1 /* Copyright (c) 2014, Google Inc. 2 * 3 * Permission to use, copy, modify, and/or distribute this software for any 4 * purpose with or without fee is hereby granted, provided that the above 5 * copyright notice and this permission notice appear in all copies. 6 * 7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 14 15 #include <stdint.h> 16 #include <stdio.h> 17 #include <string.h> 18 19 #include <openssl/crypto.h> 20 #include <openssl/digest.h> 21 #include <openssl/err.h> 22 #include <openssl/md4.h> 23 #include <openssl/md5.h> 24 #include <openssl/sha.h> 25 26 #include "../test/scoped_types.h" 27 28 29 struct MD { 30 // name is the name of the digest. 31 const char* name; 32 // md_func is the digest to test. 33 const EVP_MD *(*func)(void); 34 // one_shot_func is the convenience one-shot version of the 35 // digest. 36 uint8_t *(*one_shot_func)(const uint8_t *, size_t, uint8_t *); 37 }; 38 39 static const MD md4 = { "MD4", &EVP_md4, nullptr }; 40 static const MD md5 = { "MD5", &EVP_md5, &MD5 }; 41 static const MD sha1 = { "SHA1", &EVP_sha1, &SHA1 }; 42 static const MD sha224 = { "SHA224", &EVP_sha224, &SHA224 }; 43 static const MD sha256 = { "SHA256", &EVP_sha256, &SHA256 }; 44 static const MD sha384 = { "SHA384", &EVP_sha384, &SHA384 }; 45 static const MD sha512 = { "SHA512", &EVP_sha512, &SHA512 }; 46 static const MD md5_sha1 = { "MD5-SHA1", &EVP_md5_sha1, nullptr }; 47 48 struct TestVector { 49 // md is the digest to test. 50 const MD &md; 51 // input is a NUL-terminated string to hash. 52 const char *input; 53 // repeat is the number of times to repeat input. 54 size_t repeat; 55 // expected_hex is the expected digest in hexadecimal. 56 const char *expected_hex; 57 }; 58 59 static const TestVector kTestVectors[] = { 60 // MD4 tests, from RFC 1320. (crypto/md4 does not provide a 61 // one-shot MD4 function.) 62 { md4, "", 1, "31d6cfe0d16ae931b73c59d7e0c089c0" }, 63 { md4, "a", 1, "bde52cb31de33e46245e05fbdbd6fb24" }, 64 { md4, "abc", 1, "a448017aaf21d8525fc10ae87aa6729d" }, 65 { md4, "message digest", 1, "d9130a8164549fe818874806e1c7014b" }, 66 { md4, "abcdefghijklmnopqrstuvwxyz", 1, 67 "d79e1c308aa5bbcdeea8ed63df412da9" }, 68 { md4, 69 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 1, 70 "043f8582f241db351ce627e153e7f0e4" }, 71 { md4, "1234567890", 8, "e33b4ddc9c38f2199c3e7b164fcc0536" }, 72 73 // MD5 tests, from RFC 1321. 74 { md5, "", 1, "d41d8cd98f00b204e9800998ecf8427e" }, 75 { md5, "a", 1, "0cc175b9c0f1b6a831c399e269772661" }, 76 { md5, "abc", 1, "900150983cd24fb0d6963f7d28e17f72" }, 77 { md5, "message digest", 1, "f96b697d7cb7938d525a2f31aaf161d0" }, 78 { md5, "abcdefghijklmnopqrstuvwxyz", 1, 79 "c3fcd3d76192e4007dfb496cca67e13b" }, 80 { md5, 81 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 1, 82 "d174ab98d277d9f5a5611c2c9f419d9f" }, 83 { md5, "1234567890", 8, "57edf4a22be3c955ac49da2e2107b67a" }, 84 85 // SHA-1 tests, from RFC 3174. 86 { sha1, "abc", 1, "a9993e364706816aba3e25717850c26c9cd0d89d" }, 87 { sha1, 88 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1, 89 "84983e441c3bd26ebaae4aa1f95129e5e54670f1" }, 90 { sha1, "a", 1000000, "34aa973cd4c4daa4f61eeb2bdbad27316534016f" }, 91 { sha1, 92 "0123456701234567012345670123456701234567012345670123456701234567", 10, 93 "dea356a2cddd90c7a7ecedc5ebb563934f460452" }, 94 95 // SHA-224 tests, from RFC 3874. 96 { sha224, "abc", 1, 97 "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7" }, 98 { sha224, 99 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1, 100 "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525" }, 101 { sha224, 102 "a", 1000000, 103 "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67" }, 104 105 // SHA-256 tests, from NIST. 106 { sha256, "abc", 1, 107 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" }, 108 { sha256, 109 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1, 110 "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1" }, 111 112 // SHA-384 tests, from NIST. 113 { sha384, "abc", 1, 114 "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed" 115 "8086072ba1e7cc2358baeca134c825a7" }, 116 { sha384, 117 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" 118 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1, 119 "09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712" 120 "fcc7c71a557e2db966c3e9fa91746039" }, 121 122 // SHA-512 tests, from NIST. 123 { sha512, "abc", 1, 124 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a" 125 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f" }, 126 { sha512, 127 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" 128 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1, 129 "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018" 130 "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909" }, 131 132 // MD5-SHA1 tests. 133 { md5_sha1, "abc", 1, 134 "900150983cd24fb0d6963f7d28e17f72a9993e364706816aba3e25717850c26c9cd0d89d" }, 135 }; 136 137 static bool CompareDigest(const TestVector *test, 138 const uint8_t *digest, 139 size_t digest_len) { 140 static const char kHexTable[] = "0123456789abcdef"; 141 size_t i; 142 char digest_hex[2*EVP_MAX_MD_SIZE + 1]; 143 144 for (i = 0; i < digest_len; i++) { 145 digest_hex[2*i] = kHexTable[digest[i] >> 4]; 146 digest_hex[2*i + 1] = kHexTable[digest[i] & 0xf]; 147 } 148 digest_hex[2*digest_len] = '\0'; 149 150 if (strcmp(digest_hex, test->expected_hex) != 0) { 151 fprintf(stderr, "%s(\"%s\" * %d) = %s; want %s\n", 152 test->md.name, test->input, (int)test->repeat, 153 digest_hex, test->expected_hex); 154 return false; 155 } 156 157 return true; 158 } 159 160 static int TestDigest(const TestVector *test) { 161 ScopedEVP_MD_CTX ctx; 162 163 // Test the input provided. 164 if (!EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL)) { 165 fprintf(stderr, "EVP_DigestInit_ex failed\n"); 166 return false; 167 } 168 for (size_t i = 0; i < test->repeat; i++) { 169 if (!EVP_DigestUpdate(ctx.get(), test->input, strlen(test->input))) { 170 fprintf(stderr, "EVP_DigestUpdate failed\n"); 171 return false; 172 } 173 } 174 uint8_t digest[EVP_MAX_MD_SIZE]; 175 unsigned digest_len; 176 if (!EVP_DigestFinal_ex(ctx.get(), digest, &digest_len)) { 177 fprintf(stderr, "EVP_DigestFinal_ex failed\n"); 178 return false; 179 } 180 if (!CompareDigest(test, digest, digest_len)) { 181 return false; 182 } 183 184 // Test the input one character at a time. 185 if (!EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL)) { 186 fprintf(stderr, "EVP_DigestInit_ex failed\n"); 187 return false; 188 } 189 if (!EVP_DigestUpdate(ctx.get(), NULL, 0)) { 190 fprintf(stderr, "EVP_DigestUpdate failed\n"); 191 return false; 192 } 193 for (size_t i = 0; i < test->repeat; i++) { 194 for (const char *p = test->input; *p; p++) { 195 if (!EVP_DigestUpdate(ctx.get(), p, 1)) { 196 fprintf(stderr, "EVP_DigestUpdate failed\n"); 197 return false; 198 } 199 } 200 } 201 if (!EVP_DigestFinal_ex(ctx.get(), digest, &digest_len)) { 202 fprintf(stderr, "EVP_DigestFinal_ex failed\n"); 203 return false; 204 } 205 if (digest_len != EVP_MD_size(test->md.func())) { 206 fprintf(stderr, "EVP_MD_size output incorrect\n"); 207 return false; 208 } 209 if (!CompareDigest(test, digest, digest_len)) { 210 return false; 211 } 212 213 // Test the one-shot function. 214 if (test->md.one_shot_func && test->repeat == 1) { 215 uint8_t *out = test->md.one_shot_func((const uint8_t *)test->input, 216 strlen(test->input), digest); 217 if (out != digest) { 218 fprintf(stderr, "one_shot_func gave incorrect return\n"); 219 return false; 220 } 221 if (!CompareDigest(test, digest, EVP_MD_size(test->md.func()))) { 222 return false; 223 } 224 225 // Test the deprecated static buffer variant, until it's removed. 226 out = test->md.one_shot_func((const uint8_t *)test->input, 227 strlen(test->input), NULL); 228 if (!CompareDigest(test, out, EVP_MD_size(test->md.func()))) { 229 return false; 230 } 231 } 232 233 return true; 234 } 235 236 static int TestGetters() { 237 if (EVP_get_digestbyname("RSA-SHA512") == NULL || 238 EVP_get_digestbyname("sha512WithRSAEncryption") == NULL || 239 EVP_get_digestbyname("nonsense") != NULL) { 240 return false; 241 } 242 243 return true; 244 } 245 246 int main(void) { 247 CRYPTO_library_init(); 248 ERR_load_crypto_strings(); 249 250 for (size_t i = 0; i < sizeof(kTestVectors) / sizeof(kTestVectors[0]); i++) { 251 if (!TestDigest(&kTestVectors[i])) { 252 fprintf(stderr, "Test %d failed\n", (int)i); 253 return 1; 254 } 255 } 256 257 if (!TestGetters()) { 258 return 1; 259 } 260 261 printf("PASS\n"); 262 return 0; 263 } 264
