3 * Testing for AEAD schemes based on Salsa20/ChaCha and Poly1305
5 * (c) 2018 Straylight/Edgeware
8 /*----- Licensing notice --------------------------------------------------*
10 * This file is part of Catacomb.
12 * Catacomb is free software: you can redistribute it and/or modify it
13 * under the terms of the GNU Library General Public License as published
14 * by the Free Software Foundation; either version 2 of the License, or
15 * (at your option) any later version.
17 * Catacomb is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * Library General Public License for more details.
22 * You should have received a copy of the GNU Library General Public
23 * License along with Catacomb. If not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
28 /*----- Header files ------------------------------------------------------*/
30 #include <mLib/macros.h>
32 #include "latinpoly-def.h"
34 /*----- Main code ---------------------------------------------------------*/
36 /* --- @latinpoly_test@ --- *
38 * Arguments: @gcaead *aec@ = authenticated encryption class to test
39 * @dstr *v@ = pointer to test-vector
41 * Returns: Nonzero if the test passed, zero on failure.
44 int latinpoly_test(const gcaead
*aec
, dstr
*v
)
48 gaead_enc
*e
; gaead_dec
*d
;
49 dstr out
= DSTR_INIT
, tag
= DSTR_INIT
;
54 k
= GAEAD_KEY(aec
, v
[0].buf
, v
[0].len
);
56 dstr_reset(&out
); dstr_ensure(&out
, v
[3].len
);
57 dstr_reset(&tag
); dstr_ensure(&tag
, POLY1305_TAGSZ
);
58 e
= GAEAD_ENC(k
, v
[1].buf
, v
[1].len
, 0, 0, 0);
59 a
= GAEAD_AAD(e
); GAEAD_HASH(a
, v
[2].buf
, v
[2].len
);
60 buf_init(&b
, out
.buf
, out
.sz
);
61 rc
= GAEAD_ENCRYPT(e
, v
[3].buf
, v
[3].len
, &b
);
62 if (rc
) { printf("!! encrypt reports failure\n"); goto encfail
; }
63 rc
= GAEAD_DONE(e
, a
, &b
, tag
.buf
, POLY1305_TAGSZ
);
64 if (rc
) { printf("!! encryptdone reports failure\n"); goto encfail
; }
66 out
.len
= BLEN(&b
); tag
.len
= POLY1305_TAGSZ
;
67 if (out
.len
!= v
[4].len
||
68 MEMCMP(out
.buf
, !=, v
[4].buf
, v
[4].len
) ||
69 MEMCMP(tag
.buf
, !=, v
[5].buf
, v
[5].len
)) {
72 printf("\n%s encrypt FAILED", aec
->name
);
73 printf("\n key = "); type_hex
.dump(&v
[0], stdout
);
74 printf("\n nonce = "); type_hex
.dump(&v
[1], stdout
);
75 printf("\n header = "); type_hex
.dump(&v
[2], stdout
);
76 printf("\n message = "); type_hex
.dump(&v
[3], stdout
);
77 printf("\n exp ct = "); type_hex
.dump(&v
[4], stdout
);
78 printf("\n calc ct = "); type_hex
.dump(&out
, stdout
);
79 printf("\n exp tag = "); type_hex
.dump(&v
[5], stdout
);
80 printf("\ncalc tag = "); type_hex
.dump(&tag
, stdout
);
86 dstr_reset(&out
); dstr_ensure(&out
, v
[3].len
);
87 dstr_reset(&tag
); dstr_ensure(&tag
, POLY1305_TAGSZ
);
88 d
= GAEAD_DEC(k
, v
[1].buf
, v
[1].len
, 0, 0, 0);
89 a
= GAEAD_AAD(d
); GAEAD_HASH(a
, v
[2].buf
, v
[2].len
);
90 buf_init(&b
, out
.buf
, out
.sz
);
91 rc
= GAEAD_DECRYPT(d
, v
[4].buf
, v
[4].len
, &b
);
92 if (rc
) { printf("!! decrypt reports failure\n"); goto decfail
; }
93 rc
= GAEAD_DONE(e
, a
, &b
, v
[5].buf
, POLY1305_TAGSZ
);
94 if (rc
< 0) { printf("!! decryptdone reports failure\n"); goto decfail
; }
96 out
.len
= BLEN(&b
); tag
.len
= POLY1305_TAGSZ
;
97 if (out
.len
!= v
[3].len
|| MEMCMP(out
.buf
, !=, v
[3].buf
, v
[3].len
) ||
101 printf("\ndecrypt FAILED");
102 printf("\n key = "); type_hex
.dump(&v
[0], stdout
);
103 printf("\n nonce = "); type_hex
.dump(&v
[1], stdout
);
104 printf("\n header = "); type_hex
.dump(&v
[2], stdout
);
105 printf("\n cipher = "); type_hex
.dump(&v
[4], stdout
);
106 printf("\n exp msg = "); type_hex
.dump(&v
[3], stdout
);
107 printf("\ncalc msg = "); type_hex
.dump(&out
, stdout
);
108 printf("\n tag = "); type_hex
.dump(&v
[5], stdout
);
109 printf("\n verify %s", rc
> 0 ?
"ok" : "FAILED");
116 dstr_destroy(&out
); dstr_destroy(&tag
);
120 /*----- That's all, folks -------------------------------------------------*/