crypto: xchacha20 - fix comments for test vectors

The kernel's ChaCha20 uses the RFC7539 convention of the nonce being 12 bytes rather than 8, so actually I only appended 12 random bytes (not 16) to its test vectors to form 24-byte nonces for the XChaCha20 test vectors. The other 4 bytes were just from zero-padding the stream position to 8 bytes. Fix the comments above the test vectors. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Eric Biggers <ebiggers@google.com> 2018-12-06 16:00:08 -0500
committer: Herbert Xu <herbert@gondor.apana.org.au> 2018-12-13 05:24:59 -0500
commit: 282c14852d00d6d1b8fadf3e01e4180f02ddda84 (patch)
tree: b53a81a4fe030f050facafeaed28f3bdcbb50890
parent: 5569e8c07447344cdc3771378ba4e0da0b94c2a4 (diff)
1 files changed, 6 insertions, 8 deletions
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 357cf4cbcbb1..e8f47d7b92cd 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -32281,8 +32281,9 @@ static const struct cipher_testvec xchacha20_tv_template[] = {
                          "\x57\x78\x8e\x6f\xae\x90\xfc\x31"
                          "\x09\x7c\xfc",
                .len    = 91,
-        }, { /* Taken from the ChaCha20 test vectors, appended 16 random bytes
+        }, { /* Taken from the ChaCha20 test vectors, appended 12 random bytes
-                to nonce, and recomputed the ciphertext with libsodium */
+                to the nonce, zero-padded the stream position from 4 to 8 bytes,
+                and recomputed the ciphertext using libsodium's XChaCha20 */
                .key    = "\x00\x00\x00\x00\x00\x00\x00\x00"
                          "\x00\x00\x00\x00\x00\x00\x00\x00"
                          "\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -32309,8 +32310,7 @@ static const struct cipher_testvec xchacha20_tv_template[] = {
                          "\x03\xdc\xf8\x2b\xc1\xe1\x75\x67"
                          "\x23\x7b\xe6\xfc\xd4\x03\x86\x54",
                .len    = 64,
-        }, { /* Taken from the ChaCha20 test vectors, appended 16 random bytes
+        }, { /* Derived from a ChaCha20 test vector, via the process above */
-                to nonce, and recomputed the ciphertext with libsodium */
                .key    = "\x00\x00\x00\x00\x00\x00\x00\x00"
                          "\x00\x00\x00\x00\x00\x00\x00\x00"
                          "\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -32419,8 +32419,7 @@ static const struct cipher_testvec xchacha20_tv_template[] = {
                .np     = 3,
                .tap    = { 375 - 20, 4, 16 },
-        }, { /* Taken from the ChaCha20 test vectors, appended 16 random bytes
+        }, { /* Derived from a ChaCha20 test vector, via the process above */
-                to nonce, and recomputed the ciphertext with libsodium */
                .key    = "\x1c\x92\x40\xa5\xeb\x55\xd3\x8a"
                          "\xf3\x33\x88\x86\x04\xf6\xb5\xf0"
                          "\x47\x39\x17\xc1\x40\x2b\x80\x09"
@@ -32463,8 +32462,7 @@ static const struct cipher_testvec xchacha20_tv_template[] = {
                          "\x65\x03\xfa\x45\xf7\x9e\x53\x7a"
                          "\x99\xf1\x82\x25\x4f\x8d\x07",
                .len    = 127,
-        }, { /* Taken from the ChaCha20 test vectors, appended 16 random bytes
+        }, { /* Derived from a ChaCha20 test vector, via the process above */
-                to nonce, and recomputed the ciphertext with libsodium */
                .key    = "\x1c\x92\x40\xa5\xeb\x55\xd3\x8a"
                          "\xf3\x33\x88\x86\x04\xf6\xb5\xf0"
                          "\x47\x39\x17\xc1\x40\x2b\x80\x09"
author	Eric Biggers <ebiggers@google.com>	2018-12-06 16:00:08 -0500
committer	Herbert Xu <herbert@gondor.apana.org.au>	2018-12-13 05:24:59 -0500
commit	282c14852d00d6d1b8fadf3e01e4180f02ddda84 (patch)
tree	b53a81a4fe030f050facafeaed28f3bdcbb50890
parent	5569e8c07447344cdc3771378ba4e0da0b94c2a4 (diff)