OLD | NEW |
| (Empty) |
1 /* | |
2 * Chacha stream algorithm. | |
3 * | |
4 * Created on: Jun, 2013 | |
5 * Author: Elie Bursztein (elieb@google.com) | |
6 * | |
7 * Adapted from the estream code by D. Bernstein. | |
8 */ | |
9 /* ==================================================================== | |
10 * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved. | |
11 * | |
12 * Redistribution and use in source and binary forms, with or without | |
13 * modification, are permitted provided that the following conditions | |
14 * are met: | |
15 * | |
16 * 1. Redistributions of source code must retain the above copyright | |
17 * notice, this list of conditions and the following disclaimer. | |
18 * | |
19 * 2. Redistributions in binary form must reproduce the above copyright | |
20 * notice, this list of conditions and the following disclaimer in | |
21 * the documentation and/or other materials provided with the | |
22 * distribution. | |
23 * | |
24 * 3. All advertising materials mentioning features or use of this | |
25 * software must display the following acknowledgment: | |
26 * "This product includes software developed by the OpenSSL Project | |
27 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
28 * | |
29 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
30 * endorse or promote products derived from this software without | |
31 * prior written permission. For written permission, please contact | |
32 * licensing@OpenSSL.org. | |
33 * | |
34 * 5. Products derived from this software may not be called "OpenSSL" | |
35 * nor may "OpenSSL" appear in their names without prior written | |
36 * permission of the OpenSSL Project. | |
37 * | |
38 * 6. Redistributions of any form whatsoever must retain the following | |
39 * acknowledgment: | |
40 * "This product includes software developed by the OpenSSL Project | |
41 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
42 * | |
43 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
44 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
46 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
47 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
48 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
49 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
50 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
51 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
52 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
53 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
54 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
55 * ==================================================================== | |
56 */ | |
57 | |
58 #include <stdio.h> | |
59 #include <stdlib.h> | |
60 #include <string.h> | |
61 #include <stdint.h> | |
62 | |
63 #include <openssl/chacha.h> | |
64 | |
65 struct chacha_test { | |
66 const char *keyhex; | |
67 const char *noncehex; | |
68 const char *outhex; | |
69 }; | |
70 | |
71 static const struct chacha_test chacha_tests[] = { | |
72 { | |
73 "000000000000000000000000000000000000000000000000000000000000000
0", | |
74 "0000000000000000", | |
75 "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc
7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586", | |
76 }, | |
77 { | |
78 "000000000000000000000000000000000000000000000000000000000000000
1", | |
79 "0000000000000000", | |
80 "4540f05a9f1fb296d7736e7b208e3c96eb4fe1834688d2604f450952ed432d4
1bbe2a0b6ea7566d2a5d1e7e20d42af2c53d792b1c43fea817e9ad275ae546963", | |
81 }, | |
82 { | |
83 "000000000000000000000000000000000000000000000000000000000000000
0", | |
84 "0000000000000001", | |
85 "de9cba7bf3d69ef5e786dc63973f653a0b49e015adbff7134fcb7df13782103
1e85a050278a7084527214f73efc7fa5b5277062eb7a0433e445f41e31afab757", | |
86 }, | |
87 { | |
88 "000000000000000000000000000000000000000000000000000000000000000
0", | |
89 "0100000000000000", | |
90 "ef3fdfd6c61578fbf5cf35bd3dd33b8009631634d21e42ac33960bd138e50d3
2111e4caf237ee53ca8ad6426194a88545ddc497a0b466e7d6bbdb0041b2f586b", | |
91 }, | |
92 { | |
93 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1
f", | |
94 "0001020304050607", | |
95 "f798a189f195e66982105ffb640bb7757f579da31602fc93ec01ac56f85ac3c
134a4547b733b46413042c9440049176905d3be59ea1c53f15916155c2be8241a38008b9a26bc359
41e2444177c8ade6689de95264986d95889fb60e84629c9bd9a5acb1cc118be563eb9b3a4a472f82
e09a7e778492b562ef7130e88dfe031c79db9d4f7c7a899151b9a475032b63fc385245fe054e3dd5
a97a5f576fe064025d3ce042c566ab2c507b138db853e3d6959660996546cc9c4a6eafdc777c040d
70eaf46f76dad3979e5c5360c3317166a1c894c94a371876a94df7628fe4eaaf2ccb27d5aaae0ad7
ad0f9d4b6ad3b54098746d4524d38407a6deb", | |
96 }, | |
97 }; | |
98 | |
99 static unsigned char hex_digit(char h) | |
100 { | |
101 if (h >= '0' && h <= '9') | |
102 return h - '0'; | |
103 else if (h >= 'a' && h <= 'f') | |
104 return h - 'a' + 10; | |
105 else if (h >= 'A' && h <= 'F') | |
106 return h - 'A' + 10; | |
107 else | |
108 abort(); | |
109 } | |
110 | |
111 static void hex_decode(unsigned char *out, const char* hex) | |
112 { | |
113 size_t j = 0; | |
114 | |
115 while (*hex != 0) | |
116 { | |
117 unsigned char v = hex_digit(*hex++); | |
118 v <<= 4; | |
119 v |= hex_digit(*hex++); | |
120 out[j++] = v; | |
121 } | |
122 } | |
123 | |
124 static void hexdump(unsigned char *a, size_t len) | |
125 { | |
126 size_t i; | |
127 | |
128 for (i = 0; i < len; i++) | |
129 printf("%02x", a[i]); | |
130 } | |
131 | |
132 /* misalign returns a pointer that points 0 to 15 bytes into |in| such that the | |
133 * returned pointer has alignment 1 mod 16. */ | |
134 static void* misalign(void* in) | |
135 { | |
136 intptr_t x = (intptr_t) in; | |
137 x += (17 - (x % 16)) % 16; | |
138 return (void*) x; | |
139 } | |
140 | |
141 int main() | |
142 { | |
143 static const unsigned num_tests = | |
144 sizeof(chacha_tests) / sizeof(struct chacha_test); | |
145 unsigned i; | |
146 unsigned char key_bytes[32 + 16]; | |
147 unsigned char nonce_bytes[8 + 16] = {0}; | |
148 | |
149 unsigned char *key = misalign(key_bytes); | |
150 unsigned char *nonce = misalign(nonce_bytes); | |
151 | |
152 for (i = 0; i < num_tests; i++) | |
153 { | |
154 const struct chacha_test *test = &chacha_tests[i]; | |
155 unsigned char *expected, *out_bytes, *zero_bytes, *out, *zeros; | |
156 size_t len = strlen(test->outhex); | |
157 | |
158 if (strlen(test->keyhex) != 32*2 || | |
159 strlen(test->noncehex) != 8*2 || | |
160 (len & 1) == 1) | |
161 return 1; | |
162 | |
163 len /= 2; | |
164 | |
165 hex_decode(key, test->keyhex); | |
166 hex_decode(nonce, test->noncehex); | |
167 | |
168 expected = malloc(len); | |
169 out_bytes = malloc(len+16); | |
170 zero_bytes = malloc(len+16); | |
171 /* Attempt to test unaligned inputs. */ | |
172 out = misalign(out_bytes); | |
173 zeros = misalign(zero_bytes); | |
174 memset(zeros, 0, len); | |
175 | |
176 hex_decode(expected, test->outhex); | |
177 CRYPTO_chacha_20(out, zeros, len, key, nonce, 0); | |
178 | |
179 if (memcmp(out, expected, len) != 0) | |
180 { | |
181 printf("ChaCha20 test #%d failed.\n", i); | |
182 printf("got: "); | |
183 hexdump(out, len); | |
184 printf("\nexpected: "); | |
185 hexdump(expected, len); | |
186 printf("\n"); | |
187 return 1; | |
188 } | |
189 | |
190 /* The last test has a large output. We test whether the | |
191 * counter works as expected by skipping the first 64 bytes of | |
192 * it. */ | |
193 if (i == num_tests - 1) | |
194 { | |
195 CRYPTO_chacha_20(out, zeros, len - 64, key, nonce, 1); | |
196 if (memcmp(out, expected + 64, len - 64) != 0) | |
197 { | |
198 printf("ChaCha20 skip test failed.\n"); | |
199 return 1; | |
200 } | |
201 } | |
202 | |
203 free(expected); | |
204 free(zero_bytes); | |
205 free(out_bytes); | |
206 } | |
207 | |
208 | |
209 printf("PASS\n"); | |
210 return 0; | |
211 } | |
OLD | NEW |