digest.test at [59eac2fc22]

File tests/digest.test artifact 141e7b6f90 part of check-in 59eac2fc22


# Auto generated test cases for digest.csv

# Load Tcl Test package
if {[lsearch [namespace children] ::tcltest] == -1} {
	package require tcltest
	namespace import ::tcltest::*
}

set auto_path [concat [list [file dirname [file dirname [info script]]]] $auto_path]

package require tls

# Constraints
::tcltest::testConstraint md4 [expr {"md4" in [::tls::digests]}]
catch {tls::provider legacy}

# Helper functions - See common.tcl
proc digest_read_chan {cmd filename args} {
    set ch [open $filename rb]
    set bsize [fconfigure $ch -buffersize]
    set new [$cmd {*}$args -chan $ch]
    while {![eof $new]} {
        set md [read $new $bsize]
    }
    close $new
    return $md
}

proc digest_write_chan {cmd filename data args} {
    set ch [open $filename wb]
    set new [$cmd {*}$args -chan $ch]
    puts -nonewline $new $data
    flush $new
    close $new
    set ch [open $filename rb]
    set md [read $ch]
    close $ch
    return $md
}

proc digest_accumulate {string args} {
    set cmd [{*}$args -command dcmd]
    $cmd update [string range $string 0 20]
    $cmd update [string range $string 21 end]
    return [$cmd finalize]
}


set test_data "Example string for message digest tests.\n"
set test_file "md_data.dat"
set test_alt_file "md_alt_data.dat"
set test_key "Example key"
::tcltest::makeFile $test_data $test_file

# Test short-cut commands


test Shortcut_Cmds-1.1 {md4 cmd} -constraints {md4} -body {
	::tls::md4 $test_data
    } -result {793399f792eca2752c6af3234ba70858}

test Shortcut_Cmds-1.2 {md5 cmd} -body {
	::tls::md5 $test_data
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test Shortcut_Cmds-1.3 {sha1 cmd} -body {
	::tls::sha1 $test_data
    } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}

test Shortcut_Cmds-1.4 {sha256 cmd} -body {
	::tls::sha256 $test_data
    } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}

test Shortcut_Cmds-1.5 {sha512 cmd} -body {
	::tls::sha512 $test_data
    } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}


# Test MD command for read channel


test MD_Chan_Read-2.1 {md4} -constraints {md4} -body {
	digest_read_chan ::tls::md $test_file -digest md4
    } -result {793399f792eca2752c6af3234ba70858}

test MD_Chan_Read-2.2 {md5} -body {
	digest_read_chan ::tls::md $test_file -digest md5
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Chan_Read-2.3 {sha1} -body {
	digest_read_chan ::tls::md $test_file -digest sha1
    } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}

test MD_Chan_Read-2.4 {sha256} -body {
	digest_read_chan ::tls::md $test_file -digest sha256
    } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}

test MD_Chan_Read-2.5 {sha512} -body {
	digest_read_chan ::tls::md $test_file -digest sha512
    } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}

test MD_Chan_Read-2.6 {md5 bin} -body {
	binary encode hex [digest_read_chan ::tls::md $test_file -bin -digest md5]
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Chan_Read-2.7 {md5 hex} -body {
	digest_read_chan ::tls::md $test_file -hex -digest md5
    } -result {962bf0803b4232ec23bd8427bb94ea09}

# Test MD command for write channel


test MD_Chan_Write-3.1 {md4} -constraints {md4} -body {
	digest_write_chan ::tls::md $test_alt_file $test_data -digest md4
    } -result {793399f792eca2752c6af3234ba70858}

test MD_Chan_Write-3.2 {md5} -body {
	digest_write_chan ::tls::md $test_alt_file $test_data -digest md5
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Chan_Write-3.3 {sha1} -body {
	digest_write_chan ::tls::md $test_alt_file $test_data -digest sha1
    } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}

test MD_Chan_Write-3.4 {sha256} -body {
	digest_write_chan ::tls::md $test_alt_file $test_data -digest sha256
    } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}

test MD_Chan_Write-3.5 {sha512} -body {
	digest_write_chan ::tls::md $test_alt_file $test_data -digest sha512
    } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}

test MD_Chan_Write-3.6 {md5 bin} -body {
	binary encode hex [digest_write_chan ::tls::md $test_alt_file $test_data -bin -digest md5]
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Chan_Write-3.7 {md5 hex} -body {
	digest_write_chan ::tls::md $test_alt_file $test_data -hex -digest md5
    } -result {962bf0803b4232ec23bd8427bb94ea09}

# Test MD command for object command


test MD_Command-4.1 {md4} -constraints {md4} -body {
	digest_accumulate $test_data ::tls::md -digest md4
    } -result {793399f792eca2752c6af3234ba70858}

test MD_Command-4.2 {md5} -body {
	digest_accumulate $test_data ::tls::md -digest md5
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Command-4.3 {sha1} -body {
	digest_accumulate $test_data ::tls::md -digest sha1
    } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}

test MD_Command-4.4 {sha256} -body {
	digest_accumulate $test_data ::tls::md -digest sha256
    } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}

test MD_Command-4.5 {sha512} -body {
	digest_accumulate $test_data ::tls::md -digest sha512
    } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}

test MD_Command-4.6 {md5 bin} -body {
	binary encode hex [digest_accumulate $test_data ::tls::md -digest md5 -bin]
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Command-4.7 {md5 hex} -body {
	digest_accumulate $test_data ::tls::md -digest md5 -hex
    } -result {962bf0803b4232ec23bd8427bb94ea09}

# Test MD command for data shortcut


test MD_Shortcut-5.1 {md4} -constraints {md4} -body {
	::tls::md md4 $test_data
    } -result {793399f792eca2752c6af3234ba70858}

test MD_Shortcut-5.2 {md5} -body {
	::tls::md md5 $test_data
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Shortcut-5.3 {sha1} -body {
	::tls::md sha1 $test_data
    } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}

test MD_Shortcut-5.4 {sha256} -body {
	::tls::md sha256 $test_data
    } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}

test MD_Shortcut-5.5 {sha512} -body {
	::tls::md sha512 $test_data
    } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}

# Test MD command for data


test MD_Data-6.1 {md4} -constraints {md4} -body {
	::tls::md -digest md4 -data $test_data
    } -result {793399f792eca2752c6af3234ba70858}

test MD_Data-6.2 {md5} -body {
	::tls::md -digest md5 -data $test_data
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Data-6.3 {sha1} -body {
	::tls::md -digest sha1 -data $test_data
    } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}

test MD_Data-6.4 {sha256} -body {
	::tls::md -digest sha256 -data $test_data
    } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}

test MD_Data-6.5 {sha512} -body {
	::tls::md -digest sha512 -data $test_data
    } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}

test MD_Data-6.6 {md5 bin} -body {
	binary encode hex [::tls::md -digest md5 -data $test_data -bin]
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_Data-6.7 {md5 hex} -body {
	::tls::md -digest md5 -data $test_data -hex
    } -result {962bf0803b4232ec23bd8427bb94ea09}

# Test MD command for file


test MD_File-7.1 {md4} -constraints {md4} -body {
	::tls::md -digest md4 -file $test_file
    } -result {793399f792eca2752c6af3234ba70858}

test MD_File-7.2 {md5} -body {
	::tls::md -digest md5 -file $test_file
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_File-7.3 {sha1} -body {
	::tls::md -digest sha1 -file $test_file
    } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d}

test MD_File-7.4 {sha256} -body {
	::tls::md -digest sha256 -file $test_file
    } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19}

test MD_File-7.5 {sha512} -body {
	::tls::md -digest sha512 -file $test_file
    } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1}

test MD_File-7.6 {md5 bin} -body {
	binary encode hex [::tls::md -digest md5 -file $test_file -bin]
    } -result {962bf0803b4232ec23bd8427bb94ea09}

test MD_File-7.7 {md5 hex} -body {
	::tls::md -digest md5 -file $test_file -hex
    } -result {962bf0803b4232ec23bd8427bb94ea09}

# MD Error Cases


test MD_Errors-8.1 {Too few args} -body {
	::tls::md
    } -result {wrong # args: should be "::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test MD_Errors-8.2 {Too many args} -body {
	::tls::md too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test MD_Errors-8.3 {Invalid digest} -body {
	::tls::md bogus data
    } -result {invalid digest "bogus"} -returnCodes {1}

test MD_Errors-8.4 {Invalid digest Arg} -body {
	::tls::md -digest bogus -data data
    } -result {invalid digest "bogus"} -returnCodes {1}

test MD_Errors-8.5 {No digest} -body {
	::tls::md -hex -data value
    } -result {no digest} -returnCodes {1}

test MD_Errors-8.6 {Invalid option} -body {
	::tls::md -digest sha256 -bogus value
    } -result {bad option "-bogus": must be -bin, -binary, -hex, -hexadecimal, -chan, -channel, -cipher, -command, -data, -digest, -file, -filename, -hash, -key, or -mac} -returnCodes {1}

test MD_Errors-8.7 {Invalid file} -body {
	::tls::md -digest sha256 -file bogus
    } -result {couldn't open "bogus": no such file or directory} -returnCodes {1}

test MD_Errors-8.8 {Invalid channel} -body {
	::tls::md -digest sha256 -channel bogus
    } -result {can not find channel named "bogus"} -returnCodes {1}

test MD_Errors-8.9 {No operation} -body {
	::tls::md -digest sha256 -bin
    } -result {No operation: Use -channel, -command, -data, or -file option} -returnCodes {1}


# Test CMAC command
set test_cipher "aes-128-cbc"
set test_key "Example key 1234"


test CMAC-9.1 {data} -body {
	::tls::cmac -cipher $test_cipher -key $test_key -data $test_data
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test CMAC-9.2 {file} -body {
	::tls::cmac -cipher $test_cipher -key $test_key -file $test_file
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test CMAC-9.3 {channel} -body {
	digest_read_chan ::tls::cmac $test_file -cipher $test_cipher -key $test_key
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test CMAC-9.4 {command} -body {
	digest_accumulate $test_data ::tls::cmac -cipher $test_cipher -key $test_key
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test CMAC-9.5 {data bin} -body {
	binary encode hex [::tls::cmac -bin -cipher $test_cipher -key $test_key -data $test_data]
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

# Test MD CMAC


test MD_CMAC-10.1 {data} -body {
	::tls::md -cipher $test_cipher -key $test_key -data $test_data
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test MD_CMAC-10.2 {file} -body {
	::tls::md -cipher $test_cipher -key $test_key -file $test_file
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test MD_CMAC-10.3 {channel} -body {
	digest_read_chan ::tls::md $test_file -cipher $test_cipher -key $test_key
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test MD_CMAC-10.4 {command} -body {
	digest_accumulate $test_data ::tls::md -cipher $test_cipher -key $test_key
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test MD_CMAC-10.5 {data bin} -body {
	binary encode hex [::tls::md -bin -cipher $test_cipher -key $test_key -data $test_data]
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

# Test CMAC Shortcut


test CMAC_Shortcut-11.1 {data} -body {
	::tls::cmac $test_cipher -key $test_key $test_data
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

# CMAC Error Cases


test CMAC_Errors-12.1 {Too few args} -body {
	::tls::cmac
    } -result {wrong # args: should be "::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test CMAC_Errors-12.2 {Too many args} -body {
	::tls::cmac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test CMAC_Errors-12.3 {No cipher} -body {
	::tls::cmac -hex -data $test_data
    } -result {no cipher} -returnCodes {1}

test CMAC_Errors-12.4 {No key} -body {
	::tls::cmac -cipher $test_cipher -data $test_data
    } -result {no key} -returnCodes {1}

test CMAC_Errors-12.5 {Invalid cipher} -body {
	::tls::cmac -cipher bogus -data $test_data
    } -result {invalid cipher "bogus"} -returnCodes {1}


# Test HMAC command
set test_digest md5
set test_key "Example key"


test HMAC-13.1 {data} -body {
	::tls::hmac -digest $test_digest -key $test_key -data $test_data
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

test HMAC-13.2 {file} -body {
	::tls::hmac -digest $test_digest -key $test_key -file $test_file
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

test HMAC-13.3 {channel} -body {
	digest_read_chan ::tls::hmac $test_file -digest $test_digest -key $test_key
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

test HMAC-13.4 {command} -body {
	digest_accumulate $test_data ::tls::hmac -digest $test_digest -key $test_key
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

test HMAC-13.5 {data bin} -body {
	binary encode hex [::tls::hmac -digest $test_digest -bin -key $test_key -data $test_data]
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

# Test MD HMAC


test MD_HMAC-14.1 {data} -body {
	::tls::md -digest $test_digest -key $test_key -data $test_data
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

test MD_HMAC-14.2 {file} -body {
	::tls::md -digest $test_digest -key $test_key -file $test_file
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

test MD_HMAC-14.3 {channel} -body {
	digest_read_chan ::tls::md $test_file -digest $test_digest -key $test_key
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

test MD_HMAC-14.4 {command} -body {
	digest_accumulate $test_data ::tls::md -digest $test_digest -key $test_key
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

test MD_HMAC-14.5 {data bin} -body {
	binary encode hex [::tls::md -digest $test_digest -bin -key $test_key -data $test_data]
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

# Test HMAC Shortcut


test HMAC_Shortcut-15.1 {data} -body {
	::tls::hmac $test_digest -key $test_key $test_data
    } -result {f98327ef3e20ab6d388f676c6a79d93d}

# HMAC Error Cases


test HMAC_Errors-16.1 {Too few args} -body {
	::tls::hmac
    } -result {wrong # args: should be "::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test HMAC_Errors-16.2 {Too many args} -body {
	::tls::hmac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test HMAC_Errors-16.3 {No digest} -body {
	::tls::hmac -hex -data $test_data
    } -result {no digest} -returnCodes {1}

test HMAC_Errors-16.4 {No key} -body {
	::tls::hmac -digest sha256 -data $test_data
    } -result {no key} -returnCodes {1}

test HMAC_Errors-16.5 {Invalid digest} -body {
	::tls::md -digest bogus -key $test_key -data $test_data
    } -result {invalid digest "bogus"} -returnCodes {1}


# Test MAC command
set test_cipher "aes-128-cbc"
set test_digest sha256
set test_key "Example key 1234"


test MAC-17.1 {CMAC} -body {
	::tls::mac -cipher $test_cipher -key $test_key -mac cmac -data $test_data
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test MAC-17.2 {HMAC} -body {
	::tls::mac -digest $test_digest -key $test_key -mac hmac -data $test_data
    } -result {676daf96370d0e3c5598557da38a9a810a4fbacbb2d10c67f6dfa83f10f48e96}

test MAC-17.3 {MD-CMAC} -body {
	::tls::md -cipher $test_cipher -key $test_key -mac cmac -data $test_data
    } -result {baf5c20f9973e2d606b14c7efdfe52fa}

test MAC-17.4 {MD-HMAC} -body {
	::tls::md -digest $test_digest -key $test_key -mac hmac -data $test_data
    } -result {676daf96370d0e3c5598557da38a9a810a4fbacbb2d10c67f6dfa83f10f48e96}

# MAC Error Cases


test MAC_Errors-18.1 {Too few args} -body {
	::tls::mac
    } -result {wrong # args: should be "::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test MAC_Errors-18.2 {No mac} -body {
	::tls::mac -key $test_key -data $test_data
    } -result {no MAC} -returnCodes {1}

test MAC_Errors-18.3 {No key} -body {
	::tls::mac -mac hmac -digest $test_digest -data $test_data
    } -result {no key} -returnCodes {1}

test MAC_Errors-18.4 {Invalid MAC} -body {
	::tls::mac -mac bogus -key $test_key -data $test_data
    } -result {invalid MAC "bogus"} -returnCodes {1}

test MAC_Errors-18.5 {Too many args} -body {
	::tls::mac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}


# RFC 1321 Message Digest 5


test RFC1321-MD5-19.1 {TC1} -body {
	::tls::md -digest md5 -data ""
    } -result {d41d8cd98f00b204e9800998ecf8427e}

test RFC1321-MD5-19.2 {TC2} -body {
	::tls::md -digest md5 -data "a"
    } -result {0cc175b9c0f1b6a831c399e269772661}

test RFC1321-MD5-19.3 {TC3} -body {
	::tls::md -digest md5 -data "abc"
    } -result {900150983cd24fb0d6963f7d28e17f72}

test RFC1321-MD5-19.4 {TC4} -body {
	::tls::md -digest md5 -data "message digest"
    } -result {f96b697d7cb7938d525a2f31aaf161d0}

test RFC1321-MD5-19.5 {TC5} -body {
	::tls::md -digest md5 -data "abcdefghijklmnopqrstuvwxyz"
    } -result {c3fcd3d76192e4007dfb496cca67e13b}

test RFC1321-MD5-19.6 {TC6} -body {
	::tls::md -digest md5 -data "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
    } -result {d174ab98d277d9f5a5611c2c9f419d9f}

test RFC1321-MD5-19.7 {TC7} -body {
	::tls::md -digest md5 -data [string repeat "1234567890" 8]
    } -result {57edf4a22be3c955ac49da2e2107b67a}

# RFC 6234 SHA1


test RFC6234-MD-SHA1-20.1 {TC1} -body {
	::tls::md -digest sha1 -data "abc"
    } -result {a9993e364706816aba3e25717850c26c9cd0d89d}

test RFC6234-MD-SHA1-20.2 {TC2_1} -body {
	::tls::md -digest sha1 -data "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
    } -result {84983e441c3bd26ebaae4aa1f95129e5e54670f1}

test RFC6234-MD-SHA1-20.3 {TC3} -body {
	::tls::md -digest sha1 -data [string repeat "a" 1000000]
    } -result {34aa973cd4c4daa4f61eeb2bdbad27316534016f}

test RFC6234-MD-SHA1-20.4 {TC4} -body {
	::tls::md -digest sha1 -data [string repeat "01234567" 80]
    } -result {dea356a2cddd90c7a7ecedc5ebb563934f460452}

test RFC6234-MD-SHA1-20.5 {TC6} -body {
	::tls::md -digest sha1 -data "\x5e"
    } -result {5e6f80a34a9798cafc6a5db96cc57ba4c4db59c2}

test RFC6234-MD-SHA1-20.6 {TC8_1} -body {
	::tls::md -digest sha1 -data "\x9a\x7d\xfd\xf1\xec\xea\xd0\x6e\xd6\x46\xaa\x55\xfe\x75\x71\x46"
    } -result {82abff6605dbe1c17def12a394fa22a82b544a35}

test RFC6234-MD-SHA1-20.7 {TC10_1} -body {
	::tls::md -digest sha1 -data "\xf7\x8f\x92\x14\x1b\xcd\x17\x0a\xe8\x9b\x4f\xba\x15\xa1\xd5\x9f\x3f\xd8\x4d\x22\x3c\x92\x51\xbd\xac\xbb\xae\x61\xd0\x5e\xd1\x15\xa0\x6a\x7c\xe1\x17\xb7\xbe\xea\xd2\x44\x21\xde\xd9\xc3\x25\x92\xbd\x57\xed\xea\xe3\x9c\x39\xfa\x1f\xe8\x94\x6a\x84\xd0\xcf\x1f\x7b\xee\xad\x17\x13\xe2\xe0\x95\x98\x97\x34\x7f\x67\xc8\x0b\x04\x00\xc2\x09\x81\x5d\x6b\x10\xa6\x83\x83\x6f\xd5\x56\x2a\x56\xca\xb1\xa2\x8e\x81\xb6\x57\x66\x54\x63\x1c\xf1\x65\x66\xb8\x6e\x3b\x33\xa1\x08\xb0\x53\x07\xc0\x0a\xff\x14\xa7\x68\xed\x73\x50\x60\x6a\x0f\x85\xe6\xa9\x1d\x39\x6f\x5b\x5c\xbe\x57\x7f\x9b\x38\x80\x7c\x7d\x52\x3d\x6d\x79\x2f\x6e\xbc\x24\xa4\xec\xf2\xb3\xa4\x27\xcd\xbb\xfb"
    } -result {cb0082c8f197d260991ba6a460e76e202bad27b3}

# RFC 6234 SHA256


test RFC6234-MD-SHA256-21.1 {TC1} -body {
	::tls::md -digest sha256 -data "abc"
    } -result {ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad}

test RFC6234-MD-SHA256-21.2 {TC2_1} -body {
	::tls::md -digest sha256 -data "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
    } -result {248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1}

test RFC6234-MD-SHA256-21.3 {TC3} -body {
	::tls::md -digest sha256 -data [string repeat "a" 1000000]
    } -result {cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0}

test RFC6234-MD-SHA256-21.4 {TC4} -body {
	::tls::md -digest sha256 -data [string repeat "01234567" 80]
    } -result {594847328451bdfa85056225462cc1d867d877fb388df0ce35f25ab5562bfbb5}

test RFC6234-MD-SHA256-21.5 {TC6} -body {
	::tls::md -digest sha256 -data "\x19"
    } -result {68aa2e2ee5dff96e3355e6c7ee373e3d6a4e17f75f9518d843709c0c9bc3e3d4}

test RFC6234-MD-SHA256-21.6 {TC8_256} -body {
	::tls::md -digest sha256 -data "\xe3\xd7\x25\x70\xdc\xdd\x78\x7c\xe3\x88\x7a\xb2\xcd\x68\x46\x52"
    } -result {175ee69b02ba9b58e2b0a5fd13819cea573f3940a94f825128cf4209beabb4e8}

test RFC6234-MD-SHA256-21.7 {TC10_256} -body {
	::tls::md -digest sha256 -data "\x83\x26\x75\x4e\x22\x77\x37\x2f\x4f\xc1\x2b\x20\x52\x7a\xfe\xf0\x4d\x8a\x05\x69\x71\xb1\x1a\xd5\x71\x23\xa7\xc1\x37\x76\x00\x00\xd7\xbe\xf6\xf3\xc1\xf7\xa9\x08\x3a\xa3\x9d\x81\x0d\xb3\x10\x77\x7d\xab\x8b\x1e\x7f\x02\xb8\x4a\x26\xc7\x73\x32\x5f\x8b\x23\x74\xde\x7a\x4b\x5a\x58\xcb\x5c\x5c\xf3\x5b\xce\xe6\xfb\x94\x6e\x5b\xd6\x94\xfa\x59\x3a\x8b\xeb\x3f\x9d\x65\x92\xec\xed\xaa\x66\xca\x82\xa2\x9d\x0c\x51\xbc\xf9\x33\x62\x30\xe5\xd7\x84\xe4\xc0\xa4\x3f\x8d\x79\xa3\x0a\x16\x5c\xba\xbe\x45\x2b\x77\x4b\x9c\x71\x09\xa9\x7d\x13\x8f\x12\x92\x28\x96\x6f\x6c\x0a\xdc\x10\x6a\xad\x5a\x9f\xdd\x30\x82\x57\x69\xb2\xc6\x71\xaf\x67\x59\xdf\x28\xeb\x39\x3d\x54\xd6"
    } -result {97dbca7df46d62c8a422c941dd7e835b8ad3361763f7e9b2d95f4f0da6e1ccbc}

# RFC 4231 HMAC Examples Test Case #1
set key [binary decode hex [string repeat "0b" 20]]
set data "Hi There"


test RFC4231_HMAC_TC1-22.1 {sha224} -body {
	::tls::hmac -digest sha224 -key $key -data $data
    } -result {896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22}

test RFC4231_HMAC_TC1-22.2 {sha256} -body {
	::tls::hmac -digest sha256 -key $key -data $data
    } -result {b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7}

test RFC4231_HMAC_TC1-22.3 {sha384} -body {
	::tls::hmac -digest sha384 -key $key -data $data
    } -result {afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6}

test RFC4231_HMAC_TC1-22.4 {sha512} -body {
	::tls::hmac -digest sha512 -key $key -data $data
    } -result {87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854}

# RFC 4231 HMAC Examples Test Case #2 - Test with a key shorter than the length of the HMAC output.
set key "Jefe"
set data "what do ya want for nothing?"


test RFC4231_HMAC_TC2-23.1 {sha224} -body {
	::tls::hmac -digest sha224 -key $key -data $data
    } -result {a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44}

test RFC4231_HMAC_TC2-23.2 {sha256} -body {
	::tls::hmac -digest sha256 -key $key -data $data
    } -result {5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843}

test RFC4231_HMAC_TC2-23.3 {sha384} -body {
	::tls::hmac -digest sha384 -key $key -data $data
    } -result {af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649}

test RFC4231_HMAC_TC2-23.4 {sha512} -body {
	::tls::hmac -digest sha512 -key $key -data $data
    } -result {164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737}

# RFC 4231 HMAC Examples Test Case #3 - Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256).
set key [binary decode hex [string repeat "aa" 20]]
set data [binary decode hex [string repeat "dd" 50]]


test RFC4231_HMAC_TC3-24.1 {sha224} -body {
	::tls::hmac -digest sha224 -key $key -data $data
    } -result {7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea}

test RFC4231_HMAC_TC3-24.2 {sha256} -body {
	::tls::hmac -digest sha256 -key $key -data $data
    } -result {773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe}

test RFC4231_HMAC_TC3-24.3 {sha384} -body {
	::tls::hmac -digest sha384 -key $key -data $data
    } -result {88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27}

test RFC4231_HMAC_TC3-24.4 {sha512} -body {
	::tls::hmac -digest sha512 -key $key -data $data
    } -result {fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb}

# RFC 4231 HMAC Examples Test Case #4 - Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256).
set key [binary decode hex "0102030405060708090a0b0c0d0e0f10111213141516171819"]
set data [binary decode hex [string repeat "cd" 50]]


test RFC4231_HMAC_TC4-25.1 {sha224} -body {
	::tls::hmac -digest sha224 -key $key -data $data
    } -result {6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a}

test RFC4231_HMAC_TC4-25.2 {sha256} -body {
	::tls::hmac -digest sha256 -key $key -data $data
    } -result {82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b}

test RFC4231_HMAC_TC4-25.3 {sha384} -body {
	::tls::hmac -digest sha384 -key $key -data $data
    } -result {3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb}

test RFC4231_HMAC_TC4-25.4 {sha512} -body {
	::tls::hmac -digest sha512 -key $key -data $data
    } -result {b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd}

# RFC 4231 HMAC Examples Test Case #5 - Test with a truncation of output to 128 bits.
set key [binary decode hex [string repeat "0c" 20]]
set data "Test With Truncation"


test RFC4231_HMAC_TC5-26.1 {sha224} -body {
	string range [::tls::hmac -digest sha224 -key $key -data $data] 0 31
    } -result {0e2aea68a90c8d37c988bcdb9fca6fa8}

test RFC4231_HMAC_TC5-26.2 {sha256} -body {
	string range [::tls::hmac -digest sha256 -key $key -data $data] 0 31
    } -result {a3b6167473100ee06e0c796c2955552b}

test RFC4231_HMAC_TC5-26.3 {sha384} -body {
	string range [::tls::hmac -digest sha384 -key $key -data $data] 0 31
    } -result {3abf34c3503b2a23a46efc619baef897}

test RFC4231_HMAC_TC5-26.4 {sha512} -body {
	string range [::tls::hmac -digest sha512 -key $key -data $data] 0 31
    } -result {415fad6271580a531d4179bc891d87a6}

# RFC 4231 HMAC Examples Test Case #6 - Test with a key larger than 128 bytes (= block-size of SHA-384 and SHA-512).
set key [binary decode hex [string repeat "aa" 131]]
set data "Test Using Larger Than Block-Size Key - Hash Key First"


test RFC4231_HMAC_TC6-27.1 {sha224} -body {
	::tls::hmac -digest sha224 -key $key -data $data
    } -result {95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e}

test RFC4231_HMAC_TC6-27.2 {sha256} -body {
	::tls::hmac -digest sha256 -key $key -data $data
    } -result {60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54}

test RFC4231_HMAC_TC6-27.3 {sha384} -body {
	::tls::hmac -digest sha384 -key $key -data $data
    } -result {4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952}

test RFC4231_HMAC_TC6-27.4 {sha512} -body {
	::tls::hmac -digest sha512 -key $key -data $data
    } -result {80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598}

# RFC 4231 HMAC Examples Test Case #7 - Test with a key and data that is larger than 128 bytes (= block-size of SHA-384 and SHA-512).
set key [binary decode hex [string repeat "aa" 131]]
set data "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."


test RFC4231_HMAC_TC7-28.1 {sha224} -body {
	::tls::hmac -digest sha224 -key $key -data $data
    } -result {3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1}

test RFC4231_HMAC_TC7-28.2 {sha256} -body {
	::tls::hmac -digest sha256 -key $key -data $data
    } -result {9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2}

test RFC4231_HMAC_TC7-28.3 {sha384} -body {
	::tls::hmac -digest sha384 -key $key -data $data
    } -result {6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e}

test RFC4231_HMAC_TC7-28.4 {sha512} -body {
	::tls::hmac -digest sha512 -key $key -data $data
    } -result {e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58}

# NIST 800-38b Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication
# AES-128
set key [binary decode hex "2b7e151628aed2a6abf7158809cf4f3c"]


test NIST800-38b-AES128-29.1 {len=0} -body {
	::tls::cmac -cipher aes-128-cbc -key $key -data ""
    } -result {bb1d6929e95937287fa37d129b756746}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172a"]

test NIST800-38b-AES128-29.2 {len=128} -body {
	::tls::cmac -cipher aes-128-cbc -key $key -data $data
    } -result {070a16b46b4d4144f79bdd9dd04a287c}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"]

test NIST800-38b-AES128-29.3 {len=320} -body {
	::tls::cmac -cipher aes-128-cbc -key $key -data $data
    } -result {dfa66747de9ae63030ca32611497c827}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710"]

test NIST800-38b-AES128-29.4 {len=512} -body {
	::tls::cmac -cipher aes-128-cbc -key $key -data $data
    } -result {51f0bebf7e3b9d92fc49741779363cfe}

# AES-192
set key [binary decode hex "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b"]


test NIST800-38b-AES-192-30.1 {len=0} -body {
	::tls::cmac -cipher aes-192-cbc -key $key -data ""
    } -result {d17ddf46adaacde531cac483de7a9367}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172a"]

test NIST800-38b-AES-192-30.2 {len=128} -body {
	::tls::cmac -cipher aes-192-cbc -key $key -data $data
    } -result {9e99a7bf31e710900662f65e617c5184}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"]

test NIST800-38b-AES-192-30.3 {len=320} -body {
	::tls::cmac -cipher aes-192-cbc -key $key -data $data
    } -result {8a1de5be2eb31aad089a82e6ee908b0e}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710"]

test NIST800-38b-AES-192-30.4 {len=512} -body {
	::tls::cmac -cipher aes-192-cbc -key $key -data $data
    } -result {a1d5df0eed790f794d77589659f39a11}

# AES-256
set key [binary decode hex "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4"]


test NIST800-38b-AES-256-31.1 {len=0} -body {
	::tls::cmac -cipher aes-256-cbc -key $key -data ""
    } -result {028962f61b7bf89efc6b551f4667d983}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172a"]

test NIST800-38b-AES-256-31.2 {len=128} -body {
	::tls::cmac -cipher aes-256-cbc -key $key -data $data
    } -result {28a7023f452e8f82bd4bf28d8c37c35c}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"]

test NIST800-38b-AES-256-31.3 {len=320} -body {
	::tls::cmac -cipher aes-256-cbc -key $key -data $data
    } -result {aaf3d8f1de5640c232f5b169b9c911e6}
set data [binary decode hex "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710"]

test NIST800-38b-AES-256-31.4 {len=512} -body {
	::tls::cmac -cipher aes-256-cbc -key $key -data $data
    } -result {e1992190549f6ed5696a2c056c315410}

# Cleanup
::tcltest::removeFile $test_file
::tcltest::removeFile $test_alt_file

# Cleanup
::tcltest::cleanupTests
return