+test.ha (7710B)
1 // SPDX-License-Identifier: MPL-2.0 2 // (c) Hare authors <https://harelang.org> 3 4 use bytes; 5 use crypto::cipher; 6 use io; 7 use memio; 8 use types; 9 10 @test fn qr() void = { 11 let s: [4]u32 = [0xe7e8c006, 0xc4f9417d, 0x6479b4b2, 0x68c67137]; 12 qr(&s[0], &s[1], &s[2], &s[3]); 13 assert(s[0] == 0xe876d72b); 14 assert(s[1] == 0x9361dfd5); 15 assert(s[2] == 0xf1460244); 16 assert(s[3] == 0x948541a3); 17 }; 18 19 @test fn xsalsa20() void = { 20 let key: [KEYSZ]u8 = [ 21 0x47, 0x85, 0x1a, 0xb8, 0xa0, 0xd4, 0x41, 0x20, 0xb7, 0x7b, 22 0xf6, 0x16, 0x0d, 0xcb, 0xbf, 0xa6, 0x9f, 0xa9, 0xc5, 0xdd, 23 0x2a, 0x0c, 0xb9, 0x8c, 0xeb, 0x72, 0xe7, 0x96, 0x57, 0x01, 24 0xb5, 0x5a, 25 ]; 26 let nonce: [XNONCESZ]u8 = [ 27 0x1b, 0xcb, 0x13, 0xb8, 0xf5, 0x27, 0x53, 0x34, 0xa0, 0xb4, 28 0x8e, 0xd2, 0xeb, 0x5b, 0xbc, 0x15, 0x44, 0x5b, 0x05, 0x09, 29 0x56, 0xa8, 0x86, 0xa7, 30 ]; 31 let msg: [_]u8 = [ 32 0xb4, 0x6d, 0x7c, 0xfd, 0x74, 0xe3, 0x91, 0xfa, 0x9a, 0xa2, 33 0x14, 0x52, 0x53, 0xe1, 0xfb, 0x5c, 0xf3, 0x4a, 0x60, 0x17, 34 0x2f, 0x46, 0x80, 0x07, 0x43, 0x43, 0xa1, 0x6c, 0x15, 0xf3, 35 0xad, 0x9e, 0x83, 0x1e, 0x63, 0x0b, 0x10, 0x57, 0xf9, 0x19, 36 0x3e, 0x0d, 0xc4, 0x14, 0xd0, 0x1c, 0xef, 0x46, 0x62, 0x94, 37 0xdc, 0x43, 0xdd, 0xfa, 0x96, 0xa9, 0xa2, 0xd7, 0xc8, 0x53, 38 0xea, 0xf8, 0x52, 0x1b, 0xce, 0xd0, 0x65, 0x5d, 0x63, 0xfa, 39 0x23, 0x88, 0x86, 0x95, 0x11, 0x12, 0x00, 0xec, 0xa2, 0x52, 40 0x1e, 0xac, 0x80, 0xd7, 0x07, 0xb4, 0x76, 0x38, 0x67, 0xcf, 41 0xca, 0x67, 0x81, 0xca, 0xb6, 0xb2, 0x5a, 0xb8, 0x7d, 0xe7, 42 0x6e, 0xed, 0x08, 0x82, 0x1f, 0x12, 0x94, 0x84, 0x08, 0xe4, 43 0x94, 0x8f, 0xa7, 0x72, 0x09, 0x82, 44 ]; 45 let cipher: [_]u8 = [ 46 0x17, 0x14, 0xa7, 0x77, 0xf1, 0xe0, 0xf7, 0xd7, 0x9a, 0x8f, 47 0xe7, 0x16, 0xe7, 0x75, 0x13, 0x9c, 0xb8, 0x15, 0xb2, 0xcc, 48 0x07, 0x97, 0x50, 0x66, 0xa4, 0xc2, 0xcd, 0x1c, 0x1b, 0x6e, 49 0xea, 0x90, 0x59, 0xa9, 0x31, 0xb7, 0x24, 0x68, 0x4a, 0x64, 50 0xf4, 0xc0, 0x00, 0xd0, 0xa5, 0x66, 0x55, 0x77, 0x2c, 0xbf, 51 0x27, 0x0b, 0xc2, 0xab, 0xf6, 0x5f, 0x43, 0xe7, 0xf3, 0x49, 52 0xb8, 0x7d, 0x34, 0xd5, 0x05, 0x65, 0xc8, 0x4b, 0x97, 0x90, 53 0x56, 0xcb, 0xfa, 0x85, 0x17, 0x25, 0x8e, 0x6b, 0xc6, 0x32, 54 0x88, 0xab, 0x85, 0x1a, 0x35, 0x12, 0xec, 0xdd, 0xb6, 0x7d, 55 0x28, 0x33, 0xdb, 0xbd, 0x89, 0x9d, 0x89, 0xf0, 0x19, 0xcf, 56 0xd5, 0x47, 0x8f, 0xcc, 0x66, 0x37, 0x7d, 0x59, 0xa4, 0x4b, 57 0x2a, 0x61, 0x1f, 0x5b, 0x52, 0xf5, 58 ]; 59 60 let result: [116]u8 = [0...]; 61 let cipherbuf = memio::fixed(result); 62 63 let c = salsa20(); 64 defer io::close(&c)!; 65 66 xsalsa20_init(&c, &cipherbuf, key, nonce); 67 68 io::writeall(&c, msg)!; 69 assert(bytes::equal(cipher, result)); 70 }; 71 72 @test fn xsalsa20_ctr_overflow_u32() void = { 73 let key: [KEYSZ]u8 = [ 74 0x7f, 0xa3, 0x4d, 0x21, 0x7c, 0xc3, 0x91, 0x99, 0x47, 0xef, 75 0xa1, 0xde, 0x4b, 0xaa, 0x8d, 0xcb, 0x38, 0x4e, 0x7f, 0xf7, 76 0xbe, 0xd6, 0xaf, 0x4c, 0x11, 0x97, 0x68, 0x39, 0xf1, 0xd9, 77 0x0f, 0x92, 78 ]; 79 let nonce: [XNONCESZ]u8 = [ 80 0x42, 0x4a, 0xff, 0xdb, 0x30, 0xde, 0x7f, 0xaf, 0xe9, 0xd4, 81 0xd5, 0xe5, 0x64, 0xfc, 0x3a, 0x87, 0xe1, 0x74, 0x9d, 0x3b, 82 0xd5, 0x5f, 0x01, 0xec, 83 ]; 84 let msg: [_]u8 = [ 85 0x64, 0xf8, 0xd2, 0x0d, 0xc5, 0x54, 0x27, 0x5d, 0xae, 0x74, 86 0x23, 0xf8, 0xae, 0x43, 0xfb, 0xed, 0x35, 0xbf, 0xda, 0x89, 87 0x4f, 0xb1, 0x0c, 0xcc, 0x06, 0x7b, 0xb9, 0x75, 0xcf, 0x3b, 88 0x8e, 0x02, 0x3f, 0xc4, 0x96, 0xf2, 0xfd, 0xef, 0x68, 0xae, 89 0x28, 0x30, 0x3a, 0x61, 0x1c, 0xcc, 0x3f, 0xa8, 0x9c, 0xec, 90 0x3a, 0x10, 0x84, 0x6a, 0xae, 0x47, 0xf4, 0x35, 0xa3, 0x42, 91 0xeb, 0x21, 0xb8, 0x30, 0x4c, 0x24, 0xf1, 0x00, 0x08, 0x9b, 92 0x0b, 0x86, 0x9e, 0x42, 0x97, 0x29, 0x5e, 0x9d, 0x7c, 0xdb, 93 0x7c, 0x16, 0x29, 0xac, 0x7c, 0xf8, 0xf5, 0xd8, 0xb3, 0xa8, 94 0x0d, 0x5a, 0xdb, 0x46, 0x21, 0x52, 0x42, 0x85, 0xdf, 0x42, 95 0xc9, 0x01, 0x66, 0xe3, 0x7b, 0x2a, 0xa5, 0xec, 0xee, 0x8c, 96 0x3a, 0xa9, 0xac, 0xd6, 0x6a, 0xa4, 97 ]; 98 let cipher: [_]u8 = [ 99 0xcc, 0x10, 0x8d, 0x36, 0xfd, 0x0c, 0x27, 0x88, 0x2f, 0x40, 100 0xc8, 0x94, 0xf6, 0x8e, 0xda, 0x54, 0x66, 0x6b, 0x57, 0x54, 101 0xd9, 0x2a, 0x2a, 0x77, 0xa5, 0x0e, 0x13, 0xdd, 0x37, 0x36, 102 0xd7, 0x6d, 0x32, 0xf0, 0xe0, 0xcc, 0x1e, 0x96, 0x94, 0x0a, 103 0xab, 0x96, 0x99, 0x70, 0x2b, 0xa5, 0x9b, 0xf1, 0x5a, 0x80, 104 0x88, 0x51, 0x37, 0x1d, 0xa5, 0x46, 0x63, 0x43, 0x34, 0xd9, 105 0x23, 0x36, 0x55, 0x5c, 0x3e, 0xcd, 0xf5, 0x18, 0xbe, 0x20, 106 0x4b, 0x7f, 0x7f, 0xad, 0xe9, 0xc1, 0x73, 0xf9, 0x9a, 0x75, 107 0xd3, 0x70, 0xbc, 0x92, 0x30, 0xf2, 0x03, 0x5a, 0x4e, 0x38, 108 0x8a, 0xab, 0x0c, 0x8a, 0x07, 0x14, 0xe7, 0x3f, 0x92, 0x90, 109 0xdd, 0x79, 0x7c, 0xa3, 0xa2, 0x3d, 0xda, 0xd5, 0x0f, 0xdf, 110 0x85, 0x7b, 0xcb, 0x7c, 0x7b, 0x2f, 111 ]; 112 113 let result: [116]u8 = [0...]; 114 let cipherbuf = memio::fixed(result); 115 116 let c = salsa20(); 117 defer io::close(&c)!; 118 119 xsalsa20_init(&c, &cipherbuf, key, nonce); 120 setctr(&c, types::U32_MAX); 121 122 io::writeall(&c, msg)!; 123 assert(bytes::equal(cipher, result)); 124 }; 125 126 @test fn xsalsa20_ctr_overflow_u64() void = { 127 let key: [KEYSZ]u8 = [ 128 0xe3, 0xe0, 0xa8, 0x09, 0x09, 0xd2, 0x8c, 0xb4, 0x13, 0xa6, 129 0x8a, 0x33, 0xdf, 0x9c, 0xa2, 0x7f, 0x46, 0xd1, 0x9e, 0x32, 130 0x14, 0x53, 0x66, 0x23, 0x36, 0x45, 0x58, 0xff, 0x68, 0x36, 131 0x78, 0x69, 132 ]; 133 let nonce: [XNONCESZ]u8 = [ 134 0x8d, 0xe8, 0x84, 0xa0, 0x91, 0x0a, 0x26, 0xa3, 0xb4, 0x8a, 135 0x05, 0x22, 0x41, 0x77, 0xd1, 0x14, 0xbd, 0x09, 0x35, 0x0e, 136 0xbd, 0x73, 0xe5, 0xae, 137 ]; 138 let msg: [_]u8 = [ 139 0xa8, 0xd2, 0x9f, 0x40, 0x9e, 0xe5, 0xc9, 0xd4, 0x3e, 0x5c, 140 0x36, 0x1e, 0x9b, 0x75, 0x61, 0xf1, 0xe2, 0xfc, 0x57, 0xf6, 141 0x54, 0x06, 0x69, 0x1f, 0xb4, 0xba, 0xf3, 0xa9, 0xcf, 0xff, 142 0x02, 0x64, 0x06, 0x78, 0x2a, 0xce, 0x64, 0x38, 0xf5, 0x96, 143 0x5d, 0xfa, 0x2f, 0xe0, 0x5a, 0x61, 0x10, 0xf3, 0x97, 0x17, 144 0x68, 0xcc, 0xc2, 0x30, 0x02, 0x87, 0xc1, 0x58, 0xff, 0x9e, 145 0xc7, 0x9f, 0x95, 0xe8, 0xe6, 0x87, 0xbe, 0xa6, 0xc1, 0x14, 146 0x2a, 0x59, 0x44, 0x91, 0x95, 0x2d, 0x2f, 0xf7, 0xc3, 0xf7, 147 0x8a, 0x45, 0x28, 0xb0, 0x97, 0x72, 0xa6, 0x1d, 0x7b, 0x74, 148 0x71, 0x68, 0x2f, 0xe9, 0xbd, 0x5d, 0xf3, 0xd7, 0xd1, 0x4e, 149 0x73, 0x1b, 0xbf, 0x29, 0xad, 0xa7, 0x08, 0xe8, 0x70, 0x5f, 150 0x2b, 0x4d, 0x60, 0x3f, 0xf1, 0x09, 151 ]; 152 let cipher: [_]u8 = [ 153 0x6b, 0x01, 0x72, 0xc3, 0x54, 0x65, 0x85, 0xd6, 0x63, 0xef, 154 0x4b, 0x55, 0xbe, 0xd6, 0x32, 0x7c, 0x3a, 0x2e, 0x35, 0xac, 155 0x1a, 0xa9, 0x73, 0x57, 0xb1, 0xe7, 0x97, 0x1d, 0x5c, 0xd3, 156 0x9c, 0x9e, 0xee, 0x3d, 0x8e, 0xd7, 0x44, 0x4b, 0xee, 0xce, 157 0x6e, 0x5d, 0x81, 0x7e, 0x9a, 0x8a, 0x58, 0x65, 0x53, 0x1d, 158 0x8a, 0x7c, 0x6c, 0x4d, 0x18, 0x77, 0x8f, 0x65, 0x22, 0xd9, 159 0x47, 0xb4, 0x80, 0x16, 0x07, 0x22, 0x88, 0x92, 0x8e, 0x66, 160 0x5d, 0xac, 0xf4, 0x15, 0xf2, 0xd9, 0xe5, 0xc9, 0xdc, 0xeb, 161 0x01, 0xc1, 0x94, 0x9a, 0xdd, 0x74, 0x70, 0xfd, 0xe1, 0x40, 162 0x48, 0x72, 0xab, 0xbc, 0xe6, 0xec, 0x12, 0xdc, 0xf2, 0x57, 163 0xc6, 0xcf, 0xd5, 0x2f, 0x12, 0x56, 0xed, 0xe2, 0x3c, 0x93, 164 0x5a, 0xf6, 0x17, 0x63, 0xea, 0x41, 165 ]; 166 167 168 let result: [116]u8 = [0...]; 169 let cipherbuf = memio::fixed(result); 170 171 let c = salsa20(); 172 defer io::close(&c)!; 173 174 xsalsa20_init(&c, &cipherbuf, key, nonce); 175 setctr(&c, types::U64_MAX); 176 177 io::writeall(&c, msg)!; 178 assert(bytes::equal(cipher, result)); 179 }; 180 181 // taken from naclcrypto-20090310.pdf 182 @test fn hsalsa20() void = { 183 const key: [_]u8 = [ 184 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 185 0x51, 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 186 0xac, 0x64, 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 187 0x83, 0x89, 188 ]; 189 const nonce: [_]u8 = [ 190 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, 0xcd, 0x62, 191 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, 192 ]; 193 const expected: [_]u8 = [ 194 0xdc, 0x90, 0x8d, 0xda, 0x0b, 0x93, 0x44, 0xa9, 0x53, 0x62, 195 0x9b, 0x73, 0x38, 0x20, 0x77, 0x88, 0x80, 0xf3, 0xce, 0xb4, 196 0x21, 0xbb, 0x61, 0xb9, 0x1c, 0xbd, 0x4c, 0x3e, 0x66, 0x25, 197 0x6c, 0xe4, 198 ]; 199 200 let out: [32]u8 = [0...]; 201 hsalsa20(&out, &key, &nonce); 202 assert(bytes::equal(out, expected)); 203 };