1 // Copyright 2015-2016 Brian Smith.
2 //
3 // Permission to use, copy, modify, and/or distribute this software for any
4 // purpose with or without fee is hereby granted, provided that the above
5 // copyright notice and this permission notice appear in all copies.
6 //
7 // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
8 // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
10 // SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14
15 use ring::{digest, hmac, test, test_file};
16
17 #[cfg(target_arch = "wasm32")]
18 use wasm_bindgen_test::{wasm_bindgen_test as test, wasm_bindgen_test_configure};
19
20 #[cfg(target_arch = "wasm32")]
21 wasm_bindgen_test_configure!(run_in_browser);
22
23 #[test]
hmac_tests()24 fn hmac_tests() {
25 test::run(test_file!("hmac_tests.txt"), |section, test_case| {
26 assert_eq!(section, "");
27 let digest_alg = test_case.consume_digest_alg("HMAC");
28 let key_value = test_case.consume_bytes("Key");
29 let mut input = test_case.consume_bytes("Input");
30 let output = test_case.consume_bytes("Output");
31
32 let algorithm = {
33 let digest_alg = match digest_alg {
34 Some(digest_alg) => digest_alg,
35 None => {
36 return Ok(());
37 } // Unsupported digest algorithm
38 };
39 if digest_alg == &digest::SHA1_FOR_LEGACY_USE_ONLY {
40 hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY
41 } else if digest_alg == &digest::SHA256 {
42 hmac::HMAC_SHA256
43 } else if digest_alg == &digest::SHA384 {
44 hmac::HMAC_SHA384
45 } else if digest_alg == &digest::SHA512 {
46 hmac::HMAC_SHA512
47 } else {
48 unreachable!()
49 }
50 };
51
52 hmac_test_case_inner(algorithm, &key_value[..], &input[..], &output[..], true);
53
54 // Tamper with the input and check that verification fails.
55 if input.is_empty() {
56 input.push(0);
57 } else {
58 input[0] ^= 1;
59 }
60
61 hmac_test_case_inner(algorithm, &key_value[..], &input[..], &output[..], false);
62
63 Ok(())
64 });
65 }
66
hmac_test_case_inner( algorithm: hmac::Algorithm, key_value: &[u8], input: &[u8], output: &[u8], is_ok: bool, )67 fn hmac_test_case_inner(
68 algorithm: hmac::Algorithm,
69 key_value: &[u8],
70 input: &[u8],
71 output: &[u8],
72 is_ok: bool,
73 ) {
74 let key = hmac::Key::new(algorithm, key_value);
75
76 // One-shot API.
77 {
78 let signature = hmac::sign(&key, input);
79 assert_eq!(is_ok, signature.as_ref() == output);
80 assert_eq!(is_ok, hmac::verify(&key, input, output).is_ok());
81 }
82
83 // Multi-part API, one single part.
84 {
85 let mut s_ctx = hmac::Context::with_key(&key);
86 s_ctx.update(input);
87 let signature = s_ctx.sign();
88 assert_eq!(is_ok, signature.as_ref() == output);
89 }
90
91 // Multi-part API, byte by byte.
92 {
93 let mut ctx = hmac::Context::with_key(&key);
94 for b in input {
95 ctx.update(&[*b]);
96 }
97 let signature = ctx.sign();
98 assert_eq!(is_ok, signature.as_ref() == output);
99 }
100 }
101
102 #[test]
hmac_debug()103 fn hmac_debug() {
104 let key = hmac::Key::new(hmac::HMAC_SHA256, &[0; 32]);
105 assert_eq!("Key { algorithm: SHA256 }", format!("{:?}", &key));
106
107 let ctx = hmac::Context::with_key(&key);
108 assert_eq!("Context { algorithm: SHA256 }", format!("{:?}", &ctx));
109 }
110