diff --git a/test/default/metamorphic.c b/test/default/metamorphic.c
index 74e0fcd7..4e9b9be0 100644
--- a/test/default/metamorphic.c
+++ b/test/default/metamorphic.c
@@ -93,11 +93,93 @@ mm_onetimeauth(void)
     }
 }
 
+static void
+mm_hmacsha256(void)
+{
+    crypto_auth_hmacsha256_state st;
+    unsigned char *h, *h2;
+    unsigned char *k;
+    unsigned char *m;
+    size_t         mlen;
+    size_t         l1, l2;
+    int            i;
+
+    for (i = 0; i < MAX_ITER; i++) {
+        mlen = randombytes_uniform(MAXLEN);
+        m = (unsigned char *) sodium_malloc(mlen);
+        k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_KEYBYTES);
+        h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES);
+        h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES);
+
+        crypto_auth_hmacsha256_keygen(k);
+        randombytes_buf(m, mlen);
+
+        crypto_auth_hmacsha256_init(&st, k, crypto_auth_hmacsha256_KEYBYTES);
+        l1 = randombytes_uniform(mlen);
+        l2 = randombytes_uniform(mlen - l1);
+        crypto_auth_hmacsha256_update(&st, m, l1);
+        crypto_auth_hmacsha256_update(&st, m + l1, l2);
+        crypto_auth_hmacsha256_update(&st, m + l1 + l2, mlen - l1 - l2);
+        crypto_auth_hmacsha256_final(&st, h);
+
+        crypto_auth_hmacsha256(h2, m, mlen, k);
+
+        assert(memcmp(h, h2, crypto_auth_hmacsha256_BYTES) == 0);
+
+        sodium_free(h2);
+        sodium_free(h);
+        sodium_free(k);
+        sodium_free(m);
+    }
+}
+
+static void
+mm_hmacsha512(void)
+{
+    crypto_auth_hmacsha512_state st;
+    unsigned char *h, *h2;
+    unsigned char *k;
+    unsigned char *m;
+    size_t         mlen;
+    size_t         l1, l2;
+    int            i;
+
+    for (i = 0; i < MAX_ITER; i++) {
+        mlen = randombytes_uniform(MAXLEN);
+        m = (unsigned char *) sodium_malloc(mlen);
+        k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_KEYBYTES);
+        h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_BYTES);
+        h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_BYTES);
+
+        crypto_auth_hmacsha512_keygen(k);
+        randombytes_buf(m, mlen);
+
+        crypto_auth_hmacsha512_init(&st, k, crypto_auth_hmacsha512_KEYBYTES);
+        l1 = randombytes_uniform(mlen);
+        l2 = randombytes_uniform(mlen - l1);
+        crypto_auth_hmacsha512_update(&st, m, l1);
+        crypto_auth_hmacsha512_update(&st, m + l1, l2);
+        crypto_auth_hmacsha512_update(&st, m + l1 + l2, mlen - l1 - l2);
+        crypto_auth_hmacsha512_final(&st, h);
+
+        crypto_auth_hmacsha512(h2, m, mlen, k);
+
+        assert(memcmp(h, h2, crypto_auth_hmacsha512_BYTES) == 0);
+
+        sodium_free(h2);
+        sodium_free(h);
+        sodium_free(k);
+        sodium_free(m);
+    }
+}
+
 int
 main(void)
 {
     mm_generichash();
     mm_onetimeauth();
+    mm_hmacsha256();
+    mm_hmacsha512();
 
     printf("OK\n");