kmwebnet/se050-wireguard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

debug: Add debug output for ChaCha20-Poly1305

Browse Source 
Found: TAG mismatch between encrypt and decrypt
- Encrypt produces: b3a7f2c8...
- Decrypt expects: f6e6610c...

Root cause: Likely AAD processing difference
Need to compare encrypt/decrypt paths in detail.

WireGuard tests: 28 passed, 4 failed
This commit is contained in:
km
2026-03-29 05:39:15 +09:00
parent a430accd11
commit 77c6dfbf1a
3 changed files with 64 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/test_debug_wg.c
+54
View File
@@ -0,0 +1,54 @@
#define X25519_SW_TEST 1
#include "se050_wireguard.h"
#include "se050_x25519_sw.h"
#include "se050_chacha20_poly1305.h"
#include <stdio.h>
#include <string.h>
int main() {
printf("=== Debug WireGuard Encrypt/Decrypt ===\n\n");
uint8_t priv[32], peer_pub[32];
for(int i=0; i<32; i++) { priv[i] = i+1; peer_pub[i] = i+2; }
se050_wireguard_session_t session;
se050_wireguard_session_init(&session, priv, peer_pub);
uint8_t ss[32] = {0};
for(int i=0; i<32; i++) ss[i] = i;
se050_wireguard_derive_keys(&session, ss);
printf("Sending key (first 8): ");
for(int i=0; i<8; i++) printf("%02x", session.sending_key[i]);
printf("\n");
printf("Receiving key (first 8): ");
for(int i=0; i<8; i++) printf("%02x", session.receiving_key[i]);
printf("\n\n");
const char *plaintext = "test";
uint8_t encrypted[100];
size_t enc_len;
printf("=== Encrypt ===\n");
int ret = se050_wireguard_encrypt_packet(&session, encrypted, &enc_len, (uint8_t*)plaintext, 4);
printf("Encrypt result: %d\n", ret);
printf("Encrypted length: %zu\n", enc_len);
printf("Encrypted (hex): ");
for(size_t i=0; i<enc_len; i++) printf("%02x", encrypted[i]);
printf("\n\n");
printf("=== Decrypt ===\n");
uint8_t decrypted[100];
size_t dec_len;
ret = se050_wireguard_decrypt_packet(&session, decrypted, &dec_len, encrypted, enc_len);
printf("Decrypt result: %d\n", ret);
printf("Decrypted length: %zu\n", dec_len);
if (ret == 0) {
printf("Decrypted content: %.*s\n", (int)dec_len, decrypted);
} else {
printf("Decrypt FAILED!\n");
}
return 0;
}