chacha20_test.go 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275
  1. // chacha20_test.go - RFC 7539 ChaCha20 tests
  2. //
  3. // To the extent possible under law, Yawning Angel has waived all copyright
  4. // and related or neighboring rights to the software, using the Creative
  5. // Commons "CC0" public domain dedication. See LICENSE or
  6. // <http://creativecommons.org/publicdomain/zero/1.0/> for full details.
  7. package hs1siv
  8. import (
  9. "fmt"
  10. "testing"
  11. "github.com/stretchr/testify/require"
  12. )
  13. func TestChaCha20(t *testing.T) {
  14. forceDisableHardwareAcceleration()
  15. impl := "_" + hardwareAccelImpl
  16. t.Run("ChaCha20"+impl, func(t *testing.T) { doTestChaCha20(t) })
  17. if !canAccelerate {
  18. t.Log("Hardware acceleration not supported on this host.")
  19. return
  20. }
  21. mustInitHardwareAcceleration()
  22. impl = "_" + hardwareAccelImpl
  23. t.Run("ChaCha20"+impl, func(t *testing.T) { doTestChaCha20(t) })
  24. }
  25. var rfc7539TestVectors = []struct {
  26. key []byte
  27. nonce []byte
  28. plaintext []byte
  29. ciphertext []byte
  30. initialCounter uint32
  31. }{
  32. {
  33. []byte{
  34. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  35. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  36. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  37. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  38. },
  39. []byte{
  40. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  41. 0x00, 0x00, 0x00, 0x00,
  42. },
  43. []byte{
  44. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  45. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  46. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  47. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  48. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  49. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  50. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  51. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  52. },
  53. []byte{
  54. 0x76, 0xb8, 0xe0, 0xad, 0xa0, 0xf1, 0x3d, 0x90,
  55. 0x40, 0x5d, 0x6a, 0xe5, 0x53, 0x86, 0xbd, 0x28,
  56. 0xbd, 0xd2, 0x19, 0xb8, 0xa0, 0x8d, 0xed, 0x1a,
  57. 0xa8, 0x36, 0xef, 0xcc, 0x8b, 0x77, 0x0d, 0xc7,
  58. 0xda, 0x41, 0x59, 0x7c, 0x51, 0x57, 0x48, 0x8d,
  59. 0x77, 0x24, 0xe0, 0x3f, 0xb8, 0xd8, 0x4a, 0x37,
  60. 0x6a, 0x43, 0xb8, 0xf4, 0x15, 0x18, 0xa1, 0x1c,
  61. 0xc3, 0x87, 0xb6, 0x69, 0xb2, 0xee, 0x65, 0x86,
  62. },
  63. 0,
  64. },
  65. {
  66. []byte{
  67. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  68. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  69. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  70. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
  71. },
  72. []byte{
  73. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  74. 0x00, 0x00, 0x00, 0x02,
  75. },
  76. []byte{
  77. 0x41, 0x6e, 0x79, 0x20, 0x73, 0x75, 0x62, 0x6d,
  78. 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x20, 0x74,
  79. 0x6f, 0x20, 0x74, 0x68, 0x65, 0x20, 0x49, 0x45,
  80. 0x54, 0x46, 0x20, 0x69, 0x6e, 0x74, 0x65, 0x6e,
  81. 0x64, 0x65, 0x64, 0x20, 0x62, 0x79, 0x20, 0x74,
  82. 0x68, 0x65, 0x20, 0x43, 0x6f, 0x6e, 0x74, 0x72,
  83. 0x69, 0x62, 0x75, 0x74, 0x6f, 0x72, 0x20, 0x66,
  84. 0x6f, 0x72, 0x20, 0x70, 0x75, 0x62, 0x6c, 0x69,
  85. 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x61,
  86. 0x73, 0x20, 0x61, 0x6c, 0x6c, 0x20, 0x6f, 0x72,
  87. 0x20, 0x70, 0x61, 0x72, 0x74, 0x20, 0x6f, 0x66,
  88. 0x20, 0x61, 0x6e, 0x20, 0x49, 0x45, 0x54, 0x46,
  89. 0x20, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65,
  90. 0x74, 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x20,
  91. 0x6f, 0x72, 0x20, 0x52, 0x46, 0x43, 0x20, 0x61,
  92. 0x6e, 0x64, 0x20, 0x61, 0x6e, 0x79, 0x20, 0x73,
  93. 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e, 0x74,
  94. 0x20, 0x6d, 0x61, 0x64, 0x65, 0x20, 0x77, 0x69,
  95. 0x74, 0x68, 0x69, 0x6e, 0x20, 0x74, 0x68, 0x65,
  96. 0x20, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
  97. 0x20, 0x6f, 0x66, 0x20, 0x61, 0x6e, 0x20, 0x49,
  98. 0x45, 0x54, 0x46, 0x20, 0x61, 0x63, 0x74, 0x69,
  99. 0x76, 0x69, 0x74, 0x79, 0x20, 0x69, 0x73, 0x20,
  100. 0x63, 0x6f, 0x6e, 0x73, 0x69, 0x64, 0x65, 0x72,
  101. 0x65, 0x64, 0x20, 0x61, 0x6e, 0x20, 0x22, 0x49,
  102. 0x45, 0x54, 0x46, 0x20, 0x43, 0x6f, 0x6e, 0x74,
  103. 0x72, 0x69, 0x62, 0x75, 0x74, 0x69, 0x6f, 0x6e,
  104. 0x22, 0x2e, 0x20, 0x53, 0x75, 0x63, 0x68, 0x20,
  105. 0x73, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e,
  106. 0x74, 0x73, 0x20, 0x69, 0x6e, 0x63, 0x6c, 0x75,
  107. 0x64, 0x65, 0x20, 0x6f, 0x72, 0x61, 0x6c, 0x20,
  108. 0x73, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e,
  109. 0x74, 0x73, 0x20, 0x69, 0x6e, 0x20, 0x49, 0x45,
  110. 0x54, 0x46, 0x20, 0x73, 0x65, 0x73, 0x73, 0x69,
  111. 0x6f, 0x6e, 0x73, 0x2c, 0x20, 0x61, 0x73, 0x20,
  112. 0x77, 0x65, 0x6c, 0x6c, 0x20, 0x61, 0x73, 0x20,
  113. 0x77, 0x72, 0x69, 0x74, 0x74, 0x65, 0x6e, 0x20,
  114. 0x61, 0x6e, 0x64, 0x20, 0x65, 0x6c, 0x65, 0x63,
  115. 0x74, 0x72, 0x6f, 0x6e, 0x69, 0x63, 0x20, 0x63,
  116. 0x6f, 0x6d, 0x6d, 0x75, 0x6e, 0x69, 0x63, 0x61,
  117. 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x6d, 0x61,
  118. 0x64, 0x65, 0x20, 0x61, 0x74, 0x20, 0x61, 0x6e,
  119. 0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20, 0x6f,
  120. 0x72, 0x20, 0x70, 0x6c, 0x61, 0x63, 0x65, 0x2c,
  121. 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x61,
  122. 0x72, 0x65, 0x20, 0x61, 0x64, 0x64, 0x72, 0x65,
  123. 0x73, 0x73, 0x65, 0x64, 0x20, 0x74, 0x6f,
  124. },
  125. []byte{
  126. 0xa3, 0xfb, 0xf0, 0x7d, 0xf3, 0xfa, 0x2f, 0xde,
  127. 0x4f, 0x37, 0x6c, 0xa2, 0x3e, 0x82, 0x73, 0x70,
  128. 0x41, 0x60, 0x5d, 0x9f, 0x4f, 0x4f, 0x57, 0xbd,
  129. 0x8c, 0xff, 0x2c, 0x1d, 0x4b, 0x79, 0x55, 0xec,
  130. 0x2a, 0x97, 0x94, 0x8b, 0xd3, 0x72, 0x29, 0x15,
  131. 0xc8, 0xf3, 0xd3, 0x37, 0xf7, 0xd3, 0x70, 0x05,
  132. 0x0e, 0x9e, 0x96, 0xd6, 0x47, 0xb7, 0xc3, 0x9f,
  133. 0x56, 0xe0, 0x31, 0xca, 0x5e, 0xb6, 0x25, 0x0d,
  134. 0x40, 0x42, 0xe0, 0x27, 0x85, 0xec, 0xec, 0xfa,
  135. 0x4b, 0x4b, 0xb5, 0xe8, 0xea, 0xd0, 0x44, 0x0e,
  136. 0x20, 0xb6, 0xe8, 0xdb, 0x09, 0xd8, 0x81, 0xa7,
  137. 0xc6, 0x13, 0x2f, 0x42, 0x0e, 0x52, 0x79, 0x50,
  138. 0x42, 0xbd, 0xfa, 0x77, 0x73, 0xd8, 0xa9, 0x05,
  139. 0x14, 0x47, 0xb3, 0x29, 0x1c, 0xe1, 0x41, 0x1c,
  140. 0x68, 0x04, 0x65, 0x55, 0x2a, 0xa6, 0xc4, 0x05,
  141. 0xb7, 0x76, 0x4d, 0x5e, 0x87, 0xbe, 0xa8, 0x5a,
  142. 0xd0, 0x0f, 0x84, 0x49, 0xed, 0x8f, 0x72, 0xd0,
  143. 0xd6, 0x62, 0xab, 0x05, 0x26, 0x91, 0xca, 0x66,
  144. 0x42, 0x4b, 0xc8, 0x6d, 0x2d, 0xf8, 0x0e, 0xa4,
  145. 0x1f, 0x43, 0xab, 0xf9, 0x37, 0xd3, 0x25, 0x9d,
  146. 0xc4, 0xb2, 0xd0, 0xdf, 0xb4, 0x8a, 0x6c, 0x91,
  147. 0x39, 0xdd, 0xd7, 0xf7, 0x69, 0x66, 0xe9, 0x28,
  148. 0xe6, 0x35, 0x55, 0x3b, 0xa7, 0x6c, 0x5c, 0x87,
  149. 0x9d, 0x7b, 0x35, 0xd4, 0x9e, 0xb2, 0xe6, 0x2b,
  150. 0x08, 0x71, 0xcd, 0xac, 0x63, 0x89, 0x39, 0xe2,
  151. 0x5e, 0x8a, 0x1e, 0x0e, 0xf9, 0xd5, 0x28, 0x0f,
  152. 0xa8, 0xca, 0x32, 0x8b, 0x35, 0x1c, 0x3c, 0x76,
  153. 0x59, 0x89, 0xcb, 0xcf, 0x3d, 0xaa, 0x8b, 0x6c,
  154. 0xcc, 0x3a, 0xaf, 0x9f, 0x39, 0x79, 0xc9, 0x2b,
  155. 0x37, 0x20, 0xfc, 0x88, 0xdc, 0x95, 0xed, 0x84,
  156. 0xa1, 0xbe, 0x05, 0x9c, 0x64, 0x99, 0xb9, 0xfd,
  157. 0xa2, 0x36, 0xe7, 0xe8, 0x18, 0xb0, 0x4b, 0x0b,
  158. 0xc3, 0x9c, 0x1e, 0x87, 0x6b, 0x19, 0x3b, 0xfe,
  159. 0x55, 0x69, 0x75, 0x3f, 0x88, 0x12, 0x8c, 0xc0,
  160. 0x8a, 0xaa, 0x9b, 0x63, 0xd1, 0xa1, 0x6f, 0x80,
  161. 0xef, 0x25, 0x54, 0xd7, 0x18, 0x9c, 0x41, 0x1f,
  162. 0x58, 0x69, 0xca, 0x52, 0xc5, 0xb8, 0x3f, 0xa3,
  163. 0x6f, 0xf2, 0x16, 0xb9, 0xc1, 0xd3, 0x00, 0x62,
  164. 0xbe, 0xbc, 0xfd, 0x2d, 0xc5, 0xbc, 0xe0, 0x91,
  165. 0x19, 0x34, 0xfd, 0xa7, 0x9a, 0x86, 0xf6, 0xe6,
  166. 0x98, 0xce, 0xd7, 0x59, 0xc3, 0xff, 0x9b, 0x64,
  167. 0x77, 0x33, 0x8f, 0x3d, 0xa4, 0xf9, 0xcd, 0x85,
  168. 0x14, 0xea, 0x99, 0x82, 0xcc, 0xaf, 0xb3, 0x41,
  169. 0xb2, 0x38, 0x4d, 0xd9, 0x02, 0xf3, 0xd1, 0xab,
  170. 0x7a, 0xc6, 0x1d, 0xd2, 0x9c, 0x6f, 0x21, 0xba,
  171. 0x5b, 0x86, 0x2f, 0x37, 0x30, 0xe3, 0x7c, 0xfd,
  172. 0xc4, 0xfd, 0x80, 0x6c, 0x22, 0xf2, 0x21,
  173. },
  174. 1,
  175. },
  176. {
  177. []byte{
  178. 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a,
  179. 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0,
  180. 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09,
  181. 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0,
  182. },
  183. []byte{
  184. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  185. 0x00, 0x00, 0x00, 0x02,
  186. },
  187. []byte{
  188. 0x27, 0x54, 0x77, 0x61, 0x73, 0x20, 0x62, 0x72,
  189. 0x69, 0x6c, 0x6c, 0x69, 0x67, 0x2c, 0x20, 0x61,
  190. 0x6e, 0x64, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73,
  191. 0x6c, 0x69, 0x74, 0x68, 0x79, 0x20, 0x74, 0x6f,
  192. 0x76, 0x65, 0x73, 0x0a, 0x44, 0x69, 0x64, 0x20,
  193. 0x67, 0x79, 0x72, 0x65, 0x20, 0x61, 0x6e, 0x64,
  194. 0x20, 0x67, 0x69, 0x6d, 0x62, 0x6c, 0x65, 0x20,
  195. 0x69, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x77,
  196. 0x61, 0x62, 0x65, 0x3a, 0x0a, 0x41, 0x6c, 0x6c,
  197. 0x20, 0x6d, 0x69, 0x6d, 0x73, 0x79, 0x20, 0x77,
  198. 0x65, 0x72, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20,
  199. 0x62, 0x6f, 0x72, 0x6f, 0x67, 0x6f, 0x76, 0x65,
  200. 0x73, 0x2c, 0x0a, 0x41, 0x6e, 0x64, 0x20, 0x74,
  201. 0x68, 0x65, 0x20, 0x6d, 0x6f, 0x6d, 0x65, 0x20,
  202. 0x72, 0x61, 0x74, 0x68, 0x73, 0x20, 0x6f, 0x75,
  203. 0x74, 0x67, 0x72, 0x61, 0x62, 0x65, 0x2e,
  204. },
  205. []byte{
  206. 0x62, 0xe6, 0x34, 0x7f, 0x95, 0xed, 0x87, 0xa4,
  207. 0x5f, 0xfa, 0xe7, 0x42, 0x6f, 0x27, 0xa1, 0xdf,
  208. 0x5f, 0xb6, 0x91, 0x10, 0x04, 0x4c, 0x0d, 0x73,
  209. 0x11, 0x8e, 0xff, 0xa9, 0x5b, 0x01, 0xe5, 0xcf,
  210. 0x16, 0x6d, 0x3d, 0xf2, 0xd7, 0x21, 0xca, 0xf9,
  211. 0xb2, 0x1e, 0x5f, 0xb1, 0x4c, 0x61, 0x68, 0x71,
  212. 0xfd, 0x84, 0xc5, 0x4f, 0x9d, 0x65, 0xb2, 0x83,
  213. 0x19, 0x6c, 0x7f, 0xe4, 0xf6, 0x05, 0x53, 0xeb,
  214. 0xf3, 0x9c, 0x64, 0x02, 0xc4, 0x22, 0x34, 0xe3,
  215. 0x2a, 0x35, 0x6b, 0x3e, 0x76, 0x43, 0x12, 0xa6,
  216. 0x1a, 0x55, 0x32, 0x05, 0x57, 0x16, 0xea, 0xd6,
  217. 0x96, 0x25, 0x68, 0xf8, 0x7d, 0x3f, 0x3f, 0x77,
  218. 0x04, 0xc6, 0xa8, 0xd1, 0xbc, 0xd1, 0xbf, 0x4d,
  219. 0x50, 0xd6, 0x15, 0x4b, 0x6d, 0xa7, 0x31, 0xb1,
  220. 0x87, 0xb5, 0x8d, 0xfd, 0x72, 0x8a, 0xfa, 0x36,
  221. 0x75, 0x7a, 0x79, 0x7a, 0xc1, 0x88, 0xd1,
  222. },
  223. 42,
  224. },
  225. }
  226. func doTestChaCha20(t *testing.T) {
  227. require := require.New(t)
  228. for i, vec := range rfc7539TestVectors {
  229. buf := make([]byte, len(vec.ciphertext))
  230. chacha20(vec.key, vec.nonce, vec.plaintext, buf, vec.initialCounter)
  231. require.Equal(vec.ciphertext, buf, "Test Vector %d: chacha20(Encrypt)", i)
  232. }
  233. }
  234. func BenchmarkChaCha20(b *testing.B) {
  235. forceDisableHardwareAcceleration()
  236. doBenchmarkChaCha20(b)
  237. if !canAccelerate {
  238. b.Log("Hardware acceleration not supported on this host.")
  239. return
  240. }
  241. mustInitHardwareAcceleration()
  242. doBenchmarkChaCha20(b)
  243. }
  244. func doBenchmarkChaCha20(b *testing.B) {
  245. benchSizes := []int{8, 32, 64, 576, 1536, 4096, 1024768}
  246. impl := "_" + hardwareAccelImpl
  247. for _, sz := range benchSizes {
  248. bn := "ChaCha20" + impl + "_"
  249. sn := fmt.Sprintf("%d", sz)
  250. b.Run(bn+sn, func(b *testing.B) { doBenchmarkChaCha20KeyStream(b, sz) })
  251. }
  252. }
  253. func doBenchmarkChaCha20KeyStream(b *testing.B, sz int) {
  254. var k [chachaKeySize]byte
  255. var n [chachaNonceSize]byte
  256. buf := make([]byte, sz)
  257. b.SetBytes(int64(sz))
  258. b.ResetTimer()
  259. for i := 0; i < b.N; i++ {
  260. chacha20(k[:], n[:], buf, buf, 0)
  261. }
  262. }