poly1305: add tests

cosmycoder · cosmycoder · commit 466047c66d89 · 2014-06-07T15:45:48.000+02:00
diff --git a/src/rust-crypto/poly1305.rs b/src/rust-crypto/poly1305.rs
@@ -219,3 +219,138 @@ impl Mac for Poly1305 {
 
     fn output_bytes(&self) -> uint { 16 }
 }
+
+#[cfg(test)]
+mod test {
+    use poly1305::Poly1305;
+    use mac::Mac;
+
+    fn poly1305(key: &[u8], msg: &[u8], mac: &mut [u8]) {
+        let mut poly = Poly1305::new(key);
+        poly.input(msg);
+        poly.raw_result(mac);
+    }
+
+    #[test]
+    fn test_nacl_vector() {
+        let key = [
+            0xee,0xa6,0xa7,0x25,0x1c,0x1e,0x72,0x91,
+            0x6d,0x11,0xc2,0xcb,0x21,0x4d,0x3c,0x25,
+            0x25,0x39,0x12,0x1d,0x8e,0x23,0x4e,0x65,
+            0x2d,0x65,0x1f,0xa4,0xc8,0xcf,0xf8,0x80,
+        ];
+
+        let msg = [
+            0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73,
+            0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce,
+            0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4,
+            0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a,
+            0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b,
+            0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72,
+            0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2,
+            0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38,
+            0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a,
+            0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae,
+            0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea,
+            0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda,
+            0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde,
+            0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3,
+            0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6,
+            0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74,
+            0xe3,0x55,0xa5,
+        ];
+
+        let expected = [
+            0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5,
+            0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9,
+        ];
+
+        let mut mac = [0u8, ..16];
+        poly1305(key, msg, mac.as_mut_slice());
+        assert_eq!(mac.as_slice(), expected.as_slice());
+
+        let mut poly = Poly1305::new(key);
+        poly.input(msg.slice(  0,  32));
+        poly.input(msg.slice( 32,  96));
+        poly.input(msg.slice( 96, 112));
+        poly.input(msg.slice(112, 120));
+        poly.input(msg.slice(120, 124));
+        poly.input(msg.slice(124, 126));
+        poly.input(msg.slice(126, 127));
+        poly.input(msg.slice(127, 128));
+        poly.input(msg.slice(128, 129));
+        poly.input(msg.slice(129, 130));
+        poly.input(msg.slice(130, 131));
+        poly.raw_result(mac.as_mut_slice());
+        assert_eq!(mac.as_slice(), expected.as_slice());
+    }
+
+    #[test]
+    fn donna_self_test() {
+        let wrap_key = [
+            0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        ];
+
+        let wrap_msg = [
+            0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+            0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+        ];
+
+        let wrap_mac = [
+            0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        ];
+
+        let mut mac = [0u8, ..16];
+        poly1305(wrap_key, wrap_msg, mac.as_mut_slice());
+        assert_eq!(mac.as_slice(), wrap_mac.as_slice());
+
+        let total_key = [
+            0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0xff,
+            0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xff, 0xff,
+            0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+            0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
+        ];
+
+        let total_mac = [
+            0x64, 0xaf, 0xe2, 0xe8, 0xd6, 0xad, 0x7b, 0xbd,
+            0xd2, 0x87, 0xf9, 0x7c, 0x44, 0x62, 0x3d, 0x39,
+        ];
+
+        let mut tpoly = Poly1305::new(total_key);
+        for i in range(0u, 256) {
+            let key = Vec::from_elem(32,  i as u8);
+            let msg = Vec::from_elem(256, i as u8);
+            let mut mac = [0u8, ..16];
+            poly1305(key.as_slice(), msg.slice(0, i), mac);
+            tpoly.input(mac);
+        }
+        tpoly.raw_result(mac);
+        assert_eq!(mac.as_slice(), total_mac.as_slice());
+    }
+
+    #[test]
+    fn test_tls_vectors() {
+        // from http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-04
+        let key = bytes!("this is 32-byte key for Poly1305");
+        let msg = [0u8, ..32];
+        let expected = [
+            0x49, 0xec, 0x78, 0x09, 0x0e, 0x48, 0x1e, 0xc6,
+            0xc2, 0x6b, 0x33, 0xb9, 0x1c, 0xcc, 0x03, 0x07,
+        ];
+        let mut mac = [0u8, ..16];
+        poly1305(key, msg, mac.as_mut_slice());
+        assert_eq!(mac.as_slice(), expected.as_slice());
+
+        let msg = bytes!("Hello world!");
+        let expected= [
+            0xa6, 0xf7, 0x45, 0x00, 0x8f, 0x81, 0xc9, 0x16,
+            0xa2, 0x0d, 0xcc, 0x74, 0xee, 0xf2, 0xb2, 0xf0,
+        ];
+        poly1305(key, msg, mac.as_mut_slice());
+        assert_eq!(mac.as_slice(), expected.as_slice());
+    }
+}
diff --git a/src/rust-crypto/test.rs b/src/rust-crypto/test.rs
@@ -27,6 +27,7 @@ pub mod hmac;
 pub mod mac;
 pub mod md5;
 pub mod pbkdf2;
+pub mod poly1305;
 pub mod rc4;
 pub mod salsa20;
 pub mod scrypt;
