From db9a1b61a13ca2d2d8003b6ff9c9cd7f398ea7ac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Sat, 8 Feb 2014 21:11:46 +0100
Subject: [PATCH] Improved chacha tests.
---
ChangeLog | 5 ++
testsuite/chacha-test.c | 178 ++++++++++++++++++++++++++++++++--------
2 files changed, 147 insertions(+), 36 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index a1030c95..f5b9b1aa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
2014-02-08 Niels Möller <nisse@lysator.liu.se>
+ * testsuite/chacha-test.c (test_chacha): For 20 rounds, use
+ chacha_crypt, and test varying the message length.
+ (test_main): Add second key stream block, for all testcases with
+ 20 rounds.
+
* chacha-crypt.c (chacha_crypt): Fixed block counter update.
2014-02-07 Niels Möller <nisse@lysator.liu.se>
diff --git a/testsuite/chacha-test.c b/testsuite/chacha-test.c
index 0e3fa604..0095333d 100644
--- a/testsuite/chacha-test.c
+++ b/testsuite/chacha-test.c
@@ -32,35 +32,67 @@ static void
test_chacha(const struct tstring *key, const struct tstring *iv,
const struct tstring *expected, unsigned rounds)
{
- /* Uses the _chacha_core function to be able to test different
- numbers of rounds. */
- /* FIXME: For rounds == 20, use crypt function, support more than
- one block, and test various short lengths. */
- uint32_t out[_CHACHA_STATE_LENGTH];
-
struct chacha_ctx ctx;
- ASSERT (expected->length == CHACHA_BLOCK_SIZE);
-
chacha_set_key (&ctx, key->length, key->data);
ASSERT (iv->length == CHACHA_IV_SIZE);
- chacha_set_iv(&ctx, iv->data);
-
- _chacha_core (out, ctx.state, rounds);
- if (!MEMEQ(CHACHA_BLOCK_SIZE, out, expected->data))
+ if (rounds == 20)
{
- printf("Error, expected:\n");
- tstring_print_hex (expected);
- printf("Got:\n");
- print_hex(CHACHA_BLOCK_SIZE, (uint8_t *) out);
- FAIL ();
+ uint8_t *data = xalloc (expected->length + 2);
+ data++;
+ size_t length;
+
+ for (length = 1; length <= expected->length; length++)
+ {
+ data[-1] = 17;
+ memset (data, 0, length);
+ data[length] = 17;
+ chacha_set_iv(&ctx, iv->data);
+ chacha_crypt (&ctx, length, data, data);
+
+ ASSERT (data[-1] == 17);
+ ASSERT (data[length] == 17);
+ if (!MEMEQ(length, data, expected->data))
+ {
+ printf("Error, length %u, expected:\n", (unsigned) length);
+ print_hex (length, expected->data);
+ printf("Got:\n");
+ print_hex(length, data);
+ FAIL ();
+ }
+ }
+ if (verbose)
+ {
+ printf("Result after encryption:\n");
+ print_hex(expected->length, data);
+ }
+ free (data - 1);
}
-
- if (verbose)
+ else
{
- printf("Result after encryption:\n");
- print_hex(CHACHA_BLOCK_SIZE, (uint8_t *) out);
+ /* Uses the _chacha_core function to be able to test different
+ numbers of rounds. */
+ uint32_t out[_CHACHA_STATE_LENGTH];
+ ASSERT (expected->length == CHACHA_BLOCK_SIZE);
+
+ chacha_set_iv(&ctx, iv->data);
+ _chacha_core (out, ctx.state, rounds);
+
+ if (!MEMEQ(CHACHA_BLOCK_SIZE, out, expected->data))
+ {
+ printf("Error, expected:\n");
+ tstring_print_hex (expected);
+ printf("Got:\n");
+ print_hex(CHACHA_BLOCK_SIZE, (uint8_t *) out);
+ FAIL ();
+ }
+
+ if (verbose)
+ {
+ printf("Result after encryption:\n");
+ print_hex(CHACHA_BLOCK_SIZE, (uint8_t *) out);
+ }
}
}
@@ -91,7 +123,12 @@ test_main(void)
SHEX("89670952608364fd 00b2f90936f031c8"
"e756e15dba04b849 3d00429259b20f46"
"cc04f111246b6c2c e066be3bfb32d9aa"
- "0fddfbc12123d4b9 e44f34dca05a103f"),
+ "0fddfbc12123d4b9 e44f34dca05a103f"
+
+ "6cd135c2878c832b 5896b134f6142a9d"
+ "4d8d0d8f1026d20a 0a81512cbce6e975"
+ "8a7143d021978022 a384141a80cea306"
+ "2f41f67a752e66ad 3411984c787e30ad"),
20);
test_chacha (SHEX("0000000000000000 0000000000000000"
@@ -100,7 +137,12 @@ test_main(void)
SHEX("76b8e0ada0f13d90 405d6ae55386bd28"
"bdd219b8a08ded1a a836efcc8b770dc7"
"da41597c5157488d 7724e03fb8d84a37"
- "6a43b8f41518a11c c387b669b2ee6586"),
+ "6a43b8f41518a11c c387b669b2ee6586"
+
+ "9f07e7be5551387a 98ba977c732d080d"
+ "cb0f29a048e36569 12c6533e32ee7aed"
+ "29b721769ce64e43 d57133b074d839d5"
+ "31ed1f28510afb45 ace10a1f4b794d6f"),
20);
@@ -126,7 +168,12 @@ test_main(void)
SHEX("ae56060d04f5b597 897ff2af1388dbce"
"ff5a2a4920335dc1 7a3cb1b1b10fbe70"
"ece8f4864d8c7cdf 0076453a8291c7db"
- "eb3aa9c9d10e8ca3 6be4449376ed7c42"),
+ "eb3aa9c9d10e8ca3 6be4449376ed7c42"
+
+ "fc3d471c34a36fbb f616bc0a0e7c5230"
+ "30d944f43ec3e78d d6a12466547cb4f7"
+ "b3cebd0a5005e762 e562d1375b7ac445"
+ "93a991b85d1a60fb a2035dfaa2a642d5"),
20);
test_chacha (SHEX("0100000000000000 0000000000000000"
@@ -135,7 +182,12 @@ test_main(void)
SHEX("c5d30a7ce1ec1193 78c84f487d775a85"
"42f13ece238a9455 e8229e888de85bbd"
"29eb63d0a17a5b99 9b52da22be4023eb"
- "07620a54f6fa6ad8 737b71eb0464dac0"),
+ "07620a54f6fa6ad8 737b71eb0464dac0"
+
+ "10f656e6d1fd5505 3e50c4875c9930a3"
+ "3f6d0263bd14dfd6 ab8c70521c19338b"
+ "2308b95cf8d0bb7d 202d2102780ea352"
+ "8f1cb48560f76b20 f382b942500fceac"),
20);
/* TC3: Single bit in IV set. All zero key */
@@ -160,7 +212,12 @@ test_main(void)
SHEX("1663879eb3f2c994 9e2388caa343d361"
"bb132771245ae6d0 27ca9cb010dc1fa7"
"178dc41f8278bc1f 64b3f12769a24097"
- "f40d63a86366bdb3 6ac08abe60c07fe8"),
+ "f40d63a86366bdb3 6ac08abe60c07fe8"
+
+ "b057375c89144408 cc744624f69f7f4c"
+ "cbd93366c92fc4df cada65f1b959d8c6"
+ "4dfc50de711fb464 16c2553cc60f21bb"
+ "fd006491cb17888b 4fb3521c4fdd8745"),
20);
test_chacha (SHEX("0000000000000000 0000000000000000"
@@ -169,7 +226,12 @@ test_main(void)
SHEX("ef3fdfd6c61578fb f5cf35bd3dd33b80"
"09631634d21e42ac 33960bd138e50d32"
"111e4caf237ee53c a8ad6426194a8854"
- "5ddc497a0b466e7d 6bbdb0041b2f586b"),
+ "5ddc497a0b466e7d 6bbdb0041b2f586b"
+
+ "5305e5e44aff19b2 35936144675efbe4"
+ "409eb7e8e5f1430f 5f5836aeb49bb532"
+ "8b017c4b9dc11f8a 03863fa803dc71d5"
+ "726b2b6b31aa3270 8afe5af1d6b69058"),
20);
/* TC4: All bits in key and IV are set. */
@@ -194,7 +256,12 @@ test_main(void)
SHEX("992947c3966126a0 e660a3e95db048de"
"091fb9e0185b1e41 e41015bb7ee50150"
"399e4760b262f9d5 3f26d8dd19e56f5c"
- "506ae0c3619fa67f b0c408106d0203ee"),
+ "506ae0c3619fa67f b0c408106d0203ee"
+
+ "40ea3cfa61fa32a2 fda8d1238a2135d9"
+ "d4178775240f9900 7064a6a7f0c731b6"
+ "7c227c52ef796b6b ed9f9059ba0614bc"
+ "f6dd6e38917f3b15 0e576375be50ed67"),
20);
test_chacha (SHEX("ffffffffffffffff ffffffffffffffff"
@@ -203,7 +270,12 @@ test_main(void)
SHEX("d9bf3f6bce6ed0b5 4254557767fb5744"
"3dd4778911b60605 5c39cc25e674b836"
"3feabc57fde54f79 0c52c8ae43240b79"
- "d49042b777bfd6cb 80e931270b7f50eb"),
+ "d49042b777bfd6cb 80e931270b7f50eb"
+
+ "5bac2acd86a836c5 dc98c116c1217ec3"
+ "1d3a63a9451319f0 97f3b4d6dab07787"
+ "19477d24d24b403a 12241d7cca064f79"
+ "0f1d51ccaff6b166 7d4bbca1958c4306"),
20);
/* TC5: Every even bit set in key and IV. */
@@ -229,7 +301,11 @@ test_main(void)
"3b26b0ead9f57dd0 9927837bc3067e4b"
"6bf299ad81f7f50c 8da83c7810bfc17b"
"b6f4813ab6c32695 7045fd3fd5e19915"
- ),
+
+ "ec744a6b9bf8cbdc b36d8b6a5499c68a"
+ "08ef7be6cc1e93f2 f5bcd2cad4e47c18"
+ "a3e5d94b5666382c 6d130d822dd56aac"
+ "b0f8195278e7b292 495f09868ddf12cc"),
20);
test_chacha (SHEX("5555555555555555 5555555555555555"
@@ -238,7 +314,12 @@ test_main(void)
SHEX("bea9411aa453c543 4a5ae8c92862f564"
"396855a9ea6e22d6 d3b50ae1b3663311"
"a4a3606c671d605c e16c3aece8e61ea1"
- "45c59775017bee2f a6f88afc758069f7"),
+ "45c59775017bee2f a6f88afc758069f7"
+
+ "e0b8f676e644216f 4d2a3422d7fa36c6"
+ "c4931aca950e9da4 2788e6d0b6d1cd83"
+ "8ef652e97b145b14 871eae6c6804c700"
+ "4db5ac2fce4c68c7 26d004b10fcaba86"),
20);
/* TC6: Every odd bit set in key and IV. */
@@ -263,7 +344,12 @@ test_main(void)
SHEX("fc79acbd58526103 862776aab20f3b7d"
"8d3149b2fab65766 299316b6e5b16684"
"de5de548c1b7d083 efd9e3052319e0c6"
- "254141da04a6586d f800f64d46b01c87"),
+ "254141da04a6586d f800f64d46b01c87"
+
+ "1f05bc67e07628eb e6f6865a2177e0b6"
+ "6a558aa7cc1e8ff1 a98d27f7071f8335"
+ "efce4537bb0ef7b5 73b32f32765f2900"
+ "7da53bba62e7a44d 006f41eb28fe15d6"),
20);
test_chacha (SHEX("aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa"
@@ -272,7 +358,12 @@ test_main(void)
SHEX("9aa2a9f656efde5a a7591c5fed4b35ae"
"a2895dec7cb4543b 9e9f21f5e7bcbcf3"
"c43c748a970888f8 248393a09d43e0b7"
- "e164bc4d0b0fb240 a2d72115c4808906"),
+ "e164bc4d0b0fb240 a2d72115c4808906"
+
+ "72184489440545d0 21d97ef6b693dfe5"
+ "b2c132d47e6f041c 9063651f96b623e6"
+ "2a11999a23b6f7c4 61b2153026ad5e86"
+ "6a2e597ed07b8401 dec63a0934c6b2a9"),
20);
/* TC7: Sequence patterns in key and IV. */
@@ -297,7 +388,12 @@ test_main(void)
SHEX("d1abf630467eb4f6 7f1cfb47cd626aae"
"8afedbbe4ff8fc5f e9cfae307e74ed45"
"1f1404425ad2b545 69d5f18148939971"
- "abb8fafc88ce4ac7 fe1c3d1f7a1eb7ca"),
+ "abb8fafc88ce4ac7 fe1c3d1f7a1eb7ca"
+
+ "e76ca87b61a97135 41497760dd9ae059"
+ "350cad0dcedfaa80 a883119a1a6f987f"
+ "d1ce91fd8ee08280 34b411200a9745a2"
+ "85554475d12afc04 887fef3516d12a2c"),
20);
test_chacha (SHEX("0011223344556677 8899aabbccddeeff"
@@ -331,7 +427,12 @@ test_main(void)
SHEX("826abdd84460e2e9 349f0ef4af5b179b"
"426e4b2d109a9c5b b44000ae51bea90a"
"496beeef62a76850 ff3f0402c4ddc99f"
- "6db07f151c1c0dfa c2e56565d6289625"),
+ "6db07f151c1c0dfa c2e56565d6289625"
+
+ "5b23132e7b469c7b fb88fa95d44ca5ae"
+ "3e45e848a4108e98 bad7a9eb15512784"
+ "a6a9e6e591dce674 120acaf9040ff50f"
+ "f3ac30ccfb5e1420 4f5e4268b90a8804"),
20);
test_chacha(SHEX("c46ec1b18ce8a878 725a37e780dfb735"
@@ -340,6 +441,11 @@ test_main(void)
SHEX("f63a89b75c2271f9 368816542ba52f06"
"ed49241792302b00 b5e8f80ae9a473af"
"c25b218f519af0fd d406362e8d69de7f"
- "54c604a6e00f353f 110f771bdca8ab92"),
+ "54c604a6e00f353f 110f771bdca8ab92"
+
+ "e5fbc34e60a1d9a9 db17345b0a402736"
+ "853bf910b060bdf1 f897b6290f01d138"
+ "ae2c4c90225ba9ea 14d518f55929dea0"
+ "98ca7a6ccfe61227 053c84e49a4a3332"),
20);
}
--
GitLab