int main(void) { randombytes_buf(v16, sizeof v16); randombytes_buf(v32, sizeof v32); randombytes_buf(v64, sizeof v64); memcpy(v16x, v16, sizeof v16); memcpy(v32x, v32, sizeof v32); memcpy(v64x, v64, sizeof v64); printf("%d\n", crypto_verify_16(v16, v16x)); printf("%d\n", crypto_verify_32(v32, v32x)); printf("%d\n", crypto_verify_64(v64, v64x)); v16x[randombytes_random() & 15U]++; v32x[randombytes_random() & 31U]++; v64x[randombytes_random() & 63U]++; printf("%d\n", crypto_verify_16(v16, v16x)); printf("%d\n", crypto_verify_32(v32, v32x)); printf("%d\n", crypto_verify_64(v64, v64x)); assert(crypto_verify_16_bytes() == 16U); assert(crypto_verify_32_bytes() == 32U); assert(crypto_verify_64_bytes() == 64U); return 0; }
int crypto_aead_chacha20poly1305_ietf_decrypt_detached(unsigned char *m, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *mac, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) { crypto_onetimeauth_poly1305_state state; unsigned char block0[64U]; unsigned char slen[8U]; unsigned char computed_mac[crypto_aead_chacha20poly1305_ietf_ABYTES]; unsigned long long mlen; int ret; (void) nsec; crypto_stream_chacha20_ietf(block0, sizeof block0, npub, k); crypto_onetimeauth_poly1305_init(&state, block0); sodium_memzero(block0, sizeof block0); crypto_onetimeauth_poly1305_update(&state, ad, adlen); crypto_onetimeauth_poly1305_update(&state, _pad0, (0x10 - adlen) & 0xf); mlen = clen; crypto_onetimeauth_poly1305_update(&state, c, mlen); crypto_onetimeauth_poly1305_update(&state, _pad0, (0x10 - mlen) & 0xf); STORE64_LE(slen, (uint64_t) adlen); crypto_onetimeauth_poly1305_update(&state, slen, sizeof slen); STORE64_LE(slen, (uint64_t) mlen); crypto_onetimeauth_poly1305_update(&state, slen, sizeof slen); crypto_onetimeauth_poly1305_final(&state, computed_mac); sodium_memzero(&state, sizeof state); COMPILER_ASSERT(sizeof computed_mac == 16U); ret = crypto_verify_16(computed_mac, mac); sodium_memzero(computed_mac, sizeof computed_mac); if (m == NULL) { return ret; } if (ret != 0) { memset(m, 0, mlen); return -1; } crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, npub, 1U, k); return 0; }
static nif_term_t salt_verify_16(nif_heap_t *hp, int argc, const nif_term_t argv[]) { /* salt_verify_16(Bin_x, Bin_y) -> equal | not_equal. */ nif_bin_t bx; nif_bin_t by; if (argc != 2) return (BADARG); if (! enif_inspect_binary(hp, argv[0], &bx)) return (BADARG); if (! enif_inspect_binary(hp, argv[1], &by)) return (BADARG); if (bx.size != 16 || by.size != 16) return (BADARG); if (crypto_verify_16(bx.data, by.data) != 0) return (enif_make_atom(hp, "not_equal")); return (enif_make_atom(hp, "equal")); }
int crypto_onetimeauth_verify(const unsigned char *h, const unsigned char *in, unsigned long long inlen, const unsigned char *k) { unsigned char mac[16]; poly1305_auth_sse2(mac, in, (size_t)inlen, k); return crypto_verify_16(h, mac); }
int crypto_onetimeauth_verify(const unsigned char *h,const unsigned char *in,unsigned int inlen,const unsigned char *k) { unsigned char correct[16]; crypto_onetimeauth(correct,in,inlen,k); return crypto_verify_16(h,correct); }
SODIUM_EXPORT int crypto_verify_16_ref(const unsigned char *x, const unsigned char *y) { return crypto_verify_16(x, y); }
int main(void) { unsigned char *v16, *v16x; unsigned char *v32, *v32x; unsigned char *v64, *v64x; uint32_t r; uint8_t o; int i; v16 = (unsigned char *) sodium_malloc(16); v16x = (unsigned char *) sodium_malloc(16); v32 = (unsigned char *) sodium_malloc(32); v32x = (unsigned char *) sodium_malloc(32); v64 = (unsigned char *) sodium_malloc(64); v64x = (unsigned char *) sodium_malloc(64); for (i = 0; i < 10000; i++) { randombytes_buf(v16, 16); randombytes_buf(v32, 32); randombytes_buf(v64, 64); memcpy(v16x, v16, 16); memcpy(v32x, v32, 32); memcpy(v64x, v64, 64); if (crypto_verify_16(v16, v16x) != 0 || crypto_verify_32(v32, v32x) != 0 || crypto_verify_64(v64, v64x) != 0 || sodium_memcmp(v16, v16x, 16) != 0 || sodium_memcmp(v32, v32x, 32) != 0 || sodium_memcmp(v64, v64x, 64) != 0) { printf("Failed\n"); } } printf("OK\n"); for (i = 0; i < 100000; i++) { r = randombytes_random(); o = (uint8_t) randombytes_random(); if (o == 0) { continue; } v16x[r & 15U] ^= o; v32x[r & 31U] ^= o; v64x[r & 63U] ^= o; if (crypto_verify_16(v16, v16x) != -1 || crypto_verify_32(v32, v32x) != -1 || crypto_verify_64(v64, v64x) != -1 || sodium_memcmp(v16, v16x, 16) != -1 || sodium_memcmp(v32, v32x, 32) != -1 || sodium_memcmp(v64, v64x, 64) != -1) { printf("Failed\n"); } v16x[r & 15U] ^= o; v32x[r & 31U] ^= o; v64x[r & 63U] ^= o; } printf("OK\n"); assert(crypto_verify_16_bytes() == 16U); assert(crypto_verify_32_bytes() == 32U); assert(crypto_verify_64_bytes() == 64U); sodium_free(v16); sodium_free(v16x); sodium_free(v32); sodium_free(v32x); sodium_free(v64); sodium_free(v64x); return 0; }