {
370 "SHA512",
371 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
372 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
373 "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", 192,
374 10, { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 },
375 "7ceb6a421fc19434bcb7ec9c8a15ea524dbfb896c24f5f517513f06597de99b1"
376 "918eb6b2472e52215ec7d1b5544766f79ff6ac6d1eb456f19a93819fa2d43c29"
377 },
378 {
379 "SHA512", "0123456789abcdef0123456789abcdef", 32,
380 4, { 100, 8192, 100, 8092 },
381 "cebf722ffdff5f0e4cbfbd480cd086101d4627d30d42f1f7cf21c43251018069"
382 "854d8e030b5a54cec1e2245d5b4629ff928806d4eababb427d751ec7c274047f"
383 },
384 };
385
test_hmac_chunks(int idx)386 static int test_hmac_chunks(int idx)
387 {
388 char *p;
389 HMAC_CTX *ctx = NULL;
390 unsigned char buf[32768];
391 unsigned int len;
392 const EVP_MD *md;
393 int i, ret = 0;
394
395 if (!TEST_ptr(md = EVP_get_digestbyname(test_chunks[idx].md_name)))
396 goto err;
397
398 if (!TEST_ptr(ctx = HMAC_CTX_new()))
399 goto err;
400
401 #ifdef CHARSET_EBCDIC
402 ebcdic2ascii(test_chunks[idx].key, test_chunks[idx].key,
403 test_chunks[idx].key_len);
404 #endif
405
406 if (!TEST_true(HMAC_Init_ex(ctx, test_chunks[idx].key,
407 test_chunks[idx].key_len, md, NULL)))
408 goto err;
409
410 for (i = 0; i < test_chunks[idx].chunks; i++) {
411 if (!TEST_true((test_chunks[idx].chunk_size[i] < (int)sizeof(buf))))
412 goto err;
413 memset(buf, i, test_chunks[idx].chunk_size[i]);
414 if (!TEST_true(HMAC_Update(ctx, buf, test_chunks[idx].chunk_size[i])))
415 goto err;
416 }
417
418 if (!TEST_true(HMAC_Final(ctx, buf, &len)))
419 goto err;
420
421 p = pt(buf, len);
422 if (!TEST_ptr(p) || !TEST_str_eq(p, test_chunks[idx].digest))
423 goto err;
424
425 ret = 1;
426
427 err:
428 HMAC_CTX_free(ctx);
429 return ret;
430 }
431
setup_tests(void)432 int setup_tests(void)
433 {
434 ADD_ALL_TESTS(test_hmac_md5, 4);
435 ADD_TEST(test_hmac_single_shot);
436 ADD_TEST(test_hmac_bad);
437 ADD_TEST(test_hmac_run);
438 ADD_TEST(test_hmac_copy);
439 ADD_TEST(test_hmac_copy_uninited);
440 ADD_ALL_TESTS(test_hmac_chunks,
441 sizeof(test_chunks) / sizeof(struct test_chunks_st));
442 return 1;
443 }
444
445
