int main(void) { unsigned char ed25519_pk[crypto_sign_ed25519_PUBLICKEYBYTES]; unsigned char ed25519_skpk[crypto_sign_ed25519_SECRETKEYBYTES]; unsigned char curve25519_pk[crypto_scalarmult_curve25519_BYTES]; unsigned char curve25519_pk2[crypto_scalarmult_curve25519_BYTES]; unsigned char curve25519_sk[crypto_scalarmult_curve25519_BYTES]; char curve25519_pk_hex[crypto_scalarmult_curve25519_BYTES * 2 + 1]; char curve25519_sk_hex[crypto_scalarmult_curve25519_BYTES * 2 + 1]; unsigned int i; assert(crypto_sign_ed25519_SEEDBYTES <= crypto_hash_sha512_BYTES); crypto_sign_ed25519_seed_keypair(ed25519_pk, ed25519_skpk, keypair_seed); if (crypto_sign_ed25519_pk_to_curve25519(curve25519_pk, ed25519_pk) != 0) { printf("conversion failed\n"); } crypto_sign_ed25519_sk_to_curve25519(curve25519_sk, ed25519_skpk); sodium_bin2hex(curve25519_pk_hex, sizeof curve25519_pk_hex, curve25519_pk, sizeof curve25519_pk); sodium_bin2hex(curve25519_sk_hex, sizeof curve25519_sk_hex, curve25519_sk, sizeof curve25519_sk); printf("curve25519 pk: [%s]\n", curve25519_pk_hex); printf("curve25519 sk: [%s]\n", curve25519_sk_hex); for (i = 0U; i < 500U; i++) { crypto_sign_ed25519_keypair(ed25519_pk, ed25519_skpk); if (crypto_sign_ed25519_pk_to_curve25519(curve25519_pk, ed25519_pk) != 0) { printf("conversion failed\n"); } crypto_sign_ed25519_sk_to_curve25519(curve25519_sk, ed25519_skpk); crypto_scalarmult_curve25519_base(curve25519_pk2, curve25519_sk); if (memcmp(curve25519_pk, curve25519_pk2, sizeof curve25519_pk) != 0) { printf("conversion failed\n"); } } sodium_hex2bin(ed25519_pk, crypto_sign_ed25519_PUBLICKEYBYTES, "0000000000000000000000000000000000000000000000000000000000000000" "0000000000000000000000000000000000000000000000000000000000000000", 64, NULL, NULL, NULL); assert(crypto_sign_ed25519_pk_to_curve25519(curve25519_pk, ed25519_pk) == -1); sodium_hex2bin(ed25519_pk, crypto_sign_ed25519_PUBLICKEYBYTES, "0200000000000000000000000000000000000000000000000000000000000000" "0000000000000000000000000000000000000000000000000000000000000000", 64, NULL, NULL, NULL); assert(crypto_sign_ed25519_pk_to_curve25519(curve25519_pk, ed25519_pk) == -1); sodium_hex2bin(ed25519_pk, crypto_sign_ed25519_PUBLICKEYBYTES, "0500000000000000000000000000000000000000000000000000000000000000" "0000000000000000000000000000000000000000000000000000000000000000", 64, NULL, NULL, NULL); assert(crypto_sign_ed25519_pk_to_curve25519(curve25519_pk, ed25519_pk) == -1); printf("ok\n"); return 0; }
int main(void) { unsigned char *alicepk = (unsigned char *) sodium_malloc(crypto_scalarmult_BYTES); unsigned char *bobpk = (unsigned char *) sodium_malloc(crypto_scalarmult_BYTES); unsigned char *k = (unsigned char *) sodium_malloc(crypto_scalarmult_BYTES); int ret; assert(alicepk != NULL && bobpk != NULL && k != NULL); crypto_scalarmult_base(alicepk, alicesk); sodium_bin2hex(hex, sizeof hex, alicepk, crypto_scalarmult_BYTES); printf("%s\n", hex); crypto_scalarmult_base(bobpk, bobsk); sodium_bin2hex(hex, sizeof hex, bobpk, crypto_scalarmult_BYTES); printf("%s\n", hex); ret = crypto_scalarmult(k, alicesk, bobpk); assert(ret == 0); sodium_bin2hex(hex, sizeof hex, k, crypto_scalarmult_BYTES); printf("%s\n", hex); ret = crypto_scalarmult(k, bobsk, alicepk); assert(ret == 0); sodium_bin2hex(hex, sizeof hex, k, crypto_scalarmult_BYTES); printf("%s\n", hex); ret = crypto_scalarmult(k, bobsk, small_order_p); assert(ret == -1); sodium_bin2hex(hex, sizeof hex, k, crypto_scalarmult_BYTES); printf("%s\n", hex); sodium_free(bobpk); sodium_free(alicepk); sodium_free(k); assert(crypto_scalarmult_bytes() > 0U); assert(crypto_scalarmult_scalarbytes() > 0U); assert(strcmp(crypto_scalarmult_primitive(), "curve25519") == 0); assert(crypto_scalarmult_bytes() == crypto_scalarmult_curve25519_bytes()); assert(crypto_scalarmult_scalarbytes() == crypto_scalarmult_curve25519_scalarbytes()); assert(crypto_scalarmult_bytes() == crypto_scalarmult_scalarbytes()); return 0; }
int main(int argc, char **argv) { if( rdrand_available() ) { fprintf( stderr, "rdrand supported.\n" ); } else { fprintf( stderr, "rdrand NOT supported.\n" ); } uint8_t buf[64]; sodium_mlock( buf, 64 ); char hex[130]; char *result; while( 1 ) { int received_entropy = sqrl_entropy_get_blocking( buf, 64 ); result = sodium_bin2hex( hex, 129, (unsigned char*)buf, 64 ); if( result ) { printf( "%d: %s\n", received_entropy, result ); } #ifdef _WIN32 Sleep(1000); #else sleep(1); #endif } sodium_munlock( buf, crypto_hash_sha512_BYTES ); return 0; }
String DevicePrivate::getDeviceHash(const bool include_port) const { unsigned char hash[crypto_generichash_BYTES_MIN]; crypto_generichash_state state; if (_vendor_id.empty() || _product_id.empty()) { throw std::runtime_error("Cannot compute device hash value. Vendor ID and/or Product ID empty."); } crypto_generichash_init(&state, NULL, 0, sizeof hash); for (auto field : { &_name, &_vendor_id, &_product_id, &_serial_number }) { /* Update the hash value */ crypto_generichash_update(&state, (const uint8_t *)field->c_str(), field->size()); } /* Finalize the hash value */ crypto_generichash_final(&state, hash, sizeof hash); /* Binary => Hex string conversion */ const size_t hexlen = crypto_generichash_BYTES_MIN * 2 + 1; char hexval[hexlen]; sodium_bin2hex(hexval, hexlen, hash, sizeof hash); const std::string hash_string(hexval, hexlen - 1); return std::move(hash_string); }
//SHA-1 hash function bool __fastcall SHA1_Hash( FILE *Input) { //Parameters check if (HashFamilyID != HASH_ID_SHA1 || Input == nullptr) { fwprintf_s(stderr, L"Parameters error.\n"); return false; } //Initialization std::shared_ptr<char> Buffer(new char[FILE_BUFFER_SIZE]()), StringBuffer(new char[FILE_BUFFER_SIZE]()); auto HashInstance = std::make_shared<SHA1_State>(); memset(Buffer.get(), 0, FILE_BUFFER_SIZE); memset(StringBuffer.get(), 0, FILE_BUFFER_SIZE); memset(HashInstance.get(), 0, sizeof(SHA1_State)); size_t ReadLength = 0; //SHA-1 initialization SHA1_Init(HashInstance.get()); //Hash process while (!feof(Input)) { memset(Buffer.get(), 0, FILE_BUFFER_SIZE); ReadLength = fread_s(Buffer.get(), FILE_BUFFER_SIZE, sizeof(char), FILE_BUFFER_SIZE, Input); if (ReadLength == 0 && errno == EINVAL) { fwprintf_s(stderr, L"Hash process error.\n"); return false; } else { SHA1_Process(HashInstance.get(), (uint8_t *)Buffer.get(), (unsigned long)ReadLength); } } //Binary to hex memset(Buffer.get(), 0, FILE_BUFFER_SIZE); SHA1_Done(HashInstance.get(), (uint8_t *)Buffer.get()); if (sodium_bin2hex(StringBuffer.get(), FILE_BUFFER_SIZE, (const unsigned char *)Buffer.get(), SHA1_SIZE_DIGEST) == nullptr) { fwprintf_s(stderr, L"Convert binary to hex error.\n"); return false; } else { //Print to screen. std::string HashResult = StringBuffer.get(); CaseConvert(true, HashResult); for (size_t Index = 0;Index < HashResult.length();++Index) fwprintf_s(stderr, L"%c", HashResult.c_str()[Index]); fwprintf_s(stderr, L"\n"); } return true; }
void print_secretkey(FILE *stream, const Tox *tox) { uint8_t secret_keybin[TOX_SECRET_KEY_SIZE]; char secret_keyhex[TOX_ADDRESS_SIZE * 2 + 1]; tox_self_get_secret_key(tox, secret_keybin); sodium_bin2hex(secret_keyhex, sizeof(secret_keyhex), secret_keybin, TOX_SECRET_KEY_SIZE); for (size_t i = 0; i < sizeof(secret_keyhex) - 1; i++) { secret_keyhex[i] = toupper(secret_keyhex[i]); } fprintf(stream, "Secret key : %s\n",secret_keyhex); }
int main () { unsigned char hash[crypto_generichash_BYTES + 1] = {0}; unsigned char minhash[crypto_generichash_BYTES_MIN + 1] = {0}; unsigned char maxhash[crypto_generichash_BYTES_MAX + 1] = {0}; unsigned char key[crypto_generichash_KEYBYTES] = "123456789 123456789 123456789 12"; if (sodium_init() != 0) { return -1; } size_t min_hex_maxlen = crypto_generichash_BYTES_MIN * 2 + 1; size_t std_hex_maxlen = crypto_generichash_BYTES * 2 + 1; size_t max_hex_maxlen = crypto_generichash_BYTES_MAX * 2 + 1; unsigned char min_hex[min_hex_maxlen]; unsigned char std_hex[std_hex_maxlen]; unsigned char max_hex[max_hex_maxlen]; printf ("text: %s\n", MESSAGE); crypto_generichash(minhash, crypto_generichash_BYTES_MIN, MESSAGE, MESSAGE_LEN, NULL, 0); sodium_bin2hex (min_hex, min_hex_maxlen, minhash, crypto_generichash_BYTES_MIN); printf ("min hash: %s\n", min_hex); printf ("hash length is %d\n", strlen (minhash)); crypto_generichash(hash, crypto_generichash_BYTES, MESSAGE, MESSAGE_LEN, NULL, 0); sodium_bin2hex (std_hex, std_hex_maxlen, hash, crypto_generichash_BYTES); printf ("\nstd hash: %s\n", std_hex); printf ("hash length is %d\n", strlen (hash)); crypto_generichash(maxhash, crypto_generichash_BYTES_MAX, MESSAGE, MESSAGE_LEN, NULL, 0); sodium_bin2hex (max_hex, max_hex_maxlen, maxhash, crypto_generichash_BYTES_MAX); printf ("\nmax hash: %s\n", max_hex); printf ("hash length is %d\n", strlen (maxhash)); crypto_generichash(minhash, crypto_generichash_BYTES_MIN, MESSAGE, MESSAGE_LEN, key, sizeof key); sodium_bin2hex (min_hex, min_hex_maxlen, minhash, crypto_generichash_BYTES_MIN); printf ("\nkeyed min hash: %s\n", min_hex); crypto_generichash(hash, crypto_generichash_BYTES, MESSAGE, MESSAGE_LEN, key, sizeof key); sodium_bin2hex (std_hex, std_hex_maxlen, hash, crypto_generichash_BYTES); printf ("keyed std hash: %s\n", std_hex); crypto_generichash(maxhash, crypto_generichash_BYTES_MAX, MESSAGE, MESSAGE_LEN, key, sizeof key); sodium_bin2hex (max_hex, max_hex_maxlen, maxhash, crypto_generichash_BYTES_MAX); printf ("keyed max hash: %s\n", max_hex); return 0; }
static void tv2(void) { static struct { const char *passwd_hex; size_t passwdlen; const char *salt_hex; size_t outlen; unsigned long long opslimit; size_t memlimit; unsigned int lanes; } tests[] = { { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0" "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d" "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5" "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", 127, "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", 155, 4, 1397645, 1 }, { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0" "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d" "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5" "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", 127, "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", 155, 3, 1397645, 1 }, }; char passwd[256]; unsigned char salt[crypto_pwhash_SALTBYTES]; unsigned char out[256]; char out_hex[256 * 2 + 1]; size_t i = 0U; do { sodium_hex2bin((unsigned char *)passwd, sizeof passwd, tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL, NULL, NULL); sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex, strlen(tests[i].salt_hex), NULL, NULL, NULL); if (crypto_pwhash( out, (unsigned long long) tests[i].outlen, passwd, tests[i].passwdlen, (const unsigned char *) salt, tests[i].opslimit, tests[i].memlimit) != 0) { printf("pwhash failure\n"); } sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen); printf("%s\n", out_hex); } while (++i < (sizeof tests) / (sizeof tests[0])); }
static char * to_hex(const void *bin, const size_t bin_len) { char *hex; size_t hex_size; if (bin_len >= SIZE_MAX / 2) { abort(); } hex_size = bin_len * 2 + 1; if ((hex = malloc(hex_size)) == NULL) { abort(); } if (sodium_bin2hex(hex, hex_size, bin, bin_len) == NULL) { abort(); } return hex; }
int main(void) { unsigned char buf1[1000]; unsigned char buf2[1000]; char buf3[33]; randombytes(buf1, sizeof buf1); memcpy(buf2, buf1, sizeof buf2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); sodium_memzero(buf1, 0U); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); sodium_memzero(buf1, sizeof buf1 / 2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); printf("%d\n", sodium_memcmp(buf1, buf2, 0U)); sodium_memzero(buf2, sizeof buf2 / 2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); printf("%s\n", sodium_bin2hex(buf3, 33U, (const unsigned char *) "0123456789ABCDEF", 16U)); return 0; }
void client_info_update(const Tox *apptox, struct client_info *own_info) { size_t name_size; size_t status_message_size; name_size = tox_self_get_name_size(apptox); own_info->name = realloc(own_info->name, name_size * sizeof(uint8_t) + 1); tox_self_get_name(apptox, own_info->name); own_info->name[name_size] = '\0'; tox_self_get_address(apptox, own_info->tox_id_bin); sodium_bin2hex(own_info->tox_id_hex, sizeof(own_info->tox_id_hex), own_info->tox_id_bin, sizeof(own_info->tox_id_bin)); for (size_t i = 0; i < sizeof(own_info->tox_id_hex) - 1; i++) { own_info->tox_id_hex[i] = toupper(own_info->tox_id_hex[i]); } own_info->connect = tox_self_get_connection_status(apptox); status_message_size = tox_self_get_status_message_size(apptox); own_info->status_message = realloc(own_info->status_message, status_message_size * sizeof(uint8_t) + 1); tox_self_get_status_message(apptox, own_info->status_message); own_info->status_message[status_message_size] = '\0'; }
/* return value needs to be freed */ char *human_readable_id(uint8_t *address, uint16_t length) { char id[length * 2 + 1]; sodium_bin2hex(id, sizeof(id),address, length); return strdup(id); }
const char *checksum_compute(void) { long long i; long long j; for (j = 0;j < crypto_secretbox_ZEROBYTES;++j) m[j] = 0; for (i = 0;i < CHECKSUM_BYTES;++i) { long long mlen = i + crypto_secretbox_ZEROBYTES; long long tlen = i + crypto_secretbox_ZEROBYTES; long long clen = i + crypto_secretbox_ZEROBYTES; for (j = -16;j < 0;++j) k[j] = rand(); for (j = -16;j < 0;++j) n[j] = rand(); for (j = -16;j < 0;++j) m[j] = rand(); for (j = klen;j < klen + 16;++j) k[j] = rand(); for (j = nlen;j < nlen + 16;++j) n[j] = rand(); for (j = mlen;j < mlen + 16;++j) m[j] = rand(); for (j = -16;j < klen + 16;++j) k2[j] = k[j]; for (j = -16;j < nlen + 16;++j) n2[j] = n[j]; for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; for (j = -16;j < clen + 16;++j) c2[j] = c[j] = rand(); if (crypto_secretbox(c,m,mlen,n,k) != 0) return "crypto_secretbox returns nonzero"; for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_secretbox overwrites m"; for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_secretbox overwrites n"; for (j = -16;j < klen + 16;++j) if (k2[j] != k[j]) return "crypto_secretbox overwrites k"; for (j = -16;j < 0;++j) if (c2[j] != c[j]) return "crypto_secretbox writes before output"; for (j = clen;j < clen + 16;++j) if (c2[j] != c[j]) return "crypto_secretbox writes after output"; for (j = 0;j < crypto_secretbox_BOXZEROBYTES;++j) if (c[j] != 0) return "crypto_secretbox does not clear extra bytes"; for (j = -16;j < 0;++j) c[j] = rand(); for (j = clen;j < clen + 16;++j) c[j] = rand(); for (j = -16;j < clen + 16;++j) c2[j] = c[j]; for (j = -16;j < tlen + 16;++j) t2[j] = t[j] = rand(); if (crypto_secretbox_open(t,c,clen,n,k) != 0) return "crypto_secretbox_open returns nonzero"; for (j = -16;j < clen + 16;++j) if (c2[j] != c[j]) return "crypto_secretbox_open overwrites c"; for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_secretbox_open overwrites n"; for (j = -16;j < klen + 16;++j) if (k2[j] != k[j]) return "crypto_secretbox_open overwrites k"; for (j = -16;j < 0;++j) if (t2[j] != t[j]) return "crypto_secretbox_open writes before output"; for (j = tlen;j < tlen + 16;++j) if (t2[j] != t[j]) return "crypto_secretbox_open writes after output"; for (j = 0;j < crypto_secretbox_ZEROBYTES;++j) if (t[j] != 0) return "crypto_secretbox_open does not clear extra bytes"; for (j = 0;j < i;++j) if (t[j] != m[j]) return "plaintext does not match"; for (j = 0;j < i;++j) k[j % klen] ^= c[j + crypto_secretbox_BOXZEROBYTES]; crypto_secretbox(c,m,mlen,n,k); for (j = 0;j < i;++j) n[j % nlen] ^= c[j + crypto_secretbox_BOXZEROBYTES]; crypto_secretbox(c,m,mlen,n,k); if (i == 0) m[crypto_secretbox_ZEROBYTES + 0] = 0; m[crypto_secretbox_ZEROBYTES + i] = m[crypto_secretbox_ZEROBYTES + 0]; for (j = 0;j < i;++j) m[j + crypto_secretbox_ZEROBYTES] ^= c[j + crypto_secretbox_BOXZEROBYTES]; } sodium_bin2hex(checksum, sizeof checksum, k, klen); return 0; }
const char *checksum_compute(void) { long long i; long long j; for (i = 0; i < CHECKSUM_BYTES; ++i) { long long mlen = i; long long klen = crypto_auth_KEYBYTES; long long hlen = crypto_auth_BYTES; for (j = -16; j < 0; ++j) h[j] = rand(); for (j = -16; j < 0; ++j) k[j] = rand(); for (j = -16; j < 0; ++j) m[j] = rand(); for (j = hlen; j < hlen + 16; ++j) h[j] = rand(); for (j = klen; j < klen + 16; ++j) k[j] = rand(); for (j = mlen; j < mlen + 16; ++j) m[j] = rand(); for (j = -16; j < hlen + 16; ++j) h2[j] = h[j]; for (j = -16; j < klen + 16; ++j) k2[j] = k[j]; for (j = -16; j < mlen + 16; ++j) m2[j] = m[j]; if (crypto_auth(h,m,mlen,k) != 0) return "crypto_auth returns nonzero"; for (j = -16; j < klen + 16; ++j) if (k[j] != k2[j]) return "crypto_auth overwrites k"; for (j = -16; j < mlen + 16; ++j) if (m[j] != m2[j]) return "crypto_auth overwrites m"; for (j = -16; j < 0; ++j) if (h[j] != h2[j]) return "crypto_auth writes before output"; for (j = hlen; j < hlen + 16; ++j) if (h[j] != h2[j]) return "crypto_auth writes after output"; for (j = -16; j < 0; ++j) h[j] = rand(); for (j = -16; j < 0; ++j) k[j] = rand(); for (j = -16; j < 0; ++j) m[j] = rand(); for (j = hlen; j < hlen + 16; ++j) h[j] = rand(); for (j = klen; j < klen + 16; ++j) k[j] = rand(); for (j = mlen; j < mlen + 16; ++j) m[j] = rand(); for (j = -16; j < hlen + 16; ++j) h2[j] = h[j]; for (j = -16; j < klen + 16; ++j) k2[j] = k[j]; for (j = -16; j < mlen + 16; ++j) m2[j] = m[j]; if (crypto_auth(m2,m2,mlen,k) != 0) return "crypto_auth returns nonzero"; for (j = 0; j < hlen; ++j) if (m2[j] != h[j]) return "crypto_auth does not handle m overlap"; for (j = 0; j < hlen; ++j) m2[j] = m[j]; if (crypto_auth(k2,m2,mlen,k2) != 0) return "crypto_auth returns nonzero"; for (j = 0; j < hlen; ++j) if (k2[j] != h[j]) return "crypto_auth does not handle k overlap"; for (j = 0; j < hlen; ++j) k2[j] = k[j]; if (crypto_auth_verify(h,m,mlen,k) != 0) return "crypto_auth_verify returns nonzero"; for (j = -16; j < hlen + 16; ++j) if (h[j] != h2[j]) return "crypto_auth overwrites h"; for (j = -16; j < klen + 16; ++j) if (k[j] != k2[j]) return "crypto_auth overwrites k"; for (j = -16; j < mlen + 16; ++j) if (m[j] != m2[j]) return "crypto_auth overwrites m"; crypto_hash_sha256(h2,h,hlen); for (j = 0; j < klen; ++j) k[j] ^= h2[j % 32]; if (crypto_auth(h,m,mlen,k) != 0) return "crypto_auth returns nonzero"; if (crypto_auth_verify(h,m,mlen,k) != 0) return "crypto_auth_verify returns nonzero"; crypto_hash_sha256(h2,h,hlen); for (j = 0; j < mlen; ++j) m[j] ^= h2[j % 32]; m[mlen] = h2[0]; } if (crypto_auth(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_auth returns nonzero"; if (crypto_auth_verify(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_auth_verify returns nonzero"; sodium_bin2hex(checksum, sizeof checksum, h, crypto_auth_BYTES); return 0; }
int main(void) { unsigned char buf1[1000]; unsigned char buf2[1000]; char buf3[33]; unsigned char buf4[4]; unsigned char nonce[24]; char nonce_hex[49]; const char *hex; const char *hex_end; size_t bin_len; int i; randombytes_buf(buf1, sizeof buf1); memcpy(buf2, buf1, sizeof buf2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); sodium_memzero(buf1, 0U); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); sodium_memzero(buf1, sizeof buf1 / 2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); printf("%d\n", sodium_memcmp(buf1, buf2, 0U)); sodium_memzero(buf2, sizeof buf2 / 2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); printf("%s\n", sodium_bin2hex(buf3, 33U, (const unsigned char *)"0123456789ABCDEF", 16U)); hex = "Cafe : 6942"; sodium_hex2bin(buf4, sizeof buf4, hex, strlen(hex), ": ", &bin_len, &hex_end); printf("%lu:%02x%02x%02x%02x\n", (unsigned long)bin_len, buf4[0], buf4[1], buf4[2], buf4[3]); printf("dt1: %ld\n", (long) (hex_end - hex)); hex = "Cafe : 6942"; sodium_hex2bin(buf4, sizeof buf4, hex, strlen(hex), ": ", &bin_len, NULL); printf("%lu:%02x%02x%02x%02x\n", (unsigned long)bin_len, buf4[2], buf4[3], buf4[2], buf4[3]); hex = "deadbeef"; if (sodium_hex2bin(buf1, 1U, hex, 8U, NULL, &bin_len, &hex_end) != -1) { printf("sodium_hex2bin() overflow not detected\n"); } printf("dt2: %ld\n", (long) (hex_end - hex)); hex = "de:ad:be:eff"; if (sodium_hex2bin(buf1, 4U, hex, 12U, ":", &bin_len, &hex_end) != -1) { printf("sodium_hex2bin() with an odd input length and a short output buffer\n"); } printf("dt3: %ld\n", (long) (hex_end - hex)); hex = "de:ad:be:eff"; if (sodium_hex2bin(buf1, sizeof buf1, hex, 12U, ":", &bin_len, &hex_end) != 0) { printf("sodium_hex2bin() with an odd input length\n"); } printf("dt4: %ld\n", (long) (hex_end - hex)); hex = "de:ad:be:eff"; if (sodium_hex2bin(buf1, sizeof buf1, hex, 13U, ":", &bin_len, &hex_end) != 0) { printf("sodium_hex2bin() with an odd input length\n"); } printf("dt5: %ld\n", (long) (hex_end - hex)); memset(nonce, 0, sizeof nonce); sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); memset(nonce, 255, sizeof nonce); sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); nonce[1] = 1U; sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); nonce[1] = 0U; sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); nonce[0] = 255U; nonce[2] = 255U; sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); for (i = 0; i < 1000; i++) { bin_len = (size_t) randombytes_uniform(sizeof buf1); randombytes_buf(buf1, bin_len); randombytes_buf(buf2, bin_len); if (memcmp(buf1, buf2, bin_len) * sodium_compare(buf1, buf2, bin_len) < 0) { printf("sodium_compare() failure with length=%u\n", (unsigned int) bin_len); } memcpy(buf1, buf2, bin_len); if (sodium_compare(buf1, buf2, bin_len)) { printf("sodium_compare() equality failure with length=%u\n", (unsigned int) bin_len); } } return 0; }
int wmain( _In_ int argc, _In_ wchar_t* argv[]) { #elif (defined(PLATFORM_LINUX) || defined(PLATFORM_MACX)) int main(int argc, char *argv[]) { #endif #if defined(ENABLE_LIBSODIUM) //Libsodium initialization if (sodium_init() != EXIT_SUCCESS) { wprintf_s(L"Libsodium initialization error\n"); #if defined(PLATFORM_WIN) system("Pause"); #endif return EXIT_FAILURE; } FILE *Output = nullptr; //Output. #if defined(PLATFORM_WIN) _wfopen_s(&Output, L"KeyPair.txt", L"w+,ccs=UTF-8"); #elif (defined(PLATFORM_LINUX) || defined(PLATFORM_MACX)) Output = fopen("KeyPair.txt", "w+"); #endif if (Output != nullptr) { //Initialization and make keypair. size_t Index = 0; std::shared_ptr<char> Buffer(new char[KEYPAIR_MESSAGE_LEN]()); std::shared_ptr<uint8_t> PublicKey(new uint8_t[crypto_box_PUBLICKEYBYTES]()), SecretKey(new uint8_t[crypto_box_SECRETKEYBYTES]()); memset(Buffer.get(), 0, KEYPAIR_MESSAGE_LEN); memset(PublicKey.get(), 0, crypto_box_PUBLICKEYBYTES); memset(SecretKey.get(), 0, crypto_box_SECRETKEYBYTES); crypto_box_keypair(PublicKey.get(), SecretKey.get()); //Write public key. memset(Buffer.get(), 0, KEYPAIR_MESSAGE_LEN); if (sodium_bin2hex(Buffer.get(), KEYPAIR_MESSAGE_LEN, PublicKey.get(), crypto_box_PUBLICKEYBYTES) == nullptr) wprintf_s(L"Create ramdom key pair failed, please try again.\n"); CaseConvert(true, Buffer.get(), KEYPAIR_MESSAGE_LEN); fwprintf_s(Output, L"Client Public Key = "); for (Index = 0;Index < strnlen_s(Buffer.get(), KEYPAIR_MESSAGE_LEN);++Index) { if (Index > 0 && Index % KEYPAIR_INTERVAL == 0 && Index + 1U < strnlen_s(Buffer.get(), KEYPAIR_MESSAGE_LEN)) fwprintf_s(Output, L":"); fwprintf_s(Output, L"%c", Buffer.get()[Index]); } memset(Buffer.get(), 0, KEYPAIR_MESSAGE_LEN); fwprintf_s(Output, L"\n"); //Write secret key. if (sodium_bin2hex(Buffer.get(), KEYPAIR_MESSAGE_LEN, SecretKey.get(), crypto_box_SECRETKEYBYTES) == nullptr) wprintf_s(L"Create ramdom key pair failed, please try again.\n"); CaseConvert(true, Buffer.get(), KEYPAIR_MESSAGE_LEN); fwprintf_s(Output, L"Client Secret Key = "); for (Index = 0;Index < strnlen_s(Buffer.get(), KEYPAIR_MESSAGE_LEN);++Index) { if (Index > 0 && Index % KEYPAIR_INTERVAL == 0 && Index + 1U < strnlen_s(Buffer.get(), KEYPAIR_MESSAGE_LEN)) fwprintf_s(Output, L":"); fwprintf_s(Output, L"%c", Buffer.get()[Index]); } fwprintf_s(Output, L"\n"); //Close file. fclose(Output); } else { wprintf_s(L"Cannot create target file(KeyPair.txt)\n"); #if defined(PLATFORM_WIN) system("Pause"); #endif return EXIT_FAILURE; } wprintf_s(L"Create ramdom key pair success, please check KeyPair.txt.\n\n"); #if defined(PLATFORM_WIN) system("Pause"); #endif #else #if defined(PLATFORM_WIN) wprintf_s(L"LibSodium is disable.\n\n"); system("Pause"); #elif (defined(PLATFORM_LINUX) || defined(PLATFORM_MACX)) wprintf(L"LibSodium is disable.\n\n"); #endif #endif return EXIT_SUCCESS; } //Convert lowercase/uppercase words to uppercase/lowercase words(Character version) #if defined(ENABLE_LIBSODIUM) void __fastcall CaseConvert( _In_ const bool IsLowerToUpper, _Inout_ char *Buffer, _In_ const size_t Length) { for (size_t Index = 0;Index < Length;++Index) { //Lowercase to uppercase if (IsLowerToUpper) Buffer[Index] = (char)toupper(Buffer[Index]); //Uppercase to lowercase else Buffer[Index] = (char)tolower(Buffer[Index]); } return; }
const char *checksum_compute(void) { long long i; long long j; for (i = 0;i < CHECKSUM_BYTES;++i) { long long mlen = i; long long clen = i; long long slen = i; long long klen = crypto_stream_KEYBYTES; long long nlen = crypto_stream_NONCEBYTES; for (j = -16;j < 0;++j) m[j] = rand(); for (j = -16;j < 0;++j) c[j] = rand(); for (j = -16;j < 0;++j) s[j] = rand(); for (j = -16;j < 0;++j) n[j] = rand(); for (j = -16;j < 0;++j) k[j] = rand(); for (j = mlen;j < mlen + 16;++j) m[j] = rand(); for (j = clen;j < clen + 16;++j) c[j] = rand(); for (j = slen;j < slen + 16;++j) s[j] = rand(); for (j = nlen;j < nlen + 16;++j) n[j] = rand(); for (j = klen;j < klen + 16;++j) k[j] = rand(); for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; for (j = -16;j < clen + 16;++j) c2[j] = c[j]; for (j = -16;j < slen + 16;++j) s2[j] = s[j]; for (j = -16;j < nlen + 16;++j) n2[j] = n[j]; for (j = -16;j < klen + 16;++j) k2[j] = k[j]; crypto_stream_xor(c,m,mlen,n,k); for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_stream_xor overwrites m"; for (j = -16;j < slen + 16;++j) if (s[j] != s2[j]) return "crypto_stream_xor overwrites s"; for (j = -16;j < nlen + 16;++j) if (n[j] != n2[j]) return "crypto_stream_xor overwrites n"; for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_stream_xor overwrites k"; for (j = -16;j < 0;++j) if (c[j] != c2[j]) return "crypto_stream_xor writes before output"; for (j = clen;j < clen + 16;++j) if (c[j] != c2[j]) return "crypto_stream_xor writes after output"; for (j = -16;j < clen + 16;++j) c2[j] = c[j]; crypto_stream(s,slen,n,k); for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_stream overwrites m"; for (j = -16;j < clen + 16;++j) if (c[j] != c2[j]) return "crypto_stream overwrites c"; for (j = -16;j < nlen + 16;++j) if (n[j] != n2[j]) return "crypto_stream overwrites n"; for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_stream overwrites k"; for (j = -16;j < 0;++j) if (s[j] != s2[j]) return "crypto_stream writes before output"; for (j = slen;j < slen + 16;++j) if (s[j] != s2[j]) return "crypto_stream writes after output"; for (j = 0;j < mlen;++j) if ((s[j] ^ m[j]) != c[j]) return "crypto_stream_xor does not match crypto_stream"; for (j = 0;j < clen;++j) k[j % klen] ^= c[j]; crypto_stream_xor(m,c,clen,n,k); crypto_stream(s,slen,n,k); for (j = 0;j < mlen;++j) if ((s[j] ^ m[j]) != c[j]) return "crypto_stream_xor does not match crypto_stream"; for (j = 0;j < mlen;++j) n[j % nlen] ^= m[j]; m[mlen] = 0; } sodium_bin2hex(checksum, sizeof checksum, k, crypto_stream_KEYBYTES); return 0; }
//MD4 hash function bool __fastcall MD4_Hash( FILE *Input) { //Parameters check if ((HashFamilyID != HASH_ID_MD4 && HashFamilyID != HASH_ID_ED2K) || Input == nullptr) { fwprintf_s(stderr, L"Parameters error.\n"); return false; } //Initialization size_t ReadBlockSize = FILE_BUFFER_SIZE, ReadLength = 0, RoundCount = 0; if (HashFamilyID == HASH_ID_ED2K) ReadBlockSize = ED2K_SIZE_BLOCK; std::shared_ptr<char> Buffer(new char[ReadBlockSize]()), StringBuffer(new char[FILE_BUFFER_SIZE]()), BufferED2K(new char[MD4_SIZE_DIGEST]()); memset(Buffer.get(), 0, ReadBlockSize); memset(StringBuffer.get(), 0, FILE_BUFFER_SIZE); memset(BufferED2K.get(), 0, MD4_SIZE_DIGEST); MD4_CTX HashInstance, HashInstanceED2K; memset(&HashInstance, 0, sizeof(MD4_CTX)); memset(&HashInstanceED2K, 0, sizeof(MD4_CTX)); //MD4 initialization MD4_Init(&HashInstance); if (HashFamilyID == HASH_ID_ED2K) MD4_Init(&HashInstanceED2K); //Hash process while (!feof(Input)) { memset(Buffer.get(), 0, ReadBlockSize); _set_errno(0); ReadLength = fread_s(Buffer.get(), ReadBlockSize, sizeof(char), ReadBlockSize, Input); if (ReadLength == 0) { fwprintf_s(stderr, L"Hash process error"); if (errno > 0) fwprintf_s(stderr, L", error code is %d.\n", errno); else fwprintf_s(stderr, L".\n"); return false; } else { MD4_Update(&HashInstance, Buffer.get(), ReadLength); if (HashFamilyID == HASH_ID_ED2K) { MD4_Final((unsigned char *)Buffer.get(), &HashInstance); memcpy_s(BufferED2K.get(), MD4_SIZE_DIGEST, Buffer.get(), MD4_SIZE_DIGEST); MD4_Update(&HashInstanceED2K, Buffer.get(), MD4_SIZE_DIGEST); MD4_Init(&HashInstance); } ++RoundCount; } } //Binary to hex memset(Buffer.get(), 0, ReadBlockSize); if (HashFamilyID == HASH_ID_MD4) { MD4_Final((unsigned char *)Buffer.get(), &HashInstance); } else if (HashFamilyID == HASH_ID_ED2K) { if (RoundCount > 1U) MD4_Final((unsigned char *)Buffer.get(), &HashInstanceED2K); else memcpy_s(Buffer.get(), MD4_SIZE_DIGEST, BufferED2K.get(), MD4_SIZE_DIGEST); } else { return false; } if (sodium_bin2hex(StringBuffer.get(), FILE_BUFFER_SIZE, (const unsigned char *)Buffer.get(), MD4_SIZE_DIGEST) == nullptr) { fwprintf_s(stderr, L"Convert binary to hex error.\n"); return false; } else { //Print to screen. std::string HashResult = StringBuffer.get(); CaseConvert(true, HashResult); for (size_t Index = 0;Index < HashResult.length();++Index) fwprintf_s(stderr, L"%c", HashResult.c_str()[Index]); fwprintf_s(stderr, L"\n"); } return true; }
static void tv_kx(void) { unsigned char *seed; unsigned char *client_pk, *client_sk; unsigned char *client_rx, *client_tx; unsigned char *server_pk, *server_sk; unsigned char *server_rx, *server_tx; char hex[65]; int i; seed = (unsigned char *) sodium_malloc(crypto_kx_SEEDBYTES); for (i = 0; i < crypto_kx_SEEDBYTES; i++) { seed[i] = (unsigned char) i; } client_pk = (unsigned char *) sodium_malloc(crypto_kx_PUBLICKEYBYTES); client_sk = (unsigned char *) sodium_malloc(crypto_kx_SECRETKEYBYTES); crypto_kx_seed_keypair(client_pk, client_sk, seed); sodium_bin2hex(hex, sizeof hex, client_pk, crypto_kx_PUBLICKEYBYTES); printf("client_pk: [%s]\n", hex); sodium_bin2hex(hex, sizeof hex, client_sk, crypto_kx_SECRETKEYBYTES); printf("client_sk: [%s]\n", hex); server_pk = (unsigned char *) sodium_malloc(crypto_kx_PUBLICKEYBYTES); server_sk = (unsigned char *) sodium_malloc(crypto_kx_SECRETKEYBYTES); crypto_kx_keypair(server_pk, server_sk); client_rx = (unsigned char *) sodium_malloc(crypto_kx_SESSIONKEYBYTES); client_tx = (unsigned char *) sodium_malloc(crypto_kx_SESSIONKEYBYTES); assert(crypto_kx_client_session_keys(client_rx, client_tx, client_pk, client_sk, small_order_p) == -1); if (crypto_kx_client_session_keys(client_rx, client_tx, client_pk, client_sk, server_pk) != 0) { printf("crypto_kx_client_session_keys() failed\n"); } server_rx = (unsigned char *) sodium_malloc(crypto_kx_SESSIONKEYBYTES); server_tx = (unsigned char *) sodium_malloc(crypto_kx_SESSIONKEYBYTES); assert(crypto_kx_server_session_keys(server_rx, server_tx, server_pk, server_sk, small_order_p) == -1); if (crypto_kx_server_session_keys(server_rx, server_tx, server_pk, server_sk, client_pk) != 0) { printf("crypto_kx_server_session_keys() failed\n"); } if (memcmp(server_rx, client_tx, crypto_kx_SESSIONKEYBYTES) != 0 || memcmp(server_tx, client_rx, crypto_kx_SESSIONKEYBYTES) != 0) { printf("client session keys != server session keys\n"); } sodium_increment(client_pk, crypto_kx_PUBLICKEYBYTES); if (crypto_kx_server_session_keys(server_rx, server_tx, server_pk, server_sk, client_pk) != 0) { printf("crypto_kx_server_session_keys() failed\n"); } if (memcmp(server_rx, client_tx, crypto_kx_SESSIONKEYBYTES) == 0 && memcmp(server_tx, client_rx, crypto_kx_SESSIONKEYBYTES) == 0) { printf("peer's public key is ignored\n"); } crypto_kx_keypair(client_pk, client_sk); if (crypto_kx_server_session_keys(server_rx, server_tx, server_pk, server_sk, client_pk) != 0) { printf("crypto_kx_server_session_keys() failed\n"); } if (memcmp(server_rx, client_tx, crypto_kx_SESSIONKEYBYTES) == 0 || memcmp(server_tx, client_rx, crypto_kx_SESSIONKEYBYTES) == 0) { printf("session keys are constant\n"); } crypto_kx_seed_keypair(client_pk, client_sk, seed); sodium_increment(seed, crypto_kx_SEEDBYTES); crypto_kx_seed_keypair(server_pk, server_sk, seed); if (crypto_kx_server_session_keys(server_rx, server_tx, server_pk, server_sk, client_pk) != 0) { printf("crypto_kx_server_session_keys() failed\n"); } sodium_bin2hex(hex, sizeof hex, server_rx, crypto_kx_SESSIONKEYBYTES); printf("server_rx: [%s]\n", hex); sodium_bin2hex(hex, sizeof hex, server_tx, crypto_kx_SESSIONKEYBYTES); printf("server_tx: [%s]\n", hex); if (crypto_kx_client_session_keys(client_rx, client_tx, client_pk, client_sk, server_pk) != 0) { printf("crypto_kx_client_session_keys() failed\n"); } sodium_bin2hex(hex, sizeof hex, client_rx, crypto_kx_SESSIONKEYBYTES); printf("client_rx: [%s]\n", hex); sodium_bin2hex(hex, sizeof hex, client_tx, crypto_kx_SESSIONKEYBYTES); printf("client_tx: [%s]\n", hex); randombytes_buf(client_rx, crypto_kx_SESSIONKEYBYTES); randombytes_buf(client_tx, crypto_kx_SESSIONKEYBYTES); randombytes_buf(server_rx, crypto_kx_SESSIONKEYBYTES); randombytes_buf(server_tx, crypto_kx_SESSIONKEYBYTES); if (crypto_kx_client_session_keys(client_rx, NULL, client_pk, client_sk, server_pk) != 0 || crypto_kx_client_session_keys(NULL, client_tx, client_pk, client_sk, server_pk) != 0 || crypto_kx_server_session_keys(server_rx, NULL, server_pk, server_sk, client_pk) != 0 || crypto_kx_server_session_keys(NULL, server_tx, server_pk, server_sk, client_pk) != 0) { printf("failure when one of the pointers happens to be NULL"); } assert(memcmp(client_rx, client_tx, crypto_kx_SESSIONKEYBYTES) == 0); assert(memcmp(client_tx, server_rx, crypto_kx_SESSIONKEYBYTES) == 0); assert(memcmp(server_rx, server_tx, crypto_kx_SESSIONKEYBYTES) == 0); sodium_free(client_rx); sodium_free(client_tx); sodium_free(server_rx); sodium_free(server_tx); sodium_free(server_sk); sodium_free(server_pk); sodium_free(client_sk); sodium_free(client_pk); sodium_free(seed); assert(strcmp(crypto_kx_primitive(), crypto_kx_PRIMITIVE) == 0); assert(crypto_kx_publickeybytes() == crypto_kx_PUBLICKEYBYTES); assert(crypto_kx_secretkeybytes() == crypto_kx_SECRETKEYBYTES); assert(crypto_kx_seedbytes() == crypto_kx_SEEDBYTES); assert(crypto_kx_sessionkeybytes() == crypto_kx_SESSIONKEYBYTES); printf("tv_kx: ok\n"); }
//MD2 hash function bool __fastcall MD2_Hash( FILE *Input) { //Parameters check if (HashFamilyID != HASH_ID_MD2 || Input == nullptr) { fwprintf_s(stderr, L"Parameters error.\n"); return false; } //Initialization std::shared_ptr<char> Buffer(new char[FILE_BUFFER_SIZE]()), StringBuffer(new char[FILE_BUFFER_SIZE]()); memset(Buffer.get(), 0, FILE_BUFFER_SIZE); memset(StringBuffer.get(), 0, FILE_BUFFER_SIZE); MD2_CTX HashInstance; memset(&HashInstance, 0, sizeof(MD2_CTX)); size_t ReadLength = 0; //MD2 initialization MD2_Init(&HashInstance); //Hash process while (!feof(Input)) { memset(Buffer.get(), 0, FILE_BUFFER_SIZE); _set_errno(0); ReadLength = fread_s(Buffer.get(), FILE_BUFFER_SIZE, sizeof(char), FILE_BUFFER_SIZE, Input); if (ReadLength == 0) { fwprintf_s(stderr, L"Hash process error"); if (errno > 0) fwprintf_s(stderr, L", error code is %d.\n", errno); else fwprintf_s(stderr, L".\n"); return false; } else { MD2_Update(&HashInstance, (uint8_t *)Buffer.get(), (uint32_t)ReadLength); } } //Binary to hex memset(Buffer.get(), 0, FILE_BUFFER_SIZE); MD2_Final(&HashInstance, (uint8_t *)Buffer.get()); if (sodium_bin2hex(StringBuffer.get(), FILE_BUFFER_SIZE, (const unsigned char *)Buffer.get(), MD2_DIGEST_SIZE) == nullptr) { fwprintf_s(stderr, L"Convert binary to hex error.\n"); return false; } else { //Print to screen. std::string HashResult = StringBuffer.get(); CaseConvert(true, HashResult); for (size_t Index = 0;Index < HashResult.length();++Index) fwprintf_s(stderr, L"%c", HashResult.c_str()[Index]); fwprintf_s(stderr, L"\n"); } return true; }
const char *checksum_compute(void) { long long i; long long j; long long tests; for (i = 0;i < mlen;++i) m[i] = i; for (i = 0;i < nlen;++i) n[i] = i + 1; for (i = 0;i < plen;++i) p[i] = i + 2; for (i = 0;i < qlen;++i) q[i] = i + 3; for (i = 0;i < rlen;++i) r[i] = i + 4; for (i = -16;i < 0;++i) p[i] = rand(); for (i = -16;i < 0;++i) n[i] = rand(); for (i = plen;i < plen + 16;++i) p[i] = rand(); for (i = nlen;i < nlen + 16;++i) n[i] = rand(); for (i = -16;i < plen + 16;++i) p2[i] = p[i]; for (i = -16;i < nlen + 16;++i) n2[i] = n[i]; if (crypto_scalarmult_base(p,n) != 0) return "crypto_scalarmult_base returns nonzero"; for (i = -16;i < nlen + 16;++i) if (n2[i] != n[i]) return "crypto_scalarmult_base overwrites input"; for (i = -16;i < 0;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes before output"; for (i = plen;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes after output"; for (tests = 0;tests < 100;++tests) { for (i = -16;i < 0;++i) q[i] = rand(); for (i = -16;i < 0;++i) p[i] = rand(); for (i = -16;i < 0;++i) m[i] = rand(); for (i = qlen;i < qlen + 16;++i) q[i] = rand(); for (i = plen;i < plen + 16;++i) p[i] = rand(); for (i = mlen;i < mlen + 16;++i) m[i] = rand(); for (i = -16;i < qlen + 16;++i) q2[i] = q[i]; for (i = -16;i < plen + 16;++i) p2[i] = p[i]; for (i = -16;i < mlen + 16;++i) m2[i] = m[i]; if (crypto_scalarmult(q,m,p) != 0) return "crypto_scalarmult returns nonzero"; for (i = -16;i < mlen + 16;++i) if (m2[i] != m[i]) return "crypto_scalarmult overwrites n input"; for (i = -16;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult overwrites p input"; for (i = -16;i < 0;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes before output"; for (i = qlen;i < qlen + 16;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes after output"; if (crypto_scalarmult(m2,m2,p) != 0) return "crypto_scalarmult returns nonzero"; for (i = 0;i < qlen;++i) if (q[i] != m2[i]) return "crypto_scalarmult does not handle n overlap"; for (i = 0;i < qlen;++i) m2[i] = m[i]; if (crypto_scalarmult(p2,m2,p2) != 0) return "crypto_scalarmult returns nonzero"; for (i = 0;i < qlen;++i) if (q[i] != p2[i]) return "crypto_scalarmult does not handle p overlap"; if (crypto_scalarmult(r,n,q) != 0) return "crypto_scalarmult returns nonzero"; if (crypto_scalarmult(q,n,p) != 0) return "crypto_scalarmult returns nonzero"; if (crypto_scalarmult(p,m,q) != 0) return "crypto_scalarmult returns nonzero"; for (j = 0;j < plen;++j) if (p[j] != r[j]) return "crypto_scalarmult not associative"; for (j = 0;j < mlen;++j) m[j] ^= q[j % qlen]; for (j = 0;j < nlen;++j) n[j] ^= p[j % plen]; } sodium_bin2hex(checksum, sizeof checksum, p, crypto_scalarmult_BYTES); return 0; }
void macaroon_bin2hex(const unsigned char* bin, size_t bin_sz, char* hex) { void* ptr = sodium_bin2hex(hex, bin_sz * 2, bin, bin_sz); assert(ptr == hex); }
static void tv_box_xchacha20poly1305(void) { char hex[65]; unsigned char *pk; unsigned char *sk; unsigned char *m; unsigned char *m2; unsigned char *mac; unsigned char *nonce; unsigned char *out; unsigned char *pc; unsigned char *seed; size_t m_len; int i; pk = (unsigned char *) sodium_malloc(crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES); sk = (unsigned char *) sodium_malloc(crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES); nonce = (unsigned char *) sodium_malloc(crypto_box_curve25519xchacha20poly1305_NONCEBYTES); mac = (unsigned char *) sodium_malloc(crypto_box_curve25519xchacha20poly1305_MACBYTES); pc = (unsigned char *) sodium_malloc(crypto_box_curve25519xchacha20poly1305_BEFORENMBYTES); for (i = 0; i < 10; i++) { m_len = (i == 0) ? 0 : randombytes_uniform(150); m = (unsigned char *) sodium_malloc(m_len); m2 = (unsigned char *) sodium_malloc(m_len); out = (unsigned char *) sodium_malloc (crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len); randombytes_buf(nonce, crypto_box_curve25519xchacha20poly1305_NONCEBYTES); randombytes_buf(m, m_len); assert(crypto_box_curve25519xchacha20poly1305_keypair(pk, sk) == 0); assert(crypto_box_curve25519xchacha20poly1305_easy(out, m, m_len, nonce, pk, sk) == 0); assert(crypto_box_curve25519xchacha20poly1305_open_easy (m2, out, crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len, nonce, pk, sk) == 0); assert(memcmp(m2, m, m_len) == 0); sodium_free(out); out = (unsigned char *) sodium_malloc (crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len); assert(crypto_box_curve25519xchacha20poly1305_beforenm(pc, pk, sk) == 0); assert(crypto_box_curve25519xchacha20poly1305_easy_afternm (out, m, m_len, nonce, pc) == 0); assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm (m2, out, crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len, nonce, pc) == 0); assert(memcmp(m2, m, m_len) == 0); sodium_free(out); out = (unsigned char *) sodium_malloc(m_len); assert(crypto_box_curve25519xchacha20poly1305_detached(out, mac, m, m_len, nonce, pk, sk) == 0); assert(crypto_box_curve25519xchacha20poly1305_open_detached (m2, out, mac, m_len, nonce, pk, sk) == 0); sodium_free(out); out = (unsigned char *) sodium_malloc(m_len); assert(crypto_box_curve25519xchacha20poly1305_detached_afternm (out, mac, m, m_len, nonce, pc) == 0); assert(crypto_box_curve25519xchacha20poly1305_open_detached_afternm (m2, out, mac, m_len, nonce, pc) == 0); sodium_free(out); sodium_free(m2); sodium_free(m); } sodium_free(pc); sodium_free(mac); sodium_free(nonce); seed = (unsigned char *) sodium_malloc (crypto_box_curve25519xchacha20poly1305_SEEDBYTES); for (i = 0; i < crypto_box_curve25519xchacha20poly1305_SEEDBYTES; i++) { seed[i] = i; } crypto_box_curve25519xchacha20poly1305_seed_keypair(pk, sk, seed); sodium_bin2hex(hex, sizeof hex, pk, crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES); assert(strcmp(hex, "4701d08488451f545a409fb58ae3e58581ca40ac3f7f114698cd71deac73ca01") == 0); sodium_bin2hex(hex, sizeof hex, sk, crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES); assert(strcmp(hex, "3d94eea49c580aef816935762be049559d6d1440dede12e6a125f1841fff8e6f") == 0); sodium_free(seed); sodium_free(sk); sodium_free(pk); assert(crypto_box_curve25519xchacha20poly1305_seedbytes() == crypto_box_curve25519xchacha20poly1305_SEEDBYTES); assert(crypto_box_curve25519xchacha20poly1305_publickeybytes() == crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES); assert(crypto_box_curve25519xchacha20poly1305_secretkeybytes() == crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES); assert(crypto_box_curve25519xchacha20poly1305_beforenmbytes() == crypto_box_curve25519xchacha20poly1305_BEFORENMBYTES); assert(crypto_box_curve25519xchacha20poly1305_noncebytes() == crypto_box_curve25519xchacha20poly1305_NONCEBYTES); printf("tv_box_xchacha20poly1305: ok\n"); }
void cpn_sign_pk_hex_from_key(struct cpn_sign_pk_hex *out, const struct cpn_sign_pk *key) { sodium_bin2hex(out->data, sizeof(out->data), key->data, sizeof(key->data)); }
static void tv(void) { static struct { const char *passwd_hex; size_t passwdlen; const char *salt_hex; size_t outlen; unsigned long long opslimit; size_t memlimit; } tests[] = { { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0" "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d" "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5" "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", 127, "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", 155, 481326, 7256678 }, { "e125cee61c8cb7778d9e5ad0a6f5d978ce9f84de213a8556d9ffe202020ab4a6ed" "9074a4eb3416f9b168f137510f3a30b70b96cbfa219ff99f6c6eaffb15c06b60e0" "0cc2890277f0fd3c622115772f7048adaebed86e", 86, "f1192dd5dc2368b9cd421338b22433455ee0a3699f9379a08b9650ea2c126f0d", 250, 535778, 7849083 }, { "92263cbf6ac376499f68a4289d3bb59e5a22335eba63a32e6410249155b956b6a3" "b48d4a44906b18b897127300b375b8f834f1ceffc70880a885f47c33876717e392" "be57f7da3ae58da4fd1f43daa7e44bb82d3717af4319349c24cd31e46d295856b0" "441b6b289992a11ced1cc3bf3011604590244a3eb737ff221129215e4e4347f491" "5d41292b5173d196eb9add693be5319fdadc242906178bb6c0286c9b6ca6012746" "711f58c8c392016b2fdfc09c64f0f6b6ab7b", 183, "3b840e20e9555e9fb031c4ba1f1747ce25cc1d0ff664be676b9b4a90641ff194", 249, 311757, 7994791 }, { "027b6d8e8c8c474e9b69c7d9ed4f9971e8e1ce2f6ba95048414c3970f0f09b70e3" "b6c5ae05872b3d8678705b7d381829c351a5a9c88c233569b35d6b0b809df44b64" "51a9c273f1150e2ef8a0b5437eb701e373474cd44b97ef0248ebce2ca0400e1b53" "f3d86221eca3f18eb45b702b9172440f774a82cbf1f6f525df30a6e293c873cce6" "9bb078ed1f0d31e7f9b8062409f37f19f8550aae", 152, "eb2a3056a09ad2d7d7f975bcd707598f24cd32518cde3069f2e403b34bfee8a5", 5, 643464, 1397645 }, { "4a857e2ee8aa9b6056f2424e84d24a72473378906ee04a46cb05311502d5250b82" "ad86b83c8f20a23dbb74f6da60b0b6ecffd67134d45946ac8ebfb3064294bc097d" "43ced68642bfb8bbbdd0f50b30118f5e", 82, "39d82eef32010b8b79cc5ba88ed539fbaba741100f2edbeca7cc171ffeabf258", 190, 758010, 5432947 }, { "1845e375479537e9dd4f4486d5c91ac72775d66605eeb11a787b78a7745f1fd005" "2d526c67235dbae1b2a4d575a74cb551c8e9096c593a497aee74ba3047d911358e" "de57bc27c9ea1829824348daaab606217cc931dcb6627787bd6e4e5854f0e8", 97, "3ee91a805aa62cfbe8dce29a2d9a44373a5006f4a4ce24022aca9cecb29d1473", 212, 233177, 13101817 }, { "c7b09aec680e7b42fedd7fc792e78b2f6c1bea8f4a884320b648f81e8cf515e8ba" "9dcfb11d43c4aae114c1734aa69ca82d44998365db9c93744fa28b63fd16000e82" "61cbbe083e7e2da1e5f696bde0834fe53146d7e0e35e7de9920d041f5a5621aabe" "02da3e2b09b405b77937efef3197bd5772e41fdb73fb5294478e45208063b5f58e" "089dbeb6d6342a909c1307b3fff5fe2cf4da56bdae50848f", 156, "039c056d933b475032777edbaffac50f143f64c123329ed9cf59e3b65d3f43b6", 178, 234753, 4886999 }, { "8f3a06e2fd8711350a517bb12e31f3d3423e8dc0bb14aac8240fca0995938d59bb" "37bd0a7dfc9c9cc0705684b46612e8c8b1d6655fb0f9887562bb9899791a0250d1" "320f945eda48cdc20c233f40a5bb0a7e3ac5ad7250ce684f68fc0b8c9633bfd75a" "ad116525af7bdcdbbdb4e00ab163fd4df08f243f12557e", 122, "90631f686a8c3dbc0703ffa353bc1fdf35774568ac62406f98a13ed8f47595fd", 55, 695191, 15738350 }, { "b540beb016a5366524d4605156493f9874514a5aa58818cd0c6dfffaa9e90205f1" "7b", 34, "44071f6d181561670bda728d43fb79b443bb805afdebaf98622b5165e01b15fb", 231, 78652, 6631659 }, { "a14975c26c088755a8b715ff2528d647cd343987fcf4aa25e7194a8417fb2b4b3f" "7268da9f3182b4cfb22d138b2749d673a47ecc7525dd15a0a3c66046971784bb63" "d7eae24cc84f2631712075a10e10a96b0e0ee67c43e01c423cb9c44e5371017e9c" "496956b632158da3fe12addecb88912e6759bc37f9af2f45af72c5cae3b179ffb6" "76a697de6ebe45cd4c16d4a9d642d29ddc0186a0a48cb6cd62bfc3dd229d313b30" "1560971e740e2cf1f99a9a090a5b283f35475057e96d7064e2e0fc81984591068d" "55a3b4169f22cccb0745a2689407ea1901a0a766eb99", 220, "3d968b2752b8838431165059319f3ff8910b7b8ecb54ea01d3f54769e9d98daf", 167, 717248, 10784179 }, }; char passwd[256]; unsigned char salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; unsigned char out[256]; char out_hex[256 * 2 + 1]; size_t i = 0U; do { sodium_hex2bin((unsigned char *) passwd, sizeof passwd, tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL, NULL, NULL); sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex, strlen(tests[i].salt_hex), NULL, NULL, NULL); if (crypto_pwhash_scryptsalsa208sha256( out, (unsigned long long) tests[i].outlen, passwd, tests[i].passwdlen, (const unsigned char *) salt, tests[i].opslimit, tests[i].memlimit) != 0) { printf("pwhash failure\n"); } sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen); printf("%s\n", out_hex); } while (++i < (sizeof tests) / (sizeof tests[0])); }
static void tv_ietf(void) { static struct { const char *key_hex; const char *nonce_hex; uint32_t ic; } tests[] = { { "0000000000000000000000000000000000000000000000000000000000000000", "000000000000000000000000", 0U }, { "0000000000000000000000000000000000000000000000000000000000000000", "000000000000000000000000", 1U }, { "0000000000000000000000000000000000000000000000000000000000000001", "000000000000000000000000", 1U }, { "00ff000000000000000000000000000000000000000000000000000000000000", "000000000000000000000000", 2U }, { "0000000000000000000000000000000000000000000000000000000000000000", "000000000000000000000002", 0U }, { "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "000000090000004a00000000", 1U }}; unsigned char key[crypto_stream_chacha20_KEYBYTES]; unsigned char nonce[crypto_stream_chacha20_IETF_NONCEBYTES]; unsigned char *part; unsigned char out[160]; unsigned char zero[160]; char out_hex[160 * 2 + 1]; size_t i = 0U; size_t plen; memset(zero, 0, sizeof zero); do { sodium_hex2bin((unsigned char *)key, sizeof key, tests[i].key_hex, strlen(tests[i].key_hex), ": ", NULL, NULL); sodium_hex2bin(nonce, sizeof nonce, tests[i].nonce_hex, strlen(tests[i].nonce_hex), ": ", NULL, NULL); memset(out, 0, sizeof out); crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, tests[i].ic, key); sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); printf("[%s]\n", out_hex); for (plen = 1U; plen < sizeof out; plen++) { part = (unsigned char *) sodium_malloc(plen); crypto_stream_chacha20_ietf_xor_ic(part, out, plen, nonce, tests[i].ic, key); if (memcmp(part, zero, plen) != 0) { printf("Failed with length %lu\n", (unsigned long) plen); } sodium_free(part); } } while (++i < (sizeof tests) / (sizeof tests[0])); randombytes_buf(out, sizeof out); crypto_stream_chacha20_ietf(out, sizeof out, nonce, key); sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); printf("[%s]\n", out_hex); assert(crypto_stream_chacha20_ietf(out, 0U, nonce, key) == 0); assert(crypto_stream_chacha20_ietf_xor(out, out, 0U, nonce, key) == 0); assert(crypto_stream_chacha20_ietf_xor(out, out, 0U, nonce, key) == 0); assert(crypto_stream_chacha20_ietf_xor_ic(out, out, 0U, nonce, 1U, key) == 0); memset(out, 0x42, sizeof out); crypto_stream_chacha20_ietf_xor(out, out, sizeof out, nonce, key); sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); printf("[%s]\n", out_hex); crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, 0U, key); sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); printf("[%s]\n", out_hex); crypto_stream_chacha20_ietf_xor_ic(out, out, sizeof out, nonce, 1U, key); sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); printf("[%s]\n", out_hex); };
static void tv2(void) { static struct { const char * passwd_hex; size_t passwd_len; const char * salt_hex; size_t outlen; unsigned long long opslimit; size_t memlimit; unsigned int lanes; } tests[] = { { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0" "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d" "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5" "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", 127, "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", 155, 4, 397645, 1 }, { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0" "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d" "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5" "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", 127, "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", 155, 3, 397645, 1 }, }; char passwd[256]; unsigned char salt[crypto_pwhash_SALTBYTES]; unsigned char out[256]; char out_hex[256 * 2 + 1]; size_t i = 0U; do { sodium_hex2bin((unsigned char *) passwd, sizeof passwd, tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL, NULL, NULL); sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex, strlen(tests[i].salt_hex), NULL, NULL, NULL); if (crypto_pwhash(out, (unsigned long long) tests[i].outlen, passwd, tests[i].passwd_len, (const unsigned char *) salt, tests[i].opslimit, tests[i].memlimit, crypto_pwhash_alg_default()) != 0) { printf("[tv2] pwhash failure: [%u]\n", (unsigned int) i); continue; } sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen); printf("%s\n", out_hex); } while (++i < (sizeof tests) / (sizeof tests[0])); if (crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, 3, 1ULL << 12, 0) != -1) { printf("[tv2] pwhash should have failed (0)\n"); } if (crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, 3, 1, crypto_pwhash_argon2id_alg_argon2id13()) != -1) { printf("[tv2] pwhash should have failed (1)\n"); } if (crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, 3, 1ULL << 12, crypto_pwhash_argon2id_alg_argon2id13()) != -1) { printf("[tv2] pwhash should have failed (2)\n"); } if (crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, 2, 1ULL << 12, crypto_pwhash_argon2id_alg_argon2id13()) != -1) { printf("[tv2] pwhash should have failed (3)\n"); } if (crypto_pwhash_argon2id(out, 15, "password", strlen("password"), salt, 3, 1ULL << 12, crypto_pwhash_argon2id_alg_argon2id13()) != -1) { printf("[tv2] pwhash with a short output length should have failed\n"); } if (crypto_pwhash_argon2id(out, sizeof out, "password", 0x100000000ULL, salt, 3, 1ULL << 12, crypto_pwhash_argon2id_alg_argon2id13()) != -1) { printf("[tv2] pwhash with a long password length should have failed\n"); } assert(crypto_pwhash_argon2id(out, sizeof out, "password", strlen("password"), salt, OPSLIMIT, MEMLIMIT, crypto_pwhash_alg_argon2i13()) == -1); }
static void tv_stream_xchacha20(void) { static const XChaCha20TV tvs[] = { { "79c99798ac67300bbb2704c95c341e3245f3dcb21761b98e52ff45b24f304fc4", "b33ffd3096479bcfbc9aee49417688a0a2554f8d95389419", "c6e9758160083ac604ef90e712ce6e75d7797590744e0cf060f013739c" }, { "ddf7784fee099612c40700862189d0397fcc4cc4b3cc02b5456b3a97d1186173", "a9a04491e7bf00c3ca91ac7c2d38a777d88993a7047dfcc4", "2f289d371f6f0abc3cb60d11d9b7b29adf6bc5ad843e8493e928448d" }, { "3d12800e7b014e88d68a73f0a95b04b435719936feba60473f02a9e61ae60682", "56bed2599eac99fb27ebf4ffcb770a64772dec4d5849ea2d", "a2c3c1406f33c054a92760a8e0666b84f84fa3a618f0" }, { "5f5763ff9a30c95da5c9f2a8dfd7cc6efd9dfb431812c075aa3e4f32e04f53e4", "a5fa890efa3b9a034d377926ce0e08ee6d7faccaee41b771", "8a1a5ba898bdbcff602b1036e469a18a5e45789d0e8d9837d81a2388a52b0b6a0f51891528f424c4a7f492a8dd7bce8bac19fbdbe1fb379ac0" }, { "eadc0e27f77113b5241f8ca9d6f9a5e7f09eee68d8a5cf30700563bf01060b4e", "a171a4ef3fde7c4794c5b86170dc5a099b478f1b852f7b64", "23839f61795c3cdbcee2c749a92543baeeea3cbb721402aa42e6cae140447575f2916c5d71108e3b13357eaf86f060cb" }, { "91319c9545c7c804ba6b712e22294c386fe31c4ff3d278827637b959d3dbaab2", "410e854b2a911f174aaf1a56540fc3855851f41c65967a4e", "cbe7d24177119b7fdfa8b06ee04dade4256ba7d35ffda6b89f014e479faef6" }, { "6a6d3f412fc86c4450fc31f89f64ed46baa3256ffcf8616e8c23a06c422842b6", "6b7773fce3c2546a5db4829f53a9165f41b08faae2fb72d5", "8b23e35b3cdd5f3f75525fc37960ec2b68918e8c046d8a832b9838f1546be662e54feb1203e2" }, { "d45e56368ebc7ba9be7c55cfd2da0feb633c1d86cab67cd5627514fd20c2b391", "fd37da2db31e0c738754463edadc7dafb0833bd45da497fc", "47950efa8217e3dec437454bd6b6a80a287e2570f0a48b3fa1ea3eb868be3d486f6516606d85e5643becc473b370871ab9ef8e2a728f73b92bd98e6e26ea7c8ff96ec5a9e8de95e1eee9300c" }, { "aface41a64a9a40cbc604d42bd363523bd762eb717f3e08fe2e0b4611eb4dcf3", "6906e0383b895ab9f1cf3803f42f27c79ad47b681c552c63", "a5fa7c0190792ee17675d52ad7570f1fb0892239c76d6e802c26b5b3544d13151e67513b8aaa1ac5af2d7fd0d5e4216964324838" }, { "9d23bd4149cb979ccf3c5c94dd217e9808cb0e50cd0f67812235eaaf601d6232", "c047548266b7c370d33566a2425cbf30d82d1eaf5294109e", "a21209096594de8c5667b1d13ad93f744106d054df210e4782cd396fec692d3515a20bf351eec011a92c367888bc464c32f0807acd6c203a247e0db854148468e9f96bee4cf718d68d5f637cbd5a376457788e6fae90fc31097cfc" }, }; const XChaCha20TV *tv; char *hex; unsigned char *key; unsigned char *nonce; unsigned char *out; unsigned char *out2; size_t out_len; int i; key = (unsigned char *) sodium_malloc(crypto_stream_xchacha20_KEYBYTES); nonce = (unsigned char *) sodium_malloc(crypto_stream_xchacha20_NONCEBYTES); out = (unsigned char *) sodium_malloc(XCHACHA20_OUT_MAX); for (i = 0; i < (sizeof tvs) / (sizeof tvs[0]); i++) { tv = &tvs[i]; sodium_hex2bin(key, crypto_stream_xchacha20_KEYBYTES, tv->key, strlen(tv->key), NULL, NULL, NULL); sodium_hex2bin(nonce, crypto_stream_xchacha20_NONCEBYTES, tv->nonce, strlen(tv->nonce), NULL, NULL, NULL); sodium_hex2bin(out, XCHACHA20_OUT_MAX, tv->out, strlen(tv->out), NULL, &out_len, NULL); out2 = (unsigned char *) sodium_malloc(out_len); crypto_stream_xchacha20(out2, out_len, nonce, key); assert(memcmp(out, out2, out_len) == 0); crypto_stream_xchacha20_xor(out2, out, out_len, nonce, key); assert(sodium_is_zero(out2, out_len)); crypto_stream_xchacha20_xor_ic(out2, out, out_len, nonce, 0, key); assert(sodium_is_zero(out2, out_len)); crypto_stream_xchacha20_xor_ic(out2, out, out_len, nonce, 1, key); assert(!sodium_is_zero(out2, out_len)); crypto_stream_xchacha20_xor(out, out, out_len, nonce, key); assert(sodium_is_zero(out, out_len)); sodium_free(out2); } out2 = (unsigned char *) sodium_malloc(0); crypto_stream_xchacha20(out2, 0, nonce, key); crypto_stream_xchacha20_xor(out2, out2, 0, nonce, key); crypto_stream_xchacha20_xor_ic(out2, out2, 0, nonce, 1, key); sodium_free(out2); sodium_free(out); out = (unsigned char *) sodium_malloc(64); out2 = (unsigned char *) sodium_malloc(128); randombytes_buf(out, 64); randombytes_buf(out2, 64); memcpy(out2 + 64, out, 64); crypto_stream_xchacha20_xor_ic(out, out, 64, nonce, 1, key); crypto_stream_xchacha20_xor(out2, out2, 128, nonce, key); assert(memcmp(out, out2 + 64, 64) == 0); sodium_free(out); sodium_free(out2); out = (unsigned char *) sodium_malloc(192); out2 = (unsigned char *) sodium_malloc(192); memset(out, 0, 192); memset(out2, 0, 192); crypto_stream_xchacha20_xor_ic(out2, out2, 192, nonce, (1ULL << 32) - 1ULL, key); crypto_stream_xchacha20_xor_ic(out, out, 64, nonce, (1ULL << 32) - 1ULL, key); crypto_stream_xchacha20_xor_ic(out + 64, out + 64, 64, nonce, (1ULL << 32), key); crypto_stream_xchacha20_xor_ic(out + 128, out + 128, 64, nonce, (1ULL << 32) + 1, key); assert(memcmp(out, out2, 192) == 0); hex = (char *) sodium_malloc(192 * 2 + 1); sodium_bin2hex(hex, 192 * 2 + 1, out, 192); printf("%s\n", hex); sodium_free(hex); sodium_free(out); sodium_free(out2); sodium_free(nonce); sodium_free(key); assert(crypto_stream_xchacha20_keybytes() == crypto_stream_xchacha20_KEYBYTES); assert(crypto_stream_xchacha20_noncebytes() == crypto_stream_xchacha20_NONCEBYTES); printf("tv_stream_xchacha20: ok\n"); }
std::string nonce_to_string(uint8_t* nonce) { char hex[2*crypto_box_NONCEBYTES+1]; sodium_bin2hex(hex, sizeof(hex), nonce, crypto_box_NONCEBYTES); return std::string(hex); }