int
main(void)
{
int i;
crypto_stream(rs, 32, nonce, firstkey);
for (i = 0; i < 32; ++i) {
printf(",0x%02x", (unsigned int) rs[i]);
if (i % 8 == 7)
printf("\n");
}
return 0;
}
int main(void)
{
int i;
crypto_stream(output, 4194304, nonce, firstkey);
crypto_hash_sha256(h, output, sizeof output);
for (i = 0; i < 32; ++i)
printf("%02x", h[i]);
printf("\n");
assert(crypto_stream_keybytes() > 0U);
assert(crypto_stream_noncebytes() > 0U);
assert(strcmp(crypto_stream_primitive(), "xsalsa20") == 0);
assert(crypto_stream_keybytes() == crypto_stream_xsalsa20_keybytes());
assert(crypto_stream_noncebytes() == crypto_stream_xsalsa20_noncebytes());
return 0;
}
void generate_c(uint32_t *pos_list, unsigned char *c_bin)
{
int i;
double c[PARAM_N];
//Now generate the F(c) value
unsigned char nonce[crypto_stream_NONCEBYTES] = {1,2,3,4,5,6,7,8};
const int R_LENGTH = 800;
unsigned char r[R_LENGTH];
//Use the hash value as key to generate some randomness
crypto_stream(r, R_LENGTH, nonce, c_bin);
//Now populate the vector
int cnt =0;
int pos;
//Use rejection sampling to determine positions to be set in the new vector
for(i=0; i<PARAM_N; i++)
c[i] = 0;
i=0;
while(i<PARAM_W)
{
//sample a position (0 to n-1). Use two bytes
pos = 0;
pos = (r[cnt]<<8) | (r[cnt+1]);
pos &= PARAM_N-1;
cnt += 2;
//position is between [0,n-1]
if (c[pos] == 0)
{
pos_list[i] = pos;
c[pos]=1;
i++;
cnt++;
}
}
}
static nif_term_t
salt_stream(nif_heap_t *hp, int argc, const nif_term_t argv[])
{
/* salt_stream(Byte_cnt, Nonce, Secret_key) -> Byte_stream. */
nif_bin_t nc;
nif_bin_t sk;
nif_bin_t bs;
uint_t cnt;
if (argc != 3)
return (BADARG);
/* Unpack arguments ensuring they're suitably typed. */
if (! enif_get_uint(hp, argv[0], &cnt))
return (BADARG);
if (! enif_inspect_binary(hp, argv[1], &nc))
return (BADARG);
if (! enif_inspect_binary(hp, argv[2], &sk))
return (BADARG);
/* Check constraints on size. */
if (cnt < 1 || cnt > SALT_MAX_MESSAGE_SIZE)
return (BADARG);
if (nc.size != crypto_secretbox_NONCEBYTES)
return (BADARG);
if (sk.size != crypto_secretbox_KEYBYTES)
return (BADARG);
/* Allocate space for byte stream. NB: Passing ENOMEM as BADARG. */
if (! enif_alloc_binary(cnt, &bs))
return (BADARG);
(void)crypto_stream(bs.data, bs.size, nc.data, sk.data);
return (enif_make_binary(hp, &bs));
}
bool unit_test_crypto_stream(){
// Global length
uint64_t len = HACL_UNIT_TESTS_SIZE * sizeof(uint8_t);
// Scratch buffers
uint8_t hacl_cipher[HACL_UNIT_TESTS_SIZE], expected_cipher[HACL_UNIT_TESTS_SIZE];
// Shared key
uint8_t key[32], nonce[24];
// Random plaintext
uint8_t *plaintext = malloc(HACL_UNIT_TESTS_SIZE * sizeof (uint8_t));
READ_RANDOM_BYTES(len, plaintext);
// Test 1
int a;
bool pass = true;
for (int i = 0; i < 1024; i++){
tweet_crypto_stream(expected_cipher, i, nonce, key);
crypto_stream(hacl_cipher, i, nonce, key);
a = memcmp(hacl_cipher, expected_cipher, i * sizeof(uint8_t));
if (a != 0){
pass = false;
printf("SECRETBOX failed on input of size %d\n.", i);
break;
}
}
if (!pass) return pass;
// Test 2
tweet_crypto_stream_xor(expected_cipher, plaintext, HACL_UNIT_TESTS_SIZE, nonce, key);
crypto_stream_xor(hacl_cipher, plaintext, HACL_UNIT_TESTS_SIZE, nonce, key);
a = memcmp(hacl_cipher, expected_cipher, HACL_UNIT_TESTS_SIZE * sizeof(uint8_t));
if (a != 0){
pass = false;
printf("SECRETBOX failed on input of size %d\n.", HACL_UNIT_TESTS_SIZE);
}
free(plaintext);
return pass;
}
const char *checksum_compute(void)
{
long long i;
long long j;
for (i = 0;i < CHECKSUM_BYTES;++i) {
long long mlen = i;
long long clen = i;
long long slen = i;
long long klen = crypto_stream_KEYBYTES;
long long nlen = crypto_stream_NONCEBYTES;
for (j = -16;j < 0;++j) m[j] = rand();
for (j = -16;j < 0;++j) c[j] = rand();
for (j = -16;j < 0;++j) s[j] = rand();
for (j = -16;j < 0;++j) n[j] = rand();
for (j = -16;j < 0;++j) k[j] = rand();
for (j = mlen;j < mlen + 16;++j) m[j] = rand();
for (j = clen;j < clen + 16;++j) c[j] = rand();
for (j = slen;j < slen + 16;++j) s[j] = rand();
for (j = nlen;j < nlen + 16;++j) n[j] = rand();
for (j = klen;j < klen + 16;++j) k[j] = rand();
for (j = -16;j < mlen + 16;++j) m2[j] = m[j];
for (j = -16;j < clen + 16;++j) c2[j] = c[j];
for (j = -16;j < slen + 16;++j) s2[j] = s[j];
for (j = -16;j < nlen + 16;++j) n2[j] = n[j];
for (j = -16;j < klen + 16;++j) k2[j] = k[j];
crypto_stream_xor(c,m,mlen,n,k);
for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_stream_xor overwrites m";
for (j = -16;j < slen + 16;++j) if (s[j] != s2[j]) return "crypto_stream_xor overwrites s";
for (j = -16;j < nlen + 16;++j) if (n[j] != n2[j]) return "crypto_stream_xor overwrites n";
for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_stream_xor overwrites k";
for (j = -16;j < 0;++j) if (c[j] != c2[j]) return "crypto_stream_xor writes before output";
for (j = clen;j < clen + 16;++j) if (c[j] != c2[j]) return "crypto_stream_xor writes after output";
for (j = -16;j < clen + 16;++j) c2[j] = c[j];
crypto_stream(s,slen,n,k);
for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_stream overwrites m";
for (j = -16;j < clen + 16;++j) if (c[j] != c2[j]) return "crypto_stream overwrites c";
for (j = -16;j < nlen + 16;++j) if (n[j] != n2[j]) return "crypto_stream overwrites n";
for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_stream overwrites k";
for (j = -16;j < 0;++j) if (s[j] != s2[j]) return "crypto_stream writes before output";
for (j = slen;j < slen + 16;++j) if (s[j] != s2[j]) return "crypto_stream writes after output";
for (j = 0;j < mlen;++j)
if ((s[j] ^ m[j]) != c[j]) return "crypto_stream_xor does not match crypto_stream";
for (j = 0;j < clen;++j) k[j % klen] ^= c[j];
crypto_stream_xor(m,c,clen,n,k);
crypto_stream(s,slen,n,k);
for (j = 0;j < mlen;++j)
if ((s[j] ^ m[j]) != c[j]) return "crypto_stream_xor does not match crypto_stream";
for (j = 0;j < mlen;++j) n[j % nlen] ^= m[j];
m[mlen] = 0;
}
sodium_bin2hex(checksum, sizeof checksum, k, crypto_stream_KEYBYTES);
return 0;
}
