From e89c43edf6ef50945735be63b4b2577101395431 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 6 Dec 2017 11:45:47 +0000 Subject: [PATCH] secretstream: add a test for rekeying using TAG_REKEY --- test/default/secretstream.c | 53 +++++++++++++++++++++++++++++++++++-- 1 file changed, 51 insertions(+), 2 deletions(-) diff --git a/test/default/secretstream.c b/test/default/secretstream.c index 4e420d9b..63c64438 100644 --- a/test/default/secretstream.c +++ b/test/default/secretstream.c @@ -5,12 +5,12 @@ int main(void) { - crypto_secretstream_xchacha20poly1305_state *state; + crypto_secretstream_xchacha20poly1305_state *state, *statesave; crypto_secretstream_xchacha20poly1305_state state_copy; unsigned char *ad; unsigned char *header; unsigned char *k; - unsigned char *c1, *c2, *c3; + unsigned char *c1, *c2, *c3, *csave; unsigned char *m1, *m2, *m3; unsigned char *m1_, *m2_, *m3_; unsigned long long res_len; @@ -21,6 +21,8 @@ main(void) state = (crypto_secretstream_xchacha20poly1305_state *) sodium_malloc(crypto_secretstream_xchacha20poly1305_statebytes()); + statesave = (crypto_secretstream_xchacha20poly1305_state *) + sodium_malloc(crypto_secretstream_xchacha20poly1305_statebytes()); header = (unsigned char *) sodium_malloc(crypto_secretstream_xchacha20poly1305_HEADERBYTES); @@ -35,6 +37,8 @@ main(void) sodium_malloc(m2_len + crypto_secretstream_xchacha20poly1305_ABYTES); c3 = (unsigned char *) sodium_malloc(m3_len + crypto_secretstream_xchacha20poly1305_ABYTES); + csave = (unsigned char *) + sodium_malloc((m1_len | m2_len | m3_len) + crypto_secretstream_xchacha20poly1305_ABYTES); ad = (unsigned char *) sodium_malloc(ad_len); m1 = (unsigned char *) sodium_malloc(m1_len); @@ -196,6 +200,49 @@ main(void) c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0); assert(ret == 0); + /* with explicit rekeying using TAG_REKEY */ + + ret = crypto_secretstream_xchacha20poly1305_init_push(state, header, k); + assert(ret == 0); + + memcpy(statesave, state, sizeof *state); + + ret = crypto_secretstream_xchacha20poly1305_push + (state, c1, NULL, m1, m1_len, NULL, 0, crypto_secretstream_xchacha20poly1305_TAG_REKEY); + assert(ret == 0); + + ret = crypto_secretstream_xchacha20poly1305_push + (state, c2, NULL, m2, m2_len, NULL, 0, 0); + assert(ret == 0); + + memcpy(csave, c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES); + + ret = crypto_secretstream_xchacha20poly1305_init_pull(state, header, k); + assert(ret == 0); + ret = crypto_secretstream_xchacha20poly1305_pull + (state, m1, NULL, &tag, + c1, m1_len + crypto_secretstream_xchacha20poly1305_ABYTES, &tag, 0); + assert(ret == 0); + assert(tag == crypto_secretstream_xchacha20poly1305_TAG_REKEY); + + ret = crypto_secretstream_xchacha20poly1305_pull + (state, m2, NULL, &tag, + c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, &tag, 0); + assert(ret == 0); + assert(tag == 0); + + memcpy(state, statesave, sizeof *state); + + ret = crypto_secretstream_xchacha20poly1305_push + (state, c1, NULL, m1, m1_len, NULL, 0, 0); + assert(ret == 0); + + ret = crypto_secretstream_xchacha20poly1305_push + (state, c2, NULL, m2, m2_len, NULL, 0, 0); + assert(ret == 0); + + assert(memcmp(csave, c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES) != 0); + /* New stream */ ret = crypto_secretstream_xchacha20poly1305_init_push(state, header, k); @@ -249,11 +296,13 @@ main(void) sodium_free(m2); sodium_free(m1); sodium_free(ad); + sodium_free(csave); sodium_free(c3); sodium_free(c2); sodium_free(c1); sodium_free(k); sodium_free(header); + sodium_free(statesave); sodium_free(state); assert(crypto_secretstream_xchacha20poly1305_abytes() ==