From 77945667f70d85e1d95e111a601834d768c0982b Mon Sep 17 00:00:00 2001
From: Philip Withnall <withnall@endlessm.com>
Date: Fri, 10 Feb 2017 10:45:56 +0000
Subject: [PATCH] ghmac: Add support for G_CHECKSUM_SHA384 to GHmac

It has the same block size as SHA-512, so it just needs a new case in
the switch, some documentation updates, and the test vectors from RFC
4868.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://bugzilla.gnome.org/show_bug.cgi?id=771997
---
 glib/ghmac.c      |  4 ++-
 glib/tests/hmac.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 66 insertions(+), 2 deletions(-)

diff --git a/glib/ghmac.c b/glib/ghmac.c
index bc498ffd7..a4177329a 100644
--- a/glib/ghmac.c
+++ b/glib/ghmac.c
@@ -50,7 +50,7 @@
  * Both the key and data are arbitrary byte arrays of bytes or characters.
  *
  * Support for HMAC Digests has been added in GLib 2.30, and support for SHA-512
- * in GLib 2.42.
+ * in GLib 2.42. Support for SHA-384 was added in GLib 2.51.
  */
 
 struct _GHmac
@@ -82,6 +82,7 @@ struct _GHmac
  * on it anymore.
  *
  * Support for digests of type %G_CHECKSUM_SHA512 has been added in GLib 2.42.
+ * Support for %G_CHECKSUM_SHA384 was added in GLib 2.51.
  *
  * Returns: the newly created #GHmac, or %NULL.
  *   Use g_hmac_unref() to free the memory allocated by it.
@@ -112,6 +113,7 @@ g_hmac_new (GChecksumType  digest_type,
     case G_CHECKSUM_SHA256:
       block_size = 64; /* RFC 4868 */
       break;
+    case G_CHECKSUM_SHA384:
     case G_CHECKSUM_SHA512:
       block_size = 128; /* RFC 4868 */
       break;
diff --git a/glib/tests/hmac.c b/glib/tests/hmac.c
index 6b6076d76..3ac3206df 100644
--- a/glib/tests/hmac.c
+++ b/glib/tests/hmac.c
@@ -82,7 +82,7 @@ guint8 result_md5_test7[] = {
     0x6f, 0x63, 0x0f, 0xad, 0x67, 0xcd, 0xa0, 0xee, 0x1f, 0xb1,
     0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e };
 
-/* HMAC-SHA1, HMAC-SHA256 and HMAC-SHA512 test vectors
+/* HMAC-SHA1, HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512 test vectors
  * as per RFCs 2202 and 4868.
  *
  * See: https://tools.ietf.org/html/rfc4868#section-2.7.1 */
@@ -99,6 +99,12 @@ guint8 result_sha256_test1[] = {
     0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00,
     0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32,
     0xcf, 0xf7 };
+guint8 result_sha384_test1[] = {
+    0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 0x6b, 0x08,
+    0x25, 0xf4, 0xab, 0x46, 0x90, 0x7f, 0x15, 0xf9, 0xda, 0xdb,
+    0xe4, 0x10, 0x1e, 0xc6, 0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb,
+    0xc5, 0x9c, 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f,
+    0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6 };
 guint8 result_sha512_test1[] = {
     0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0,
     0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2,
@@ -117,6 +123,12 @@ guint8 result_sha256_test2[] = {
     0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, 0x5a, 0x00, 0x3f, 0x08,
     0x9d, 0x27, 0x39, 0x83, 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec,
     0x38, 0x43 };
+guint8 result_sha384_test2[] = {
+    0xaf, 0x45, 0xd2, 0xe3, 0x76, 0x48, 0x40, 0x31, 0x61, 0x7f,
+    0x78, 0xd2, 0xb5, 0x8a, 0x6b, 0x1b, 0x9c, 0x7e, 0xf4, 0x64,
+    0xf5, 0xa0, 0x1b, 0x47, 0xe4, 0x2e, 0xc3, 0x73, 0x63, 0x22,
+    0x44, 0x5e, 0x8e, 0x22, 0x40, 0xca, 0x5e, 0x69, 0xe2, 0xc7,
+    0x8b, 0x32, 0x39, 0xec, 0xfa, 0xb2, 0x16, 0x49 };
 guint8 result_sha512_test2[] = {
     0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2, 0xe3, 0x95,
     0xfb, 0xe7, 0x3b, 0x56, 0xe0, 0xa3, 0x87, 0xbd, 0x64, 0x22,
@@ -144,6 +156,12 @@ guint8 result_sha256_test3[] = {
     0xb8, 0xeb, 0xd0, 0x91, 0x81, 0xa7, 0x29, 0x59, 0x09, 0x8b,
     0x3e, 0xf8, 0xc1, 0x22, 0xd9, 0x63, 0x55, 0x14, 0xce, 0xd5,
     0x65, 0xfe };
+guint8 result_sha384_test3[] = {
+    0x88, 0x06, 0x26, 0x08, 0xd3, 0xe6, 0xad, 0x8a, 0x0a, 0xa2,
+    0xac, 0xe0, 0x14, 0xc8, 0xa8, 0x6f, 0x0a, 0xa6, 0x35, 0xd9,
+    0x47, 0xac, 0x9f, 0xeb, 0xe8, 0x3e, 0xf4, 0xe5, 0x59, 0x66,
+    0x14, 0x4b, 0x2a, 0x5a, 0xb3, 0x9d, 0xc1, 0x38, 0x14, 0xb9,
+    0x4e, 0x3a, 0xb6, 0xe1, 0x01, 0xa3, 0x4f, 0x27 };
 guint8 result_sha512_test3[] = {
     0xfa, 0x73, 0xb0, 0x08, 0x9d, 0x56, 0xa2, 0x84, 0xef, 0xb0,
     0xf0, 0x75, 0x6c, 0x89, 0x0b, 0xe9, 0xb1, 0xb5, 0xdb, 0xdd,
@@ -172,6 +190,12 @@ guint8 result_sha256_test4[] = {
     0x81, 0x98, 0x99, 0xf2, 0x08, 0x3a, 0x85, 0xf0, 0xfa, 0xa3,
     0xe5, 0x78, 0xf8, 0x07, 0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29,
     0x66, 0x5b };
+guint8 result_sha384_test4[] = {
+    0x3e, 0x8a, 0x69, 0xb7, 0x78, 0x3c, 0x25, 0x85, 0x19, 0x33,
+    0xab, 0x62, 0x90, 0xaf, 0x6c, 0xa7, 0x7a, 0x99, 0x81, 0x48,
+    0x08, 0x50, 0x00, 0x9c, 0xc5, 0x57, 0x7c, 0x6e, 0x1f, 0x57,
+    0x3b, 0x4e, 0x68, 0x01, 0xdd, 0x23, 0xc4, 0xa7, 0xd6, 0x79,
+    0xcc, 0xf8, 0xa3, 0x86, 0xc6, 0x74, 0xcf, 0xfb };
 guint8 result_sha512_test4[] = {
     0xb0, 0xba, 0x46, 0x56, 0x37, 0x45, 0x8c, 0x69, 0x90, 0xe5,
     0xa8, 0xc5, 0xf6, 0x1d, 0x4a, 0xf7, 0xe5, 0x76, 0xd9, 0x7f,
@@ -230,6 +254,12 @@ guint8 result_sha256_test5[] = {
     0x26, 0xaa, 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21,
     0x37, 0x28, 0xc5, 0x14, 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3,
     0x7f, 0x54 };
+guint8 result_sha384_test5[] = {
+    0x4e, 0xce, 0x08, 0x44, 0x85, 0x81, 0x3e, 0x90, 0x88, 0xd2,
+    0xc6, 0x3a, 0x04, 0x1b, 0xc5, 0xb4, 0x4f, 0x9e, 0xf1, 0x01,
+    0x2a, 0x2b, 0x58, 0x8f, 0x3c, 0xd1, 0x1f, 0x05, 0x03, 0x3a,
+    0xc4, 0xc6, 0x0c, 0x2e, 0xf6, 0xab, 0x40, 0x30, 0xfe, 0x82,
+    0x96, 0x24, 0x8d, 0xf1, 0x63, 0xf4, 0x49, 0x52 };
 guint8 result_sha512_test5[] = {
     0x80, 0xb2, 0x42, 0x63, 0xc7, 0xc1, 0xa3, 0xeb, 0xb7, 0x14,
     0x93, 0xc1, 0xdd, 0x7b, 0xe8, 0xb4, 0x9b, 0x46, 0xd1, 0xf4,
@@ -244,6 +274,12 @@ guint8 result_sha256_test6[] = {
     0x5f, 0xbc, 0xd5, 0xb0, 0xe9, 0x44, 0xbf, 0xdc, 0x63, 0x64,
     0x4f, 0x07, 0x13, 0x93, 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a,
     0x35, 0xe2 };
+guint8 result_sha384_test6[] = {
+    0x66, 0x17, 0x17, 0x8e, 0x94, 0x1f, 0x02, 0x0d, 0x35, 0x1e,
+    0x2f, 0x25, 0x4e, 0x8f, 0xd3, 0x2c, 0x60, 0x24, 0x20, 0xfe,
+    0xb0, 0xb8, 0xfb, 0x9a, 0xdc, 0xce, 0xbb, 0x82, 0x46, 0x1e,
+    0x99, 0xc5, 0xa6, 0x78, 0xcc, 0x31, 0xe7, 0x99, 0x17, 0x6d,
+    0x38, 0x60, 0xe6, 0x11, 0x0c, 0x46, 0x52, 0x3e };
 guint8 result_sha512_test6[] = {
     0xe3, 0x7b, 0x6a, 0x77, 0x5d, 0xc8, 0x7d, 0xba, 0xa4, 0xdf,
     0xa9, 0xf9, 0x6e, 0x5e, 0x3f, 0xfd, 0xde, 0xbd, 0x71, 0xf8,
@@ -319,6 +355,24 @@ HmacCase hmac_sha256_tests[] = {
   { -1, NULL, 0, NULL, 0, NULL },
 };
 
+HmacCase hmac_sha384_tests[] = {
+  { G_CHECKSUM_SHA384, key_sha_test1, 20, "Hi There", 8, result_sha384_test1 },
+  { G_CHECKSUM_SHA384, "Jefe", 4, "what do ya want for nothing?", 28,
+      result_sha384_test2 },
+  { G_CHECKSUM_SHA384, key_sha_test3, 20, data_sha_test3, 50,
+      result_sha384_test3 },
+  { G_CHECKSUM_SHA384, key_sha_test4, 25, data_sha_test4, 50,
+      result_sha384_test4 },
+  { G_CHECKSUM_SHA384, key_sha256_test5_6, 131,
+      "Test Using Larger Than Block-Size Key - Hash Key First", 54,
+      result_sha384_test5 },
+  { G_CHECKSUM_SHA384, key_sha256_test5_6, 131,
+      "This is a test using a larger than block-size key and a larger than "
+      "block-size data. The key needs to be hashed before being used by the "
+      "HMAC algorithm.", 152, result_sha384_test6, },
+  { -1, NULL, 0, NULL, 0, NULL },
+};
+
 HmacCase hmac_sha512_tests[] = {
   { G_CHECKSUM_SHA512, key_sha_test1, 20, "Hi There", 8, result_sha512_test1 },
   { G_CHECKSUM_SHA512, "Jefe", 4, "what do ya want for nothing?", 28,
@@ -462,6 +516,14 @@ main (int argc,
       g_free (name);
     }
 
+  for (i = 0 ; hmac_sha384_tests[i].key_len > 0 ; i++)
+    {
+      gchar *name = g_strdup_printf ("/hmac/sha384-%d", i + 1);
+      g_test_add_data_func (name, hmac_sha384_tests + i,
+        (void (*)(const void *)) test_hmac);
+      g_free (name);
+    }
+
   for (i = 0 ; hmac_sha512_tests[i].key_len > 0 ; i++)
     {
       gchar *name = g_strdup_printf ("/hmac/sha512-%d", i + 1);