mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 13:13:44 +01:00
test_crypto: add blake2b test vectors
I'm planning on swapping blake2b implementations, and this test is intended to prevent regressions. Right now blake2b is only used by hs_pow. Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
This commit is contained in:
parent
dcb9c4df67
commit
92f83347f7
@ -9,7 +9,9 @@
|
||||
|
||||
typedef unsigned __int128 uint128_t;
|
||||
|
||||
// TODO fixme
|
||||
#include <blake2.h>
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#include "ext/ht.h"
|
||||
|
@ -20,6 +20,9 @@
|
||||
#include "ed25519_vectors.inc"
|
||||
#include "test/log_test_helpers.h"
|
||||
|
||||
// TODO fixme
|
||||
#include <blake2.h>
|
||||
|
||||
#ifdef HAVE_SYS_STAT_H
|
||||
#include <sys/stat.h>
|
||||
#endif
|
||||
@ -2850,6 +2853,110 @@ test_crypto_siphash(void *arg)
|
||||
;
|
||||
}
|
||||
|
||||
static void
|
||||
test_crypto_blake2b(void *arg)
|
||||
{
|
||||
(void)arg;
|
||||
|
||||
/* There is no official blake2b test vector set, but these are inspired
|
||||
* by RFC7693 and OpenSSL. Note that we need to test shorter hash lengths
|
||||
* separately even though they are implemented by truncating a 512-bit
|
||||
* hash, because the requested length is included in the hash initial state.
|
||||
*/
|
||||
static const struct {
|
||||
const char *in_literal;
|
||||
const char *out_hex;
|
||||
} vectors[] = {
|
||||
{ "",
|
||||
"786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419"
|
||||
"d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce"
|
||||
},
|
||||
{ "a",
|
||||
"333fcb4ee1aa7c115355ec66ceac917c8bfd815bf7587d325aec1864edd24e34"
|
||||
"d5abe2c6b1b5ee3face62fed78dbef802f2a85cb91d455a8f5249d330853cb3c"
|
||||
},
|
||||
{ "ab",
|
||||
"b32c0573d242b3a987d8f66bd43266b7925cefab3a854950641a81ef6a3f4b97"
|
||||
"928443850545770f64abac2a75f18475653fa3d9a52c66a840da3b8617ae9607"
|
||||
},
|
||||
{ "abc",
|
||||
"ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d1"
|
||||
"7d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923"
|
||||
},
|
||||
{ "", "2e" },
|
||||
{ "a", "de" },
|
||||
{ "ab", "0e" },
|
||||
{ "abc", "6b" },
|
||||
{ "", "1271cf25" },
|
||||
{ "a", "ca234c55" },
|
||||
{ "ab", "3ae897a7" },
|
||||
{ "abc", "63906248" },
|
||||
{ "A somewhat longer test vector for blake2b xxxxxxxxxxxxxxxxxxxxxx"
|
||||
"yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
|
||||
"zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz.",
|
||||
"1d27b0988061a82ff7563a55f9289ff3d878783e688d9e001b3c4b99b675c7f7"
|
||||
"1d4ae57805c6a8e670eb8145ba97960a7859451ab7b1558a60e5b7660d2f4639"
|
||||
},
|
||||
{ "A somewhat longer test vector for blake2b xxxxxxxxxxxxxxxxxxxxxx"
|
||||
"yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
|
||||
"zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz.",
|
||||
"48600bb0"
|
||||
}
|
||||
};
|
||||
|
||||
static const struct {
|
||||
int update_size;
|
||||
} variations[] = {
|
||||
{BLAKE2B_BLOCKBYTES*2},
|
||||
{BLAKE2B_BLOCKBYTES},
|
||||
{BLAKE2B_BLOCKBYTES-1},
|
||||
{1},
|
||||
{2},
|
||||
{3}
|
||||
};
|
||||
|
||||
const size_t num_vectors = sizeof vectors / sizeof vectors[0];
|
||||
const size_t num_variations = sizeof variations / sizeof variations[0];
|
||||
|
||||
for (unsigned vec_i = 0; vec_i < num_vectors; vec_i++) {
|
||||
const char *in_literal = vectors[vec_i].in_literal;
|
||||
const char *out_hex = vectors[vec_i].out_hex;
|
||||
const size_t in_len = strlen(in_literal);
|
||||
const size_t out_hex_len = strlen(out_hex);
|
||||
const size_t hash_size = out_hex_len / 2;
|
||||
|
||||
int retval = -1;
|
||||
uint8_t out_expected[BLAKE2B_OUTBYTES] = { 0 };
|
||||
tt_int_op(out_hex_len, OP_EQ, 2 * hash_size);
|
||||
tt_int_op(hash_size, OP_LE, sizeof out_expected);
|
||||
retval = base16_decode((char*)out_expected, hash_size,
|
||||
out_hex, out_hex_len);
|
||||
tt_int_op(retval, OP_EQ, hash_size);
|
||||
|
||||
for (size_t vari_i = 0; vari_i < num_variations; vari_i++) {
|
||||
const size_t update_size = variations[vari_i].update_size;
|
||||
uint8_t out_actual[BLAKE2B_OUTBYTES] = { 0 };
|
||||
|
||||
blake2b_state b2_state;
|
||||
retval = blake2b_init(&b2_state, hash_size);
|
||||
tt_int_op(retval, OP_EQ, 0);
|
||||
|
||||
for (size_t in_off = 0; in_off < in_len;) {
|
||||
const size_t this_update = MIN(update_size, in_len - in_off);
|
||||
blake2b_update(&b2_state, (uint8_t*)in_literal + in_off, this_update);
|
||||
in_off += this_update;
|
||||
}
|
||||
|
||||
memset(out_actual, 0xa5, sizeof out_actual);
|
||||
blake2b_final(&b2_state, out_actual, hash_size);
|
||||
tt_mem_op(out_actual, OP_EQ, out_expected, hash_size);
|
||||
}
|
||||
}
|
||||
|
||||
done:
|
||||
;
|
||||
}
|
||||
|
||||
/* We want the likelihood that the random buffer exhibits any regular pattern
|
||||
* to be far less than the memory bit error rate in the int return value.
|
||||
* Using 2048 bits provides a failure rate of 1/(3 * 10^616), and we call
|
||||
@ -3079,6 +3186,7 @@ struct testcase_t crypto_tests[] = {
|
||||
ED25519_TEST(validation, 0),
|
||||
{ "ed25519_storage", test_crypto_ed25519_storage, 0, NULL, NULL },
|
||||
{ "siphash", test_crypto_siphash, 0, NULL, NULL },
|
||||
{ "blake2b", test_crypto_blake2b, 0, NULL, NULL },
|
||||
{ "failure_modes", test_crypto_failure_modes, TT_FORK, NULL, NULL },
|
||||
END_OF_TESTCASES
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user