1 // Copyright 2017 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
14 // Test cases are from RFC 4231, and match those present in the tests directory
15 // of the download here: https://nacl.cr.yp.to/install.html
16 var testCases = []struct {
23 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
24 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
25 0x0b, 0x0b, 0x0b, 0x0b,
27 msg: []byte("Hi There"),
29 0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d,
30 0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0,
31 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78,
32 0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde,
36 key: [32]byte{'J', 'e', 'f', 'e'},
37 msg: []byte("what do ya want for nothing?"),
39 0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2,
40 0xe3, 0x95, 0xfb, 0xe7, 0x3b, 0x56, 0xe0, 0xa3,
41 0x87, 0xbd, 0x64, 0x22, 0x2e, 0x83, 0x1f, 0xd6,
42 0x10, 0x27, 0x0c, 0xd7, 0xea, 0x25, 0x05, 0x54,
47 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
48 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
49 0xaa, 0xaa, 0xaa, 0xaa,
51 msg: []byte{ // 50 bytes of 0xdd
52 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
53 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
54 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
55 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
56 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
57 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
61 0xfa, 0x73, 0xb0, 0x08, 0x9d, 0x56, 0xa2, 0x84,
62 0xef, 0xb0, 0xf0, 0x75, 0x6c, 0x89, 0x0b, 0xe9,
63 0xb1, 0xb5, 0xdb, 0xdd, 0x8e, 0xe8, 0x1a, 0x36,
64 0x55, 0xf8, 0x3e, 0x33, 0xb2, 0x27, 0x9d, 0x39,
69 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
70 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
71 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
75 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
76 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
77 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
78 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
79 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
80 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
84 0xb0, 0xba, 0x46, 0x56, 0x37, 0x45, 0x8c, 0x69,
85 0x90, 0xe5, 0xa8, 0xc5, 0xf6, 0x1d, 0x4a, 0xf7,
86 0xe5, 0x76, 0xd9, 0x7f, 0xf9, 0x4b, 0x87, 0x2d,
87 0xe7, 0x6f, 0x80, 0x50, 0x36, 0x1e, 0xe3, 0xdb,
92 func TestSum(t *testing.T) {
93 for i, test := range testCases {
94 tag := Sum(test.msg, &test.key)
95 if !bytes.Equal(tag[:], test.out[:]) {
96 t.Errorf("#%d: Sum: got\n%x\nwant\n%x", i, tag, test.out)
101 func TestVerify(t *testing.T) {
102 wrongMsg := []byte("unknown msg")
104 for i, test := range testCases {
105 if !Verify(test.out[:], test.msg, &test.key) {
106 t.Errorf("#%d: Verify(%x, %q, %x) failed", i, test.out, test.msg, test.key)
108 if Verify(test.out[:], wrongMsg, &test.key) {
109 t.Errorf("#%d: Verify(%x, %q, %x) unexpectedly passed", i, test.out, wrongMsg, test.key)
114 func TestStress(t *testing.T) {
116 t.Skip("exhaustiveness test")
120 msg := make([]byte, 10000)
121 prng := mrand.New(mrand.NewSource(0))
123 // copied from tests/auth5.c in nacl
124 for i := 0; i < 10000; i++ {
125 if _, err := rand.Read(key[:]); err != nil {
128 if _, err := rand.Read(msg[:i]); err != nil {
131 tag := Sum(msg[:i], &key)
132 if !Verify(tag[:], msg[:i], &key) {
133 t.Errorf("#%d: unexpected failure from Verify", i)
136 msgIndex := prng.Intn(i)
137 oldMsgByte := msg[msgIndex]
138 msg[msgIndex] += byte(1 + prng.Intn(255))
139 if Verify(tag[:], msg[:i], &key) {
140 t.Errorf("#%d: unexpected success from Verify after corrupting message", i)
142 msg[msgIndex] = oldMsgByte
144 tag[prng.Intn(len(tag))] += byte(1 + prng.Intn(255))
145 if Verify(tag[:], msg[:i], &key) {
146 t.Errorf("#%d: unexpected success from Verify after corrupting authenticator", i)
152 func BenchmarkAuth(b *testing.B) {
154 if _, err := rand.Read(key[:]); err != nil {
157 buf := make([]byte, 1024)
158 if _, err := rand.Read(buf[:]); err != nil {
162 b.SetBytes(int64(len(buf)))
166 for i := 0; i < b.N; i++ {
167 tag := Sum(buf, &key)
168 if Verify(tag[:], buf, &key) == false {
169 b.Fatal("unexpected failure from Verify")