From 4f04a39d104a65d55762b6d03cf7ec21aac02ffa Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Mon, 23 May 2016 11:40:11 -0400 Subject: Fix GCM counter increment GCM is defined as having a 32-bit counter, but CTR_BE incremented the counter across the entire block. This caused incorrect results if a very large message (2**39 bits) was processed, or if the GHASH derived nonce ended up having a counter field near to 2**32 Thanks to Juraj Somorovsky for the bug report and repro. --- src/lib/stream/ctr/ctr.cpp | 17 +++++++++++++++-- src/lib/stream/ctr/ctr.h | 3 +++ 2 files changed, 18 insertions(+), 2 deletions(-) (limited to 'src/lib/stream') diff --git a/src/lib/stream/ctr/ctr.cpp b/src/lib/stream/ctr/ctr.cpp index 88c7a8d8e..f5301c099 100644 --- a/src/lib/stream/ctr/ctr.cpp +++ b/src/lib/stream/ctr/ctr.cpp @@ -23,10 +23,23 @@ CTR_BE::CTR_BE(BlockCipher* ciph) : m_cipher(ciph), m_counter(m_cipher->parallel_bytes()), m_pad(m_counter.size()), + m_ctr_size(m_cipher->block_size()), m_pad_pos(0) { } +CTR_BE::CTR_BE(BlockCipher* cipher, size_t ctr_size) : + m_cipher(cipher), + m_counter(m_cipher->parallel_bytes()), + m_pad(m_counter.size()), + m_ctr_size(ctr_size), + m_pad_pos(0) + { + //BOTAN_CHECK_ARG(m_ctr_size > 0 && m_ctr_size <= cipher->block_size(), "Invalid CTR size"); + if(m_ctr_size == 0 || m_ctr_size > m_cipher->block_size()) + throw Invalid_Argument("Invalid CTR-BE counter size"); + } + void CTR_BE::clear() { m_cipher->clear(); @@ -79,7 +92,7 @@ void CTR_BE::set_iv(const byte iv[], size_t iv_len) { buffer_insert(m_counter, i*bs, &m_counter[(i-1)*bs], bs); - for(size_t j = 0; j != bs; ++j) + for(size_t j = 0; j != m_ctr_size; ++j) if(++m_counter[i*bs + (bs - 1 - j)]) break; } @@ -99,7 +112,7 @@ void CTR_BE::increment_counter() for(size_t i = 0; i != n_wide; ++i) { uint16_t carry = static_cast(n_wide); - for(size_t j = 0; carry && j != bs; ++j) + for(size_t j = 0; carry && j != m_ctr_size; ++j) { const size_t off = i*bs + (bs-1-j); const uint16_t cnt = static_cast(m_counter[off]) + carry; diff --git a/src/lib/stream/ctr/ctr.h b/src/lib/stream/ctr/ctr.h index 8e931605c..003297b92 100644 --- a/src/lib/stream/ctr/ctr.h +++ b/src/lib/stream/ctr/ctr.h @@ -44,12 +44,15 @@ class BOTAN_DLL CTR_BE final : public StreamCipher * @param cipher the underlying block cipher to use */ explicit CTR_BE(BlockCipher* cipher); + + CTR_BE(BlockCipher* cipher, size_t ctr_size); private: void key_schedule(const byte key[], size_t key_len) override; void increment_counter(); std::unique_ptr m_cipher; secure_vector m_counter, m_pad; + size_t m_ctr_size; size_t m_pad_pos; }; -- cgit v1.2.3 From 00337c4ea2af6b1727be0bdf9b719c98760a14fd Mon Sep 17 00:00:00 2001 From: SimCog Date: Tue, 14 Jun 2016 18:21:10 +0200 Subject: Adding StreamCipher::seek interface, supporting seek in ChaCha, and also adding ChaCha8 support --- doc/credits.rst | 7 + doc/license.txt | 1 + src/lib/prov/openssl/openssl_rc4.cpp | 5 + src/lib/stream/chacha/chacha.cpp | 28 +- src/lib/stream/chacha/chacha.h | 4 +- src/lib/stream/ctr/ctr.cpp | 4 + src/lib/stream/ctr/ctr.h | 2 + src/lib/stream/ofb/ofb.cpp | 5 + src/lib/stream/ofb/ofb.h | 2 + src/lib/stream/rc4/rc4.cpp | 4 + src/lib/stream/rc4/rc4.h | 2 + src/lib/stream/salsa20/salsa20.cpp | 4 + src/lib/stream/salsa20/salsa20.h | 2 + src/lib/stream/stream_cipher.h | 6 + src/tests/data/stream/chacha.vec | 506 +++++++++++++++++++++++++++++++++++ src/tests/test_stream.cpp | 6 +- 16 files changed, 583 insertions(+), 5 deletions(-) (limited to 'src/lib/stream') diff --git a/doc/credits.rst b/doc/credits.rst index 6d62b6380..af78680a4 100644 --- a/doc/credits.rst +++ b/doc/credits.rst @@ -104,3 +104,10 @@ snail-mail address (S), and Bitcoin address (B). W: https://www.kullo.net D: Build system S: Germany + + N: Simon Cogliani + E: simon.cogliani@tanker.io + W: https://www.tanker.io/ + P: EA73 D0AF 5A81 A61A 8931 C2CA C9AB F2E4 3820 4F25 + D: Getting keystream of ChaCha + S: Paris, France diff --git a/doc/license.txt b/doc/license.txt index ef0b97ac1..fd4fd0a7b 100644 --- a/doc/license.txt +++ b/doc/license.txt @@ -29,6 +29,7 @@ Copyright (C) 1999-2013,2014,2015,2016 Jack Lloyd 2015,2016 Daniel Neus 2015 Uri Blumenthal 2015,2016 Kai Michaelis + 2016 Simon Cogliani All rights reserved. Redistribution and use in source and binary forms, with or without diff --git a/src/lib/prov/openssl/openssl_rc4.cpp b/src/lib/prov/openssl/openssl_rc4.cpp index e36535e08..070cdb14d 100644 --- a/src/lib/prov/openssl/openssl_rc4.cpp +++ b/src/lib/prov/openssl/openssl_rc4.cpp @@ -45,6 +45,11 @@ class OpenSSL_RC4 : public StreamCipher explicit OpenSSL_RC4(size_t skip = 0) : m_skip(skip) { clear(); } ~OpenSSL_RC4() { clear(); } + + void seek(u64bit) override + { + throw Exception("RC4 does not support seeking"); + } private: void cipher(const byte in[], byte out[], size_t length) override { diff --git a/src/lib/stream/chacha/chacha.cpp b/src/lib/stream/chacha/chacha.cpp index ac81fd70d..40da93029 100644 --- a/src/lib/stream/chacha/chacha.cpp +++ b/src/lib/stream/chacha/chacha.cpp @@ -12,8 +12,8 @@ namespace Botan { ChaCha::ChaCha(size_t rounds) : m_rounds(rounds) { - if(m_rounds != 12 && m_rounds != 20) - throw Invalid_Argument("ChaCha only supports 12 or 20 rounds"); + if(m_rounds != 8 && m_rounds != 12 && m_rounds != 20) + throw Invalid_Argument("ChaCha only supports 8, 12 or 20 rounds"); } namespace { @@ -67,7 +67,6 @@ void chacha(byte output[64], const u32bit input[16], size_t rounds) store_le(x14 + input[14], output + 4 * 14); store_le(x15 + input[15], output + 4 * 15); } - } /* @@ -173,4 +172,27 @@ std::string ChaCha::name() const return "ChaCha(" + std::to_string(m_rounds) + ")"; } +void ChaCha::seek(u64bit offset) + { + if (m_state.size() == 0 && m_buffer.size() == 0) + { + throw Invalid_State("You have to setup the stream cipher (key and iv)"); + } + + m_position = offset % m_buffer.size(); + + u64bit counter = offset / m_buffer.size(); + + byte out[8]; + + store_le(counter, out); + + m_state[12] = load_le(out, 0); + m_state[13] += load_le(out, 1); + + chacha(m_buffer.data(), m_state.data(), m_rounds); + + ++m_state[12]; + m_state[13] += (m_state[12] == 0); + } } diff --git a/src/lib/stream/chacha/chacha.h b/src/lib/stream/chacha/chacha.h index ba93d6260..f8f42e41d 100644 --- a/src/lib/stream/chacha/chacha.h +++ b/src/lib/stream/chacha/chacha.h @@ -21,7 +21,7 @@ class BOTAN_DLL ChaCha final : public StreamCipher StreamCipher* clone() const override { return new ChaCha(m_rounds); } /** - * Currently only 12 or 20 rounds are supported, all others + * Currently only 8, 12 or 20 rounds are supported, all others * will throw an exception */ ChaCha(size_t rounds); @@ -42,6 +42,8 @@ class BOTAN_DLL ChaCha final : public StreamCipher std::string name() const override; + void seek(u64bit offset) override; + private: void key_schedule(const byte key[], size_t key_len) override; diff --git a/src/lib/stream/ctr/ctr.cpp b/src/lib/stream/ctr/ctr.cpp index f5301c099..43609ba2d 100644 --- a/src/lib/stream/ctr/ctr.cpp +++ b/src/lib/stream/ctr/ctr.cpp @@ -125,4 +125,8 @@ void CTR_BE::increment_counter() m_pad_pos = 0; } +void CTR_BE::seek(u64bit) + { + throw Not_Implemented("CTR_BE::seek"); + } } diff --git a/src/lib/stream/ctr/ctr.h b/src/lib/stream/ctr/ctr.h index 003297b92..5d5556254 100644 --- a/src/lib/stream/ctr/ctr.h +++ b/src/lib/stream/ctr/ctr.h @@ -46,6 +46,8 @@ class BOTAN_DLL CTR_BE final : public StreamCipher explicit CTR_BE(BlockCipher* cipher); CTR_BE(BlockCipher* cipher, size_t ctr_size); + + void seek(u64bit offset) override; private: void key_schedule(const byte key[], size_t key_len) override; void increment_counter(); diff --git a/src/lib/stream/ofb/ofb.cpp b/src/lib/stream/ofb/ofb.cpp index e8cb463db..3337a0c14 100644 --- a/src/lib/stream/ofb/ofb.cpp +++ b/src/lib/stream/ofb/ofb.cpp @@ -73,4 +73,9 @@ void OFB::set_iv(const byte iv[], size_t iv_len) m_buf_pos = 0; } + +void OFB::seek(u64bit) + { + throw Exception("OFB does not support seeking"); + } } diff --git a/src/lib/stream/ofb/ofb.h b/src/lib/stream/ofb/ofb.h index fecd47d9d..127a06578 100644 --- a/src/lib/stream/ofb/ofb.h +++ b/src/lib/stream/ofb/ofb.h @@ -44,6 +44,8 @@ class BOTAN_DLL OFB final : public StreamCipher * @param cipher the underlying block cipher to use */ explicit OFB(BlockCipher* cipher); + + void seek(u64bit offset) override; private: void key_schedule(const byte key[], size_t key_len) override; diff --git a/src/lib/stream/rc4/rc4.cpp b/src/lib/stream/rc4/rc4.cpp index 895f38091..a4dea9e2b 100644 --- a/src/lib/stream/rc4/rc4.cpp +++ b/src/lib/stream/rc4/rc4.cpp @@ -113,4 +113,8 @@ void RC4::clear() */ RC4::RC4(size_t s) : m_SKIP(s) {} +void RC4::seek(u64bit) + { + throw Exception("RC4 does not support seeking"); + } } diff --git a/src/lib/stream/rc4/rc4.h b/src/lib/stream/rc4/rc4.h index f166a2772..88798fae6 100644 --- a/src/lib/stream/rc4/rc4.h +++ b/src/lib/stream/rc4/rc4.h @@ -39,6 +39,8 @@ class BOTAN_DLL RC4 final : public StreamCipher explicit RC4(size_t skip = 0); ~RC4() { clear(); } + + void seek(u64bit offset) override; private: void key_schedule(const byte[], size_t) override; void generate(); diff --git a/src/lib/stream/salsa20/salsa20.cpp b/src/lib/stream/salsa20/salsa20.cpp index 1d3fe3d28..f11fe5e59 100644 --- a/src/lib/stream/salsa20/salsa20.cpp +++ b/src/lib/stream/salsa20/salsa20.cpp @@ -227,4 +227,8 @@ void Salsa20::clear() m_position = 0; } +void Salsa20::seek(u64bit) + { + throw Not_Implemented("Salsa20::seek"); + } } diff --git a/src/lib/stream/salsa20/salsa20.h b/src/lib/stream/salsa20/salsa20.h index 7e75470da..8256ea4db 100644 --- a/src/lib/stream/salsa20/salsa20.h +++ b/src/lib/stream/salsa20/salsa20.h @@ -33,6 +33,8 @@ class BOTAN_DLL Salsa20 final : public StreamCipher void clear() override; std::string name() const override; StreamCipher* clone() const override { return new Salsa20; } + + void seek(u64bit offset) override; private: void key_schedule(const byte key[], size_t key_len) override; diff --git a/src/lib/stream/stream_cipher.h b/src/lib/stream/stream_cipher.h index bff1fd1a6..56bd2d5d9 100644 --- a/src/lib/stream/stream_cipher.h +++ b/src/lib/stream/stream_cipher.h @@ -80,6 +80,12 @@ class BOTAN_DLL StreamCipher : public SymmetricAlgorithm */ virtual StreamCipher* clone() const = 0; + /** + * Set the offset and the state used later to generate the keystream + * @param offset the offset where we begin to generate the keystream + */ + virtual void seek(u64bit offset) = 0; + StreamCipher(); virtual ~StreamCipher(); }; diff --git a/src/tests/data/stream/chacha.vec b/src/tests/data/stream/chacha.vec index 1c3c18c7c..f51ff0812 100644 --- a/src/tests/data/stream/chacha.vec +++ b/src/tests/data/stream/chacha.vec @@ -1,3 +1,104 @@ +[ChaCha(8)] + +# Tests got from the original implementation of Daniel J. Bernstein + +Key = 00000000000000000000000000000000 +Nonce = 0000000000000000 +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = E28A5FA4A67F8C5DEFED3E6FB7303486AA8427D31419A729572D777953491120B64AB8E72B8DEB85CD6AEA7CB6089A101824BEEB08814A428AAB1FA2C816081B + +Key = 0000000000000000000000000000000000000000000000000000000000000000 +Nonce = 000000000000000000000002 +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = FD74BC4D822E344ACA041ACB39789BDA359D16B7709A7676B03B0F06117685B33B5E1E7DB844BE88ACCFC8370C808FB4BFBFDE831358476F09E34F2045AE61C0AC4120E44862548D3E5B577C695005115CFB158B9B6341BFC0561B9EAEE34D114583FB5FC901D5EA85019EAD2D4F618A5FC97954A5913576CD6BA32E710DA15A52D9A5B74B6E2F1D333C6405A5D6F64E2B1CED579A5FFBEB390A756755FED56AF37061CCC3A1D4DF6421F7A4D7811919F95A7F8533826DAB256A09E58CBFC5A04F83B063BBB169D2B05AFA6C8B3EC5880DB3346193860671AFFB3F9A5B56F771231393330816FFBD0E66F6D6B598178461CF5BE424A84A8D426DDB4B88FCB275 + +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 2E214501D03825E75AC476151531939D6DB48E04588D91CB6CAC080F87CDF6A95C6A0245E0333A970BB8E8C373A0CA81E2592224712B8002D3AA52835DF513F5D4CCCD346E24968A9BBE43C770EF563968821B21FDF26583F51D9F3ED89EBA912B2EC460C460BE062B8AE3604569FDFD0B1312F7705E9D7A33DCBE720D69308CD89AC06C58545C47148BD68C1E61A838DD3BFB88A5ADC721DEAB8147B9EC16A77FC8466C0B791D29AC2068769D8AA54A5D15A11580FA9A375F2D0072E1FB8EF5A27EF31B7710E196B3D061C911FFA93D067364D23B1FE69EA1318202BF94C8718CB44F4383D678C493A5C5502F02A9BA861534DD2BDC9559587BFEED4A08F5C3 + +# Test vector in a draft "Test Vectors for the Stream Cipher ChaCha draft-strombergson-chacha-test-vectors-00" available at the following link: http://tools.ietf.org/html/draft-strombergson-chacha-test-vectors-00. +# The document links a github repo where you can find all the vectors https://github.com/secworks/chacha_testvectors/ + +Key = 00000000000000000000000000000000 +Nonce = 0000000000000000 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = E28A5FA4A67F8C5DEFED3E6FB7303486AA8427D31419A729572D777953491120B64AB8E72B8DEB85CD6AEA7CB6089A101824BEEB08814A428AAB1FA2C816081B8A26AF448A1BA906368FD8C83831C18CEC8CED811A028E675B8D2BE8FCE081165CEAE9F1D1B7A975497749480569CEB83DE6A0A587D4984F19925F5D338E430D + +Key = 0000000000000000000000000000000000000000000000000000000000000000 +Nonce = 0000000000000000 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 3E00EF2F895F40D67F5BB8E81F09A5A12C840EC3CE9A7F3B181BE188EF711A1E984CE172B9216F419F445367456D5619314A42A3DA86B001387BFDB80E0CFE42D2AEFA0DEAA5C151BF0ADB6C01F2A5ADC0FD581259F9A2AADCF20F8FD566A26B5032EC38BBC5DA98EE0C6F568B872A65A08ABF251DEB21BB4B56E5D8821E68AA + +Key = 01000000000000000000000000000000 +Nonce = 0000000000000000 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 03A7669888605A0765E8357475E58673F94FC8161DA76C2A3AA2F3CAF9FE5449E0FCF38EB882656AF83D430D410927D55C972AC4C92AB9DA3713E19F761EAA147138C25C8A7CE3D5E7546746FFD2E3515CE6A4B1B2D3F380138668ED39FA92F8A1AEE36258E05FAE6F566673511765FDB59E05163D55A708C5F9BC45045124CB + +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Nonce = 0000000000000000 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = CF5EE9A0494AA9613E05D5ED725B804B12F4A465EE635ACC3A311DE8740489EA289D04F43C7518DB56EB4433E498A1238CD8464D3763DDBB9222EE3BD8FAE3C8B4355A7D93DD8867089EE643558B95754EFA2BD1A8A1E2D75BCDB32015542638291941FEB49965587C4FDFE219CF0EC132A6CD4DC067392E67982FE53278C0B4 + +Key = 00000000000000000000000000000000 +Nonce = 0100000000000000 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 25F5BEC6683916FF44BCCD12D102E692176663F4CAC53E719509CA74B6B2EEC85DA4236FB29902012ADC8F0D86C8187D25CD1C486966930D0204C4EE88A6AB355A6C9976C7BC6E78BAF3108C5364EF42B93B35D2694D2DDF72A4FC7ECDB968FCFE16BEDB8D48102FB54F1CE3636E914C0E2DADC7CAA2AB1929733A9263325E72 + +Key = 0000000000000000000000000000000000000000000000000000000000000000 +Nonce = 0100000000000000 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 2B8F4BB3798306CA5130D47C4F8D4ED13AA0EDCCC1BE6942090FAEECA0D7599B7FF0FE616BB25AA0153AD6FDC88B954903C22426D478B97B22B8F9B1DB00CF06470BDFFBC488A8B7C701EBF4061D75C5969186497C95367809AFA80BD843B040A79ABC6E73A91757F1DB73C8EACFA543B38F289D065AB2F3032D377B8C37FE46 + +Key = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF +Nonce = FFFFFFFFFFFFFFFF +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 2204D5B81CE662193E00966034F91302F14A3FB047F58B6E6EF0D721132304163E0FB640D76FF9C3B9CD99996E6E38FAD13F0E31C82244D33ABBC1B11E8BF12D9A81D78E9E56604DDFAE136921F51C9D81AE15119DB8E756DD28024493EE571D363AE4BBCD6E7D300F99D2673AEB92CCFC6E43A38DC31BACD66B28F17B22B28A + +Key = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF +Nonce = FFFFFFFFFFFFFFFF +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = E163BBF8C9A739D18925EE8362DAD2CDC973DF05225AFB2AA26396F2A9849A4A445E0547D31C1623C537DF4BA85C70A9884A35BCBF3DFAB077E98B0F68135F5481D4933F8B322AC0CD762C27235CE2B31534E0244A9A2F1FD5E94498D47FF108790C009CF9E1A348032A7694CB28024CD96D3498361EDB1785AF752D187AB54B + +Key = 55555555555555555555555555555555 +Nonce = 5555555555555555 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = F0A23BC36270E18ED0691DC384374B9B2C5CB60110A03F56FA48A9FBBAD961AA6BAB4D892E96261B6F1A0919514AE56F86E066E17C71A4176AC684AF1C931996950F754E728BD061D176ECF571C62A5EA5C776697B3193D3EA94CF17D7F0A14E504859D1A67C248AB298BE3BB7EDED3A23F61B6C5BD1A5A4CFC84BFC3D295AC5 + +Key = 5555555555555555555555555555555555555555555555555555555555555555 +Nonce = 5555555555555555 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 7CB78214E4D3465B6DC62CF7A1538C88996952B4FB72CB6105F1243CE3442E2975A59EBCD2B2A598290D7538491FE65BDBFEFD060D88798120A70D049DC2677DD48FF5A2513E497A5D54802D7484C4F1083944D8D0D14D6482CE09F7E5EBF20B29807D62C31874D02F5D3CC85381A745ECBC60525205E300A76961BFE51AC07C + +Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +Nonce = AAAAAAAAAAAAAAAA +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 312D95C0BC38EFF4942DB2D50BDC500A30641EF7132DB1A8AE838B3BEA3A7AB03815D7A4CC09DBF5882A3433D743ACED48136EBAB73299506855C0F5437A36C6EF5AD3D6A4F6C35D9D66C2E34005B91BBBE3099E135A00CE2F700745BE6253195824D4B19F69731B6177E624358C7977E67552F519B470E3F7A8EC965DC3BEDA + +Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +Nonce = AAAAAAAAAAAAAAAA +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 40F9AB86C8F9A1A0CDC05A75E5531B612D71EF7F0CF9E387DF6ED6972F0AAE21311AA581F816C90E8A99DE990B6B95AAC92450F4E112712667B804C99E9C6EDAF8D144F560C8C0EA36880D3B77874C9A9103D147F6DED386284801A4EE158E5EA4F9C093FC55FD344C33349DC5B699E21DC83B4296F92EE3ECABF3D51F95FE3F + +Key = 00112233445566778899AABBCCDDEEFF +Nonce = 0F1E2D3C4B5A6978 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 29560D280B4528400A8F4B795369FB3A01105599E9F1ED58279CFC9ECE2DC5F99F1C2E52C98238F542A5C0A881D850B615D3ACD9FBDB026E9368565DA50E0D49DD5BE8EF74248B3E251D965D8FCB21E7CFE204D4007806FBEE3CE94C74BFBAD2C11C621BA048147C5CAA94D182CCFF6FD5CF44ADF96E3D68281BB49676AF87E7 + +Key = 00112233445566778899AABBCCDDEEFFFFEEDDCCBBAA99887766554433221100 +Nonce = 0F1E2D3C4B5A6978 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = DB43AD9D1E842D1272E4530E276B3F568F8859B3F7CF6D9D2C74FA53808CB5157A8EBF46AD3DCC4B6C7DADDE131784B0120E0E22F6D5F9FFA7407D4A21B695D9C5DD30BF55612FAB9BDD118920C19816470C7F5DCD42325DBBED8C57A56281C144CB0F03E81B3004624E0650A1CE5AFAF9A7CD8163F6DBD72602257DD96E471E + +Key = C46EC1B18CE8A878725A37E780DFB735 +Nonce = 1ADA31D5CF688221 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 6A870108859F679118F3E205E2A56A6826EF5A60A4102AC8D4770059FCB7C7BAE02F5CE004A6BFBBEA53014DD82107C0AA1C7CE11B7D78F2D50BD3602BBD25940560BB6A84289E0B38F5DD21D6EF6D7737E3EC0FB772DA2C71C2397762E5DBBBF449E3D1639CCBFA3E069C4D871ED6395B22AAF35C8DA6DE2DEC3D77880DA8E8 + +Key = C46EC1B18CE8A878725A37E780DFB7351F68ED2E194C79FBC6AEBEE1A667975D +Nonce = 1ADA31D5CF688221 +In = 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 838751B42D8DDD8A3D77F48825A2BA752CF4047CB308A5978EF274973BE374C96AD848065871417B08F034E681FE46A93F7D5C61D1306614D4AAF257A7CFF08B16F2FDA170CC18A4B58A2667ED962774AF792A6E7F3C77992540711A7A136D7E8A2F8D3F93816709D45A3FA5F8CE72FDE15BE7B841ACBA3A2ABD557228D9FE4F [ChaCha(12)] @@ -43,8 +144,413 @@ In = 00000000000000000000000000000000000000000000000000000000000000000000000000 Out = F798A189F195E66982105FFB640BB7757F579DA31602FC93EC01AC56F85AC3C134A4547B733B46413042C9440049176905D3BE59EA1C53F15916155C2BE8241A38008B9A26BC35941E2444177C8ADE6689DE95264986D95889FB60E84629C9BD9A5ACB1CC118BE563EB9B3A4A472F82E09A7E778492B562EF7130E88DFE031C79DB9D4F7C7A899151B9A475032B63FC385245FE054E3DD5A97A5F576FE064025D3CE042C566AB2C507B138DB853E3D6959660996546CC9C4A6EAFDC777C040D70EAF46F76DAD3979E5C5360C3317166A1C894C94A371876A94DF7628FE4EAAF2CCB27D5AAAE0AD7AD0F9D4B6AD3B54098746D4524D38407A6DEB # From draft-irtf-cfrg-chacha20-poly1305-03 +# Key = 0000000000000000000000000000000000000000000000000000000000000000 Nonce = 000000000000000000000002 In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Out = C2C64D378CD536374AE204B9EF933FCD1A8B2288B3DFA49672AB765B54EE27C78A970E0E955C14F3A88E741B97C286F75F8FC299E8148362FA198A39531BED6D +# Test seek offset +# Tests got from the original implementation of Daniel J. Bernstein +# +Seek = 0 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 103AF111C18B549D39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED + +Seek = 1 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 3AF111C18B549D39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89 + +Seek = 2 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = F111C18B549D39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB + +Seek = 3 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 11C18B549D39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08 + +Seek = 4 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = C18B549D39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB0800 + +Seek = 5 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 8B549D39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB080029 + +Seek = 6 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 549D39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917 + +Seek = 7 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 9D39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A5 + +Seek = 8 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 39248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540 + +Seek = 9 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 248FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7 + +Seek = 10 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 8FB07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B783 + +Seek = 11 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = B07D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833F + +Seek = 12 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 7D60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3 + +Seek = 13 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 60C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF398 + +Seek = 14 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = C29A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D + +Seek = 15 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 9A95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E + +Seek = 16 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 95D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63 + +Seek = 17 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = D1DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C9 + +Seek = 18 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = DB88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970 + +Seek = 19 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 88D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2 + +Seek = 20 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = D892F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E7 + +Seek = 21 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 92F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E751 + +Seek = 22 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = F7B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174 + +Seek = 23 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = B4AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174AD + +Seek = 24 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = AF709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9 + +Seek = 25 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 709A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6 + +Seek = 26 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 9A5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E697 + +Seek = 27 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 5FD47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972F + +Seek = 28 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = D47A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC5 + +Seek = 29 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 7A9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575 + +Seek = 30 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 9E4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0 + +Seek = 31 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 4BD5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A6 + +Seek = 32 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = D5FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63C + +Seek = 33 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = FF9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC + +Seek = 34 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 9A658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC80 + +Seek = 35 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 658DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802C + +Seek = 36 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 8DD52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3 + +Seek = 37 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = D52C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E6 + +Seek = 38 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 2C708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61E + +Seek = 39 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 708BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB1 + +Seek = 40 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 8BEF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198 + +Seek = 41 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = EF1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB19837 + +Seek = 42 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 1F0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB1983732 + +Seek = 43 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 0F622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276 + +Seek = 44 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 622B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D8 + +Seek = 45 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 2B3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865 + +Seek = 46 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 3747040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D86594 + +Seek = 47 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 47040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F + +Seek = 48 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 040FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F23 + +Seek = 49 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 0FA3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E + +Seek = 50 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = A3551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84 + +Seek = 51 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 551300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A9 + +Seek = 52 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 1300B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974 + +Seek = 53 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 00B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD + +Seek = 54 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = B1F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28 + +Seek = 55 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = F293150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B8 + +Seek = 56 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 93150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B + +Seek = 57 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 150A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12 + +Seek = 58 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 0A88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12B8 + +Seek = 59 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 88620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12B8D9 + +Seek = 60 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 620D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12B8D907 + +Seek = 61 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 0D5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12B8D90790 + +Seek = 62 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 5FED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12B8D907904F + +Seek = 63 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = ED89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12B8D907904F9E + +Seek = 64 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = 89FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12B8D907904F9ED6 + +Seek = 65 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = FB08002917A540B7833FF3981D0E63C970B2E75174ADB9E6972FC575C0A63CEC802CF3E61EB198373276D865948F237E84A974FD28B89B12B8D907904F9ED679 + +Seek = 4294967232 +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Nonce = 000102030405060708090A0B +In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Out = DBF81BB406517BE1A54F4740E5DDDF2B7965747B757FA9D5B7EDD6B27FEDDB89D5D47F9B24E57DF393017A5079F61852CD8B86859884120AF867D25D3B259E2B diff --git a/src/tests/test_stream.cpp b/src/tests/test_stream.cpp index 232fdcdd9..d3d83c26c 100644 --- a/src/tests/test_stream.cpp +++ b/src/tests/test_stream.cpp @@ -18,7 +18,7 @@ class Stream_Cipher_Tests : public Text_Based_Test { public: Stream_Cipher_Tests(): Text_Based_Test("stream", - {"Key", "In", "Out"}, {"Nonce"}) {} + {"Key", "In", "Out"}, {"Nonce", "Seek"}) {} Test::Result run_one_test(const std::string& algo, const VarMap& vars) override { @@ -26,6 +26,7 @@ class Stream_Cipher_Tests : public Text_Based_Test const std::vector input = get_req_bin(vars, "In"); const std::vector expected = get_req_bin(vars, "Out"); const std::vector nonce = get_opt_bin(vars, "Nonce"); + const size_t seek = get_opt_sz(vars, "Seek", 0); Test::Result result(algo); @@ -53,6 +54,9 @@ class Stream_Cipher_Tests : public Text_Based_Test if(nonce.size()) cipher->set_iv(nonce.data(), nonce.size()); + if (seek != 0) + cipher->seek(seek); + std::vector buf = input; cipher->encrypt(buf); -- cgit v1.2.3 From adfc3e082d176f2f5141374f507a13d575898cff Mon Sep 17 00:00:00 2001 From: René Korthaus Date: Tue, 19 Jul 2016 15:28:09 +0200 Subject: Make Stream_Cipher::set_iv() pure virtual It provided a default implementation that only checked that the length was correct, but ignored the actual data and did not notify the caller, which seemed like a rather odd behaviour. The only implementation that used this default implementation, RC4, now throws an exception. --- src/lib/prov/openssl/openssl_rc4.cpp | 6 ++++++ src/lib/stream/rc4/rc4.cpp | 6 ++++++ src/lib/stream/rc4/rc4.h | 2 ++ src/lib/stream/stream_cipher.cpp | 6 ------ src/lib/stream/stream_cipher.h | 2 +- 5 files changed, 15 insertions(+), 7 deletions(-) (limited to 'src/lib/stream') diff --git a/src/lib/prov/openssl/openssl_rc4.cpp b/src/lib/prov/openssl/openssl_rc4.cpp index 070cdb14d..d6246e4ab 100644 --- a/src/lib/prov/openssl/openssl_rc4.cpp +++ b/src/lib/prov/openssl/openssl_rc4.cpp @@ -12,6 +12,7 @@ #include #include #include +#include #include namespace Botan { @@ -46,6 +47,11 @@ class OpenSSL_RC4 : public StreamCipher explicit OpenSSL_RC4(size_t skip = 0) : m_skip(skip) { clear(); } ~OpenSSL_RC4() { clear(); } + void set_iv(const byte*, size_t) override + { + throw Exception("RC4 does not support an IV"); + } + void seek(u64bit) override { throw Exception("RC4 does not support seeking"); diff --git a/src/lib/stream/rc4/rc4.cpp b/src/lib/stream/rc4/rc4.cpp index a4dea9e2b..e5ea2e2b8 100644 --- a/src/lib/stream/rc4/rc4.cpp +++ b/src/lib/stream/rc4/rc4.cpp @@ -6,6 +6,7 @@ */ #include +#include namespace Botan { @@ -35,6 +36,11 @@ void RC4::cipher(const byte in[], byte out[], size_t length) m_position += length; } +void RC4::set_iv(const byte*, size_t) + { + throw Exception("RC4 does not support an IV"); + } + /* * Generate cipher stream */ diff --git a/src/lib/stream/rc4/rc4.h b/src/lib/stream/rc4/rc4.h index 88798fae6..82dd6097b 100644 --- a/src/lib/stream/rc4/rc4.h +++ b/src/lib/stream/rc4/rc4.h @@ -21,6 +21,8 @@ class BOTAN_DLL RC4 final : public StreamCipher public: void cipher(const byte in[], byte out[], size_t length) override; + void set_iv(const byte iv[], size_t iv_len) override; + void clear() override; std::string name() const override; diff --git a/src/lib/stream/stream_cipher.cpp b/src/lib/stream/stream_cipher.cpp index 6f98df1fb..cd6400d8f 100644 --- a/src/lib/stream/stream_cipher.cpp +++ b/src/lib/stream/stream_cipher.cpp @@ -44,12 +44,6 @@ std::vector StreamCipher::providers(const std::string& algo_spec) StreamCipher::StreamCipher() {} StreamCipher::~StreamCipher() {} -void StreamCipher::set_iv(const byte[], size_t iv_len) - { - if(!valid_iv_length(iv_len)) - throw Invalid_IV_Length(name(), iv_len); - } - #if defined(BOTAN_HAS_CHACHA) BOTAN_REGISTER_T_1LEN(StreamCipher, ChaCha, 20); #endif diff --git a/src/lib/stream/stream_cipher.h b/src/lib/stream/stream_cipher.h index 56bd2d5d9..e08bee0ce 100644 --- a/src/lib/stream/stream_cipher.h +++ b/src/lib/stream/stream_cipher.h @@ -67,7 +67,7 @@ class BOTAN_DLL StreamCipher : public SymmetricAlgorithm * @param iv the initialization vector * @param iv_len the length of the IV in bytes */ - virtual void set_iv(const byte[], size_t iv_len); + virtual void set_iv(const byte[], size_t iv_len) = 0; /** * @param iv_len the length of the IV in bytes -- cgit v1.2.3