diff --git a/wrapper/rust/include.am b/wrapper/rust/include.am index 2635658cc..cec91e14e 100644 --- a/wrapper/rust/include.am +++ b/wrapper/rust/include.am @@ -19,12 +19,16 @@ EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt.rs EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/aes.rs EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/dh.rs EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs +EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs +EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/random.rs EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/sha.rs EXTRA_DIST += wrapper/rust/wolfssl/tests/test_aes.rs EXTRA_DIST += wrapper/rust/wolfssl/tests/test_dh.rs EXTRA_DIST += wrapper/rust/wolfssl/tests/test_ecc.rs +EXTRA_DIST += wrapper/rust/wolfssl/tests/test_hkdf.rs +EXTRA_DIST += wrapper/rust/wolfssl/tests/test_hmac.rs EXTRA_DIST += wrapper/rust/wolfssl/tests/test_random.rs EXTRA_DIST += wrapper/rust/wolfssl/tests/test_rsa.rs EXTRA_DIST += wrapper/rust/wolfssl/tests/test_sha.rs diff --git a/wrapper/rust/wolfssl/src/wolfcrypt.rs b/wrapper/rust/wolfssl/src/wolfcrypt.rs index 9971f0a0b..a6ae8017b 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt.rs @@ -21,6 +21,8 @@ pub mod aes; pub mod dh; pub mod ecc; +pub mod hkdf; +pub mod hmac; pub mod random; pub mod rsa; pub mod sha; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs b/wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs new file mode 100644 index 000000000..2bbdcee31 --- /dev/null +++ b/wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs @@ -0,0 +1,187 @@ +/* + * Copyright (C) 2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/*! +This module provides a Rust wrapper for the wolfCrypt library's HMAC Key +Derivation Function (HKDF) functionality. + +It leverages the `wolfssl-sys` crate for low-level FFI bindings, encapsulating +the raw C functions in a memory-safe and easy-to-use Rust API. +*/ + +use crate::wolfcrypt::hmac::HMAC; +use wolfssl_sys as ws; + +/// Perform HKDF-Extract operation. +/// +/// This utilizes HMAC to convert `key`, with an optional `salt`, into a +/// derived key which is written to `out`. +/// +/// # Parameters +/// +/// * `typ`: Hash type, one of `HMAC::TYPE_*`. +/// * `salt`: Salt value (optional). +/// * `key`: Initial Key Material (IKM). +/// * `out`: Output buffer to store HKDF-Extract result. The size of this +/// buffer must match `HMAC::get_hmac_size_by_type(typ)`. +/// +/// # Returns +/// +/// Returns either Ok(()) on success or Err(e) containing the wolfSSL +/// library error code value. +/// +/// # Example +/// +/// ```rust +/// use wolfssl::wolfcrypt::hkdf::*; +/// use wolfssl::wolfcrypt::hmac::HMAC; +/// use wolfssl_sys as ws; +/// let ikm = b"MyPassword0"; +/// let salt = b"12345678ABCDEFGH"; +/// let mut extract_out = [0u8; ws::WC_SHA256_DIGEST_SIZE as usize]; +/// hkdf_extract(HMAC::TYPE_SHA256, Some(salt), ikm, &mut extract_out).expect("Error with hkdf_extract()"); +/// ``` +pub fn hkdf_extract(typ: i32, salt: Option<&[u8]>, key: &[u8], out: &mut [u8]) -> Result<(), i32> { + let mut salt_ptr = core::ptr::null(); + let mut salt_size = 0u32; + if let Some(salt) = salt { + salt_ptr = salt.as_ptr(); + salt_size = salt.len() as u32; + } + let key_size = key.len() as u32; + if out.len() != HMAC::get_hmac_size_by_type(typ)? { + return Err(ws::wolfCrypt_ErrorCodes_BUFFER_E); + } + let rc = unsafe { + ws::wc_HKDF_Extract(typ, salt_ptr, salt_size, + key.as_ptr(), key_size, out.as_mut_ptr()) + }; + if rc != 0 { + return Err(rc); + } + Ok(()) +} + +/// Perform HKDF-Expand operation. +/// +/// This utilizes HMAC to convert `key`, with optional `info`, into a +/// derived key which is written to `out`. +/// +/// # Parameters +/// +/// * `typ`: Hash type, one of `HMAC::TYPE_*`. +/// * `key`: Key to use for KDF (typically output of `hkdf_extract()`). +/// * `info`: Optional buffer containing additional info. +/// * `out`: Output buffer to store HKDF-Expand result. The buffer can be +/// any size. +/// +/// # Returns +/// +/// Returns either Ok(()) on success or Err(e) containing the wolfSSL +/// library error code value. +/// +/// # Example +/// +/// ```rust +/// use wolfssl::wolfcrypt::hkdf::*; +/// use wolfssl::wolfcrypt::hmac::HMAC; +/// use wolfssl_sys as ws; +/// let ikm = b"MyPassword0"; +/// let salt = b"12345678ABCDEFGH"; +/// let mut extract_out = [0u8; ws::WC_SHA256_DIGEST_SIZE as usize]; +/// hkdf_extract(HMAC::TYPE_SHA256, Some(salt), ikm, &mut extract_out).expect("Error with hkdf_extract()"); +/// let info = b"0"; +/// let mut expand_out = [0u8; 16]; +/// hkdf_expand(HMAC::TYPE_SHA256, &extract_out, Some(info), &mut expand_out).expect("Error with hkdf_expand()"); +/// ``` +pub fn hkdf_expand(typ: i32, key: &[u8], info: Option<&[u8]>, out: &mut [u8]) -> Result<(), i32> { + let key_size = key.len() as u32; + let mut info_ptr = core::ptr::null(); + let mut info_size = 0u32; + if let Some(info) = info { + info_ptr = info.as_ptr(); + info_size = info.len() as u32; + } + let out_size = out.len() as u32; + let rc = unsafe { + ws::wc_HKDF_Expand(typ, key.as_ptr(), key_size, + info_ptr, info_size, out.as_mut_ptr(), out_size) + }; + if rc != 0 { + return Err(rc); + } + Ok(()) +} + +/// Perform HMAC Key Derivation Function (HKDF) operation. +/// +/// This utilizes HMAC to convert `key`, with an optional `salt` and +/// optional `info` into a derived key which is written to `out`. +/// +/// This one-shot function is a combination of `hkdf_extract()` and `hkdf_expand()`. +/// +/// # Parameters +/// +/// * `typ`: Hash type, one of `HMAC::TYPE_*`. +/// * `key`: Initial Key Material (IKM). +/// * `salt`: Salt value (optional). +/// * `info`: Optional buffer containing additional info. +/// * `out`: Output buffer to store HKDF result. The buffer can be any size. +/// +/// # Returns +/// +/// Returns either Ok(()) on success or Err(e) containing the wolfSSL +/// library error code value. +/// +/// # Example +/// +/// ```rust +/// use wolfssl::wolfcrypt::hkdf::*; +/// use wolfssl::wolfcrypt::hmac::HMAC; +/// let ikm = b"MyPassword0"; +/// let salt = b"12345678ABCDEFGH"; +/// let info = b"0"; +/// let mut out = [0u8; 16]; +/// hkdf(HMAC::TYPE_SHA256, ikm, Some(salt), Some(info), &mut out).expect("Error with hkdf()"); +/// ``` +pub fn hkdf(typ: i32, key: &[u8], salt: Option<&[u8]>, info: Option<&[u8]>, out: &mut[u8]) -> Result<(), i32> { + let key_size = key.len() as u32; + let mut salt_ptr = core::ptr::null(); + let mut salt_size = 0u32; + if let Some(salt) = salt { + salt_ptr = salt.as_ptr(); + salt_size = salt.len() as u32; + } + let mut info_ptr = core::ptr::null(); + let mut info_size = 0u32; + if let Some(info) = info { + info_ptr = info.as_ptr(); + info_size = info.len() as u32; + } + let out_size = out.len() as u32; + let rc = unsafe { + ws::wc_HKDF(typ, key.as_ptr(), key_size, salt_ptr, salt_size, + info_ptr, info_size, out.as_mut_ptr(), out_size) + }; + if rc != 0 { + return Err(rc); + } + Ok(()) +} diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs b/wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs new file mode 100644 index 000000000..c5f665c2c --- /dev/null +++ b/wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs @@ -0,0 +1,266 @@ +/* + * Copyright (C) 2025 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/*! +This module provides a Rust wrapper for the wolfCrypt library's HMAC +functionality. + +It leverages the `wolfssl-sys` crate for low-level FFI bindings, encapsulating +the raw C functions in a memory-safe and easy-to-use Rust API. +*/ + +use wolfssl_sys as ws; + +use std::mem::MaybeUninit; + +/// Rust wrapper for wolfSSL `Hmac` object. +pub struct HMAC { + wc_hmac: ws::Hmac, +} + +impl HMAC { + pub const TYPE_MD5: i32 = ws::wc_HashType_WC_HASH_TYPE_MD5 as i32; + pub const TYPE_SHA: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA as i32; + pub const TYPE_SHA256: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA256 as i32; + pub const TYPE_SHA512: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA512 as i32; + pub const TYPE_SHA512_224: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA512_224 as i32; + pub const TYPE_SHA512_256: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA512_256 as i32; + pub const TYPE_SHA384: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA384 as i32; + pub const TYPE_SHA224: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA224 as i32; + pub const TYPE_SHA3_224: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA3_224 as i32; + pub const TYPE_SHA3_256: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA3_256 as i32; + pub const TYPE_SHA3_384: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA3_384 as i32; + pub const TYPE_SHA3_512: i32 = ws::wc_HashType_WC_HASH_TYPE_SHA3_512 as i32; + + /// Get HMAC hash size by type. + /// + /// # Parameters + /// + /// * `typ`: Hash type, one of `HMAC::TYPE_*`. + /// + /// # Returns + /// + /// Returns either Ok(size) containing the HMAC hash size or Err(e) + /// containing the wolfSSL library error code value. + pub fn get_hmac_size_by_type(typ: i32) -> Result { + let rc = unsafe { ws::wc_HmacSizeByType(typ) }; + if rc < 0 { + return Err(rc); + } + Ok(rc as u32 as usize) + } + + /// Create a new HMAC object with the given hash type and encryption key. + /// + /// # Parameters + /// + /// * `typ`: Hash type, one of `HMAC::TYPE_*`. + /// * `key`: Encryption key. + /// + /// # Returns + /// + /// Returns either Ok(hmac) containing the HMAC struct instance or Err(e) + /// containing the wolfSSL library error code value. + /// + /// # Example + /// + /// ```rust + /// use wolfssl::wolfcrypt::hmac::HMAC; + /// let key = [0x42u8; 16]; + /// let mut hmac = HMAC::new(HMAC::TYPE_SHA256, &key).expect("Error with new()"); + /// ``` + pub fn new(typ: i32, key: &[u8]) -> Result { + let key_size = key.len() as u32; + let mut wc_hmac: MaybeUninit = MaybeUninit::uninit(); + let rc = unsafe { + ws::wc_HmacInit(wc_hmac.as_mut_ptr(), core::ptr::null_mut(), ws::INVALID_DEVID) + }; + if rc != 0 { + return Err(rc); + } + let wc_hmac = unsafe { wc_hmac.assume_init() }; + let mut hmac = HMAC { wc_hmac }; + let rc = unsafe { + ws::wc_HmacSetKey(&mut hmac.wc_hmac, typ, key.as_ptr(), key_size) + }; + if rc != 0 { + return Err(rc); + } + Ok(hmac) + } + + /// Create a new HMAC object with the given hash type and encryption key, + /// allowing for short encryption keys (< 112 bits) to be used. + /// + /// # Parameters + /// + /// * `typ`: Hash type, one of `HMAC::TYPE_*`. + /// * `key`: Encryption key. + /// + /// # Returns + /// + /// Returns either Ok(hmac) containing the HMAC struct instance or Err(e) + /// containing the wolfSSL library error code value. + /// + /// # Example + /// + /// ```rust + /// use wolfssl::wolfcrypt::hmac::HMAC; + /// let key = [0x42u8; 3]; + /// let mut hmac = HMAC::new_allow_short_key(HMAC::TYPE_SHA256, &key).expect("Error with new_allow_short_key()"); + /// ``` + pub fn new_allow_short_key(typ: i32, key: &[u8]) -> Result { + let key_size = key.len() as u32; + let mut wc_hmac: MaybeUninit = MaybeUninit::uninit(); + let rc = unsafe { + ws::wc_HmacInit(wc_hmac.as_mut_ptr(), core::ptr::null_mut(), ws::INVALID_DEVID) + }; + if rc != 0 { + return Err(rc); + } + let wc_hmac = unsafe { wc_hmac.assume_init() }; + let mut hmac = HMAC { wc_hmac }; + let rc = unsafe { + ws::wc_HmacSetKey_ex(&mut hmac.wc_hmac, typ, key.as_ptr(), key_size, 1) + }; + if rc != 0 { + return Err(rc); + } + Ok(hmac) + } + + /// Update the message to authenticate using HMAC. + /// + /// This function may be called multiple times to update the message to + /// hash. + /// + /// # Parameters + /// + /// * `data`: Buffer containing message data to append. + /// + /// # Returns + /// + /// Returns either Ok(()) on success or Err(e) containing the wolfSSL + /// library error code value. + /// + /// # Example + /// + /// ```rust + /// use wolfssl::wolfcrypt::hmac::HMAC; + /// let key = [0x42u8; 16]; + /// let mut hmac = HMAC::new(HMAC::TYPE_SHA256, &key).expect("Error with new()"); + /// hmac.update(b"input").expect("Error with update()"); + /// ``` + pub fn update(&mut self, data: &[u8]) -> Result<(), i32> { + let data_size = data.len() as u32; + let rc = unsafe { + ws::wc_HmacUpdate(&mut self.wc_hmac, data.as_ptr(), data_size) + }; + if rc != 0 { + return Err(rc); + } + Ok(()) + } + + /// Compute the final hash of the input message. + /// + /// # Parameters + /// + /// * `hash`: Output buffer to contain the calculated hash. The length must + /// match that returned by `get_hmac_size()`. + /// + /// # Returns + /// + /// Returns either Ok(()) on success or Err(e) containing the wolfSSL + /// library error code value. + /// + /// # Example + /// + /// ```rust + /// use wolfssl::wolfcrypt::hmac::HMAC; + /// let key = [0x42u8; 16]; + /// let mut hmac = HMAC::new(HMAC::TYPE_SHA256, &key).expect("Error with new()"); + /// hmac.update(b"input").expect("Error with update()"); + /// let hash_size = hmac.get_hmac_size().expect("Error with get_hmac_size()"); + /// let mut hash = vec![0u8; hash_size]; + /// hmac.finalize(&mut hash).expect("Error with finalize()"); + /// ``` + pub fn finalize(&mut self, hash: &mut [u8]) -> Result<(), i32> { + // Check the output buffer size since wc_HmacFinal() does not accept + // a length parameter. + let typ = self.wc_hmac.macType as i32; + let rc = unsafe { ws::wc_HmacSizeByType(typ) }; + if rc < 0 { + return Err(rc); + } + let expected_size = rc as usize; + if hash.len() != expected_size { + return Err(ws::wolfCrypt_ErrorCodes_BUFFER_E); + } + let rc = unsafe { + ws::wc_HmacFinal(&mut self.wc_hmac, hash.as_mut_ptr()) + }; + if rc != 0 { + return Err(rc); + } + Ok(()) + } + + /// Get the HMAC hash size. + /// + /// # Returns + /// + /// Returns either Ok(size) containing the HMAC hash size or Err(e) + /// containing the wolfSSL library error code value. + /// + /// # Example + /// + /// ```rust + /// use wolfssl::wolfcrypt::hmac::HMAC; + /// let key = [0x42u8; 16]; + /// let mut hmac = HMAC::new(HMAC::TYPE_SHA256, &key).expect("Error with new()"); + /// hmac.update(b"input").expect("Error with update()"); + /// let hash_size = hmac.get_hmac_size().expect("Error with get_hmac_size()"); + /// let mut hash = vec![0u8; hash_size]; + /// hmac.finalize(&mut hash).expect("Error with finalize()"); + /// ``` + pub fn get_hmac_size(&self) -> Result { + let typ = self.wc_hmac.macType as u32 as i32; + let rc = unsafe { ws::wc_HmacSizeByType(typ) }; + if rc < 0 { + return Err(rc); + } + let expected_size = rc as u32 as usize; + Ok(expected_size) + } +} + +impl Drop for HMAC { + /// Safely free the underlying wolfSSL Hmac context. + /// + /// This calls the `wc_HmacFree()` wolfssl library function. + /// + /// The Rust Drop trait guarantees that this method is called when the + /// HMAC struct instance goes out of scope, automatically cleaning up + /// resources and preventing memory leaks. + fn drop(&mut self) { + unsafe { ws::wc_HmacFree(&mut self.wc_hmac); } + } +} diff --git a/wrapper/rust/wolfssl/tests/test_hkdf.rs b/wrapper/rust/wolfssl/tests/test_hkdf.rs new file mode 100644 index 000000000..455aa4ae7 --- /dev/null +++ b/wrapper/rust/wolfssl/tests/test_hkdf.rs @@ -0,0 +1,36 @@ +use wolfssl::wolfcrypt::hkdf::*; +use wolfssl::wolfcrypt::hmac::HMAC; +use wolfssl_sys as ws; + +#[test] +fn test_hkdf_extract_expand() { + let ikm = b"MyPassword0"; + let salt = b"12345678ABCDEFGH"; + let mut extract_out = [0u8; ws::WC_SHA256_DIGEST_SIZE as usize]; + hkdf_extract(HMAC::TYPE_SHA256, Some(salt), ikm, &mut extract_out).expect("Error with hkdf_extract()"); + + let info = b"0"; + let mut expand_out = [0u8; 16]; + hkdf_expand(HMAC::TYPE_SHA256, &extract_out, Some(info), &mut expand_out).expect("Error with hkdf_expand()"); + + let expected_key = [ + 0x17, 0x5F, 0x24, 0xB3, 0x18, 0x20, 0xF3, 0xD4, + 0x71, 0x97, 0x8A, 0x98, 0x9E, 0xB2, 0xC1, 0x35 + ]; + assert_eq!(expand_out, expected_key); +} + +#[test] +fn test_hkdf_one_shot() { + let ikm = b"MyPassword0"; + let salt = b"12345678ABCDEFGH"; + let info = b"0"; + let mut out = [0u8; 16]; + hkdf(HMAC::TYPE_SHA256, ikm, Some(salt), Some(info), &mut out).expect("Error with hkdf()"); + + let expected_out = [ + 0x17, 0x5F, 0x24, 0xB3, 0x18, 0x20, 0xF3, 0xD4, + 0x71, 0x97, 0x8A, 0x98, 0x9E, 0xB2, 0xC1, 0x35 + ]; + assert_eq!(out, expected_out); +} diff --git a/wrapper/rust/wolfssl/tests/test_hmac.rs b/wrapper/rust/wolfssl/tests/test_hmac.rs new file mode 100644 index 000000000..0ef031829 --- /dev/null +++ b/wrapper/rust/wolfssl/tests/test_hmac.rs @@ -0,0 +1,47 @@ +use wolfssl::wolfcrypt::hmac::*; +use wolfssl_sys as ws; + +#[test] +fn test_hmac_sha256() { + let hmac_size = HMAC::get_hmac_size_by_type(HMAC::TYPE_SHA256).expect("Error with get_hmac_size_by_type()"); + assert_eq!(hmac_size, ws::WC_SHA256_DIGEST_SIZE as usize); + + let keys: [&[u8]; 5] = [ + b"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + b"Jefe", + b"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + b"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + b"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + ]; + + let inputs: [&[u8]; 5] = [ + b"Hi There", + b"what do ya want for nothing?", + b"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD", + b"", + b"Test Using Larger Than Block-Size Key - Hash Key First", + ]; + + let expected: [&[u8]; 5] = [ + b"\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7", + b"\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec\x38\x43", + b"\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5\x65\xfe", + b"\x86\xe5\x4f\xd4\x48\x72\x5d\x7e\x5d\xcf\xe2\x23\x53\xc8\x28\xaf\x48\x78\x1e\xb4\x8c\xae\x81\x06\xa7\xe1\xd4\x98\x94\x9f\x3e\x46", + b"\x60\xe4\x31\x59\x1e\xe0\xb6\x7f\x0d\x8a\x26\xaa\xcb\xf5\xb7\x7f\x8e\x0b\xc6\x21\x37\x28\xc5\x14\x05\x46\x04\x0f\x0e\xe3\x7f\x54", + ]; + + for i in 0..keys.len() { + let mut hmac = + if keys[i].len() < 14 { + HMAC::new_allow_short_key(HMAC::TYPE_SHA256, keys[i]).expect("Error with new_allow_short_key()") + } else { + HMAC::new(HMAC::TYPE_SHA256, keys[i]).expect("Error with new()") + }; + let hmac_size = hmac.get_hmac_size().expect("Error with get_hmac_size()"); + assert_eq!(hmac_size, ws::WC_SHA256_DIGEST_SIZE as usize); + hmac.update(inputs[i]).expect("Error with update()"); + let mut hash = [0u8; ws::WC_SHA256_DIGEST_SIZE as usize]; + hmac.finalize(&mut hash).expect("Error with finalize()"); + assert_eq!(*expected[i], hash); + } +}