xref: /aosp_15_r20/external/cronet/crypto/hmac_unittest.cc (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1*6777b538SAndroid Build Coastguard Worker // Copyright 2011 The Chromium Authors
2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be
3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file.
4*6777b538SAndroid Build Coastguard Worker 
5*6777b538SAndroid Build Coastguard Worker #include "crypto/hmac.h"
6*6777b538SAndroid Build Coastguard Worker 
7*6777b538SAndroid Build Coastguard Worker #include <stddef.h>
8*6777b538SAndroid Build Coastguard Worker #include <string.h>
9*6777b538SAndroid Build Coastguard Worker 
10*6777b538SAndroid Build Coastguard Worker #include <string>
11*6777b538SAndroid Build Coastguard Worker #include <string_view>
12*6777b538SAndroid Build Coastguard Worker 
13*6777b538SAndroid Build Coastguard Worker #include "testing/gtest/include/gtest/gtest.h"
14*6777b538SAndroid Build Coastguard Worker 
15*6777b538SAndroid Build Coastguard Worker static const size_t kSHA1DigestSize = 20;
16*6777b538SAndroid Build Coastguard Worker static const size_t kSHA256DigestSize = 32;
17*6777b538SAndroid Build Coastguard Worker 
18*6777b538SAndroid Build Coastguard Worker static const char* kSimpleKey =
19*6777b538SAndroid Build Coastguard Worker     "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
20*6777b538SAndroid Build Coastguard Worker     "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
21*6777b538SAndroid Build Coastguard Worker     "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
22*6777b538SAndroid Build Coastguard Worker     "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
23*6777b538SAndroid Build Coastguard Worker     "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
24*6777b538SAndroid Build Coastguard Worker static const size_t kSimpleKeyLength = 80;
25*6777b538SAndroid Build Coastguard Worker 
26*6777b538SAndroid Build Coastguard Worker static const struct {
27*6777b538SAndroid Build Coastguard Worker   const char *data;
28*6777b538SAndroid Build Coastguard Worker   const int data_len;
29*6777b538SAndroid Build Coastguard Worker   const char *digest;
30*6777b538SAndroid Build Coastguard Worker } kSimpleHmacCases[] = {
31*6777b538SAndroid Build Coastguard Worker   { "Test Using Larger Than Block-Size Key - Hash Key First", 54,
32*6777b538SAndroid Build Coastguard Worker     "\xAA\x4A\xE5\xE1\x52\x72\xD0\x0E\x95\x70\x56\x37\xCE\x8A\x3B\x55"
33*6777b538SAndroid Build Coastguard Worker         "\xED\x40\x21\x12" },
34*6777b538SAndroid Build Coastguard Worker   { "Test Using Larger Than Block-Size Key and Larger "
35*6777b538SAndroid Build Coastguard Worker         "Than One Block-Size Data", 73,
36*6777b538SAndroid Build Coastguard Worker     "\xE8\xE9\x9D\x0F\x45\x23\x7D\x78\x6D\x6B\xBA\xA7\x96\x5C\x78\x08"
37*6777b538SAndroid Build Coastguard Worker         "\xBB\xFF\x1A\x91" }
38*6777b538SAndroid Build Coastguard Worker };
39*6777b538SAndroid Build Coastguard Worker 
TEST(HMACTest,HmacSafeBrowsingResponseTest)40*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, HmacSafeBrowsingResponseTest) {
41*6777b538SAndroid Build Coastguard Worker   const int kKeySize = 16;
42*6777b538SAndroid Build Coastguard Worker 
43*6777b538SAndroid Build Coastguard Worker   // Client key.
44*6777b538SAndroid Build Coastguard Worker   const unsigned char kClientKey[kKeySize] =
45*6777b538SAndroid Build Coastguard Worker       { 0xbf, 0xf6, 0x83, 0x4b, 0x3e, 0xa3, 0x23, 0xdd,
46*6777b538SAndroid Build Coastguard Worker         0x96, 0x78, 0x70, 0x8e, 0xa1, 0x9d, 0x3b, 0x40 };
47*6777b538SAndroid Build Coastguard Worker 
48*6777b538SAndroid Build Coastguard Worker   // Expected HMAC result using kMessage and kClientKey.
49*6777b538SAndroid Build Coastguard Worker   const unsigned char kReceivedHmac[kSHA1DigestSize] =
50*6777b538SAndroid Build Coastguard Worker       { 0xb9, 0x3c, 0xd6, 0xf0, 0x49, 0x47, 0xe2, 0x52,
51*6777b538SAndroid Build Coastguard Worker         0x59, 0x7a, 0xbd, 0x1f, 0x2b, 0x4c, 0x83, 0xad,
52*6777b538SAndroid Build Coastguard Worker         0x86, 0xd2, 0x48, 0x85 };
53*6777b538SAndroid Build Coastguard Worker 
54*6777b538SAndroid Build Coastguard Worker   const char kMessage[] =
55*6777b538SAndroid Build Coastguard Worker "n:1896\ni:goog-malware-shavar\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shav"
56*6777b538SAndroid Build Coastguard Worker "ar_s_445-450\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_s_439-444\nu:s"
57*6777b538SAndroid Build Coastguard Worker ".ytimg.com/safebrowsing/rd/goog-malware-shavar_s_437\nu:s.ytimg.com/safebrowsi"
58*6777b538SAndroid Build Coastguard Worker "ng/rd/goog-malware-shavar_s_436\nu:s.ytimg.com/safebrowsing/rd/goog-malware-sh"
59*6777b538SAndroid Build Coastguard Worker "avar_s_433-435\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_s_431\nu:s.y"
60*6777b538SAndroid Build Coastguard Worker "timg.com/safebrowsing/rd/goog-malware-shavar_s_430\nu:s.ytimg.com/safebrowsing"
61*6777b538SAndroid Build Coastguard Worker "/rd/goog-malware-shavar_s_429\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shav"
62*6777b538SAndroid Build Coastguard Worker "ar_s_428\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_s_426\nu:s.ytimg.c"
63*6777b538SAndroid Build Coastguard Worker "om/safebrowsing/rd/goog-malware-shavar_s_424\nu:s.ytimg.com/safebrowsing/rd/go"
64*6777b538SAndroid Build Coastguard Worker "og-malware-shavar_s_423\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_s_4"
65*6777b538SAndroid Build Coastguard Worker "22\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_s_420\nu:s.ytimg.com/saf"
66*6777b538SAndroid Build Coastguard Worker "ebrowsing/rd/goog-malware-shavar_s_419\nu:s.ytimg.com/safebrowsing/rd/goog-mal"
67*6777b538SAndroid Build Coastguard Worker "ware-shavar_s_414\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_s_409-411"
68*6777b538SAndroid Build Coastguard Worker "\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_s_405\nu:s.ytimg.com/safeb"
69*6777b538SAndroid Build Coastguard Worker "rowsing/rd/goog-malware-shavar_s_404\nu:s.ytimg.com/safebrowsing/rd/goog-malwa"
70*6777b538SAndroid Build Coastguard Worker "re-shavar_s_402\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_s_401\nu:s."
71*6777b538SAndroid Build Coastguard Worker "ytimg.com/safebrowsing/rd/goog-malware-shavar_a_973-978\nu:s.ytimg.com/safebro"
72*6777b538SAndroid Build Coastguard Worker "wsing/rd/goog-malware-shavar_a_937-972\nu:s.ytimg.com/safebrowsing/rd/goog-mal"
73*6777b538SAndroid Build Coastguard Worker "ware-shavar_a_931-936\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_a_925"
74*6777b538SAndroid Build Coastguard Worker "-930\nu:s.ytimg.com/safebrowsing/rd/goog-malware-shavar_a_919-924\ni:goog-phis"
75*6777b538SAndroid Build Coastguard Worker "h-shavar\nu:s.ytimg.com/safebrowsing/rd/goog-phish-shavar_a_2633\nu:s.ytimg.co"
76*6777b538SAndroid Build Coastguard Worker "m/safebrowsing/rd/goog-phish-shavar_a_2632\nu:s.ytimg.com/safebrowsing/rd/goog"
77*6777b538SAndroid Build Coastguard Worker "-phish-shavar_a_2629-2631\nu:s.ytimg.com/safebrowsing/rd/goog-phish-shavar_a_2"
78*6777b538SAndroid Build Coastguard Worker "626-2628\nu:s.ytimg.com/safebrowsing/rd/goog-phish-shavar_a_2625\n";
79*6777b538SAndroid Build Coastguard Worker 
80*6777b538SAndroid Build Coastguard Worker   std::string message_data(kMessage);
81*6777b538SAndroid Build Coastguard Worker 
82*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac(crypto::HMAC::SHA1);
83*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(hmac.Init(kClientKey, kKeySize));
84*6777b538SAndroid Build Coastguard Worker   unsigned char calculated_hmac[kSHA1DigestSize];
85*6777b538SAndroid Build Coastguard Worker 
86*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac.Sign(message_data, calculated_hmac, kSHA1DigestSize));
87*6777b538SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(kReceivedHmac, calculated_hmac, kSHA1DigestSize));
88*6777b538SAndroid Build Coastguard Worker }
89*6777b538SAndroid Build Coastguard Worker 
90*6777b538SAndroid Build Coastguard Worker // Test cases from RFC 2202 section 3
TEST(HMACTest,RFC2202TestCases)91*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, RFC2202TestCases) {
92*6777b538SAndroid Build Coastguard Worker   const struct {
93*6777b538SAndroid Build Coastguard Worker     const char *key;
94*6777b538SAndroid Build Coastguard Worker     const int key_len;
95*6777b538SAndroid Build Coastguard Worker     const char *data;
96*6777b538SAndroid Build Coastguard Worker     const int data_len;
97*6777b538SAndroid Build Coastguard Worker     const char *digest;
98*6777b538SAndroid Build Coastguard Worker   } cases[] = {
99*6777b538SAndroid Build Coastguard Worker     { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
100*6777b538SAndroid Build Coastguard Worker           "\x0B\x0B\x0B\x0B", 20,
101*6777b538SAndroid Build Coastguard Worker       "Hi There", 8,
102*6777b538SAndroid Build Coastguard Worker       "\xB6\x17\x31\x86\x55\x05\x72\x64\xE2\x8B\xC0\xB6\xFB\x37\x8C\x8E"
103*6777b538SAndroid Build Coastguard Worker           "\xF1\x46\xBE\x00" },
104*6777b538SAndroid Build Coastguard Worker     { "Jefe", 4,
105*6777b538SAndroid Build Coastguard Worker       "what do ya want for nothing?", 28,
106*6777b538SAndroid Build Coastguard Worker       "\xEF\xFC\xDF\x6A\xE5\xEB\x2F\xA2\xD2\x74\x16\xD5\xF1\x84\xDF\x9C"
107*6777b538SAndroid Build Coastguard Worker           "\x25\x9A\x7C\x79" },
108*6777b538SAndroid Build Coastguard Worker     { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
109*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA", 20,
110*6777b538SAndroid Build Coastguard Worker       "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
111*6777b538SAndroid Build Coastguard Worker           "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
112*6777b538SAndroid Build Coastguard Worker           "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
113*6777b538SAndroid Build Coastguard Worker           "\xDD\xDD", 50,
114*6777b538SAndroid Build Coastguard Worker       "\x12\x5D\x73\x42\xB9\xAC\x11\xCD\x91\xA3\x9A\xF4\x8A\xA1\x7B\x4F"
115*6777b538SAndroid Build Coastguard Worker           "\x63\xF1\x75\xD3" },
116*6777b538SAndroid Build Coastguard Worker     { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
117*6777b538SAndroid Build Coastguard Worker           "\x11\x12\x13\x14\x15\x16\x17\x18\x19", 25,
118*6777b538SAndroid Build Coastguard Worker       "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
119*6777b538SAndroid Build Coastguard Worker           "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
120*6777b538SAndroid Build Coastguard Worker           "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
121*6777b538SAndroid Build Coastguard Worker           "\xCD\xCD", 50,
122*6777b538SAndroid Build Coastguard Worker       "\x4C\x90\x07\xF4\x02\x62\x50\xC6\xBC\x84\x14\xF9\xBF\x50\xC8\x6C"
123*6777b538SAndroid Build Coastguard Worker           "\x2D\x72\x35\xDA" },
124*6777b538SAndroid Build Coastguard Worker     { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
125*6777b538SAndroid Build Coastguard Worker           "\x0C\x0C\x0C\x0C", 20,
126*6777b538SAndroid Build Coastguard Worker       "Test With Truncation", 20,
127*6777b538SAndroid Build Coastguard Worker       "\x4C\x1A\x03\x42\x4B\x55\xE0\x7F\xE7\xF2\x7B\xE1\xD5\x8B\xB9\x32"
128*6777b538SAndroid Build Coastguard Worker           "\x4A\x9A\x5A\x04" },
129*6777b538SAndroid Build Coastguard Worker     { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
130*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
131*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
132*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
133*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA",
134*6777b538SAndroid Build Coastguard Worker       80,
135*6777b538SAndroid Build Coastguard Worker       "Test Using Larger Than Block-Size Key - Hash Key First", 54,
136*6777b538SAndroid Build Coastguard Worker       "\xAA\x4A\xE5\xE1\x52\x72\xD0\x0E\x95\x70\x56\x37\xCE\x8A\x3B\x55"
137*6777b538SAndroid Build Coastguard Worker           "\xED\x40\x21\x12" },
138*6777b538SAndroid Build Coastguard Worker     { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
139*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
140*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
141*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
142*6777b538SAndroid Build Coastguard Worker           "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA",
143*6777b538SAndroid Build Coastguard Worker       80,
144*6777b538SAndroid Build Coastguard Worker       "Test Using Larger Than Block-Size Key and Larger "
145*6777b538SAndroid Build Coastguard Worker           "Than One Block-Size Data", 73,
146*6777b538SAndroid Build Coastguard Worker       "\xE8\xE9\x9D\x0F\x45\x23\x7D\x78\x6D\x6B\xBA\xA7\x96\x5C\x78\x08"
147*6777b538SAndroid Build Coastguard Worker           "\xBB\xFF\x1A\x91" }
148*6777b538SAndroid Build Coastguard Worker   };
149*6777b538SAndroid Build Coastguard Worker 
150*6777b538SAndroid Build Coastguard Worker   for (size_t i = 0; i < std::size(cases); ++i) {
151*6777b538SAndroid Build Coastguard Worker     crypto::HMAC hmac(crypto::HMAC::SHA1);
152*6777b538SAndroid Build Coastguard Worker     ASSERT_TRUE(hmac.Init(reinterpret_cast<const unsigned char*>(cases[i].key),
153*6777b538SAndroid Build Coastguard Worker                           cases[i].key_len));
154*6777b538SAndroid Build Coastguard Worker     std::string data_string(cases[i].data, cases[i].data_len);
155*6777b538SAndroid Build Coastguard Worker     unsigned char digest[kSHA1DigestSize];
156*6777b538SAndroid Build Coastguard Worker     EXPECT_TRUE(hmac.Sign(data_string, digest, kSHA1DigestSize));
157*6777b538SAndroid Build Coastguard Worker     EXPECT_EQ(0, memcmp(cases[i].digest, digest, kSHA1DigestSize));
158*6777b538SAndroid Build Coastguard Worker   }
159*6777b538SAndroid Build Coastguard Worker }
160*6777b538SAndroid Build Coastguard Worker 
161*6777b538SAndroid Build Coastguard Worker // TODO(wtc): add other test vectors from RFC 4231.
TEST(HMACTest,RFC4231TestCase6)162*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, RFC4231TestCase6) {
163*6777b538SAndroid Build Coastguard Worker   unsigned char key[131];
164*6777b538SAndroid Build Coastguard Worker   for (size_t i = 0; i < sizeof(key); ++i)
165*6777b538SAndroid Build Coastguard Worker     key[i] = 0xaa;
166*6777b538SAndroid Build Coastguard Worker 
167*6777b538SAndroid Build Coastguard Worker   std::string data = "Test Using Larger Than Block-Size Key - Hash Key First";
168*6777b538SAndroid Build Coastguard Worker   ASSERT_EQ(54U, data.size());
169*6777b538SAndroid Build Coastguard Worker 
170*6777b538SAndroid Build Coastguard Worker   static unsigned char kKnownHMACSHA256[] = {
171*6777b538SAndroid Build Coastguard Worker     0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f,
172*6777b538SAndroid Build Coastguard Worker     0x0d, 0x8a, 0x26, 0xaa, 0xcb, 0xf5, 0xb7, 0x7f,
173*6777b538SAndroid Build Coastguard Worker     0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28, 0xc5, 0x14,
174*6777b538SAndroid Build Coastguard Worker     0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54
175*6777b538SAndroid Build Coastguard Worker   };
176*6777b538SAndroid Build Coastguard Worker 
177*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac(crypto::HMAC::SHA256);
178*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(hmac.Init(key, sizeof(key)));
179*6777b538SAndroid Build Coastguard Worker   unsigned char calculated_hmac[kSHA256DigestSize];
180*6777b538SAndroid Build Coastguard Worker 
181*6777b538SAndroid Build Coastguard Worker   EXPECT_EQ(kSHA256DigestSize, hmac.DigestLength());
182*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac.Sign(data, calculated_hmac, kSHA256DigestSize));
183*6777b538SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(kKnownHMACSHA256, calculated_hmac, kSHA256DigestSize));
184*6777b538SAndroid Build Coastguard Worker }
185*6777b538SAndroid Build Coastguard Worker 
186*6777b538SAndroid Build Coastguard Worker // Based on NSS's FIPS HMAC power-up self-test.
TEST(HMACTest,NSSFIPSPowerUpSelfTest)187*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, NSSFIPSPowerUpSelfTest) {
188*6777b538SAndroid Build Coastguard Worker   static const char kKnownMessage[] =
189*6777b538SAndroid Build Coastguard Worker       "The test message for the MD2, MD5, and SHA-1 hashing algorithms.";
190*6777b538SAndroid Build Coastguard Worker 
191*6777b538SAndroid Build Coastguard Worker   static const unsigned char kKnownSecretKey[] = {
192*6777b538SAndroid Build Coastguard Worker     0x46, 0x69, 0x72, 0x65, 0x66, 0x6f, 0x78, 0x20,
193*6777b538SAndroid Build Coastguard Worker     0x61, 0x6e, 0x64, 0x20, 0x54, 0x68, 0x75, 0x6e,
194*6777b538SAndroid Build Coastguard Worker     0x64, 0x65, 0x72, 0x42, 0x69, 0x72, 0x64, 0x20,
195*6777b538SAndroid Build Coastguard Worker     0x61, 0x72, 0x65, 0x20, 0x61, 0x77, 0x65, 0x73,
196*6777b538SAndroid Build Coastguard Worker     0x6f, 0x6d, 0x65, 0x21, 0x00
197*6777b538SAndroid Build Coastguard Worker   };
198*6777b538SAndroid Build Coastguard Worker 
199*6777b538SAndroid Build Coastguard Worker   static const size_t kKnownSecretKeySize = sizeof(kKnownSecretKey);
200*6777b538SAndroid Build Coastguard Worker 
201*6777b538SAndroid Build Coastguard Worker   // HMAC-SHA-1 known answer (20 bytes).
202*6777b538SAndroid Build Coastguard Worker   static const unsigned char kKnownHMACSHA1[] = {
203*6777b538SAndroid Build Coastguard Worker     0xd5, 0x85, 0xf6, 0x5b, 0x39, 0xfa, 0xb9, 0x05,
204*6777b538SAndroid Build Coastguard Worker     0x3b, 0x57, 0x1d, 0x61, 0xe7, 0xb8, 0x84, 0x1e,
205*6777b538SAndroid Build Coastguard Worker     0x5d, 0x0e, 0x1e, 0x11
206*6777b538SAndroid Build Coastguard Worker   };
207*6777b538SAndroid Build Coastguard Worker 
208*6777b538SAndroid Build Coastguard Worker   // HMAC-SHA-256 known answer (32 bytes).
209*6777b538SAndroid Build Coastguard Worker   static const unsigned char kKnownHMACSHA256[] = {
210*6777b538SAndroid Build Coastguard Worker     0x05, 0x75, 0x9a, 0x9e, 0x70, 0x5e, 0xe7, 0x44,
211*6777b538SAndroid Build Coastguard Worker     0xe2, 0x46, 0x4b, 0x92, 0x22, 0x14, 0x22, 0xe0,
212*6777b538SAndroid Build Coastguard Worker     0x1b, 0x92, 0x8a, 0x0c, 0xfe, 0xf5, 0x49, 0xe9,
213*6777b538SAndroid Build Coastguard Worker     0xa7, 0x1b, 0x56, 0x7d, 0x1d, 0x29, 0x40, 0x48
214*6777b538SAndroid Build Coastguard Worker   };
215*6777b538SAndroid Build Coastguard Worker 
216*6777b538SAndroid Build Coastguard Worker   std::string message_data(kKnownMessage);
217*6777b538SAndroid Build Coastguard Worker 
218*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac(crypto::HMAC::SHA1);
219*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(hmac.Init(kKnownSecretKey, kKnownSecretKeySize));
220*6777b538SAndroid Build Coastguard Worker   unsigned char calculated_hmac[kSHA1DigestSize];
221*6777b538SAndroid Build Coastguard Worker 
222*6777b538SAndroid Build Coastguard Worker   EXPECT_EQ(kSHA1DigestSize, hmac.DigestLength());
223*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac.Sign(message_data, calculated_hmac, kSHA1DigestSize));
224*6777b538SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(kKnownHMACSHA1, calculated_hmac, kSHA1DigestSize));
225*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac.Verify(
226*6777b538SAndroid Build Coastguard Worker       message_data,
227*6777b538SAndroid Build Coastguard Worker       std::string_view(reinterpret_cast<const char*>(kKnownHMACSHA1),
228*6777b538SAndroid Build Coastguard Worker                        kSHA1DigestSize)));
229*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac.VerifyTruncated(
230*6777b538SAndroid Build Coastguard Worker       message_data,
231*6777b538SAndroid Build Coastguard Worker       std::string_view(reinterpret_cast<const char*>(kKnownHMACSHA1),
232*6777b538SAndroid Build Coastguard Worker                        kSHA1DigestSize / 2)));
233*6777b538SAndroid Build Coastguard Worker 
234*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac2(crypto::HMAC::SHA256);
235*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(hmac2.Init(kKnownSecretKey, kKnownSecretKeySize));
236*6777b538SAndroid Build Coastguard Worker   unsigned char calculated_hmac2[kSHA256DigestSize];
237*6777b538SAndroid Build Coastguard Worker 
238*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac2.Sign(message_data, calculated_hmac2, kSHA256DigestSize));
239*6777b538SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(kKnownHMACSHA256, calculated_hmac2, kSHA256DigestSize));
240*6777b538SAndroid Build Coastguard Worker }
241*6777b538SAndroid Build Coastguard Worker 
TEST(HMACTest,HMACObjectReuse)242*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, HMACObjectReuse) {
243*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac(crypto::HMAC::SHA1);
244*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(
245*6777b538SAndroid Build Coastguard Worker       hmac.Init(reinterpret_cast<const unsigned char*>(kSimpleKey),
246*6777b538SAndroid Build Coastguard Worker                 kSimpleKeyLength));
247*6777b538SAndroid Build Coastguard Worker   for (size_t i = 0; i < std::size(kSimpleHmacCases); ++i) {
248*6777b538SAndroid Build Coastguard Worker     std::string data_string(kSimpleHmacCases[i].data,
249*6777b538SAndroid Build Coastguard Worker                             kSimpleHmacCases[i].data_len);
250*6777b538SAndroid Build Coastguard Worker     unsigned char digest[kSHA1DigestSize];
251*6777b538SAndroid Build Coastguard Worker     EXPECT_TRUE(hmac.Sign(data_string, digest, kSHA1DigestSize));
252*6777b538SAndroid Build Coastguard Worker     EXPECT_EQ(0, memcmp(kSimpleHmacCases[i].digest, digest, kSHA1DigestSize));
253*6777b538SAndroid Build Coastguard Worker   }
254*6777b538SAndroid Build Coastguard Worker }
255*6777b538SAndroid Build Coastguard Worker 
TEST(HMACTest,Verify)256*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, Verify) {
257*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac(crypto::HMAC::SHA1);
258*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(
259*6777b538SAndroid Build Coastguard Worker       hmac.Init(reinterpret_cast<const unsigned char*>(kSimpleKey),
260*6777b538SAndroid Build Coastguard Worker                 kSimpleKeyLength));
261*6777b538SAndroid Build Coastguard Worker   const char empty_digest[kSHA1DigestSize] = { 0 };
262*6777b538SAndroid Build Coastguard Worker   for (size_t i = 0; i < std::size(kSimpleHmacCases); ++i) {
263*6777b538SAndroid Build Coastguard Worker     // Expected results
264*6777b538SAndroid Build Coastguard Worker     EXPECT_TRUE(hmac.Verify(
265*6777b538SAndroid Build Coastguard Worker         std::string_view(kSimpleHmacCases[i].data,
266*6777b538SAndroid Build Coastguard Worker                          kSimpleHmacCases[i].data_len),
267*6777b538SAndroid Build Coastguard Worker         std::string_view(kSimpleHmacCases[i].digest, kSHA1DigestSize)));
268*6777b538SAndroid Build Coastguard Worker     // Mismatched size
269*6777b538SAndroid Build Coastguard Worker     EXPECT_FALSE(hmac.Verify(std::string_view(kSimpleHmacCases[i].data,
270*6777b538SAndroid Build Coastguard Worker                                               kSimpleHmacCases[i].data_len),
271*6777b538SAndroid Build Coastguard Worker                              std::string_view(kSimpleHmacCases[i].data,
272*6777b538SAndroid Build Coastguard Worker                                               kSimpleHmacCases[i].data_len)));
273*6777b538SAndroid Build Coastguard Worker 
274*6777b538SAndroid Build Coastguard Worker     // Expected size, mismatched data
275*6777b538SAndroid Build Coastguard Worker     EXPECT_FALSE(hmac.Verify(std::string_view(kSimpleHmacCases[i].data,
276*6777b538SAndroid Build Coastguard Worker                                               kSimpleHmacCases[i].data_len),
277*6777b538SAndroid Build Coastguard Worker                              std::string_view(empty_digest, kSHA1DigestSize)));
278*6777b538SAndroid Build Coastguard Worker   }
279*6777b538SAndroid Build Coastguard Worker }
280*6777b538SAndroid Build Coastguard Worker 
TEST(HMACTest,EmptyKey)281*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, EmptyKey) {
282*6777b538SAndroid Build Coastguard Worker   // Test vector from https://en.wikipedia.org/wiki/HMAC
283*6777b538SAndroid Build Coastguard Worker   const char* kExpectedDigest =
284*6777b538SAndroid Build Coastguard Worker       "\xFB\xDB\x1D\x1B\x18\xAA\x6C\x08\x32\x4B\x7D\x64\xB7\x1F\xB7\x63"
285*6777b538SAndroid Build Coastguard Worker       "\x70\x69\x0E\x1D";
286*6777b538SAndroid Build Coastguard Worker   std::string_view data("");
287*6777b538SAndroid Build Coastguard Worker 
288*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac(crypto::HMAC::SHA1);
289*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(hmac.Init(nullptr, 0));
290*6777b538SAndroid Build Coastguard Worker 
291*6777b538SAndroid Build Coastguard Worker   unsigned char digest[kSHA1DigestSize];
292*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac.Sign(data, digest, kSHA1DigestSize));
293*6777b538SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(kExpectedDigest, digest, kSHA1DigestSize));
294*6777b538SAndroid Build Coastguard Worker 
295*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(
296*6777b538SAndroid Build Coastguard Worker       hmac.Verify(data, std::string_view(kExpectedDigest, kSHA1DigestSize)));
297*6777b538SAndroid Build Coastguard Worker }
298*6777b538SAndroid Build Coastguard Worker 
TEST(HMACTest,TooLong)299*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, TooLong) {
300*6777b538SAndroid Build Coastguard Worker   // See RFC4231, section 4.7.
301*6777b538SAndroid Build Coastguard Worker   unsigned char key[131];
302*6777b538SAndroid Build Coastguard Worker   for (size_t i = 0; i < sizeof(key); ++i)
303*6777b538SAndroid Build Coastguard Worker     key[i] = 0xaa;
304*6777b538SAndroid Build Coastguard Worker 
305*6777b538SAndroid Build Coastguard Worker   std::string data = "Test Using Larger Than Block-Size Key - Hash Key First";
306*6777b538SAndroid Build Coastguard Worker   static uint8_t kKnownHMACSHA256[] = {
307*6777b538SAndroid Build Coastguard Worker       0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a, 0x26,
308*6777b538SAndroid Build Coastguard Worker       0xaa, 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28,
309*6777b538SAndroid Build Coastguard Worker       0xc5, 0x14, 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54};
310*6777b538SAndroid Build Coastguard Worker 
311*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac(crypto::HMAC::SHA256);
312*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(hmac.Init(key, sizeof(key)));
313*6777b538SAndroid Build Coastguard Worker 
314*6777b538SAndroid Build Coastguard Worker   // Attempting to write too large of an HMAC is an error.
315*6777b538SAndroid Build Coastguard Worker   uint8_t calculated_hmac[kSHA256DigestSize + 1];
316*6777b538SAndroid Build Coastguard Worker   EXPECT_FALSE(hmac.Sign(data, calculated_hmac, sizeof(calculated_hmac)));
317*6777b538SAndroid Build Coastguard Worker 
318*6777b538SAndroid Build Coastguard Worker   // Attempting to verify too large of an HMAC is an error.
319*6777b538SAndroid Build Coastguard Worker   memcpy(calculated_hmac, kKnownHMACSHA256, kSHA256DigestSize);
320*6777b538SAndroid Build Coastguard Worker   calculated_hmac[kSHA256DigestSize] = 0;
321*6777b538SAndroid Build Coastguard Worker   EXPECT_FALSE(hmac.VerifyTruncated(
322*6777b538SAndroid Build Coastguard Worker       data,
323*6777b538SAndroid Build Coastguard Worker       std::string(calculated_hmac, calculated_hmac + sizeof(calculated_hmac))));
324*6777b538SAndroid Build Coastguard Worker }
325*6777b538SAndroid Build Coastguard Worker 
TEST(HMACTest,Bytes)326*6777b538SAndroid Build Coastguard Worker TEST(HMACTest, Bytes) {
327*6777b538SAndroid Build Coastguard Worker   // See RFC4231, section 4.7.
328*6777b538SAndroid Build Coastguard Worker   std::vector<uint8_t> key(131, 0xaa);
329*6777b538SAndroid Build Coastguard Worker   std::string data_str =
330*6777b538SAndroid Build Coastguard Worker       "Test Using Larger Than Block-Size Key - Hash Key First";
331*6777b538SAndroid Build Coastguard Worker   std::vector<uint8_t> data(data_str.begin(), data_str.end());
332*6777b538SAndroid Build Coastguard Worker   static uint8_t kKnownHMACSHA256[] = {
333*6777b538SAndroid Build Coastguard Worker       0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a, 0x26,
334*6777b538SAndroid Build Coastguard Worker       0xaa, 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28,
335*6777b538SAndroid Build Coastguard Worker       0xc5, 0x14, 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54};
336*6777b538SAndroid Build Coastguard Worker 
337*6777b538SAndroid Build Coastguard Worker   crypto::HMAC hmac(crypto::HMAC::SHA256);
338*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(hmac.Init(key));
339*6777b538SAndroid Build Coastguard Worker 
340*6777b538SAndroid Build Coastguard Worker   uint8_t calculated_hmac[kSHA256DigestSize];
341*6777b538SAndroid Build Coastguard Worker   ASSERT_TRUE(hmac.Sign(data, calculated_hmac));
342*6777b538SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(kKnownHMACSHA256, calculated_hmac, kSHA256DigestSize));
343*6777b538SAndroid Build Coastguard Worker 
344*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac.Verify(data, calculated_hmac));
345*6777b538SAndroid Build Coastguard Worker   EXPECT_TRUE(hmac.VerifyTruncated(
346*6777b538SAndroid Build Coastguard Worker       data, base::make_span(calculated_hmac, kSHA256DigestSize / 2)));
347*6777b538SAndroid Build Coastguard Worker 
348*6777b538SAndroid Build Coastguard Worker   data[0]++;
349*6777b538SAndroid Build Coastguard Worker   EXPECT_FALSE(hmac.Verify(data, calculated_hmac));
350*6777b538SAndroid Build Coastguard Worker   EXPECT_FALSE(hmac.VerifyTruncated(
351*6777b538SAndroid Build Coastguard Worker       data, base::make_span(calculated_hmac, kSHA256DigestSize / 2)));
352*6777b538SAndroid Build Coastguard Worker }
353