src/cypherpunks.ru/gogost/gost28147/ctr_test.go

   1 // GoGOST -- Pure Go GOST cryptographic functions library
   2 // Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
   3 //
   4 // This program is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // This program is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 package gost28147
  18
  19 import (
  20         "bytes"
  21         "crypto/cipher"
  22         "crypto/rand"
  23         "testing"
  24         "testing/quick"
  25 )
  26
  27 func TestCTRGCL3Vector(t *testing.T) {
  28         sbox := &SboxIdGost2814789TestParamSet
  29         key := []byte{
  30                 0x04, 0x75, 0xf6, 0xe0, 0x50, 0x38, 0xfb, 0xfa,
  31                 0xd2, 0xc7, 0xc3, 0x90, 0xed, 0xb3, 0xca, 0x3d,
  32                 0x15, 0x47, 0x12, 0x42, 0x91, 0xae, 0x1e, 0x8a,
  33                 0x2f, 0x79, 0xcd, 0x9e, 0xd2, 0xbc, 0xef, 0xbd,
  34         }
  35         plaintext := []byte{
  36                 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
  37                 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
  38                 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10,
  39                 0x1f, 0x1e, 0x1d, 0x1c, 0x1b, 0x1a, 0x19, 0x18,
  40                 0x27, 0x26, 0x25, 0x24, 0x23, 0x22, 0x21, 0x20,
  41                 0x2f, 0x2e, 0x2d, 0x2c, 0x2b, 0x2a, 0x29, 0x28,
  42                 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30,
  43                 0x3f, 0x3e, 0x3d, 0x3c, 0x3b, 0x3a, 0x39, 0x38,
  44                 0x47, 0x46, 0x45, 0x44, 0x43, 0x42, 0x41, 0x40,
  45                 0x4f, 0x4e, 0x4d, 0x4c, 0x4b, 0x4a, 0x49, 0x48,
  46                 0x57, 0x56, 0x55, 0x54, 0x53, 0x52, 0x51, 0x50,
  47                 0x5f, 0x5e, 0x5d, 0x5c, 0x5b, 0x5a, 0x59, 0x58,
  48                 0x67, 0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x60,
  49                 0x6f, 0x6e, 0x6d, 0x6c, 0x6b, 0x6a, 0x69, 0x68,
  50                 0x77, 0x76, 0x75, 0x74, 0x73, 0x72, 0x71, 0x70,
  51                 0x7f, 0x7e, 0x7d, 0x7c, 0x7b, 0x7a, 0x79, 0x78,
  52                 0x87, 0x86, 0x85, 0x84, 0x83, 0x82, 0x81, 0x80,
  53                 0x8f, 0x8e, 0x8d, 0x8c, 0x8b, 0x8a, 0x89, 0x88,
  54                 0x97, 0x96, 0x95, 0x94, 0x93, 0x92, 0x91, 0x90,
  55                 0x9f, 0x9e, 0x9d, 0x9c, 0x9b, 0x9a, 0x99, 0x98,
  56                 0xa7, 0xa6, 0xa5, 0xa4, 0xa3, 0xa2, 0xa1, 0xa0,
  57                 0xaf, 0xae, 0xad, 0xac, 0xab, 0xaa, 0xa9, 0xa8,
  58                 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0,
  59                 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
  60                 0xc7, 0xc6, 0xc5, 0xc4, 0xc3, 0xc2, 0xc1, 0xc0,
  61                 0xcf, 0xce, 0xcd, 0xcc, 0xcb, 0xca, 0xc9, 0xc8,
  62                 0xd7, 0xd6, 0xd5, 0xd4, 0xd3, 0xd2, 0xd1, 0xd0,
  63                 0xdf, 0xde, 0xdd, 0xdc, 0xdb, 0xda, 0xd9, 0xd8,
  64                 0xe7, 0xe6, 0xe5, 0xe4, 0xe3, 0xe2, 0xe1, 0xe0,
  65                 0xef, 0xee, 0xed, 0xec, 0xeb, 0xea, 0xe9, 0xe8,
  66                 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
  67                 0xff, 0xfe, 0xfd, 0xfc, 0xfb,
  68         }
  69         ciphertext := []byte{
  70                 0x4a, 0x5e, 0x37, 0x6c, 0xa1, 0x12, 0xd3, 0x55,
  71                 0x09, 0x13, 0x1a, 0x21, 0xac, 0xfb, 0xb2, 0x1e,
  72                 0x8c, 0x24, 0x9b, 0x57, 0x20, 0x68, 0x46, 0xd5,
  73                 0x23, 0x2a, 0x26, 0x35, 0x12, 0x56, 0x5c, 0x69,
  74                 0x2a, 0x2f, 0xd1, 0xab, 0xbd, 0x45, 0xdc, 0x3a,
  75                 0x1a, 0xa4, 0x57, 0x64, 0xd5, 0xe4, 0x69, 0x6d,
  76                 0xb4, 0x8b, 0xf1, 0x54, 0x78, 0x3b, 0x10, 0x8f,
  77                 0x7a, 0x4b, 0x32, 0xe0, 0xe8, 0x4c, 0xbf, 0x03,
  78                 0x24, 0x37, 0x95, 0x6a, 0x55, 0xa8, 0xce, 0x6f,
  79                 0x95, 0x62, 0x12, 0xf6, 0x79, 0xe6, 0xf0, 0x1b,
  80                 0x86, 0xef, 0x36, 0x36, 0x05, 0xd8, 0x6f, 0x10,
  81                 0xa1, 0x41, 0x05, 0x07, 0xf8, 0xfa, 0xa4, 0x0b,
  82                 0x17, 0x2c, 0x71, 0xbc, 0x8b, 0xcb, 0xcf, 0x3d,
  83                 0x74, 0x18, 0x32, 0x0b, 0x1c, 0xd2, 0x9e, 0x75,
  84                 0xba, 0x3e, 0x61, 0xe1, 0x61, 0x96, 0xd0, 0xee,
  85                 0x8f, 0xf2, 0x9a, 0x5e, 0xb7, 0x7a, 0x15, 0xaa,
  86                 0x4e, 0x1e, 0x77, 0x7c, 0x99, 0xe1, 0x41, 0x13,
  87                 0xf4, 0x60, 0x39, 0x46, 0x4c, 0x35, 0xde, 0x95,
  88                 0xcc, 0x4f, 0xd5, 0xaf, 0xd1, 0x4d, 0x84, 0x1a,
  89                 0x45, 0xc7, 0x2a, 0xf2, 0x2c, 0xc0, 0xb7, 0x94,
  90                 0xa3, 0x08, 0xb9, 0x12, 0x96, 0xb5, 0x97, 0x99,
  91                 0x3a, 0xb7, 0x0c, 0x14, 0x56, 0xb9, 0xcb, 0x49,
  92                 0x44, 0xa9, 0x93, 0xa9, 0xfb, 0x19, 0x10, 0x8c,
  93                 0x6a, 0x68, 0xe8, 0x7b, 0x06, 0x57, 0xf0, 0xef,
  94                 0x88, 0x44, 0xa6, 0xd2, 0x98, 0xbe, 0xd4, 0x07,
  95                 0x41, 0x37, 0x45, 0xa6, 0x71, 0x36, 0x76, 0x69,
  96                 0x4b, 0x75, 0x15, 0x33, 0x90, 0x29, 0x6e, 0x33,
  97                 0xcb, 0x96, 0x39, 0x78, 0x19, 0x2e, 0x96, 0xf3,
  98                 0x49, 0x4c, 0x89, 0x3d, 0xa1, 0x86, 0x82, 0x00,
  99                 0xce, 0xbd, 0x54, 0x29, 0x65, 0x00, 0x1d, 0x16,
 100                 0x13, 0xc3, 0xfe, 0x1f, 0x8c, 0x55, 0x63, 0x09,
 101                 0x1f, 0xcd, 0xd4, 0x28, 0xca,
 102         }
 103         iv := []byte{0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}
 104         c := NewCipher(key, sbox)
 105         ctr := c.NewCTR(iv)
 106         tmp := make([]byte, len(plaintext))
 107         ctr.XORKeyStream(tmp, plaintext)
 108         if bytes.Compare(tmp, ciphertext) != 0 {
 109                 t.Fail()
 110         }
 111         ctr = c.NewCTR(iv)
 112         ctr.XORKeyStream(tmp, tmp)
 113         if bytes.Compare(tmp, plaintext) != 0 {
 114                 t.Fail()
 115         }
 116 }
 117
 118 func TestCTRGCL2Vector(t *testing.T) {
 119         sbox := &SboxIdGost2814789TestParamSet
 120         key := []byte{
 121                 0xfc, 0x7a, 0xd2, 0x88, 0x6f, 0x45, 0x5b, 0x50,
 122                 0xd2, 0x90, 0x08, 0xfa, 0x62, 0x2b, 0x57, 0xd5,
 123                 0xc6, 0x5b, 0x3c, 0x63, 0x72, 0x02, 0x02, 0x57,
 124                 0x99, 0xca, 0xdf, 0x07, 0x68, 0x51, 0x9e, 0x8a,
 125         }
 126         plaintext := []byte{
 127                 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
 128                 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
 129                 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10,
 130                 0x1f, 0x1e, 0x1d, 0x1c, 0x1b, 0x1a, 0x19, 0x18,
 131                 0x27, 0x26, 0x25, 0x24, 0x23, 0x22, 0x21, 0x20,
 132                 0x2f, 0x2e, 0x2d, 0x2c, 0x2b, 0x2a, 0x29, 0x28,
 133                 0xff, 0xfe, 0xfd, 0xfc, 0xfb,
 134         }
 135         ciphertext := []byte{
 136                 0xd0, 0xbe, 0x60, 0x1a, 0x2c, 0xf1, 0x90, 0x26,
 137                 0x9b, 0x7b, 0x23, 0xb4, 0xd2, 0xcc, 0xe1, 0x15,
 138                 0xf6, 0x05, 0x57, 0x28, 0x88, 0x75, 0xeb, 0x1e,
 139                 0xd3, 0x62, 0xdc, 0xda, 0x9b, 0x62, 0xee, 0x9a,
 140                 0x57, 0x87, 0x8a, 0xf1, 0x82, 0x37, 0x9c, 0x7f,
 141                 0x13, 0xcc, 0x55, 0x38, 0xb5, 0x63, 0x32, 0xc5,
 142                 0x23, 0xa4, 0xcb, 0x7d, 0x51,
 143         }
 144         var iv [8]byte
 145         c := NewCipher(key, sbox)
 146         ctr := c.NewCTR(iv[:])
 147         tmp := make([]byte, len(plaintext))
 148         ctr.XORKeyStream(tmp, plaintext)
 149         if bytes.Compare(tmp, ciphertext) != 0 {
 150                 t.Fail()
 151         }
 152         ctr = c.NewCTR(iv[:])
 153         ctr.XORKeyStream(tmp, tmp)
 154         if bytes.Compare(tmp, plaintext) != 0 {
 155                 t.Fail()
 156         }
 157 }
 158
 159 func TestCTRRandom(t *testing.T) {
 160         f := func(key [KeySize]byte, iv [BlockSize]byte, pt []byte) bool {
 161                 if len(pt) == 0 {
 162                         return true
 163                 }
 164                 c := NewCipher(key[:], SboxDefault)
 165                 tmp := make([]byte, len(pt))
 166                 ctr := c.NewCTR(iv[:])
 167                 ctr.XORKeyStream(tmp, pt[:])
 168                 ctr = c.NewCTR(iv[:])
 169                 ctr.XORKeyStream(tmp, tmp)
 170                 return bytes.Compare(tmp, pt) == 0
 171         }
 172         if err := quick.Check(f, nil); err != nil {
 173                 t.Error(err)
 174         }
 175 }
 176 func TestCTRInterface(t *testing.T) {
 177         var key [KeySize]byte
 178         var iv [8]byte
 179         c := NewCipher(key[:], SboxDefault)
 180         var _ cipher.Stream = c.NewCTR(iv[:])
 181 }
 182
 183 func BenchmarkCTR(b *testing.B) {
 184         key := make([]byte, KeySize)
 185         iv := make([]byte, BlockSize)
 186         rand.Read(key)
 187         rand.Read(iv)
 188         dst := make([]byte, BlockSize)
 189         src := make([]byte, BlockSize)
 190         rand.Read(src)
 191         c := NewCipher(key, SboxDefault)
 192         ctr := c.NewCTR(iv)
 193         b.ResetTimer()
 194         for i := 0; i < b.N; i++ {
 195                 ctr.XORKeyStream(dst, src)
 196         }
 197 }