dbus/test/data/sha-1/Readme.txt - nest-cam/4320010/dbus - Git at Google

 Test suite from http://csrc.nist.gov/cryptval/shs.html

 				Sample Vectors for SHA-1 Testing

 	This file describes tests and vectors that can be used in verifying the correctness of
 an SHA-1 implementation.  However, use of these vectors does not take the place of validation
 obtained through the Cryptographic Module Validation Program.

 	There are three areas of the Secure Hash Standard for which test vectors are supplied:
 short messages of varying length, selected long messages, and pseudorandomly generated messages.
 Since it is possible for an implementation to correctly handle the hashing of byte-oriented
 messages (and not messages of a non-byte length), the SHS tests each come in two flavors.  For
 both byte oriented and bit oriented messages, the message lengths are given in bits.

 Type I Test: Messages of Varying Length

 	An implementation of the SHS must be able to correctly generate message digests for
 messages of arbitrary length.  This functionality can be tested by supplying the implementation
 with 1025 pseudorandomly generated messages with lengths from 0 to 1024 bits (for an implementation
 that only hashes byte-oriented data correctly, 129 messages of length 0, 8, 16, 24,...,1024 bits
 will be supplied).

 Type II Test: Selected Long Messages

 	Additional testing of an implementation can be performed by testing that the implementation
 can correctly generate digests for longer messages.  A list of 100 messages, each of length > 1024,
 is supplied.  These can be used to verify the hashing of longer message lengths.  For bit oriented
 testing the messages are from 1025 to 103425 bits long (length=1025+i*1024, where 0<=i<100).  For
 byte oriented testing the messages are from 1032 to 103432 (length=1032+i*1024, where 0<=i<100).

 Type III Test: Pseudorandomly Generated Messages

 	This test determines whether the implementation can compute message digests for messages
 that are generated using a given seed.  A sequence of 100 message digests is generated using this
 seed.  The digests are generated according to the following pseudocode:

 procedure MonteCarlo(string SEED)
 {
 	integer i, j, a;
 	string	M;

 	M := SEED;
 	for j = 0 to 99 do {
 		for i = 1 to 50000 do {
 			for a = 1 to (j/4*8 + 24) do M := M || 0;	/*0' is the binary zero bit. */
 			M := M || i; 	/* Here, the value for i is expressed as a 32-bit word
 					   and concatenated with M. The first bit
 					   concatenated with M is the most significant bit of
 					   this 32-bit word. */
 			M := SHA(M);
 			}
 		print(M);
 		}
 	}

 NOTE: In the above procedure, || denotes concatenation. Also, M || i denotes appending the 32-bit
 word representing the value i, as defined in section 2 of the SHS.  Within the procedure, M is a string
 of variable length. The initial length of 416 bits ensures that the length of M never exceeds 512 bits
 during execution of the above procedure, and it ensures that messages will be of a byte length.  Each
 element printed should be 160 bits in length.


 File formats:

 There are two files included for each test type (bit-oriented and byte-oriented).  One file contains
 the messages and the other file contains the hashes.

 The message files provided use "compact strings" to store the message values.  Compact strings are
 used to represented the messages in a compact form.  A compact string has the form
 	z || b || n(1) || n(2) || ... || n(z)
 where z>=0 that represents the number of n, b is either 0 or 1, and each n(i) is a decimal integer
 representing a positive number.  The length of the compact string is given by the summation of the n(i).

 The compact string is interpreted as the representation of the bit string consisting of b repeated n(1) times,
 followed by 1-b repeated n(2) times, followed by b repeated n(3) times, and so on.

 Example:
 	M = 5 1 7 13 5 1 2
 	where z = 5 and b = 1.  Then the compact string M represents the bit string
 	1111111000000000000011111011
 	where 1 is repeated 7 times, 0 is repeated 13 times, 1 is repeated 5 times,
 	0 is repeated 1 time, and 1 is repeated 2 times.
	Test suite from http://csrc.nist.gov/cryptval/shs.html

	Sample Vectors for SHA-1 Testing

	This file describes tests and vectors that can be used in verifying the correctness of
	an SHA-1 implementation. However, use of these vectors does not take the place of validation
	obtained through the Cryptographic Module Validation Program.

	There are three areas of the Secure Hash Standard for which test vectors are supplied:
	short messages of varying length, selected long messages, and pseudorandomly generated messages.
	Since it is possible for an implementation to correctly handle the hashing of byte-oriented
	messages (and not messages of a non-byte length), the SHS tests each come in two flavors. For
	both byte oriented and bit oriented messages, the message lengths are given in bits.

	Type I Test: Messages of Varying Length

	An implementation of the SHS must be able to correctly generate message digests for
	messages of arbitrary length. This functionality can be tested by supplying the implementation
	with 1025 pseudorandomly generated messages with lengths from 0 to 1024 bits (for an implementation
	that only hashes byte-oriented data correctly, 129 messages of length 0, 8, 16, 24,...,1024 bits
	will be supplied).

	Type II Test: Selected Long Messages

	Additional testing of an implementation can be performed by testing that the implementation
	can correctly generate digests for longer messages. A list of 100 messages, each of length > 1024,
	is supplied. These can be used to verify the hashing of longer message lengths. For bit oriented
	testing the messages are from 1025 to 103425 bits long (length=1025+i*1024, where 0<=i<100). For
	byte oriented testing the messages are from 1032 to 103432 (length=1032+i*1024, where 0<=i<100).

	Type III Test: Pseudorandomly Generated Messages

	This test determines whether the implementation can compute message digests for messages
	that are generated using a given seed. A sequence of 100 message digests is generated using this
	seed. The digests are generated according to the following pseudocode:

	procedure MonteCarlo(string SEED)
	{
	integer i, j, a;
	string M;

	M := SEED;
	for j = 0 to 99 do {
	for i = 1 to 50000 do {
	for a = 1 to (j/48 + 24) do M := M \|\| 0; /0' is the binary zero bit. */
	M := M \|\| i; /* Here, the value for i is expressed as a 32-bit word
	and concatenated with M. The first bit
	concatenated with M is the most significant bit of
	this 32-bit word. */
	M := SHA(M);
	}
	print(M);
	}
	}

	NOTE: In the above procedure, \|\| denotes concatenation. Also, M \|\| i denotes appending the 32-bit
	word representing the value i, as defined in section 2 of the SHS. Within the procedure, M is a string
	of variable length. The initial length of 416 bits ensures that the length of M never exceeds 512 bits
	during execution of the above procedure, and it ensures that messages will be of a byte length. Each
	element printed should be 160 bits in length.


	File formats:

	There are two files included for each test type (bit-oriented and byte-oriented). One file contains
	the messages and the other file contains the hashes.

	The message files provided use "compact strings" to store the message values. Compact strings are
	used to represented the messages in a compact form. A compact string has the form
	z \|\| b \|\| n(1) \|\| n(2) \|\| ... \|\| n(z)
	where z>=0 that represents the number of n, b is either 0 or 1, and each n(i) is a decimal integer
	representing a positive number. The length of the compact string is given by the summation of the n(i).

	The compact string is interpreted as the representation of the bit string consisting of b repeated n(1) times,
	followed by 1-b repeated n(2) times, followed by b repeated n(3) times, and so on.

	Example:
	M = 5 1 7 13 5 1 2
	where z = 5 and b = 1. Then the compact string M represents the bit string
	1111111000000000000011111011
	where 1 is repeated 7 times, 0 is repeated 13 times, 1 is repeated 5 times,
	0 is repeated 1 time, and 1 is repeated 2 times.