mirror of
https://github.com/jedisct1/libsodium.git
synced 2024-12-19 18:15:18 -07:00
Import missing onetimeauth_poly1305_try.c
This commit is contained in:
parent
3b57f77262
commit
03b82780fd
@ -0,0 +1,155 @@
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include "crypto_hash_sha256.h"
|
||||
#include "crypto_onetimeauth.h"
|
||||
#include "crypto_onetimeauth_poly1305.h"
|
||||
#include "crypto_onetimeauth_poly1305_ref.h"
|
||||
#include "crypto_onetimeauth_poly1305_53.h"
|
||||
#include "utils.h"
|
||||
|
||||
#define MAXTEST_BYTES 10000
|
||||
#define CHECKSUM_BYTES 4096
|
||||
#define TUNE_BYTES 1536
|
||||
|
||||
#define CHECKSUM "e836d5ca58cf673fca2b4910f23f3990"
|
||||
|
||||
static char checksum[crypto_onetimeauth_BYTES * 2U + 1U];
|
||||
|
||||
static unsigned char *h, *h_;
|
||||
static unsigned char *m, *m_;
|
||||
static unsigned char *k, *k_;
|
||||
static unsigned char *h2, *h2_;
|
||||
static unsigned char *m2, *m2_;
|
||||
static unsigned char *k2, *k2_;
|
||||
|
||||
static int
|
||||
allocate(void)
|
||||
{
|
||||
h = _sodium_alignedcalloc(&h_, crypto_onetimeauth_BYTES);
|
||||
m = _sodium_alignedcalloc(&m_, MAXTEST_BYTES);
|
||||
k = _sodium_alignedcalloc(&k_, crypto_onetimeauth_KEYBYTES);
|
||||
h2 = _sodium_alignedcalloc(&h2_, crypto_onetimeauth_BYTES);
|
||||
m2 = _sodium_alignedcalloc(&m2_, MAXTEST_BYTES + crypto_onetimeauth_BYTES);
|
||||
k2 = _sodium_alignedcalloc(&k2_, crypto_onetimeauth_KEYBYTES +
|
||||
crypto_onetimeauth_BYTES);
|
||||
|
||||
return !(h && m && k && h2 && m2 && k2);
|
||||
}
|
||||
|
||||
static void
|
||||
deallocate(void)
|
||||
{
|
||||
free(h_);
|
||||
free(m_);
|
||||
free(k_);
|
||||
free(h2_);
|
||||
free(m2_);
|
||||
free(k2_);
|
||||
}
|
||||
|
||||
static void
|
||||
doit(void)
|
||||
{
|
||||
crypto_onetimeauth(h,m,TUNE_BYTES,k);
|
||||
crypto_onetimeauth_verify(h,m,TUNE_BYTES,k);
|
||||
}
|
||||
|
||||
static const char *
|
||||
checksum_compute(void)
|
||||
{
|
||||
long long i;
|
||||
long long j;
|
||||
|
||||
for (i = 0;i < CHECKSUM_BYTES;++i) {
|
||||
long long mlen = i;
|
||||
long long klen = crypto_onetimeauth_KEYBYTES;
|
||||
long long hlen = crypto_onetimeauth_BYTES;
|
||||
|
||||
for (j = -16;j < 0;++j) h[j] = random();
|
||||
for (j = -16;j < 0;++j) k[j] = random();
|
||||
for (j = -16;j < 0;++j) m[j] = random();
|
||||
for (j = hlen;j < hlen + 16;++j) h[j] = random();
|
||||
for (j = klen;j < klen + 16;++j) k[j] = random();
|
||||
for (j = mlen;j < mlen + 16;++j) m[j] = random();
|
||||
for (j = -16;j < hlen + 16;++j) h2[j] = h[j];
|
||||
for (j = -16;j < klen + 16;++j) k2[j] = k[j];
|
||||
for (j = -16;j < mlen + 16;++j) m2[j] = m[j];
|
||||
|
||||
if (crypto_onetimeauth(h,m,mlen,k) != 0) return "crypto_onetimeauth returns nonzero";
|
||||
|
||||
for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_onetimeauth overwrites k";
|
||||
for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_onetimeauth overwrites m";
|
||||
for (j = -16;j < 0;++j) if (h[j] != h2[j]) return "crypto_onetimeauth writes before output";
|
||||
for (j = hlen;j < hlen + 16;++j) if (h[j] != h2[j]) return "crypto_onetimeauth writes after output";
|
||||
|
||||
for (j = -16;j < 0;++j) h[j] = random();
|
||||
for (j = -16;j < 0;++j) k[j] = random();
|
||||
for (j = -16;j < 0;++j) m[j] = random();
|
||||
for (j = hlen;j < hlen + 16;++j) h[j] = random();
|
||||
for (j = klen;j < klen + 16;++j) k[j] = random();
|
||||
for (j = mlen;j < mlen + 16;++j) m[j] = random();
|
||||
for (j = -16;j < hlen + 16;++j) h2[j] = h[j];
|
||||
for (j = -16;j < klen + 16;++j) k2[j] = k[j];
|
||||
for (j = -16;j < mlen + 16;++j) m2[j] = m[j];
|
||||
|
||||
if (crypto_onetimeauth(m2,m2,mlen,k) != 0) return "crypto_onetimeauth returns nonzero";
|
||||
for (j = 0;j < hlen;++j) if (m2[j] != h[j]) return "crypto_onetimeauth does not handle m overlap";
|
||||
for (j = 0;j < hlen;++j) m2[j] = m[j];
|
||||
if (crypto_onetimeauth(k2,m2,mlen,k2) != 0) return "crypto_onetimeauth returns nonzero";
|
||||
for (j = 0;j < hlen;++j) if (k2[j] != h[j]) return "crypto_onetimeauth does not handle k overlap";
|
||||
for (j = 0;j < hlen;++j) k2[j] = k[j];
|
||||
|
||||
if (crypto_onetimeauth_verify(h,m,mlen,k) != 0) return "crypto_onetimeauth_verify returns nonzero";
|
||||
|
||||
for (j = -16;j < hlen + 16;++j) if (h[j] != h2[j]) return "crypto_onetimeauth overwrites h";
|
||||
for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_onetimeauth overwrites k";
|
||||
for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_onetimeauth overwrites m";
|
||||
|
||||
crypto_hash_sha256(h2,h,hlen);
|
||||
for (j = 0;j < klen;++j) k[j] ^= h2[j % 32];
|
||||
if (crypto_onetimeauth(h,m,mlen,k) != 0) return "crypto_onetimeauth returns nonzero";
|
||||
if (crypto_onetimeauth_verify(h,m,mlen,k) != 0) return "crypto_onetimeauth_verify returns nonzero";
|
||||
|
||||
crypto_hash_sha256(h2,h,hlen);
|
||||
for (j = 0;j < mlen;++j) m[j] ^= h2[j % 32];
|
||||
m[mlen] = h2[0];
|
||||
}
|
||||
if (crypto_onetimeauth(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_onetimeauth returns nonzero";
|
||||
if (crypto_onetimeauth_verify(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_onetimeauth_verify returns nonzero";
|
||||
|
||||
for (i = 0;i < crypto_onetimeauth_BYTES;++i) {
|
||||
checksum[2 * i] = "0123456789abcdef"[15 & (h[i] >> 4)];
|
||||
checksum[2 * i + 1] = "0123456789abcdef"[15 & h[i]];
|
||||
}
|
||||
checksum[2 * i] = 0;
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
crypto_onetimeauth_poly1305_implementation *
|
||||
crypto_onetimeauth_pick_best_implementation(void)
|
||||
{
|
||||
crypto_onetimeauth_poly1305_implementation *implementations[] = {
|
||||
&crypto_onetimeauth_poly1305_53_implementation,
|
||||
&crypto_onetimeauth_poly1305_ref_implementation,
|
||||
NULL
|
||||
};
|
||||
const char *err;
|
||||
size_t i = (size_t) 0U;
|
||||
|
||||
do {
|
||||
if (crypto_onetimeauth_poly1305_set_implementation
|
||||
(implementations[i]) != 0) {
|
||||
continue;
|
||||
}
|
||||
allocate();
|
||||
err = checksum_compute();
|
||||
deallocate();
|
||||
if (err == NULL && strcmp(checksum, CHECKSUM) == 0) {
|
||||
break;
|
||||
}
|
||||
} while (implementations[++i] != NULL);
|
||||
|
||||
return implementations[i];
|
||||
}
|
Loading…
Reference in New Issue
Block a user