xref: /freebsd/sys/contrib/libsodium/test/default/metamorphic.c (revision 7fdf597e96a02165cfe22ff357b857d5fa15ed8a)
1 
2 #define TEST_NAME "metamorphic"
3 #include "cmptest.h"
4 
5 #define MAXLEN 512
6 #define MAX_ITER 1000
7 
8 static void
9 mm_generichash(void)
10 {
11     crypto_generichash_state st;
12     unsigned char *h, *h2;
13     unsigned char *k;
14     unsigned char *m;
15     size_t         hlen;
16     size_t         klen;
17     size_t         mlen;
18     size_t         l1, l2;
19     int            i;
20 
21     for (i = 0; i < MAX_ITER; i++) {
22         mlen = randombytes_uniform(MAXLEN);
23         m = (unsigned char *) sodium_malloc(mlen);
24         klen = randombytes_uniform(crypto_generichash_KEYBYTES_MAX -
25                                    crypto_generichash_KEYBYTES_MIN + 1U)
26             + crypto_generichash_KEYBYTES_MIN;
27         k = (unsigned char *) sodium_malloc(klen);
28         hlen = randombytes_uniform(crypto_generichash_BYTES_MAX -
29                                    crypto_generichash_BYTES_MIN + 1U)
30             + crypto_generichash_BYTES_MIN;
31         h = (unsigned char *) sodium_malloc(hlen);
32         h2 = (unsigned char *) sodium_malloc(hlen);
33 
34         randombytes_buf(k, klen);
35         randombytes_buf(m, mlen);
36 
37         crypto_generichash_init(&st, k, klen, hlen);
38         l1 = randombytes_uniform((uint32_t) mlen);
39         l2 = randombytes_uniform((uint32_t) (mlen - l1));
40         crypto_generichash_update(&st, m, l1);
41         crypto_generichash_update(&st, m + l1, l2);
42         crypto_generichash_update(&st, m + l1 + l2, mlen - l1 - l2);
43         crypto_generichash_final(&st, h, hlen);
44 
45         crypto_generichash(h2, hlen, m, mlen, k, klen);
46 
47         assert(memcmp(h, h2, hlen) == 0);
48 
49         sodium_free(h2);
50         sodium_free(h);
51         sodium_free(k);
52         sodium_free(m);
53     }
54 }
55 
56 static void
57 mm_onetimeauth(void)
58 {
59     crypto_onetimeauth_state st;
60     unsigned char *h, *h2;
61     unsigned char *k;
62     unsigned char *m;
63     size_t         mlen;
64     size_t         l1, l2;
65     int            i;
66 
67     for (i = 0; i < MAX_ITER; i++) {
68         mlen = randombytes_uniform(MAXLEN);
69         m = (unsigned char *) sodium_malloc(mlen);
70         k = (unsigned char *) sodium_malloc(crypto_onetimeauth_KEYBYTES);
71         h = (unsigned char *) sodium_malloc(crypto_onetimeauth_BYTES);
72         h2 = (unsigned char *) sodium_malloc(crypto_onetimeauth_BYTES);
73 
74         crypto_onetimeauth_keygen(k);
75         randombytes_buf(m, mlen);
76 
77         crypto_onetimeauth_init(&st, k);
78         l1 = randombytes_uniform((uint32_t) mlen);
79         l2 = randombytes_uniform((uint32_t) (mlen - l1));
80         crypto_onetimeauth_update(&st, m, l1);
81         crypto_onetimeauth_update(&st, m + l1, l2);
82         crypto_onetimeauth_update(&st, m + l1 + l2, mlen - l1 - l2);
83         crypto_onetimeauth_final(&st, h);
84 
85         crypto_onetimeauth(h2, m, mlen, k);
86 
87         assert(memcmp(h, h2, crypto_onetimeauth_BYTES) == 0);
88 
89         sodium_free(h2);
90         sodium_free(h);
91         sodium_free(k);
92         sodium_free(m);
93     }
94 }
95 
96 static void
97 mm_hmacsha256(void)
98 {
99     crypto_auth_hmacsha256_state st;
100     unsigned char *h, *h2;
101     unsigned char *k;
102     unsigned char *m;
103     size_t         mlen;
104     size_t         l1, l2;
105     int            i;
106 
107     for (i = 0; i < MAX_ITER; i++) {
108         mlen = randombytes_uniform(MAXLEN);
109         m = (unsigned char *) sodium_malloc(mlen);
110         k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_KEYBYTES);
111         h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES);
112         h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES);
113 
114         crypto_auth_hmacsha256_keygen(k);
115         randombytes_buf(m, mlen);
116 
117         crypto_auth_hmacsha256_init(&st, k, crypto_auth_hmacsha256_KEYBYTES);
118         l1 = randombytes_uniform((uint32_t) mlen);
119         l2 = randombytes_uniform((uint32_t) (mlen - l1));
120         crypto_auth_hmacsha256_update(&st, m, l1);
121         crypto_auth_hmacsha256_update(&st, m + l1, l2);
122         crypto_auth_hmacsha256_update(&st, m + l1 + l2, mlen - l1 - l2);
123         crypto_auth_hmacsha256_final(&st, h);
124 
125         crypto_auth_hmacsha256(h2, m, mlen, k);
126 
127         assert(memcmp(h, h2, crypto_auth_hmacsha256_BYTES) == 0);
128 
129         sodium_free(h2);
130         sodium_free(h);
131         sodium_free(k);
132         sodium_free(m);
133     }
134 }
135 
136 static void
137 mm_hmacsha512(void)
138 {
139     crypto_auth_hmacsha512_state st;
140     unsigned char *h, *h2;
141     unsigned char *k;
142     unsigned char *m;
143     size_t         mlen;
144     size_t         l1, l2;
145     int            i;
146 
147     for (i = 0; i < MAX_ITER; i++) {
148         mlen = randombytes_uniform(MAXLEN);
149         m = (unsigned char *) sodium_malloc(mlen);
150         k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_KEYBYTES);
151         h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_BYTES);
152         h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_BYTES);
153 
154         crypto_auth_hmacsha512_keygen(k);
155         randombytes_buf(m, mlen);
156 
157         crypto_auth_hmacsha512_init(&st, k, crypto_auth_hmacsha512_KEYBYTES);
158         l1 = randombytes_uniform((uint32_t) mlen);
159         l2 = randombytes_uniform((uint32_t) (mlen - l1));
160         crypto_auth_hmacsha512_update(&st, m, l1);
161         crypto_auth_hmacsha512_update(&st, m + l1, l2);
162         crypto_auth_hmacsha512_update(&st, m + l1 + l2, mlen - l1 - l2);
163         crypto_auth_hmacsha512_final(&st, h);
164 
165         crypto_auth_hmacsha512(h2, m, mlen, k);
166 
167         assert(memcmp(h, h2, crypto_auth_hmacsha512_BYTES) == 0);
168 
169         sodium_free(h2);
170         sodium_free(h);
171         sodium_free(k);
172         sodium_free(m);
173     }
174 }
175 
176 int
177 main(void)
178 {
179     mm_generichash();
180     mm_onetimeauth();
181     mm_hmacsha256();
182     mm_hmacsha512();
183 
184     printf("OK\n");
185 
186     return 0;
187 }
188