From e8a6b2f55e0abe68960cb6f195c6a30d008f9035 Mon Sep 17 00:00:00 2001
From: Alexander Wagner <alexander.wagner@ulal.de>
Date: Wed, 15 Mar 2023 14:29:19 +0100
Subject: [PATCH] sha3: Add TurboSHAKE tests

Test vectors are from:
https://www.ietf.org/id/draft-irtf-cfrg-kangarootwelve-09.html#name-test-vectors
---
 sha3/tests/data/turboshake128.blb | Bin 0 -> 603 bytes
 sha3/tests/data/turboshake256.blb | Bin 0 -> 964 bytes
 sha3/tests/turboshake.rs          | 108 ++++++++++++++++++++++++++++++
 3 files changed, 108 insertions(+)
 create mode 100644 sha3/tests/data/turboshake128.blb
 create mode 100644 sha3/tests/data/turboshake256.blb
 create mode 100644 sha3/tests/turboshake.rs

diff --git a/sha3/tests/data/turboshake128.blb b/sha3/tests/data/turboshake128.blb
new file mode 100644
index 0000000000000000000000000000000000000000..5f1d64d11efe59cbf2857c124bd83096755a9310
GIT binary patch
literal 603
zcmZSPV1NQfc1AX41_p;HC9BKa);(#9oLPGQymjUec^)*W{bFFi&SGJ!`)jiF8G(u#
z7znBQr_S-*Ao0O02L`e3l_yR~2ut=?@4GU?+p+c2p$NWb${<r5N+&OBP*{9q9dAPX
zHTk%$d1o%w9KNXkVSa_#^r9sRM`HybPE!|PW`Hso7#*YzT?zPO?ZkR<?(+Soq|F0u
zIGDq$j*Hc^{nL5);l1Tkpvf@Bf(~o;dMzzwXR$u_H0tt~R+by0&)NSqy|Z1L8xeG3
z68D5SgknZThbrF}8*i#FYuc%q$jJQRWlHGm>#k1c*Ou@-zPZ87Z5|gwv9O^-Nzhxq
z8wsoWUp${S^UY(GA2*E(-OL1Tl{LuidFOxXpA%d$qno3{sd#z2S0^W(J+%7uDL%#Y
z)Z5=H4<F=oV~v`!+NdbpR0*zFbXB0k%MMBVor3cP&ziVZiac7ByK?W(obLDRS?|_L
zbyl|}H^US&7WgMR%;En%qwd|?wZB5Abhek~a&o7i*(PN6m~Bm$$~{@G?<I_^O#c}i
z`c588Nqx)fm1BC*l&!Egqe}HO>v5k`a!vtKdz;(6(ivIV{{IK6vt^#qy>(uOMBu_n
zUo_V-&*<xS@jj4Xw)o@nOJ}Y}Tm+iN2UG_F3=XU}*QMLW^Lgyn4u8?0xNwDS!LHUx
RRttQDUVMvQ_|tVNBLK4|?REeF

literal 0
HcmV?d00001

diff --git a/sha3/tests/data/turboshake256.blb b/sha3/tests/data/turboshake256.blb
new file mode 100644
index 0000000000000000000000000000000000000000..6c6635314d34688c31086fe326cb0d013b1a59e2
GIT binary patch
literal 964
zcmZSKV1NQfc1AV_uh3|=H$OfG_neQJDth69XMu!h@-pSd;~!42FT1#RUgPuz@4t_n
zy1#2Cz7E<VF~?Hoeg3;ND;t^T-5sjY2iF{CW?*1v1QHGoN>bNNKEFM<k!{yiuA(WE
zMK=fSvRpf3>*hlSg2`)FT@ZlSsxAQ40p&9YHZY`JuDJi?CDR(e?fo@+Q6e9-51#OR
zrnu`_YGwXrlf0bD(t_xnHVmIn^*8TXQu!gXe6>}==jqcnngw^Qda-9ss|(P6sA-If
z4Gc#WOICksn))#IxA{)DHD-IQvd_#oQ1VAravrOJQ_Rt~SMFc2J^cKcr<Abx41>eR
z15PT}HUFJu|Hh5^fA|w6y-x_!gbf=Ql9n#m{~<-~x>S|jJbV3XkAnW&AM9AR)a=cY
zD9^>tHJkTX@i%&&2zd7VOG#BhQvD?Z1IJ^B%?y4zubuSc;eY1|aMKvw92*#dY}ni-
zbUPhC+>MFh+NSG&Xli0&@U-30v*x~L(r!4qU$=SjZnOUf{MSUB7xX-q`^GCWC@=8S
z)M+<VoTR*4w)nzL6I~V9z;IDy;lV{5|5^WfUYPg5)Gf9xq;A)Zm+Sre+Jg(iZL_O4
zaqUb<j@nxCNO9`>x#BXjG#FXD^Yrek>nSsZdRvvBgqg-z;GfvQAQxyd^_tj>(ydd1
zmri-m^{DWa!h<m96J0Z^qqDXszkRO4Z}Mrg>8~k!ym<>A%WpH@P}$;a_-~2U9N)^_
zJ@NC38JV~l7#bLkdw&0|oZ`hKYno~+{r9{3xpVQ;Eq^X{St~YQU_wrY_=$Hy6@E_t
z!yEnn$aJ=MUVS2Z+mlsqi52Gr*{Y^RA~B4tAXEM;-#MEk)*t2K7Ua1i_aI-_YVS)~
zO853FdoXb|%iMmbbJuM7-OF-?2jpv}FSv4e!5L{q#b?{kt+r@ia&qbVZe~VSrvE@=
zihHa5%rAD=E3K6d7JeN5_--vbYnIw#<|D?xOpRTG8oqp8e&svE`z_}Gay3L)A5=fq
z;+n3f^vvpxG$-%6e+=G?tZe`PgA95a+;dmMKufRjiG1o`Er%dRU!E(;_tRzN0=ec+
zJzQI8`d(ebnQNY50m~1wlZ!0go0>B<T(CV?&nEQ2FxqB+G9xP=&>#>18n(H+NA%0G
z7d)5Wq{PphpE6_B^`)~s=E%O&Ea>*{ihQUtb7g*~xl-7_AZ_XC?pk+?Ge!6M{<K#7
P|8%-y-R48bZZZM@$C#YM

literal 0
HcmV?d00001

diff --git a/sha3/tests/turboshake.rs b/sha3/tests/turboshake.rs
new file mode 100644
index 000000000..3d08df196
--- /dev/null
+++ b/sha3/tests/turboshake.rs
@@ -0,0 +1,108 @@
+use core::{convert::TryInto, fmt::Debug};
+use digest::ExtendableOutput;
+
+pub(crate) fn turbo_shake_test<D, F>(
+    input: &[u8],
+    output: &[u8],
+    truncate_output: usize,
+    new: F,
+) -> Option<&'static str>
+where
+    D: ExtendableOutput + Debug + Clone,
+    F: Fn() -> D,
+{
+    let mut hasher = new();
+    let mut buf = [0u8; 16 * 1024];
+    let buf = &mut buf[..truncate_output + output.len()];
+    // Test that it works when accepting the message all at once
+    hasher.update(input);
+    let mut hasher2 = hasher.clone();
+    hasher.finalize_xof_into(buf);
+    if &buf[truncate_output..] != output {
+        return Some("whole message");
+    }
+    buf.iter_mut().for_each(|b| *b = 0);
+
+    // Test that it works when accepting the message in chunks
+    for n in 1..core::cmp::min(17, input.len()) {
+        let mut hasher = new();
+        for chunk in input.chunks(n) {
+            hasher.update(chunk);
+            hasher2.update(chunk);
+        }
+        hasher.finalize_xof_into(buf);
+        if &buf[truncate_output..] != output {
+            return Some("message in chunks");
+        }
+        buf.iter_mut().for_each(|b| *b = 0);
+    }
+
+    None
+}
+
+macro_rules! new_turbo_shake_test {
+    ($name:ident, $test_name:expr, $hasher:ty, $hasher_core:ty, $test_func:ident $(,)?) => {
+        #[test]
+        fn $name() {
+            use digest::dev::blobby::Blob5Iterator;
+            let data = include_bytes!(concat!("data/", $test_name, ".blb"));
+
+            for (i, row) in Blob5Iterator::new(data).unwrap().enumerate() {
+                let [domain_separation, input, input_pattern_length, output, truncate_output] =
+                    row.unwrap();
+
+                let input = if (input_pattern_length.len() == 0) {
+                    input.to_vec()
+                } else if (input.len() == 0) {
+                    let pattern_length =
+                        u64::from_be_bytes(input_pattern_length.try_into().unwrap());
+                    let mut input = Vec::<u8>::new();
+                    for value in 0..pattern_length {
+                        input.push((value % 0xFB).try_into().unwrap());
+                    }
+                    input
+                } else {
+                    panic!(
+                        "\
+                        failed to read tests data\n\
+                         input:\t{:02X?}\n\
+                         input_pattern_length:\t{:02X?}\n",
+                        input, input_pattern_length,
+                    );
+                };
+
+                if let Some(desc) = $test_func(
+                    &input,
+                    output,
+                    u64::from_be_bytes(truncate_output.try_into().unwrap())
+                        .try_into()
+                        .unwrap(),
+                    || <$hasher>::from_core(<$hasher_core>::new(domain_separation[0])),
+                ) {
+                    panic!(
+                        "\n\
+                         Failed test №{}: {}\n\
+                         input:\t{:02X?}\n\
+                         output:\t{:02X?}\n",
+                        i, desc, &input, output,
+                    );
+                }
+            }
+        }
+    };
+}
+
+new_turbo_shake_test!(
+    turboshake128,
+    "turboshake128",
+    sha3::TurboShake128,
+    sha3::TurboShake128Core,
+    turbo_shake_test,
+);
+new_turbo_shake_test!(
+    turboshake256,
+    "turboshake256",
+    sha3::TurboShake256,
+    sha3::TurboShake256Core,
+    turbo_shake_test,
+);