Commit aa9ccf8f authored by Niels Möller's avatar Niels Möller

Test umac nonce increment.

parent 22b35e78
2013-04-16 Niels Möller <nisse@lysator.liu.se>
* testsuite/umac-test.c (test_incr): New function.
(test_main): Test nonce increment.
* misc/umac/umac.py: UMAC reference implementation.
* misc/umac/rijndael.py: AES implementation used by umac.py.
* misc/umac/mkvectors: Script to generate UMAC test vectors.
......
......@@ -4,8 +4,6 @@
/* FIXME: Missing tests:
Getting to unlikely cases in the poly64 and poly128 operations.
Nonce increment and pad caching.
*/
static void
......@@ -17,7 +15,7 @@ update (void *ctx, nettle_hash_update_func *f,
f(ctx, msg->length, msg->data);
f(ctx, length, msg->data);
}
static void
check_digest (const char *name, void *ctx, nettle_hash_digest_func *f,
const struct tstring *msg, unsigned length,
......@@ -34,8 +32,9 @@ check_digest (const char *name, void *ctx, nettle_hash_digest_func *f,
printf ("ref: "); print_hex (tag_length, ref);
abort ();
}
}
static void
test_umac (const struct tstring *key,
const struct tstring *nonce,
......@@ -89,7 +88,7 @@ test_umac (const struct tstring *key,
}
static void
test_align (const struct tstring *key,
test_align(const struct tstring *key,
const struct tstring *nonce,
const struct tstring *msg,
unsigned length,
......@@ -127,7 +126,7 @@ test_align (const struct tstring *key,
umac64_set_key (&ctx64, key->data);
umac64_set_nonce (&ctx64, nonce->length, nonce->data);
umac64_update(&ctx64, length, input);
check_digest ("umac64 (alignment)",
......@@ -155,6 +154,62 @@ test_align (const struct tstring *key,
free (buffer);
}
static void
test_incr (const struct tstring *key,
const struct tstring *nonce,
unsigned count,
const struct tstring *msg,
const struct tstring *ref32,
const struct tstring *ref64,
const struct tstring *ref128)
{
struct umac32_ctx ctx32;
struct umac64_ctx ctx64;
struct umac96_ctx ctx96;
struct umac128_ctx ctx128;
unsigned i;
ASSERT (key->length == UMAC_KEY_SIZE);
ASSERT (ref32->length == 4 * count);
ASSERT (ref64->length == 8 * count);
ASSERT (ref128->length == 16 * count);
umac32_set_key (&ctx32, key->data);
umac64_set_key (&ctx64, key->data);
umac96_set_key (&ctx96, key->data);
umac128_set_key (&ctx128, key->data);
if (nonce)
{
umac32_set_nonce (&ctx32, nonce->length, nonce->data);
umac64_set_nonce (&ctx64, nonce->length, nonce->data);
umac96_set_nonce (&ctx96, nonce->length, nonce->data);
umac128_set_nonce (&ctx128, nonce->length, nonce->data);
}
for (i = 0; i < count; i++)
{
umac32_update (&ctx32, msg->length, msg->data);
check_digest ("umac32 incr",
&ctx32, (nettle_hash_digest_func *) umac32_digest,
msg, i, 4, ref32->data + 4*i);
umac64_update (&ctx64, msg->length, msg->data);
check_digest ("umac64 incr",
&ctx64, (nettle_hash_digest_func *) umac64_digest,
msg, i, 8, ref64->data + 8*i);
umac96_update (&ctx96, msg->length, msg->data);
check_digest ("umac96 incr",
&ctx96, (nettle_hash_digest_func *) umac96_digest,
msg, i, 12, ref128->data + 16*i);
umac128_update (&ctx128, msg->length, msg->data);
check_digest ("umac128 incr",
&ctx128, (nettle_hash_digest_func *) umac128_digest,
msg, i, 16, ref128->data + 16*i);
}
}
void
test_main(void)
{
......@@ -205,6 +260,40 @@ test_main(void)
SHEX("D4CF26DDEFD5C01A"),
SHEX("8824a260c53c66a36c9260a62cb83aa1"));
test_incr (SDATA("abcdefghijklmnop"), NULL, 6,
SDATA("zero"),
SHEX("a0e94011 8c6fea51 6d897143 db1b28c5 a75e23b7 44ea26be"),
SHEX("a0e940111c9c2cd5 6d8971434be8ee41 c9c9aef87e2be502"
"a0a112b593656107 a75e23b7d419e03a 950526f26a8cc07a"),
SHEX("a0e940111c9c2cd5fa59090e3ac2061f"
"cbbf18b799fd0f4afb9216e52a89f247"
"c9c9aef87e2be50237716af8e24f8959"
"d6e96ef461f54d1c85aa66cbd76ca336"
"a75e23b7d419e03a02d55ebf1ba62824"
"2e63031d182a59b84f148d9a91de70a3"));
test_incr (SDATA("abcdefghijklmnop"), SDATA("a"), 5,
SDATA("nonce-a"),
SHEX("81b4ac24 b7e8aad0 f70246fe 0595f0bf a8e9fe85"),
SHEX("b7e8aad0da6e7f99 138814c6a03bdadf fb77dd1cd4c7074f"
"0595f0bf8585c7e2 817c0b7757cb60f7"),
SHEX("d7604bffb5e368da5fe564da0068d2cc"
"138814c6a03bdadff7f1666e1bd881aa"
"86a016d9e67957c8ab5ebb78a673e4e9"
"0595f0bf8585c7e28dfab00598d4e612"
"3266ec16a9d85b4f0dc74ec8272238a9"));
test_incr (SDATA("abcdefghijklmnop"), SHEX("beafcafe"), 5,
SDATA("nonce-beaf-cafe"),
SHEX("f19d9dc1 4604a56a 4ba9420e da86ff71 77facd79"),
SHEX("9e878413aa079032 9cfd7af0bb107748 4ba9420e55b6ba13"
"77facd797b686e24 9000c0de4f5f7236"),
SHEX("9e878413aa0790329604f3b6ae980e58"
"f2b2dd5dab08bb3bc5e9a83e1b4ab2e7"
"4ba9420e55b6ba137d03443f6ee01734"
"2721ca2e1bcda53a54ae65e0da139c0d"
"9000c0de4f5f7236b81ae1a52e78a821"));
/* Tests exercising various sizes of nonce and data: All nonce
lengths from 1 to 16 bytes. Data sizes chosen for testing for
various off-by-one errors,
......@@ -289,7 +378,7 @@ test_main(void)
SHEX("3cada45a"),
SHEX("64c6a0fd14615a76"),
SHEX("abc223116cedd2db5af365e641a97539"));
test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmno"),
SDATA("defdefdefdefdef"), 2046,
SHEX("e12ddc9f"),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment