@@ -1394,6 +1394,64 @@ fn ekdf_aes_cbc_encrypt_data() -> TestResult {
1394
1394
Ok ( ( ) )
1395
1395
}
1396
1396
1397
+ #[ test]
1398
+ #[ serial]
1399
+ fn sign_verify_sha1_hmac ( ) -> TestResult {
1400
+ let ( pkcs11, slot) = init_pins ( ) ;
1401
+ let session = pkcs11. open_rw_session ( slot) ?;
1402
+ session. login ( UserType :: User , Some ( & AuthPin :: new ( USER_PIN . into ( ) ) ) ) ?;
1403
+
1404
+ let priv_key_template = vec ! [
1405
+ Attribute :: Token ( true ) ,
1406
+ Attribute :: Private ( true ) ,
1407
+ Attribute :: Sensitive ( true ) ,
1408
+ Attribute :: Sign ( true ) ,
1409
+ Attribute :: KeyType ( KeyType :: GENERIC_SECRET ) ,
1410
+ Attribute :: Class ( ObjectClass :: SECRET_KEY ) ,
1411
+ Attribute :: ValueLen ( 256 . into( ) ) ,
1412
+ ] ;
1413
+
1414
+ let private = session. generate_key ( & Mechanism :: GenericSecretKeyGen , & priv_key_template) ?;
1415
+
1416
+ let data = vec ! [ 0xAA , 0xBB , 0xCC , 0xDD , 0xEE , 0xFF ] ;
1417
+
1418
+ let signature = session. sign ( & Mechanism :: Sha1Hmac , private, & data) ?;
1419
+
1420
+ session. verify ( & Mechanism :: Sha1Hmac , private, & data, & signature) ?;
1421
+
1422
+ session. destroy_object ( private) ?;
1423
+ Ok ( ( ) )
1424
+ }
1425
+
1426
+ #[ test]
1427
+ #[ serial]
1428
+ fn sign_verify_sha224_hmac ( ) -> TestResult {
1429
+ let ( pkcs11, slot) = init_pins ( ) ;
1430
+ let session = pkcs11. open_rw_session ( slot) ?;
1431
+ session. login ( UserType :: User , Some ( & AuthPin :: new ( USER_PIN . into ( ) ) ) ) ?;
1432
+
1433
+ let priv_key_template = vec ! [
1434
+ Attribute :: Token ( true ) ,
1435
+ Attribute :: Private ( true ) ,
1436
+ Attribute :: Sensitive ( true ) ,
1437
+ Attribute :: Sign ( true ) ,
1438
+ Attribute :: KeyType ( KeyType :: GENERIC_SECRET ) ,
1439
+ Attribute :: Class ( ObjectClass :: SECRET_KEY ) ,
1440
+ Attribute :: ValueLen ( 256 . into( ) ) ,
1441
+ ] ;
1442
+
1443
+ let private = session. generate_key ( & Mechanism :: GenericSecretKeyGen , & priv_key_template) ?;
1444
+
1445
+ let data = vec ! [ 0xAA , 0xBB , 0xCC , 0xDD , 0xEE , 0xFF ] ;
1446
+
1447
+ let signature = session. sign ( & Mechanism :: Sha224Hmac , private, & data) ?;
1448
+
1449
+ session. verify ( & Mechanism :: Sha224Hmac , private, & data, & signature) ?;
1450
+
1451
+ session. destroy_object ( private) ?;
1452
+ Ok ( ( ) )
1453
+ }
1454
+
1397
1455
#[ test]
1398
1456
#[ serial]
1399
1457
fn sign_verify_sha256_hmac ( ) -> TestResult {
@@ -1423,6 +1481,64 @@ fn sign_verify_sha256_hmac() -> TestResult {
1423
1481
Ok ( ( ) )
1424
1482
}
1425
1483
1484
+ #[ test]
1485
+ #[ serial]
1486
+ fn sign_verify_sha384_hmac ( ) -> TestResult {
1487
+ let ( pkcs11, slot) = init_pins ( ) ;
1488
+ let session = pkcs11. open_rw_session ( slot) ?;
1489
+ session. login ( UserType :: User , Some ( & AuthPin :: new ( USER_PIN . into ( ) ) ) ) ?;
1490
+
1491
+ let priv_key_template = vec ! [
1492
+ Attribute :: Token ( true ) ,
1493
+ Attribute :: Private ( true ) ,
1494
+ Attribute :: Sensitive ( true ) ,
1495
+ Attribute :: Sign ( true ) ,
1496
+ Attribute :: KeyType ( KeyType :: GENERIC_SECRET ) ,
1497
+ Attribute :: Class ( ObjectClass :: SECRET_KEY ) ,
1498
+ Attribute :: ValueLen ( 256 . into( ) ) ,
1499
+ ] ;
1500
+
1501
+ let private = session. generate_key ( & Mechanism :: GenericSecretKeyGen , & priv_key_template) ?;
1502
+
1503
+ let data = vec ! [ 0xAA , 0xBB , 0xCC , 0xDD , 0xEE , 0xFF ] ;
1504
+
1505
+ let signature = session. sign ( & Mechanism :: Sha384Hmac , private, & data) ?;
1506
+
1507
+ session. verify ( & Mechanism :: Sha384Hmac , private, & data, & signature) ?;
1508
+
1509
+ session. destroy_object ( private) ?;
1510
+ Ok ( ( ) )
1511
+ }
1512
+
1513
+ #[ test]
1514
+ #[ serial]
1515
+ fn sign_verify_sha512_hmac ( ) -> TestResult {
1516
+ let ( pkcs11, slot) = init_pins ( ) ;
1517
+ let session = pkcs11. open_rw_session ( slot) ?;
1518
+ session. login ( UserType :: User , Some ( & AuthPin :: new ( USER_PIN . into ( ) ) ) ) ?;
1519
+
1520
+ let priv_key_template = vec ! [
1521
+ Attribute :: Token ( true ) ,
1522
+ Attribute :: Private ( true ) ,
1523
+ Attribute :: Sensitive ( true ) ,
1524
+ Attribute :: Sign ( true ) ,
1525
+ Attribute :: KeyType ( KeyType :: GENERIC_SECRET ) ,
1526
+ Attribute :: Class ( ObjectClass :: SECRET_KEY ) ,
1527
+ Attribute :: ValueLen ( 256 . into( ) ) ,
1528
+ ] ;
1529
+
1530
+ let private = session. generate_key ( & Mechanism :: GenericSecretKeyGen , & priv_key_template) ?;
1531
+
1532
+ let data = vec ! [ 0xAA , 0xBB , 0xCC , 0xDD , 0xEE , 0xFF ] ;
1533
+
1534
+ let signature = session. sign ( & Mechanism :: Sha512Hmac , private, & data) ?;
1535
+
1536
+ session. verify ( & Mechanism :: Sha512Hmac , private, & data, & signature) ?;
1537
+
1538
+ session. destroy_object ( private) ?;
1539
+ Ok ( ( ) )
1540
+ }
1541
+
1426
1542
/// AES-CMAC test vectors from RFC 4493
1427
1543
#[ test]
1428
1544
#[ serial]
0 commit comments