mirror of
https://github.com/shadps4-emu/ext-cryptopp.git
synced 2025-02-27 16:57:18 +00:00
Add Aumasson and Bernstein's SipHash (Issue 348)
This commit is contained in:
parent
05153d9740
commit
9739ba8afe
@ -250,6 +250,7 @@ shark.h
|
||||
sharkbox.cpp
|
||||
simple.cpp
|
||||
simple.h
|
||||
siphash.h
|
||||
skipjack.cpp
|
||||
skipjack.h
|
||||
smartptr.h
|
||||
@ -285,7 +286,6 @@ validat3.cpp
|
||||
validate.h
|
||||
vmac.cpp
|
||||
vmac.h
|
||||
vc60.zip
|
||||
vs2005.zip
|
||||
wait.cpp
|
||||
wait.h
|
||||
@ -422,6 +422,7 @@ TestVectors/sha3_256_fips_202.txt
|
||||
TestVectors/sha3_384_fips_202.txt
|
||||
TestVectors/sha3_512_fips_202.txt
|
||||
TestVectors/shacal2.txt
|
||||
TestVectors/siphash.txt
|
||||
TestVectors/sosemanuk.txt
|
||||
TestVectors/tea.txt
|
||||
TestVectors/ttmac.txt
|
||||
|
@ -37,4 +37,5 @@ Test: TestVectors/eax.txt
|
||||
Test: TestVectors/mars.txt
|
||||
Test: TestVectors/blake2s.txt
|
||||
Test: TestVectors/blake2b.txt
|
||||
Test: TestVectors/siphash.txt
|
||||
Test: TestVectors/hkdf.txt
|
||||
|
3849
TestVectors/siphash.txt
Normal file
3849
TestVectors/siphash.txt
Normal file
File diff suppressed because it is too large
Load Diff
@ -301,6 +301,8 @@ void BenchmarkAll(double t, double hertz)
|
||||
BenchMarkByName<MessageAuthenticationCode>("Poly1305(AES)");
|
||||
BenchMarkByName<MessageAuthenticationCode>("BLAKE2s");
|
||||
BenchMarkByName<MessageAuthenticationCode>("BLAKE2b");
|
||||
BenchMarkByName<MessageAuthenticationCode>("SipHash-2-4");
|
||||
BenchMarkByName<MessageAuthenticationCode>("SipHash-4-8");
|
||||
|
||||
cout << "\n<TBODY style=\"background: yellow\">";
|
||||
BenchMarkByNameKeyLess<HashTransformation>("CRC32");
|
||||
|
@ -293,7 +293,6 @@ void BenchmarkAll2(double t, double hertz)
|
||||
BenchMarkSignature<LUCSS<PSSR, SHA> >(CRYPTOPP_DATA_DIR "TestData/luc1024.dat", "LUC 1024", t);
|
||||
BenchMarkSignature<NR<SHA> >(CRYPTOPP_DATA_DIR "TestData/nr1024.dat", "NR 1024", t);
|
||||
BenchMarkSignature<DSA>(CRYPTOPP_DATA_DIR "TestData/dsa1024.dat", "DSA 1024", t);
|
||||
// BenchMarkSignature<DSA_RFC6979>(CRYPTOPP_DATA_DIR "TestData/dsa1024.dat", "DSA-RFC6979 1024", t);
|
||||
BenchMarkSignature<LUC_HMP<SHA> >(CRYPTOPP_DATA_DIR "TestData/lucs512.dat", "LUC-HMP 512", t);
|
||||
BenchMarkSignature<ESIGN<SHA> >(CRYPTOPP_DATA_DIR "TestData/esig1023.dat", "ESIGN 1023", t);
|
||||
BenchMarkSignature<ESIGN<SHA> >(CRYPTOPP_DATA_DIR "TestData/esig1536.dat", "ESIGN 1536", t);
|
||||
|
@ -248,6 +248,7 @@
|
||||
<None Include="TestVectors\sha.txt" />
|
||||
<None Include="TestVectors\sha3.txt" />
|
||||
<None Include="TestVectors\shacal2.txt" />
|
||||
<None Include="TestVectors\siphash.txt" />
|
||||
<None Include="TestVectors\sosemanuk.txt" />
|
||||
<None Include="TestVectors\tea.txt" />
|
||||
<None Include="TestVectors\ttmac.txt" />
|
||||
|
@ -114,6 +114,9 @@
|
||||
<None Include="TestVectors\shacal2.txt">
|
||||
<Filter>TestVectors</Filter>
|
||||
</None>
|
||||
<None Include="TestVectors\siphash.txt">
|
||||
<Filter>TestVectors</Filter>
|
||||
</None>
|
||||
<None Include="TestVectors\sosemanuk.txt">
|
||||
<Filter>TestVectors</Filter>
|
||||
</None>
|
||||
|
@ -453,6 +453,7 @@
|
||||
<ClInclude Include="shacal2.h" />
|
||||
<ClInclude Include="shark.h" />
|
||||
<ClInclude Include="simple.h" />
|
||||
<ClInclude Include="siphash.h" />
|
||||
<ClInclude Include="skipjack.h" />
|
||||
<ClInclude Include="smartptr.h" />
|
||||
<ClInclude Include="socketft.h" />
|
||||
|
@ -750,6 +750,9 @@
|
||||
<ClInclude Include="simple.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="siphash.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="skipjack.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
|
@ -55,6 +55,7 @@
|
||||
#include "blake2.h"
|
||||
#include "poly1305.h"
|
||||
#include "hkdf.h"
|
||||
#include "siphash.h"
|
||||
|
||||
// Aggressive stack checking with VS2005 SP1 and above.
|
||||
#if (CRYPTOPP_MSC_VERSION >= 1410)
|
||||
@ -119,6 +120,8 @@ void RegisterFactories()
|
||||
RegisterDefaultFactoryFor<MessageAuthenticationCode, CMAC<DES_EDE3> >();
|
||||
RegisterDefaultFactoryFor<MessageAuthenticationCode, BLAKE2s>();
|
||||
RegisterDefaultFactoryFor<MessageAuthenticationCode, BLAKE2b>();
|
||||
RegisterDefaultFactoryFor<MessageAuthenticationCode, SipHash<2,4> >();
|
||||
RegisterDefaultFactoryFor<MessageAuthenticationCode, SipHash<4,8> >();
|
||||
RegisterAsymmetricCipherDefaultFactories<RSAES<OAEP<SHA1> > >("RSA/OAEP-MGF1(SHA-1)");
|
||||
RegisterAsymmetricCipherDefaultFactories<DLIES<> >("DLIES(NoCofactorMultiplication, KDF2(SHA-1), XOR, HMAC(SHA-1), DHAES)");
|
||||
RegisterSignatureSchemeDefaultFactories<DSA>();
|
||||
|
297
siphash.h
Normal file
297
siphash.h
Normal file
@ -0,0 +1,297 @@
|
||||
// siphash.h - written and placed in public domain by Jeffrey Walton.
|
||||
// Copyright assigned to Crypto++ project.
|
||||
|
||||
//! \file siphash.h
|
||||
//! \brief Classes for SipHash message authentication code
|
||||
//! \details SipHash computes a 64-bit or 128-bit message authentication code from a variable-length
|
||||
//! message and 128-bit secret key. It was designed to be efficient even for short inputs, with
|
||||
//! performance comparable to non-cryptographic hash functions.
|
||||
//! \details To create a SipHash-2-4 object with a 64-bit MAC use code similar to the following.
|
||||
//! <pre> SecByteBlock key(16);
|
||||
//! prng.GenerateBlock(key, key.size());
|
||||
//!
|
||||
//! SipHash<2,4,false> hash(key, key.size());
|
||||
//! hash.Update(...);
|
||||
//! hash.Final(...);</pre>
|
||||
//! \details To create a SipHash-2-4 object with a 128-bit MAC use code similar to the following.
|
||||
//! <pre> SecByteBlock key(16);
|
||||
//! prng.GenerateBlock(key, key.size());
|
||||
//!
|
||||
//! SipHash<2,4,true> hash(key, key.size());
|
||||
//! hash.Update(...);
|
||||
//! hash.Final(...);</pre>
|
||||
//! \sa Jean-Philippe Aumasson and Daniel J. Bernstein <A HREF="http://131002.net/siphash/siphash.pdf">SipHash:
|
||||
//! a fast short-input PRF</A>
|
||||
//! \since Crypto++ 5.7
|
||||
|
||||
#ifndef CRYPTOPP_SIPHASH_H
|
||||
#define CRYPTOPP_SIPHASH_H
|
||||
|
||||
#include "cryptlib.h"
|
||||
#include "secblock.h"
|
||||
#include "misc.h"
|
||||
|
||||
#include <iostream>
|
||||
|
||||
NAMESPACE_BEGIN(CryptoPP)
|
||||
|
||||
template <bool T_128bit>
|
||||
class SipHash_Info : public FixedKeyLength<16>
|
||||
{
|
||||
public:
|
||||
CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "SipHash";}
|
||||
CRYPTOPP_CONSTANT(DIGESTSIZE = (T_128bit ? 16 : 8))
|
||||
};
|
||||
|
||||
template <unsigned int C, unsigned int D, bool T_128bit>
|
||||
class SipHash_Base : public MessageAuthenticationCode, public SipHash_Info<T_128bit>
|
||||
{
|
||||
public:
|
||||
static std::string StaticAlgorithmName() {
|
||||
return std::string(SipHash_Info<T_128bit>::StaticAlgorithmName())+"-"+IntToString(C)+"-"+IntToString(D);
|
||||
}
|
||||
|
||||
virtual unsigned int DigestSize() const
|
||||
{return SipHash_Info<T_128bit>::DIGESTSIZE;}
|
||||
virtual size_t MinKeyLength() const
|
||||
{return SipHash_Info<T_128bit>::MIN_KEYLENGTH;}
|
||||
virtual size_t MaxKeyLength() const
|
||||
{return SipHash_Info<T_128bit>::MAX_KEYLENGTH;}
|
||||
virtual size_t DefaultKeyLength() const
|
||||
{return SipHash_Info<T_128bit>::DEFAULT_KEYLENGTH;}
|
||||
virtual size_t GetValidKeyLength(size_t keylength) const
|
||||
{CRYPTOPP_UNUSED(keylength); return SipHash_Info<T_128bit>::DEFAULT_KEYLENGTH;}
|
||||
virtual IV_Requirement IVRequirement() const
|
||||
{return SimpleKeyingInterface::NOT_RESYNCHRONIZABLE;}
|
||||
virtual unsigned int IVSize() const
|
||||
{return 0;}
|
||||
virtual unsigned int OptimalBlockSize() const
|
||||
{return sizeof(word64);}
|
||||
virtual unsigned int OptimalDataAlignment () const
|
||||
{return GetAlignmentOf<word64>();}
|
||||
|
||||
virtual void Update(const byte *input, size_t length);
|
||||
virtual void TruncatedFinal(byte *digest, size_t digestSize);
|
||||
|
||||
protected:
|
||||
|
||||
virtual void UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs ¶ms);
|
||||
virtual void Restart();
|
||||
|
||||
inline void SIPROUND()
|
||||
{
|
||||
m_v[0] += m_v[1];
|
||||
m_v[1] = rotlFixed(m_v[1], 13U);
|
||||
m_v[1] ^= m_v[0];
|
||||
m_v[0] = rotlFixed(m_v[0], 32U);
|
||||
m_v[2] += m_v[3];
|
||||
m_v[3] = rotlFixed(m_v[3], 16U);
|
||||
m_v[3] ^= m_v[2];
|
||||
m_v[0] += m_v[3];
|
||||
m_v[3] = rotlFixed(m_v[3], 21U);
|
||||
m_v[3] ^= m_v[0];
|
||||
m_v[2] += m_v[1];
|
||||
m_v[1] = rotlFixed(m_v[1], 17U);
|
||||
m_v[1] ^= m_v[2];
|
||||
m_v[2] = rotlFixed(m_v[2], 32U);
|
||||
}
|
||||
|
||||
private:
|
||||
FixedSizeSecBlock<word64, 4> m_v;
|
||||
FixedSizeSecBlock<word64, 2> m_k;
|
||||
FixedSizeSecBlock<word64, 1> m_b;
|
||||
|
||||
// Tail bytes
|
||||
FixedSizeSecBlock<byte, 8> m_acc;
|
||||
size_t m_idx;
|
||||
};
|
||||
|
||||
//! \class SipHash
|
||||
//! \brief A family of pseudorandom functions optimized for speed on short messages
|
||||
//! \tparam C the number of compression rounds
|
||||
//! \tparam D the number of finalization rounds
|
||||
//! \tparam T_128bit flag indicating 128-bit (true) versus 64-bit (false) digest size
|
||||
//! \details SipHash computes a 64-bit or 128-bit message authentication code from a variable-length
|
||||
//! message and 128-bit secret key. It was designed to be efficient even for short inputs, with
|
||||
//! performance comparable to non-cryptographic hash functions.
|
||||
//! \details To create a SipHash-2-4 object with a 64-bit MAC use code similar to the following.
|
||||
//! <pre> SecByteBlock key(16);
|
||||
//! prng.GenerateBlock(key, key.size());
|
||||
//!
|
||||
//! SipHash<2,4,false> hash(key, key.size());
|
||||
//! hash.Update(...);
|
||||
//! hash.Final(...);</pre>
|
||||
//! \details To create a SipHash-2-4 object with a 128-bit MAC use code similar to the following.
|
||||
//! <pre> SecByteBlock key(16);
|
||||
//! prng.GenerateBlock(key, key.size());
|
||||
//!
|
||||
//! SipHash<2,4,true> hash(key, key.size());
|
||||
//! hash.Update(...);
|
||||
//! hash.Final(...);</pre>
|
||||
//! \sa Jean-Philippe Aumasson and Daniel J. Bernstein <A HREF="http://131002.net/siphash/siphash.pdf">SipHash:
|
||||
//! a fast short-input PRF</A>
|
||||
//! \since Crypto++ 5.7
|
||||
template <unsigned int C=2, unsigned int D=4, bool T_128bit=false>
|
||||
class SipHash : public SipHash_Base<C, D, T_128bit>
|
||||
{
|
||||
public:
|
||||
//! \brief Create a SipHash
|
||||
SipHash()
|
||||
{this->UncheckedSetKey(NULL, 0, g_nullNameValuePairs);}
|
||||
//! \brief Create a SipHash
|
||||
//! \param key a byte array used to key the cipher
|
||||
//! \param length the size of the byte array, in bytes
|
||||
SipHash(const byte *key, unsigned int length)
|
||||
{this->UncheckedSetKey(key, length, g_nullNameValuePairs);}
|
||||
};
|
||||
|
||||
template <unsigned int C, unsigned int D, bool T_128bit>
|
||||
void SipHash_Base<C,D,T_128bit>::Update(const byte *input, size_t length)
|
||||
{
|
||||
CRYPTOPP_ASSERT((input && length) || !length);
|
||||
if (!length) return;
|
||||
|
||||
if (m_idx)
|
||||
{
|
||||
size_t head = STDMIN(size_t(8U-m_idx), length);
|
||||
memcpy(m_acc+m_idx, input, head);
|
||||
m_idx += head; input += head; length -= head;
|
||||
|
||||
if (m_idx == 8)
|
||||
{
|
||||
word64 m = GetWord<word64>(true, LITTLE_ENDIAN_ORDER, m_acc);
|
||||
m_v[3] ^= m;
|
||||
for (unsigned int i = 0; i < C; ++i)
|
||||
SIPROUND();
|
||||
|
||||
m_v[0] ^= m;
|
||||
m_b[0] += 8;
|
||||
|
||||
m_idx = 0;
|
||||
}
|
||||
}
|
||||
|
||||
while (length >= 8)
|
||||
{
|
||||
word64 m = GetWord<word64>(false, LITTLE_ENDIAN_ORDER, input);
|
||||
m_v[3] ^= m;
|
||||
for (unsigned int i = 0; i < C; ++i)
|
||||
SIPROUND();
|
||||
|
||||
m_v[0] ^= m;
|
||||
m_b[0] += 8;
|
||||
|
||||
input += 8;
|
||||
length -= 8;
|
||||
}
|
||||
|
||||
CRYPTOPP_ASSERT(length < 8);
|
||||
size_t tail = length % 8;
|
||||
if (tail)
|
||||
{
|
||||
memcpy(m_acc+m_idx, input, tail);
|
||||
m_idx += tail;
|
||||
}
|
||||
}
|
||||
|
||||
template <unsigned int C, unsigned int D, bool T_128bit>
|
||||
void SipHash_Base<C,D,T_128bit>::TruncatedFinal(byte *digest, size_t digestSize)
|
||||
{
|
||||
// The high octet holds length and is digested mod 256
|
||||
m_b[0] += m_idx; m_b[0] <<= 56U;
|
||||
switch (m_idx)
|
||||
{
|
||||
// all fall through
|
||||
case 7:
|
||||
m_b[0] |= ((word64)m_acc[6]) << 48;
|
||||
case 6:
|
||||
m_b[0] |= ((word64)m_acc[5]) << 40;
|
||||
case 5:
|
||||
m_b[0] |= ((word64)m_acc[4]) << 32;
|
||||
case 4:
|
||||
m_b[0] |= ((word64)m_acc[3]) << 24;
|
||||
case 3:
|
||||
m_b[0] |= ((word64)m_acc[2]) << 16;
|
||||
case 2:
|
||||
m_b[0] |= ((word64)m_acc[1]) << 8;
|
||||
case 1:
|
||||
m_b[0] |= ((word64)m_acc[0]);
|
||||
case 0:
|
||||
break;
|
||||
}
|
||||
|
||||
m_v[3] ^= m_b[0];
|
||||
|
||||
for (unsigned int i=0; i<C; i++)
|
||||
SIPROUND();
|
||||
|
||||
m_v[0] ^= m_b[0];
|
||||
|
||||
if (T_128bit)
|
||||
m_v[2] ^= 0xee;
|
||||
else
|
||||
m_v[2] ^= 0xff;
|
||||
|
||||
for (unsigned int i=0; i<D; i++)
|
||||
SIPROUND();
|
||||
|
||||
word64 t[2];
|
||||
m_b[0] = m_v[0] ^ m_v[1] ^ m_v[2] ^ m_v[3];
|
||||
t[0] = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, m_b[0]);
|
||||
|
||||
if (T_128bit)
|
||||
{
|
||||
m_v[1] ^= 0xdd;
|
||||
for (unsigned int i = 0; i<D; ++i)
|
||||
SIPROUND();
|
||||
|
||||
m_b[0] = m_v[0] ^ m_v[1] ^ m_v[2] ^ m_v[3];
|
||||
t[1] = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, m_b[0]);
|
||||
}
|
||||
|
||||
memcpy_s(digest, digestSize, t, STDMIN(digestSize, (size_t)SipHash_Info<T_128bit>::DIGESTSIZE));
|
||||
Restart();
|
||||
}
|
||||
|
||||
template <unsigned int C, unsigned int D, bool T_128bit>
|
||||
void SipHash_Base<C,D,T_128bit>::UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs ¶ms)
|
||||
{
|
||||
CRYPTOPP_UNUSED(params);
|
||||
if (key && length)
|
||||
{
|
||||
m_k[0] = GetWord<word64>(false, LITTLE_ENDIAN_ORDER, key);
|
||||
m_k[1] = GetWord<word64>(false, LITTLE_ENDIAN_ORDER, key+8);
|
||||
}
|
||||
else
|
||||
{
|
||||
// Avoid Coverity finding
|
||||
m_k[0] = m_k[1] = 0;
|
||||
}
|
||||
Restart();
|
||||
}
|
||||
|
||||
template <unsigned int C, unsigned int D, bool T_128bit>
|
||||
void SipHash_Base<C,D,T_128bit>::Restart ()
|
||||
{
|
||||
m_v[0] = W64LIT(0x736f6d6570736575);
|
||||
m_v[1] = W64LIT(0x646f72616e646f6d);
|
||||
m_v[2] = W64LIT(0x6c7967656e657261);
|
||||
m_v[3] = W64LIT(0x7465646279746573);
|
||||
|
||||
m_v[3] ^= m_k[1];
|
||||
m_v[2] ^= m_k[0];
|
||||
m_v[1] ^= m_k[1];
|
||||
m_v[0] ^= m_k[0];
|
||||
|
||||
if (T_128bit)
|
||||
{
|
||||
m_v[1] ^= 0xee;
|
||||
}
|
||||
|
||||
m_idx = 0;
|
||||
m_b[0] = 0;
|
||||
}
|
||||
|
||||
NAMESPACE_END
|
||||
|
||||
#endif // CRYPTOPP_SIPHASH_H
|
1
test.cpp
1
test.cpp
@ -972,6 +972,7 @@ bool Validate(int alg, bool thorough, const char *seedInput)
|
||||
case 73: result = ValidateBLAKE2s(); break;
|
||||
case 74: result = ValidateBLAKE2b(); break;
|
||||
case 75: result = ValidatePoly1305(); break;
|
||||
case 76: result = ValidateSipHash(); break;
|
||||
default: return false;
|
||||
}
|
||||
|
||||
|
@ -104,9 +104,10 @@ bool ValidateAll(bool thorough)
|
||||
pass=ValidatePanama() && pass;
|
||||
pass=ValidateWhirlpool() && pass;
|
||||
|
||||
pass=ValidatePoly1305() && pass;
|
||||
pass=ValidateBLAKE2s() && pass;
|
||||
pass=ValidateBLAKE2b() && pass;
|
||||
pass=ValidatePoly1305() && pass;
|
||||
pass=ValidateSipHash() && pass;
|
||||
|
||||
pass=ValidateHMAC() && pass;
|
||||
pass=ValidateTTMAC() && pass;
|
||||
|
197
validat3.cpp
197
validat3.cpp
@ -9,6 +9,7 @@
|
||||
#include "gfpcrypt.h"
|
||||
#include "eccrypto.h"
|
||||
|
||||
#include "aes.h"
|
||||
#include "crc.h"
|
||||
#include "adler32.h"
|
||||
#include "md2.h"
|
||||
@ -20,7 +21,7 @@
|
||||
#include "whrlpool.h"
|
||||
#include "hkdf.h"
|
||||
#include "poly1305.h"
|
||||
#include "aes.h"
|
||||
#include "siphash.h"
|
||||
#include "blake2.h"
|
||||
#include "hmac.h"
|
||||
#include "ttmac.h"
|
||||
@ -76,7 +77,7 @@ bool HashModuleTest(HashTransformation &md, const HashTestTuple *testSet, unsign
|
||||
for (j=0; j<testSet[i].repeatTimes; j++)
|
||||
md.Update(testSet[i].input, testSet[i].inputLen);
|
||||
md.Final(digest);
|
||||
fail = memcmp(digest, testSet[i].output, md.DigestSize()) != 0;
|
||||
fail = !!memcmp(digest, testSet[i].output, md.DigestSize()) != 0;
|
||||
pass = pass && !fail;
|
||||
|
||||
cout << (fail ? "FAILED " : "passed ");
|
||||
@ -422,7 +423,7 @@ bool ValidateMD5MAC()
|
||||
{
|
||||
mac.Update((byte *)TestVals[i], strlen(TestVals[i]));
|
||||
mac.Final(digest);
|
||||
fail = memcmp(digest, output[k][i], MD5MAC::DIGESTSIZE)
|
||||
fail = !!memcmp(digest, output[k][i], MD5MAC::DIGESTSIZE)
|
||||
|| !mac.VerifyDigest(output[k][i], (byte *)TestVals[i], strlen(TestVals[i]));
|
||||
pass = pass && !fail;
|
||||
cout << (fail ? "FAILED " : "passed ");
|
||||
@ -496,7 +497,7 @@ bool ValidateXMACC()
|
||||
{
|
||||
mac.Update((byte *)TestVals[i], strlen(TestVals[i]));
|
||||
mac.Final(digest);
|
||||
fail = memcmp(digest, output[k][i], XMACC_MD5::DIGESTSIZE)
|
||||
fail = !!memcmp(digest, output[k][i], XMACC_MD5::DIGESTSIZE)
|
||||
|| !mac.VerifyDigest(output[k][i], (byte *)TestVals[i], strlen(TestVals[i]));
|
||||
pass = pass && !fail;
|
||||
cout << (fail ? "FAILED " : "passed ");
|
||||
@ -549,7 +550,7 @@ bool ValidateTTMAC()
|
||||
{
|
||||
mac.Update((byte *)TestVals[k], strlen(TestVals[k]));
|
||||
mac.Final(digest);
|
||||
fail = memcmp(digest, output[k], TTMAC::DIGESTSIZE)
|
||||
fail = !!memcmp(digest, output[k], TTMAC::DIGESTSIZE)
|
||||
|| !mac.VerifyDigest(output[k], (byte *)TestVals[k], strlen(TestVals[k]));
|
||||
pass = pass && !fail;
|
||||
cout << (fail ? "FAILED " : "passed ");
|
||||
@ -583,7 +584,7 @@ bool TestPBKDF(PasswordBasedKeyDerivationFunction &pbkdf, const PBKDF_TestTuple
|
||||
|
||||
SecByteBlock derived(derivedKey.size());
|
||||
pbkdf.DeriveKey(derived, derived.size(), tuple.purpose, (byte *)password.data(), password.size(), (byte *)salt.data(), salt.size(), tuple.iterations);
|
||||
bool fail = memcmp(derived, derivedKey.data(), derived.size()) != 0;
|
||||
bool fail = !!memcmp(derived, derivedKey.data(), derived.size()) != 0;
|
||||
pass = pass && !fail;
|
||||
|
||||
HexEncoder enc(new FileSink(cout));
|
||||
@ -845,7 +846,7 @@ bool ValidatePoly1305()
|
||||
poly1305.Update((const byte*)tests[i].message, tests[i].mlen);
|
||||
poly1305.Final(digest);
|
||||
|
||||
fail = memcmp(digest, tests[i].digest, tests[i].dlen) != 0;
|
||||
fail = !!memcmp(digest, tests[i].digest, tests[i].dlen) != 0;
|
||||
if (fail)
|
||||
{
|
||||
cout << "FAILED " << "Poly1305 test set " << count << endl;
|
||||
@ -862,7 +863,7 @@ bool ValidatePoly1305()
|
||||
poly1305.Update((const byte*)tests[i].message, tests[i].mlen);
|
||||
poly1305.Final(digest);
|
||||
|
||||
fail = memcmp(digest, tests[i].digest, tests[i].dlen) != 0;
|
||||
fail = !!memcmp(digest, tests[i].digest, tests[i].dlen) != 0;
|
||||
if (fail)
|
||||
{
|
||||
cout << "FAILED " << "Poly1305 test set " << count << endl;
|
||||
@ -881,7 +882,7 @@ bool ValidatePoly1305()
|
||||
poly1305.Final(digest);
|
||||
|
||||
unsigned int next = (i+1) % COUNTOF(tests);
|
||||
fail = memcmp(digest, tests[next].digest, tests[next].dlen) == 0;
|
||||
fail = !!memcmp(digest, tests[next].digest, tests[next].dlen) == 0;
|
||||
if (fail)
|
||||
{
|
||||
cout << "FAILED " << "Poly1305 test set " << count << endl;
|
||||
@ -896,6 +897,180 @@ bool ValidatePoly1305()
|
||||
return pass;
|
||||
}
|
||||
|
||||
bool ValidateSipHash()
|
||||
{
|
||||
cout << "\nSipHash validation suite running...\n\n";
|
||||
bool fail, pass = true, pass1=true, pass2=true, pass3=true, pass4=true;
|
||||
|
||||
{
|
||||
fail = (SipHash<2,4>::StaticAlgorithmName() != "SipHash-2-4");
|
||||
cout << (fail ? "FAILED " : "passed ") << "SipHash-2-4 algorithm name\n";
|
||||
pass = pass && !fail;
|
||||
|
||||
fail = (SipHash<2,4, false>::DIGESTSIZE != 8);
|
||||
cout << (fail ? "FAILED " : "passed ") << "SipHash-2-4 64-bit digest size\n";
|
||||
pass = pass && !fail;
|
||||
|
||||
fail = (SipHash<2,4, true>::DIGESTSIZE != 16);
|
||||
cout << (fail ? "FAILED " : "passed ") << "SipHash-2-4 128-bit digest size\n";
|
||||
pass = pass && !fail;
|
||||
|
||||
fail = (SipHash<4,8>::StaticAlgorithmName() != "SipHash-4-8");
|
||||
cout << (fail ? "FAILED " : "passed ") << "SipHash-4-8 algorithm name\n";
|
||||
pass = pass && !fail;
|
||||
|
||||
fail = (SipHash<4,8, false>::DIGESTSIZE != 8);
|
||||
cout << (fail ? "FAILED " : "passed ") << "SipHash-4-8 64-bit digest size\n";
|
||||
pass = pass && !fail;
|
||||
|
||||
fail = (SipHash<4,8, true>::DIGESTSIZE != 16);
|
||||
cout << (fail ? "FAILED " : "passed ") << "SipHash-4-8 128-bit digest size\n";
|
||||
pass = pass && !fail;
|
||||
}
|
||||
|
||||
// Siphash-2-4, 64-bit MAC
|
||||
{
|
||||
const byte key[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";
|
||||
SipHash<2,4, false> hash(key, 16);
|
||||
byte digest[SipHash<2,4, false>::DIGESTSIZE];
|
||||
|
||||
hash.Update((const byte*)"", 0);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x31\x0E\x0E\xDD\x47\xDB\x6F\x72", digest, COUNTOF(digest));
|
||||
pass1 = !fail && pass1;
|
||||
|
||||
hash.Update((const byte*)"\x00", 1);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\xFD\x67\xDC\x93\xC5\x39\xF8\x74", digest, COUNTOF(digest));
|
||||
pass1 = !fail && pass1;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06", 7);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x37\xD1\x01\x8B\xF5\x00\x02\xAB", digest, COUNTOF(digest));
|
||||
pass1 = !fail && pass1;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06\x07", 8);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x62\x24\x93\x9A\x79\xF5\xF5\x93", digest, COUNTOF(digest));
|
||||
pass1 = !fail && pass1;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06\x07\x08", 9);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\xB0\xE4\xA9\x0B\xDF\x82\x00\x9E", digest, COUNTOF(digest));
|
||||
pass1 = !fail && pass1;
|
||||
|
||||
cout << (pass1 ? "passed " : "FAILED ") << "SipHash-2-4 64-bit MAC\n";
|
||||
pass = pass1 && pass;
|
||||
}
|
||||
|
||||
// Siphash-4-8, 64-bit MAC
|
||||
{
|
||||
const byte key[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";
|
||||
SipHash<4, 8, false> hash(key, 16);
|
||||
byte digest[SipHash<4, 8, false>::DIGESTSIZE];
|
||||
|
||||
hash.Update((const byte*)"", 0);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x41\xDA\x38\x99\x2B\x05\x79\xC8", digest, COUNTOF(digest));
|
||||
pass2 = !fail && pass2;
|
||||
|
||||
hash.Update((const byte*)"\x00", 1);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x51\xB8\x95\x52\xF9\x14\x59\xC8", digest, COUNTOF(digest));
|
||||
pass2 = !fail && pass2;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06", 7);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x47\xD7\x3F\x71\x5A\xBE\xFD\x4E", digest, COUNTOF(digest));
|
||||
pass2 = !fail && pass2;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06\x07", 8);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x20\xB5\x8B\x9C\x07\x2F\xDB\x50", digest, COUNTOF(digest));
|
||||
pass2 = !fail && pass2;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06\x07\x08", 9);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x36\x31\x9A\xF3\x5E\xE1\x12\x53", digest, COUNTOF(digest));
|
||||
pass2 = !fail && pass2;
|
||||
|
||||
cout << (pass2 ? "passed " : "FAILED ") << "SipHash-4-8 64-bit MAC\n";
|
||||
pass = pass2 && pass;
|
||||
}
|
||||
|
||||
// Siphash-2-4, 128-bit MAC
|
||||
{
|
||||
const byte key[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";
|
||||
SipHash<2,4, true> hash(key, 16);
|
||||
byte digest[SipHash<2,4, true>::DIGESTSIZE];
|
||||
|
||||
hash.Update((const byte*)"", 0);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\xA3\x81\x7F\x04\xBA\x25\xA8\xE6\x6D\xF6\x72\x14\xC7\x55\x02\x93", digest, COUNTOF(digest));
|
||||
pass3 = !fail && pass3;
|
||||
|
||||
hash.Update((const byte*)"\x00", 1);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\xDA\x87\xC1\xD8\x6B\x99\xAF\x44\x34\x76\x59\x11\x9B\x22\xFC\x45", digest, COUNTOF(digest));
|
||||
pass3 = !fail && pass3;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06", 7);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\xA1\xF1\xEB\xBE\xD8\xDB\xC1\x53\xC0\xB8\x4A\xA6\x1F\xF0\x82\x39", digest, COUNTOF(digest));
|
||||
pass3 = !fail && pass3;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06\x07", 8);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x3B\x62\xA9\xBA\x62\x58\xF5\x61\x0F\x83\xE2\x64\xF3\x14\x97\xB4", digest, COUNTOF(digest));
|
||||
pass3 = !fail && pass3;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06\x07\x08", 9);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x26\x44\x99\x06\x0A\xD9\xBA\xAB\xC4\x7F\x8B\x02\xBB\x6D\x71\xED", digest, COUNTOF(digest));
|
||||
pass3 = !fail && pass3;
|
||||
|
||||
cout << (pass3 ? "passed " : "FAILED ") << "SipHash-2-4 128-bit MAC\n";
|
||||
pass = pass3 && pass;
|
||||
}
|
||||
|
||||
// Siphash-4-8, 128-bit MAC
|
||||
{
|
||||
const byte key[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";
|
||||
SipHash<4, 8, true> hash(key, 16);
|
||||
byte digest[SipHash<4, 8, true>::DIGESTSIZE];
|
||||
|
||||
hash.Update((const byte*)"", 0);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x1F\x64\xCE\x58\x6D\xA9\x04\xE9\xCF\xEC\xE8\x54\x83\xA7\x0A\x6C", digest, COUNTOF(digest));
|
||||
pass4 = !fail && pass4;
|
||||
|
||||
hash.Update((const byte*)"\x00", 1);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x47\x34\x5D\xA8\xEF\x4C\x79\x47\x6A\xF2\x7C\xA7\x91\xC7\xA2\x80", digest, COUNTOF(digest));
|
||||
pass4 = !fail && pass4;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06", 7);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\xED\x00\xE1\x3B\x18\x4B\xF1\xC2\x72\x6B\x8B\x54\xFF\xD2\xEE\xE0", digest, COUNTOF(digest));
|
||||
pass4 = !fail && pass4;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06\x07", 8);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\xA7\xD9\x46\x13\x8F\xF9\xED\xF5\x36\x4A\x5A\x23\xAF\xCA\xE0\x63", digest, COUNTOF(digest));
|
||||
pass4 = !fail && pass4;
|
||||
|
||||
hash.Update((const byte*)"\x00\x01\x02\x03\x04\x05\x06\x07\x08", 9);
|
||||
hash.Final(digest);
|
||||
fail = !!memcmp("\x9E\x73\x14\xB7\x54\x5C\xEC\xA3\x8B\x9A\x55\x49\xE4\xFB\x0B\xE8", digest, COUNTOF(digest));
|
||||
pass4 = !fail && pass4;
|
||||
|
||||
cout << (pass4 ? "passed " : "FAILED ") << "SipHash-4-8 128-bit MAC\n";
|
||||
pass = pass4 && pass;
|
||||
}
|
||||
|
||||
return pass;
|
||||
}
|
||||
|
||||
struct BLAKE2_TestTuples
|
||||
{
|
||||
const char *key, *message, *digest;
|
||||
@ -1283,7 +1458,7 @@ bool ValidateBLAKE2s()
|
||||
blake2s.Update((const byte*)tests[i].message, tests[i].mlen);
|
||||
blake2s.Final(digest);
|
||||
|
||||
fail = memcmp(digest, tests[i].digest, sizeof(digest)) != 0;
|
||||
fail = !!memcmp(digest, tests[i].digest, sizeof(digest)) != 0;
|
||||
if (fail)
|
||||
{
|
||||
cout << "FAILED " << "BLAKE2s test set " << i << endl;
|
||||
@ -1678,7 +1853,7 @@ bool ValidateBLAKE2b()
|
||||
blake2b.Update((const byte*)tests[i].message, tests[i].mlen);
|
||||
blake2b.Final(digest);
|
||||
|
||||
fail = memcmp(digest, tests[i].digest, sizeof(digest)) != 0;
|
||||
fail = !!memcmp(digest, tests[i].digest, sizeof(digest)) != 0;
|
||||
if (fail)
|
||||
{
|
||||
cout << "FAILED " << "BLAKE2b test set " << i << endl;
|
||||
|
@ -30,9 +30,10 @@ bool ValidateRIPEMD();
|
||||
bool ValidatePanama();
|
||||
bool ValidateWhirlpool();
|
||||
|
||||
bool ValidatePoly1305();
|
||||
bool ValidateBLAKE2s();
|
||||
bool ValidateBLAKE2b();
|
||||
bool ValidatePoly1305();
|
||||
bool ValidateSipHash();
|
||||
|
||||
bool ValidateHMAC();
|
||||
bool ValidateTTMAC();
|
||||
|
Loading…
x
Reference in New Issue
Block a user