projects / platform / upstream / nettle.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Revert "Merge branch 'upstream' into tizen"
[platform/upstream/nettle.git] / testsuite / salsa20-test.c
1 #include "testutils.h"
2 #include "salsa20.h"
3
4 #include "memxor.h"
5
6 static int
7 memzero_p (const uint8_t *p, size_t n)
8 {
9   size_t i;
10   for (i = 0; i < n; i++)
11     if (p[i])
12       return 0;
13   return 1;
14 }
15
16 /* The ecrypt testcases encrypt 512 zero bytes (8 blocks), then give
17    the xor of all blocks, and the data for block 0 (0-63), 3,4
18    (192-319), 7 (448-511) */
19
20 #define STREAM_LENGTH 512
21 static void
22 test_salsa20_stream(const struct tstring *key,
23                     const struct tstring *iv,
24                     const struct tstring *ciphertext,
25                     const struct tstring *xor_ref)
26 {
27   struct salsa20_ctx ctx;
28   uint8_t data[STREAM_LENGTH + 1];
29   uint8_t stream[STREAM_LENGTH + 1];
30   uint8_t xor[SALSA20_BLOCK_SIZE];
31   unsigned j;
32
33   ASSERT (iv->length == SALSA20_IV_SIZE);
34   ASSERT (ciphertext->length == 4*SALSA20_BLOCK_SIZE);
35   ASSERT (xor_ref->length == SALSA20_BLOCK_SIZE);
36
37   salsa20_set_key(&ctx, key->length, key->data);
38   salsa20_set_iv(&ctx, iv->data);
39   memset(stream, 0, STREAM_LENGTH + 1);
40   salsa20_crypt(&ctx, STREAM_LENGTH, stream, stream);
41   if (stream[STREAM_LENGTH])
42     {
43       fprintf(stderr, "Stream of %d bytes wrote too much!\n", STREAM_LENGTH);
44       FAIL();
45     }
46   if (!MEMEQ (64, stream, ciphertext->data))
47     {
48       fprintf(stderr, "Error failed, offset 0:\n");
49       fprintf(stderr, "\nOutput: ");
50       print_hex(64, stream);
51       fprintf(stderr, "\nExpected:");
52       print_hex(64, ciphertext->data);
53       fprintf(stderr, "\n");
54       FAIL();
55     }
56   if (!MEMEQ (128, stream + 192, ciphertext->data + 64))
57     {
58       fprintf(stderr, "Error failed, offset 192:\n");
59       fprintf(stderr, "\nOutput: ");
60       print_hex(128, stream + 192);
61       fprintf(stderr, "\nExpected:");
62       print_hex(64, ciphertext->data + 64);
63       fprintf(stderr, "\n");
64       FAIL();
65     }
66   if (!MEMEQ (64, stream + 448, ciphertext->data + 192))
67     {
68       fprintf(stderr, "Error failed, offset 448:\n");
69       fprintf(stderr, "\nOutput: ");
70       print_hex(64, stream + 448);
71       fprintf(stderr, "\nExpected:");
72       print_hex(64, ciphertext->data + 192);
73       fprintf(stderr, "\n");
74       FAIL();
75     }
76
77   memxor3 (xor, stream, stream + SALSA20_BLOCK_SIZE, SALSA20_BLOCK_SIZE);
78   for (j = 2*SALSA20_BLOCK_SIZE; j < STREAM_LENGTH; j += SALSA20_BLOCK_SIZE)
79     memxor (xor, stream + j, SALSA20_BLOCK_SIZE);
80
81   if (!MEMEQ (SALSA20_BLOCK_SIZE, xor, xor_ref->data))
82     {
83       fprintf(stderr, "Error failed, bad xor 448:\n");
84       fprintf(stderr, "\nOutput: ");
85       print_hex(SALSA20_BLOCK_SIZE, xor);
86       fprintf(stderr, "\nExpected:");
87       print_hex(SALSA20_BLOCK_SIZE, xor_ref->data);
88       fprintf(stderr, "\n");
89       FAIL();
90     }
91
92   for (j = 1; j <= STREAM_LENGTH; j++)
93     {
94       memset(data, 0, STREAM_LENGTH + 1);
95       salsa20_set_iv(&ctx, iv->data);
96       salsa20_crypt(&ctx, j, data, data);
97
98       if (!MEMEQ(j, data, stream))
99         {
100           fprintf(stderr, "Encrypt failed for length %u:\n", j);
101           fprintf(stderr, "\nOutput: ");
102           print_hex(j, data);
103           fprintf(stderr, "\nExpected:");
104           print_hex(j, stream);
105           fprintf(stderr, "\n");
106           FAIL();
107         }
108       if (!memzero_p (data + j, STREAM_LENGTH + 1 - j))
109         {
110           fprintf(stderr, "Encrypt failed for length %u, wrote too much:\n", j);
111           fprintf(stderr, "\nOutput: ");
112           print_hex(STREAM_LENGTH + 1 - j, data + j);
113           fprintf(stderr, "\n");
114           FAIL();
115         }
116     }
117 }
118
119 typedef void salsa20_func(struct salsa20_ctx *ctx,
120                           unsigned length, uint8_t *dst,
121                           const uint8_t *src);
122 static void
123 _test_salsa20(salsa20_func *crypt,
124               const struct tstring *key,
125               const struct tstring *iv,
126               const struct tstring *cleartext,
127               const struct tstring *ciphertext)
128 {
129   struct salsa20_ctx ctx;
130   uint8_t *data;
131   unsigned length;
132
133   ASSERT (cleartext->length == ciphertext->length);
134   length = cleartext->length;
135
136   ASSERT (iv->length == SALSA20_IV_SIZE);
137
138   data = xalloc(length + 1);
139
140   salsa20_set_key(&ctx, key->length, key->data);
141   salsa20_set_iv(&ctx, iv->data);
142   data[length] = 17;
143   crypt(&ctx, length, data, cleartext->data);
144   if (data[length] != 17)
145     {
146       fprintf(stderr, "Encrypt of %u bytes wrote too much!\nInput:", length);
147       tstring_print_hex(cleartext);
148       fprintf(stderr, "\n");
149       FAIL();
150     }
151   if (!MEMEQ(length, data, ciphertext->data))
152     {
153       fprintf(stderr, "Encrypt failed:\nInput:");
154       tstring_print_hex(cleartext);
155       fprintf(stderr, "\nOutput: ");
156       print_hex(length, data);
157       fprintf(stderr, "\nExpected:");
158       tstring_print_hex(ciphertext);
159       fprintf(stderr, "\n");
160       FAIL();
161     }
162   salsa20_set_key(&ctx, key->length, key->data);
163   salsa20_set_iv(&ctx, iv->data);
164   crypt(&ctx, length, data, data);
165
166   if (!MEMEQ(length, data, cleartext->data))
167     {
168       fprintf(stderr, "Decrypt failed:\nInput:");
169       tstring_print_hex(ciphertext);
170       fprintf(stderr, "\nOutput: ");
171       print_hex(length, data);
172       fprintf(stderr, "\nExpected:");
173       tstring_print_hex(cleartext);
174       fprintf(stderr, "\n");
175       FAIL();
176     }
177
178   free(data);
179 }
180
181 #define test_salsa20(key, iv, cleartext, ciphertext) \
182   _test_salsa20 (salsa20_crypt, (key), (iv), (cleartext), (ciphertext))
183
184 #define test_salsa20r12(key, iv, cleartext, ciphertext) \
185   _test_salsa20 (salsa20r12_crypt, (key), (iv), (cleartext), (ciphertext))
186
187   
188 void
189 test_main(void)
190 {
191   /* http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/reduced/12-rounds/verified.test-vectors?logsort=rev&rev=210&view=markup */
192   test_salsa20r12(SHEX("80000000 00000000 00000000 00000000"),
193                   SHEX("00000000 00000000"),
194                   SHEX("00000000 00000000"),
195                   SHEX("FC207DBF C76C5E17"));
196
197   test_salsa20r12(SHEX("00400000 00000000 00000000 00000000"),
198                   SHEX("00000000 00000000"),
199                   SHEX("00000000 00000000"),
200                   SHEX("6C11A3F9 5FEC7F48"));
201
202   test_salsa20r12(SHEX("09090909090909090909090909090909"),
203                   SHEX("0000000000000000"),
204                   SHEX("00000000 00000000"),
205                   SHEX("78E11FC3 33DEDE88"));
206
207   test_salsa20r12(SHEX("1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B"),
208                   SHEX("00000000 00000000"),
209                   SHEX("00000000 00000000"),
210                   SHEX("A6747461 1DF551FF"));
211
212   test_salsa20r12(SHEX("80000000000000000000000000000000"
213                        "00000000000000000000000000000000"),
214                   SHEX("00000000 00000000"),
215                   SHEX("00000000 00000000"),
216                   SHEX("AFE411ED 1C4E07E4"));
217
218   test_salsa20r12(SHEX("0053A6F94C9FF24598EB3E91E4378ADD"
219                        "3083D6297CCF2275C81B6EC11467BA0D"),
220                   SHEX("0D74DB42A91077DE"),
221                   SHEX("00000000 00000000"),
222                   SHEX("52E20CF8 775AE882"));
223
224   /* http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/verified.test-vectors?logsort=rev&rev=210&view=markup */
225
226   test_salsa20(SHEX("80000000 00000000 00000000 00000000"),
227                SHEX("00000000 00000000"),
228                SHEX("00000000 00000000"),
229                SHEX("4DFA5E48 1DA23EA0"));
230
231   test_salsa20(SHEX("00000000 00000000 00000000 00000000"),
232                SHEX("80000000 00000000"),
233                SHEX("00000000 00000000"),
234                SHEX("B66C1E44 46DD9557"));
235
236   test_salsa20(SHEX("0053A6F94C9FF24598EB3E91E4378ADD"),
237                SHEX("0D74DB42A91077DE"),
238                SHEX("00000000 00000000"),
239                SHEX("05E1E7BE B697D999"));
240
241   test_salsa20(SHEX("80000000 00000000 00000000 00000000"
242                     "00000000 00000000 00000000 00000000"),
243                SHEX("00000000 00000000"),
244                SHEX("00000000 00000000"),
245                SHEX("E3BE8FDD 8BECA2E3"));
246
247   test_salsa20(SHEX("00000000 00000000 00000000 00000000"
248                     "00000000 00000000 00000000 00000000"),
249                SHEX("80000000 00000000"),
250                SHEX("00000000 00000000"),
251                SHEX("2ABA3DC45B494700"));
252
253   test_salsa20(SHEX("0053A6F94C9FF24598EB3E91E4378ADD"
254                     "3083D6297CCF2275C81B6EC11467BA0D"),
255                SHEX("0D74DB42A91077DE"),
256                SHEX("00000000 00000000"),
257                SHEX("F5FAD53F 79F9DF58"));
258
259   test_salsa20_stream(SHEX("80000000000000000000000000000000"),
260                       SHEX("00000000 00000000"),
261                       SHEX("4DFA5E481DA23EA09A31022050859936"
262                            "DA52FCEE218005164F267CB65F5CFD7F"
263                            "2B4F97E0FF16924A52DF269515110A07"
264                            "F9E460BC65EF95DA58F740B7D1DBB0AA"
265                            "DA9C1581F429E0A00F7D67E23B730676"
266                            "783B262E8EB43A25F55FB90B3E753AEF"
267                            "8C6713EC66C51881111593CCB3E8CB8F"
268                            "8DE124080501EEEB389C4BCB6977CF95"
269                            "7D5789631EB4554400E1E025935DFA7B"
270                            "3E9039D61BDC58A8697D36815BF1985C"
271                            "EFDF7AE112E5BB81E37ECF0616CE7147"
272                            "FC08A93A367E08631F23C03B00A8DA2F"
273                            "B375703739DACED4DD4059FD71C3C47F"
274                            "C2F9939670FAD4A46066ADCC6A564578"
275                            "3308B90FFB72BE04A6B147CBE38CC0C3"
276                            "B9267C296A92A7C69873F9F263BE9703"),
277                       SHEX("F7A274D268316790A67EC058F45C0F2A"
278                            "067A99FCDE6236C0CEF8E056349FE54C"
279                            "5F13AC74D2539570FD34FEAB06C57205"
280                            "3949B59585742181A5A760223AFA22D4"));
281
282   test_salsa20_stream(SHEX("48494A4B4C4D4E4F5051525354555657"
283                            "58595A5B5C5D5E5F6061626364656667"),
284                       SHEX("0000000000000000"),
285                       SHEX("53AD3698A011F779AD71030F3EFBEBA0"
286                            "A7EE3C55789681B1591EF33A7BE521ED"
287                            "68FC36E58F53FFD6E1369B00E390E973"
288                            "F656ACB097E0D603BE59A0B8F7975B98"
289                            "A04698274C6AC6EC03F66ED3F94C08B7"
290                            "9FFDBF2A1610E6F5814905E73AD6D0D2"
291                            "8164EEB8450D8ED0BB4B644761B43512"
292                            "52DD5DDF00C31E3DABA0BC17691CCFDC"
293                            "B826C7F071E796D34E3BFFB3C96E76A1"
294                            "209388392806947C7F19B86D379FA3AE"
295                            "DFCD19EBF49803DACC6E577E5B97B0F6"
296                            "D2036B6624D8196C96FCF02C865D30C1"
297                            "B505D41E2C207FA1C0A0E93413DDCFFC"
298                            "9BECA8030AFFAC2466E56482DA0EF428"
299                            "E63880B5021D3051F18679505A2B9D4F"
300                            "9B2C5A2D271D276DE3F51DBEBA934436"),
301                       SHEX("7849651A820B1CDFE36D5D6632716534"
302                            "E0635EDEFD538122D80870B60FB055DB"
303                            "637C7CA2B78B116F83AFF46E40F8F71D"
304                            "4CD6D2E1B750D5E011D1DF2E80F7210A"));
305 }
306
307 /* Intermediate values for the first salsa20 test case.
308  0: 61707865       80        0        0
309            0 3120646e        0        0
310            0        0 79622d36       80
311            0        0        0 6b206574
312  1: 50e6ebaf 3093463d f190e454 9032fa35
313     b83c32b0 7fdf3d47 eff21454 a6bf53f6
314     59562a33 90327718 9bc1ab3d 49c5665e
315     4b9c6232 a5b70d82 b1169b3c 8273a766
316  2: 877140ed bc61b44d 60af1c4e 8a219997
317     dfa36b55 9dc00f65 e245efc8 ece54d32
318     72a63aac c0dc93d7 a1cd6536 b3d44ccb
319     8ebd332b c4022fa0 5d4ff16b  65f222e
320  3:  26693f1 c7ef1593  549a3a3 9396e54a
321     c899675e  1f815f3  47c648d   ebbc01
322     67f6ac0c d03d4afa 810d422e e7fd3e5b
323     8cd07539 3eb6917b 54e58e29 ef2c818d
324  4: 1dff67e3 39538859 717137d4  b935012
325     f279ff60 26098b57 4cc2cc68 752f0a9c
326     f62fef8b a3028de7 74c726e7 42bbaa73
327     85d7ae1b 36e9c191 791019b1 82263e6a
328  5: 5058d8b0 d3e44dcf 10bb47b1 7b673ef0
329     19f30031 111e4716 ec0295bc 6fd5bf67
330     12ffc7e4  d8b55c8  170d410 dd715714
331     dcd50b85 1f2bfff6 bde9be51 dbcb0b76
332  6: bc9cffbc 33ef9daa 8057f2b9 896b4878
333      705ae8b d14227c3 64a13629 112fc18c
334     bfe180ad eaf359a0 68467f43 a365bb13
335      6b1e849 e6cc8032 70e6c3fe cb0a55bb
336  7: 8d90ced2 54d545b4 85be446e b1632f4f
337     a071ac6a 90e0a919 33e1e736 ca25d574
338     a2b9cc17 7211ef22 c6d499c3 83fdd462
339     69a1c02c 4ee14ab4  33c7598 6c536d35
340  8: 27885144 2d2a552b f3f9bf1b 33ebeb6b
341     104b8b7a  a96110e 9acb26ae 9dba5b23
342     be384f78 4cdf3afc ef04b59d f0b9a6fe
343     ae50a69b  6c6ea81 f11fe33a 5abcb2ae
344  9: 3b2388b1 a820e0d9 1f008910 88c73d4e
345     fc306490 8188ba2d d0cae010 9a65a2e4
346     cf53e73f acec2667 4b870ab0 6cbfe29b
347     27295feb  2a801ee 16f1c6fe 4f40ae38
348 10: 6d52785f 5d421f38 d44f5a20 a7ec3b7c
349     c6a5c6cb f2a38eca  c45beae  69415ff
350     93bbc87e cad09b7b c4627081 55276967
351     3e13c4d8 aa4e20f4 2a485bf2 bcdbfc61
352 11: 5136a836 dd9db9bc 50366ca5 a65edf75
353     75bb5d1e 6bd4e822 cb52477c 7323b939
354     881133b8 38079a5c 14e61ea3  632aa57
355     ac091b61 fc1c6ca1 7e5fcc1a 329a1938
356 12: 5e0ca897 175e6c47 7a1e9674  609ad5a
357     ac25229b 49de7bae  370e70c f8bde5e7
358     21f81ab3 e6130800 9e2a3e8f 70eed5f1
359     d0fbb239 d78a8ea6 b644390a 2c582e03
360 13: 99fc90d3 f3e42871 78784440 a5885714
361     28084a8c 27900f47 e453b985 39b7ca44
362      81e5dbf 7860f2b0 693f4da0 74c5ce19
363      5f2d43d a9563322 7bd6f4da 4d2e97f5
364 14: 25571a99 3197dbee 50a1c7d7 91f0e753
365     2528837d 56153f81 287f5022 270918e4
366     42764fa3 fea16e5b 9ec649fe a4e5e669
367     8734b3d9 6fc1ae8a b79a8a04 af160a85
368 15: 34b906a6 3f56196a 6b690cbf 6c08907a
369     60cfba2b 819592a7 3c9b803a 1a3ce6d2
370      fdfc6af 282cd998 ad20e9ec  a0c76a1
371     772ffdcc ebf39c76 15579a67 dada9ba0
372 16: 3d87b380 5f9d893a c676cd97 e6d2b4b8
373     7d6ca34a 1dc97a79  e3de94b bccb03cd
374     12e2a81b 23b00e62 74d433a6 acedb4cb
375     6e34fe34 f4c034e4 b3349639 f6ac0473
376 17: e014e81d 916efb68 d833f0c9 2a0e2be9
377     a334791f 71573537 d5c5cb06 c8abbb8c
378     6abb97da 9031d7dc 9bea8440 90030a9c
379     6c2bdf8a  2649fbf 3a3aeef8 ee0d66c8
380 18: e9fb1dd3 80e4f86d 2bf2e408 d1809e73
381     20872c8d d93bc116 9012e00c 1c813d8e
382     45aa03ae 7136cba6 a6b85fc3 9e2d048a
383     48013f9e 1f2853d3  854c21d b9cdfb3c
384 19: 3d47db86 8392cea8 2cf87621 2cff7d58
385     dea99415 5800a055 e3661354 86701443
386      cc9d23f 616a0a0b 836c1eb9 6c1e72e7
387     24cba2f0 54be11a6 6dcb2586 a5663106
388 20: e6ee81e8 a03ea19d 2002319a 36998550
389     eefc52da e4e51bb3 b67c264f 7ffd5c5f
390     e0974f2b 4a9216ff 1bc4b21c  70a1095
391     bc60e4f9 da95ef65 b740f758 3f90765d
392 */
Domain: Security / Access Control;