Add the HMAC computation in the HashFunction API

4 years ago · 30517d8b54
2 changed files with 216 additions and 0 deletions
--- a/acme_common/src/crypto/openssl_hash.rs
+++ b/acme_common/src/crypto/openssl_hash.rs
@ -1,5 +1,8 @@
 use crate::error::Error;
 use openssl::hash::MessageDigest;
 use openssl::pkey::PKey;
 use openssl::sha::{sha256, sha384, sha512};
 use openssl::sign::Signer;
 pub type HashFunction = super::BaseHashFunction;
@ -12,6 +15,15 @@ impl HashFunction {
        }
    }
    pub fn hmac(&self, key: &[u8], data: &[u8]) -> Result<Vec<u8>, Error> {
        let key = PKey::hmac(key)?;
        let h_func = self.native_digest();
        let mut signer = Signer::new(h_func, &key)?;
        signer.update(data)?;
        let res = signer.sign_to_vec()?;
        Ok(res)
    }
    pub(crate) fn native_digest(&self) -> MessageDigest {
        match self {
            HashFunction::Sha256 => MessageDigest::sha256(),
--- a/acme_common/src/tests/hash.rs
+++ b/acme_common/src/tests/hash.rs
@ -60,6 +60,70 @@ fn test_hash_sha256() {
    }
 }
 #[test]
 fn test_hmac_sha256() {
    let test_vectors = vec![
        (
            vec![
                11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
            ],
            vec![72, 105, 32, 84, 104, 101, 114, 101],
            vec![
                176, 52, 76, 97, 216, 219, 56, 83, 92, 168, 175, 206, 175, 11, 241, 43, 136, 29,
                194, 0, 201, 131, 61, 167, 38, 233, 55, 108, 46, 50, 207, 247,
            ],
        ),
        (
            vec![74, 101, 102, 101],
            vec![
                119, 104, 97, 116, 32, 100, 111, 32, 121, 97, 32, 119, 97, 110, 116, 32, 102, 111,
                114, 32, 110, 111, 116, 104, 105, 110, 103, 63,
            ],
            vec![
                91, 220, 193, 70, 191, 96, 117, 78, 106, 4, 36, 38, 8, 149, 117, 199, 90, 0, 63, 8,
                157, 39, 57, 131, 157, 236, 88, 185, 100, 236, 56, 67,
            ],
        ),
        (
            vec![
                170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170,
                170, 170, 170, 170,
            ],
            vec![
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221,
            ],
            vec![
                119, 62, 169, 30, 54, 128, 14, 70, 133, 77, 184, 235, 208, 145, 129, 167, 41, 89,
                9, 139, 62, 248, 193, 34, 217, 99, 85, 20, 206, 213, 101, 254,
            ],
        ),
        (
            vec![
                1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
                24, 25,
            ],
            vec![
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205,
            ],
            vec![
                130, 85, 138, 56, 154, 68, 60, 14, 164, 204, 129, 152, 153, 242, 8, 58, 133, 240,
                250, 163, 229, 120, 248, 7, 122, 46, 63, 244, 103, 41, 102, 91,
            ],
        ),
    ];
    for (key, data, expected) in test_vectors {
        let h = HashFunction::Sha256;
        let res = h.hmac(&key, &data).unwrap();
        assert_eq!(res, expected);
    }
 }
 #[test]
 fn test_hash_sha384() {
    let test_vectors = vec![
@ -98,6 +162,74 @@ fn test_hash_sha384() {
    }
 }
 #[test]
 fn test_hmac_sha384() {
    let test_vectors = vec![
        (
            vec![
                11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
            ],
            vec![72, 105, 32, 84, 104, 101, 114, 101],
            vec![
                175, 208, 57, 68, 216, 72, 149, 98, 107, 8, 37, 244, 171, 70, 144, 127, 21, 249,
                218, 219, 228, 16, 30, 198, 130, 170, 3, 76, 124, 235, 197, 156, 250, 234, 158,
                169, 7, 110, 222, 127, 74, 241, 82, 232, 178, 250, 156, 182,
            ],
        ),
        (
            vec![74, 101, 102, 101],
            vec![
                119, 104, 97, 116, 32, 100, 111, 32, 121, 97, 32, 119, 97, 110, 116, 32, 102, 111,
                114, 32, 110, 111, 116, 104, 105, 110, 103, 63,
            ],
            vec![
                175, 69, 210, 227, 118, 72, 64, 49, 97, 127, 120, 210, 181, 138, 107, 27, 156, 126,
                244, 100, 245, 160, 27, 71, 228, 46, 195, 115, 99, 34, 68, 94, 142, 34, 64, 202,
                94, 105, 226, 199, 139, 50, 57, 236, 250, 178, 22, 73,
            ],
        ),
        (
            vec![
                170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170,
                170, 170, 170, 170,
            ],
            vec![
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221,
            ],
            vec![
                136, 6, 38, 8, 211, 230, 173, 138, 10, 162, 172, 224, 20, 200, 168, 111, 10, 166,
                53, 217, 71, 172, 159, 235, 232, 62, 244, 229, 89, 102, 20, 75, 42, 90, 179, 157,
                193, 56, 20, 185, 78, 58, 182, 225, 1, 163, 79, 39,
            ],
        ),
        (
            vec![
                1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
                24, 25,
            ],
            vec![
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205,
            ],
            vec![
                62, 138, 105, 183, 120, 60, 37, 133, 25, 51, 171, 98, 144, 175, 108, 167, 122, 153,
                129, 72, 8, 80, 0, 156, 197, 87, 124, 110, 31, 87, 59, 78, 104, 1, 221, 35, 196,
                167, 214, 121, 204, 248, 163, 134, 198, 116, 207, 251,
            ],
        ),
    ];
    for (key, data, expected) in test_vectors {
        let h = HashFunction::Sha384;
        let res = h.hmac(&key, &data).unwrap();
        assert_eq!(res, expected);
    }
 }
 #[test]
 fn test_hash_sha512() {
    let test_vectors = vec![
@ -138,3 +270,75 @@ fn test_hash_sha512() {
        assert_eq!(res, expected);
    }
 }
 #[test]
 fn test_hmac_sha512() {
    let test_vectors = vec![
        (
            vec![
                11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
            ],
            vec![72, 105, 32, 84, 104, 101, 114, 101],
            vec![
                135, 170, 124, 222, 165, 239, 97, 157, 79, 240, 180, 36, 26, 29, 108, 176, 35, 121,
                244, 226, 206, 78, 194, 120, 122, 208, 179, 5, 69, 225, 124, 222, 218, 168, 51,
                183, 214, 184, 167, 2, 3, 139, 39, 78, 174, 163, 244, 228, 190, 157, 145, 78, 235,
                97, 241, 112, 46, 105, 108, 32, 58, 18, 104, 84,
            ],
        ),
        (
            vec![74, 101, 102, 101],
            vec![
                119, 104, 97, 116, 32, 100, 111, 32, 121, 97, 32, 119, 97, 110, 116, 32, 102, 111,
                114, 32, 110, 111, 116, 104, 105, 110, 103, 63,
            ],
            vec![
                22, 75, 122, 123, 252, 248, 25, 226, 227, 149, 251, 231, 59, 86, 224, 163, 135,
                189, 100, 34, 46, 131, 31, 214, 16, 39, 12, 215, 234, 37, 5, 84, 151, 88, 191, 117,
                192, 90, 153, 74, 109, 3, 79, 101, 248, 240, 230, 253, 202, 234, 177, 163, 77, 74,
                107, 75, 99, 110, 7, 10, 56, 188, 231, 55,
            ],
        ),
        (
            vec![
                170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170, 170,
                170, 170, 170, 170,
            ],
            vec![
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221, 221,
                221, 221,
            ],
            vec![
                250, 115, 176, 8, 157, 86, 162, 132, 239, 176, 240, 117, 108, 137, 11, 233, 177,
                181, 219, 221, 142, 232, 26, 54, 85, 248, 62, 51, 178, 39, 157, 57, 191, 62, 132,
                130, 121, 167, 34, 200, 6, 180, 133, 164, 126, 103, 200, 7, 185, 70, 163, 55, 190,
                232, 148, 38, 116, 39, 136, 89, 225, 50, 146, 251,
            ],
        ),
        (
            vec![
                1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
                24, 25,
            ],
            vec![
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205, 205,
                205, 205,
            ],
            vec![
                176, 186, 70, 86, 55, 69, 140, 105, 144, 229, 168, 197, 246, 29, 74, 247, 229, 118,
                217, 127, 249, 75, 135, 45, 231, 111, 128, 80, 54, 30, 227, 219, 169, 28, 165, 193,
                26, 162, 94, 180, 214, 121, 39, 92, 197, 120, 128, 99, 165, 241, 151, 65, 18, 12,
                79, 45, 226, 173, 235, 235, 16, 162, 152, 221,
            ],
        ),
    ];
    for (key, data, expected) in test_vectors {
        let h = HashFunction::Sha512;
        let res = h.hmac(&key, &data).unwrap();
        assert_eq!(res, expected);
    }
 }