1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-19 10:05:05 -07:00

+ test for aead_xchacha20poly1305

This commit is contained in:
Frank Denis 2017-02-18 22:10:02 +01:00
parent 20d1d048fd
commit 532ea6bd95
4 changed files with 249 additions and 0 deletions

1
.gitignore vendored
View File

@ -81,6 +81,7 @@ test/default/*.res
test/default/*.trs
test/default/aead_aes256gcm
test/default/aead_chacha20poly1305
test/default/aead_xchacha20poly1305
test/default/auth
test/default/auth2
test/default/auth3

View File

@ -5,6 +5,7 @@ EXTRA_DIST = \
pre.js.inc \
aead_aes256gcm.exp \
aead_chacha20poly1305.exp \
aead_xchacha20poly1305.exp \
auth.exp \
auth2.exp \
auth3.exp \
@ -68,6 +69,7 @@ EXTRA_DIST = \
DISTCLEANFILES = \
aead_aes256gcm.res \
aead_chacha20poly1305.res \
aead_xchacha20poly1305.res \
auth.res \
auth2.res \
auth3.res \
@ -132,6 +134,7 @@ if NATIVECLIENT
CLEANFILES = \
aead_aes256gcm.final \
aead_chacha20poly1305.final \
aead_xchacha20poly1305.final \
auth.final \
auth2.final \
auth3.final \
@ -188,8 +191,10 @@ CLEANFILES = \
stream3.final \
stream4.final \
verify1.final \
xchacha20.final \
aead_aes256gcm.nexe \
aead_chacha20poly1305.nexe \
aead_xchacha20poly1305.nexe \
auth.nexe \
auth2.nexe \
auth3.nexe \
@ -339,6 +344,9 @@ aead_aes256gcm_LDADD = $(TESTS_LDADD)
aead_chacha20poly1305_SOURCE = cmptest.h aead_chacha20poly1305.c
aead_chacha20poly1305_LDADD = $(TESTS_LDADD)
aead_xchacha20poly1305_SOURCE = cmptest.h aead_xchacha20poly1305.c
aead_xchacha20poly1305_LDADD = $(TESTS_LDADD)
auth_SOURCE = cmptest.h auth.c
auth_LDADD = $(TESTS_LDADD)
@ -515,6 +523,7 @@ xchacha20_LDADD = $(TESTS_LDADD)
if !MINIMAL
TESTS_TARGETS += \
aead_xchacha20poly1305 \
xchacha20
endif

View File

@ -0,0 +1,188 @@
#define TEST_NAME "aead_xchacha20poly1305"
#include "cmptest.h"
static int
tv(void)
{
#undef MLEN
#define MLEN 114U
#undef ADLEN
#define ADLEN 12U
#undef CLEN
#define CLEN (MLEN + crypto_aead_xchacha20poly1305_ietf_ABYTES)
static const unsigned char firstkey[crypto_aead_xchacha20poly1305_ietf_KEYBYTES]
= {
0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
};
#undef MESSAGE
#define MESSAGE "Ladies and Gentlemen of the class of '99: If I could offer you " \
"only one tip for the future, sunscreen would be it."
unsigned char *m = (unsigned char *) sodium_malloc(MLEN);
static const unsigned char nonce[crypto_aead_xchacha20poly1305_ietf_NPUBBYTES]
= { 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
0x48, 0x49, 0x4a, 0x4b };
static const unsigned char ad[ADLEN]
= { 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7 };
unsigned char *c = (unsigned char *) sodium_malloc(CLEN);
unsigned char *detached_c = (unsigned char *) sodium_malloc(MLEN);
unsigned char *mac = (unsigned char *) sodium_malloc(crypto_aead_xchacha20poly1305_ietf_ABYTES);
unsigned char *m2 = (unsigned char *) sodium_malloc(MLEN);
unsigned long long found_clen;
unsigned long long found_maclen;
unsigned long long m2len;
size_t i;
assert(sizeof MESSAGE - 1U == MLEN);
memcpy(m, MESSAGE, MLEN);
crypto_aead_xchacha20poly1305_ietf_encrypt(c, &found_clen, m, MLEN,
ad, ADLEN,
NULL, nonce, firstkey);
if (found_clen != MLEN + crypto_aead_xchacha20poly1305_ietf_abytes()) {
printf("found_clen is not properly set\n");
}
for (i = 0U; i < CLEN; ++i) {
printf(",0x%02x", (unsigned int) c[i]);
if (i % 8 == 7) {
printf("\n");
}
}
printf("\n");
crypto_aead_xchacha20poly1305_ietf_encrypt_detached(detached_c,
mac, &found_maclen,
m, MLEN,
ad, ADLEN,
NULL, nonce, firstkey);
if (found_maclen != crypto_aead_xchacha20poly1305_ietf_abytes()) {
printf("found_maclen is not properly set\n");
}
if (memcmp(detached_c, c, MLEN) != 0) {
printf("detached ciphertext is bogus\n");
}
if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, &m2len, NULL, c, CLEN, ad,
ADLEN, nonce, firstkey) != 0) {
printf("crypto_aead_xchacha20poly1305_ietf_decrypt() failed\n");
}
if (m2len != MLEN) {
printf("m2len is not properly set\n");
}
if (memcmp(m, m2, MLEN) != 0) {
printf("m != m2\n");
}
memset(m2, 0, m2len);
if (crypto_aead_xchacha20poly1305_ietf_decrypt_detached(m2, NULL,
c, MLEN, mac,
ad, ADLEN,
nonce, firstkey) != 0) {
printf("crypto_aead_xchacha20poly1305_ietf_decrypt_detached() failed\n");
}
if (memcmp(m, m2, MLEN) != 0) {
printf("detached m != m2\n");
}
for (i = 0U; i < CLEN; i++) {
c[i] ^= (i + 1U);
if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, NULL, NULL, c, CLEN,
ad, ADLEN, nonce, firstkey)
== 0 || memcmp(m, m2, MLEN) == 0) {
printf("message can be forged\n");
}
c[i] ^= (i + 1U);
}
crypto_aead_xchacha20poly1305_ietf_encrypt(c, &found_clen, m, MLEN,
NULL, 0U, NULL, nonce, firstkey);
if (found_clen != CLEN) {
printf("clen is not properly set (adlen=0)\n");
}
for (i = 0U; i < CLEN; ++i) {
printf(",0x%02x", (unsigned int) c[i]);
if (i % 8 == 7) {
printf("\n");
}
}
printf("\n");
if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, &m2len, NULL, c, CLEN,
NULL, 0U, nonce, firstkey) != 0) {
printf("crypto_aead_xchacha20poly1305_ietf_decrypt() failed (adlen=0)\n");
}
if (m2len != MLEN) {
printf("m2len is not properly set (adlen=0)\n");
}
if (memcmp(m, m2, MLEN) != 0) {
printf("m != m2 (adlen=0)\n");
}
m2len = 1;
if (crypto_aead_xchacha20poly1305_ietf_decrypt(
m2, &m2len, NULL, NULL,
randombytes_uniform(crypto_aead_xchacha20poly1305_ietf_ABYTES),
NULL, 0U, nonce, firstkey) != -1) {
printf("crypto_aead_xchacha20poly1305_ietf_decrypt() worked with a short "
"ciphertext\n");
}
if (m2len != 0) {
printf("Message length should have been set to zero after a failure\n");
}
m2len = 1;
if (crypto_aead_xchacha20poly1305_ietf_decrypt(m2, &m2len, NULL, c, 0U, NULL, 0U,
nonce, firstkey) != -1) {
printf("crypto_aead_xchacha20poly1305_ietf_decrypt() worked with an empty "
"ciphertext\n");
}
if (m2len != 0) {
printf("Message length should have been set to zero after a failure\n");
}
memcpy(c, m, MLEN);
crypto_aead_xchacha20poly1305_ietf_encrypt(c, &found_clen, c, MLEN,
NULL, 0U, NULL, nonce, firstkey);
if (found_clen != CLEN) {
printf("clen is not properly set (adlen=0)\n");
}
for (i = 0U; i < CLEN; ++i) {
printf(",0x%02x", (unsigned int) c[i]);
if (i % 8 == 7) {
printf("\n");
}
}
printf("\n");
if (crypto_aead_xchacha20poly1305_ietf_decrypt(c, &m2len, NULL, c, CLEN,
NULL, 0U, nonce, firstkey) != 0) {
printf("crypto_aead_xchacha20poly1305_ietf_decrypt() failed (adlen=0)\n");
}
if (m2len != MLEN) {
printf("m2len is not properly set (adlen=0)\n");
}
if (memcmp(m, c, MLEN) != 0) {
printf("m != c (adlen=0)\n");
}
sodium_free(c);
sodium_free(detached_c);
sodium_free(mac);
sodium_free(m2);
sodium_free(m);
assert(crypto_aead_xchacha20poly1305_ietf_keybytes() == crypto_aead_xchacha20poly1305_ietf_KEYBYTES);
assert(crypto_aead_xchacha20poly1305_ietf_npubbytes() == crypto_aead_xchacha20poly1305_ietf_NPUBBYTES);
assert(crypto_aead_xchacha20poly1305_ietf_nsecbytes() == 0U);
assert(crypto_aead_xchacha20poly1305_ietf_nsecbytes() == crypto_aead_xchacha20poly1305_ietf_NSECBYTES);
assert(crypto_aead_xchacha20poly1305_IETF_KEYBYTES == crypto_aead_xchacha20poly1305_ietf_KEYBYTES);
assert(crypto_aead_xchacha20poly1305_IETF_NSECBYTES == crypto_aead_xchacha20poly1305_ietf_NSECBYTES);
assert(crypto_aead_xchacha20poly1305_IETF_NPUBBYTES == crypto_aead_xchacha20poly1305_ietf_NPUBBYTES);
assert(crypto_aead_xchacha20poly1305_IETF_ABYTES == crypto_aead_xchacha20poly1305_ietf_ABYTES);
return 0;
}
int
main(void)
{
tv();
return 0;
}

View File

@ -0,0 +1,51 @@
,0x45,0x3c,0x06,0x93,0xa7,0x40,0x7f,0x04
,0xff,0x4c,0x56,0xae,0xdb,0x17,0xa3,0xc0
,0xa1,0xaf,0xff,0x01,0x17,0x49,0x30,0xfc
,0x22,0x28,0x7c,0x33,0xdb,0xcf,0x0a,0xc8
,0xb8,0x9a,0xd9,0x29,0x53,0x0a,0x1b,0xb3
,0xab,0x5e,0x69,0xf2,0x4c,0x7f,0x60,0x70
,0xc8,0xf8,0x40,0xc9,0xab,0xb4,0xf6,0x9f
,0xbf,0xc8,0xa7,0xff,0x51,0x26,0xfa,0xee
,0xbb,0xb5,0x58,0x05,0xee,0x9c,0x1c,0xf2
,0xce,0x5a,0x57,0x26,0x32,0x87,0xae,0xc5
,0x78,0x0f,0x04,0xec,0x32,0x4c,0x35,0x14
,0x12,0x2c,0xfc,0x32,0x31,0xfc,0x1a,0x8b
,0x71,0x8a,0x62,0x86,0x37,0x30,0xa2,0x70
,0x2b,0xb7,0x63,0x66,0x11,0x6b,0xed,0x09
,0xe0,0xfd,0x5c,0x6d,0x84,0xb6,0xb0,0xc1
,0xab,0xaf,0x24,0x9d,0x5d,0xd0,0xf7,0xf5
,0xa7,0xea
,0x45,0x3c,0x06,0x93,0xa7,0x40,0x7f,0x04
,0xff,0x4c,0x56,0xae,0xdb,0x17,0xa3,0xc0
,0xa1,0xaf,0xff,0x01,0x17,0x49,0x30,0xfc
,0x22,0x28,0x7c,0x33,0xdb,0xcf,0x0a,0xc8
,0xb8,0x9a,0xd9,0x29,0x53,0x0a,0x1b,0xb3
,0xab,0x5e,0x69,0xf2,0x4c,0x7f,0x60,0x70
,0xc8,0xf8,0x40,0xc9,0xab,0xb4,0xf6,0x9f
,0xbf,0xc8,0xa7,0xff,0x51,0x26,0xfa,0xee
,0xbb,0xb5,0x58,0x05,0xee,0x9c,0x1c,0xf2
,0xce,0x5a,0x57,0x26,0x32,0x87,0xae,0xc5
,0x78,0x0f,0x04,0xec,0x32,0x4c,0x35,0x14
,0x12,0x2c,0xfc,0x32,0x31,0xfc,0x1a,0x8b
,0x71,0x8a,0x62,0x86,0x37,0x30,0xa2,0x70
,0x2b,0xb7,0x63,0x66,0x11,0x6b,0xed,0x09
,0xe0,0xfd,0xd4,0xc8,0x60,0xb7,0x07,0x4b
,0xe8,0x94,0xfa,0xc9,0x69,0x73,0x99,0xbe
,0x5c,0xc1
,0x45,0x3c,0x06,0x93,0xa7,0x40,0x7f,0x04
,0xff,0x4c,0x56,0xae,0xdb,0x17,0xa3,0xc0
,0xa1,0xaf,0xff,0x01,0x17,0x49,0x30,0xfc
,0x22,0x28,0x7c,0x33,0xdb,0xcf,0x0a,0xc8
,0xb8,0x9a,0xd9,0x29,0x53,0x0a,0x1b,0xb3
,0xab,0x5e,0x69,0xf2,0x4c,0x7f,0x60,0x70
,0xc8,0xf8,0x40,0xc9,0xab,0xb4,0xf6,0x9f
,0xbf,0xc8,0xa7,0xff,0x51,0x26,0xfa,0xee
,0xbb,0xb5,0x58,0x05,0xee,0x9c,0x1c,0xf2
,0xce,0x5a,0x57,0x26,0x32,0x87,0xae,0xc5
,0x78,0x0f,0x04,0xec,0x32,0x4c,0x35,0x14
,0x12,0x2c,0xfc,0x32,0x31,0xfc,0x1a,0x8b
,0x71,0x8a,0x62,0x86,0x37,0x30,0xa2,0x70
,0x2b,0xb7,0x63,0x66,0x11,0x6b,0xed,0x09
,0xe0,0xfd,0xd4,0xc8,0x60,0xb7,0x07,0x4b
,0xe8,0x94,0xfa,0xc9,0x69,0x73,0x99,0xbe
,0x5c,0xc1