1 /* Copyright (c) 2014, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15 #include <stdint.h>
16 #include <stdio.h>
17 #include <string.h>
18
19 #include <openssl/crypto.h>
20 #include <openssl/digest.h>
21 #include <openssl/err.h>
22 #include <openssl/md4.h>
23 #include <openssl/md5.h>
24 #include <openssl/sha.h>
25
26 #include "../test/scoped_types.h"
27
28
29 struct MD {
30 // name is the name of the digest.
31 const char* name;
32 // md_func is the digest to test.
33 const EVP_MD *(*func)(void);
34 // one_shot_func is the convenience one-shot version of the
35 // digest.
36 uint8_t *(*one_shot_func)(const uint8_t *, size_t, uint8_t *);
37 };
38
39 static const MD md4 = { "MD4", &EVP_md4, nullptr };
40 static const MD md5 = { "MD5", &EVP_md5, &MD5 };
41 static const MD sha1 = { "SHA1", &EVP_sha1, &SHA1 };
42 static const MD sha224 = { "SHA224", &EVP_sha224, &SHA224 };
43 static const MD sha256 = { "SHA256", &EVP_sha256, &SHA256 };
44 static const MD sha384 = { "SHA384", &EVP_sha384, &SHA384 };
45 static const MD sha512 = { "SHA512", &EVP_sha512, &SHA512 };
46 static const MD md5_sha1 = { "MD5-SHA1", &EVP_md5_sha1, nullptr };
47
48 struct TestVector {
49 // md is the digest to test.
50 const MD &md;
51 // input is a NUL-terminated string to hash.
52 const char *input;
53 // repeat is the number of times to repeat input.
54 size_t repeat;
55 // expected_hex is the expected digest in hexadecimal.
56 const char *expected_hex;
57 };
58
59 static const TestVector kTestVectors[] = {
60 // MD4 tests, from RFC 1320. (crypto/md4 does not provide a
61 // one-shot MD4 function.)
62 { md4, "", 1, "31d6cfe0d16ae931b73c59d7e0c089c0" },
63 { md4, "a", 1, "bde52cb31de33e46245e05fbdbd6fb24" },
64 { md4, "abc", 1, "a448017aaf21d8525fc10ae87aa6729d" },
65 { md4, "message digest", 1, "d9130a8164549fe818874806e1c7014b" },
66 { md4, "abcdefghijklmnopqrstuvwxyz", 1,
67 "d79e1c308aa5bbcdeea8ed63df412da9" },
68 { md4,
69 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 1,
70 "043f8582f241db351ce627e153e7f0e4" },
71 { md4, "1234567890", 8, "e33b4ddc9c38f2199c3e7b164fcc0536" },
72
73 // MD5 tests, from RFC 1321.
74 { md5, "", 1, "d41d8cd98f00b204e9800998ecf8427e" },
75 { md5, "a", 1, "0cc175b9c0f1b6a831c399e269772661" },
76 { md5, "abc", 1, "900150983cd24fb0d6963f7d28e17f72" },
77 { md5, "message digest", 1, "f96b697d7cb7938d525a2f31aaf161d0" },
78 { md5, "abcdefghijklmnopqrstuvwxyz", 1,
79 "c3fcd3d76192e4007dfb496cca67e13b" },
80 { md5,
81 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 1,
82 "d174ab98d277d9f5a5611c2c9f419d9f" },
83 { md5, "1234567890", 8, "57edf4a22be3c955ac49da2e2107b67a" },
84
85 // SHA-1 tests, from RFC 3174.
86 { sha1, "abc", 1, "a9993e364706816aba3e25717850c26c9cd0d89d" },
87 { sha1,
88 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
89 "84983e441c3bd26ebaae4aa1f95129e5e54670f1" },
90 { sha1, "a", 1000000, "34aa973cd4c4daa4f61eeb2bdbad27316534016f" },
91 { sha1,
92 "0123456701234567012345670123456701234567012345670123456701234567", 10,
93 "dea356a2cddd90c7a7ecedc5ebb563934f460452" },
94
95 // SHA-224 tests, from RFC 3874.
96 { sha224, "abc", 1,
97 "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7" },
98 { sha224,
99 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
100 "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525" },
101 { sha224,
102 "a", 1000000,
103 "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67" },
104
105 // SHA-256 tests, from NIST.
106 { sha256, "abc", 1,
107 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" },
108 { sha256,
109 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,
110 "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1" },
111
112 // SHA-384 tests, from NIST.
113 { sha384, "abc", 1,
114 "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed"
115 "8086072ba1e7cc2358baeca134c825a7" },
116 { sha384,
117 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
118 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1,
119 "09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712"
120 "fcc7c71a557e2db966c3e9fa91746039" },
121
122 // SHA-512 tests, from NIST.
123 { sha512, "abc", 1,
124 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
125 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f" },
126 { sha512,
127 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
128 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1,
129 "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
130 "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909" },
131
132 // MD5-SHA1 tests.
133 { md5_sha1, "abc", 1,
134 "900150983cd24fb0d6963f7d28e17f72a9993e364706816aba3e25717850c26c9cd0d89d" },
135 };
136
CompareDigest(const TestVector * test,const uint8_t * digest,size_t digest_len)137 static bool CompareDigest(const TestVector *test,
138 const uint8_t *digest,
139 size_t digest_len) {
140 static const char kHexTable[] = "0123456789abcdef";
141 size_t i;
142 char digest_hex[2*EVP_MAX_MD_SIZE + 1];
143
144 for (i = 0; i < digest_len; i++) {
145 digest_hex[2*i] = kHexTable[digest[i] >> 4];
146 digest_hex[2*i + 1] = kHexTable[digest[i] & 0xf];
147 }
148 digest_hex[2*digest_len] = '\0';
149
150 if (strcmp(digest_hex, test->expected_hex) != 0) {
151 fprintf(stderr, "%s(\"%s\" * %d) = %s; want %s\n",
152 test->md.name, test->input, (int)test->repeat,
153 digest_hex, test->expected_hex);
154 return false;
155 }
156
157 return true;
158 }
159
TestDigest(const TestVector * test)160 static int TestDigest(const TestVector *test) {
161 ScopedEVP_MD_CTX ctx;
162
163 // Test the input provided.
164 if (!EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL)) {
165 fprintf(stderr, "EVP_DigestInit_ex failed\n");
166 return false;
167 }
168 for (size_t i = 0; i < test->repeat; i++) {
169 if (!EVP_DigestUpdate(ctx.get(), test->input, strlen(test->input))) {
170 fprintf(stderr, "EVP_DigestUpdate failed\n");
171 return false;
172 }
173 }
174 uint8_t digest[EVP_MAX_MD_SIZE];
175 unsigned digest_len;
176 if (!EVP_DigestFinal_ex(ctx.get(), digest, &digest_len)) {
177 fprintf(stderr, "EVP_DigestFinal_ex failed\n");
178 return false;
179 }
180 if (!CompareDigest(test, digest, digest_len)) {
181 return false;
182 }
183
184 // Test the input one character at a time.
185 if (!EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL)) {
186 fprintf(stderr, "EVP_DigestInit_ex failed\n");
187 return false;
188 }
189 if (!EVP_DigestUpdate(ctx.get(), NULL, 0)) {
190 fprintf(stderr, "EVP_DigestUpdate failed\n");
191 return false;
192 }
193 for (size_t i = 0; i < test->repeat; i++) {
194 for (const char *p = test->input; *p; p++) {
195 if (!EVP_DigestUpdate(ctx.get(), p, 1)) {
196 fprintf(stderr, "EVP_DigestUpdate failed\n");
197 return false;
198 }
199 }
200 }
201 if (!EVP_DigestFinal_ex(ctx.get(), digest, &digest_len)) {
202 fprintf(stderr, "EVP_DigestFinal_ex failed\n");
203 return false;
204 }
205 if (digest_len != EVP_MD_size(test->md.func())) {
206 fprintf(stderr, "EVP_MD_size output incorrect\n");
207 return false;
208 }
209 if (!CompareDigest(test, digest, digest_len)) {
210 return false;
211 }
212
213 // Test the one-shot function.
214 if (test->md.one_shot_func && test->repeat == 1) {
215 uint8_t *out = test->md.one_shot_func((const uint8_t *)test->input,
216 strlen(test->input), digest);
217 if (out != digest) {
218 fprintf(stderr, "one_shot_func gave incorrect return\n");
219 return false;
220 }
221 if (!CompareDigest(test, digest, EVP_MD_size(test->md.func()))) {
222 return false;
223 }
224
225 // Test the deprecated static buffer variant, until it's removed.
226 out = test->md.one_shot_func((const uint8_t *)test->input,
227 strlen(test->input), NULL);
228 if (!CompareDigest(test, out, EVP_MD_size(test->md.func()))) {
229 return false;
230 }
231 }
232
233 return true;
234 }
235
TestGetters()236 static int TestGetters() {
237 if (EVP_get_digestbyname("RSA-SHA512") == NULL ||
238 EVP_get_digestbyname("sha512WithRSAEncryption") == NULL ||
239 EVP_get_digestbyname("nonsense") != NULL) {
240 return false;
241 }
242
243 return true;
244 }
245
main(void)246 int main(void) {
247 CRYPTO_library_init();
248 ERR_load_crypto_strings();
249
250 for (size_t i = 0; i < sizeof(kTestVectors) / sizeof(kTestVectors[0]); i++) {
251 if (!TestDigest(&kTestVectors[i])) {
252 fprintf(stderr, "Test %d failed\n", (int)i);
253 return 1;
254 }
255 }
256
257 if (!TestGetters()) {
258 return 1;
259 }
260
261 printf("PASS\n");
262 return 0;
263 }
264