Commit aa9ccf8f authored by Niels Möller's avatar Niels Möller
Browse files

Test umac nonce increment.

parent 22b35e78
2013-04-16 Niels Möller <>
* testsuite/umac-test.c (test_incr): New function.
(test_main): Test nonce increment.
* misc/umac/ UMAC reference implementation.
* misc/umac/ AES implementation used by
* misc/umac/mkvectors: Script to generate UMAC test vectors.
......@@ -4,8 +4,6 @@
/* FIXME: Missing tests:
Getting to unlikely cases in the poly64 and poly128 operations.
Nonce increment and pad caching.
static void
......@@ -17,7 +15,7 @@ update (void *ctx, nettle_hash_update_func *f,
f(ctx, msg->length, msg->data);
f(ctx, length, msg->data);
static void
check_digest (const char *name, void *ctx, nettle_hash_digest_func *f,
const struct tstring *msg, unsigned length,
......@@ -34,8 +32,9 @@ check_digest (const char *name, void *ctx, nettle_hash_digest_func *f,
printf ("ref: "); print_hex (tag_length, ref);
abort ();
static void
test_umac (const struct tstring *key,
const struct tstring *nonce,
......@@ -89,7 +88,7 @@ test_umac (const struct tstring *key,
static void
test_align (const struct tstring *key,
test_align(const struct tstring *key,
const struct tstring *nonce,
const struct tstring *msg,
unsigned length,
......@@ -127,7 +126,7 @@ test_align (const struct tstring *key,
umac64_set_key (&ctx64, key->data);
umac64_set_nonce (&ctx64, nonce->length, nonce->data);
umac64_update(&ctx64, length, input);
check_digest ("umac64 (alignment)",
......@@ -155,6 +154,62 @@ test_align (const struct tstring *key,
free (buffer);
static void
test_incr (const struct tstring *key,
const struct tstring *nonce,
unsigned count,
const struct tstring *msg,
const struct tstring *ref32,
const struct tstring *ref64,
const struct tstring *ref128)
struct umac32_ctx ctx32;
struct umac64_ctx ctx64;
struct umac96_ctx ctx96;
struct umac128_ctx ctx128;
unsigned i;
ASSERT (key->length == UMAC_KEY_SIZE);
ASSERT (ref32->length == 4 * count);
ASSERT (ref64->length == 8 * count);
ASSERT (ref128->length == 16 * count);
umac32_set_key (&ctx32, key->data);
umac64_set_key (&ctx64, key->data);
umac96_set_key (&ctx96, key->data);
umac128_set_key (&ctx128, key->data);
if (nonce)
umac32_set_nonce (&ctx32, nonce->length, nonce->data);
umac64_set_nonce (&ctx64, nonce->length, nonce->data);
umac96_set_nonce (&ctx96, nonce->length, nonce->data);
umac128_set_nonce (&ctx128, nonce->length, nonce->data);
for (i = 0; i < count; i++)
umac32_update (&ctx32, msg->length, msg->data);
check_digest ("umac32 incr",
&ctx32, (nettle_hash_digest_func *) umac32_digest,
msg, i, 4, ref32->data + 4*i);
umac64_update (&ctx64, msg->length, msg->data);
check_digest ("umac64 incr",
&ctx64, (nettle_hash_digest_func *) umac64_digest,
msg, i, 8, ref64->data + 8*i);
umac96_update (&ctx96, msg->length, msg->data);
check_digest ("umac96 incr",
&ctx96, (nettle_hash_digest_func *) umac96_digest,
msg, i, 12, ref128->data + 16*i);
umac128_update (&ctx128, msg->length, msg->data);
check_digest ("umac128 incr",
&ctx128, (nettle_hash_digest_func *) umac128_digest,
msg, i, 16, ref128->data + 16*i);
......@@ -205,6 +260,40 @@ test_main(void)
test_incr (SDATA("abcdefghijklmnop"), NULL, 6,
SHEX("a0e94011 8c6fea51 6d897143 db1b28c5 a75e23b7 44ea26be"),
SHEX("a0e940111c9c2cd5 6d8971434be8ee41 c9c9aef87e2be502"
"a0a112b593656107 a75e23b7d419e03a 950526f26a8cc07a"),
test_incr (SDATA("abcdefghijklmnop"), SDATA("a"), 5,
SHEX("81b4ac24 b7e8aad0 f70246fe 0595f0bf a8e9fe85"),
SHEX("b7e8aad0da6e7f99 138814c6a03bdadf fb77dd1cd4c7074f"
"0595f0bf8585c7e2 817c0b7757cb60f7"),
test_incr (SDATA("abcdefghijklmnop"), SHEX("beafcafe"), 5,
SHEX("f19d9dc1 4604a56a 4ba9420e da86ff71 77facd79"),
SHEX("9e878413aa079032 9cfd7af0bb107748 4ba9420e55b6ba13"
"77facd797b686e24 9000c0de4f5f7236"),
/* Tests exercising various sizes of nonce and data: All nonce
lengths from 1 to 16 bytes. Data sizes chosen for testing for
various off-by-one errors,
......@@ -289,7 +378,7 @@ test_main(void)
test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmno"),
SDATA("defdefdefdefdef"), 2046,
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment