/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // TestSha1 // // Test SHA1 algorithm against test vectors /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// static bool TestSha1 ( void ) { int i; int k; int len; Sha1Context context; SHA1_HASH hash; bool success = true; for( i=0; i<NUM_TEST_VECTORS; i++ ) { Sha1Initialise( &context ); len = (int) gTestVectors[i].PlainTextSize ? gTestVectors[i].PlainTextSize : (int)strlen( gTestVectors[i].PlainText ); Sha1Update( &context, gTestVectors[i].PlainText, (uint32_t)len ); Sha1Finalise( &context, &hash ); if( memcmp( &hash, &gTestVectors[i].Sha1Hash, sizeof(hash) ) == 0 ) { // Test vector passed } else { printf( "TestSha1 - Test vector %u failed\n", i ); success = false; } } // Check the vectors again, this time adding just 1 char at a time to the hash functions for( i=0; i<NUM_TEST_VECTORS; i++ ) { Sha1Initialise( &context ); len = (int) gTestVectors[i].PlainTextSize ? gTestVectors[i].PlainTextSize : (int)strlen( gTestVectors[i].PlainText ); for( k=0; k<len; k++ ) { Sha1Update( &context, &gTestVectors[i].PlainText[k], 1 ); } Sha1Finalise( &context, &hash ); if( memcmp( &hash, &gTestVectors[i].Sha1Hash, sizeof(hash) ) == 0 ) { // Test vector passed } else { printf( "TestSha1 - Test vector %u failed [byte by byte]\n", i ); success = false; } } return success; }
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // main // // Program entry point /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// int main ( int ArgC, char** ArgV ) { char* string; Sha1Context sha1Context; SHA1_HASH sha1Hash; uint16_t i; if( 2 != ArgC ) { printf( "Syntax\n" " Sha1String <String>\n" ); return 1; } string = ArgV[1]; Sha1Initialise( &sha1Context ); Sha1Update( &sha1Context, string, (uint32_t)strlen(string) ); Sha1Finalise( &sha1Context, &sha1Hash ); for( i=0; i<sizeof(sha1Hash); i++ ) { printf( "%2.2x", sha1Hash.bytes[i] ); } printf( "\n" ); return 0; }
/* Once all the specfiles are in the hash_buf, generate the hash. */ void hidden digest_gen_hash(struct selabel_digest *digest) { Sha1Context context; /* If SELABEL_OPT_DIGEST not set then just return */ if (!digest) return; Sha1Initialise(&context); Sha1Update(&context, digest->hashbuf, digest->hashbuf_size); Sha1Finalise(&context, (SHA1_HASH *)digest->digest); free(digest->hashbuf); digest->hashbuf = NULL; return; }
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // TestLargeVector // // Tests AES CTR against a known large vector (of 1 million bytes). We check it against a known SHA-1 hash of // the output. //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// static bool TestLargeVector ( void ) { //dd if=/dev/zero iflag=count_bytes count=1000000 status=none | openssl enc -aes-128-ctr -K 00001111222233334444555566667777 -iv 88889999aaaabbbb | openssl sha1 //(stdin)= 6227c0192b110133fadd6d229790bbdf13c068ab uint8_t const* key = (uint8_t const*)"\x00\x00\x11\x11\x22\x22\x33\x33\x44\x44\x55\x55\x66\x66\x77\x77"; uint8_t const* iv = (uint8_t const*)"\x88\x88\x99\x99\xaa\xaa\xbb\xbb"; uint8_t const* sha1Hash = (uint8_t const*)"\xe1\x63\x5f\xa4\xf5\x7c\x98\x54\xf6\x18\xec\x0c\x8f\x18\x7f\x04\x34\xa2\xe1\x72"; uint32_t const numBytesToGenerate = 1000000; uint8_t* buffer = malloc( numBytesToGenerate ); uint32_t amountLeft = numBytesToGenerate; uint32_t chunkSize; Sha1Context sha1Context; AesCtrContext aesCtrContext; SHA1_HASH calcSha1; // Encrypt in one go first. memset( buffer, 0, numBytesToGenerate ); AesCtrXorWithKey( key, AES_KEY_SIZE_128, iv, buffer, buffer, numBytesToGenerate ); Sha1Initialise( &sha1Context ); Sha1Update( &sha1Context, buffer, numBytesToGenerate ); Sha1Finalise( &sha1Context, &calcSha1 ); if( 0 != memcmp( &calcSha1, sha1Hash, SHA1_HASH_SIZE ) ) { printf( "Large test vector failed\n" ); return false; } memset( buffer, 0, numBytesToGenerate ); // Now encrypt in smaller pieces (10000 bytes at a time) Sha1Initialise( &sha1Context ); AesCtrInitialiseWithKey( &aesCtrContext, key, AES_KEY_SIZE_128, iv ); while( amountLeft > 0 ) { memset( buffer, 0, numBytesToGenerate ); chunkSize = MIN( amountLeft, 10000 ); AesCtrOutput( &aesCtrContext, buffer, chunkSize ); Sha1Update( &sha1Context, buffer, chunkSize ); amountLeft -= chunkSize; } Sha1Finalise( &sha1Context, &calcSha1 ); if( 0 != memcmp( &calcSha1, sha1Hash, SHA1_HASH_SIZE ) ) { printf( "Large test vector failed\n" ); return false; } return true; }