1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-24 12:36:01 -07:00
This commit is contained in:
Frank Denis 2019-09-12 20:28:54 +02:00
parent 11208ede8e
commit 88717d995b

View File

@ -2054,130 +2054,112 @@ static struct {
static int static int
tv(void) tv(void)
{ {
unsigned char *ad; unsigned char *ad;
unsigned char *ciphertext; unsigned char *ciphertext;
unsigned char *decrypted; unsigned char *decrypted;
unsigned char *detached_ciphertext; unsigned char *detached_ciphertext;
unsigned char *expected_ciphertext; unsigned char *expected_ciphertext;
unsigned char *key; unsigned char *key;
unsigned char *message; unsigned char *message;
unsigned char *mac; unsigned char *mac;
unsigned char *nonce; unsigned char *nonce;
char *hex; char *hex;
unsigned long long found_ciphertext_len; unsigned long long found_ciphertext_len;
unsigned long long found_mac_len; unsigned long long found_mac_len;
unsigned long long found_message_len; unsigned long long found_message_len;
size_t ad_len; size_t ad_len;
size_t ciphertext_len; size_t ciphertext_len;
size_t detached_ciphertext_len; size_t detached_ciphertext_len;
size_t i = 0U; size_t i = 0U;
size_t message_len; size_t message_len;
key = (unsigned char *)sodium_malloc(crypto_aead_aegis256_KEYBYTES); key = (unsigned char *) sodium_malloc(crypto_aead_aegis256_KEYBYTES);
nonce = (unsigned char *)sodium_malloc(crypto_aead_aegis256_NPUBBYTES); nonce = (unsigned char *) sodium_malloc(crypto_aead_aegis256_NPUBBYTES);
mac = (unsigned char *)sodium_malloc(crypto_aead_aegis256_ABYTES); mac = (unsigned char *) sodium_malloc(crypto_aead_aegis256_ABYTES);
do { do {
assert(strlen(tests[i].key_hex) == 2 * crypto_aead_aegis256_KEYBYTES); assert(strlen(tests[i].key_hex) == 2 * crypto_aead_aegis256_KEYBYTES);
sodium_hex2bin(key, crypto_aead_aegis256_KEYBYTES, sodium_hex2bin(key, crypto_aead_aegis256_KEYBYTES, tests[i].key_hex,
tests[i].key_hex, strlen(tests[i].key_hex), strlen(tests[i].key_hex), NULL, NULL, NULL);
NULL, NULL, NULL);
assert(strlen(tests[i].nonce_hex) == 2 * crypto_aead_aegis256_NPUBBYTES); assert(strlen(tests[i].nonce_hex) == 2 * crypto_aead_aegis256_NPUBBYTES);
sodium_hex2bin(nonce, crypto_aead_aegis256_NPUBBYTES, sodium_hex2bin(nonce, crypto_aead_aegis256_NPUBBYTES, tests[i].nonce_hex,
tests[i].nonce_hex, strlen(tests[i].nonce_hex), strlen(tests[i].nonce_hex), NULL, NULL, NULL);
NULL, NULL, NULL);
message_len = strlen(tests[i].message_hex) / 2; message_len = strlen(tests[i].message_hex) / 2;
message = (unsigned char *)sodium_malloc(message_len); message = (unsigned char *) sodium_malloc(message_len);
sodium_hex2bin(message, message_len, sodium_hex2bin(message, message_len, tests[i].message_hex, strlen(tests[i].message_hex),
tests[i].message_hex, strlen(tests[i].message_hex),
NULL, NULL, NULL); NULL, NULL, NULL);
ad_len = strlen(tests[i].ad_hex) / 2; ad_len = strlen(tests[i].ad_hex) / 2;
ad = (unsigned char *)sodium_malloc(ad_len); ad = (unsigned char *) sodium_malloc(ad_len);
sodium_hex2bin(ad, ad_len, sodium_hex2bin(ad, ad_len, tests[i].ad_hex, strlen(tests[i].ad_hex), NULL, NULL, NULL);
tests[i].ad_hex, strlen(tests[i].ad_hex),
NULL, NULL, NULL);
ciphertext_len = message_len + crypto_aead_aegis256_ABYTES; ciphertext_len = message_len + crypto_aead_aegis256_ABYTES;
detached_ciphertext_len = message_len; detached_ciphertext_len = message_len;
expected_ciphertext = (unsigned char *)sodium_malloc(ciphertext_len); expected_ciphertext = (unsigned char *) sodium_malloc(ciphertext_len);
assert(strlen(tests[i].ciphertext_hex) == 2 * message_len); assert(strlen(tests[i].ciphertext_hex) == 2 * message_len);
sodium_hex2bin(expected_ciphertext, message_len, sodium_hex2bin(expected_ciphertext, message_len, tests[i].ciphertext_hex,
tests[i].ciphertext_hex, strlen(tests[i].ciphertext_hex), strlen(tests[i].ciphertext_hex), NULL, NULL, NULL);
NULL, NULL, NULL);
assert(strlen(tests[i].mac_hex) == 2 * crypto_aead_aegis256_ABYTES); assert(strlen(tests[i].mac_hex) == 2 * crypto_aead_aegis256_ABYTES);
sodium_hex2bin(expected_ciphertext + message_len, crypto_aead_aegis256_ABYTES, sodium_hex2bin(expected_ciphertext + message_len, crypto_aead_aegis256_ABYTES,
tests[i].mac_hex, strlen(tests[i].mac_hex), tests[i].mac_hex, strlen(tests[i].mac_hex), NULL, NULL, NULL);
NULL, NULL, NULL); ciphertext = (unsigned char *) sodium_malloc(ciphertext_len);
ciphertext = (unsigned char *)sodium_malloc(ciphertext_len); detached_ciphertext = (unsigned char *) sodium_malloc(detached_ciphertext_len);
detached_ciphertext = (unsigned char *)sodium_malloc(detached_ciphertext_len);
crypto_aead_aegis256_encrypt_detached(detached_ciphertext, mac, crypto_aead_aegis256_encrypt_detached(detached_ciphertext, mac, &found_mac_len, message,
&found_mac_len, message_len, ad, ad_len, NULL, nonce, key);
message, message_len,
ad, ad_len, NULL, nonce, key);
assert(found_mac_len == crypto_aead_aegis256_ABYTES); assert(found_mac_len == crypto_aead_aegis256_ABYTES);
if (memcmp(detached_ciphertext, expected_ciphertext, if (memcmp(detached_ciphertext, expected_ciphertext, detached_ciphertext_len) != 0 ||
detached_ciphertext_len) != 0 || memcmp(mac, expected_ciphertext + message_len, crypto_aead_aegis256_ABYTES) != 0) {
memcmp(mac, expected_ciphertext + message_len, printf("Detached encryption of test vector #%u failed\n", (unsigned int) i);
crypto_aead_aegis256_ABYTES) != 0) { hex = (char *) sodium_malloc((size_t) ciphertext_len * 2 + 1);
printf("Detached encryption of test vector #%u failed\n", (unsigned int)i); sodium_bin2hex(hex, (size_t) ciphertext_len * 2 + 1, ciphertext, ciphertext_len);
hex = (char *)sodium_malloc((size_t)ciphertext_len * 2 + 1);
sodium_bin2hex(hex, (size_t)ciphertext_len * 2 + 1,
ciphertext, ciphertext_len);
printf("Computed: [%s]\n", hex); printf("Computed: [%s]\n", hex);
sodium_free(hex); sodium_free(hex);
} }
crypto_aead_aegis256_encrypt(ciphertext, &found_ciphertext_len, crypto_aead_aegis256_encrypt(ciphertext, &found_ciphertext_len, message, message_len, ad,
message, message_len, ad_len, NULL, nonce, key);
ad, ad_len, NULL, nonce, key);
assert((size_t)found_ciphertext_len == ciphertext_len); assert((size_t) found_ciphertext_len == ciphertext_len);
if (memcmp(ciphertext, expected_ciphertext, ciphertext_len) != 0) { if (memcmp(ciphertext, expected_ciphertext, ciphertext_len) != 0) {
printf("Encryption of test vector #%u failed\n", (unsigned int)i); printf("Encryption of test vector #%u failed\n", (unsigned int) i);
hex = (char *)sodium_malloc((size_t)found_ciphertext_len * 2 + 1); hex = (char *) sodium_malloc((size_t) found_ciphertext_len * 2 + 1);
sodium_bin2hex(hex, (size_t)found_ciphertext_len * 2 + 1, sodium_bin2hex(hex, (size_t) found_ciphertext_len * 2 + 1, ciphertext, ciphertext_len);
ciphertext, ciphertext_len);
printf("Computed: [%s]\n", hex); printf("Computed: [%s]\n", hex);
sodium_free(hex); sodium_free(hex);
} }
decrypted = (unsigned char *)sodium_malloc(message_len); decrypted = (unsigned char *) sodium_malloc(message_len);
found_message_len = 1; found_message_len = 1;
if (crypto_aead_aegis256_decrypt(decrypted, &found_message_len, if (crypto_aead_aegis256_decrypt(decrypted, &found_message_len, NULL, ciphertext,
NULL, ciphertext, randombytes_uniform((uint32_t) ciphertext_len), ad, ad_len,
randombytes_uniform((uint32_t)ciphertext_len), nonce, key) != -1) {
ad, ad_len, nonce, key) != -1) {
printf("Verification of test vector #%u after truncation succeeded\n", printf("Verification of test vector #%u after truncation succeeded\n",
(unsigned int)i); (unsigned int) i);
} }
if (found_message_len != 0) { if (found_message_len != 0) {
printf("Message length should have been set to zero after a failure\n"); printf("Message length should have been set to zero after a failure\n");
} }
if (crypto_aead_aegis256_decrypt(decrypted, &found_message_len, if (crypto_aead_aegis256_decrypt(decrypted, &found_message_len, NULL, guard_page,
NULL, guard_page, randombytes_uniform(crypto_aead_aegis256_ABYTES), ad,
randombytes_uniform(crypto_aead_aegis256_ABYTES), ad_len, nonce, key) != -1) {
ad, ad_len, nonce, key) != -1) {
printf("Verification of test vector #%u with a truncated tag failed\n", printf("Verification of test vector #%u with a truncated tag failed\n",
(unsigned int)i); (unsigned int) i);
} }
if (crypto_aead_aegis256_decrypt(decrypted, &found_message_len, if (crypto_aead_aegis256_decrypt(decrypted, &found_message_len, NULL, ciphertext,
NULL, ciphertext, ciphertext_len, ciphertext_len, ad, ad_len, nonce, key) != 0) {
ad, ad_len, nonce, key) != 0) { printf("Verification of test vector #%u failed\n", (unsigned int) i);
printf("Verification of test vector #%u failed\n", (unsigned int)i);
} }
assert((size_t)found_message_len == message_len); assert((size_t) found_message_len == message_len);
if (memcmp(decrypted, message, message_len) != 0) { if (memcmp(decrypted, message, message_len) != 0) {
printf("Incorrect decryption of test vector #%u\n", (unsigned int)i); printf("Incorrect decryption of test vector #%u\n", (unsigned int) i);
} }
memset(decrypted, 0xd0, message_len); memset(decrypted, 0xd0, message_len);
if (crypto_aead_aegis256_decrypt_detached(decrypted, if (crypto_aead_aegis256_decrypt_detached(decrypted, NULL, detached_ciphertext,
NULL, detached_ciphertext, detached_ciphertext_len, mac, ad, ad_len, nonce,
detached_ciphertext_len, key) != 0) {
mac, ad, ad_len, nonce, key) != 0) { printf("Detached verification of test vector #%u failed\n", (unsigned int) i);
printf("Detached verification of test vector #%u failed\n", (unsigned int)i);
} }
if (memcmp(decrypted, message, message_len) != 0) { if (memcmp(decrypted, message, message_len) != 0) {
printf("Incorrect decryption of test vector #%u\n", (unsigned int)i); printf("Incorrect decryption of test vector #%u\n", (unsigned int) i);
} }
sodium_free(message); sodium_free(message);