Add test vectors from RFC 6234 for SHA-1 and SHA-2.

This supersedes the '#ifdef TEST' main programs in sshsh256.c and sshsh512.c. Now there's no need to build those test programs manually on the rare occasion of modifying the hash implementations; instead testcrypt is built every night and will run these test vectors. RFC 6234 has some test vectors for HMAC-SHA-* as well, so I've included the ones applicable to this implementation.
2025-07-15 10:07:39 -05:00 · 2019-01-04 07:50:03 +00:00
parent 0b14e7376e
commit b63846902e
3 changed files with 164 additions and 130 deletions
--- a/sshsh512.c
+++ b/sshsh512.c
@ -357,83 +357,3 @@ static void sha384_final(ssh_hash *hash, unsigned char *output)
 const ssh_hashalg ssh_sha384 = {
    sha384_new, sha512_copy, sha384_final, sha512_free, 48, "SHA-384"
 };
-
-#ifdef TEST
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <assert.h>
-
-int main(void) {
-    unsigned char digest[64];
-    int i, j, errors;
-
-    struct {
-	const char *teststring;
-	unsigned char digest512[64];
-    } tests[] = {
-	{ "abc", {
-	    0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
-            0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
-            0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
-            0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
-            0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
-            0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
-            0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
-            0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f,
-	} },
-	{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
-	"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", {
-	    0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
-            0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
-            0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
-            0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
-            0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
-            0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
-            0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
-            0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09,
-	} },
-	{ NULL, {
-	    0xe7, 0x18, 0x48, 0x3d, 0x0c, 0xe7, 0x69, 0x64,
-	    0x4e, 0x2e, 0x42, 0xc7, 0xbc, 0x15, 0xb4, 0x63,
-	    0x8e, 0x1f, 0x98, 0xb1, 0x3b, 0x20, 0x44, 0x28,
-	    0x56, 0x32, 0xa8, 0x03, 0xaf, 0xa9, 0x73, 0xeb,
-	    0xde, 0x0f, 0xf2, 0x44, 0x87, 0x7e, 0xa6, 0x0a,
-	    0x4c, 0xb0, 0x43, 0x2c, 0xe5, 0x77, 0xc3, 0x1b,
-	    0xeb, 0x00, 0x9c, 0x5c, 0x2c, 0x49, 0xaa, 0x2e,
-	    0x4e, 0xad, 0xb2, 0x17, 0xad, 0x8c, 0xc0, 0x9b, 
-	} },
-    };
-
-    errors = 0;
-
-    for (i = 0; i < lenof(tests); i++) {
-	if (tests[i].teststring) {
-	    SHA512_Simple(tests[i].teststring,
-			  strlen(tests[i].teststring), digest);
-	} else {
-	    SHA512_State s;
-	    int n;
-	    SHA512_Init(&s);
-	    for (n = 0; n < 1000000 / 40; n++)
-		put_data(&s, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 40);
-	    SHA512_Final(&s, digest);
-	}
-	for (j = 0; j < 64; j++) {
-	    if (digest[j] != tests[i].digest512[j]) {
-		fprintf(stderr,
-			"\"%s\" digest512 byte %d should be 0x%02x, is 0x%02x\n",
-			tests[i].teststring, j, tests[i].digest512[j],
-			digest[j]);
-		errors++;
-	    }
-	}
-
-    }
-
-    printf("%d errors\n", errors);
-
-    return 0;
-}
-
-#endif