diff options
author | Pieter Wuille <pieter@wuille.net> | 2022-09-21 16:42:19 -0400 |
---|---|---|
committer | Pieter Wuille <pieter@wuille.net> | 2023-01-30 18:12:21 -0500 |
commit | 12ff72476ac0dbf8add736ad3fb5fad2eeab156c (patch) | |
tree | d86e67e53e160db5819786b46bf903edd15f2402 /src/test/crypto_tests.cpp | |
parent | 6babf402130a8f3ef3058594750aeaa50b8f5044 (diff) | |
download | bitcoin-12ff72476ac0dbf8add736ad3fb5fad2eeab156c.tar.xz |
Make unrestricted ChaCha20 cipher not waste keystream bytes
Co-authored-by: dhruv <856960+dhruv@users.noreply.github.com>
Diffstat (limited to 'src/test/crypto_tests.cpp')
-rw-r--r-- | src/test/crypto_tests.cpp | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/test/crypto_tests.cpp b/src/test/crypto_tests.cpp index 48a46258b0..ae2aa46d50 100644 --- a/src/test/crypto_tests.cpp +++ b/src/test/crypto_tests.cpp @@ -500,6 +500,24 @@ BOOST_AUTO_TEST_CASE(chacha20_testvector) "fab78c9"); } +BOOST_AUTO_TEST_CASE(chacha20_midblock) +{ + auto key = ParseHex("0000000000000000000000000000000000000000000000000000000000000000"); + ChaCha20 c20{key.data(), 32}; + // get one block of keystream + unsigned char block[64]; + c20.Keystream(block, CHACHA20_ROUND_OUTPUT); + unsigned char b1[5], b2[7], b3[52]; + c20 = ChaCha20{key.data(), 32}; + c20.Keystream(b1, 5); + c20.Keystream(b2, 7); + c20.Keystream(b3, 52); + + BOOST_CHECK_EQUAL(0, memcmp(b1, block, 5)); + BOOST_CHECK_EQUAL(0, memcmp(b2, block + 5, 7)); + BOOST_CHECK_EQUAL(0, memcmp(b3, block + 12, 52)); +} + BOOST_AUTO_TEST_CASE(poly1305_testvector) { // RFC 7539, section 2.5.2. |