• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1// Copyright 2012 The Go Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style
3// license that can be found in the LICENSE file.
4
5package poly1305
6
7import (
8	"bytes"
9	"encoding/hex"
10	"flag"
11	"testing"
12	"unsafe"
13)
14
15var stressFlag = flag.Bool("stress", false, "run slow stress tests")
16
17var testData = []struct {
18	in, k, correct []byte
19}{
20	{
21		[]byte("Hello world!"),
22		[]byte("this is 32-byte key for Poly1305"),
23		[]byte{0xa6, 0xf7, 0x45, 0x00, 0x8f, 0x81, 0xc9, 0x16, 0xa2, 0x0d, 0xcc, 0x74, 0xee, 0xf2, 0xb2, 0xf0},
24	},
25	{
26		make([]byte, 32),
27		[]byte("this is 32-byte key for Poly1305"),
28		[]byte{0x49, 0xec, 0x78, 0x09, 0x0e, 0x48, 0x1e, 0xc6, 0xc2, 0x6b, 0x33, 0xb9, 0x1c, 0xcc, 0x03, 0x07},
29	},
30	{
31		make([]byte, 2007),
32		[]byte("this is 32-byte key for Poly1305"),
33		[]byte{0xda, 0x84, 0xbc, 0xab, 0x02, 0x67, 0x6c, 0x38, 0xcd, 0xb0, 0x15, 0x60, 0x42, 0x74, 0xc2, 0xaa},
34	},
35	{
36		make([]byte, 2007),
37		make([]byte, 32),
38		make([]byte, 16),
39	},
40	{
41		// This test triggers an edge-case. See https://go-review.googlesource.com/#/c/30101/.
42		[]byte{0x81, 0xd8, 0xb2, 0xe4, 0x6a, 0x25, 0x21, 0x3b, 0x58, 0xfe, 0xe4, 0x21, 0x3a, 0x2a, 0x28, 0xe9, 0x21, 0xc1, 0x2a, 0x96, 0x32, 0x51, 0x6d, 0x3b, 0x73, 0x27, 0x27, 0x27, 0xbe, 0xcf, 0x21, 0x29},
43		[]byte{0x3b, 0x3a, 0x29, 0xe9, 0x3b, 0x21, 0x3a, 0x5c, 0x5c, 0x3b, 0x3b, 0x05, 0x3a, 0x3a, 0x8c, 0x0d},
44		[]byte{0x6d, 0xc1, 0x8b, 0x8c, 0x34, 0x4c, 0xd7, 0x99, 0x27, 0x11, 0x8b, 0xbe, 0x84, 0xb7, 0xf3, 0x14},
45	},
46	{
47		// This test generates a result of (2^130-1) % (2^130-5).
48		[]byte{
49			0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
50			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
51			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
52		},
53		[]byte{1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
54		[]byte{4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
55	},
56	{
57		// This test generates a result of (2^130-6) % (2^130-5).
58		[]byte{
59			0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
60			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
61			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
62		},
63		[]byte{1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
64		[]byte{0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
65	},
66	{
67		// This test generates a result of (2^130-5) % (2^130-5).
68		[]byte{
69			0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
70			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
71			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
72		},
73		[]byte{1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
74		[]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
75	},
76}
77
78func testSum(t *testing.T, unaligned bool) {
79	var out [16]byte
80	var key [32]byte
81
82	for i, v := range testData {
83		in := v.in
84		if unaligned {
85			in = unalignBytes(in)
86		}
87		copy(key[:], v.k)
88		Sum(&out, in, &key)
89		if !bytes.Equal(out[:], v.correct) {
90			t.Errorf("%d: expected %x, got %x", i, v.correct, out[:])
91		}
92	}
93}
94
95func TestBurnin(t *testing.T) {
96	// This test can be used to sanity-check significant changes. It can
97	// take about many minutes to run, even on fast machines. It's disabled
98	// by default.
99	if !*stressFlag {
100		t.Skip("skipping without -stress")
101	}
102
103	var key [32]byte
104	var input [25]byte
105	var output [16]byte
106
107	for i := range key {
108		key[i] = 1
109	}
110	for i := range input {
111		input[i] = 2
112	}
113
114	for i := uint64(0); i < 1e10; i++ {
115		Sum(&output, input[:], &key)
116		copy(key[0:], output[:])
117		copy(key[16:], output[:])
118		copy(input[:], output[:])
119		copy(input[16:], output[:])
120	}
121
122	const expected = "5e3b866aea0b636d240c83c428f84bfa"
123	if got := hex.EncodeToString(output[:]); got != expected {
124		t.Errorf("expected %s, got %s", expected, got)
125	}
126}
127
128func TestSum(t *testing.T)          { testSum(t, false) }
129func TestSumUnaligned(t *testing.T) { testSum(t, true) }
130
131func benchmark(b *testing.B, size int, unaligned bool) {
132	var out [16]byte
133	var key [32]byte
134	in := make([]byte, size)
135	if unaligned {
136		in = unalignBytes(in)
137	}
138	b.SetBytes(int64(len(in)))
139	b.ResetTimer()
140	for i := 0; i < b.N; i++ {
141		Sum(&out, in, &key)
142	}
143}
144
145func Benchmark64(b *testing.B)          { benchmark(b, 64, false) }
146func Benchmark1K(b *testing.B)          { benchmark(b, 1024, false) }
147func Benchmark64Unaligned(b *testing.B) { benchmark(b, 64, true) }
148func Benchmark1KUnaligned(b *testing.B) { benchmark(b, 1024, true) }
149
150func unalignBytes(in []byte) []byte {
151	out := make([]byte, len(in)+1)
152	if uintptr(unsafe.Pointer(&out[0]))&(unsafe.Alignof(uint32(0))-1) == 0 {
153		out = out[1:]
154	} else {
155		out = out[:len(in)]
156	}
157	copy(out, in)
158	return out
159}
160