2014-05-15 13:27:15 -07:00
|
|
|
|
|
|
|
#define TEST_NAME "chacha20"
|
|
|
|
#include "cmptest.h"
|
|
|
|
|
2015-02-11 04:34:29 -07:00
|
|
|
static
|
|
|
|
void tv(void)
|
2014-05-15 13:27:15 -07:00
|
|
|
{
|
|
|
|
static struct {
|
|
|
|
const char *key_hex;
|
|
|
|
const char *nonce_hex;
|
2014-09-14 11:32:55 -07:00
|
|
|
} tests[]
|
|
|
|
= { { "0000000000000000000000000000000000000000000000000000000000000000",
|
|
|
|
"0000000000000000" },
|
|
|
|
{ "0000000000000000000000000000000000000000000000000000000000000001",
|
|
|
|
"0000000000000000" },
|
|
|
|
{ "0000000000000000000000000000000000000000000000000000000000000000",
|
|
|
|
"0000000000000001" },
|
|
|
|
{ "0000000000000000000000000000000000000000000000000000000000000000",
|
|
|
|
"0100000000000000" },
|
|
|
|
{ "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
|
|
|
|
"0001020304050607" } };
|
2015-10-26 13:28:39 -07:00
|
|
|
unsigned char key[crypto_stream_chacha20_KEYBYTES];
|
|
|
|
unsigned char nonce[crypto_stream_chacha20_NONCEBYTES];
|
|
|
|
unsigned char *part;
|
|
|
|
unsigned char out[160];
|
|
|
|
unsigned char zero[160];
|
|
|
|
char out_hex[160 * 2 + 1];
|
|
|
|
size_t i = 0U;
|
|
|
|
size_t plen;
|
2014-05-15 13:27:15 -07:00
|
|
|
|
2015-10-26 13:28:39 -07:00
|
|
|
memset(zero, 0, sizeof zero);
|
2014-05-15 13:27:15 -07:00
|
|
|
do {
|
2014-09-14 11:32:55 -07:00
|
|
|
sodium_hex2bin((unsigned char *)key, sizeof key, tests[i].key_hex,
|
|
|
|
strlen(tests[i].key_hex), NULL, NULL, NULL);
|
|
|
|
sodium_hex2bin(nonce, sizeof nonce, tests[i].nonce_hex,
|
|
|
|
strlen(tests[i].nonce_hex), NULL, NULL, NULL);
|
2014-05-15 13:27:15 -07:00
|
|
|
crypto_stream_chacha20(out, sizeof out, nonce, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
2015-10-26 13:28:39 -07:00
|
|
|
for (plen = 1U; plen < sizeof out; plen++) {
|
2015-10-26 14:48:56 -07:00
|
|
|
part = (unsigned char *) sodium_malloc(plen);
|
2015-10-26 13:28:39 -07:00
|
|
|
crypto_stream_chacha20_xor(part, out, plen, nonce, key);
|
|
|
|
if (memcmp(part, zero, plen) != 0) {
|
|
|
|
printf("Failed with length %lu\n", (unsigned long) plen);
|
|
|
|
}
|
|
|
|
sodium_free(part);
|
|
|
|
}
|
2014-05-15 13:27:15 -07:00
|
|
|
} while (++i < (sizeof tests) / (sizeof tests[0]));
|
2017-03-02 10:01:28 -07:00
|
|
|
assert(66 <= sizeof out);
|
|
|
|
for (plen = 1U; plen < 66; plen += 3) {
|
|
|
|
memset(out, (int) (plen & 0xff), sizeof out);
|
|
|
|
crypto_stream_chacha20(out, plen, nonce, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
|
|
|
}
|
2015-07-21 04:37:06 -07:00
|
|
|
randombytes_buf(out, sizeof out);
|
|
|
|
crypto_stream_chacha20(out, sizeof out, nonce, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
2014-09-16 10:32:04 -07:00
|
|
|
|
2014-09-16 15:25:54 -07:00
|
|
|
assert(crypto_stream_chacha20(out, 0U, nonce, key) == 0);
|
|
|
|
assert(crypto_stream_chacha20_xor(out, out, 0U, nonce, key) == 0);
|
2014-09-16 10:32:04 -07:00
|
|
|
assert(crypto_stream_chacha20_xor(out, out, 0U, nonce, key) == 0);
|
|
|
|
assert(crypto_stream_chacha20_xor_ic(out, out, 0U, nonce, 1U, key) == 0);
|
|
|
|
|
2015-07-21 04:37:06 -07:00
|
|
|
memset(out, 0x42, sizeof out);
|
2014-09-14 13:09:15 -07:00
|
|
|
crypto_stream_chacha20_xor(out, out, sizeof out, nonce, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
|
|
|
|
|
|
|
crypto_stream_chacha20_xor_ic(out, out, sizeof out, nonce, 0U, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
|
|
|
|
|
|
|
crypto_stream_chacha20_xor_ic(out, out, sizeof out, nonce, 1U, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
2017-09-13 03:45:04 -07:00
|
|
|
}
|
2014-05-15 13:27:15 -07:00
|
|
|
|
2015-02-11 04:34:29 -07:00
|
|
|
static
|
|
|
|
void tv_ietf(void)
|
|
|
|
{
|
|
|
|
static struct {
|
|
|
|
const char *key_hex;
|
|
|
|
const char *nonce_hex;
|
|
|
|
uint32_t ic;
|
|
|
|
} tests[]
|
|
|
|
= { { "0000000000000000000000000000000000000000000000000000000000000000",
|
|
|
|
"000000000000000000000000",
|
|
|
|
0U },
|
|
|
|
{ "0000000000000000000000000000000000000000000000000000000000000000",
|
|
|
|
"000000000000000000000000",
|
|
|
|
1U },
|
|
|
|
{ "0000000000000000000000000000000000000000000000000000000000000001",
|
|
|
|
"000000000000000000000000",
|
|
|
|
1U },
|
|
|
|
{ "00ff000000000000000000000000000000000000000000000000000000000000",
|
|
|
|
"000000000000000000000000",
|
|
|
|
2U },
|
|
|
|
{ "0000000000000000000000000000000000000000000000000000000000000000",
|
|
|
|
"000000000000000000000002",
|
|
|
|
0U },
|
|
|
|
{ "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
|
|
|
|
"000000090000004a00000000",
|
2017-03-03 02:14:08 -07:00
|
|
|
1U },
|
|
|
|
{ "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
|
|
|
|
"000000090000004a00000000",
|
2018-09-07 15:39:54 -07:00
|
|
|
0xfeffffff }};
|
2015-10-26 13:28:39 -07:00
|
|
|
unsigned char key[crypto_stream_chacha20_KEYBYTES];
|
|
|
|
unsigned char nonce[crypto_stream_chacha20_IETF_NONCEBYTES];
|
|
|
|
unsigned char *part;
|
|
|
|
unsigned char out[160];
|
|
|
|
unsigned char zero[160];
|
|
|
|
char out_hex[160 * 2 + 1];
|
|
|
|
size_t i = 0U;
|
|
|
|
size_t plen;
|
2015-02-11 04:34:29 -07:00
|
|
|
|
2015-10-26 13:28:39 -07:00
|
|
|
memset(zero, 0, sizeof zero);
|
2015-02-11 04:34:29 -07:00
|
|
|
do {
|
|
|
|
sodium_hex2bin((unsigned char *)key, sizeof key, tests[i].key_hex,
|
|
|
|
strlen(tests[i].key_hex), ": ", NULL, NULL);
|
|
|
|
sodium_hex2bin(nonce, sizeof nonce, tests[i].nonce_hex,
|
|
|
|
strlen(tests[i].nonce_hex), ": ", NULL, NULL);
|
|
|
|
memset(out, 0, sizeof out);
|
|
|
|
crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, tests[i].ic, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
2015-10-26 13:28:39 -07:00
|
|
|
for (plen = 1U; plen < sizeof out; plen++) {
|
2015-10-26 14:48:56 -07:00
|
|
|
part = (unsigned char *) sodium_malloc(plen);
|
2015-10-26 13:28:39 -07:00
|
|
|
crypto_stream_chacha20_ietf_xor_ic(part, out, plen, nonce, tests[i].ic, key);
|
|
|
|
if (memcmp(part, zero, plen) != 0) {
|
|
|
|
printf("Failed with length %lu\n", (unsigned long) plen);
|
|
|
|
}
|
|
|
|
sodium_free(part);
|
|
|
|
}
|
2015-02-11 04:34:29 -07:00
|
|
|
} while (++i < (sizeof tests) / (sizeof tests[0]));
|
2017-03-02 10:01:28 -07:00
|
|
|
assert(66 <= sizeof out);
|
|
|
|
for (plen = 1U; plen < 66; plen += 3) {
|
|
|
|
memset(out, (int) (plen & 0xff), sizeof out);
|
|
|
|
crypto_stream_chacha20(out, plen, nonce, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
|
|
|
}
|
2015-07-21 04:37:06 -07:00
|
|
|
randombytes_buf(out, sizeof out);
|
|
|
|
crypto_stream_chacha20_ietf(out, sizeof out, nonce, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
2015-02-11 04:34:29 -07:00
|
|
|
|
|
|
|
assert(crypto_stream_chacha20_ietf(out, 0U, nonce, key) == 0);
|
|
|
|
assert(crypto_stream_chacha20_ietf_xor(out, out, 0U, nonce, key) == 0);
|
|
|
|
assert(crypto_stream_chacha20_ietf_xor(out, out, 0U, nonce, key) == 0);
|
|
|
|
assert(crypto_stream_chacha20_ietf_xor_ic(out, out, 0U, nonce, 1U, key) == 0);
|
|
|
|
|
2015-07-21 04:37:06 -07:00
|
|
|
memset(out, 0x42, sizeof out);
|
2015-02-11 04:34:29 -07:00
|
|
|
crypto_stream_chacha20_ietf_xor(out, out, sizeof out, nonce, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
|
|
|
|
|
|
|
crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, 0U, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
|
|
|
|
|
|
|
crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, 1U, key);
|
|
|
|
sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out);
|
|
|
|
printf("[%s]\n", out_hex);
|
2017-09-13 03:45:04 -07:00
|
|
|
}
|
2015-02-11 04:34:29 -07:00
|
|
|
|
|
|
|
int
|
|
|
|
main(void)
|
2014-05-15 13:27:15 -07:00
|
|
|
{
|
|
|
|
tv();
|
2015-02-11 04:34:29 -07:00
|
|
|
tv_ietf();
|
2014-05-15 13:27:15 -07:00
|
|
|
|
2014-09-13 15:12:23 -07:00
|
|
|
assert(crypto_stream_chacha20_keybytes() > 0U);
|
2017-07-17 14:09:44 -07:00
|
|
|
assert(crypto_stream_chacha20_keybytes() == crypto_stream_chacha20_KEYBYTES);
|
2014-09-13 15:12:23 -07:00
|
|
|
assert(crypto_stream_chacha20_noncebytes() > 0U);
|
2017-07-17 14:09:44 -07:00
|
|
|
assert(crypto_stream_chacha20_noncebytes() == crypto_stream_chacha20_NONCEBYTES);
|
2017-08-03 04:34:31 -07:00
|
|
|
assert(crypto_stream_chacha20_messagebytes_max() == crypto_stream_chacha20_MESSAGEBYTES_MAX);
|
2017-07-17 14:09:44 -07:00
|
|
|
assert(crypto_stream_chacha20_ietf_keybytes() > 0U);
|
|
|
|
assert(crypto_stream_chacha20_ietf_keybytes() == crypto_stream_chacha20_ietf_KEYBYTES);
|
2015-02-11 04:34:29 -07:00
|
|
|
assert(crypto_stream_chacha20_ietf_noncebytes() > 0U);
|
2017-07-17 14:09:44 -07:00
|
|
|
assert(crypto_stream_chacha20_ietf_noncebytes() == crypto_stream_chacha20_ietf_NONCEBYTES);
|
2017-08-03 04:34:31 -07:00
|
|
|
assert(crypto_stream_chacha20_ietf_messagebytes_max() == crypto_stream_chacha20_ietf_MESSAGEBYTES_MAX);
|
2014-09-13 15:12:23 -07:00
|
|
|
|
2014-09-14 10:34:16 -07:00
|
|
|
return 0;
|
2014-05-15 13:27:15 -07:00
|
|
|
}
|