You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

143 lines
4.7 KiB

  1. package hkdfchacha20poly1305
  2. import (
  3. "bytes"
  4. cr "crypto/rand"
  5. "encoding/hex"
  6. mr "math/rand"
  7. "testing"
  8. "github.com/stretchr/testify/assert"
  9. )
  10. // Test that a test vector we generated is valid. (Ensures backwards
  11. // compatibility)
  12. func TestVector(t *testing.T) {
  13. key, _ := hex.DecodeString("56f8de45d3c294c7675bcaf457bdd4b71c380b9b2408ce9412b348d0f08b69ee")
  14. aead, err := New(key[:])
  15. if err != nil {
  16. t.Fatal(err)
  17. }
  18. cts := []string{"e20a8bf42c535ac30125cfc52031577f0b",
  19. "657695b37ba30f67b25860d90a6f1d00d8",
  20. "e9aa6f3b7f625d957fd50f05bcdf20d014",
  21. "8a00b3b5a6014e0d2033bebc5935086245",
  22. "aadd74867b923879e6866ea9e03c009039",
  23. "fc59773c2c864ee3b4cc971876b3c7bed4",
  24. "caec14e3a9a52ce1a2682c6737defa4752",
  25. "0b89511ffe490d2049d6950494ee51f919",
  26. "7de854ea71f43ca35167a07566c769083d",
  27. "cd477327f4ea4765c71e311c5fec1edbfb"}
  28. for i := 0; i < 10; i++ {
  29. ct, _ := hex.DecodeString(cts[i])
  30. byteArr := []byte{byte(i)}
  31. nonce := make([]byte, 24)
  32. nonce[0] = byteArr[0]
  33. // Test that we get the expected plaintext on open
  34. plaintext, err := aead.Open(nil, nonce, ct, byteArr)
  35. if err != nil {
  36. t.Errorf("%dth Open failed", i)
  37. continue
  38. }
  39. assert.Equal(t, byteArr, plaintext)
  40. // Test that sealing yields the expected ciphertext
  41. ciphertext := aead.Seal(nil, nonce, plaintext, byteArr)
  42. assert.Equal(t, ct, ciphertext)
  43. }
  44. }
  45. // The following test is taken from
  46. // https://github.com/golang/crypto/blob/master/chacha20poly1305/chacha20poly1305_test.go#L69
  47. // It requires the below copyright notice, where "this source code" refers to the following function.
  48. // Copyright 2016 The Go Authors. All rights reserved.
  49. // Use of this source code is governed by a BSD-style
  50. // license that can be found at the bottom of this file.
  51. func TestRandom(t *testing.T) {
  52. // Some random tests to verify Open(Seal) == Plaintext
  53. for i := 0; i < 256; i++ {
  54. var nonce [24]byte
  55. var key [32]byte
  56. al := mr.Intn(128)
  57. pl := mr.Intn(16384)
  58. ad := make([]byte, al)
  59. plaintext := make([]byte, pl)
  60. cr.Read(key[:])
  61. cr.Read(nonce[:])
  62. cr.Read(ad)
  63. cr.Read(plaintext)
  64. aead, err := New(key[:])
  65. if err != nil {
  66. t.Fatal(err)
  67. }
  68. ct := aead.Seal(nil, nonce[:], plaintext, ad)
  69. plaintext2, err := aead.Open(nil, nonce[:], ct, ad)
  70. if err != nil {
  71. t.Errorf("Random #%d: Open failed", i)
  72. continue
  73. }
  74. if !bytes.Equal(plaintext, plaintext2) {
  75. t.Errorf("Random #%d: plaintext's don't match: got %x vs %x", i, plaintext2, plaintext)
  76. continue
  77. }
  78. if len(ad) > 0 {
  79. alterAdIdx := mr.Intn(len(ad))
  80. ad[alterAdIdx] ^= 0x80
  81. if _, err := aead.Open(nil, nonce[:], ct, ad); err == nil {
  82. t.Errorf("Random #%d: Open was successful after altering additional data", i)
  83. }
  84. ad[alterAdIdx] ^= 0x80
  85. }
  86. alterNonceIdx := mr.Intn(aead.NonceSize())
  87. nonce[alterNonceIdx] ^= 0x80
  88. if _, err := aead.Open(nil, nonce[:], ct, ad); err == nil {
  89. t.Errorf("Random #%d: Open was successful after altering nonce", i)
  90. }
  91. nonce[alterNonceIdx] ^= 0x80
  92. alterCtIdx := mr.Intn(len(ct))
  93. ct[alterCtIdx] ^= 0x80
  94. if _, err := aead.Open(nil, nonce[:], ct, ad); err == nil {
  95. t.Errorf("Random #%d: Open was successful after altering ciphertext", i)
  96. }
  97. ct[alterCtIdx] ^= 0x80
  98. }
  99. }
  100. // AFOREMENTIONED LICENCE
  101. // Copyright (c) 2009 The Go Authors. All rights reserved.
  102. //
  103. // Redistribution and use in source and binary forms, with or without
  104. // modification, are permitted provided that the following conditions are
  105. // met:
  106. //
  107. // * Redistributions of source code must retain the above copyright
  108. // notice, this list of conditions and the following disclaimer.
  109. // * Redistributions in binary form must reproduce the above
  110. // copyright notice, this list of conditions and the following disclaimer
  111. // in the documentation and/or other materials provided with the
  112. // distribution.
  113. // * Neither the name of Google Inc. nor the names of its
  114. // contributors may be used to endorse or promote products derived from
  115. // this software without specific prior written permission.
  116. //
  117. // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  118. // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  119. // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  120. // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  121. // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  122. // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  123. // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  124. // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  125. // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  126. // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  127. // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.