mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 17:05:47 +01:00
b8025c5826
This implementation is based off the description in RFC 7539. The ChaCha20 code is also updated to provide a means of generating keystream blocks with arbitrary counter values. This is used to generated the one-time Poly1305 key in the AEAD construction.
110 lines
3.9 KiB
Plaintext
110 lines
3.9 KiB
Plaintext
/* BEGIN_HEADER */
|
|
#include "mbedtls/aead_chacha20_poly1305.h"
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_AEAD_CHACHA20_POLY1305_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_aead_chacha20_poly1305_enc( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string )
|
|
{
|
|
unsigned char key_str[32];
|
|
unsigned char nonce_str[12];
|
|
unsigned char aad_str[10000];
|
|
unsigned char input_str[10000];
|
|
unsigned char output_str[10000];
|
|
unsigned char mac_str[16];
|
|
unsigned char output[10000];
|
|
unsigned char mac[16];
|
|
size_t input_len;
|
|
size_t output_len;
|
|
size_t aad_len;
|
|
size_t key_len;
|
|
size_t nonce_len;
|
|
size_t mac_len;
|
|
|
|
memset( key_str, 0x00, 32 );
|
|
memset( nonce_str, 0x00, 12 );
|
|
memset( aad_str, 0x00, 10000 );
|
|
memset( input_str, 0x00, 10000 );
|
|
memset( output_str, 0x00, 10000 );
|
|
memset( mac_str, 0x00, 16 );
|
|
|
|
aad_len = unhexify( aad_str, hex_aad_string );
|
|
input_len = unhexify( input_str, hex_input_string );
|
|
output_len = unhexify( output_str, hex_output_string );
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
nonce_len = unhexify( nonce_str, hex_nonce_string );
|
|
mac_len = unhexify( mac_str, hex_mac_string );
|
|
|
|
TEST_ASSERT( key_len == 32 );
|
|
TEST_ASSERT( nonce_len == 12 );
|
|
TEST_ASSERT( mac_len == 16 );
|
|
|
|
mbedtls_aead_chacha20_poly1305_crypt_and_mac( key_str, nonce_str,
|
|
MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT,
|
|
aad_len, aad_str,
|
|
input_len, input_str, output,
|
|
mac );
|
|
|
|
TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
|
|
TEST_ASSERT( memcmp( mac_str, mac, 16U ) == 0 );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_aead_chacha20_poly1305_dec( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string )
|
|
{
|
|
unsigned char key_str[32];
|
|
unsigned char nonce_str[12];
|
|
unsigned char aad_str[10000];
|
|
unsigned char input_str[10000];
|
|
unsigned char output_str[10000];
|
|
unsigned char mac_str[16];
|
|
unsigned char output[10000];
|
|
unsigned char mac[16];
|
|
size_t input_len;
|
|
size_t output_len;
|
|
size_t aad_len;
|
|
size_t key_len;
|
|
size_t nonce_len;
|
|
size_t mac_len;
|
|
|
|
memset( key_str, 0x00, 32 );
|
|
memset( nonce_str, 0x00, 12 );
|
|
memset( aad_str, 0x00, 10000 );
|
|
memset( input_str, 0x00, 10000 );
|
|
memset( output_str, 0x00, 10000 );
|
|
memset( mac_str, 0x00, 16 );
|
|
|
|
aad_len = unhexify( aad_str, hex_aad_string );
|
|
input_len = unhexify( input_str, hex_input_string );
|
|
output_len = unhexify( output_str, hex_output_string );
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
nonce_len = unhexify( nonce_str, hex_nonce_string );
|
|
mac_len = unhexify( mac_str, hex_mac_string );
|
|
|
|
TEST_ASSERT( key_len == 32 );
|
|
TEST_ASSERT( nonce_len == 12 );
|
|
TEST_ASSERT( mac_len == 16 );
|
|
|
|
mbedtls_aead_chacha20_poly1305_crypt_and_mac( key_str, nonce_str,
|
|
MBEDTLS_AEAD_CHACHA20_POLY1305_DECRYPT,
|
|
aad_len, aad_str,
|
|
input_len, input_str, output,
|
|
mac );
|
|
|
|
TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
|
|
TEST_ASSERT( memcmp( mac_str, mac, 16U ) == 0 );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
|
|
void aead_chacha20_poly1305_selftest()
|
|
{
|
|
TEST_ASSERT( mbedtls_aead_chacha20_poly1305_self_test( 1 ) == 0 );
|
|
}
|
|
/* END_CASE */
|