secretstream: add a test for rekeying using TAG_REKEY

This commit is contained in:
Frank Denis 2017-12-06 11:45:47 +00:00
parent 18e2038fbb
commit e89c43edf6

View File

@ -5,12 +5,12 @@
int int
main(void) main(void)
{ {
crypto_secretstream_xchacha20poly1305_state *state; crypto_secretstream_xchacha20poly1305_state *state, *statesave;
crypto_secretstream_xchacha20poly1305_state state_copy; crypto_secretstream_xchacha20poly1305_state state_copy;
unsigned char *ad; unsigned char *ad;
unsigned char *header; unsigned char *header;
unsigned char *k; unsigned char *k;
unsigned char *c1, *c2, *c3; unsigned char *c1, *c2, *c3, *csave;
unsigned char *m1, *m2, *m3; unsigned char *m1, *m2, *m3;
unsigned char *m1_, *m2_, *m3_; unsigned char *m1_, *m2_, *m3_;
unsigned long long res_len; unsigned long long res_len;
@ -21,6 +21,8 @@ main(void)
state = (crypto_secretstream_xchacha20poly1305_state *) state = (crypto_secretstream_xchacha20poly1305_state *)
sodium_malloc(crypto_secretstream_xchacha20poly1305_statebytes()); sodium_malloc(crypto_secretstream_xchacha20poly1305_statebytes());
statesave = (crypto_secretstream_xchacha20poly1305_state *)
sodium_malloc(crypto_secretstream_xchacha20poly1305_statebytes());
header = (unsigned char *) header = (unsigned char *)
sodium_malloc(crypto_secretstream_xchacha20poly1305_HEADERBYTES); sodium_malloc(crypto_secretstream_xchacha20poly1305_HEADERBYTES);
@ -35,6 +37,8 @@ main(void)
sodium_malloc(m2_len + crypto_secretstream_xchacha20poly1305_ABYTES); sodium_malloc(m2_len + crypto_secretstream_xchacha20poly1305_ABYTES);
c3 = (unsigned char *) c3 = (unsigned char *)
sodium_malloc(m3_len + crypto_secretstream_xchacha20poly1305_ABYTES); sodium_malloc(m3_len + crypto_secretstream_xchacha20poly1305_ABYTES);
csave = (unsigned char *)
sodium_malloc((m1_len | m2_len | m3_len) + crypto_secretstream_xchacha20poly1305_ABYTES);
ad = (unsigned char *) sodium_malloc(ad_len); ad = (unsigned char *) sodium_malloc(ad_len);
m1 = (unsigned char *) sodium_malloc(m1_len); m1 = (unsigned char *) sodium_malloc(m1_len);
@ -196,6 +200,49 @@ main(void)
c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0); c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, NULL, 0);
assert(ret == 0); assert(ret == 0);
/* with explicit rekeying using TAG_REKEY */
ret = crypto_secretstream_xchacha20poly1305_init_push(state, header, k);
assert(ret == 0);
memcpy(statesave, state, sizeof *state);
ret = crypto_secretstream_xchacha20poly1305_push
(state, c1, NULL, m1, m1_len, NULL, 0, crypto_secretstream_xchacha20poly1305_TAG_REKEY);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_push
(state, c2, NULL, m2, m2_len, NULL, 0, 0);
assert(ret == 0);
memcpy(csave, c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES);
ret = crypto_secretstream_xchacha20poly1305_init_pull(state, header, k);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m1, NULL, &tag,
c1, m1_len + crypto_secretstream_xchacha20poly1305_ABYTES, &tag, 0);
assert(ret == 0);
assert(tag == crypto_secretstream_xchacha20poly1305_TAG_REKEY);
ret = crypto_secretstream_xchacha20poly1305_pull
(state, m2, NULL, &tag,
c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES, &tag, 0);
assert(ret == 0);
assert(tag == 0);
memcpy(state, statesave, sizeof *state);
ret = crypto_secretstream_xchacha20poly1305_push
(state, c1, NULL, m1, m1_len, NULL, 0, 0);
assert(ret == 0);
ret = crypto_secretstream_xchacha20poly1305_push
(state, c2, NULL, m2, m2_len, NULL, 0, 0);
assert(ret == 0);
assert(memcmp(csave, c2, m2_len + crypto_secretstream_xchacha20poly1305_ABYTES) != 0);
/* New stream */ /* New stream */
ret = crypto_secretstream_xchacha20poly1305_init_push(state, header, k); ret = crypto_secretstream_xchacha20poly1305_init_push(state, header, k);
@ -249,11 +296,13 @@ main(void)
sodium_free(m2); sodium_free(m2);
sodium_free(m1); sodium_free(m1);
sodium_free(ad); sodium_free(ad);
sodium_free(csave);
sodium_free(c3); sodium_free(c3);
sodium_free(c2); sodium_free(c2);
sodium_free(c1); sodium_free(c1);
sodium_free(k); sodium_free(k);
sodium_free(header); sodium_free(header);
sodium_free(statesave);
sodium_free(state); sodium_free(state);
assert(crypto_secretstream_xchacha20poly1305_abytes() == assert(crypto_secretstream_xchacha20poly1305_abytes() ==