diff --git a/ctaocrypt/src/chacha.c b/ctaocrypt/src/chacha.c index 2ea74082b..9fc8e7be1 100644 --- a/ctaocrypt/src/chacha.c +++ b/ctaocrypt/src/chacha.c @@ -80,13 +80,16 @@ int Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter) word32 temp[3]; /* used for alignment of memory */ XMEMSET(temp, 0, 12); + if (ctx == NULL) + return BAD_FUNC_ARG; + #ifdef CHACHA_AEAD_TEST - int k; + word32 i; printf("NONCE : "); - for (k = 0; k < 12; k++) { - printf("%02x", nonce[k]); + for (i = 0; i < 12; i++) { + printf("%02x", inIv[i]); } - printf("\n"); + printf("\n\n"); #endif XMEMCPY(temp, inIv, 12); @@ -130,12 +133,14 @@ int Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz) #endif /* XSTREAM_ALIGN */ #ifdef CHACHA_AEAD_TEST - int k; - printf("ChaCha key used : "); - for (k = 0; k < keySz; k++) { - printf("%02x", key[k]); + word32 i; + printf("ChaCha key used :\n"); + for (i = 0; i < keySz; i++) { + printf("%02x", key[i]); + if ((i + 1) % 8 == 0) + printf("\n"); } - printf("\n"); + printf("\n\n"); #endif ctx->X[4] = U8TO32_LITTLE(k + 0); diff --git a/ctaocrypt/src/poly1305.c b/ctaocrypt/src/poly1305.c index a2d5fd499..c73a9cb49 100644 --- a/ctaocrypt/src/poly1305.c +++ b/ctaocrypt/src/poly1305.c @@ -37,18 +37,15 @@ #else #include #endif +#ifdef CHACHA_AEAD_TEST + #include +#endif #ifdef _MSC_VER /* 4127 warning constant while(1) */ #pragma warning(disable: 4127) #endif -#ifdef BIG_ENDIAN_ORDER - #define LITTLE32(x) ByteReverseWord32(x) -#else - #define LITTLE32(x) (x) -#endif - #if defined(POLY130564) #if defined(_MSC_VER) @@ -254,14 +251,17 @@ static void poly1305_blocks(Poly1305* ctx, const unsigned char *m, int Poly1305SetKey(Poly1305* ctx, const byte* key, word32 keySz) { - if (keySz != 32) - return 1; + if (keySz != 32 || ctx == NULL) + return BAD_FUNC_ARG; #ifdef CHACHA_AEAD_TEST - int k; - printf("Poly key used: "); - for (k = 0; k < keySz; k++) + word32 k; + printf("Poly key used:\n"); + for (k = 0; k < keySz; k++) { printf("%02x", key[k]); + if ((k+1) % 8 == 0) + printf("\n"); + } printf("\n"); #endif @@ -319,6 +319,9 @@ int Poly1305SetKey(Poly1305* ctx, const byte* key, word32 keySz) { int Poly1305Final(Poly1305* ctx, byte* mac) { + if (ctx == NULL) + return BAD_FUNC_ARG; + #if defined(POLY130564) word64 h0,h1,h2,c; @@ -484,11 +487,17 @@ int Poly1305Final(Poly1305* ctx, byte* mac) { int Poly1305Update(Poly1305* ctx, const byte* m, word32 bytes) { + if (ctx == NULL) + return BAD_FUNC_ARG; + #ifdef CHACHA_AEAD_TEST - int k; - printf("Raw input to poly: "); - for (k = 0; k < bytes; k++) + word32 k; + printf("Raw input to poly:\n"); + for (k = 0; k < bytes; k++) { printf("%02x", m[k]); + if ((k+1) % 16 == 0) + printf("\n"); + } printf("\n"); #endif size_t i; diff --git a/src/internal.c b/src/internal.c index 0500f64d2..24c4a70a3 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4891,7 +4891,7 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) byte nonce[AEAD_NONCE_SZ]; byte cipher[32]; /* generated key for poly1305 */ int padding2 = (sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size) - + (sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size) % 16; + +(16 - (sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size) % 16); byte p[CHACHA20_BLOCK_SIZE + padding2 + 16]; XMEMSET(tag, 0, ssl->specs.aead_mac_size); @@ -4920,7 +4920,7 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) for (i = 0; i < CHACHA20_BLOCK_SIZE; i++) { printf("%02x", additional[i]); } - printf("\n"); + printf("\n\n"); #endif /* get nonce using implicit and explicit IV */ @@ -4975,9 +4975,11 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) XMEMSET(nonce, 0, AEAD_NONCE_SZ); #ifdef CHACHA_AEAD_TEST - printf("output after encrypt : "); + printf("output after encrypt :\n"); for (i = 0; i < sz; i++) { printf("%02x", out[i]); + if ((i + 1) % 16 == 0) + printf("\n"); } printf("\n"); #endif @@ -5138,7 +5140,7 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, byte tag[16]; byte cipher[32]; int padding2 = (sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size) - + (sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size) % 16; + +(16 - (sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size) % 16); byte p[CHACHA20_BLOCK_SIZE + padding2 + 16]; int i, ret; @@ -5172,7 +5174,7 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, for (i = 0; i < CHACHA20_BLOCK_SIZE; i++) { printf("%02x", additional[i]); } - printf("\n"); + printf("\n\n"); #endif /* set nonce and get poly1305 key */ @@ -5229,9 +5231,11 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, ssl->specs.aead_mac_size); #ifdef CHACHA_AEAD_TEST - printf("plain after decrypt : "); + printf("plain after decrypt :\n"); for (i = 0; i < sz; i++) { printf("%02x", plain[i]); + if ((i + 1) % 16 == 0) + printf("\n"); } printf("\n"); #endif diff --git a/tests/test.conf b/tests/test.conf index 71735d2cd..83d70aacd 100644 --- a/tests/test.conf +++ b/tests/test.conf @@ -349,6 +349,17 @@ -l ECDHE-ECDSA-RC4-SHA -A ./certs/server-ecc.pem +# server TLSv1.1 ECDHE-EDCSA-CHACHA20-POLY1305 +#-v 2 +#-l ECDHE-ECDSA-CHACHA20-256-POLY1305-SHA256 +#-c ./certs/server-ecc.pem +#-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDHE-ECDSA-CHACHA20-POLY1305 +#-v 2 +#-l ECDHE-ECDSA-CHACHA20-256-POLY1305-SHA256 +#-A ./certs/server-ecc.pem + # server TLSv1.1 ECDHE-ECDSA-DES3 -v 2 -l ECDHE-ECDSA-DES-CBC3-SHA @@ -718,6 +729,14 @@ -v 3 -l ECDHE-RSA-AES256-SHA384 +# server TLSv1.1 ECDHE-RSA-CHACHA20-POLY1305 +#-v 2 +#-l ECDHE-RSA-CHACHA20-256-POLY1305-SHA256 + +# server TLSv1.1 ECDHE-RSA-CHACHA20-POLY1305 +#-v 2 +#-l ECDHE-RSA-CHACHA20-256-POLY1305-SHA256 + # server TLSv1.2 ECDHE-ECDSA-AES256-SHA384 -v 3 -l ECDHE-ECDSA-AES256-SHA384 @@ -1034,6 +1053,14 @@ -v 1 -l DHE-RSA-AES128-SHA +# server TLSv1 DHE-RSA-CHACHA20-POLY1305 +#-v 1 +#-l DHE-RSA-CHACHA20-256-POLY1305-SHA256 + +# server TLSv1 DHE-RSA-CHACHA20-POLY1305 +#-v 1 +#-l DHE-RSA-CHACHA20-256-POLY1305-SHA256 + # server TLSv1 DHE AES256 -v 1 -l DHE-RSA-AES256-SHA