8
|
1
|
use salsa20::{ |
|
2
|
cipher::{generic_array::GenericArray, NewCipher, StreamCipher}, |
|
3
|
Salsa20, XSalsa20, |
|
4
|
}; |
|
5
|
const KEY_BYTES: usize = 32; |
|
6
|
const IV_BYTES: usize = 8; |
|
7
|
const IV_BYTES_XSALSA20: usize = 24; |
|
8
|
const IV_XSALSA20: [u8; IV_BYTES_XSALSA20] = *b"24-byte nonce for xsalsa"; |
|
9
|
const KEY_XSALSA20: [u8; KEY_BYTES] = *b"this is 32-byte key for xsalsa20"; |
|
10
|
const IV0: [u8; IV_BYTES] = [0; IV_BYTES]; |
|
11
|
const IV1: [u8; IV_BYTES] = [0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; |
|
12
|
const IVHI: [u8; IV_BYTES] = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01]; |
|
13
|
|
|
14
|
const KEY0: [u8; KEY_BYTES] = [ |
67
|
15
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
16
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
17
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
8
|
18
|
]; |
|
19
|
|
|
20
|
const KEY1: [u8; KEY_BYTES] = [ |
67
|
21
|
0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
22
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
23
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
8
|
24
|
]; |
|
25
|
|
|
26
|
const EXPECTED_KEY1_IV0: [u8; 64] = [ |
67
|
27
|
0xe3, 0xbe, 0x8f, 0xdd, 0x8b, 0xec, 0xa2, 0xe3, 0xea, 0x8e, 0xf9, 0x47, 0x5b, |
|
28
|
0x29, 0xa6, 0xe7, 0x00, 0x39, 0x51, 0xe1, 0x09, 0x7a, 0x5c, 0x38, 0xd2, 0x3b, |
|
29
|
0x7a, 0x5f, 0xad, 0x9f, 0x68, 0x44, 0xb2, 0x2c, 0x97, 0x55, 0x9e, 0x27, 0x23, |
|
30
|
0xc7, 0xcb, 0xbd, 0x3f, 0xe4, 0xfc, 0x8d, 0x9a, 0x07, 0x44, 0x65, 0x2a, 0x83, |
|
31
|
0xe7, 0x2a, 0x9c, 0x46, 0x18, 0x76, 0xaf, 0x4d, 0x7e, 0xf1, 0xa1, 0x17, |
8
|
32
|
]; |
|
33
|
|
|
34
|
const EXPECTED_KEY0_IV1: [u8; 64] = [ |
67
|
35
|
0x2a, 0xba, 0x3d, 0xc4, 0x5b, 0x49, 0x47, 0x00, 0x7b, 0x14, 0xc8, 0x51, 0xcd, |
|
36
|
0x69, 0x44, 0x56, 0xb3, 0x03, 0xad, 0x59, 0xa4, 0x65, 0x66, 0x28, 0x03, 0x00, |
|
37
|
0x67, 0x05, 0x67, 0x3d, 0x6c, 0x3e, 0x29, 0xf1, 0xd3, 0x51, 0x0d, 0xfc, 0x04, |
|
38
|
0x05, 0x46, 0x3c, 0x03, 0x41, 0x4e, 0x0e, 0x07, 0xe3, 0x59, 0xf1, 0xf1, 0x81, |
|
39
|
0x6c, 0x68, 0xb2, 0x43, 0x4a, 0x19, 0xd3, 0xee, 0xe0, 0x46, 0x48, 0x73, |
8
|
40
|
]; |
|
41
|
|
|
42
|
const EXPECTED_KEY0_IVHI: [u8; 64] = [ |
67
|
43
|
0xb4, 0x7f, 0x96, 0xaa, 0x96, 0x78, 0x61, 0x35, 0x29, 0x7a, 0x3c, 0x4e, 0xc5, |
|
44
|
0x6a, 0x61, 0x3d, 0x0b, 0x80, 0x09, 0x53, 0x24, 0xff, 0x43, 0x23, 0x9d, 0x68, |
|
45
|
0x4c, 0x57, 0xff, 0xe4, 0x2e, 0x1c, 0x44, 0xf3, 0xcc, 0x01, 0x16, 0x13, 0xdb, |
|
46
|
0x6c, 0xdc, 0x88, 0x09, 0x99, 0xa1, 0xe6, 0x5a, 0xed, 0x12, 0x87, 0xfc, 0xb1, |
|
47
|
0x1c, 0x83, 0x9c, 0x37, 0x12, 0x07, 0x65, 0xaf, 0xa7, 0x3e, 0x50, 0x75, |
8
|
48
|
]; |
|
49
|
|
|
50
|
const EXPECTED_XSALSA20_ZEROS: [u8; 64] = [ |
67
|
51
|
0x48, 0x48, 0x29, 0x7f, 0xeb, 0x1f, 0xb5, 0x2f, 0xb6, 0x6d, 0x81, 0x60, 0x9b, |
|
52
|
0xd5, 0x47, 0xfa, 0xbc, 0xbe, 0x70, 0x26, 0xed, 0xc8, 0xb5, 0xe5, 0xe4, 0x49, |
|
53
|
0xd0, 0x88, 0xbf, 0xa6, 0x9c, 0x08, 0x8f, 0x5d, 0x8d, 0xa1, 0xd7, 0x91, 0x26, |
|
54
|
0x7c, 0x2c, 0x19, 0x5a, 0x7f, 0x8c, 0xae, 0x9c, 0x4b, 0x40, 0x50, 0xd0, 0x8c, |
|
55
|
0xe6, 0xd3, 0xa1, 0x51, 0xec, 0x26, 0x5f, 0x3a, 0x58, 0xe4, 0x76, 0x48, |
8
|
56
|
]; |
|
57
|
|
|
58
|
const EXPECTED_XSALSA20_HELLO_WORLD: [u8; 12] = [ |
|
59
|
0x00, 0x2d, 0x45, 0x13, 0x84, 0x3f, 0xc2, 0x40, 0xc4, 0x01, 0xe5, 0x41, |
|
60
|
]; |
|
61
|
|
|
62
|
#[test] |
|
63
|
fn salsa20_key1_iv0() { |
67
|
64
|
let mut cipher = |
|
65
|
Salsa20::new(&GenericArray::from(KEY1), &GenericArray::from(IV0)); |
8
|
66
|
let mut buf = [0; 64]; |
|
67
|
|
|
68
|
cipher.apply_keystream(&mut buf); |
|
69
|
|
|
70
|
for i in 0..64 { |
|
71
|
assert_eq!(buf[i], EXPECTED_KEY1_IV0[i]) |
|
72
|
} |
|
73
|
} |
|
74
|
|
|
75
|
#[test] |
|
76
|
fn salsa20_key0_iv1() { |
67
|
77
|
let mut cipher = |
|
78
|
Salsa20::new(&GenericArray::from(KEY0), &GenericArray::from(IV1)); |
8
|
79
|
let mut buf = [0; 64]; |
|
80
|
|
|
81
|
cipher.apply_keystream(&mut buf); |
|
82
|
|
|
83
|
for i in 0..64 { |
|
84
|
assert_eq!(buf[i], EXPECTED_KEY0_IV1[i]) |
|
85
|
} |
|
86
|
} |
|
87
|
|
|
88
|
#[test] |
|
89
|
fn salsa20_key0_ivhi() { |
67
|
90
|
let mut cipher = |
|
91
|
Salsa20::new(&GenericArray::from(KEY0), &GenericArray::from(IVHI)); |
8
|
92
|
let mut buf = [0; 64]; |
|
93
|
|
|
94
|
cipher.apply_keystream(&mut buf); |
|
95
|
|
|
96
|
for i in 0..64 { |
|
97
|
assert_eq!(buf[i], EXPECTED_KEY0_IVHI[i]) |
|
98
|
} |
|
99
|
} |
|
100
|
|
|
101
|
#[test] |
|
102
|
fn xsalsa20_encrypt_zeros() { |
|
103
|
let key = GenericArray::from(KEY_XSALSA20); |
|
104
|
let iv = GenericArray::from(IV_XSALSA20); |
|
105
|
|
|
106
|
let mut cipher = XSalsa20::new(&key, &iv); |
|
107
|
let mut buf = [0; 64]; |
|
108
|
cipher.apply_keystream(&mut buf); |
|
109
|
|
|
110
|
for i in 0..64 { |
|
111
|
assert_eq!(buf[i], EXPECTED_XSALSA20_ZEROS[i]); |
|
112
|
} |
|
113
|
} |
|
114
|
|
|
115
|
#[test] |
|
116
|
fn xsalsa20_encrypt_hello_world() { |
|
117
|
let key = GenericArray::from(KEY_XSALSA20); |
|
118
|
let iv = GenericArray::from(IV_XSALSA20); |
|
119
|
|
|
120
|
let mut cipher = XSalsa20::new(&key, &iv); |
|
121
|
let mut buf = *b"Hello world!"; |
|
122
|
cipher.apply_keystream(&mut buf); |
|
123
|
|
|
124
|
assert_eq!(buf, EXPECTED_XSALSA20_HELLO_WORLD); |
|
125
|
} |
|
126
|
|
|
127
|
/// ed-25519 test gen_keypair |
|
128
|
#[test] |
|
129
|
fn gen_keypair() { |
|
130
|
use crate::{PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH}; |
67
|
131
|
// use ed25519::signature::Signature; |
8
|
132
|
use ed25519_dalek::*; |
|
133
|
use hex::FromHex; |
67
|
134
|
let secret_key: &[u8] = |
|
135
|
b"833fe62409237b9d62ec77587520911e9a759cec1d19755b7da901b96dca3d42"; |
|
136
|
let public_key: &[u8] = |
|
137
|
b"ec172b93ad5e563bf4932c70e1245034c35467ef2efd4d64ebf819683467e2bf"; |
8
|
138
|
let message: &[u8] = b"616263"; |
|
139
|
let signature: &[u8] = b"98a70222f0b8121aa9d30f813d683f809e462b469c7ff87639499bb94e6dae4131f85042463c2a355a2003d062adf5aaa10b8c61e636062aaad11c2a26083406"; |
|
140
|
|
|
141
|
let sec_bytes: Vec<u8> = FromHex::from_hex(secret_key).unwrap(); |
|
142
|
let pub_bytes: Vec<u8> = FromHex::from_hex(public_key).unwrap(); |
|
143
|
let msg_bytes: Vec<u8> = FromHex::from_hex(message).unwrap(); |
|
144
|
let sig_bytes: Vec<u8> = FromHex::from_hex(signature).unwrap(); |
|
145
|
|
67
|
146
|
let secret: SecretKey = |
|
147
|
SecretKey::from_bytes(&sec_bytes[..SECRET_KEY_LENGTH]).unwrap(); |
|
148
|
let public: PublicKey = |
|
149
|
PublicKey::from_bytes(&pub_bytes[..PUBLIC_KEY_LENGTH]).unwrap(); |
213
|
150
|
let keypair: Keypair = Keypair { secret, public }; |
8
|
151
|
let sig1: Signature = Signature::from_bytes(&sig_bytes[..]).unwrap(); |
|
152
|
let mut prehash_for_signing: Sha512 = Sha512::default(); |
|
153
|
let mut prehash_for_verifying: Sha512 = Sha512::default(); |
|
154
|
prehash_for_signing.update(&msg_bytes[..]); |
|
155
|
prehash_for_verifying.update(&msg_bytes[..]); |
|
156
|
|
67
|
157
|
let sig2: Signature = |
|
158
|
keypair.sign_prehashed(prehash_for_signing, None).unwrap(); |
8
|
159
|
|
|
160
|
assert!( |
|
161
|
sig1 == sig2, |
|
162
|
"Original signature from test vectors doesn't equal signature produced:\ |
|
163
|
\noriginal:\n{:?}\nproduced:\n{:?}", |
|
164
|
sig1, |
|
165
|
sig2 |
|
166
|
); |
|
167
|
assert!( |
|
168
|
keypair |
|
169
|
.verify_prehashed(prehash_for_verifying, None, &sig2) |
|
170
|
.is_ok(), |
|
171
|
"Could not verify ed25519ph signature!" |
|
172
|
); |
|
173
|
} |