chacha20.c revision 1.1
1 1.1 riastrad 2 1.1 riastrad #define TEST_NAME "chacha20" 3 1.1 riastrad #include "cmptest.h" 4 1.1 riastrad 5 1.1 riastrad static 6 1.1 riastrad void tv(void) 7 1.1 riastrad { 8 1.1 riastrad static struct { 9 1.1 riastrad const char *key_hex; 10 1.1 riastrad const char *nonce_hex; 11 1.1 riastrad } tests[] 12 1.1 riastrad = { { "0000000000000000000000000000000000000000000000000000000000000000", 13 1.1 riastrad "0000000000000000" }, 14 1.1 riastrad { "0000000000000000000000000000000000000000000000000000000000000001", 15 1.1 riastrad "0000000000000000" }, 16 1.1 riastrad { "0000000000000000000000000000000000000000000000000000000000000000", 17 1.1 riastrad "0000000000000001" }, 18 1.1 riastrad { "0000000000000000000000000000000000000000000000000000000000000000", 19 1.1 riastrad "0100000000000000" }, 20 1.1 riastrad { "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", 21 1.1 riastrad "0001020304050607" } }; 22 1.1 riastrad unsigned char key[crypto_stream_chacha20_KEYBYTES]; 23 1.1 riastrad unsigned char nonce[crypto_stream_chacha20_NONCEBYTES]; 24 1.1 riastrad unsigned char *part; 25 1.1 riastrad unsigned char out[160]; 26 1.1 riastrad unsigned char zero[160]; 27 1.1 riastrad char out_hex[160 * 2 + 1]; 28 1.1 riastrad size_t i = 0U; 29 1.1 riastrad size_t plen; 30 1.1 riastrad 31 1.1 riastrad memset(zero, 0, sizeof zero); 32 1.1 riastrad do { 33 1.1 riastrad sodium_hex2bin((unsigned char *)key, sizeof key, tests[i].key_hex, 34 1.1 riastrad strlen(tests[i].key_hex), NULL, NULL, NULL); 35 1.1 riastrad sodium_hex2bin(nonce, sizeof nonce, tests[i].nonce_hex, 36 1.1 riastrad strlen(tests[i].nonce_hex), NULL, NULL, NULL); 37 1.1 riastrad crypto_stream_chacha20(out, sizeof out, nonce, key); 38 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 39 1.1 riastrad printf("[%s]\n", out_hex); 40 1.1 riastrad for (plen = 1U; plen < sizeof out; plen++) { 41 1.1 riastrad part = (unsigned char *) sodium_malloc(plen); 42 1.1 riastrad crypto_stream_chacha20_xor(part, out, plen, nonce, key); 43 1.1 riastrad if (memcmp(part, zero, plen) != 0) { 44 1.1 riastrad printf("Failed with length %lu\n", (unsigned long) plen); 45 1.1 riastrad } 46 1.1 riastrad sodium_free(part); 47 1.1 riastrad } 48 1.1 riastrad } while (++i < (sizeof tests) / (sizeof tests[0])); 49 1.1 riastrad assert(66 <= sizeof out); 50 1.1 riastrad for (plen = 1U; plen < 66; plen += 3) { 51 1.1 riastrad memset(out, (int) (plen & 0xff), sizeof out); 52 1.1 riastrad crypto_stream_chacha20(out, plen, nonce, key); 53 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 54 1.1 riastrad printf("[%s]\n", out_hex); 55 1.1 riastrad } 56 1.1 riastrad randombytes_buf(out, sizeof out); 57 1.1 riastrad crypto_stream_chacha20(out, sizeof out, nonce, key); 58 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 59 1.1 riastrad printf("[%s]\n", out_hex); 60 1.1 riastrad 61 1.1 riastrad assert(crypto_stream_chacha20(out, 0U, nonce, key) == 0); 62 1.1 riastrad assert(crypto_stream_chacha20_xor(out, out, 0U, nonce, key) == 0); 63 1.1 riastrad assert(crypto_stream_chacha20_xor(out, out, 0U, nonce, key) == 0); 64 1.1 riastrad assert(crypto_stream_chacha20_xor_ic(out, out, 0U, nonce, 1U, key) == 0); 65 1.1 riastrad 66 1.1 riastrad memset(out, 0x42, sizeof out); 67 1.1 riastrad crypto_stream_chacha20_xor(out, out, sizeof out, nonce, key); 68 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 69 1.1 riastrad printf("[%s]\n", out_hex); 70 1.1 riastrad 71 1.1 riastrad crypto_stream_chacha20_xor_ic(out, out, sizeof out, nonce, 0U, key); 72 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 73 1.1 riastrad printf("[%s]\n", out_hex); 74 1.1 riastrad 75 1.1 riastrad crypto_stream_chacha20_xor_ic(out, out, sizeof out, nonce, 1U, key); 76 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 77 1.1 riastrad printf("[%s]\n", out_hex); 78 1.1 riastrad } 79 1.1 riastrad 80 1.1 riastrad static 81 1.1 riastrad void tv_ietf(void) 82 1.1 riastrad { 83 1.1 riastrad static struct { 84 1.1 riastrad const char *key_hex; 85 1.1 riastrad const char *nonce_hex; 86 1.1 riastrad uint32_t ic; 87 1.1 riastrad } tests[] 88 1.1 riastrad = { { "0000000000000000000000000000000000000000000000000000000000000000", 89 1.1 riastrad "000000000000000000000000", 90 1.1 riastrad 0U }, 91 1.1 riastrad { "0000000000000000000000000000000000000000000000000000000000000000", 92 1.1 riastrad "000000000000000000000000", 93 1.1 riastrad 1U }, 94 1.1 riastrad { "0000000000000000000000000000000000000000000000000000000000000001", 95 1.1 riastrad "000000000000000000000000", 96 1.1 riastrad 1U }, 97 1.1 riastrad { "00ff000000000000000000000000000000000000000000000000000000000000", 98 1.1 riastrad "000000000000000000000000", 99 1.1 riastrad 2U }, 100 1.1 riastrad { "0000000000000000000000000000000000000000000000000000000000000000", 101 1.1 riastrad "000000000000000000000002", 102 1.1 riastrad 0U }, 103 1.1 riastrad { "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", 104 1.1 riastrad "000000090000004a00000000", 105 1.1 riastrad 1U }, 106 1.1 riastrad { "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", 107 1.1 riastrad "000000090000004a00000000", 108 1.1 riastrad 0xffffffff }}; 109 1.1 riastrad unsigned char key[crypto_stream_chacha20_KEYBYTES]; 110 1.1 riastrad unsigned char nonce[crypto_stream_chacha20_IETF_NONCEBYTES]; 111 1.1 riastrad unsigned char *part; 112 1.1 riastrad unsigned char out[160]; 113 1.1 riastrad unsigned char zero[160]; 114 1.1 riastrad char out_hex[160 * 2 + 1]; 115 1.1 riastrad size_t i = 0U; 116 1.1 riastrad size_t plen; 117 1.1 riastrad 118 1.1 riastrad memset(zero, 0, sizeof zero); 119 1.1 riastrad do { 120 1.1 riastrad sodium_hex2bin((unsigned char *)key, sizeof key, tests[i].key_hex, 121 1.1 riastrad strlen(tests[i].key_hex), ": ", NULL, NULL); 122 1.1 riastrad sodium_hex2bin(nonce, sizeof nonce, tests[i].nonce_hex, 123 1.1 riastrad strlen(tests[i].nonce_hex), ": ", NULL, NULL); 124 1.1 riastrad memset(out, 0, sizeof out); 125 1.1 riastrad crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, tests[i].ic, key); 126 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 127 1.1 riastrad printf("[%s]\n", out_hex); 128 1.1 riastrad for (plen = 1U; plen < sizeof out; plen++) { 129 1.1 riastrad part = (unsigned char *) sodium_malloc(plen); 130 1.1 riastrad crypto_stream_chacha20_ietf_xor_ic(part, out, plen, nonce, tests[i].ic, key); 131 1.1 riastrad if (memcmp(part, zero, plen) != 0) { 132 1.1 riastrad printf("Failed with length %lu\n", (unsigned long) plen); 133 1.1 riastrad } 134 1.1 riastrad sodium_free(part); 135 1.1 riastrad } 136 1.1 riastrad } while (++i < (sizeof tests) / (sizeof tests[0])); 137 1.1 riastrad assert(66 <= sizeof out); 138 1.1 riastrad for (plen = 1U; plen < 66; plen += 3) { 139 1.1 riastrad memset(out, (int) (plen & 0xff), sizeof out); 140 1.1 riastrad crypto_stream_chacha20(out, plen, nonce, key); 141 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 142 1.1 riastrad printf("[%s]\n", out_hex); 143 1.1 riastrad } 144 1.1 riastrad randombytes_buf(out, sizeof out); 145 1.1 riastrad crypto_stream_chacha20_ietf(out, sizeof out, nonce, key); 146 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 147 1.1 riastrad printf("[%s]\n", out_hex); 148 1.1 riastrad 149 1.1 riastrad assert(crypto_stream_chacha20_ietf(out, 0U, nonce, key) == 0); 150 1.1 riastrad assert(crypto_stream_chacha20_ietf_xor(out, out, 0U, nonce, key) == 0); 151 1.1 riastrad assert(crypto_stream_chacha20_ietf_xor(out, out, 0U, nonce, key) == 0); 152 1.1 riastrad assert(crypto_stream_chacha20_ietf_xor_ic(out, out, 0U, nonce, 1U, key) == 0); 153 1.1 riastrad 154 1.1 riastrad memset(out, 0x42, sizeof out); 155 1.1 riastrad crypto_stream_chacha20_ietf_xor(out, out, sizeof out, nonce, key); 156 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 157 1.1 riastrad printf("[%s]\n", out_hex); 158 1.1 riastrad 159 1.1 riastrad crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, 0U, key); 160 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 161 1.1 riastrad printf("[%s]\n", out_hex); 162 1.1 riastrad 163 1.1 riastrad crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, 1U, key); 164 1.1 riastrad sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); 165 1.1 riastrad printf("[%s]\n", out_hex); 166 1.1 riastrad } 167 1.1 riastrad 168 1.1 riastrad int 169 1.1 riastrad main(void) 170 1.1 riastrad { 171 1.1 riastrad tv(); 172 1.1 riastrad tv_ietf(); 173 1.1 riastrad 174 1.1 riastrad assert(crypto_stream_chacha20_keybytes() > 0U); 175 1.1 riastrad assert(crypto_stream_chacha20_keybytes() == crypto_stream_chacha20_KEYBYTES); 176 1.1 riastrad assert(crypto_stream_chacha20_noncebytes() > 0U); 177 1.1 riastrad assert(crypto_stream_chacha20_noncebytes() == crypto_stream_chacha20_NONCEBYTES); 178 1.1 riastrad assert(crypto_stream_chacha20_messagebytes_max() == crypto_stream_chacha20_MESSAGEBYTES_MAX); 179 1.1 riastrad assert(crypto_stream_chacha20_ietf_keybytes() > 0U); 180 1.1 riastrad assert(crypto_stream_chacha20_ietf_keybytes() == crypto_stream_chacha20_ietf_KEYBYTES); 181 1.1 riastrad assert(crypto_stream_chacha20_ietf_noncebytes() > 0U); 182 1.1 riastrad assert(crypto_stream_chacha20_ietf_noncebytes() == crypto_stream_chacha20_ietf_NONCEBYTES); 183 1.1 riastrad assert(crypto_stream_chacha20_ietf_messagebytes_max() == crypto_stream_chacha20_ietf_MESSAGEBYTES_MAX); 184 1.1 riastrad 185 1.1 riastrad return 0; 186 1.1 riastrad } 187
Indexes created Tue Oct 21 16:10:11 GMT 2025