void test_cipher_cbc(const struct nettle_cipher *cipher, const struct tstring *key, const struct tstring *cleartext, const struct tstring *ciphertext, const struct tstring *iiv) { void *ctx = xalloc(cipher->context_size); uint8_t *data; uint8_t *iv = xalloc(cipher->block_size); unsigned length; ASSERT (cleartext->length == ciphertext->length); length = cleartext->length; ASSERT (iiv->length == cipher->block_size); data = xalloc(length); cipher->set_encrypt_key(ctx, key->length, key->data); memcpy(iv, iiv->data, cipher->block_size); cbc_encrypt(ctx, cipher->encrypt, cipher->block_size, iv, length, data, cleartext->data); if (!MEMEQ(length, data, ciphertext->data)) { fprintf(stderr, "CBC encrypt failed:\nInput:"); tstring_print_hex(cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(ciphertext); fprintf(stderr, "\n"); FAIL(); } cipher->set_decrypt_key(ctx, key->length, key->data); memcpy(iv, iiv->data, cipher->block_size); cbc_decrypt(ctx, cipher->decrypt, cipher->block_size, iv, length, data, data); if (!MEMEQ(length, data, cleartext->data)) { fprintf(stderr, "CBC decrypt failed:\nInput:"); tstring_print_hex(ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(cleartext); fprintf(stderr, "\n"); FAIL(); } free(ctx); free(data); free(iv); }
static void _test_chacha(chacha_func *crypt, const struct tstring *key, const struct tstring *iv, const struct tstring *cleartext, const struct tstring *ciphertext) { struct chacha_ctx ctx; uint8_t *data; size_t length; ASSERT (cleartext->length == ciphertext->length); length = cleartext->length; ASSERT (iv->length == CHACHA_IV_SIZE); data = xalloc(length + 1); chacha_set_key(&ctx, key->length, key->data); chacha_set_iv(&ctx, iv->data); data[length] = 17; crypt(&ctx, length, data, cleartext->data); if (data[length] != 17) { fprintf(stderr, "Encrypt of %lu bytes wrote too much!\nInput:", (unsigned long) length); tstring_print_hex(cleartext); fprintf(stderr, "\n"); FAIL(); } if (!MEMEQ(length, data, ciphertext->data)) { fprintf(stderr, "Encrypt failed:\nInput:"); tstring_print_hex(cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(ciphertext); fprintf(stderr, "\n"); FAIL(); } chacha_set_key(&ctx, key->length, key->data); chacha_set_iv(&ctx, iv->data); crypt(&ctx, length, data, data); if (!MEMEQ(length, data, cleartext->data)) { fprintf(stderr, "Decrypt failed:\nInput:"); tstring_print_hex(ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(cleartext); fprintf(stderr, "\n"); FAIL(); } free(data); }
void test_aead(const struct nettle_aead *aead, const struct tstring *key, const struct tstring *authtext, const struct tstring *cleartext, const struct tstring *ciphertext, const struct tstring *iv, const struct tstring *digest) { void *ctx = xalloc(aead->context_size); uint8_t *data; uint8_t *buffer = xalloc(aead->block_size); unsigned length; ASSERT (cleartext->length == ciphertext->length); length = cleartext->length; ASSERT (digest->length == aead->block_size); data = xalloc(length); /* encryption */ memset(buffer, 0, aead->block_size); aead->set_key(ctx, key->length, key->data); aead->set_iv(ctx, iv->length, iv->data); if (authtext->length) aead->update(ctx, authtext->length, authtext->data); if (length) aead->encrypt(ctx, length, data, cleartext->data); aead->digest(ctx, aead->block_size, buffer); ASSERT(MEMEQ(length, data, ciphertext->data)); ASSERT(MEMEQ(aead->block_size, buffer, digest->data)); /* decryption */ memset(buffer, 0, aead->block_size); aead->set_iv(ctx, iv->length, iv->data); if (authtext->length) aead->update(ctx, authtext->length, authtext->data); if (length) aead->decrypt(ctx, length, data, data); aead->digest(ctx, aead->block_size, buffer); ASSERT(MEMEQ(length, data, cleartext->data)); ASSERT(MEMEQ(aead->block_size, buffer, digest->data)); free(ctx); free(data); free(buffer); }
void test_main(void) { ASSERT(BASE64_ENCODE_LENGTH(0) == 0); /* At most 4 bits */ ASSERT(BASE64_ENCODE_LENGTH(1) == 2); /* At most 12 bits */ ASSERT(BASE64_ENCODE_LENGTH(2) == 3); /* At most 20 bits */ ASSERT(BASE64_ENCODE_LENGTH(3) == 4); /* At most 28 bits */ ASSERT(BASE64_ENCODE_LENGTH(4) == 6); /* At most 36 bits */ ASSERT(BASE64_ENCODE_LENGTH(5) == 7); /* At most 44 bits */ ASSERT(BASE64_ENCODE_LENGTH(12) == 16); /* At most 100 bits */ ASSERT(BASE64_ENCODE_LENGTH(13) == 18); /* At most 108 bits */ ASSERT(BASE64_DECODE_LENGTH(0) == 0); /* At most 6 bits */ ASSERT(BASE64_DECODE_LENGTH(1) == 1); /* At most 12 bits */ ASSERT(BASE64_DECODE_LENGTH(2) == 2); /* At most 18 bits */ ASSERT(BASE64_DECODE_LENGTH(3) == 3); /* At most 24 bits */ ASSERT(BASE64_DECODE_LENGTH(4) == 3); /* At most 30 bits */ test_armor(&nettle_base64, LDATA(""), ""); test_armor(&nettle_base64, LDATA("H"), "SA=="); test_armor(&nettle_base64, LDATA("He"), "SGU="); test_armor(&nettle_base64, LDATA("Hel"), "SGVs"); test_armor(&nettle_base64, LDATA("Hell"), "SGVsbA=="); test_armor(&nettle_base64, LDATA("Hello"), "SGVsbG8="); test_armor(&nettle_base64, LDATA("Hello\0"), "SGVsbG8A"); test_armor(&nettle_base64, LDATA("Hello?>>>"), "SGVsbG8/Pj4+"); test_armor(&nettle_base64, LDATA("\xff\xff\xff\xff"), "/////w=="); test_armor(&nettle_base64url, LDATA(""), ""); test_armor(&nettle_base64url, LDATA("H"), "SA=="); test_armor(&nettle_base64url, LDATA("He"), "SGU="); test_armor(&nettle_base64url, LDATA("Hel"), "SGVs"); test_armor(&nettle_base64url, LDATA("Hell"), "SGVsbA=="); test_armor(&nettle_base64url, LDATA("Hello"), "SGVsbG8="); test_armor(&nettle_base64url, LDATA("Hello\0"), "SGVsbG8A"); test_armor(&nettle_base64url, LDATA("Hello?>>>"), "SGVsbG8_Pj4-"); test_armor(&nettle_base64url, LDATA("\xff\xff\xff\xff"), "_____w=="); { /* Test overlapping areas */ uint8_t buffer[] = "Helloxxxx"; struct base64_decode_ctx ctx; size_t dst_length; ASSERT(BASE64_ENCODE_RAW_LENGTH(5) == 8); base64_encode_raw(buffer, 5, buffer); ASSERT(MEMEQ(9, buffer, "SGVsbG8=x")); base64_decode_init(&ctx); dst_length = 0; /* Output parameter only. */ ASSERT(base64_decode_update(&ctx, &dst_length, buffer, 8, buffer)); ASSERT(dst_length == 5); ASSERT(MEMEQ(9, buffer, "HelloG8=x")); } test_fuzz (); }
static void test_cfb8_bulk(void) { struct knuth_lfib_ctx random; uint8_t clear[CFB8_BULK_DATA]; uint8_t cipher[CFB8_BULK_DATA + 1]; const uint8_t *key = H("966c7bf00bebe6dc 8abd37912384958a" "743008105a08657d dcaad4128eee38b3"); const uint8_t *start_iv = H("11adbff119749103 207619cfa0e8d13a"); const uint8_t *end_iv = H("f84bfd48206f5803 6ef86f4e69e9aec0"); struct CFB8_CTX(struct aes256_ctx, AES_BLOCK_SIZE) aes; knuth_lfib_init(&random, CFB8_BULK_DATA); knuth_lfib_random(&random, CFB8_BULK_DATA, clear); /* Byte that should not be overwritten */ cipher[CFB8_BULK_DATA] = 17; aes256_set_encrypt_key(&aes.ctx, key); CFB8_SET_IV(&aes, start_iv); CFB8_ENCRYPT(&aes, aes256_encrypt, CFB8_BULK_DATA, cipher, clear); ASSERT(cipher[CFB8_BULK_DATA] == 17); if (verbose) { printf("IV after bulk encryption: "); print_hex(AES_BLOCK_SIZE, aes.iv); printf("\n"); } ASSERT(MEMEQ(AES_BLOCK_SIZE, aes.iv, end_iv)); /* Decrypt, in place */ aes256_set_encrypt_key(&aes.ctx, key); CFB8_SET_IV(&aes, start_iv); CFB8_DECRYPT(&aes, aes256_encrypt, CFB8_BULK_DATA, cipher, cipher); ASSERT(cipher[CFB8_BULK_DATA] == 17); if (verbose) { printf("IV after bulk decryption: "); print_hex(AES_BLOCK_SIZE, aes.iv); printf("\n"); } ASSERT (MEMEQ(AES_BLOCK_SIZE, aes.iv, end_iv)); ASSERT (MEMEQ(CFB8_BULK_DATA, clear, cipher)); }
static void test_cbc_bulk(void) { struct knuth_lfib_ctx random; uint8_t clear[CBC_BULK_DATA]; uint8_t cipher[CBC_BULK_DATA + 1]; const uint8_t *key = H("966c7bf00bebe6dc 8abd37912384958a" "743008105a08657d dcaad4128eee38b3"); const uint8_t *start_iv = H("11adbff119749103 207619cfa0e8d13a"); const uint8_t *end_iv = H("c7a42a569b421224 d0c23e52f46f97f5"); struct CBC_CTX(struct aes_ctx, AES_BLOCK_SIZE) aes; knuth_lfib_init(&random, CBC_BULK_DATA); knuth_lfib_random(&random, CBC_BULK_DATA, clear); /* Byte that should not be overwritten */ cipher[CBC_BULK_DATA] = 17; aes_set_encrypt_key(&aes.ctx, 32, key); CBC_SET_IV(&aes, start_iv); CBC_ENCRYPT(&aes, aes_encrypt, CBC_BULK_DATA, cipher, clear); ASSERT(cipher[CBC_BULK_DATA] == 17); if (verbose) { printf("IV after bulk encryption: "); print_hex(AES_BLOCK_SIZE, aes.iv); printf("\n"); } ASSERT(MEMEQ(AES_BLOCK_SIZE, aes.iv, end_iv)); /* Decrypt, in place */ aes_set_decrypt_key(&aes.ctx, 32, key); CBC_SET_IV(&aes, start_iv); CBC_DECRYPT(&aes, aes_decrypt, CBC_BULK_DATA, cipher, cipher); ASSERT(cipher[CBC_BULK_DATA] == 17); if (verbose) { printf("IV after bulk decryption: "); print_hex(AES_BLOCK_SIZE, aes.iv); printf("\n"); } ASSERT (MEMEQ(AES_BLOCK_SIZE, aes.iv, end_iv)); ASSERT (MEMEQ(CBC_BULK_DATA, clear, cipher)); }
void test_hash(const struct nettle_hash *hash, const struct tstring *msg, const struct tstring *digest) { void *ctx = xalloc(hash->context_size); uint8_t *buffer = xalloc(hash->digest_size); uint8_t *input; unsigned offset; ASSERT (digest->length == hash->digest_size); hash->init(ctx); hash->update(ctx, msg->length, msg->data); hash->digest(ctx, hash->digest_size, buffer); if (MEMEQ(hash->digest_size, digest->data, buffer) == 0) { fprintf(stdout, "\nGot:\n"); print_hex(hash->digest_size, buffer); fprintf(stdout, "\nExpected:\n"); print_hex(hash->digest_size, digest->data); abort(); } memset(buffer, 0, hash->digest_size); hash->init(ctx); hash->update(ctx, msg->length, msg->data); hash->digest(ctx, hash->digest_size - 1, buffer); ASSERT(MEMEQ(hash->digest_size - 1, digest->data, buffer)); ASSERT(buffer[hash->digest_size - 1] == 0); input = xalloc (msg->length + 16); for (offset = 0; offset < 16; offset++) { memset (input, 0, msg->length + 16); memcpy (input + offset, msg->data, msg->length); hash->update (ctx, msg->length, input + offset); hash->digest (ctx, hash->digest_size, buffer); if (MEMEQ(hash->digest_size, digest->data, buffer) == 0) { fprintf(stdout, "hash input address: %p\nGot:\n", input + offset); print_hex(hash->digest_size, buffer); fprintf(stdout, "\nExpected:\n"); print_hex(hash->digest_size, digest->data); abort(); } } free(ctx); free(buffer); free(input); }
static void test_salsa20(unsigned key_length, const uint8_t *key, const uint8_t *iv, unsigned length, const uint8_t *cleartext, const uint8_t *ciphertext) { struct salsa20_ctx ctx; uint8_t *data = xalloc(length + 1); salsa20_set_key(&ctx, key_length, key); salsa20_set_iv(&ctx, iv); data[length] = 17; salsa20_crypt(&ctx, length, data, cleartext); if (data[length] != 17) { fprintf(stderr, "Encrypt of %u bytes wrote too much!\nInput:", length); print_hex(length, cleartext); fprintf(stderr, "\n"); FAIL(); } if (!MEMEQ(length, data, ciphertext)) { fprintf(stderr, "Encrypt failed:\nInput:"); print_hex(length, cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); print_hex(length, ciphertext); fprintf(stderr, "\n"); FAIL(); } salsa20_set_key(&ctx, key_length, key); salsa20_set_iv(&ctx, iv); salsa20_crypt(&ctx, length, data, data); if (!MEMEQ(length, data, cleartext)) { fprintf(stderr, "Decrypt failed:\nInput:"); print_hex(length, ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); print_hex(length, cleartext); fprintf(stderr, "\n"); FAIL(); } free(data); }
static void test_des(const struct tstring *key, int expected_parity, const struct tstring *cleartext, const struct tstring *ciphertext) { struct des_ctx ctx; uint8_t *data; unsigned length; ASSERT (cleartext->length == ciphertext->length); length = cleartext->length; ASSERT (key->length == DES_KEY_SIZE); data = xalloc(length); ASSERT (des_check_parity(8, key->data) == expected_parity); ASSERT (des_set_key(&ctx, key->data)); des_encrypt(&ctx, length, data, cleartext->data); if (!MEMEQ(length, data, ciphertext->data)) { fprintf(stderr, "Encrypt failed:\nInput:"); tstring_print_hex(cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(ciphertext); fprintf(stderr, "\n"); FAIL(); } des_decrypt(&ctx, length, data, data); if (!MEMEQ(length, data, cleartext->data)) { fprintf(stderr, "Decrypt failed:\nInput:"); tstring_print_hex(ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(cleartext); fprintf(stderr, "\n"); FAIL(); } free(data); }
static void test_memxor (const uint8_t *a, const uint8_t *b, const uint8_t *c, size_t size, unsigned align_dst, unsigned align_src) { uint8_t dst_buf[MAX_SIZE + ALIGN_SIZE + 1]; uint8_t src_buf[MAX_SIZE + ALIGN_SIZE + 1]; uint8_t *dst = set_align (dst_buf, align_dst); uint8_t *src = set_align (src_buf, align_src); if (verbose) fprintf(stderr, "size = %d, align_dst = %d, align_src = %d\n", (int) size, align_dst, align_src); memcpy (dst, a, size); dst[-1] = 17; dst[size] = 17; memcpy (src, b, size); memxor (dst, src, size); ASSERT (MEMEQ (size, dst, c)); ASSERT (dst[-1] == 17); ASSERT (dst[size] == 17); }
void test_hash_large(const struct nettle_hash *hash, unsigned count, unsigned length, uint8_t c, const struct tstring *digest) { void *ctx = xalloc(hash->context_size); uint8_t *buffer = xalloc(hash->digest_size); uint8_t *data = xalloc(length); unsigned i; ASSERT (digest->length == hash->digest_size); memset(data, c, length); hash->init(ctx); for (i = 0; i < count; i++) hash->update(ctx, length, data); hash->digest(ctx, hash->digest_size, buffer); print_hex(hash->digest_size, buffer); ASSERT (MEMEQ(hash->digest_size, digest->data, buffer)); free(ctx); free(buffer); free(data); }
static void test_bignum(const char *hex, unsigned length, const uint8_t *base256) { mpz_t a; mpz_t b; uint8_t *buf; mpz_init_set_str(a, hex, 16); nettle_mpz_init_set_str_256_s(b, length, base256); if (mpz_cmp(a, b)) FAIL(); buf = xalloc(length + 1); memset(buf, 17, length + 1); nettle_mpz_get_str_256(length, buf, a); if (!MEMEQ(length, buf, base256)) FAIL(); if (buf[length] != 17) FAIL(); mpz_clear(a); mpz_clear(b); free(buf); }
static void test_memxor3 (const uint8_t *ain, const uint8_t *bin, const uint8_t *c, size_t size, unsigned align_dst, unsigned align_a, unsigned align_b) { uint8_t dst_buf[MAX_SIZE + ALIGN_SIZE + 1]; uint8_t a_buf[MAX_SIZE + ALIGN_SIZE + 1]; uint8_t b_buf[MAX_SIZE + ALIGN_SIZE + 1]; uint8_t *dst = set_align (dst_buf, align_dst); uint8_t *a = set_align (a_buf, align_a); uint8_t *b = set_align (b_buf, align_b); if (verbose) fprintf(stderr, "size = %d, align_dst = %d, align_a = %d, align_b = %d\n", (int) size, align_dst, align_a, align_b); memset (dst, 0, size); dst[-1] = 17; dst[size] = 17; memcpy (a, ain, size); memcpy (b, bin, size); memxor3 (dst, a, b, size); ASSERT (MEMEQ (size, dst, c)); ASSERT (dst[-1] == 17); ASSERT (dst[size] == 17); }
static void test_fuzz_once(struct base64_encode_ctx *encode, struct base64_decode_ctx *decode, size_t size, const uint8_t *input) { size_t base64_len = BASE64_ENCODE_RAW_LENGTH (size); size_t out_len; uint8_t *base64 = xalloc (base64_len + 2); uint8_t *decoded = xalloc (size + 2); *base64++ = 0x12; base64[base64_len] = 0x34; *decoded++ = 0x56; decoded[size] = 0x78; out_len = base64_encode_update(encode, base64, size, input); ASSERT (out_len <= base64_len); out_len += base64_encode_final(encode, base64 + out_len); ASSERT (out_len == base64_len); ASSERT (base64[-1] == 0x12); ASSERT (base64[base64_len] == 0x34); ASSERT(base64_decode_update(decode, &out_len, decoded, base64_len, base64)); ASSERT(base64_decode_final(decode)); ASSERT (out_len == size); ASSERT (decoded[-1] == 0x56); ASSERT (decoded[size] == 0x78); ASSERT(MEMEQ(size, input, decoded)); free (base64 - 1); free (decoded - 1); }
static void test_hkdf_sha1(const struct tstring *ikm, const struct tstring *salt, const struct tstring *info, const struct tstring *extract_output, const struct tstring *expand_output) { struct hmac_sha1_ctx ctx; uint8_t prk[SHA1_DIGEST_SIZE]; uint8_t *buffer = xalloc(expand_output->length); hmac_sha1_set_key(&ctx, salt->length, salt->data); hkdf_extract(&ctx, (nettle_hash_update_func*) hmac_sha1_update, (nettle_hash_digest_func*) hmac_sha1_digest, SHA1_DIGEST_SIZE, ikm->length, ikm->data, prk); if (MEMEQ(SHA1_DIGEST_SIZE, prk, extract_output->data) == 0) { fprintf(stdout, "\nGot:\n"); print_hex(SHA1_DIGEST_SIZE, prk); fprintf(stdout, "\nExpected:\n"); print_hex(extract_output->length, extract_output->data); abort(); } hmac_sha1_set_key(&ctx, SHA1_DIGEST_SIZE, prk); hkdf_expand(&ctx, (nettle_hash_update_func*) hmac_sha1_update, (nettle_hash_digest_func*) hmac_sha1_digest, SHA1_DIGEST_SIZE, info->length, info->data, expand_output->length, buffer); if (MEMEQ(expand_output->length, expand_output->data, buffer) == 0) { fprintf(stdout, "\nGot:\n"); print_hex(expand_output->length, buffer); fprintf(stdout, "\nExpected:\n"); print_hex(expand_output->length, expand_output->data); abort(); } free(buffer); }
static void test_des(const uint8_t *key, int expected_parity, unsigned length, const uint8_t *cleartext, const uint8_t *ciphertext) { struct des_ctx ctx; uint8_t *data = xalloc(length); if (des_check_parity(8, key) != expected_parity) FAIL(); if (!des_set_key(&ctx, key)) FAIL(); des_encrypt(&ctx, length, data, cleartext); if (!MEMEQ(length, data, ciphertext)) { fprintf(stderr, "Encrypt failed:\nInput:"); print_hex(length, cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); print_hex(length, ciphertext); fprintf(stderr, "\n"); FAIL(); } des_decrypt(&ctx, length, data, data); if (!MEMEQ(length, data, cleartext)) { fprintf(stderr, "Decrypt failed:\nInput:"); print_hex(length, ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); print_hex(length, cleartext); fprintf(stderr, "\n"); FAIL(); } free(data); }
static void test_invert(const struct tstring *key, const struct tstring *cleartext, const struct tstring *ciphertext) { struct camellia_ctx encrypt; struct camellia_ctx decrypt; uint8_t *data; unsigned length; ASSERT (cleartext->length == ciphertext->length); length = cleartext->length; data = xalloc(length); camellia_set_encrypt_key (&encrypt, key->length, key->data); camellia_crypt (&encrypt, length, data, cleartext->data); if (!MEMEQ(length, data, ciphertext->data)) { tstring_print_hex(cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(ciphertext); fprintf(stderr, "\n"); FAIL(); } camellia_invert_key (&decrypt, &encrypt); camellia_crypt (&decrypt, length, data, data); if (!MEMEQ(length, data, cleartext->data)) { fprintf(stderr, "test_invert: Decrypt failed:\nInput:"); tstring_print_hex(ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(cleartext); fprintf(stderr, "\n"); FAIL(); } free (data); }
void test_armor(const struct nettle_armor *armor, unsigned data_length, const uint8_t *data, const uint8_t *ascii) { unsigned ascii_length = strlen(ascii); uint8_t *buffer = xalloc(1 + ascii_length); uint8_t *check = xalloc(1 + armor->decode_length(ascii_length)); void *encode = xalloc(armor->encode_context_size); void *decode = xalloc(armor->decode_context_size); unsigned done; ASSERT(ascii_length <= (armor->encode_length(data_length) + armor->encode_final_length)); ASSERT(data_length <= armor->decode_length(ascii_length)); memset(buffer, 0x33, 1 + ascii_length); memset(check, 0x55, 1 + data_length); armor->encode_init(encode); done = armor->encode_update(encode, buffer, data_length, data); done += armor->encode_final(encode, buffer + done); ASSERT(done == ascii_length); ASSERT (MEMEQ(ascii_length, buffer, ascii)); ASSERT (0x33 == buffer[strlen(ascii)]); armor->decode_init(decode); done = armor->decode_length(ascii_length); ASSERT(armor->decode_update(decode, &done, check, ascii_length, buffer)); ASSERT(done == data_length); ASSERT(armor->decode_final(decode)); ASSERT (MEMEQ(data_length, check, data)); ASSERT (0x55 == check[data_length]); free(buffer); free(check); free(encode); free(decode); }
static void test_gcm_hash (const struct tstring *msg, const struct tstring *ref) { struct gcm_aes128_ctx ctx; const uint8_t z16[16] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }; uint8_t digest[16]; ASSERT (ref->length == sizeof(digest)); gcm_aes128_set_key (&ctx, z16); gcm_aes128_set_iv (&ctx, 16, z16); gcm_aes128_update (&ctx, msg->length, msg->data); gcm_aes128_digest (&ctx, sizeof(digest), digest); if (!MEMEQ (ref->length, ref->data, digest)) { fprintf (stderr, "gcm_hash failed, msg: %s\nOutput: ", msg->data); print_hex (16, digest); fprintf(stderr, "Expected:"); tstring_print_hex(ref); fprintf(stderr, "\n"); FAIL(); } }
static void test_salsa20_stream(const struct tstring *key, const struct tstring *iv, const struct tstring *ciphertext, const struct tstring *xor_ref) { struct salsa20_ctx ctx; uint8_t data[STREAM_LENGTH + 1]; uint8_t stream[STREAM_LENGTH + 1]; uint8_t xor[SALSA20_BLOCK_SIZE]; unsigned j; ASSERT (iv->length == SALSA20_IV_SIZE); ASSERT (ciphertext->length == 4*SALSA20_BLOCK_SIZE); ASSERT (xor_ref->length == SALSA20_BLOCK_SIZE); salsa20_set_key(&ctx, key->length, key->data); salsa20_set_iv(&ctx, iv->data); memset(stream, 0, STREAM_LENGTH + 1); salsa20_crypt(&ctx, STREAM_LENGTH, stream, stream); if (stream[STREAM_LENGTH]) { fprintf(stderr, "Stream of %d bytes wrote too much!\n", STREAM_LENGTH); FAIL(); } if (!MEMEQ (64, stream, ciphertext->data)) { fprintf(stderr, "Error failed, offset 0:\n"); fprintf(stderr, "\nOutput: "); print_hex(64, stream); fprintf(stderr, "\nExpected:"); print_hex(64, ciphertext->data); fprintf(stderr, "\n"); FAIL(); } if (!MEMEQ (128, stream + 192, ciphertext->data + 64)) { fprintf(stderr, "Error failed, offset 192:\n"); fprintf(stderr, "\nOutput: "); print_hex(128, stream + 192); fprintf(stderr, "\nExpected:"); print_hex(64, ciphertext->data + 64); fprintf(stderr, "\n"); FAIL(); } if (!MEMEQ (64, stream + 448, ciphertext->data + 192)) { fprintf(stderr, "Error failed, offset 448:\n"); fprintf(stderr, "\nOutput: "); print_hex(64, stream + 448); fprintf(stderr, "\nExpected:"); print_hex(64, ciphertext->data + 192); fprintf(stderr, "\n"); FAIL(); } memxor3 (xor, stream, stream + SALSA20_BLOCK_SIZE, SALSA20_BLOCK_SIZE); for (j = 2*SALSA20_BLOCK_SIZE; j < STREAM_LENGTH; j += SALSA20_BLOCK_SIZE) memxor (xor, stream + j, SALSA20_BLOCK_SIZE); if (!MEMEQ (SALSA20_BLOCK_SIZE, xor, xor_ref->data)) { fprintf(stderr, "Error failed, bad xor 448:\n"); fprintf(stderr, "\nOutput: "); print_hex(SALSA20_BLOCK_SIZE, xor); fprintf(stderr, "\nExpected:"); print_hex(SALSA20_BLOCK_SIZE, xor_ref->data); fprintf(stderr, "\n"); FAIL(); } for (j = 1; j <= STREAM_LENGTH; j++) { memset(data, 0, STREAM_LENGTH + 1); salsa20_set_iv(&ctx, iv->data); salsa20_crypt(&ctx, j, data, data); if (!MEMEQ(j, data, stream)) { fprintf(stderr, "Encrypt failed for length %u:\n", j); fprintf(stderr, "\nOutput: "); print_hex(j, data); fprintf(stderr, "\nExpected:"); print_hex(j, stream); fprintf(stderr, "\n"); FAIL(); } if (!memzero_p (data + j, STREAM_LENGTH + 1 - j)) { fprintf(stderr, "Encrypt failed for length %u, wrote too much:\n", j); fprintf(stderr, "\nOutput: "); print_hex(STREAM_LENGTH + 1 - j, data + j); fprintf(stderr, "\n"); FAIL(); } } }
static void test_arcfour(const struct tstring *key, const struct tstring *cleartext, const struct tstring *ciphertext) { size_t block; struct arcfour_ctx ctx; uint8_t *data; size_t length; ASSERT (cleartext->length == ciphertext->length); length = cleartext->length; data = xalloc(length + 1); for (block = 1; block <= length; block++) { size_t i; memset(data, 0x17, length + 1); arcfour_set_key(&ctx, key->length, key->data); for (i = 0; i + block < length; i += block) { arcfour_crypt(&ctx, block, data + i, cleartext->data + i); ASSERT (data[i + block] == 0x17); } arcfour_crypt(&ctx, length - i, data + i, cleartext->data + i); ASSERT (data[length] == 0x17); if (!MEMEQ(length, data, ciphertext->data)) { fprintf(stderr, "Encrypt failed, block size %lu\nInput:", (unsigned long) block); tstring_print_hex(cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(ciphertext); fprintf(stderr, "\n"); FAIL(); } } arcfour_set_key(&ctx, key->length, key->data); arcfour_crypt(&ctx, length, data, data); ASSERT (data[length] == 0x17); if (!MEMEQ(length, data, cleartext->data)) { fprintf(stderr, "Decrypt failed\nInput:"); tstring_print_hex(ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(cleartext); fprintf(stderr, "\n"); FAIL(); } free(data); }
void test_main(void) { struct rsa_public_key pub; struct rsa_private_key key; struct knuth_lfib_ctx lfib; /* FIXME: How is this spelled? */ const uint8_t *msg = "Squemish ossifrage"; size_t msg_length; uint8_t *decrypted; size_t decrypted_length; uint8_t after; mpz_t gibberish; rsa_private_key_init(&key); rsa_public_key_init(&pub); mpz_init(gibberish); knuth_lfib_init(&lfib, 17); test_rsa_set_key_1(&pub, &key); msg_length = strlen(msg); if (verbose) fprintf(stderr, "msg: `%s', length = %d\n", msg, (int) msg_length); ASSERT(rsa_encrypt(&pub, &lfib, (nettle_random_func *) knuth_lfib_random, msg_length, msg, gibberish)); if (verbose) { fprintf(stderr, "encrypted: "); mpz_out_str(stderr, 10, gibberish); } decrypted = xalloc(msg_length + 1); knuth_lfib_random (&lfib, msg_length + 1, decrypted); after = decrypted[msg_length]; decrypted_length = msg_length - 1; ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, gibberish)); decrypted_length = msg_length; ASSERT(rsa_decrypt(&key, &decrypted_length, decrypted, gibberish)); ASSERT(decrypted_length == msg_length); ASSERT(MEMEQ(msg_length, msg, decrypted)); ASSERT(decrypted[msg_length] == after); knuth_lfib_random (&lfib, msg_length + 1, decrypted); after = decrypted[msg_length]; decrypted_length = key.size; ASSERT(rsa_decrypt(&key, &decrypted_length, decrypted, gibberish)); ASSERT(decrypted_length == msg_length); ASSERT(MEMEQ(msg_length, msg, decrypted)); ASSERT(decrypted[msg_length] == after); knuth_lfib_random (&lfib, msg_length + 1, decrypted); after = decrypted[msg_length]; decrypted_length = msg_length; ASSERT(rsa_decrypt_tr(&pub, &key, &lfib, (nettle_random_func *) knuth_lfib_random, &decrypted_length, decrypted, gibberish)); ASSERT(decrypted_length == msg_length); ASSERT(MEMEQ(msg_length, msg, decrypted)); ASSERT(decrypted[msg_length] == after); /* Test invalid key. */ mpz_add_ui (key.q, key.q, 2); decrypted_length = key.size; ASSERT(!rsa_decrypt_tr(&pub, &key, &lfib, (nettle_random_func *) knuth_lfib_random, &decrypted_length, decrypted, gibberish)); rsa_private_key_clear(&key); rsa_public_key_clear(&pub); mpz_clear(gibberish); free(decrypted); }
void test_cipher_stream(const struct nettle_cipher *cipher, const struct tstring *key, const struct tstring *cleartext, const struct tstring *ciphertext) { unsigned block; void *ctx = xalloc(cipher->context_size); uint8_t *data; unsigned length; ASSERT (cleartext->length == ciphertext->length); length = cleartext->length; data = xalloc(length + 1); for (block = 1; block <= length; block++) { unsigned i; memset(data, 0x17, length + 1); cipher->set_encrypt_key(ctx, key->length, key->data); for (i = 0; i + block < length; i += block) { cipher->encrypt(ctx, block, data + i, cleartext->data + i); ASSERT (data[i + block] == 0x17); } cipher->encrypt(ctx, length - i, data + i, cleartext->data + i); ASSERT (data[length] == 0x17); if (!MEMEQ(length, data, ciphertext->data)) { fprintf(stderr, "Encrypt failed, block size %d\nInput:", block); tstring_print_hex(cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(ciphertext); fprintf(stderr, "\n"); FAIL(); } } cipher->set_decrypt_key(ctx, key->length, key->data); cipher->decrypt(ctx, length, data, data); ASSERT (data[length] == 0x17); if (!MEMEQ(length, data, cleartext->data)) { fprintf(stderr, "Decrypt failed\nInput:"); tstring_print_hex(ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(cleartext); fprintf(stderr, "\n"); FAIL(); } free(ctx); free(data); }
void test_cipher_ctr(const struct nettle_cipher *cipher, const struct tstring *key, const struct tstring *cleartext, const struct tstring *ciphertext, const struct tstring *ictr) { void *ctx = xalloc(cipher->context_size); uint8_t *data; uint8_t *ctr = xalloc(cipher->block_size); uint8_t *octr = xalloc(cipher->block_size); unsigned length; unsigned low, nblocks; ASSERT (cleartext->length == ciphertext->length); length = cleartext->length; ASSERT (ictr->length == cipher->block_size); /* Compute expected counter value after the operation. */ nblocks = (length + cipher->block_size - 1) / cipher->block_size; ASSERT (nblocks < 0x100); memcpy (octr, ictr->data, cipher->block_size - 1); low = ictr->data[cipher->block_size - 1] + nblocks; octr[cipher->block_size - 1] = low; if (low >= 0x100) INCREMENT (cipher->block_size - 1, octr); data = xalloc(length); cipher->set_encrypt_key(ctx, key->length, key->data); memcpy(ctr, ictr->data, cipher->block_size); ctr_crypt(ctx, cipher->encrypt, cipher->block_size, ctr, length, data, cleartext->data); if (!MEMEQ(length, data, ciphertext->data)) { fprintf(stderr, "CTR encrypt failed:\nInput:"); tstring_print_hex(cleartext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(ciphertext); fprintf(stderr, "\n"); FAIL(); } ASSERT (MEMEQ (cipher->block_size, ctr, octr)); memcpy(ctr, ictr->data, cipher->block_size); ctr_crypt(ctx, cipher->encrypt, cipher->block_size, ctr, length, data, data); if (!MEMEQ(length, data, cleartext->data)) { fprintf(stderr, "CTR decrypt failed:\nInput:"); tstring_print_hex(ciphertext); fprintf(stderr, "\nOutput: "); print_hex(length, data); fprintf(stderr, "\nExpected:"); tstring_print_hex(cleartext); fprintf(stderr, "\n"); FAIL(); } ASSERT (MEMEQ (cipher->block_size, ctr, octr)); free(ctx); free(data); free(octr); free(ctr); }
void test_main(void) { struct sexp_iterator i; uint32_t x; ASSERT(sexp_iterator_first(&i, LDATA(""))); ASSERT(i.type == SEXP_END); ASSERT(sexp_iterator_first(&i, LDATA("()"))); ASSERT(i.type == SEXP_LIST && sexp_iterator_enter_list(&i) && i.type == SEXP_END && sexp_iterator_exit_list(&i) && i.type == SEXP_END); ASSERT(sexp_iterator_first(&i, LDATA("("))); ASSERT(i.type == SEXP_LIST && !sexp_iterator_enter_list(&i)); /* Check integers. */ ASSERT(sexp_iterator_first(&i, LDATA("1:\0" "1:\x11" "2:\x00\x11" "2:\x00\x80" "5:\x00\xaa\xbb\xcc\xdd"))); ASSERT(sexp_iterator_get_uint32(&i, &x) && x == 0); ASSERT(sexp_iterator_get_uint32(&i, &x) && x == 0x11); ASSERT(sexp_iterator_get_uint32(&i, &x) && x == 0x11); ASSERT(sexp_iterator_get_uint32(&i, &x) && x == 0x80); ASSERT(sexp_iterator_get_uint32(&i, &x) && x == 0xaabbccdd); ASSERT(sexp_iterator_first(&i, LDATA("3:foo0:[3:bar]12:xxxxxxxxxxxx"))); ASSERT(i.type == SEXP_ATOM && !i.display_length && !i.display && i.atom_length == 3 && MEMEQ(3, "foo", i.atom) && sexp_iterator_next(&i) && i.type == SEXP_ATOM && !i.display_length && !i.display && !i.atom_length && i.atom && sexp_iterator_next(&i) && i.type == SEXP_ATOM && i.display_length == 3 && MEMEQ(3, "bar", i.display) && i.atom_length == 12 && MEMEQ(12, "xxxxxxxxxxxx", i.atom) && sexp_iterator_next(&i) && i.type == SEXP_END); /* Same data, transport encoded. */ { struct tstring *s = tstring_data(LDATA("{Mzpmb28=} {MDo=} {WzM6YmFyXTEyOnh4eHh4eHh4eHh4eA==}")); ASSERT(sexp_transport_iterator_first (&i, s->length, s->data)); ASSERT(i.type == SEXP_ATOM && !i.display_length && !i.display && i.atom_length == 3 && MEMEQ(3, "foo", i.atom) && sexp_iterator_next(&i) && i.type == SEXP_ATOM && !i.display_length && !i.display && !i.atom_length && i.atom && sexp_iterator_next(&i) && i.type == SEXP_ATOM && i.display_length == 3 && MEMEQ(3, "bar", i.display) && i.atom_length == 12 && MEMEQ(12, "xxxxxxxxxxxx", i.atom) && sexp_iterator_next(&i) && i.type == SEXP_END); } { static const uint8_t *keys[2] = { "n", "e" }; struct sexp_iterator v[2]; ASSERT(sexp_iterator_first(&i, LDATA("((1:n2:xx3:foo)0:(1:y)(1:e))"))); ASSERT(sexp_iterator_enter_list(&i) && sexp_iterator_assoc(&i, 2, keys, v)); ASSERT(v[0].type == SEXP_ATOM && !v[0].display_length && !v[0].display && v[0].atom_length == 2 && MEMEQ(2, "xx", v[0].atom) && sexp_iterator_next(&v[0]) && v[0].type == SEXP_ATOM && !v[0].display_length && !v[0].display && v[0].atom_length == 3 && MEMEQ(3, "foo", v[0].atom) && sexp_iterator_next(&v[0]) && v[0].type == SEXP_END); ASSERT(v[1].type == SEXP_END); ASSERT(sexp_iterator_first(&i, LDATA("((1:n))"))); ASSERT(sexp_iterator_enter_list(&i) && !sexp_iterator_assoc(&i, 2, keys, v)); ASSERT(sexp_iterator_first(&i, LDATA("((1:n)(1:n3:foo))"))); ASSERT(sexp_iterator_enter_list(&i) && !sexp_iterator_assoc(&i, 2, keys, v)); } }