#ifdef TEST_RIG
+#include <mLib/macros.h>
#include <mLib/testrig.h>
#include "ct.h"
poly1305_hash(&ctx, v[2].buf + j, v[2].len - j);
poly1305_done(&ctx, t.buf);
ct_remedy(t.buf, t.len);
- if (memcmp(t.buf, v[3].buf, 16) != 0) {
+ if (MEMCMP(t.buf, !=, v[3].buf, 16)) {
fprintf(stderr, "failed...");
fprintf(stderr, "\n\tkey = "); type_hex.dump(&v[0], stderr);
fprintf(stderr, "\n\tmask = "); type_hex.dump(&v[1], stderr);
poly1305_concat(&ctx, &ctx, &cc[2]);
}
poly1305_done(&ctx, t.buf);
- if (memcmp(t.buf, v[5].buf, 16) != 0) {
+ if (MEMCMP(t.buf, !=, v[5].buf, 16)) {
fprintf(stderr, "failed...");
fprintf(stderr, "\n\tkey = "); type_hex.dump(&v[0], stderr);
fprintf(stderr, "\n\tmask = "); type_hex.dump(&v[1], stderr);
static int vrf_mct(dstr v[])
{
unsigned j, msz;
- unsigned long i, niter;
+ unsigned long i, start_iter, end_iter;
rijndael_ecbctx rij;
poly1305_key key;
poly1305_ctx mac;
- dstr d = DSTR_INIT;
- octet k[16], r[16], n[16], s[16], *t, m[MSZMAX] = { 0 };
+ dstr dk = DSTR_INIT, dr = DSTR_INIT, dn = DSTR_INIT,
+ dt = DSTR_INIT, dm = DSTR_INIT;
+ octet *k, *r, s[16], *n, *t, *m;
int ok = 1;
- if (v[0].len != sizeof(k)) { fprintf(stderr, "AES key len\n"); exit(2); }
- if (v[1].len != sizeof(r)) { fprintf(stderr, "poly key len\n"); exit(2); }
- if (v[2].len != sizeof(n)) { fprintf(stderr, "nonce len\n"); exit(2); }
- if (v[4].len != sizeof(n)) { fprintf(stderr, "result len\n"); exit(2); }
- memcpy(k, v[0].buf, sizeof(k));
- memcpy(r, v[1].buf, sizeof(k));
- memcpy(n, v[2].buf, sizeof(k));
- niter = *(unsigned long *)v[3].buf;
- dstr_ensure(&d, 16); d.len = 16; t = (octet *)d.buf;
-
- rijndael_ecbinit(&rij, k, sizeof(k), 0);
- poly1305_keyinit(&key, r, sizeof(r));
- for (i = 0; i < niter; i++) {
+ DENSURE(&dk, 16); k = (octet *)dk.buf; dk.len = 16;
+ DENSURE(&dr, 16); r = (octet *)dr.buf; dr.len = 16;
+ DENSURE(&dn, 16); n = (octet *)dn.buf; dn.len = 16;
+ DENSURE(&dt, 16); t = (octet *)dt.buf; dt.len = 16;
+ DENSURE(&dm, MSZMAX); m = (octet *)dm.buf; dm.len = MSZMAX;
+ memset(m, 0, MSZMAX);
+
+ if (v[0].len != 16) { fprintf(stderr, "AES key len\n"); exit(2); }
+ if (v[1].len != 16) { fprintf(stderr, "poly key len\n"); exit(2); }
+ if (v[2].len != 16) { fprintf(stderr, "nonce len\n"); exit(2); }
+ if (v[3].len != MSZMAX) { fprintf(stderr, "msgbuf len\n"); exit(2); }
+ if (v[6].len != 16) { fprintf(stderr, "result len\n"); exit(2); }
+ memcpy(k, v[0].buf, 16);
+ memcpy(r, v[1].buf, 16);
+ memcpy(n, v[2].buf, 16);
+ memcpy(m, v[3].buf, MSZMAX);
+ start_iter = *(unsigned long *)v[4].buf;
+ end_iter = *(unsigned long *)v[5].buf;
+ if (end_iter < start_iter) { fprintf(stderr, "iter bounds\n"); exit(2); }
+
+ rijndael_ecbinit(&rij, k, 16, 0);
+ poly1305_keyinit(&key, r, 16);
+ for (i = start_iter; i < end_iter; i++) {
msz = 0;
for (;;) {
rijndael_ecbencrypt(&rij, n, s, 16);
for (j = 0; j < 16; j++) n[j] ^= t[j];
if (msz%2) {
for (j = 0; j < 16; j++) k[j] ^= t[j];
- rijndael_ecbinit(&rij, k, sizeof(k), 0);
+ rijndael_ecbinit(&rij, k, 16, 0);
}
if (msz%3) {
for (j = 0; j < 16; j++) r[j] ^= t[j];
- poly1305_keyinit(&key, r, sizeof(r));
+ poly1305_keyinit(&key, r, 16);
}
m[msz++] ^= t[0];
}
}
- if (memcmp(t, v[4].buf, 16) != 0) {
+ if (MEMCMP(t, !=, v[6].buf, 16)) {
ok = 0;
fprintf(stderr, "failed...");
fprintf(stderr, "\n\tinitial k = "); type_hex.dump(&v[0], stderr);
fprintf(stderr, "\n\tinitial r = "); type_hex.dump(&v[1], stderr);
fprintf(stderr, "\n\tinitial n = "); type_hex.dump(&v[2], stderr);
- fprintf(stderr, "\n\titerations = %lu", niter);
- fprintf(stderr, "\n\texpected = "); type_hex.dump(&v[4], stderr);
- fprintf(stderr, "\n\tcalculated = "); type_hex.dump(&d, stderr);
+ fprintf(stderr, "\n\tinitial m = "); type_hex.dump(&v[3], stderr);
+ fprintf(stderr, "\n\tstart iter = %lu", start_iter);
+ fprintf(stderr, "\n\tend iter = %lu", end_iter);
+ fprintf(stderr, "\n\tfinal k = "); type_hex.dump(&dk, stderr);
+ fprintf(stderr, "\n\tfinal r = "); type_hex.dump(&dr, stderr);
+ fprintf(stderr, "\n\tfinal n = "); type_hex.dump(&dn, stderr);
+ fprintf(stderr, "\n\tfinal m = "); type_hex.dump(&dm, stderr);
+ fprintf(stderr, "\n\texpected = "); type_hex.dump(&v[6], stderr);
+ fprintf(stderr, "\n\tcalculated = "); type_hex.dump(&dt, stderr);
fputc('\n', stderr);
}
- dstr_destroy(&d);
+ dstr_destroy(&dk);
+ dstr_destroy(&dr);
+ dstr_destroy(&dn);
+ dstr_destroy(&dt);
+ dstr_destroy(&dm);
return (ok);
}
{ "poly1305-cat", vrf_cat,
{ &type_hex, &type_hex, &type_hex, &type_hex, &type_hex, &type_hex } },
{ "poly1305-mct", vrf_mct,
- { &type_hex, &type_hex, &type_hex, &type_ulong, &type_hex } },
+ { &type_hex, &type_hex, &type_hex, &type_hex,
+ &type_ulong, &type_ulong, &type_hex } },
{ 0, 0, { 0 } }
};