--- /dev/null
+/* -*-c-*-
+ *
+ * Testing for AEAD schemes based on Salsa20/ChaCha and Poly1305
+ *
+ * (c) 2018 Straylight/Edgeware
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of Catacomb.
+ *
+ * Catacomb is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Library General Public License as published
+ * by the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * Catacomb is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with Catacomb. If not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+/*----- Header files ------------------------------------------------------*/
+
+#include "latinpoly-def.h"
+
+/*----- Main code ---------------------------------------------------------*/
+
+/* --- @latinpoly_test@ --- *
+ *
+ * Arguments: @gcaead *aec@ = authenticated encryption class to test
+ * @dstr *v@ = pointer to test-vector
+ *
+ * Returns: Nonzero if the test passed, zero on failure.
+ */
+
+int latinpoly_test(const gcaead *aec, dstr *v)
+{
+ gaead_key *k;
+ gaead_aad *a;
+ gaead_enc *e; gaead_dec *d;
+ dstr out = DSTR_INIT, tag = DSTR_INIT;
+ buf b;
+ int rc;
+ int ok = 1;
+
+ k = GAEAD_KEY(aec, v[0].buf, v[0].len);
+
+ dstr_reset(&out); dstr_ensure(&out, v[3].len);
+ dstr_reset(&tag); dstr_ensure(&tag, POLY1305_TAGSZ);
+ e = GAEAD_ENC(k, v[1].buf, v[1].len, 0, 0, 0);
+ a = GAEAD_AAD(e); GAEAD_HASH(a, v[2].buf, v[2].len);
+ buf_init(&b, out.buf, out.sz);
+ rc = GAEAD_ENCRYPT(e, v[3].buf, v[3].len, &b);
+ if (rc) { printf("!! encrypt reports failure\n"); goto encfail; }
+ rc = GAEAD_DONE(e, a, &b, tag.buf, POLY1305_TAGSZ);
+ if (rc) { printf("!! encryptdone reports failure\n"); goto encfail; }
+
+ out.len = BLEN(&b); tag.len = POLY1305_TAGSZ;
+ if (out.len != v[4].len || memcmp(out.buf, v[4].buf, v[4].len) ||
+ memcmp(tag.buf, v[5].buf, v[5].len)) {
+ encfail:
+ ok = 0;
+ printf("\n%s encrypt FAILED", aec->name);
+ printf("\n key = "); type_hex.dump(&v[0], stdout);
+ printf("\n nonce = "); type_hex.dump(&v[1], stdout);
+ printf("\n header = "); type_hex.dump(&v[2], stdout);
+ printf("\n message = "); type_hex.dump(&v[3], stdout);
+ printf("\n exp ct = "); type_hex.dump(&v[4], stdout);
+ printf("\n calc ct = "); type_hex.dump(&out, stdout);
+ printf("\n exp tag = "); type_hex.dump(&v[5], stdout);
+ printf("\ncalc tag = "); type_hex.dump(&tag, stdout);
+ putchar('\n');
+ }
+ GAEAD_DESTROY(a);
+ GAEAD_DESTROY(e);
+
+ dstr_reset(&out); dstr_ensure(&out, v[3].len);
+ dstr_reset(&tag); dstr_ensure(&tag, POLY1305_TAGSZ);
+ d = GAEAD_DEC(k, v[1].buf, v[1].len, 0, 0, 0);
+ a = GAEAD_AAD(d); GAEAD_HASH(a, v[2].buf, v[2].len);
+ buf_init(&b, out.buf, out.sz);
+ rc = GAEAD_DECRYPT(d, v[4].buf, v[4].len, &b);
+ if (rc) { printf("!! decrypt reports failure\n"); goto decfail; }
+ rc = GAEAD_DONE(e, a, &b, v[5].buf, POLY1305_TAGSZ);
+ if (rc < 0) { printf("!! decryptdone reports failure\n"); goto decfail; }
+
+ out.len = BLEN(&b); tag.len = POLY1305_TAGSZ;
+ if (out.len != v[3].len || memcmp(out.buf, v[3].buf, v[3].len) || !rc) {
+ decfail:
+ ok = 0;
+ printf("\ndecrypt FAILED");
+ printf("\n key = "); type_hex.dump(&v[0], stdout);
+ printf("\n nonce = "); type_hex.dump(&v[1], stdout);
+ printf("\n header = "); type_hex.dump(&v[2], stdout);
+ printf("\n cipher = "); type_hex.dump(&v[4], stdout);
+ printf("\n exp msg = "); type_hex.dump(&v[3], stdout);
+ printf("\ncalc msg = "); type_hex.dump(&out, stdout);
+ printf("\n tag = "); type_hex.dump(&v[5], stdout);
+ printf("\n verify %s", rc > 0 ? "ok" : "FAILED");
+ putchar('\n');
+ }
+ GAEAD_DESTROY(a);
+ GAEAD_DESTROY(d);
+
+ GAEAD_DESTROY(k);
+ dstr_destroy(&out); dstr_destroy(&tag);
+ return (ok);
+}
+
+/*----- That's all, folks -------------------------------------------------*/
~mdw / catacomb / blobdiff