int s2n_hmac_digest_size(s2n_hmac_algorithm alg) { if (alg == S2N_HMAC_SSLv3_MD5) { alg = S2N_HMAC_MD5; } if (alg == S2N_HMAC_SSLv3_SHA1) { alg = S2N_HMAC_SHA1; } return s2n_hash_digest_size((s2n_hash_algorithm) alg); }
static int s2n_ecdsa_verify(const struct s2n_pkey *pub, struct s2n_hash_state *digest, struct s2n_blob *signature) { const s2n_ecdsa_public_key *key = &pub->key.ecdsa_key; notnull_check(key->ec_key); uint8_t digest_length; GUARD(s2n_hash_digest_size(digest->alg, &digest_length)); lte_check(digest_length, S2N_MAX_DIGEST_LEN); uint8_t digest_out[S2N_MAX_DIGEST_LEN]; GUARD(s2n_hash_digest(digest, digest_out, digest_length)); /* ECDSA_verify ignores the first parameter */ GUARD_OSSL(ECDSA_verify(0, digest_out, digest_length, signature->data, signature->size, key->ec_key), S2N_ERR_VERIFY_SIGNATURE); GUARD(s2n_hash_reset(digest)); return 0; }
static int s2n_ecdsa_sign(const struct s2n_pkey *priv, struct s2n_hash_state *digest, struct s2n_blob *signature) { const s2n_ecdsa_private_key *key = &priv->key.ecdsa_key; notnull_check(key->ec_key); uint8_t digest_length; GUARD(s2n_hash_digest_size(digest->alg, &digest_length)); lte_check(digest_length, S2N_MAX_DIGEST_LEN); uint8_t digest_out[S2N_MAX_DIGEST_LEN]; GUARD(s2n_hash_digest(digest, digest_out, digest_length)); unsigned int signature_size = signature->size; GUARD_OSSL(ECDSA_sign(0, digest_out, digest_length, signature->data, &signature_size, key->ec_key), S2N_ERR_SIGN); S2N_ERROR_IF(signature_size > signature->size, S2N_ERR_SIZE_MISMATCH); signature->size = signature_size; GUARD(s2n_hash_reset(digest)); return 0; }
int main(int argc, char **argv) { uint8_t digest_pad[64]; uint8_t output_pad[96]; uint8_t hello[] = "Hello world!\n"; struct s2n_stuffer output; struct s2n_hash_state hash, copy; struct s2n_blob out = {.data = output_pad,.size = sizeof(output_pad) }; BEGIN_TEST(); /* Initialise our output stuffers */ EXPECT_SUCCESS(s2n_stuffer_init(&output, &out)); uint8_t md5_digest_size; GUARD(s2n_hash_digest_size(S2N_HASH_MD5, &md5_digest_size)); EXPECT_EQUAL(md5_digest_size, 16); EXPECT_SUCCESS(s2n_hash_init(&hash, S2N_HASH_MD5)); EXPECT_SUCCESS(s2n_hash_update(&hash, hello, strlen((char *)hello))); EXPECT_SUCCESS(s2n_hash_copy(©, &hash)); EXPECT_SUCCESS(s2n_hash_digest(&hash, digest_pad, MD5_DIGEST_LENGTH)); for (int i = 0; i < 16; i++) { EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i])); } /* Reference value from command line md5sum */ EXPECT_EQUAL(memcmp(output_pad, "59ca0efa9f5633cb0371bbc0355478d8", 16 * 2), 0); /* Check the copy */ EXPECT_SUCCESS(s2n_hash_digest(©, digest_pad, MD5_DIGEST_LENGTH)); for (int i = 0; i < 16; i++) { EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i])); } /* Reference value from command line md5sum */ EXPECT_EQUAL(memcmp(output_pad, "59ca0efa9f5633cb0371bbc0355478d8", 16 * 2), 0); EXPECT_SUCCESS(s2n_stuffer_init(&output, &out)); uint8_t sha1_digest_size; GUARD(s2n_hash_digest_size(S2N_HASH_SHA1, &sha1_digest_size)); EXPECT_EQUAL(sha1_digest_size, 20); EXPECT_SUCCESS(s2n_hash_init(&hash, S2N_HASH_SHA1)); EXPECT_SUCCESS(s2n_hash_update(&hash, hello, strlen((char *)hello))); EXPECT_SUCCESS(s2n_hash_digest(&hash, digest_pad, SHA_DIGEST_LENGTH)); for (int i = 0; i < 20; i++) { EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i])); } /* Reference value from command line sha1sum */ EXPECT_EQUAL(memcmp(output_pad, "47a013e660d408619d894b20806b1d5086aab03b", 20 * 2), 0); EXPECT_SUCCESS(s2n_stuffer_init(&output, &out)); uint8_t sha256_digest_size; GUARD(s2n_hash_digest_size(S2N_HASH_SHA256, &sha256_digest_size)); EXPECT_EQUAL(sha256_digest_size, 32); EXPECT_SUCCESS(s2n_hash_init(&hash, S2N_HASH_SHA256)); EXPECT_SUCCESS(s2n_hash_update(&hash, hello, strlen((char *)hello))); EXPECT_SUCCESS(s2n_hash_digest(&hash, digest_pad, SHA256_DIGEST_LENGTH)); for (int i = 0; i < 32; i++) { EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i])); } /* Reference value from command line sha256sum */ EXPECT_EQUAL(memcmp(output_pad, "0ba904eae8773b70c75333db4de2f3ac45a8ad4ddba1b242f0b3cfc199391dd8", 32 * 2), 0); EXPECT_SUCCESS(s2n_stuffer_init(&output, &out)); uint8_t sha384_digest_size; GUARD(s2n_hash_digest_size(S2N_HASH_SHA384, &sha384_digest_size)); EXPECT_EQUAL(sha384_digest_size, 48); EXPECT_SUCCESS(s2n_hash_init(&hash, S2N_HASH_SHA384)); EXPECT_SUCCESS(s2n_hash_update(&hash, hello, strlen((char *)hello))); EXPECT_SUCCESS(s2n_hash_digest(&hash, digest_pad, SHA384_DIGEST_LENGTH)); for (int i = 0; i < 48; i++) { EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i])); } /* Reference value from command line sha512sum */ EXPECT_EQUAL(memcmp(output_pad, "f7f8f1b9d5a9a61742eeda26c20990282ac08dabda14e70376fcb4c8b46198a9959ea9d7d194b38520eed5397ffe6d8e", 48 * 2), 0); END_TEST(); }