From aa9ccf8f4159b9ab4d1dcfb9512945e3c37f8748 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Tue, 16 Apr 2013 08:10:31 +0200
Subject: [PATCH] Test umac nonce increment.

---
 ChangeLog             |   3 ++
 testsuite/umac-test.c | 103 +++++++++++++++++++++++++++++++++++++++---
 2 files changed, 99 insertions(+), 7 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index c1c2ad11..8ecb0b93 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2013-04-16  Niels Möller  <nisse@lysator.liu.se>
 
+	* testsuite/umac-test.c (test_incr): New function.
+	(test_main): Test nonce increment.
+
 	* misc/umac/umac.py: UMAC reference implementation.
 	* misc/umac/rijndael.py: AES implementation used by umac.py.
 	* misc/umac/mkvectors: Script to generate UMAC test vectors.
diff --git a/testsuite/umac-test.c b/testsuite/umac-test.c
index 452596da..1e9a5580 100644
--- a/testsuite/umac-test.c
+++ b/testsuite/umac-test.c
@@ -4,8 +4,6 @@
 /* FIXME: Missing tests:
 
    Getting to unlikely cases in the poly64 and poly128 operations.
-
-   Nonce increment and pad caching.   
 */
 
 static void
@@ -17,7 +15,7 @@ update (void *ctx, nettle_hash_update_func *f,
     f(ctx, msg->length, msg->data);
   f(ctx, length, msg->data);
 }
-	
+
 static void
 check_digest (const char *name, void *ctx, nettle_hash_digest_func *f,
 	      const struct tstring *msg, unsigned length,
@@ -34,8 +32,9 @@ check_digest (const char *name, void *ctx, nettle_hash_digest_func *f,
       printf ("ref: "); print_hex (tag_length, ref);
       abort ();
     }
-  
+
 }
+
 static void
 test_umac (const struct tstring *key,
 	   const struct tstring *nonce,
@@ -89,7 +88,7 @@ test_umac (const struct tstring *key,
 }
 
 static void
-test_align (const struct tstring *key,
+test_align(const struct tstring *key,
 	   const struct tstring *nonce,
 	   const struct tstring *msg,
 	   unsigned length,
@@ -127,7 +126,7 @@ test_align (const struct tstring *key,
 
       umac64_set_key (&ctx64, key->data);
       umac64_set_nonce (&ctx64, nonce->length, nonce->data);
-  
+
       umac64_update(&ctx64, length, input);
 
       check_digest ("umac64 (alignment)",
@@ -155,6 +154,62 @@ test_align (const struct tstring *key,
   free (buffer);
 }
 
+static void
+test_incr (const struct tstring *key,
+	   const struct tstring *nonce,
+	   unsigned count,
+	   const struct tstring *msg,
+	   const struct tstring *ref32,
+	   const struct tstring *ref64,
+	   const struct tstring *ref128)
+{
+  struct umac32_ctx ctx32;
+  struct umac64_ctx ctx64;
+  struct umac96_ctx ctx96;
+  struct umac128_ctx ctx128;
+
+  unsigned i;
+
+  ASSERT (key->length == UMAC_KEY_SIZE);
+  ASSERT (ref32->length == 4 * count);
+  ASSERT (ref64->length == 8 * count);
+  ASSERT (ref128->length == 16 * count);
+  umac32_set_key (&ctx32, key->data);
+  umac64_set_key (&ctx64, key->data);
+  umac96_set_key (&ctx96, key->data);
+  umac128_set_key (&ctx128, key->data);
+  if (nonce)
+    {
+      umac32_set_nonce (&ctx32, nonce->length, nonce->data);
+      umac64_set_nonce (&ctx64, nonce->length, nonce->data);
+      umac96_set_nonce (&ctx96, nonce->length, nonce->data);
+      umac128_set_nonce (&ctx128, nonce->length, nonce->data);
+    }
+  for (i = 0; i < count; i++)
+    {
+      umac32_update (&ctx32, msg->length, msg->data);
+      check_digest ("umac32 incr",
+		    &ctx32, (nettle_hash_digest_func *) umac32_digest,
+		    msg, i, 4, ref32->data + 4*i);
+
+      umac64_update (&ctx64, msg->length, msg->data);
+      check_digest ("umac64 incr",
+		    &ctx64, (nettle_hash_digest_func *) umac64_digest,
+		    msg, i, 8, ref64->data + 8*i);
+
+      umac96_update (&ctx96, msg->length, msg->data);
+      check_digest ("umac96 incr",
+		    &ctx96, (nettle_hash_digest_func *) umac96_digest,
+		    msg, i, 12, ref128->data + 16*i);
+
+      umac128_update (&ctx128, msg->length, msg->data);
+      check_digest ("umac128 incr",
+		    &ctx128, (nettle_hash_digest_func *) umac128_digest,
+		    msg, i, 16, ref128->data + 16*i);
+
+    }
+}
+
 void
 test_main(void)
 {
@@ -205,6 +260,40 @@ test_main(void)
 	     SHEX("D4CF26DDEFD5C01A"),
 	     SHEX("8824a260c53c66a36c9260a62cb83aa1"));
 
+  test_incr (SDATA("abcdefghijklmnop"), NULL, 6,
+	     SDATA("zero"),
+	     SHEX("a0e94011 8c6fea51 6d897143 db1b28c5 a75e23b7 44ea26be"),
+	     SHEX("a0e940111c9c2cd5 6d8971434be8ee41 c9c9aef87e2be502"
+		  "a0a112b593656107 a75e23b7d419e03a 950526f26a8cc07a"),
+	     SHEX("a0e940111c9c2cd5fa59090e3ac2061f"
+		  "cbbf18b799fd0f4afb9216e52a89f247"
+		  "c9c9aef87e2be50237716af8e24f8959"
+		  "d6e96ef461f54d1c85aa66cbd76ca336"
+		  "a75e23b7d419e03a02d55ebf1ba62824"
+		  "2e63031d182a59b84f148d9a91de70a3"));
+
+  test_incr (SDATA("abcdefghijklmnop"), SDATA("a"), 5,
+	     SDATA("nonce-a"),
+	     SHEX("81b4ac24 b7e8aad0 f70246fe 0595f0bf a8e9fe85"),
+	     SHEX("b7e8aad0da6e7f99 138814c6a03bdadf fb77dd1cd4c7074f"
+		  "0595f0bf8585c7e2 817c0b7757cb60f7"),
+	     SHEX("d7604bffb5e368da5fe564da0068d2cc"
+		  "138814c6a03bdadff7f1666e1bd881aa"
+		  "86a016d9e67957c8ab5ebb78a673e4e9"
+		  "0595f0bf8585c7e28dfab00598d4e612"
+		  "3266ec16a9d85b4f0dc74ec8272238a9"));
+
+  test_incr (SDATA("abcdefghijklmnop"), SHEX("beafcafe"), 5,
+	     SDATA("nonce-beaf-cafe"),
+	     SHEX("f19d9dc1 4604a56a 4ba9420e da86ff71 77facd79"),
+	     SHEX("9e878413aa079032 9cfd7af0bb107748 4ba9420e55b6ba13"
+		  "77facd797b686e24 9000c0de4f5f7236"),
+	     SHEX("9e878413aa0790329604f3b6ae980e58"
+		  "f2b2dd5dab08bb3bc5e9a83e1b4ab2e7"
+		  "4ba9420e55b6ba137d03443f6ee01734"
+		  "2721ca2e1bcda53a54ae65e0da139c0d"
+		  "9000c0de4f5f7236b81ae1a52e78a821"));
+
   /* Tests exercising various sizes of nonce and data: All nonce
      lengths from 1 to 16 bytes. Data sizes chosen for testing for
      various off-by-one errors,
@@ -289,7 +378,7 @@ test_main(void)
 	      SHEX("3cada45a"),
 	      SHEX("64c6a0fd14615a76"),
 	      SHEX("abc223116cedd2db5af365e641a97539"));
-  
+
   test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmno"),
 	     SDATA("defdefdefdefdef"), 2046,
 	     SHEX("e12ddc9f"),
-- 
GitLab