# Auto generated test cases for digest.csv
# Load Tcl Test package
if {[lsearch [namespace children] ::tcltest] == -1} {
package require tcltest
namespace import ::tcltest::*
}
set auto_path [concat [list [file dirname [file dirname [info script]]]] $auto_path]
package require tls
# Constraints
source common.tcl
# Helper functions - See common.tcl
proc digest_read_chan {cmd filename args} {
set ch [open $filename rb]
set bsize [fconfigure $ch -buffersize]
set new [$cmd {*}$args -chan $ch]
while {![eof $new]} {set md [read $new $bsize]}
close $new
return $md}
proc digest_write_chan {cmd filename data args} {
set ch [open $filename wb]
set new [$cmd {*}$args -chan $ch]
puts -nonewline $new $data
flush $new
close $new
set ch [open $filename rb]
set md [read $ch]
close $ch
return $md}
proc digest_accumulate {string args} {
set cmd [{*}$args -command dcmd]
$cmd update [string range $string 0 20]
$cmd update [string range $string 21 end]
return [$cmd finalize]}
set test_data "Example string for message digest tests.\n"
set test_file "md_data.dat"
set test_alt_file "md_alt_data.dat"
set test_key "Example key"
::tcltest::makeFile $test_data $test_file
# Test digest short-cut commands
test Digest_Cmds-1.1 {md4 cmd} -body {
::tls::md4 $test_data
} -result {793399f792eca2752c6af3234ba70858}
test Digest_Cmds-1.2 {md5 cmd} -body {
::tls::md5 $test_data
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Cmds-1.3 {sha1 cmd} -body {
::tls::sha1 $test_data
} -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}
test Digest_Cmds-1.4 {sha256 cmd} -body {
::tls::sha256 $test_data
} -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}
test Digest_Cmds-1.5 {sha512 cmd} -body {
::tls::sha512 $test_data
} -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}
# Test digest command for read channel
test Digest_Chan_Read-2.1 {md4} -body {
digest_read_chan ::tls::md $test_file -digest md4
} -result {793399f792eca2752c6af3234ba70858}
test Digest_Chan_Read-2.2 {md5} -body {
digest_read_chan ::tls::md $test_file -digest md5
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Chan_Read-2.3 {sha1} -body {
digest_read_chan ::tls::md $test_file -digest sha1
} -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}
test Digest_Chan_Read-2.4 {sha256} -body {
digest_read_chan ::tls::md $test_file -digest sha256
} -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}
test Digest_Chan_Read-2.5 {sha512} -body {
digest_read_chan ::tls::md $test_file -digest sha512
} -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}
test Digest_Chan_Read-2.6 {md5 bin} -body {
binary encode hex [digest_read_chan ::tls::md $test_file -bin -digest md5]
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Chan_Read-2.7 {md5 hex} -body {
digest_read_chan ::tls::md $test_file -hex -digest md5
} -result {962bf0803b4232ec23bd8427bb94ea09}
# Test digest command for write channel
test Digest_Chan_Write-3.1 {md4} -body {
digest_write_chan ::tls::md $test_alt_file $test_data -digest md4
} -result {793399f792eca2752c6af3234ba70858}
test Digest_Chan_Write-3.2 {md5} -body {
digest_write_chan ::tls::md $test_alt_file $test_data -digest md5
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Chan_Write-3.3 {sha1} -body {
digest_write_chan ::tls::md $test_alt_file $test_data -digest sha1
} -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}
test Digest_Chan_Write-3.4 {sha256} -body {
digest_write_chan ::tls::md $test_alt_file $test_data -digest sha256
} -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}
test Digest_Chan_Write-3.5 {sha512} -body {
digest_write_chan ::tls::md $test_alt_file $test_data -digest sha512
} -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}
test Digest_Chan_Write-3.6 {md5 bin} -body {
binary encode hex [digest_write_chan ::tls::md $test_alt_file $test_data -bin -digest md5]
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Chan_Write-3.7 {md5 hex} -body {
digest_write_chan ::tls::md $test_alt_file $test_data -hex -digest md5
} -result {962bf0803b4232ec23bd8427bb94ea09}
# Test digest command for object command
test Digest_Command-4.1 {md4} -body {
digest_accumulate $test_data ::tls::md -digest md4
} -result {793399f792eca2752c6af3234ba70858}
test Digest_Command-4.2 {md5} -body {
digest_accumulate $test_data ::tls::md -digest md5
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Command-4.3 {sha1} -body {
digest_accumulate $test_data ::tls::md -digest sha1
} -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}
test Digest_Command-4.4 {sha256} -body {
digest_accumulate $test_data ::tls::md -digest sha256
} -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}
test Digest_Command-4.5 {sha512} -body {
digest_accumulate $test_data ::tls::md -digest sha512
} -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}
test Digest_Command-4.6 {md5 bin} -body {
binary encode hex [digest_accumulate $test_data ::tls::md -digest md5 -bin]
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Command-4.7 {md5 hex} -body {
digest_accumulate $test_data ::tls::md -digest md5 -hex
} -result {962bf0803b4232ec23bd8427bb94ea09}
# Test digest command for data shortcut
test Digest_Data-5.1 {md4} -body {
::tls::md md4 $test_data
} -result {793399f792eca2752c6af3234ba70858}
test Digest_Data-5.2 {md5} -body {
::tls::md md5 $test_data
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Data-5.3 {sha1} -body {
::tls::md sha1 $test_data
} -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}
test Digest_Data-5.4 {sha256} -body {
::tls::md sha256 $test_data
} -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}
test Digest_Data-5.5 {sha512} -body {
::tls::md sha512 $test_data
} -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}
# Test digest command for data
test Digest_Data-5.6 {md4} -body {
::tls::md -digest md4 -data $test_data
} -result {793399f792eca2752c6af3234ba70858}
test Digest_Data-5.7 {md5} -body {
::tls::md -digest md5 -data $test_data
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Data-5.8 {sha1} -body {
::tls::md -digest sha1 -data $test_data
} -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}
test Digest_Data-5.9 {sha256} -body {
::tls::md -digest sha256 -data $test_data
} -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}
test Digest_Data-5.10 {sha512} -body {
::tls::md -digest sha512 -data $test_data
} -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}
test Digest_Data-5.11 {md5 bin} -body {
binary encode hex [::tls::md -digest md5 -data $test_data -bin]
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_Data-5.12 {md5 hex} -body {
::tls::md -digest md5 -data $test_data -hex
} -result {962bf0803b4232ec23bd8427bb94ea09}
# Test digest command for file
test Digest_File-6.1 {md4} -body {
::tls::md -digest md4 -file $test_file
} -result {793399f792eca2752c6af3234ba70858}
test Digest_File-6.2 {md5} -body {
::tls::md -digest md5 -file $test_file
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_File-6.3 {sha1} -body {
::tls::md -digest sha1 -file $test_file
} -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}
test Digest_File-6.4 {sha256} -body {
::tls::md -digest sha256 -file $test_file
} -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}
test Digest_File-6.5 {sha512} -body {
::tls::md -digest sha512 -file $test_file
} -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}
test Digest_File-6.6 {md5 bin} -body {
binary encode hex [::tls::md -digest md5 -file $test_file -bin]
} -result {962bf0803b4232ec23bd8427bb94ea09}
test Digest_File-6.7 {md5 hex} -body {
::tls::md -digest md5 -file $test_file -hex
} -result {962bf0803b4232ec23bd8427bb94ea09}
# Test HMAC command
test HMAC-7.1 {data} -body {
::tls::hmac -digest md5 -key $test_key -data $test_data
} -result {f98327ef3e20ab6d388f676c6a79d93d}
test HMAC-7.2 {file} -body {
::tls::hmac -digest md5 -key $test_key -file $test_file
} -result {f98327ef3e20ab6d388f676c6a79d93d}
test HMAC-7.3 {channel} -body {
digest_read_chan ::tls::hmac $test_file -digest md5 -key $test_key
} -result {f98327ef3e20ab6d388f676c6a79d93d}
test HMAC-7.4 {command} -body {
digest_accumulate $test_data ::tls::hmac -digest md5 -key $test_key
} -result {f98327ef3e20ab6d388f676c6a79d93d}
test HMAC-7.5 {data bin} -body {
binary encode hex [::tls::hmac -digest md5 -bin -key $test_key -data $test_data]
} -result {f98327ef3e20ab6d388f676c6a79d93d}
# Test Digest HMAC
test Digest_HMAC-8.1 {data} -body {
::tls::md -digest md5 -key $test_key -data $test_data
} -result {f98327ef3e20ab6d388f676c6a79d93d}
test Digest_HMAC-8.2 {file} -body {
::tls::md -digest md5 -key $test_key -file $test_file
} -result {f98327ef3e20ab6d388f676c6a79d93d}
test Digest_HMAC-8.3 {channel} -body {
digest_read_chan ::tls::md $test_file -digest md5 -key $test_key
} -result {f98327ef3e20ab6d388f676c6a79d93d}
test Digest_HMAC-8.4 {command} -body {
digest_accumulate $test_data ::tls::md -digest md5 -key $test_key
} -result {f98327ef3e20ab6d388f676c6a79d93d}
test Digest_HMAC-8.5 {data bin} -body {
binary encode hex [::tls::md -digest md5 -bin -key $test_key -data $test_data]
} -result {f98327ef3e20ab6d388f676c6a79d93d}
# Test CMAC command
set test_cipher "aes-128-cbc"
set test_key "Example key 1234"
test CMAC-9.1 {data} -body {
::tls::cmac -cipher $test_cipher -key $test_key -data $test_data
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
test CMAC-9.2 {file} -body {
::tls::cmac -cipher $test_cipher -key $test_key -file $test_file
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
test CMAC-9.3 {channel} -body {
digest_read_chan ::tls::cmac $test_file -cipher $test_cipher -key $test_key
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
test CMAC-9.4 {command} -body {
digest_accumulate $test_data ::tls::cmac -cipher $test_cipher -key $test_key
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
test CMAC-9.5 {data bin} -body {
binary encode hex [::tls::cmac -bin -cipher $test_cipher -key $test_key -data $test_data]
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
# Test Digest CMAC
test Digest_CMAC-10.1 {data} -body {
::tls::md -cipher $test_cipher -key $test_key -data $test_data
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
test Digest_CMAC-10.2 {file} -body {
::tls::md -cipher $test_cipher -key $test_key -file $test_file
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
test Digest_CMAC-10.3 {channel} -body {
digest_read_chan ::tls::md $test_file -cipher $test_cipher -key $test_key
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
test Digest_CMAC-10.4 {command} -body {
digest_accumulate $test_data ::tls::md -cipher $test_cipher -key $test_key
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
test Digest_CMAC-10.5 {data bin} -body {
binary encode hex [::tls::md -bin -cipher $test_cipher -key $test_key -data $test_data]
} -result {baf5c20f9973e2d606b14c7efdfe52fa}
# Test MAC command
test MAC-11.1 {HMAC} -constraints {new_api} -body {
::tls::mac -digest sha256 -mac hmac -key $test_key -data $test_data
} -result {498ef5ef71424f81da7499b2eeae1d0a348dd40b841ea27bdde494f6bc9046ff}
test MAC-11.2 {CMAC} -constraints {new_api} -body {
::tls::mac -cipher $test_cipher -digest sha256 -mac cmac -key $test_key -data $test_data
} -result {498ef5ef71424f81da7499b2eeae1d0a348dd40b841ea27bdde494f6bc9046ff}
# Digest Error Cases
test Digest_Errors-12.1 {Too few args} -body {
::tls::md
} -result {wrong # args: should be "::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}
test Digest_Errors-12.2 {Too many args} -body {
::tls::md too many command line args to pass the test without an error or failing
} -result {wrong # args: should be "::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}
test Digest_Errors-12.3 {Invalid digest} -body {
::tls::md bogus data
} -result {Invalid digest "bogus"} -returnCodes {1}
test Digest_Errors-12.4 {Invalid digest Arg} -body {
::tls::md -digest bogus -data data
} -result {Invalid digest "bogus"} -returnCodes {1}
test Digest_Errors-12.5 {No digest} -body {
::tls::md -hex -data value
} -result {No digest specified} -returnCodes {1}
test Digest_Errors-12.6 {Invalid option} -body {
::tls::md -digest sha256 -bogus value
} -result {bad option "-bogus": must be -bin, -channel, -cipher, -command, -data, -digest, -file, -filename, -hex, -key, or -mac} -returnCodes {1}
test Digest_Errors-12.7 {Invalid file} -body {
::tls::md -digest sha256 -file bogus
} -result {couldn't open "bogus": no such file or directory} -returnCodes {1}
test Digest_Errors-12.8 {Invalid channel} -body {
::tls::md -digest sha256 -channel bogus
} -result {can not find channel named "bogus"} -returnCodes {1}
# CMAC Error Cases
test CMAC_Errors-13.1 {Too few args} -body {
::tls::cmac
} -result {wrong # args: should be "::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}
test CMAC_Errors-13.2 {No cipher} -body {
::tls::cmac -hex -data value
} -result {No cipher specified} -returnCodes {1}
test CMAC_Errors-13.3 {No key} -body {
::tls::cmac -cipher $test_cipher -data value
} -result {No key specified} -returnCodes {1}
test CMAC_Errors-13.4 {Invalid cipher} -body {
::tls::cmac -cipher bogus -data value
} -result {Invalid cipher "bogus"} -returnCodes {1}
# HMAC Error Cases
test HMAC_Errors-14.1 {Too few args} -body {
::tls::hmac
} -result {wrong # args: should be "::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}
test HMAC_Errors-14.2 {No digest} -body {
::tls::hmac -hex -data value
} -result {No digest specified} -returnCodes {1}
test HMAC_Errors-14.3 {No key} -body {
::tls::hmac -digest sha256 -data value
} -result {No key specified} -returnCodes {1}
# MAC Error Cases
test MAC_Errors-15.1 {Too few args} -constraints {new_api} -body {
::tls::mmac
} -result {wrong # args: should be "::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}
test MAC_Errors-15.2 {No key} -constraints {new_api} -body {
::tls::mac -digest sha256 -data value
} -result {No key specified} -returnCodes {1}
# RFC 4231 HMAC Examples Test Case #1
set key [binary decode hex [string repeat "0b" 20]]
set data "Hi There"
test RFC4231_TC1-16.1 {sha224} -body {
::tls::hmac -digest sha224 -key $key -data $data
} -result {896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22}
test RFC4231_TC1-16.2 {sha256} -body {
::tls::hmac -digest sha256 -key $key -data $data
} -result {b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7}
test RFC4231_TC1-16.3 {sha384} -body {
::tls::hmac -digest sha384 -key $key -data $data
} -result {afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6}
test RFC4231_TC1-16.4 {sha512} -body {
::tls::hmac -digest sha512 -key $key -data $data
} -result {87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854}
# RFC 4231 HMAC Examples Test Case #2 - Test with a key shorter than the length of the HMAC output.
set key "Jefe"
set data "what do ya want for nothing?"
test RFC4231_TC2-17.1 {sha224} -body {
::tls::hmac -digest sha224 -key $key -data $data
} -result {a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44}
test RFC4231_TC2-17.2 {sha256} -body {
::tls::hmac -digest sha256 -key $key -data $data
} -result {5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843}
test RFC4231_TC2-17.3 {sha384} -body {
::tls::hmac -digest sha384 -key $key -data $data
} -result {af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649}
test RFC4231_TC2-17.4 {sha512} -body {
::tls::hmac -digest sha512 -key $key -data $data
} -result {164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737}
# RFC 4231 HMAC Examples Test Case #3 - Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256).
set key [binary decode hex [string repeat "aa" 20]]
set data [binary decode hex [string repeat "dd" 50]]
test RFC4231_TC3-18.1 {sha224} -body {
::tls::hmac -digest sha224 -key $key -data $data
} -result {7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea}
test RFC4231_TC3-18.2 {sha256} -body {
::tls::hmac -digest sha256 -key $key -data $data
} -result {773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe}
test RFC4231_TC3-18.3 {sha384} -body {
::tls::hmac -digest sha384 -key $key -data $data
} -result {88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27}
test RFC4231_TC3-18.4 {sha512} -body {
::tls::hmac -digest sha512 -key $key -data $data
} -result {fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb}
# RFC 4231 HMAC Examples Test Case #4 - Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256).
set key [binary decode hex "0102030405060708090a0b0c0d0e0f10111213141516171819"]
set data [binary decode hex [string repeat "cd" 50]]
test RFC4231_TC4-19.1 {sha224} -body {
::tls::hmac -digest sha224 -key $key -data $data
} -result {6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a}
test RFC4231_TC4-19.2 {sha256} -body {
::tls::hmac -digest sha256 -key $key -data $data
} -result {82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b}
test RFC4231_TC4-19.3 {sha384} -body {
::tls::hmac -digest sha384 -key $key -data $data
} -result {3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb}
test RFC4231_TC4-19.4 {sha512} -body {
::tls::hmac -digest sha512 -key $key -data $data
} -result {b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd}
# RFC 4231 HMAC Examples Test Case #5 - Test with a truncation of output to 128 bits.
set key [binary decode hex [string repeat "0c" 20]]
set data "Test With Truncation"
test RFC4231_TC5-20.1 {sha224} -body {
string range [::tls::hmac -digest sha224 -key $key -data $data] 0 31
} -result {0e2aea68a90c8d37c988bcdb9fca6fa8}
test RFC4231_TC5-20.2 {sha256} -body {
string range [::tls::hmac -digest sha256 -key $key -data $data] 0 31
} -result {a3b6167473100ee06e0c796c2955552b}
test RFC4231_TC5-20.3 {sha384} -body {
string range [::tls::hmac -digest sha384 -key $key -data $data] 0 31
} -result {3abf34c3503b2a23a46efc619baef897}
test RFC4231_TC5-20.4 {sha512} -body {
string range [::tls::hmac -digest sha512 -key $key -data $data] 0 31
} -result {415fad6271580a531d4179bc891d87a6}
# RFC 4231 HMAC Examples Test Case #6 - Test with a key larger than 128 bytes (= block-size of SHA-384 and SHA-512).
set key [binary decode hex [string repeat "aa" 131]]
set data "Test Using Larger Than Block-Size Key - Hash Key First"
test RFC4231_TC6-21.1 {sha224} -body {
::tls::hmac -digest sha224 -key $key -data $data
} -result {95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e}
test RFC4231_TC6-21.2 {sha256} -body {
::tls::hmac -digest sha256 -key $key -data $data
} -result {60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54}
test RFC4231_TC6-21.3 {sha384} -body {
::tls::hmac -digest sha384 -key $key -data $data
} -result {4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952}
test RFC4231_TC6-21.4 {sha512} -body {
::tls::hmac -digest sha512 -key $key -data $data
} -result {80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598}
# RFC 4231 HMAC Examples Test Case #7 - Test with a key and data that is larger than 128 bytes (= block-size of SHA-384 and SHA-512).
set key [binary decode hex [string repeat "aa" 131]]
set data "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
test RFC4231_TC7-22.1 {sha224} -body {
::tls::hmac -digest sha224 -key $key -data $data
} -result {3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1}
test RFC4231_TC7-22.2 {sha256} -body {
::tls::hmac -digest sha256 -key $key -data $data
} -result {9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2}
test RFC4231_TC7-22.3 {sha384} -body {
::tls::hmac -digest sha384 -key $key -data $data
} -result {6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e}
test RFC4231_TC7-22.4 {sha512} -body {
::tls::hmac -digest sha512 -key $key -data $data
} -result {e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58}
# NIST 800-38b Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication
# AES-128
set key [binary decode hex "2b7e151628aed2a6abf7158809cf4f3c"]
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172a"]
test NIST800-38b-AES128-23.1 {len=128} -body {
::tls::cmac -cipher aes-128-cbc -key $key -data $data
} -result {070a16b46b4d4144f79bdd9dd04a287c}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"]
test NIST800-38b-AES128-23.2 {len=320} -body {
::tls::cmac -cipher aes-128-cbc -key $key -data $data
} -result {dfa66747de9ae63030ca32611497c827}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710"]
test NIST800-38b-AES128-23.3 {len=512} -body {
::tls::cmac -cipher aes-128-cbc -key $key -data $data
} -result {51f0bebf7e3b9d92fc49741779363cfe}
# AES-192
set key [binary decode hex "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b"]
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172a"]
test NIST800-38b-AES-192-24.1 {len=128} -body {
::tls::cmac -cipher aes-192-cbc -key $key -data $data
} -result {9e99a7bf31e710900662f65e617c5184}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"]
test NIST800-38b-AES-192-24.2 {len=320} -body {
::tls::cmac -cipher aes-192-cbc -key $key -data $data
} -result {8a1de5be2eb31aad089a82e6ee908b0e}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710"]
test NIST800-38b-AES-192-24.3 {len=512} -body {
::tls::cmac -cipher aes-192-cbc -key $key -data $data
} -result {a1d5df0eed790f794d77589659f39a11}
# AES-256
set key [binary decode hex "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4"]
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172a"]
test NIST800-38b-AES-256-25.1 {len=128} -body {
::tls::cmac -cipher aes-256-cbc -key $key -data $data
} -result {28a7023f452e8f82bd4bf28d8c37c35c}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"]
test NIST800-38b-AES-256-25.2 {len=320} -body {
::tls::cmac -cipher aes-256-cbc -key $key -data $data
} -result {aaf3d8f1de5640c232f5b169b9c911e6}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710"]
test NIST800-38b-AES-256-25.3 {len=512} -body {
::tls::cmac -cipher aes-256-cbc -key $key -data $data
} -result {e1992190549f6ed5696a2c056c315410}
# Cleanup
::tcltest::removeFile $test_file $test_alt_file
# Cleanup
::tcltest::cleanupTests
return