wycheproof_aead: test against lc_aead_open

This commit is contained in:
Lucas Gabriel Vuotto 2024-05-31 16:46:54 +00:00
parent 217145edc0
commit 6f0fdd23f6

View File

@ -151,11 +151,12 @@ int
main(int argc, char *argv[]) main(int argc, char *argv[])
{ {
const struct lc_aead_impl *impl; const struct lc_aead_impl *impl;
uint8_t *aad, *ct, *iv, *key, *msg, *tag, *out; uint8_t *aad, *ct, *iv, *key, *msg, *tag, *encout, *decout,
*buf;
const char *errstr; const char *errstr;
size_t aadlen, ctlen, ivlen, keylen, msglen, taglen; size_t aadlen, ctlen, ivlen, keylen, msglen, taglen;
size_t ivlenarg, keylenarg, taglenarg; size_t ivlenarg, keylenarg, taglenarg;
size_t l, outlen; size_t l, encoutlen, decoutlen;
int aflag, cflag, Iflag, iflag, Kflag, kflag, mflag, int aflag, cflag, Iflag, iflag, Kflag, kflag, mflag,
Tflag, tflag; Tflag, tflag;
int ch; int ch;
@ -279,47 +280,82 @@ main(int argc, char *argv[])
Tflag && tflag)) Tflag && tflag))
errx(1, "missing required arguments"); errx(1, "missing required arguments");
if (!lc_aead_seal(impl, key, keylenarg, iv, ivlenarg, NULL, &outlen, /* Encryption. */
if (!lc_aead_seal(impl, key, keylenarg, iv, ivlenarg, NULL, &encoutlen,
aad, aadlen, msg, msglen)) { aad, aadlen, msg, msglen)) {
puts("invalid"); puts("invalid");
return 1; return 1;
} }
encout = malloc(encoutlen);
out = malloc(outlen); if (encout == NULL)
if (out == NULL)
err(1, "out of memory"); err(1, "out of memory");
if (!lc_aead_seal(impl, key, keylenarg, iv, ivlenarg, encout,
if (!lc_aead_seal(impl, key, keylenarg, iv, ivlenarg, out, &outlen, &encoutlen, aad, aadlen, msg, msglen)) {
aad, aadlen, msg, msglen)) {
puts("invalid"); puts("invalid");
return 1; return 1;
} }
if (ctlen != outlen - LC_POLY1305_TAGLEN || if (ctlen != encoutlen - LC_POLY1305_TAGLEN ||
lc_ct_cmp(out, ct, ctlen) != 0) { lc_ct_cmp(encout, ct, ctlen) != 0) {
fprintf(stderr, "ct (%zu, %zu)\n", ctlen, fprintf(stderr, "ct (%zu, %zu)\n", ctlen,
outlen - LC_POLY1305_TAGLEN); encoutlen - LC_POLY1305_TAGLEN);
hexdump(stderr, msg, msglen); hexdump(stderr, msg, msglen);
fprintf(stderr, "\n"); fprintf(stderr, "\n");
hexdump(stderr, ct, ctlen); hexdump(stderr, ct, ctlen);
fprintf(stderr, "\n"); fprintf(stderr, "\n");
hexdump(stderr, out, outlen - LC_POLY1305_TAGLEN); hexdump(stderr, encout, encoutlen - LC_POLY1305_TAGLEN);
fprintf(stderr, "\n"); fprintf(stderr, "\n");
puts("invalid"); puts("invalid");
return 1; return 1;
} }
if (taglenarg != LC_POLY1305_TAGLEN || if (taglenarg != LC_POLY1305_TAGLEN ||
lc_ct_cmp(out + ctlen, tag, LC_POLY1305_TAGLEN) != 0) { lc_ct_cmp(encout + ctlen, tag, LC_POLY1305_TAGLEN) != 0) {
fprintf(stderr, "tag (%zu, %zu)\n", taglenarg, fprintf(stderr, "tag (%zu, %zu)\n", taglenarg,
(size_t)LC_POLY1305_TAGLEN); (size_t)LC_POLY1305_TAGLEN);
hexdump(stderr, tag, taglen); hexdump(stderr, tag, taglen);
fprintf(stderr, "\n"); fprintf(stderr, "\n");
hexdump(stderr, out + ctlen, LC_POLY1305_TAGLEN); hexdump(stderr, encout + ctlen, LC_POLY1305_TAGLEN);
fprintf(stderr, "\n"); fprintf(stderr, "\n");
puts("invalid"); puts("invalid");
return 1; return 1;
} }
/* Decryption. */
buf = malloc(msglen + taglen);
if (buf == NULL)
err(1, "out of memory");
memcpy(buf, ct, ctlen);
memcpy(buf + ctlen, tag, taglen);
if (!lc_aead_open(impl, key, keylenarg, iv, ivlenarg, NULL, &decoutlen,
aad, aadlen, buf, ctlen + taglen)) {
puts("invalid");
return 1;
}
decout = malloc(decoutlen);
if (encout == NULL)
err(1, "out of memory");
if (!lc_aead_open(impl, key, keylenarg, iv, ivlenarg, decout,
&decoutlen, aad, aadlen, buf, ctlen + taglen)) {
puts("invalid");
return 1;
}
if (msglen != decoutlen || lc_ct_cmp(decout, msg, msglen) != 0) {
fprintf(stderr, "ct (%zu, %zu)\n", msglen, decoutlen);
hexdump(stderr, msg, msglen);
fprintf(stderr, "\n");
hexdump(stderr, ct, ctlen);
fprintf(stderr, "\n");
hexdump(stderr, decout, decoutlen);
fprintf(stderr, "\n");
puts("invalid");
return 1;
}
/* Tag isn't checked, as it's already validated by lc_aead_open. */
puts("valid"); puts("valid");
return 0; return 0;
} }