libsodium/test/default/secretstream.c

234 lines
7.9 KiB
C
Raw Normal View History

#define TEST_NAME "secretstream"
#include "cmptest.h"
int
main(void)
{
crypto_secretstream_xchacha20poly1305_state *state;
2017-09-18 17:18:46 -04:00
unsigned char *ad;
2017-09-18 17:13:50 -04:00
unsigned char *header;
unsigned char *k;
unsigned char *c1, *c2, *c3;
unsigned char *m1, *m2, *m3;
unsigned char *m1_, *m2_, *m3_;
unsigned long long res_len;
2017-09-18 17:18:46 -04:00
size_t ad_len;
2017-09-18 17:13:50 -04:00
size_t m1_len, m2_len, m3_len;
int ret;
unsigned char tag;
state = (crypto_secretstream_xchacha20poly1305_state *)
sodium_malloc(crypto_secretstream_xchacha20poly1305_statebytes());
header = (unsigned char *)
2017-09-16 17:21:28 -04:00
sodium_malloc(crypto_secretstream_xchacha20poly1305_HEADERBYTES);
2017-09-18 17:18:46 -04:00
ad_len = randombytes_uniform(100);
m1_len = randombytes_uniform(1000);
m2_len = randombytes_uniform(1000);
m3_len = randombytes_uniform(1000);
c1 = (unsigned char *)
sodium_malloc(m1_len + crypto_secretstream_xchacha20poly1305_ABYTES);
c2 = (unsigned char *)
sodium_malloc(m2_len + crypto_secretstream_xchacha20poly1305_ABYTES);
c3 = (unsigned char *)
sodium_malloc(m3_len + crypto_secretstream_xchacha20poly1305_ABYTES);
2017-09-18 17:18:46 -04:00
ad = (unsigned char *) sodium_malloc(ad_len);
m1 = (unsigned char *) sodium_malloc(m1_len);
m2 = (unsigned char *) sodium_malloc(m2_len);
m3 = (unsigned char *) sodium_malloc(m3_len);
m1_ = (unsigned char *) sodium_malloc(m1_len);
m2_ = (unsigned char *) sodium_malloc(m2_len);
m3_ = (unsigned char *) sodium_malloc(m3_len);
2017-09-18 17:18:46 -04:00
randombytes_buf(ad, ad_len);
randombytes_buf(m1, m1_len);
memcpy(m1_, m1, m1_len);
randombytes_buf(m2, m2_len);
memcpy(m2_, m2, m2_len);
randombytes_buf(m3, m3_len);
memcpy(m3_, m3, m3_len);
k = (unsigned char *)
sodium_malloc(crypto_secretstream_xchacha20poly1305_KEYBYTES);
crypto_secretstream_xchacha20poly1305_keygen(k);
/* push */
ret = crypto_secretstream_xchacha20poly1305_init_push(state, header, k);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_push
2017-09-18 17:13:50 -04:00
(state, c1, &res_len, m1, m1_len, NULL, 0, 0);
assert(ret == 0);
2017-09-18 17:13:50 -04:00
assert(res_len == m1_len + crypto_secretstream_xchacha20poly1305_ABYTES);
ret = crypto_secretstream_xchacha20poly1305_push
2017-09-18 17:18:46 -04:00
(state, c2, NULL, m2, m2_len, ad, 0, 0);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_push
2017-09-18 17:18:46 -04:00
(state, c3, NULL, m3, m3_len, ad, ad_len,
crypto_secretstream_xchacha20poly1305_TAG_FINAL);
assert(ret == 0);
/* pull */
ret = crypto_secretstream_xchacha20poly1305_init_pull(state, header, k);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_pull
2017-09-18 17:13:50 -04:00
(state, m1, &res_len, &tag,
c1, m1_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == 0);
assert(tag == 0);
assert(memcmp(m1, m1_, m1_len) == 0);
2017-09-18 17:13:50 -04:00
assert(res_len == m1_len);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag,
c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == 0);
assert(tag == 0);
assert(memcmp(m2, m2_, m2_len) == 0);
2017-09-18 17:18:46 -04:00
if (ad_len > 0) {
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m3, NULL, &tag,
c3, m3_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
2017-09-18 17:18:46 -04:00
assert(ret == -1);
}
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m3, NULL, &tag,
c3, m3_len + crypto_secretstream_xchacha20poly1305_ABYTES, ad, ad_len);
assert(ret == 0);
assert(tag == crypto_secretstream_xchacha20poly1305_TAG_FINAL);
assert(memcmp(m3, m3_, m3_len) == 0);
/* previous with FINAL tag */
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m3, NULL, &tag,
c3, m3_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == -1);
/* previous without a tag */
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag,
c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == -1);
2017-09-18 17:13:50 -04:00
/* short ciphertext */
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag, c2,
randombytes_uniform(crypto_secretstream_xchacha20poly1305_ABYTES),
NULL, 0);
assert(ret == -1);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag, c2, 0, NULL, 0);
assert(ret == -1);
/* empty ciphertext */
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag, c2,
crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == -1);
/* without explicit rekeying */
ret = crypto_secretstream_xchacha20poly1305_init_push(state, header, k);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_push
(state, c1, NULL, m1, m1_len, NULL, 0, 0);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_push
(state, c2, NULL, m2, m2_len, NULL, 0, 0);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_init_pull(state, header, k);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m1, NULL, &tag,
c1, m1_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag,
c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == 0);
/* with explicit rekeying */
ret = crypto_secretstream_xchacha20poly1305_init_push(state, header, k);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_push
(state, c1, NULL, m1, m1_len, NULL, 0, 0);
assert(ret == 0);
crypto_secretstream_xchacha20poly1305_rekey(state);
ret = crypto_secretstream_xchacha20poly1305_push
(state, c2, NULL, m2, m2_len, NULL, 0, 0);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_init_pull(state, header, k);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m1, NULL, &tag,
c1, m1_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag,
c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == -1);
crypto_secretstream_xchacha20poly1305_rekey(state);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag,
c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == 0);
sodium_free(m3_);
sodium_free(m2_);
sodium_free(m1_);
sodium_free(m3);
sodium_free(m2);
sodium_free(m1);
2017-09-18 17:18:46 -04:00
sodium_free(ad);
sodium_free(c3);
sodium_free(c2);
sodium_free(c1);
sodium_free(k);
sodium_free(header);
sodium_free(state);
2017-08-25 08:51:02 -04:00
assert(crypto_secretstream_xchacha20poly1305_abytes() ==
crypto_secretstream_xchacha20poly1305_ABYTES);
2017-09-16 17:21:28 -04:00
assert(crypto_secretstream_xchacha20poly1305_headerbytes() ==
crypto_secretstream_xchacha20poly1305_HEADERBYTES);
2017-08-25 08:51:02 -04:00
assert(crypto_secretstream_xchacha20poly1305_keybytes() ==
crypto_secretstream_xchacha20poly1305_KEYBYTES);
2017-08-25 09:12:35 -04:00
assert(crypto_secretstream_xchacha20poly1305_messagebytes_max() ==
crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX);
2017-08-25 08:51:02 -04:00
assert(crypto_secretstream_xchacha20poly1305_tag_message() ==
crypto_secretstream_xchacha20poly1305_TAG_MESSAGE);
assert(crypto_secretstream_xchacha20poly1305_tag_push() ==
crypto_secretstream_xchacha20poly1305_TAG_PUSH);
assert(crypto_secretstream_xchacha20poly1305_tag_rekey() ==
crypto_secretstream_xchacha20poly1305_TAG_REKEY);
assert(crypto_secretstream_xchacha20poly1305_tag_final() ==
crypto_secretstream_xchacha20poly1305_TAG_FINAL);
printf("OK\n");
return 0;
}