4 /* FIXME: Missing tests:
6 Getting to unlikely cases in the poly64 and poly128 operations.
10 update (void *ctx, nettle_hash_update_func *f,
11 const struct tstring *msg,
14 for (; length > msg->length; length -= msg->length)
15 f(ctx, msg->length, msg->data);
16 f(ctx, length, msg->data);
20 check_digest (const char *name, void *ctx, nettle_hash_digest_func *f,
21 const struct tstring *msg, unsigned length,
22 unsigned tag_length, const uint8_t *ref)
25 f(ctx, tag_length, tag);
26 if (memcmp (tag, ref, tag_length) != 0)
28 printf ("%s failed\n", name);
29 printf ("msg: "); print_hex (msg->length, msg->data);
30 printf ("length: %u\n", length);
31 printf ("tag: "); print_hex (tag_length, tag);
32 printf ("ref: "); print_hex (tag_length, ref);
39 test_umac (const struct tstring *key,
40 const struct tstring *nonce,
41 const struct tstring *msg,
43 const struct tstring *ref32,
44 const struct tstring *ref64,
45 const struct tstring *ref128)
47 struct umac32_ctx ctx32;
48 struct umac64_ctx ctx64;
49 struct umac96_ctx ctx96;
50 struct umac128_ctx ctx128;
52 ASSERT (key->length == UMAC_KEY_SIZE);
53 ASSERT (ref32->length == 4);
54 ASSERT (ref64->length == 8);
55 ASSERT (ref128->length == 16);
57 umac32_set_key (&ctx32, key->data);
58 umac32_set_nonce (&ctx32, nonce->length, nonce->data);
60 update(&ctx32, (nettle_hash_update_func *) umac32_update, msg, length);
62 check_digest ("umac32", &ctx32, (nettle_hash_digest_func *) umac32_digest,
63 msg, length, 4, ref32->data);
65 umac64_set_key (&ctx64, key->data);
66 umac64_set_nonce (&ctx64, nonce->length, nonce->data);
68 update(&ctx64, (nettle_hash_update_func *) umac64_update, msg, length);
70 check_digest ("umac64", &ctx64, (nettle_hash_digest_func *) umac64_digest,
71 msg, length, 8, ref64->data);
73 umac96_set_key (&ctx96, key->data);
74 umac96_set_nonce (&ctx96, nonce->length, nonce->data);
76 update(&ctx96, (nettle_hash_update_func *) umac96_update, msg, length);
78 check_digest ("umac96", &ctx96, (nettle_hash_digest_func *) umac96_digest,
79 msg, length, 12, ref128->data);
81 umac128_set_key (&ctx128, key->data);
82 umac128_set_nonce (&ctx128, nonce->length, nonce->data);
84 update(&ctx128, (nettle_hash_update_func *) umac128_update, msg, length);
86 check_digest ("umac128", &ctx128, (nettle_hash_digest_func *) umac128_digest,
87 msg, length, 16, ref128->data);
91 test_align(const struct tstring *key,
92 const struct tstring *nonce,
93 const struct tstring *msg,
95 const struct tstring *ref32,
96 const struct tstring *ref64,
97 const struct tstring *ref128)
99 uint8_t *buffer = xalloc(length + 16);
101 for (offset = 0; offset < 16; offset++)
103 struct umac32_ctx ctx32;
104 struct umac64_ctx ctx64;
105 struct umac96_ctx ctx96;
106 struct umac128_ctx ctx128;
111 memset(buffer, 17, length + 16);
112 input = buffer + offset;
114 for (i = 0; i + msg->length < length; i += msg->length)
115 memcpy (input + i, msg->data, msg->length);
116 memcpy (input + i, msg->data, length - i);
118 umac32_set_key (&ctx32, key->data);
119 umac32_set_nonce (&ctx32, nonce->length, nonce->data);
121 umac32_update(&ctx32, length, input);
123 check_digest ("umac32 (alignment)",
124 &ctx32, (nettle_hash_digest_func *) umac32_digest,
125 msg, length, 4, ref32->data);
127 umac64_set_key (&ctx64, key->data);
128 umac64_set_nonce (&ctx64, nonce->length, nonce->data);
130 umac64_update(&ctx64, length, input);
132 check_digest ("umac64 (alignment)",
133 &ctx64, (nettle_hash_digest_func *) umac64_digest,
134 msg, length, 8, ref64->data);
136 umac96_set_key (&ctx96, key->data);
137 umac96_set_nonce (&ctx96, nonce->length, nonce->data);
139 umac96_update(&ctx96, length, input);
141 check_digest ("umac96 (alignment)",
142 &ctx96, (nettle_hash_digest_func *) umac96_digest,
143 msg, length, 12, ref128->data);
145 umac128_set_key (&ctx128, key->data);
146 umac128_set_nonce (&ctx128, nonce->length, nonce->data);
148 umac128_update(&ctx128, length, input);
150 check_digest ("umac128 (alignment)",
151 &ctx128, (nettle_hash_digest_func *) umac128_digest,
152 msg, length, 16, ref128->data);
158 test_incr (const struct tstring *key,
159 const struct tstring *nonce,
161 const struct tstring *msg,
162 const struct tstring *ref32,
163 const struct tstring *ref64,
164 const struct tstring *ref128)
166 struct umac32_ctx ctx32;
167 struct umac64_ctx ctx64;
168 struct umac96_ctx ctx96;
169 struct umac128_ctx ctx128;
173 ASSERT (key->length == UMAC_KEY_SIZE);
174 ASSERT (ref32->length == 4 * count);
175 ASSERT (ref64->length == 8 * count);
176 ASSERT (ref128->length == 16 * count);
177 umac32_set_key (&ctx32, key->data);
178 umac64_set_key (&ctx64, key->data);
179 umac96_set_key (&ctx96, key->data);
180 umac128_set_key (&ctx128, key->data);
183 umac32_set_nonce (&ctx32, nonce->length, nonce->data);
184 umac64_set_nonce (&ctx64, nonce->length, nonce->data);
185 umac96_set_nonce (&ctx96, nonce->length, nonce->data);
186 umac128_set_nonce (&ctx128, nonce->length, nonce->data);
188 for (i = 0; i < count; i++)
190 umac32_update (&ctx32, msg->length, msg->data);
191 check_digest ("umac32 incr",
192 &ctx32, (nettle_hash_digest_func *) umac32_digest,
193 msg, i, 4, ref32->data + 4*i);
195 umac64_update (&ctx64, msg->length, msg->data);
196 check_digest ("umac64 incr",
197 &ctx64, (nettle_hash_digest_func *) umac64_digest,
198 msg, i, 8, ref64->data + 8*i);
200 umac96_update (&ctx96, msg->length, msg->data);
201 check_digest ("umac96 incr",
202 &ctx96, (nettle_hash_digest_func *) umac96_digest,
203 msg, i, 12, ref128->data + 16*i);
205 umac128_update (&ctx128, msg->length, msg->data);
206 check_digest ("umac128 incr",
207 &ctx128, (nettle_hash_digest_func *) umac128_digest,
208 msg, i, 16, ref128->data + 16*i);
216 /* From RFC 4418 (except that it lacks the last 32 bits of 128-bit
218 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghi"),
221 SHEX("6E155FAD26900BE1"),
222 SHEX("32fedb100c79ad58f07ff7643cc60465"));
223 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghi"),
226 SHEX("44B5CB542F220104"),
227 SHEX("185e4fe905cba7bd85e4c2dc3d117d8d"));
228 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghi"),
231 SHEX("26BF2F5D60118BD9"),
232 SHEX("7a54abe04af82d60fb298c3cbd195bcb"));
234 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghi"),
235 SDATA("aaaaaaaa"), 1<<15,
237 SHEX("27F8EF643B0D118D"),
238 SHEX("7b136bd911e4b734286ef2be501f2c3c"));
239 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghi"),
240 SDATA("aaaaaaaa"), 1<<20,
242 SHEX("A4477E87E9F55853"),
243 SHEX("f8acfa3ac31cfeea047f7b115b03bef5"));
245 /* For the 'a' * 2^25 testcase, see errata
246 http://fastcrypto.org/umac/rfc4418.errata.txt */
247 test_umac (SDATA("abcdefghijklmnop"), SDATA ("bcdefghi"),
248 SDATA ("aaaaaaaa"), 1<<25,
250 SHEX("FACA46F856E9B45F"),
251 SHEX("a621c2457c0012e64f3fdae9e7e1870c"));
252 test_umac (SDATA("abcdefghijklmnop"), SDATA ("bcdefghi"),
255 SHEX("D4D7B9F6BD4FBFCF"),
256 SHEX("883c3d4b97a61976ffcf232308cba5a5"));
257 test_umac (SDATA("abcdefghijklmnop"), SDATA ("bcdefghi"),
260 SHEX("D4CF26DDEFD5C01A"),
261 SHEX("8824a260c53c66a36c9260a62cb83aa1"));
263 test_incr (SDATA("abcdefghijklmnop"), NULL, 6,
265 SHEX("a0e94011 8c6fea51 6d897143 db1b28c5 a75e23b7 44ea26be"),
266 SHEX("a0e940111c9c2cd5 6d8971434be8ee41 c9c9aef87e2be502"
267 "a0a112b593656107 a75e23b7d419e03a 950526f26a8cc07a"),
268 SHEX("a0e940111c9c2cd5fa59090e3ac2061f"
269 "cbbf18b799fd0f4afb9216e52a89f247"
270 "c9c9aef87e2be50237716af8e24f8959"
271 "d6e96ef461f54d1c85aa66cbd76ca336"
272 "a75e23b7d419e03a02d55ebf1ba62824"
273 "2e63031d182a59b84f148d9a91de70a3"));
275 test_incr (SDATA("abcdefghijklmnop"), SDATA("a"), 5,
277 SHEX("81b4ac24 b7e8aad0 f70246fe 0595f0bf a8e9fe85"),
278 SHEX("b7e8aad0da6e7f99 138814c6a03bdadf fb77dd1cd4c7074f"
279 "0595f0bf8585c7e2 817c0b7757cb60f7"),
280 SHEX("d7604bffb5e368da5fe564da0068d2cc"
281 "138814c6a03bdadff7f1666e1bd881aa"
282 "86a016d9e67957c8ab5ebb78a673e4e9"
283 "0595f0bf8585c7e28dfab00598d4e612"
284 "3266ec16a9d85b4f0dc74ec8272238a9"));
286 test_incr (SDATA("abcdefghijklmnop"), SHEX("beafcafe"), 5,
287 SDATA("nonce-beaf-cafe"),
288 SHEX("f19d9dc1 4604a56a 4ba9420e da86ff71 77facd79"),
289 SHEX("9e878413aa079032 9cfd7af0bb107748 4ba9420e55b6ba13"
290 "77facd797b686e24 9000c0de4f5f7236"),
291 SHEX("9e878413aa0790329604f3b6ae980e58"
292 "f2b2dd5dab08bb3bc5e9a83e1b4ab2e7"
293 "4ba9420e55b6ba137d03443f6ee01734"
294 "2721ca2e1bcda53a54ae65e0da139c0d"
295 "9000c0de4f5f7236b81ae1a52e78a821"));
297 /* Tests exercising various sizes of nonce and data: All nonce
298 lengths from 1 to 16 bytes. Data sizes chosen for testing for
299 various off-by-one errors,
302 1020, 1021, 1022, 1023, 1024, 1025, 1026, 1027,
303 2046, 2047, 2048, 2049, 2050
304 16777212, 16777213, 16777214, 16777215, 16777216, 16777217,
305 16778239, 16778240, 16778241, 16778242, 16778243, 16778244
307 test_umac (SDATA("abcdefghijklmnop"), SDATA("b"),
308 SDATA("defdefdefdefdef"), 0,
310 SHEX("9e38f67da91a08d9"),
311 SHEX("9e38f67da91a08d9c980f4db4089c877"));
312 test_umac (SDATA("abcdefghijklmnop"), SDATA("bc"),
313 SDATA("defdefdefdefdef"), 1,
315 SHEX("fb0e207971b8e66a"),
316 SHEX("ef406c2ec70d0222f59e860eabb79ed0"));
317 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcd"),
318 SDATA("defdefdefdefdef"), 2,
320 SHEX("1ae6e02d73aa9ab2"),
321 SHEX("1ae6e02d73aa9ab2a27fb89e014dc07b"));
322 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcde"),
323 SDATA("defdefdefdefdef"), 3,
325 SHEX("c81cf22342e84302"),
326 SHEX("82626d0d575e01038e5e2cc6408216f5"));
327 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdef"),
328 SDATA("defdefdefdefdef"), 4,
330 SHEX("aba003e7bd673cc3"),
331 SHEX("aba003e7bd673cc368ba8513cecf2e7c"));
333 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefg"),
334 SDATA("defdefdefdefdef"), 1020,
336 SHEX("f98828a161bb4ae3"),
337 SHEX("d8b4811f747d588d7a913360960de7cf"));
338 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefgh"),
339 SDATA("defdefdefdefdef"), 1021,
341 SHEX("2d54936be5bff72d"),
342 SHEX("2d54936be5bff72d2e1052361163b474"));
343 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghi"),
344 SDATA("defdefdefdefdef"), 1022,
346 SHEX("2cee9784556387b3"),
347 SHEX("700513397f8a210a98938d3e7ac3bd88"));
348 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghij"),
349 SDATA("defdefdefdefdef"), 1023,
351 SHEX("24ac4284ca371f42"),
352 SHEX("24ac4284ca371f4280f60bd274633d67"));
353 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijk"),
354 SDATA("defdefdefdefdef"), 1024,
356 SHEX("64c6a0fd14615a76"),
357 SHEX("abc223116cedd2db5af365e641a97539"));
358 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijkl"),
359 SDATA("defdefdefdefdef"), 1025,
361 SHEX("93251e18e56bbdc4"),
362 SHEX("93251e18e56bbdc457de556f95c59931"));
363 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklm"),
364 SDATA("defdefdefdefdef"), 1026,
366 SHEX("5d98bd8dfaf16352"),
367 SHEX("c1298672e52386753383a15ed58c0e42"));
368 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmn"),
369 SDATA("defdefdefdefdef"), 1027,
371 SHEX("5b0557c9fdcf661b"),
372 SHEX("5b0557c9fdcf661b1758efc603516ebe"));
374 /* Test varying the alignment of the buffer eventually passed to
375 _umac_nh and _umac_nh_n. */
376 test_align (SDATA("abcdefghijklmnop"), SDATA("bcdefghijk"),
377 SDATA("defdefdefdefdef"), 1024,
379 SHEX("64c6a0fd14615a76"),
380 SHEX("abc223116cedd2db5af365e641a97539"));
382 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmno"),
383 SDATA("defdefdefdefdef"), 2046,
385 SHEX("65e85d47447c2277"),
386 SHEX("16bb5183017826ed47c9995c1e5834f3"));
387 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmnop"),
388 SDATA("defdefdefdefdef"), 2047,
390 SHEX("34d723a6cb1676d3"),
391 SHEX("34d723a6cb1676d3547a5064dc5b0a37"));
392 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmnopq"),
393 SDATA("defdefdefdefdef"), 2048,
395 SHEX("3968d5d0af147884"),
396 SHEX("84565620def1e3a614d274e87626f215"));
397 test_umac (SDATA("abcdefghijklmnop"), SDATA("b"),
398 SDATA("defdefdefdefdef"), 2049,
400 SHEX("ad1ee4ab606061c5"),
401 SHEX("ad1ee4ab606061c55e0d2ecfee59940a"));
402 test_umac (SDATA("abcdefghijklmnop"), SDATA("bc"),
403 SDATA("defdefdefdefdef"), 2050,
405 SHEX("835f4a8242100055"),
406 SHEX("971106d5f4a5e41dce40a91704cfe1f3"));
408 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcd"),
409 SDATA("defdefdefdefdef"), 16777212,
411 SHEX("7ef41cf351960aaf"),
412 SHEX("7ef41cf351960aaf729bb19fcee7d8c4"));
413 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcde"),
414 SDATA("defdefdefdefdef"), 16777213,
416 SHEX("ab250048807ff640"),
417 SHEX("e15b9f6695c9b441de035e9b10b8ac32"));
418 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdef"),
419 SDATA("defdefdefdefdef"), 16777214,
421 SHEX("ff42039fcfe1248e"),
422 SHEX("ff42039fcfe1248e36c19efed14d7140"));
423 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefg"),
424 SDATA("defdefdefdefdef"), 16777215,
426 SHEX("6be0ebda623d76df"),
427 SHEX("4adc426477fb64b1ce5afd76d505f048"));
428 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefgh"),
429 SDATA("defdefdefdefdef"), 16777216,
431 SHEX("42d8562a224a9e9a"),
432 SHEX("42d8562a224a9e9a75c2f85d39462d07"));
433 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghi"),
434 SDATA("defdefdefdefdef"), 16777217,
436 SHEX("374f09dbb0b84b88"),
437 SHEX("6ba48d669a51ed3195ebc2aa562ee71b"));
439 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghij"),
440 SDATA("defdefdefdefdef"), 16778239,
442 SHEX("876ca89ed045777b"),
443 SHEX("876ca89ed045777bf7efa7934e1758c2"));
444 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijk"),
445 SDATA("defdefdefdefdef"), 16778240,
447 SHEX("e1974b26fb35f2c6"),
448 SHEX("2e93c8ca83b97a6b1a21082e2a4c540d"));
449 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijkl"),
450 SDATA("defdefdefdefdef"), 16778241,
452 SHEX("ffced8f2494d85bf"),
453 SHEX("ffced8f2494d85bf0cb39408ddfe0295"));
454 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklm"),
455 SDATA("defdefdefdefdef"), 16778242,
457 SHEX("65a5bbdda3b85368"),
458 SHEX("f9148022bc6ab64f019e9db83704c17b"));
459 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmn"),
460 SDATA("defdefdefdefdef"), 16778243,
462 SHEX("50dc9565fbfc4884"),
463 SHEX(" 50dc9565fbfc48844a4be34403804605"));
464 test_umac (SDATA("abcdefghijklmnop"), SDATA("bcdefghijklmno"),
465 SDATA("defdefdefdefdef"), 16778244,
467 SHEX("04f163b7c2d5d849"),
468 SHEX("77a26f7387d1dcd39378a3220652cff7"));
projects / platform / upstream / nettle.git / blob