// TestKeyGeneration verifies only that the public/secret keys are not the same (ie, not all zeros) // and that they can be successfully passed to the lower-level functions. No other checks are made. func TestKeyGeneration(t *testing.T) { allocSize := 15 + cryptobox.BoxZeroBytes() msg := make([]byte, allocSize) ct := make([]byte, allocSize) pk1, sk1 := NewKeyPair() nonce := NewBoxNonce() if bytes.Equal(pk1, sk1) { t.Fatal("Somehow pk1 and sk1 are the same?!") } sodium.MemZero(msg[:cryptobox.BoxZeroBytes()]) // This just verifies that we can pass the generated keys to the lower level functions directly. r1 := cryptobox.Box(ct, msg, nonce, pk1, sk1) if r1 != 0 { t.Fatal("Crypto box encrypt failed, got ", r1, " expected 0") } t.Log("TestKeyGeneration passed") }
func TestCryptoBox(t *testing.T) { messageSizes := []int{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 63, 64, 65, 95, 96, 97, 127, 128, 129, 1023, 1024, 1025} const maxMessageSize = 1025 + 32 // 32 == Box_ZeroBytes constant msgBuf := make([]byte, maxMessageSize) cypherBuf := make([]byte, maxMessageSize) resultBuf := make([]byte, maxMessageSize) pk1 := make([]byte, BoxPublicKeyBytes()) sk1 := make([]byte, BoxSecretKeyBytes()) pk2 := make([]byte, BoxPublicKeyBytes()) sk2 := make([]byte, BoxSecretKeyBytes()) nonce := make([]byte, BoxNonceBytes()) key := make([]byte, BoxBeforeNmBytes()) BoxKeyPair(pk1, sk1) BoxKeyPair(pk2, sk2) for _, size := range messageSizes { t.Log("Running message size ", size) // These functions require the first MacBytes of the message buffer to be zeros. allocSize := size + BoxZeroBytes() msg := msgBuf[:allocSize] ct := cypherBuf[:allocSize] result := resultBuf[:allocSize] sodium.MemZero(msg[:BoxZeroBytes()]) randombytes.RandomBytes(msg[BoxZeroBytes():]) // Leave first MacBytes() as zeros. randombytes.RandomBytes(nonce) // Basic coverage of standard box/open functions. r1 := Box(ct, msg, nonce, pk1, sk2) if r1 != 0 { t.Fatal("Crypto box encrypt failed, got ", r1, " expected 0") } r2 := BoxOpen(result, ct, nonce, pk2, sk1) if r2 != 0 { t.Fatal("Crypto box open failed, got ", r2, " expected 0") } if !bytes.Equal(msg, result) { t.Fatalf("Byte arrays are not the same, starting bytes are %x, %x, %x, %x vs %x, %x, %x, %x", result[0], result[1], result[2], result[3], msg[0], msg[1], msg[2], msg[3]) } // Re-try using Before/After functions for pre-computing the shared key. r1 = BoxBeforeNm(key, pk1, sk2) if r1 != 0 { t.Fatal("Crypto box before nm failed, got ", r1, " expected 0") } r1 = BoxAfterNm(ct, msg, nonce, key) if r1 != 0 { t.Fatal("Crypto box after nm failed, got ", r1, " expected 0") } r2 = BoxBeforeNm(key, pk2, sk1) if r2 != 0 { t.Fatal("Crypto box before nm (call 2) failed, got ", r2, " expected 0") } r2 = BoxOpenAfterNm(result, ct, nonce, key) if r2 != 0 { t.Fatal("Crypto box open after nm failed, got ", r2, " expected 0") } if !bytes.Equal(msg, result) { t.Fatalf("Byte arrays using before/after are not the same, starting bytes are %x, %x, %x, %x vs %x, %x, %x, %x", result[0], result[1], result[2], result[3], msg[0], msg[1], msg[2], msg[3]) } } t.Log("TestBox passed") }