2 * crypto_auth/try.c version 20090118
7 #include "crypto_hash_sha256.h"
8 #include "crypto_auth.h"
9 #include "windows/windows-quirks.h"
11 extern unsigned char *alignedcalloc(unsigned long long);
13 const char *primitiveimplementation
= crypto_auth_IMPLEMENTATION
;
15 #define MAXTEST_BYTES 10000
16 #define CHECKSUM_BYTES 4096
17 #define TUNE_BYTES 1536
19 static unsigned char *h
;
20 static unsigned char *m
;
21 static unsigned char *k
;
22 static unsigned char *h2
;
23 static unsigned char *m2
;
24 static unsigned char *k2
;
26 void preallocate(void)
32 h
= alignedcalloc(crypto_auth_BYTES
);
33 m
= alignedcalloc(MAXTEST_BYTES
);
34 k
= alignedcalloc(crypto_auth_KEYBYTES
);
35 h2
= alignedcalloc(crypto_auth_BYTES
);
36 m2
= alignedcalloc(MAXTEST_BYTES
+ crypto_auth_BYTES
);
37 k2
= alignedcalloc(crypto_auth_KEYBYTES
+ crypto_auth_BYTES
);
46 crypto_auth(h
,m
,TUNE_BYTES
,k
);
47 crypto_auth_verify(h
,m
,TUNE_BYTES
,k
);
50 char checksum
[crypto_auth_BYTES
* 2 + 1];
52 const char *checksum_compute(void)
57 for (i
= 0;i
< CHECKSUM_BYTES
;++i
) {
59 long long klen
= crypto_auth_KEYBYTES
;
60 long long hlen
= crypto_auth_BYTES
;
62 for (j
= -16;j
< 0;++j
) h
[j
] = random();
63 for (j
= -16;j
< 0;++j
) k
[j
] = random();
64 for (j
= -16;j
< 0;++j
) m
[j
] = random();
65 for (j
= hlen
;j
< hlen
+ 16;++j
) h
[j
] = random();
66 for (j
= klen
;j
< klen
+ 16;++j
) k
[j
] = random();
67 for (j
= mlen
;j
< mlen
+ 16;++j
) m
[j
] = random();
68 for (j
= -16;j
< hlen
+ 16;++j
) h2
[j
] = h
[j
];
69 for (j
= -16;j
< klen
+ 16;++j
) k2
[j
] = k
[j
];
70 for (j
= -16;j
< mlen
+ 16;++j
) m2
[j
] = m
[j
];
72 if (crypto_auth(h
,m
,mlen
,k
) != 0) return "crypto_auth returns nonzero";
74 for (j
= -16;j
< klen
+ 16;++j
) if (k
[j
] != k2
[j
]) return "crypto_auth overwrites k";
75 for (j
= -16;j
< mlen
+ 16;++j
) if (m
[j
] != m2
[j
]) return "crypto_auth overwrites m";
76 for (j
= -16;j
< 0;++j
) if (h
[j
] != h2
[j
]) return "crypto_auth writes before output";
77 for (j
= hlen
;j
< hlen
+ 16;++j
) if (h
[j
] != h2
[j
]) return "crypto_auth writes after output";
79 for (j
= -16;j
< 0;++j
) h
[j
] = random();
80 for (j
= -16;j
< 0;++j
) k
[j
] = random();
81 for (j
= -16;j
< 0;++j
) m
[j
] = random();
82 for (j
= hlen
;j
< hlen
+ 16;++j
) h
[j
] = random();
83 for (j
= klen
;j
< klen
+ 16;++j
) k
[j
] = random();
84 for (j
= mlen
;j
< mlen
+ 16;++j
) m
[j
] = random();
85 for (j
= -16;j
< hlen
+ 16;++j
) h2
[j
] = h
[j
];
86 for (j
= -16;j
< klen
+ 16;++j
) k2
[j
] = k
[j
];
87 for (j
= -16;j
< mlen
+ 16;++j
) m2
[j
] = m
[j
];
89 if (crypto_auth(m2
,m2
,mlen
,k
) != 0) return "crypto_auth returns nonzero";
90 for (j
= 0;j
< hlen
;++j
) if (m2
[j
] != h
[j
]) return "crypto_auth does not handle m overlap";
91 for (j
= 0;j
< hlen
;++j
) m2
[j
] = m
[j
];
92 if (crypto_auth(k2
,m2
,mlen
,k2
) != 0) return "crypto_auth returns nonzero";
93 for (j
= 0;j
< hlen
;++j
) if (k2
[j
] != h
[j
]) return "crypto_auth does not handle k overlap";
94 for (j
= 0;j
< hlen
;++j
) k2
[j
] = k
[j
];
96 if (crypto_auth_verify(h
,m
,mlen
,k
) != 0) return "crypto_auth_verify returns nonzero";
98 for (j
= -16;j
< hlen
+ 16;++j
) if (h
[j
] != h2
[j
]) return "crypto_auth overwrites h";
99 for (j
= -16;j
< klen
+ 16;++j
) if (k
[j
] != k2
[j
]) return "crypto_auth overwrites k";
100 for (j
= -16;j
< mlen
+ 16;++j
) if (m
[j
] != m2
[j
]) return "crypto_auth overwrites m";
102 crypto_hash_sha256(h2
,h
,hlen
);
103 for (j
= 0;j
< klen
;++j
) k
[j
] ^= h2
[j
% 32];
104 if (crypto_auth(h
,m
,mlen
,k
) != 0) return "crypto_auth returns nonzero";
105 if (crypto_auth_verify(h
,m
,mlen
,k
) != 0) return "crypto_auth_verify returns nonzero";
107 crypto_hash_sha256(h2
,h
,hlen
);
108 for (j
= 0;j
< mlen
;++j
) m
[j
] ^= h2
[j
% 32];
111 if (crypto_auth(h
,m
,CHECKSUM_BYTES
,k
) != 0) return "crypto_auth returns nonzero";
112 if (crypto_auth_verify(h
,m
,CHECKSUM_BYTES
,k
) != 0) return "crypto_auth_verify returns nonzero";
114 for (i
= 0;i
< crypto_auth_BYTES
;++i
) {
115 checksum
[2 * i
] = "0123456789abcdef"[15 & (h
[i
] >> 4)];
116 checksum
[2 * i
+ 1] = "0123456789abcdef"[15 & h
[i
]];