Add Sha224 digest, HMAC-SHA224, and SHA224 KAT

aws-lc-rs/src/digest.rs

@@ -35,14 +35,14 @@ mod sha;
 use crate::error::Unspecified;
 use crate::ptr::ConstPointer;
 use aws_lc::{
-    EVP_DigestFinal, EVP_DigestUpdate, EVP_sha1, EVP_sha256, EVP_sha384, EVP_sha3_256,
+    EVP_DigestFinal, EVP_DigestUpdate, EVP_sha1, EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha3_256,
     EVP_sha3_384, EVP_sha3_512, EVP_sha512, EVP_sha512_256, EVP_MD,
 };
 use digest_ctx::DigestContext;
 pub use sha::{
-    SHA1_FOR_LEGACY_USE_ONLY, SHA1_OUTPUT_LEN, SHA256, SHA256_OUTPUT_LEN, SHA384,
-    SHA384_OUTPUT_LEN, SHA3_256, SHA3_384, SHA3_512, SHA512, SHA512_256, SHA512_256_OUTPUT_LEN,
-    SHA512_OUTPUT_LEN,
+    SHA1_FOR_LEGACY_USE_ONLY, SHA1_OUTPUT_LEN, SHA224, SHA224_OUTPUT_LEN, SHA256,
+    SHA256_OUTPUT_LEN, SHA384, SHA384_OUTPUT_LEN, SHA3_256, SHA3_384, SHA3_512, SHA512, SHA512_256,
+    SHA512_256_OUTPUT_LEN, SHA512_OUTPUT_LEN,
 };
 use std::mem::MaybeUninit;
 use std::os::raw::c_uint;
@@ -254,6 +254,7 @@ unsafe impl Send for Algorithm {}
 #[derive(Debug, Eq, PartialEq)]
 pub(crate) enum AlgorithmID {
     SHA1,
+    SHA224,
     SHA256,
     SHA384,
     SHA512,
@@ -290,6 +291,7 @@ pub(crate) fn match_digest_type(algorithm_id: &AlgorithmID) -> ConstPointer<EVP_
     unsafe {
         ConstPointer::new(match algorithm_id {
             AlgorithmID::SHA1 => EVP_sha1(),
+            AlgorithmID::SHA224 => EVP_sha224(),
             AlgorithmID::SHA256 => EVP_sha256(),
             AlgorithmID::SHA384 => EVP_sha384(),
             AlgorithmID::SHA512 => EVP_sha512(),
@@ -371,6 +373,7 @@ mod tests {
         }
 
         max_input_tests!(SHA1_FOR_LEGACY_USE_ONLY);
+        max_input_tests!(SHA224);
         max_input_tests!(SHA256);
         max_input_tests!(SHA384);
         max_input_tests!(SHA512);
@@ -384,6 +387,7 @@ mod tests {
 
         for alg in [
             &digest::SHA1_FOR_LEGACY_USE_ONLY,
+            &digest::SHA224,
             &digest::SHA256,
             &digest::SHA384,
             &digest::SHA512,

aws-lc-rs/src/digest/sha.rs

@@ -5,8 +5,8 @@
 
 use crate::digest::{Algorithm, AlgorithmID, Context};
 use aws_lc::{
-    NID_sha1, NID_sha256, NID_sha384, NID_sha3_256, NID_sha3_384, NID_sha3_512, NID_sha512,
-    NID_sha512_256,
+    NID_sha1, NID_sha224, NID_sha256, NID_sha384, NID_sha3_256, NID_sha3_384, NID_sha3_512,
+    NID_sha512, NID_sha512_256,
 };
 
 pub const BLOCK_LEN: usize = 512 / 8;
@@ -16,6 +16,9 @@ pub const OUTPUT_LEN: usize = 160 / 8;
 /// The length of the output of SHA-1, in bytes.
 pub const SHA1_OUTPUT_LEN: usize = OUTPUT_LEN;
 
+/// The length of the output of SHA-224, in bytes.
+pub const SHA224_OUTPUT_LEN: usize = 224 / 8;
+
 /// The length of the output of SHA-256, in bytes.
 pub const SHA256_OUTPUT_LEN: usize = 256 / 8;
 
@@ -84,6 +87,23 @@ pub static SHA1_FOR_LEGACY_USE_ONLY: Algorithm = Algorithm {
     hash_nid: NID_sha1,
 };
 
+/// SHA-256 as specified in [FIPS 180-4].
+///
+/// [FIPS 180-4]: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf
+#[allow(deprecated)]
+pub static SHA224: Algorithm = Algorithm {
+    output_len: SHA224_OUTPUT_LEN,
+    chaining_len: SHA224_OUTPUT_LEN,
+    block_len: 512 / 8,
+    max_input_len: SHA256_MAX_INPUT_LEN,
+
+    one_shot_hash: sha224_digest,
+
+    id: AlgorithmID::SHA224,
+
+    hash_nid: NID_sha224,
+};
+
 /// SHA-256 as specified in [FIPS 180-4].
 ///
 /// [FIPS 180-4]: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf
@@ -203,6 +223,12 @@ fn sha1_digest(msg: &[u8], output: &mut [u8]) {
     }
 }
 
+fn sha224_digest(msg: &[u8], output: &mut [u8]) {
+    unsafe {
+        aws_lc::SHA224(msg.as_ptr(), msg.len(), output.as_mut_ptr());
+    }
+}
+
 fn sha256_digest(msg: &[u8], output: &mut [u8]) {
     unsafe {
         aws_lc::SHA256(msg.as_ptr(), msg.len(), output.as_mut_ptr());

aws-lc-rs/src/hmac.rs

@@ -134,6 +134,9 @@ impl Algorithm {
 /// HMAC using SHA-1. Obsolete.
 pub static HMAC_SHA1_FOR_LEGACY_USE_ONLY: Algorithm = Algorithm(&digest::SHA1_FOR_LEGACY_USE_ONLY);
 
+/// HMAC using SHA-224.
+pub static HMAC_SHA224: Algorithm = Algorithm(&digest::SHA224);
+
 /// HMAC using SHA-256.
 pub static HMAC_SHA256: Algorithm = Algorithm(&digest::SHA256);
 
@@ -458,6 +461,7 @@ mod tests {
 
         for algorithm in &[
             hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY,
+            hmac::HMAC_SHA224,
             hmac::HMAC_SHA256,
             hmac::HMAC_SHA384,
             hmac::HMAC_SHA512,
@@ -478,6 +482,7 @@ mod tests {
 
         for &alg in &[
             hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY,
+            hmac::HMAC_SHA224,
             hmac::HMAC_SHA256,
             hmac::HMAC_SHA384,
             hmac::HMAC_SHA512,

aws-lc-rs/src/test.rs

@@ -170,7 +170,7 @@ impl TestCase {
         let name = self.consume_string(key);
         match name.as_ref() {
             "SHA1" => Some(&digest::SHA1_FOR_LEGACY_USE_ONLY),
-            "SHA224" => None, // We actively skip SHA-224 support.
+            "SHA224" => Some(&digest::SHA224),
             "SHA256" => Some(&digest::SHA256),
             "SHA384" => Some(&digest::SHA384),
             "SHA512" => Some(&digest::SHA512),

aws-lc-rs/tests/data/digest_tests.txt

@@ -20,6 +20,48 @@ Input = "0123456701234567012345670123456701234567012345670123456701234567"
 Repeat = 10
 Output = dea356a2cddd90c7a7ecedc5ebb563934f460452
 
+# SHA-224 tests from NIST.
+
+Hash = SHA224
+Input = ff
+Repeat = 1
+Output = e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5
+
+Hash = SHA224
+Repeat = 1
+Input = 84
+Output = 3cd36921df5d6963e73739cf4d20211e2d8877c19cff087ade9d0e3a
+
+Hash = SHA224
+Repeat = 1
+Input = 5c7b
+Output = daff9bce685eb831f97fc1225b03c275a6c112e2d6e76f5faf7a36e6
+
+Hash = SHA224
+Repeat = 1
+Input = 51ca3d
+Output = 2c8959023515476e38388abb43599a29876b4b33d56adc06032de3a2
+
+Hash = SHA224
+Repeat = 1
+Input = 6084347e
+Output = ae57c0a6d49739ba338adfa53bdae063e5c09122b77604780a8eeaa3
+
+Hash = SHA224
+Repeat = 1
+Input = 493e14623c
+Output = 7f631f295e024e74552083245ca8f988a3fb65680ae97c3040d2e65c
+
+Hash = SHA224
+Repeat = 1
+Input = d729d8cd1631
+Output = 342e8e6b23c1c6a54910631f098e08e836259c57e49c1b1d023d166d
+
+Hash = SHA224
+Repeat = 1
+Input = cbf2061e10faa5
+Output = 3aa702b1b66dc57d7aec3ccdbdfbd88592d7520f843ba5d0fa481168
+
 # SHA-256 tests from NIST.
 
 Hash = SHA256

aws-lc-rs/tests/digest_test.rs

@@ -226,6 +226,7 @@ mod digest_shavs {
     }
 
     shavs_tests!(SHA1, SHA1_FOR_LEGACY_USE_ONLY, TestType::Fips180_4);
+    shavs_tests!(SHA224, SHA224, TestType::Fips180_4);
     shavs_tests!(SHA256, SHA256, TestType::Fips180_4);
     shavs_tests!(SHA384, SHA384, TestType::Fips180_4);
     shavs_tests!(SHA512, SHA512, TestType::Fips180_4);
@@ -275,6 +276,7 @@ macro_rules! test_i_u_f {
     };
 }
 test_i_u_f!(digest_test_i_u_f_sha1, digest::SHA1_FOR_LEGACY_USE_ONLY);
+test_i_u_f!(digest_test_i_u_f_sha224, digest::SHA224);
 test_i_u_f!(digest_test_i_u_f_sha256, digest::SHA256);
 test_i_u_f!(digest_test_i_u_f_sha384, digest::SHA384);
 test_i_u_f!(digest_test_i_u_f_sha512, digest::SHA512);
@@ -295,6 +297,7 @@ test_i_u_f!(digest_test_i_u_f_sha512, digest::SHA512);
 ///
 /// ```sh
 /// sha1sum -b tempfile
+/// sha224sum -b tempfile
 /// sha256sum -b tempfile
 /// sha384sum -b tempfile
 /// sha512sum -b tempfile
@@ -337,6 +340,15 @@ test_large_digest!(
         0x65, 0x3C, 0x20, 0xE4, 0xBD
     ]
 );
+test_large_digest!(
+    digest_test_large_digest_sha224,
+    digest::SHA224,
+    224 / 8,
+    [
+        0xC2, 0x58, 0x05, 0x9f, 0xa8, 0x03, 0x85, 0xeb, 0xf9, 0xf7, 0x3d, 0x01, 0xfe, 0x94, 0x36,
+        0xd9, 0x62, 0xc4, 0x9a, 0xeb, 0x2c, 0xd0, 0x7e, 0x21, 0x1e, 0xe1, 0x05, 0x55
+    ]
+);
 test_large_digest!(
     digest_test_large_digest_sha256,
     digest::SHA256,
@@ -377,6 +389,7 @@ test_large_digest!(
 #[test]
 fn test_fmt_algorithm() {
     assert_eq!("SHA1", &format!("{:?}", digest::SHA1_FOR_LEGACY_USE_ONLY));
+    assert_eq!("SHA224", &format!("{:?}", digest::SHA224));
     assert_eq!("SHA256", &format!("{:?}", digest::SHA256));
     assert_eq!("SHA384", &format!("{:?}", digest::SHA384));
     assert_eq!("SHA512", &format!("{:?}", digest::SHA512));
@@ -392,6 +405,10 @@ fn digest_test_fmt() {
             digest::digest(&digest::SHA1_FOR_LEGACY_USE_ONLY, b"hello, world")
         )
     );
+    assert_eq!(
+        "SHA224:6e1a93e32fb44081a401f3db3ef2e6e108b7bbeeb5705afdaf01fb27",
+        &format!("{:?}", digest::digest(&digest::SHA224, b"hello, world"))
+    );
     assert_eq!(
         "SHA256:09ca7e4eaa6e8ae9c7d261167129184883644d\
          07dfba7cbfbc4c8a2e08360d5b",

aws-lc-rs/tests/hmac_test.rs

@@ -24,6 +24,8 @@ fn hmac_tests() {
             };
             if digest_alg == &digest::SHA1_FOR_LEGACY_USE_ONLY {
                 hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY
+            } else if digest_alg == &digest::SHA224 {
+                hmac::HMAC_SHA224
             } else if digest_alg == &digest::SHA256 {
                 hmac::HMAC_SHA256
             } else if digest_alg == &digest::SHA384 {