forked from cory/tildefriends
188 lines
5.5 KiB
C
188 lines
5.5 KiB
C
|
|
||
|
#define TEST_NAME "metamorphic"
|
||
|
#include "cmptest.h"
|
||
|
|
||
|
#define MAXLEN 512
|
||
|
#define MAX_ITER 1000
|
||
|
|
||
|
static void
|
||
|
mm_generichash(void)
|
||
|
{
|
||
|
crypto_generichash_state st;
|
||
|
unsigned char *h, *h2;
|
||
|
unsigned char *k;
|
||
|
unsigned char *m;
|
||
|
size_t hlen;
|
||
|
size_t klen;
|
||
|
size_t mlen;
|
||
|
size_t l1, l2;
|
||
|
int i;
|
||
|
|
||
|
for (i = 0; i < MAX_ITER; i++) {
|
||
|
mlen = randombytes_uniform(MAXLEN);
|
||
|
m = (unsigned char *) sodium_malloc(mlen);
|
||
|
klen = randombytes_uniform(crypto_generichash_KEYBYTES_MAX -
|
||
|
crypto_generichash_KEYBYTES_MIN + 1U)
|
||
|
+ crypto_generichash_KEYBYTES_MIN;
|
||
|
k = (unsigned char *) sodium_malloc(klen);
|
||
|
hlen = randombytes_uniform(crypto_generichash_BYTES_MAX -
|
||
|
crypto_generichash_BYTES_MIN + 1U)
|
||
|
+ crypto_generichash_BYTES_MIN;
|
||
|
h = (unsigned char *) sodium_malloc(hlen);
|
||
|
h2 = (unsigned char *) sodium_malloc(hlen);
|
||
|
|
||
|
randombytes_buf(k, klen);
|
||
|
randombytes_buf(m, mlen);
|
||
|
|
||
|
crypto_generichash_init(&st, k, klen, hlen);
|
||
|
l1 = randombytes_uniform((uint32_t) mlen);
|
||
|
l2 = randombytes_uniform((uint32_t) (mlen - l1));
|
||
|
crypto_generichash_update(&st, m, l1);
|
||
|
crypto_generichash_update(&st, m + l1, l2);
|
||
|
crypto_generichash_update(&st, m + l1 + l2, mlen - l1 - l2);
|
||
|
crypto_generichash_final(&st, h, hlen);
|
||
|
|
||
|
crypto_generichash(h2, hlen, m, mlen, k, klen);
|
||
|
|
||
|
assert(memcmp(h, h2, hlen) == 0);
|
||
|
|
||
|
sodium_free(h2);
|
||
|
sodium_free(h);
|
||
|
sodium_free(k);
|
||
|
sodium_free(m);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
static void
|
||
|
mm_onetimeauth(void)
|
||
|
{
|
||
|
crypto_onetimeauth_state st;
|
||
|
unsigned char *h, *h2;
|
||
|
unsigned char *k;
|
||
|
unsigned char *m;
|
||
|
size_t mlen;
|
||
|
size_t l1, l2;
|
||
|
int i;
|
||
|
|
||
|
for (i = 0; i < MAX_ITER; i++) {
|
||
|
mlen = randombytes_uniform(MAXLEN);
|
||
|
m = (unsigned char *) sodium_malloc(mlen);
|
||
|
k = (unsigned char *) sodium_malloc(crypto_onetimeauth_KEYBYTES);
|
||
|
h = (unsigned char *) sodium_malloc(crypto_onetimeauth_BYTES);
|
||
|
h2 = (unsigned char *) sodium_malloc(crypto_onetimeauth_BYTES);
|
||
|
|
||
|
crypto_onetimeauth_keygen(k);
|
||
|
randombytes_buf(m, mlen);
|
||
|
|
||
|
crypto_onetimeauth_init(&st, k);
|
||
|
l1 = randombytes_uniform((uint32_t) mlen);
|
||
|
l2 = randombytes_uniform((uint32_t) (mlen - l1));
|
||
|
crypto_onetimeauth_update(&st, m, l1);
|
||
|
crypto_onetimeauth_update(&st, m + l1, l2);
|
||
|
crypto_onetimeauth_update(&st, m + l1 + l2, mlen - l1 - l2);
|
||
|
crypto_onetimeauth_final(&st, h);
|
||
|
|
||
|
crypto_onetimeauth(h2, m, mlen, k);
|
||
|
|
||
|
assert(memcmp(h, h2, crypto_onetimeauth_BYTES) == 0);
|
||
|
|
||
|
sodium_free(h2);
|
||
|
sodium_free(h);
|
||
|
sodium_free(k);
|
||
|
sodium_free(m);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
static void
|
||
|
mm_hmacsha256(void)
|
||
|
{
|
||
|
crypto_auth_hmacsha256_state st;
|
||
|
unsigned char *h, *h2;
|
||
|
unsigned char *k;
|
||
|
unsigned char *m;
|
||
|
size_t mlen;
|
||
|
size_t l1, l2;
|
||
|
int i;
|
||
|
|
||
|
for (i = 0; i < MAX_ITER; i++) {
|
||
|
mlen = randombytes_uniform(MAXLEN);
|
||
|
m = (unsigned char *) sodium_malloc(mlen);
|
||
|
k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_KEYBYTES);
|
||
|
h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES);
|
||
|
h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES);
|
||
|
|
||
|
crypto_auth_hmacsha256_keygen(k);
|
||
|
randombytes_buf(m, mlen);
|
||
|
|
||
|
crypto_auth_hmacsha256_init(&st, k, crypto_auth_hmacsha256_KEYBYTES);
|
||
|
l1 = randombytes_uniform((uint32_t) mlen);
|
||
|
l2 = randombytes_uniform((uint32_t) (mlen - l1));
|
||
|
crypto_auth_hmacsha256_update(&st, m, l1);
|
||
|
crypto_auth_hmacsha256_update(&st, m + l1, l2);
|
||
|
crypto_auth_hmacsha256_update(&st, m + l1 + l2, mlen - l1 - l2);
|
||
|
crypto_auth_hmacsha256_final(&st, h);
|
||
|
|
||
|
crypto_auth_hmacsha256(h2, m, mlen, k);
|
||
|
|
||
|
assert(memcmp(h, h2, crypto_auth_hmacsha256_BYTES) == 0);
|
||
|
|
||
|
sodium_free(h2);
|
||
|
sodium_free(h);
|
||
|
sodium_free(k);
|
||
|
sodium_free(m);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
static void
|
||
|
mm_hmacsha512(void)
|
||
|
{
|
||
|
crypto_auth_hmacsha512_state st;
|
||
|
unsigned char *h, *h2;
|
||
|
unsigned char *k;
|
||
|
unsigned char *m;
|
||
|
size_t mlen;
|
||
|
size_t l1, l2;
|
||
|
int i;
|
||
|
|
||
|
for (i = 0; i < MAX_ITER; i++) {
|
||
|
mlen = randombytes_uniform(MAXLEN);
|
||
|
m = (unsigned char *) sodium_malloc(mlen);
|
||
|
k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_KEYBYTES);
|
||
|
h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_BYTES);
|
||
|
h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_BYTES);
|
||
|
|
||
|
crypto_auth_hmacsha512_keygen(k);
|
||
|
randombytes_buf(m, mlen);
|
||
|
|
||
|
crypto_auth_hmacsha512_init(&st, k, crypto_auth_hmacsha512_KEYBYTES);
|
||
|
l1 = randombytes_uniform((uint32_t) mlen);
|
||
|
l2 = randombytes_uniform((uint32_t) (mlen - l1));
|
||
|
crypto_auth_hmacsha512_update(&st, m, l1);
|
||
|
crypto_auth_hmacsha512_update(&st, m + l1, l2);
|
||
|
crypto_auth_hmacsha512_update(&st, m + l1 + l2, mlen - l1 - l2);
|
||
|
crypto_auth_hmacsha512_final(&st, h);
|
||
|
|
||
|
crypto_auth_hmacsha512(h2, m, mlen, k);
|
||
|
|
||
|
assert(memcmp(h, h2, crypto_auth_hmacsha512_BYTES) == 0);
|
||
|
|
||
|
sodium_free(h2);
|
||
|
sodium_free(h);
|
||
|
sodium_free(k);
|
||
|
sodium_free(m);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
int
|
||
|
main(void)
|
||
|
{
|
||
|
mm_generichash();
|
||
|
mm_onetimeauth();
|
||
|
mm_hmacsha256();
|
||
|
mm_hmacsha512();
|
||
|
|
||
|
printf("OK\n");
|
||
|
|
||
|
return 0;
|
||
|
}
|