+test.ha (7690B)
1 // SPDX-License-Identifier: MPL-2.0 2 // (c) Hare authors <https://harelang.org> 3 4 use bytes; 5 use io; 6 use memio; 7 use types; 8 9 @test fn qr() void = { 10 let s: [4]u32 = [0xe7e8c006, 0xc4f9417d, 0x6479b4b2, 0x68c67137]; 11 qr(&s[0], &s[1], &s[2], &s[3]); 12 assert(s[0] == 0xe876d72b); 13 assert(s[1] == 0x9361dfd5); 14 assert(s[2] == 0xf1460244); 15 assert(s[3] == 0x948541a3); 16 }; 17 18 @test fn xsalsa20() void = { 19 let key: [KEYSZ]u8 = [ 20 0x47, 0x85, 0x1a, 0xb8, 0xa0, 0xd4, 0x41, 0x20, 0xb7, 0x7b, 21 0xf6, 0x16, 0x0d, 0xcb, 0xbf, 0xa6, 0x9f, 0xa9, 0xc5, 0xdd, 22 0x2a, 0x0c, 0xb9, 0x8c, 0xeb, 0x72, 0xe7, 0x96, 0x57, 0x01, 23 0xb5, 0x5a, 24 ]; 25 let nonce: [XNONCESZ]u8 = [ 26 0x1b, 0xcb, 0x13, 0xb8, 0xf5, 0x27, 0x53, 0x34, 0xa0, 0xb4, 27 0x8e, 0xd2, 0xeb, 0x5b, 0xbc, 0x15, 0x44, 0x5b, 0x05, 0x09, 28 0x56, 0xa8, 0x86, 0xa7, 29 ]; 30 let msg: [_]u8 = [ 31 0xb4, 0x6d, 0x7c, 0xfd, 0x74, 0xe3, 0x91, 0xfa, 0x9a, 0xa2, 32 0x14, 0x52, 0x53, 0xe1, 0xfb, 0x5c, 0xf3, 0x4a, 0x60, 0x17, 33 0x2f, 0x46, 0x80, 0x07, 0x43, 0x43, 0xa1, 0x6c, 0x15, 0xf3, 34 0xad, 0x9e, 0x83, 0x1e, 0x63, 0x0b, 0x10, 0x57, 0xf9, 0x19, 35 0x3e, 0x0d, 0xc4, 0x14, 0xd0, 0x1c, 0xef, 0x46, 0x62, 0x94, 36 0xdc, 0x43, 0xdd, 0xfa, 0x96, 0xa9, 0xa2, 0xd7, 0xc8, 0x53, 37 0xea, 0xf8, 0x52, 0x1b, 0xce, 0xd0, 0x65, 0x5d, 0x63, 0xfa, 38 0x23, 0x88, 0x86, 0x95, 0x11, 0x12, 0x00, 0xec, 0xa2, 0x52, 39 0x1e, 0xac, 0x80, 0xd7, 0x07, 0xb4, 0x76, 0x38, 0x67, 0xcf, 40 0xca, 0x67, 0x81, 0xca, 0xb6, 0xb2, 0x5a, 0xb8, 0x7d, 0xe7, 41 0x6e, 0xed, 0x08, 0x82, 0x1f, 0x12, 0x94, 0x84, 0x08, 0xe4, 42 0x94, 0x8f, 0xa7, 0x72, 0x09, 0x82, 43 ]; 44 let cipher: [_]u8 = [ 45 0x17, 0x14, 0xa7, 0x77, 0xf1, 0xe0, 0xf7, 0xd7, 0x9a, 0x8f, 46 0xe7, 0x16, 0xe7, 0x75, 0x13, 0x9c, 0xb8, 0x15, 0xb2, 0xcc, 47 0x07, 0x97, 0x50, 0x66, 0xa4, 0xc2, 0xcd, 0x1c, 0x1b, 0x6e, 48 0xea, 0x90, 0x59, 0xa9, 0x31, 0xb7, 0x24, 0x68, 0x4a, 0x64, 49 0xf4, 0xc0, 0x00, 0xd0, 0xa5, 0x66, 0x55, 0x77, 0x2c, 0xbf, 50 0x27, 0x0b, 0xc2, 0xab, 0xf6, 0x5f, 0x43, 0xe7, 0xf3, 0x49, 51 0xb8, 0x7d, 0x34, 0xd5, 0x05, 0x65, 0xc8, 0x4b, 0x97, 0x90, 52 0x56, 0xcb, 0xfa, 0x85, 0x17, 0x25, 0x8e, 0x6b, 0xc6, 0x32, 53 0x88, 0xab, 0x85, 0x1a, 0x35, 0x12, 0xec, 0xdd, 0xb6, 0x7d, 54 0x28, 0x33, 0xdb, 0xbd, 0x89, 0x9d, 0x89, 0xf0, 0x19, 0xcf, 55 0xd5, 0x47, 0x8f, 0xcc, 0x66, 0x37, 0x7d, 0x59, 0xa4, 0x4b, 56 0x2a, 0x61, 0x1f, 0x5b, 0x52, 0xf5, 57 ]; 58 59 let result: [116]u8 = [0...]; 60 let cipherbuf = memio::fixed(result); 61 62 let c = salsa20(); 63 defer io::close(&c)!; 64 65 xsalsa20_init(&c, &cipherbuf, key, nonce); 66 67 io::writeall(&c, msg)!; 68 assert(bytes::equal(cipher, result)); 69 }; 70 71 @test fn xsalsa20_ctr_overflow_u32() void = { 72 let key: [KEYSZ]u8 = [ 73 0x7f, 0xa3, 0x4d, 0x21, 0x7c, 0xc3, 0x91, 0x99, 0x47, 0xef, 74 0xa1, 0xde, 0x4b, 0xaa, 0x8d, 0xcb, 0x38, 0x4e, 0x7f, 0xf7, 75 0xbe, 0xd6, 0xaf, 0x4c, 0x11, 0x97, 0x68, 0x39, 0xf1, 0xd9, 76 0x0f, 0x92, 77 ]; 78 let nonce: [XNONCESZ]u8 = [ 79 0x42, 0x4a, 0xff, 0xdb, 0x30, 0xde, 0x7f, 0xaf, 0xe9, 0xd4, 80 0xd5, 0xe5, 0x64, 0xfc, 0x3a, 0x87, 0xe1, 0x74, 0x9d, 0x3b, 81 0xd5, 0x5f, 0x01, 0xec, 82 ]; 83 let msg: [_]u8 = [ 84 0x64, 0xf8, 0xd2, 0x0d, 0xc5, 0x54, 0x27, 0x5d, 0xae, 0x74, 85 0x23, 0xf8, 0xae, 0x43, 0xfb, 0xed, 0x35, 0xbf, 0xda, 0x89, 86 0x4f, 0xb1, 0x0c, 0xcc, 0x06, 0x7b, 0xb9, 0x75, 0xcf, 0x3b, 87 0x8e, 0x02, 0x3f, 0xc4, 0x96, 0xf2, 0xfd, 0xef, 0x68, 0xae, 88 0x28, 0x30, 0x3a, 0x61, 0x1c, 0xcc, 0x3f, 0xa8, 0x9c, 0xec, 89 0x3a, 0x10, 0x84, 0x6a, 0xae, 0x47, 0xf4, 0x35, 0xa3, 0x42, 90 0xeb, 0x21, 0xb8, 0x30, 0x4c, 0x24, 0xf1, 0x00, 0x08, 0x9b, 91 0x0b, 0x86, 0x9e, 0x42, 0x97, 0x29, 0x5e, 0x9d, 0x7c, 0xdb, 92 0x7c, 0x16, 0x29, 0xac, 0x7c, 0xf8, 0xf5, 0xd8, 0xb3, 0xa8, 93 0x0d, 0x5a, 0xdb, 0x46, 0x21, 0x52, 0x42, 0x85, 0xdf, 0x42, 94 0xc9, 0x01, 0x66, 0xe3, 0x7b, 0x2a, 0xa5, 0xec, 0xee, 0x8c, 95 0x3a, 0xa9, 0xac, 0xd6, 0x6a, 0xa4, 96 ]; 97 let cipher: [_]u8 = [ 98 0xcc, 0x10, 0x8d, 0x36, 0xfd, 0x0c, 0x27, 0x88, 0x2f, 0x40, 99 0xc8, 0x94, 0xf6, 0x8e, 0xda, 0x54, 0x66, 0x6b, 0x57, 0x54, 100 0xd9, 0x2a, 0x2a, 0x77, 0xa5, 0x0e, 0x13, 0xdd, 0x37, 0x36, 101 0xd7, 0x6d, 0x32, 0xf0, 0xe0, 0xcc, 0x1e, 0x96, 0x94, 0x0a, 102 0xab, 0x96, 0x99, 0x70, 0x2b, 0xa5, 0x9b, 0xf1, 0x5a, 0x80, 103 0x88, 0x51, 0x37, 0x1d, 0xa5, 0x46, 0x63, 0x43, 0x34, 0xd9, 104 0x23, 0x36, 0x55, 0x5c, 0x3e, 0xcd, 0xf5, 0x18, 0xbe, 0x20, 105 0x4b, 0x7f, 0x7f, 0xad, 0xe9, 0xc1, 0x73, 0xf9, 0x9a, 0x75, 106 0xd3, 0x70, 0xbc, 0x92, 0x30, 0xf2, 0x03, 0x5a, 0x4e, 0x38, 107 0x8a, 0xab, 0x0c, 0x8a, 0x07, 0x14, 0xe7, 0x3f, 0x92, 0x90, 108 0xdd, 0x79, 0x7c, 0xa3, 0xa2, 0x3d, 0xda, 0xd5, 0x0f, 0xdf, 109 0x85, 0x7b, 0xcb, 0x7c, 0x7b, 0x2f, 110 ]; 111 112 let result: [116]u8 = [0...]; 113 let cipherbuf = memio::fixed(result); 114 115 let c = salsa20(); 116 defer io::close(&c)!; 117 118 xsalsa20_init(&c, &cipherbuf, key, nonce); 119 setctr(&c, types::U32_MAX); 120 121 io::writeall(&c, msg)!; 122 assert(bytes::equal(cipher, result)); 123 }; 124 125 @test fn xsalsa20_ctr_overflow_u64() void = { 126 let key: [KEYSZ]u8 = [ 127 0xe3, 0xe0, 0xa8, 0x09, 0x09, 0xd2, 0x8c, 0xb4, 0x13, 0xa6, 128 0x8a, 0x33, 0xdf, 0x9c, 0xa2, 0x7f, 0x46, 0xd1, 0x9e, 0x32, 129 0x14, 0x53, 0x66, 0x23, 0x36, 0x45, 0x58, 0xff, 0x68, 0x36, 130 0x78, 0x69, 131 ]; 132 let nonce: [XNONCESZ]u8 = [ 133 0x8d, 0xe8, 0x84, 0xa0, 0x91, 0x0a, 0x26, 0xa3, 0xb4, 0x8a, 134 0x05, 0x22, 0x41, 0x77, 0xd1, 0x14, 0xbd, 0x09, 0x35, 0x0e, 135 0xbd, 0x73, 0xe5, 0xae, 136 ]; 137 let msg: [_]u8 = [ 138 0xa8, 0xd2, 0x9f, 0x40, 0x9e, 0xe5, 0xc9, 0xd4, 0x3e, 0x5c, 139 0x36, 0x1e, 0x9b, 0x75, 0x61, 0xf1, 0xe2, 0xfc, 0x57, 0xf6, 140 0x54, 0x06, 0x69, 0x1f, 0xb4, 0xba, 0xf3, 0xa9, 0xcf, 0xff, 141 0x02, 0x64, 0x06, 0x78, 0x2a, 0xce, 0x64, 0x38, 0xf5, 0x96, 142 0x5d, 0xfa, 0x2f, 0xe0, 0x5a, 0x61, 0x10, 0xf3, 0x97, 0x17, 143 0x68, 0xcc, 0xc2, 0x30, 0x02, 0x87, 0xc1, 0x58, 0xff, 0x9e, 144 0xc7, 0x9f, 0x95, 0xe8, 0xe6, 0x87, 0xbe, 0xa6, 0xc1, 0x14, 145 0x2a, 0x59, 0x44, 0x91, 0x95, 0x2d, 0x2f, 0xf7, 0xc3, 0xf7, 146 0x8a, 0x45, 0x28, 0xb0, 0x97, 0x72, 0xa6, 0x1d, 0x7b, 0x74, 147 0x71, 0x68, 0x2f, 0xe9, 0xbd, 0x5d, 0xf3, 0xd7, 0xd1, 0x4e, 148 0x73, 0x1b, 0xbf, 0x29, 0xad, 0xa7, 0x08, 0xe8, 0x70, 0x5f, 149 0x2b, 0x4d, 0x60, 0x3f, 0xf1, 0x09, 150 ]; 151 let cipher: [_]u8 = [ 152 0x6b, 0x01, 0x72, 0xc3, 0x54, 0x65, 0x85, 0xd6, 0x63, 0xef, 153 0x4b, 0x55, 0xbe, 0xd6, 0x32, 0x7c, 0x3a, 0x2e, 0x35, 0xac, 154 0x1a, 0xa9, 0x73, 0x57, 0xb1, 0xe7, 0x97, 0x1d, 0x5c, 0xd3, 155 0x9c, 0x9e, 0xee, 0x3d, 0x8e, 0xd7, 0x44, 0x4b, 0xee, 0xce, 156 0x6e, 0x5d, 0x81, 0x7e, 0x9a, 0x8a, 0x58, 0x65, 0x53, 0x1d, 157 0x8a, 0x7c, 0x6c, 0x4d, 0x18, 0x77, 0x8f, 0x65, 0x22, 0xd9, 158 0x47, 0xb4, 0x80, 0x16, 0x07, 0x22, 0x88, 0x92, 0x8e, 0x66, 159 0x5d, 0xac, 0xf4, 0x15, 0xf2, 0xd9, 0xe5, 0xc9, 0xdc, 0xeb, 160 0x01, 0xc1, 0x94, 0x9a, 0xdd, 0x74, 0x70, 0xfd, 0xe1, 0x40, 161 0x48, 0x72, 0xab, 0xbc, 0xe6, 0xec, 0x12, 0xdc, 0xf2, 0x57, 162 0xc6, 0xcf, 0xd5, 0x2f, 0x12, 0x56, 0xed, 0xe2, 0x3c, 0x93, 163 0x5a, 0xf6, 0x17, 0x63, 0xea, 0x41, 164 ]; 165 166 167 let result: [116]u8 = [0...]; 168 let cipherbuf = memio::fixed(result); 169 170 let c = salsa20(); 171 defer io::close(&c)!; 172 173 xsalsa20_init(&c, &cipherbuf, key, nonce); 174 setctr(&c, types::U64_MAX); 175 176 io::writeall(&c, msg)!; 177 assert(bytes::equal(cipher, result)); 178 }; 179 180 // taken from naclcrypto-20090310.pdf 181 @test fn hsalsa20() void = { 182 const key: [_]u8 = [ 183 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 184 0x51, 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 185 0xac, 0x64, 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 186 0x83, 0x89, 187 ]; 188 const nonce: [_]u8 = [ 189 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, 0xcd, 0x62, 190 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, 191 ]; 192 const expected: [_]u8 = [ 193 0xdc, 0x90, 0x8d, 0xda, 0x0b, 0x93, 0x44, 0xa9, 0x53, 0x62, 194 0x9b, 0x73, 0x38, 0x20, 0x77, 0x88, 0x80, 0xf3, 0xce, 0xb4, 195 0x21, 0xbb, 0x61, 0xb9, 0x1c, 0xbd, 0x4c, 0x3e, 0x66, 0x25, 196 0x6c, 0xe4, 197 ]; 198 199 let out: [32]u8 = [0...]; 200 hsalsa20(&out, &key, &nonce); 201 assert(bytes::equal(out, expected)); 202 };