diff options
author | Micah Anderson <micah@riseup.net> | 2014-11-11 11:18:18 -0500 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2014-11-11 11:18:18 -0500 |
commit | c73b6c9ba513fea3e18b696e659049df69931171 (patch) | |
tree | a001cd6acbecead76b9a55f324278e8d077fe3d5 | |
parent | eabdc6e3d62550679476899dd861c23b63937142 (diff) |
update to 1.0.0-1 version of the package
214 files changed, 3698 insertions, 4627 deletions
@@ -63,9 +63,6 @@ crypto_sign/ed25519 Peter Schwabe crypto_stream/aes128ctr Peter Schwabe -crypto_stream/aes256estream Hongjun Wu - Frank Denis - crypto_stream/chacha20 Daniel J. Bernstein crypto_stream/salsa20 Daniel J. Bernstein @@ -1,4 +1,41 @@ +* Version 1.0.0 + - The API and ABI are now stable. New features will be added, but +backward-compatibility is guaranteed through all the 1.x.y releases. + - crypto_sign() properly works with overlapping regions again. Thanks +to @pysiak for reporting this regression introduced in version 0.6.1. + - The test suite has been extended. + +* Version 0.7.1 (1.0 RC2) + - This is the second release candidate of Sodium 1.0. Minor +compilation, readability and portability changes have been made and the +test suite was improved, but the API is the same as the previous release +candidate. + +* Version 0.7.0 (1.0 RC1) + - Allocating memory to store sensitive data can now be done using +sodium_malloc() and sodium_allocarray(). These functions add guard +pages around the protected data to make it less likely to be +accessible in a heartbleed-like scenario. In addition, the protection +for memory regions allocated that way can be changed using +sodium_mprotect_noaccess(), sodium_mprotect_readonly() and +sodium_mprotect_readwrite(). + - ed25519 keys can be converted to curve25519 keys with +crypto_sign_ed25519_pk_to_curve25519() and +crypto_sign_ed25519_sk_to_curve25519(). This allows using the same +keys for signature and encryption. + - The seed and the public key can be extracted from an ed25519 key +using crypto_sign_ed25519_sk_to_seed() and crypto_sign_ed25519_sk_to_pk(). + - aes256 was removed. A timing-attack resistant implementation might +be added later, but not before version 1.0 is tagged. + - The crypto_pwhash_scryptxsalsa208sha256_* compatibility layer was +removed. Use crypto_pwhash_scryptsalsa208sha256_*. + - The compatibility layer for implementation-specific functions was +removed. + - Compilation issues with Mingw64 on MSYS (not MSYS2) were fixed. + - crypto_pwhash_scryptsalsa208sha256_STRPREFIX was added: it contains +the prefix produced by crypto_pwhash_scryptsalsa208sha256_str() + * Version 0.6.1 - Important bug fix: when crypto_sign_open() was given a signed message too short to even contain a signature, it was putting an @@ -2,7 +2,7 @@ * Copyright (c) 2013-2014 * Frank Denis <j at pureftpd dot org> * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -2,6 +2,7 @@ @dnaq @joshjdevl @jshahbazi +@lvh @neheb Amit Murthy (@amitmurthy) Bruno Oliveira (@abstractj) @@ -14,11 +15,13 @@ Eric Voskuil (@evoskuil) Gabriel Handford (@gabriel) Jachym Holecek (@freza) Jan de Muijnck-Hughes (@jfdm) +Jason McCampbell (@jasonmccampbell) Jeroen Habraken (@VeXocide) Joseph Abrahamson (@tel) Kenneth Ballenegger (@kballenegger) Michael Gorlick (@mgorlick) Michael Gregorowicz (@mgregoro) +Omar Ayub (@electricFeel) Pedro Paixao (@paixaop) Ruben De Visscher (@rubendv) Samuel Neves (@sneves) diff --git a/builds/msvc/properties/Common.props b/builds/msvc/properties/Common.props index 72588d6..6e10d88 100644 --- a/builds/msvc/properties/Common.props +++ b/builds/msvc/properties/Common.props @@ -14,8 +14,10 @@ <ClCompile> <MultiProcessorCompilation>true</MultiProcessorCompilation> <PreprocessorDefinitions>UNICODE;_UNICODE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <PreprocessorDefinitions>NATIVE_LITTLE_ENDIAN=1;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <PreprocessorDefinitions>inline=__inline;%(PreprocessorDefinitions)</PreprocessorDefinitions> <WarningLevel>Level3</WarningLevel> </ClCompile> </ItemDefinitionGroup> -</Project>
\ No newline at end of file +</Project> diff --git a/builds/msvc/properties/Release.props b/builds/msvc/properties/Release.props index 1c5415b..296dbfe 100644 --- a/builds/msvc/properties/Release.props +++ b/builds/msvc/properties/Release.props @@ -20,10 +20,8 @@ <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion> <MinimalRebuild>false</MinimalRebuild> <Optimization>MaxSpeed</Optimization> - <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions> </ClCompile> <ResourceCompile> - <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions> </ResourceCompile> <Link> <EnableCOMDATFolding>true</EnableCOMDATFolding> @@ -38,4 +36,4 @@ </ClCompile> </ItemDefinitionGroup> -</Project>
\ No newline at end of file +</Project> diff --git a/builds/msvc/version.h b/builds/msvc/version.h index ca13a74..da4fd43 100644 --- a/builds/msvc/version.h +++ b/builds/msvc/version.h @@ -4,10 +4,10 @@ #include "export.h" -#define SODIUM_VERSION_STRING "0.6.1" +#define SODIUM_VERSION_STRING "1.0.0" -#define SODIUM_LIBRARY_VERSION_MAJOR 6 -#define SODIUM_LIBRARY_VERSION_MINOR 1 +#define SODIUM_LIBRARY_VERSION_MAJOR 7 +#define SODIUM_LIBRARY_VERSION_MINOR 2 #ifdef __cplusplus extern "C" { diff --git a/builds/msvc/vs2010/libsodium/libsodium.vcxproj b/builds/msvc/vs2010/libsodium/libsodium.vcxproj index 95b0006..04c8950 100644 --- a/builds/msvc/vs2010/libsodium/libsodium.vcxproj +++ b/builds/msvc/vs2010/libsodium/libsodium.vcxproj @@ -130,7 +130,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_sign_edwards25519sha512batch.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes128ctr.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes256estream.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa20.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa2012.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa208.h" />
@@ -303,14 +302,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\stream_aes128ctr.c" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\types.h" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\xor_afternm_aes128ctr.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-be.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-le.h" />
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256-ctr.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256.h" />
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\stream_aes256estream_api.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\api.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\ecrypt-sync.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\amd64_xmm6\api.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\ref\api.h" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\stream_salsa20_api.c" />
@@ -338,7 +329,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\randombytes\randombytes.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
- <ClCompile Include="..\..\..\..\src\libsodium\sodium\compat.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\runtime.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\utils.c" />
@@ -362,4 +352,4 @@ <Xml Include="..\..\..\..\packaging\nuget\package.xml" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-</Project>
\ No newline at end of file +</Project>
diff --git a/builds/msvc/vs2010/libsodium/libsodium.vcxproj.filters b/builds/msvc/vs2010/libsodium/libsodium.vcxproj.filters index 13805be..438508a 100644 --- a/builds/msvc/vs2010/libsodium/libsodium.vcxproj.filters +++ b/builds/msvc/vs2010/libsodium/libsodium.vcxproj.filters @@ -94,9 +94,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes128ctr.h">
<Filter>include\sodium</Filter>
</ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes256estream.h">
- <Filter>include\sodium</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa20.h">
<Filter>include\sodium</Filter>
</ClInclude>
@@ -154,9 +151,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h">
<Filter>include\sodium</Filter>
</ClInclude>
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256-ctr.c">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_box\curve25519xsalsa20poly1305\ref\after_curve25519xsalsa20poly1305.c">
<Filter>src\crypto_box\curve25519xsalsa20poly1305\ref</Filter>
</ClCompile>
@@ -427,9 +421,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\stream_aes128ctr_api.c">
<Filter>src\crypto_stream\aes128ctr</Filter>
</ClCompile>
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\stream_aes256estream_api.c">
- <Filter>src\crypto_stream\aes256estream</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\stream_salsa20_api.c">
<Filter>src\crypto_stream\salsa20</Filter>
</ClCompile>
@@ -493,9 +484,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_auth\hmacsha512256\cp\verify_hmacsha512256.c">
<Filter>src\crypto_auth\hmacsha512256\cp</Filter>
</ClCompile>
- <ClCompile Include="..\..\..\..\src\libsodium\sodium\compat.c">
- <Filter>src\sodium</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c">
<Filter>src\sodium</Filter>
</ClCompile>
@@ -532,18 +520,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>src\randombytes\sysrandom</Filter>
</ClCompile>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-be.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-le.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_auth\hmacsha512\auth_hmacsha512_api.c">
<Filter>src\crypto_auth\hmacsha512</Filter>
</ClCompile>
@@ -565,9 +541,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt-common.c">
<Filter>src\crypto_pwhash\scryptsalsa208sha256</Filter>
</ClCompile>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\ecrypt-sync.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_sign\ed25519\ref10\fe.h">
<Filter>src\crypto_sign\ed25519\ref10</Filter>
</ClInclude>
@@ -676,9 +649,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\api.h">
<Filter>src\crypto_stream\aes128ctr\portable</Filter>
</ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\api.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_verify\16\ref\api.h">
<Filter>src\crypto_verify\16\ref</Filter>
</ClInclude>
@@ -946,9 +916,6 @@ <Filter Include="src\crypto_stream\aes128ctr">
<UniqueIdentifier>{ca40b775-e025-4359-87ae-02c771c1a222}</UniqueIdentifier>
</Filter>
- <Filter Include="src\crypto_stream\aes256estream">
- <UniqueIdentifier>{afb86556-101b-407c-93f6-db784a9e3f4f}</UniqueIdentifier>
- </Filter>
<Filter Include="src\crypto_stream\salsa20">
<UniqueIdentifier>{91c31952-2f36-418e-aa07-68ed57057d0f}</UniqueIdentifier>
</Filter>
@@ -970,9 +937,6 @@ <Filter Include="src\crypto_stream\salsa2012\ref">
<UniqueIdentifier>{1c006197-b25b-48e8-833f-2dd59a571b9d}</UniqueIdentifier>
</Filter>
- <Filter Include="src\crypto_stream\aes256estream\hongjun">
- <UniqueIdentifier>{3acc42ca-4646-462d-bbac-2a07e9eb30be}</UniqueIdentifier>
- </Filter>
<Filter Include="src\crypto_stream\aes128ctr\portable">
<UniqueIdentifier>{46eb8265-dc41-4289-aa7d-c1918e05cf75}</UniqueIdentifier>
</Filter>
@@ -1111,4 +1075,4 @@ <Filter>src\crypto_aead\chacha20poly1305\sodium</Filter>
</ClCompile>
</ItemGroup>
-</Project>
\ No newline at end of file +</Project>
diff --git a/builds/msvc/vs2010/test/test.vcxproj b/builds/msvc/vs2010/test/test.vcxproj index 2cd94c3..4c8f931 100644 --- a/builds/msvc/vs2010/test/test.vcxproj +++ b/builds/msvc/vs2010/test/test.vcxproj @@ -112,6 +112,9 @@ <ClCompile Include="..\..\..\..\test\default\core6.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\ed25519_convert.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\generichash.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -154,6 +157,9 @@ <ClCompile Include="..\..\..\..\test\default\scalarmult6.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\scalarmult7.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\secretbox.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -184,6 +190,12 @@ <ClCompile Include="..\..\..\..\test\default\sodium_utils.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils2.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils3.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\sodium_version.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -211,4 +223,4 @@ <ClInclude Include="..\..\..\..\test\quirks\windows\windows-quirks.h" /> </ItemGroup> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> -</Project>
\ No newline at end of file +</Project> diff --git a/builds/msvc/vs2010/test/test.vcxproj.filters b/builds/msvc/vs2010/test/test.vcxproj.filters index c0819e8..42b8528 100644 --- a/builds/msvc/vs2010/test/test.vcxproj.filters +++ b/builds/msvc/vs2010/test/test.vcxproj.filters @@ -49,6 +49,9 @@ <ClCompile Include="..\..\..\..\test\default\core6.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\ed25519_convert.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\generichash.c"> <Filter>src</Filter> </ClCompile> @@ -88,6 +91,9 @@ <ClCompile Include="..\..\..\..\test\default\scalarmult6.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\scalarmult7.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\secretbox.c"> <Filter>src</Filter> </ClCompile> @@ -115,6 +121,12 @@ <ClCompile Include="..\..\..\..\test\default\sodium_utils.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils2.c"> + <Filter>src</Filter> + </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils3.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\sodium_version.c"> <Filter>src</Filter> </ClCompile> @@ -159,4 +171,4 @@ <UniqueIdentifier>{5b5af4b5-c6aa-4b30-bdef-074b1bdc43ea}</UniqueIdentifier> </Filter> </ItemGroup> -</Project>
\ No newline at end of file +</Project> diff --git a/builds/msvc/vs2012/libsodium/libsodium.vcxproj b/builds/msvc/vs2012/libsodium/libsodium.vcxproj index f47a042..d6edfc4 100644 --- a/builds/msvc/vs2012/libsodium/libsodium.vcxproj +++ b/builds/msvc/vs2012/libsodium/libsodium.vcxproj @@ -130,7 +130,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_sign_edwards25519sha512batch.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes128ctr.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes256estream.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa20.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa2012.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa208.h" />
@@ -303,14 +302,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\stream_aes128ctr.c" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\types.h" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\xor_afternm_aes128ctr.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-be.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-le.h" />
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256-ctr.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256.h" />
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\stream_aes256estream_api.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\api.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\ecrypt-sync.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\amd64_xmm6\api.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\ref\api.h" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\stream_salsa20_api.c" />
@@ -338,7 +329,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\randombytes\randombytes.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
- <ClCompile Include="..\..\..\..\src\libsodium\sodium\compat.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\runtime.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\utils.c" />
@@ -362,4 +352,4 @@ <Xml Include="..\..\..\..\packaging\nuget\package.xml" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-</Project>
\ No newline at end of file +</Project>
diff --git a/builds/msvc/vs2012/libsodium/libsodium.vcxproj.filters b/builds/msvc/vs2012/libsodium/libsodium.vcxproj.filters index 13805be..438508a 100644 --- a/builds/msvc/vs2012/libsodium/libsodium.vcxproj.filters +++ b/builds/msvc/vs2012/libsodium/libsodium.vcxproj.filters @@ -94,9 +94,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes128ctr.h">
<Filter>include\sodium</Filter>
</ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes256estream.h">
- <Filter>include\sodium</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa20.h">
<Filter>include\sodium</Filter>
</ClInclude>
@@ -154,9 +151,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h">
<Filter>include\sodium</Filter>
</ClInclude>
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256-ctr.c">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_box\curve25519xsalsa20poly1305\ref\after_curve25519xsalsa20poly1305.c">
<Filter>src\crypto_box\curve25519xsalsa20poly1305\ref</Filter>
</ClCompile>
@@ -427,9 +421,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\stream_aes128ctr_api.c">
<Filter>src\crypto_stream\aes128ctr</Filter>
</ClCompile>
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\stream_aes256estream_api.c">
- <Filter>src\crypto_stream\aes256estream</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\stream_salsa20_api.c">
<Filter>src\crypto_stream\salsa20</Filter>
</ClCompile>
@@ -493,9 +484,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_auth\hmacsha512256\cp\verify_hmacsha512256.c">
<Filter>src\crypto_auth\hmacsha512256\cp</Filter>
</ClCompile>
- <ClCompile Include="..\..\..\..\src\libsodium\sodium\compat.c">
- <Filter>src\sodium</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c">
<Filter>src\sodium</Filter>
</ClCompile>
@@ -532,18 +520,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>src\randombytes\sysrandom</Filter>
</ClCompile>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-be.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-le.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_auth\hmacsha512\auth_hmacsha512_api.c">
<Filter>src\crypto_auth\hmacsha512</Filter>
</ClCompile>
@@ -565,9 +541,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt-common.c">
<Filter>src\crypto_pwhash\scryptsalsa208sha256</Filter>
</ClCompile>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\ecrypt-sync.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_sign\ed25519\ref10\fe.h">
<Filter>src\crypto_sign\ed25519\ref10</Filter>
</ClInclude>
@@ -676,9 +649,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\api.h">
<Filter>src\crypto_stream\aes128ctr\portable</Filter>
</ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\api.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_verify\16\ref\api.h">
<Filter>src\crypto_verify\16\ref</Filter>
</ClInclude>
@@ -946,9 +916,6 @@ <Filter Include="src\crypto_stream\aes128ctr">
<UniqueIdentifier>{ca40b775-e025-4359-87ae-02c771c1a222}</UniqueIdentifier>
</Filter>
- <Filter Include="src\crypto_stream\aes256estream">
- <UniqueIdentifier>{afb86556-101b-407c-93f6-db784a9e3f4f}</UniqueIdentifier>
- </Filter>
<Filter Include="src\crypto_stream\salsa20">
<UniqueIdentifier>{91c31952-2f36-418e-aa07-68ed57057d0f}</UniqueIdentifier>
</Filter>
@@ -970,9 +937,6 @@ <Filter Include="src\crypto_stream\salsa2012\ref">
<UniqueIdentifier>{1c006197-b25b-48e8-833f-2dd59a571b9d}</UniqueIdentifier>
</Filter>
- <Filter Include="src\crypto_stream\aes256estream\hongjun">
- <UniqueIdentifier>{3acc42ca-4646-462d-bbac-2a07e9eb30be}</UniqueIdentifier>
- </Filter>
<Filter Include="src\crypto_stream\aes128ctr\portable">
<UniqueIdentifier>{46eb8265-dc41-4289-aa7d-c1918e05cf75}</UniqueIdentifier>
</Filter>
@@ -1111,4 +1075,4 @@ <Filter>src\crypto_aead\chacha20poly1305\sodium</Filter>
</ClCompile>
</ItemGroup>
-</Project>
\ No newline at end of file +</Project>
diff --git a/builds/msvc/vs2012/test/test.vcxproj b/builds/msvc/vs2012/test/test.vcxproj index 65fd4d8..dcde649 100644 --- a/builds/msvc/vs2012/test/test.vcxproj +++ b/builds/msvc/vs2012/test/test.vcxproj @@ -112,6 +112,9 @@ <ClCompile Include="..\..\..\..\test\default\core6.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\ed25519_convert.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\generichash.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -154,6 +157,9 @@ <ClCompile Include="..\..\..\..\test\default\scalarmult6.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\scalarmult7.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\secretbox.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -184,6 +190,12 @@ <ClCompile Include="..\..\..\..\test\default\sodium_utils.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils2.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils3.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\sodium_version.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -211,4 +223,4 @@ <ClInclude Include="..\..\..\..\test\quirks\windows\windows-quirks.h" /> </ItemGroup> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> -</Project>
\ No newline at end of file +</Project> diff --git a/builds/msvc/vs2012/test/test.vcxproj.filters b/builds/msvc/vs2012/test/test.vcxproj.filters index c0819e8..42b8528 100644 --- a/builds/msvc/vs2012/test/test.vcxproj.filters +++ b/builds/msvc/vs2012/test/test.vcxproj.filters @@ -49,6 +49,9 @@ <ClCompile Include="..\..\..\..\test\default\core6.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\ed25519_convert.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\generichash.c"> <Filter>src</Filter> </ClCompile> @@ -88,6 +91,9 @@ <ClCompile Include="..\..\..\..\test\default\scalarmult6.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\scalarmult7.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\secretbox.c"> <Filter>src</Filter> </ClCompile> @@ -115,6 +121,12 @@ <ClCompile Include="..\..\..\..\test\default\sodium_utils.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils2.c"> + <Filter>src</Filter> + </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils3.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\sodium_version.c"> <Filter>src</Filter> </ClCompile> @@ -159,4 +171,4 @@ <UniqueIdentifier>{5b5af4b5-c6aa-4b30-bdef-074b1bdc43ea}</UniqueIdentifier> </Filter> </ItemGroup> -</Project>
\ No newline at end of file +</Project> diff --git a/builds/msvc/vs2013/libsodium/libsodium.vcxproj b/builds/msvc/vs2013/libsodium/libsodium.vcxproj index 022bbe7..bd30e82 100644 --- a/builds/msvc/vs2013/libsodium/libsodium.vcxproj +++ b/builds/msvc/vs2013/libsodium/libsodium.vcxproj @@ -130,7 +130,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_sign_edwards25519sha512batch.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes128ctr.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes256estream.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa20.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa2012.h" />
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa208.h" />
@@ -303,14 +302,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\stream_aes128ctr.c" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\types.h" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\xor_afternm_aes128ctr.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-be.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-le.h" />
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256-ctr.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256.h" />
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\stream_aes256estream_api.c" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\api.h" />
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\ecrypt-sync.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\amd64_xmm6\api.h" />
<ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\ref\api.h" />
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\stream_salsa20_api.c" />
@@ -338,7 +329,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\randombytes\randombytes.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
- <ClCompile Include="..\..\..\..\src\libsodium\sodium\compat.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\runtime.c" />
<ClCompile Include="..\..\..\..\src\libsodium\sodium\utils.c" />
@@ -362,4 +352,4 @@ <Xml Include="..\..\..\..\packaging\nuget\package.xml" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-</Project>
\ No newline at end of file +</Project>
diff --git a/builds/msvc/vs2013/libsodium/libsodium.vcxproj.filters b/builds/msvc/vs2013/libsodium/libsodium.vcxproj.filters index 13805be..438508a 100644 --- a/builds/msvc/vs2013/libsodium/libsodium.vcxproj.filters +++ b/builds/msvc/vs2013/libsodium/libsodium.vcxproj.filters @@ -94,9 +94,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes128ctr.h">
<Filter>include\sodium</Filter>
</ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_aes256estream.h">
- <Filter>include\sodium</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\include\sodium\crypto_stream_salsa20.h">
<Filter>include\sodium</Filter>
</ClInclude>
@@ -154,9 +151,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\include\sodium\utils.h">
<Filter>include\sodium</Filter>
</ClInclude>
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256-ctr.c">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_box\curve25519xsalsa20poly1305\ref\after_curve25519xsalsa20poly1305.c">
<Filter>src\crypto_box\curve25519xsalsa20poly1305\ref</Filter>
</ClCompile>
@@ -427,9 +421,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\stream_aes128ctr_api.c">
<Filter>src\crypto_stream\aes128ctr</Filter>
</ClCompile>
- <ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\stream_aes256estream_api.c">
- <Filter>src\crypto_stream\aes256estream</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_stream\salsa20\stream_salsa20_api.c">
<Filter>src\crypto_stream\salsa20</Filter>
</ClCompile>
@@ -493,9 +484,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_auth\hmacsha512256\cp\verify_hmacsha512256.c">
<Filter>src\crypto_auth\hmacsha512256\cp</Filter>
</ClCompile>
- <ClCompile Include="..\..\..\..\src\libsodium\sodium\compat.c">
- <Filter>src\sodium</Filter>
- </ClCompile>
<ClCompile Include="..\..\..\..\src\libsodium\sodium\core.c">
<Filter>src\sodium</Filter>
</ClCompile>
@@ -532,18 +520,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c">
<Filter>src\randombytes\sysrandom</Filter>
</ClCompile>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes256.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-be.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\aes-table-le.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClCompile Include="..\..\..\..\src\libsodium\crypto_auth\hmacsha512\auth_hmacsha512_api.c">
<Filter>src\crypto_auth\hmacsha512</Filter>
</ClCompile>
@@ -565,9 +541,6 @@ <ClCompile Include="..\..\..\..\src\libsodium\crypto_pwhash\scryptsalsa208sha256\crypto_scrypt-common.c">
<Filter>src\crypto_pwhash\scryptsalsa208sha256</Filter>
</ClCompile>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\ecrypt-sync.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_sign\ed25519\ref10\fe.h">
<Filter>src\crypto_sign\ed25519\ref10</Filter>
</ClInclude>
@@ -676,9 +649,6 @@ <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes128ctr\portable\api.h">
<Filter>src\crypto_stream\aes128ctr\portable</Filter>
</ClInclude>
- <ClInclude Include="..\..\..\..\src\libsodium\crypto_stream\aes256estream\hongjun\api.h">
- <Filter>src\crypto_stream\aes256estream\hongjun</Filter>
- </ClInclude>
<ClInclude Include="..\..\..\..\src\libsodium\crypto_verify\16\ref\api.h">
<Filter>src\crypto_verify\16\ref</Filter>
</ClInclude>
@@ -946,9 +916,6 @@ <Filter Include="src\crypto_stream\aes128ctr">
<UniqueIdentifier>{ca40b775-e025-4359-87ae-02c771c1a222}</UniqueIdentifier>
</Filter>
- <Filter Include="src\crypto_stream\aes256estream">
- <UniqueIdentifier>{afb86556-101b-407c-93f6-db784a9e3f4f}</UniqueIdentifier>
- </Filter>
<Filter Include="src\crypto_stream\salsa20">
<UniqueIdentifier>{91c31952-2f36-418e-aa07-68ed57057d0f}</UniqueIdentifier>
</Filter>
@@ -970,9 +937,6 @@ <Filter Include="src\crypto_stream\salsa2012\ref">
<UniqueIdentifier>{1c006197-b25b-48e8-833f-2dd59a571b9d}</UniqueIdentifier>
</Filter>
- <Filter Include="src\crypto_stream\aes256estream\hongjun">
- <UniqueIdentifier>{3acc42ca-4646-462d-bbac-2a07e9eb30be}</UniqueIdentifier>
- </Filter>
<Filter Include="src\crypto_stream\aes128ctr\portable">
<UniqueIdentifier>{46eb8265-dc41-4289-aa7d-c1918e05cf75}</UniqueIdentifier>
</Filter>
@@ -1111,4 +1075,4 @@ <Filter>src\crypto_aead\chacha20poly1305\sodium</Filter>
</ClCompile>
</ItemGroup>
-</Project>
\ No newline at end of file +</Project>
diff --git a/builds/msvc/vs2013/test/test.vcxproj b/builds/msvc/vs2013/test/test.vcxproj index 780396e..04f12bc 100644 --- a/builds/msvc/vs2013/test/test.vcxproj +++ b/builds/msvc/vs2013/test/test.vcxproj @@ -112,6 +112,9 @@ <ClCompile Include="..\..\..\..\test\default\core6.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\ed25519_convert.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\generichash.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -154,6 +157,9 @@ <ClCompile Include="..\..\..\..\test\default\scalarmult6.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\scalarmult7.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\secretbox.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -184,6 +190,12 @@ <ClCompile Include="..\..\..\..\test\default\sodium_utils.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils2.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils3.c"> + <ExcludedFromBuild>true</ExcludedFromBuild> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\sodium_version.c"> <ExcludedFromBuild>true</ExcludedFromBuild> </ClCompile> @@ -211,4 +223,4 @@ <ClInclude Include="..\..\..\..\test\quirks\windows\windows-quirks.h" /> </ItemGroup> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> -</Project>
\ No newline at end of file +</Project> diff --git a/builds/msvc/vs2013/test/test.vcxproj.filters b/builds/msvc/vs2013/test/test.vcxproj.filters index c0819e8..42b8528 100644 --- a/builds/msvc/vs2013/test/test.vcxproj.filters +++ b/builds/msvc/vs2013/test/test.vcxproj.filters @@ -49,6 +49,9 @@ <ClCompile Include="..\..\..\..\test\default\core6.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\ed25519_convert.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\generichash.c"> <Filter>src</Filter> </ClCompile> @@ -88,6 +91,9 @@ <ClCompile Include="..\..\..\..\test\default\scalarmult6.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\scalarmult7.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\secretbox.c"> <Filter>src</Filter> </ClCompile> @@ -115,6 +121,12 @@ <ClCompile Include="..\..\..\..\test\default\sodium_utils.c"> <Filter>src</Filter> </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils2.c"> + <Filter>src</Filter> + </ClCompile> + <ClCompile Include="..\..\..\..\test\default\sodium_utils3.c"> + <Filter>src</Filter> + </ClCompile> <ClCompile Include="..\..\..\..\test\default\sodium_version.c"> <Filter>src</Filter> </ClCompile> @@ -159,4 +171,4 @@ <UniqueIdentifier>{5b5af4b5-c6aa-4b30-bdef-074b1bdc43ea}</UniqueIdentifier> </Filter> </ItemGroup> -</Project>
\ No newline at end of file +</Project> diff --git a/configure.ac b/configure.ac index 773c0d3..359021f 100644 --- a/configure.ac +++ b/configure.ac @@ -1,5 +1,5 @@ AC_PREREQ([2.65]) -AC_INIT([libsodium],[0.6.1], +AC_INIT([libsodium],[1.0.0], [https://github.com/jedisct1/libsodium/issues], [libsodium], [https://github.com/jedisct1/libsodium]) @@ -15,10 +15,10 @@ AC_SUBST(VERSION) ISODATE=`date +%Y-%m-%d` AC_SUBST(ISODATE) -SODIUM_LIBRARY_VERSION_MAJOR=6 -SODIUM_LIBRARY_VERSION_MINOR=1 -DLL_VERSION=5 -SODIUM_LIBRARY_VERSION=12:0:2 +SODIUM_LIBRARY_VERSION_MAJOR=7 +SODIUM_LIBRARY_VERSION_MINOR=2 +DLL_VERSION=6 +SODIUM_LIBRARY_VERSION=13:2:0 # | | | # +------+ | +---+ # | | | @@ -70,13 +70,11 @@ AS_IF([test "x$EMSCRIPTEN" != "x"],[ AC_MSG_WARN([compiling to javascript - asm implementations disabled]) ]) -AS_CASE([$host], [x86_64-*-mingw* | x86_64-*-cygwin*], [enable_asm="no"]) - AC_ARG_ENABLE(pie, [AS_HELP_STRING(--disable-pie,Do not produce position independent executables)], enable_pie=$enableval, enable_pie="maybe") -AS_CASE([$host_os], [mingw*], [enable_pie="no"]) +AS_CASE([$host_os], [mingw*|cygwin*|msys], [enable_pie="no"]) AC_ARG_ENABLE(blocking-random, [AS_HELP_STRING(--enable-blocking-random,Use /dev/random instead of /dev/urandom)], @@ -142,10 +140,12 @@ CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2" AX_CHECK_COMPILE_FLAG([-fvisibility=hidden], [CFLAGS="$CFLAGS -fvisibility=hidden"]) -AX_CHECK_COMPILE_FLAG([-fPIC], [ - AX_CHECK_LINK_FLAG([-fPIC], - [CFLAGS="$CFLAGS -fPIC"] - ) +AS_CASE([$host_os], [cygwin*|mingw*|msys|pw32*|cegcc*], [ ], [ + AX_CHECK_COMPILE_FLAG([-fPIC], [ + AX_CHECK_LINK_FLAG([-fPIC], + [CFLAGS="$CFLAGS -fPIC"] + ) + ]) ]) AS_IF([test "$enable_pie" != "no"],[ @@ -165,7 +165,7 @@ AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], [CFLAGS="$CFLAGS -fno-strict-overf LIBTOOL_OLD_FLAGS="$LIBTOOL_EXTRA_FLAGS" LIBTOOL_EXTRA_FLAGS="$LIBTOOL_EXTRA_FLAGS -version-info $SODIUM_LIBRARY_VERSION" AC_ARG_ENABLE(soname-versions, - [AC_HELP_STRING([--enable-soname-versions], [enable soname versions (must be disabled for android) (default: enabled)])], + [AC_HELP_STRING([--enable-soname-versions], [enable soname versions (must be disabled for Android) (default: enabled)])], [ AS_IF([test "x$enableval" = "xno"], [ LIBTOOL_EXTRA_FLAGS="$LIBTOOL_OLD_FLAGS -avoid-version" @@ -174,7 +174,7 @@ AC_ARG_ENABLE(soname-versions, ) AS_CASE([$host_os], - [cygwin* | mingw* | pw32* | cegcc*], [ + [cygwin*|mingw*|msys|pw32*|cegcc*], [ AX_CHECK_LINK_FLAG([-Wl,--dynamicbase], [LDFLAGS="$LDFLAGS -Wl,--dynamicbase"]) AX_CHECK_LINK_FLAG([-Wl,--nxcompat], [LDFLAGS="$LDFLAGS -Wl,--nxcompat"]) ]) @@ -182,20 +182,13 @@ AS_CASE([$host_os], AS_IF([test "x$enable_ssp" != "xno"],[ AS_CASE([$host_os], - [cygwin* | mingw* | pw32* | cegcc*], [ ], - [dragonfly*], [ + [cygwin*|mingw*|msys|pw32*|cegcc*], [ ], + [*], [ AX_CHECK_COMPILE_FLAG([-fstack-protector], [ AX_CHECK_LINK_FLAG([-fstack-protector], [CFLAGS="$CFLAGS -fstack-protector"] ) ]) - ], - [*], [ - AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [ - AX_CHECK_LINK_FLAG([-fstack-protector-all], - [CFLAGS="$CFLAGS -fstack-protector-all"] - ) - ]) ]) ]) @@ -320,18 +313,21 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ HAVE_AMD64_ASM_V=0 AS_IF([test "$enable_asm" != "no"],[ - AC_MSG_CHECKING(whether we can assemble basic amd64 code) + AC_MSG_CHECKING(whether we should use x86_64 asm code) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ ]], [[ #if defined(__amd64) || defined(__amd64__) || defined(__x86_64__) +# if defined(__CYGWIN__) || defined(__MINGW32__) || defined(__MINGW64__) || defined(_WIN32) || defined(_WIN64) +# error Windows x86_64 calling conventions are not supported yet +# endif /* neat */ #else -# error !amd64 +# error !x86_64 #endif __asm__("pxor %xmm12,%xmm6"); ]])], [AC_MSG_RESULT(yes) - AC_DEFINE([HAVE_AMD64_ASM], [1], [basic amd64 code can be assembled]) + AC_DEFINE([HAVE_AMD64_ASM], [1], [x86_64 asm code should be used]) HAVE_AMD64_ASM_V=1], [AC_MSG_RESULT(no)]) ]) @@ -406,14 +402,10 @@ AS_CASE([$host_cpu], dnl Checks for functions and headers -AC_CHECK_FUNC(clock_gettime, , [AC_CHECK_LIB(rt, clock_gettime)]) -AC_CHECK_FUNC(fegetenv, , [AC_CHECK_LIB(m, fegetenv)]) - AS_IF([test "x$EMSCRIPTEN" = "x"],[ AC_CHECK_FUNCS([arc4random arc4random_buf]) ]) -AC_CHECK_FUNCS([mlock VirtualLock]) -AC_CHECK_FUNCS([SecureZeroMemory explicit_bzero posix_memalign]) +AC_CHECK_FUNCS([mlock mprotect explicit_bzero posix_memalign]) AC_SUBST([LIBTOOL_EXTRA_FLAGS]) @@ -425,7 +417,7 @@ gl_LD_OUTPUT_DEF dnl Output. -AH_VERBATIM([NDEBUG], [/* Never ever ignore assertions */ +AH_VERBATIM([NDEBUG], [/* Always evaluate assert() calls */ #ifdef NDEBUG #/**/undef/**/ NDEBUG #endif]) diff --git a/debian/changelog b/debian/changelog index ca0f955..2ff77fb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,12 +1,6 @@ -libsodium (0.6.1-1~leap) unstable; urgency=medium - - * Remove _crypto_stream_salsa20 lines from libsodium10.symbols - - -- Micah Anderson <micah@debian.org> Mon, 11 Aug 2014 14:48:43 -0400 - -libsodium (0.6.1-1) unstable; urgency=medium +libsodium (1.0.0-1) unstable; urgency=low * Initial release. (Closes: #701962: ITP: libsodium -- Library for build higher-level cryptographic tools) - -- Raúl Sánchez Siles <rasasi78@gmail.com> Tue, 22 Jul 2014 00:49:38 +0200 + -- Laszlo Boszormenyi (GCS) <gcs@debian.org> Wed, 08 Oct 2014 18:54:15 +0000 diff --git a/debian/clean b/debian/clean new file mode 100644 index 0000000..3f7e4a3 --- /dev/null +++ b/debian/clean @@ -0,0 +1 @@ +build/config.log diff --git a/debian/control b/debian/control index f06c49a..f3cb17f 100644 --- a/debian/control +++ b/debian/control @@ -4,12 +4,12 @@ Priority: optional Build-Depends: debhelper ( >= 9), pkg-config, dh-autoreconf Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Uploaders: Raúl Sánchez Siles <rasasi78@gmail.com> -Standards-Version: 3.9.5 +Standards-Version: 3.9.6 Vcs-Hg: http://trismegisto.no-ip.org/hg/libsodium-debian Vcs-Browser: http://trismegisto.no-ip.org/hg/libsodium-debian Homepage: http://www.libsodium.org/ -Package: libsodium10 +Package: libsodium13 Depends: ${misc:Depends}, ${shlibs:Depends} Pre-Depends: ${misc:Pre-Depends} Architecture: any @@ -26,7 +26,7 @@ Description: Network communication, cryptography and signaturing library Package: libsodium-dev Section: libdevel -Depends: ${misc:Depends}, libsodium10 (= ${binary:Version}) +Depends: ${misc:Depends}, libsodium13 (= ${binary:Version}) Architecture: any Multi-Arch: same Description: Network communication, cryptography and signaturing library - headers @@ -45,7 +45,7 @@ Description: Network communication, cryptography and signaturing library - heade Package: libsodium-dbg Section: debug Priority: extra -Depends: ${misc:Depends}, libsodium10 (= ${binary:Version}) +Depends: ${misc:Depends}, libsodium13 (= ${binary:Version}) Architecture: any Multi-Arch: same Description: Network communication, cryptography and signaturing library - debug symbols diff --git a/debian/copyright b/debian/copyright index cb3ee84..b4c0ccc 100644 --- a/debian/copyright +++ b/debian/copyright @@ -28,7 +28,7 @@ License: BSD-2-clause Files: src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c src/libsodium/crypto_pwhash/scryptsalsa208sha256/scrypt_platform.c Copyright: 2013 Alexander Peslyak -License: BSD +License: BSD-2-clause Files: src/libsodium/crypto_auth/hmacsha256/cp/hmac_hmacsha256.c src/libsodium/crypto_auth/hmacsha512/cp/hmac_hmacsha256.c @@ -99,6 +99,27 @@ License: CC0 You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/> +Files: packaging/nuget/package.gsl +Copyright: 2013-2014 Frank Denis <j at pureftpd dot org> +License: MIT + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the "Software"), + to deal in the Software without restriction, including without limitation + the rights to use, copy, modify, merge, publish, distribute, sublicense, + and/or sell copies of the Software, and to permit persons to whom the + Software is furnished to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included + in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY + CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, + TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + Files: debian/* Copyright: 2014 Laszlo Boszormenyi (GCS) <gcs@debian.org>, 2013-2014 Raúl Sánchez Siles <rasasi78@gmail.com> @@ -145,20 +166,3 @@ License: BSD-2-clause LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -License: BSD - Redistribution and use in source and binary forms, with or without - modification, are permitted. - . - THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - SUCH DAMAGE. - diff --git a/debian/gbp.conf b/debian/gbp.conf deleted file mode 100644 index ae1dc36..0000000 --- a/debian/gbp.conf +++ /dev/null @@ -1,7 +0,0 @@ -[DEFAULT] -upstream-branch = upstream -debian-branch = master -upstream-tag = upstream/%(version)s -debian-tag = debian/%(version)s -pristine-tar = True -sign-tags = True diff --git a/debian/libsodium10.docs b/debian/libsodium13.docs index 18afe51..18afe51 100644 --- a/debian/libsodium10.docs +++ b/debian/libsodium13.docs diff --git a/debian/libsodium10.install b/debian/libsodium13.install index 86ca402..86ca402 100644 --- a/debian/libsodium10.install +++ b/debian/libsodium13.install diff --git a/debian/libsodium10.symbols b/debian/libsodium13.symbols index 3777098..cd302e7 100644 --- a/debian/libsodium10.symbols +++ b/debian/libsodium13.symbols @@ -1,4 +1,6 @@ -libsodium.so.10 libsodium10 #MINVER# +libsodium.so.13 libsodium13 #MINVER# + (arch=amd64)_crypto_stream_salsa20@Base 0.6.0 + (arch=amd64)_crypto_stream_salsa20_xor_ic@Base 0.6.0 crypto_aead_chacha20poly1305_abytes@Base 0.6.0 crypto_aead_chacha20poly1305_decrypt@Base 0.6.0 crypto_aead_chacha20poly1305_encrypt@Base 0.6.0 @@ -129,7 +131,6 @@ libsodium.so.10 libsodium10 #MINVER# crypto_onetimeauth_final@Base 0.6.0 crypto_onetimeauth_init@Base 0.6.0 crypto_onetimeauth_keybytes@Base 0.6.0 - crypto_onetimeauth_pick_best_implementation@Base 0.6.0 crypto_onetimeauth_poly1305@Base 0.6.0 crypto_onetimeauth_poly1305_bytes@Base 0.6.0 crypto_onetimeauth_poly1305_final@Base 0.6.0 @@ -152,11 +153,7 @@ libsodium.so.10 libsodium10 #MINVER# crypto_pwhash_scryptsalsa208sha256_str@Base 0.6.0 crypto_pwhash_scryptsalsa208sha256_str_verify@Base 0.6.0 crypto_pwhash_scryptsalsa208sha256_strbytes@Base 0.6.0 - crypto_pwhash_scryptxsalsa208sha256@Base 0.6.0 - crypto_pwhash_scryptxsalsa208sha256_saltbytes@Base 0.6.0 - crypto_pwhash_scryptxsalsa208sha256_str@Base 0.6.0 - crypto_pwhash_scryptxsalsa208sha256_str_verify@Base 0.6.0 - crypto_pwhash_scryptxsalsa208sha256_strbytes@Base 0.6.0 + crypto_pwhash_scryptsalsa208sha256_strprefix@Base 0.7.0 crypto_scalarmult@Base 0.6.0 crypto_scalarmult_base@Base 0.6.0 crypto_scalarmult_bytes@Base 0.6.0 @@ -200,10 +197,14 @@ libsodium.so.10 libsodium10 #MINVER# crypto_sign_ed25519_detached@Base 0.6.1 crypto_sign_ed25519_keypair@Base 0.6.0 crypto_sign_ed25519_open@Base 0.6.0 + crypto_sign_ed25519_pk_to_curve25519@Base 0.7.0 crypto_sign_ed25519_publickeybytes@Base 0.6.0 crypto_sign_ed25519_secretkeybytes@Base 0.6.0 crypto_sign_ed25519_seed_keypair@Base 0.6.0 crypto_sign_ed25519_seedbytes@Base 0.6.0 + crypto_sign_ed25519_sk_to_curve25519@Base 0.7.0 + crypto_sign_ed25519_sk_to_pk@Base 0.7.0 + crypto_sign_ed25519_sk_to_seed@Base 0.7.0 crypto_sign_ed25519_verify_detached@Base 0.6.1 crypto_sign_edwards25519sha512batch@Base 0.6.0 crypto_sign_edwards25519sha512batch_bytes@Base 0.6.0 @@ -228,14 +229,6 @@ libsodium.so.10 libsodium10 #MINVER# crypto_stream_aes128ctr_noncebytes@Base 0.6.0 crypto_stream_aes128ctr_xor@Base 0.6.0 crypto_stream_aes128ctr_xor_afternm@Base 0.6.0 - crypto_stream_aes256estream@Base 0.6.0 - crypto_stream_aes256estream_afternm@Base 0.6.0 - crypto_stream_aes256estream_beforenm@Base 0.6.0 - crypto_stream_aes256estream_beforenmbytes@Base 0.6.0 - crypto_stream_aes256estream_keybytes@Base 0.6.0 - crypto_stream_aes256estream_noncebytes@Base 0.6.0 - crypto_stream_aes256estream_xor@Base 0.6.0 - crypto_stream_aes256estream_xor_afternm@Base 0.6.0 crypto_stream_chacha20@Base 0.6.0 crypto_stream_chacha20_keybytes@Base 0.6.0 crypto_stream_chacha20_noncebytes@Base 0.6.0 @@ -290,14 +283,20 @@ libsodium.so.10 libsodium10 #MINVER# randombytes_sysrandom_stir@Base 0.6.0 randombytes_sysrandom_uniform@Base 0.6.0 randombytes_uniform@Base 0.6.0 + sodium_allocarray@Base 0.7.0 sodium_bin2hex@Base 0.6.0 + sodium_free@Base 0.7.0 sodium_hex2bin@Base 0.6.0 sodium_init@Base 0.6.0 sodium_library_version_major@Base 0.6.0 sodium_library_version_minor@Base 0.6.0 + sodium_malloc@Base 0.7.0 sodium_memcmp@Base 0.6.0 sodium_memzero@Base 0.6.0 sodium_mlock@Base 0.6.0 + sodium_mprotect_noaccess@Base 0.7.0 + sodium_mprotect_readonly@Base 0.7.0 + sodium_mprotect_readwrite@Base 0.7.0 sodium_munlock@Base 0.6.0 sodium_runtime_get_cpu_features@Base 0.6.0 sodium_runtime_has_neon@Base 0.6.0 diff --git a/dist-build/android-build.sh b/dist-build/android-build.sh index deb333e..ba848d7 100755 --- a/dist-build/android-build.sh +++ b/dist-build/android-build.sh @@ -31,6 +31,7 @@ $MAKE_TOOLCHAIN --platform="${NDK_PLATFORM:-android-14}" \ ./configure --host="${HOST_COMPILER}" \ --with-sysroot="${TOOLCHAIN_DIR}/sysroot" \ --prefix="${PREFIX}" \ + --enable-minimal \ --disable-soname-versions && \ make clean && \ make -j3 install && \ diff --git a/dist-build/emscripten.sh b/dist-build/emscripten.sh index bd656dc..8b0a009 100755 --- a/dist-build/emscripten.sh +++ b/dist-build/emscripten.sh @@ -1,9 +1,9 @@ #! /bin/sh export PREFIX="$(pwd)/libsodium-js" -export EXPORTED_FUNCTIONS='["_crypto_aead_chacha20poly1305_abytes", "_crypto_aead_chacha20poly1305_decrypt", "_crypto_aead_chacha20poly1305_encrypt", "_crypto_aead_chacha20poly1305_keybytes", "_crypto_aead_chacha20poly1305_npubbytes", "_crypto_aead_chacha20poly1305_nsecbytes", "_crypto_auth", "_crypto_auth_bytes", "_crypto_auth_hmacsha256", "_crypto_auth_hmacsha256_bytes", "_crypto_auth_hmacsha256_final", "_crypto_auth_hmacsha256_init", "_crypto_auth_hmacsha256_keybytes", "_crypto_auth_hmacsha256_update", "_crypto_auth_hmacsha256_verify", "_crypto_auth_hmacsha512", "_crypto_auth_hmacsha512256", "_crypto_auth_hmacsha512256_bytes", "_crypto_auth_hmacsha512256_final", "_crypto_auth_hmacsha512256_init", "_crypto_auth_hmacsha512256_keybytes", "_crypto_auth_hmacsha512256_update", "_crypto_auth_hmacsha512256_verify", "_crypto_auth_hmacsha512_bytes", "_crypto_auth_hmacsha512_final", "_crypto_auth_hmacsha512_init", "_crypto_auth_hmacsha512_keybytes", "_crypto_auth_hmacsha512_update", "_crypto_auth_hmacsha512_verify", "_crypto_auth_keybytes", "_crypto_auth_primitive", "_crypto_auth_verify", "_crypto_box", "_crypto_box_afternm", "_crypto_box_beforenm", "_crypto_box_beforenmbytes", "_crypto_box_boxzerobytes", "_crypto_box_curve25519xsalsa20poly1305", "_crypto_box_curve25519xsalsa20poly1305_afternm", "_crypto_box_curve25519xsalsa20poly1305_beforenm", "_crypto_box_curve25519xsalsa20poly1305_beforenmbytes", "_crypto_box_curve25519xsalsa20poly1305_boxzerobytes", "_crypto_box_curve25519xsalsa20poly1305_keypair", "_crypto_box_curve25519xsalsa20poly1305_macbytes", "_crypto_box_curve25519xsalsa20poly1305_noncebytes", "_crypto_box_curve25519xsalsa20poly1305_open", "_crypto_box_curve25519xsalsa20poly1305_open_afternm", "_crypto_box_curve25519xsalsa20poly1305_publickeybytes", "_crypto_box_curve25519xsalsa20poly1305_secretkeybytes", "_crypto_box_curve25519xsalsa20poly1305_seed_keypair", "_crypto_box_curve25519xsalsa20poly1305_seedbytes", "_crypto_box_curve25519xsalsa20poly1305_zerobytes", "_crypto_box_detached", "_crypto_box_easy", "_crypto_box_keypair", "_crypto_box_macbytes", "_crypto_box_noncebytes", "_crypto_box_open", "_crypto_box_open_afternm", "_crypto_box_open_detached", "_crypto_box_open_easy", "_crypto_box_primitive", "_crypto_box_publickeybytes", "_crypto_box_secretkeybytes", "_crypto_box_seed_keypair", "_crypto_box_seedbytes", "_crypto_box_zerobytes", "_crypto_core_hsalsa20", "_crypto_core_hsalsa20_constbytes", "_crypto_core_hsalsa20_inputbytes", "_crypto_core_hsalsa20_keybytes", "_crypto_core_hsalsa20_outputbytes", "_crypto_core_salsa20", "_crypto_core_salsa20_constbytes", "_crypto_core_salsa20_inputbytes", "_crypto_core_salsa20_keybytes", "_crypto_core_salsa20_outputbytes", "_crypto_generichash", "_crypto_generichash_blake2b", "_crypto_generichash_blake2b_bytes", "_crypto_generichash_blake2b_bytes_max", "_crypto_generichash_blake2b_bytes_min", "_crypto_generichash_blake2b_final", "_crypto_generichash_blake2b_init", "_crypto_generichash_blake2b_init_salt_personal", "_crypto_generichash_blake2b_keybytes", "_crypto_generichash_blake2b_keybytes_max", "_crypto_generichash_blake2b_keybytes_min", "_crypto_generichash_blake2b_personalbytes", "_crypto_generichash_blake2b_salt_personal", "_crypto_generichash_blake2b_saltbytes", "_crypto_generichash_blake2b_update", "_crypto_generichash_bytes", "_crypto_generichash_bytes_max", "_crypto_generichash_bytes_min", "_crypto_generichash_final", "_crypto_generichash_init", "_crypto_generichash_keybytes", "_crypto_generichash_keybytes_max", "_crypto_generichash_keybytes_min", "_crypto_generichash_primitive", "_crypto_generichash_update", "_crypto_hash", "_crypto_hash_bytes", "_crypto_hash_primitive", "_crypto_hash_sha256", "_crypto_hash_sha256_bytes", "_crypto_hash_sha256_final", "_crypto_hash_sha256_init", "_crypto_hash_sha256_update", "_crypto_hash_sha512", "_crypto_hash_sha512_bytes", "_crypto_hash_sha512_final", "_crypto_hash_sha512_init", "_crypto_hash_sha512_update", "_crypto_onetimeauth", "_crypto_onetimeauth_bytes", "_crypto_onetimeauth_final", "_crypto_onetimeauth_init", "_crypto_onetimeauth_keybytes", "_crypto_onetimeauth_pick_best_implementation", "_crypto_onetimeauth_poly1305", "_crypto_onetimeauth_poly1305_bytes", "_crypto_onetimeauth_poly1305_final", "_crypto_onetimeauth_poly1305_implementation_name", "_crypto_onetimeauth_poly1305_init", "_crypto_onetimeauth_poly1305_keybytes", "_crypto_onetimeauth_poly1305_set_implementation", "_crypto_onetimeauth_poly1305_update", "_crypto_onetimeauth_poly1305_verify", "_crypto_onetimeauth_primitive", "_crypto_onetimeauth_update", "_crypto_onetimeauth_verify", "_crypto_pwhash_scryptsalsa208sha256", "_crypto_pwhash_scryptsalsa208sha256_ll", "_crypto_pwhash_scryptsalsa208sha256_memlimit_interactive", "_crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive", "_crypto_pwhash_scryptsalsa208sha256_opslimit_interactive", "_crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive", "_crypto_pwhash_scryptsalsa208sha256_saltbytes", "_crypto_pwhash_scryptsalsa208sha256_str", "_crypto_pwhash_scryptsalsa208sha256_str_verify", "_crypto_pwhash_scryptsalsa208sha256_strbytes", "_crypto_scalarmult", "_crypto_scalarmult_base", "_crypto_scalarmult_bytes", "_crypto_scalarmult_curve25519", "_crypto_scalarmult_curve25519_base", "_crypto_scalarmult_curve25519_bytes", "_crypto_scalarmult_curve25519_scalarbytes", "_crypto_scalarmult_primitive", "_crypto_scalarmult_scalarbytes", "_crypto_secretbox", "_crypto_secretbox_boxzerobytes", "_crypto_secretbox_detached", "_crypto_secretbox_easy", "_crypto_secretbox_keybytes", "_crypto_secretbox_macbytes", "_crypto_secretbox_noncebytes", "_crypto_secretbox_open", "_crypto_secretbox_open_detached", "_crypto_secretbox_open_easy", "_crypto_secretbox_primitive", "_crypto_secretbox_xsalsa20poly1305", "_crypto_secretbox_xsalsa20poly1305_boxzerobytes", "_crypto_secretbox_xsalsa20poly1305_keybytes", "_crypto_secretbox_xsalsa20poly1305_macbytes", "_crypto_secretbox_xsalsa20poly1305_noncebytes", "_crypto_secretbox_xsalsa20poly1305_open", "_crypto_secretbox_xsalsa20poly1305_zerobytes", "_crypto_secretbox_zerobytes", "_crypto_shorthash", "_crypto_shorthash_bytes", "_crypto_shorthash_keybytes", "_crypto_shorthash_primitive", "_crypto_shorthash_siphash24", "_crypto_shorthash_siphash24_bytes", "_crypto_shorthash_siphash24_keybytes", "_crypto_sign", "_crypto_sign_bytes", "_crypto_sign_detached", "_crypto_sign_ed25519", "_crypto_sign_ed25519_bytes", "_crypto_sign_ed25519_detached", "_crypto_sign_ed25519_keypair", "_crypto_sign_ed25519_open", "_crypto_sign_ed25519_publickeybytes", "_crypto_sign_ed25519_secretkeybytes", "_crypto_sign_ed25519_seed_keypair", "_crypto_sign_ed25519_seedbytes", "_crypto_sign_ed25519_verify_detached", "_crypto_sign_keypair", "_crypto_sign_open", "_crypto_sign_primitive", "_crypto_sign_publickeybytes", "_crypto_sign_secretkeybytes", "_crypto_sign_seed_keypair", "_crypto_sign_seedbytes", "_crypto_sign_verify_detached", "_crypto_stream", "_crypto_stream_aes128ctr", "_crypto_stream_aes128ctr_afternm", "_crypto_stream_aes128ctr_beforenm", "_crypto_stream_aes128ctr_beforenmbytes", "_crypto_stream_aes128ctr_keybytes", "_crypto_stream_aes128ctr_noncebytes", "_crypto_stream_aes128ctr_xor", "_crypto_stream_aes128ctr_xor_afternm", "_crypto_stream_chacha20", "_crypto_stream_chacha20_keybytes", "_crypto_stream_chacha20_noncebytes", "_crypto_stream_chacha20_xor", "_crypto_stream_chacha20_xor_ic", "_crypto_stream_keybytes", "_crypto_stream_noncebytes", "_crypto_stream_primitive", "_crypto_stream_salsa20", "_crypto_stream_salsa20_keybytes", "_crypto_stream_salsa20_noncebytes", "_crypto_stream_salsa20_xor", "_crypto_stream_salsa20_xor_ic", "_crypto_stream_xor", "_crypto_stream_xsalsa20", "_crypto_stream_xsalsa20_keybytes", "_crypto_stream_xsalsa20_noncebytes", "_crypto_stream_xsalsa20_xor", "_crypto_verify_16", "_crypto_verify_16_bytes", "_crypto_verify_32", "_crypto_verify_32_bytes", "_crypto_verify_64", "_crypto_verify_64_bytes", "_randombytes", "_randombytes_buf", "_randombytes_close", "_randombytes_implementation_name", "_randombytes_random", "_randombytes_salsa20_implementation_name", "_randombytes_salsa20_random", "_randombytes_salsa20_random_buf", "_randombytes_salsa20_random_close", "_randombytes_salsa20_random_stir", "_randombytes_salsa20_random_uniform", "_randombytes_set_implementation", "_randombytes_stir", "_randombytes_sysrandom", "_randombytes_sysrandom_buf", "_randombytes_sysrandom_close", "_randombytes_sysrandom_implementation_name", "_randombytes_sysrandom_stir", "_randombytes_sysrandom_uniform", "_randombytes_uniform", "_sodium_bin2hex", "_sodium_hex2bin", "_sodium_init", "_sodium_library_version_major", "_sodium_library_version_minor", "_sodium_memcmp", "_sodium_memzero", "_sodium_version_string"]' +export EXPORTED_FUNCTIONS='["_crypto_aead_chacha20poly1305_abytes","_crypto_aead_chacha20poly1305_decrypt","_crypto_aead_chacha20poly1305_encrypt","_crypto_aead_chacha20poly1305_keybytes","_crypto_aead_chacha20poly1305_npubbytes","_crypto_aead_chacha20poly1305_nsecbytes","_crypto_auth","_crypto_auth_bytes","_crypto_auth_keybytes","_crypto_auth_verify","_crypto_box","_crypto_box_detached","_crypto_box_easy","_crypto_box_keypair","_crypto_box_macbytes","_crypto_box_noncebytes","_crypto_box_open","_crypto_box_open_detached","_crypto_box_open_easy","_crypto_box_publickeybytes","_crypto_box_secretkeybytes","_crypto_box_seed_keypair","_crypto_box_seedbytes","_crypto_generichash","_crypto_generichash_bytes","_crypto_generichash_bytes_max","_crypto_generichash_bytes_min","_crypto_generichash_final","_crypto_generichash_init","_crypto_generichash_keybytes","_crypto_generichash_keybytes_max","_crypto_generichash_keybytes_min","_crypto_generichash_update","_crypto_hash","_crypto_hash_bytes","_crypto_scalarmult","_crypto_scalarmult_base","_crypto_scalarmult_bytes","_crypto_scalarmult_scalarbytes","_crypto_secretbox","_crypto_secretbox_detached","_crypto_secretbox_easy","_crypto_secretbox_keybytes","_crypto_secretbox_macbytes","_crypto_secretbox_noncebytes","_crypto_secretbox_open","_crypto_secretbox_open_detached","_crypto_secretbox_open_easy","_crypto_shorthash","_crypto_shorthash_bytes","_crypto_shorthash_keybytes","_crypto_sign","_crypto_sign_bytes","_crypto_sign_detached","_crypto_sign_ed25519_pk_to_curve25519","_crypto_sign_ed25519_sk_to_curve25519","_crypto_sign_keypair","_crypto_sign_open","_crypto_sign_publickeybytes","_crypto_sign_secretkeybytes","_crypto_sign_seed_keypair","_crypto_sign_seedbytes","_crypto_sign_verify_detached","_randombytes","_randombytes_buf","_randombytes_close","_randombytes_random","_randombytes_set_implementation","_randombytes_stir","_randombytes_sysrandom","_randombytes_sysrandom_buf","_randombytes_sysrandom_close","_randombytes_sysrandom_stir","_randombytes_sysrandom_uniform","_randombytes_uniform","_sodium_bin2hex","_sodium_hex2bin","_sodium_init","_sodium_library_version_major","_sodium_library_version_minor","_sodium_memcmp","_sodium_memzero","_sodium_version_string"]' export TOTAL_MEMORY=33554432 -export OPTFLAGS="--llvm-lto 3 -Oz" +export OPTFLAGS="--llvm-lto 1 -Oz --emit-symbol-map" export CFLAGS="$OPTFLAGS --pre-js=test/default/pre.js " export LDFLAGS="-s EXPORTED_FUNCTIONS=${EXPORTED_FUNCTIONS} -s TOTAL_MEMORY=${TOTAL_MEMORY}" diff --git a/dist-build/ios.sh b/dist-build/ios.sh index cd8384a..3378060 100755 --- a/dist-build/ios.sh +++ b/dist-build/ios.sh @@ -10,6 +10,7 @@ export PREFIX="$(pwd)/libsodium-ios" ./configure --host=arm-apple-darwin10 \ --disable-shared \ + --enable-minimal \ --prefix="$PREFIX" && \ make clean && \ make -j3 install && \ diff --git a/libsodium.pc.in b/libsodium.pc.in index c1d4372..6a983d5 100644 --- a/libsodium.pc.in +++ b/libsodium.pc.in @@ -1,5 +1,5 @@ prefix=@prefix@ -exec_prefix=@prefix@ +exec_prefix=@exec_prefix@ libdir=@libdir@ includedir=@includedir@ diff --git a/libsodium.vcxproj b/libsodium.vcxproj index 228aa0f..f6a2f85 100644 --- a/libsodium.vcxproj +++ b/libsodium.vcxproj @@ -349,7 +349,6 @@ <ClInclude Include="src\libsodium\include\sodium\crypto_sign_edwards25519sha512batch.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_stream.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_stream_aes128ctr.h" />
- <ClInclude Include="src\libsodium\include\sodium\crypto_stream_aes256estream.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_stream_chacha20.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_stream_salsa20.h" />
<ClInclude Include="src\libsodium\include\sodium\crypto_stream_salsa2012.h" />
@@ -497,8 +496,6 @@ <ClCompile Include="src\libsodium\crypto_stream\aes128ctr\portable\stream_aes128ctr.c" />
<ClCompile Include="src\libsodium\crypto_stream\aes128ctr\portable\xor_afternm_aes128ctr.c" />
<ClCompile Include="src\libsodium\crypto_stream\aes128ctr\stream_aes128ctr_api.c" />
- <ClCompile Include="src\libsodium\crypto_stream\aes256estream\hongjun\aes256-ctr.c" />
- <ClCompile Include="src\libsodium\crypto_stream\aes256estream\stream_aes256estream_api.c" />
<ClCompile Include="src\libsodium\crypto_stream\chacha20\ref\stream_chacha20_ref.c" />
<ClCompile Include="src\libsodium\crypto_stream\chacha20\stream_chacha20_api.c" />
<ClCompile Include="src\libsodium\crypto_stream\crypto_stream.c" />
@@ -523,7 +520,6 @@ <ClCompile Include="src\libsodium\randombytes\randombytes.c" />
<ClCompile Include="src\libsodium\randombytes\salsa20\randombytes_salsa20_random.c" />
<ClCompile Include="src\libsodium\randombytes\sysrandom\randombytes_sysrandom.c" />
- <ClCompile Include="src\libsodium\sodium\compat.c" />
<ClCompile Include="src\libsodium\sodium\core.c" />
<ClCompile Include="src\libsodium\sodium\runtime.c" />
<ClCompile Include="src\libsodium\sodium\utils.c" />
@@ -532,4 +528,4 @@ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
-</Project>
\ No newline at end of file +</Project>
diff --git a/libsodium.vcxproj.filters b/libsodium.vcxproj.filters index ea790a3..18f0b46 100644 --- a/libsodium.vcxproj.filters +++ b/libsodium.vcxproj.filters @@ -105,9 +105,6 @@ <ClInclude Include="src\libsodium\include\sodium\crypto_stream_aes128ctr.h">
<Filter>Header Files</Filter>
</ClInclude>
- <ClInclude Include="src\libsodium\include\sodium\crypto_stream_aes256estream.h">
- <Filter>Header Files</Filter>
- </ClInclude>
<ClInclude Include="src\libsodium\include\sodium\crypto_stream_salsa20.h">
<Filter>Header Files</Filter>
</ClInclude>
@@ -452,9 +449,6 @@ <ClCompile Include="src\libsodium\crypto_sign\edwards25519sha512batch\sign_edwards25519sha512batch_api.c">
<Filter>Source Files</Filter>
</ClCompile>
- <ClCompile Include="src\libsodium\crypto_stream\aes256estream\hongjun\aes256-ctr.c">
- <Filter>Source Files</Filter>
- </ClCompile>
<ClCompile Include="src\libsodium\crypto_stream\aes128ctr\portable\afternm_aes128ctr.c">
<Filter>Source Files</Filter>
</ClCompile>
@@ -479,9 +473,6 @@ <ClCompile Include="src\libsodium\crypto_stream\aes128ctr\stream_aes128ctr_api.c">
<Filter>Source Files</Filter>
</ClCompile>
- <ClCompile Include="src\libsodium\crypto_stream\aes256estream\stream_aes256estream_api.c">
- <Filter>Source Files</Filter>
- </ClCompile>
<ClCompile Include="src\libsodium\crypto_stream\salsa20\stream_salsa20_api.c">
<Filter>Source Files</Filter>
</ClCompile>
@@ -539,9 +530,6 @@ <ClCompile Include="src\libsodium\crypto_verify\64\verify_64_api.c">
<Filter>Source Files</Filter>
</ClCompile>
- <ClCompile Include="src\libsodium\sodium\compat.c">
- <Filter>Source Files</Filter>
- </ClCompile>
<ClCompile Include="src\libsodium\sodium\core.c">
<Filter>Source Files</Filter>
</ClCompile>
@@ -651,4 +639,4 @@ <Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
-</Project>
\ No newline at end of file +</Project>
diff --git a/msvc-scripts/process.bat b/msvc-scripts/process.bat index 530f77c..2d03187 100755 --- a/msvc-scripts/process.bat +++ b/msvc-scripts/process.bat @@ -1,4 +1,4 @@ -cscript msvc-scripts/rep.vbs //Nologo s/@VERSION@/0.6.1/ < src\libsodium\include\sodium\version.h.in > tmp -cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MAJOR@/6/ < tmp > tmp2 -cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MINOR@/1/ < tmp2 > src\libsodium\include\sodium\version.h +cscript msvc-scripts/rep.vbs //Nologo s/@VERSION@/1.0.0/ < src\libsodium\include\sodium\version.h.in > tmp +cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MAJOR@/7/ < tmp > tmp2 +cscript msvc-scripts/rep.vbs //Nologo s/@SODIUM_LIBRARY_VERSION_MINOR@/2/ < tmp2 > src\libsodium\include\sodium\version.h del tmp tmp2 diff --git a/msvc-scripts/sodium.props b/msvc-scripts/sodium.props index d68425a..613cbd0 100644 --- a/msvc-scripts/sodium.props +++ b/msvc-scripts/sodium.props @@ -6,7 +6,10 @@ <ItemDefinitionGroup> <ClCompile> <AdditionalIncludeDirectories>$(SolutionDir);$(SolutionDir)src\libsodium\include\sodium;$(SolutionDir)src\libsodium\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> - <PreprocessorDefinitions>inline=__inline;NATIVE_LITTLE_ENDIAN;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <MultiProcessorCompilation>true</MultiProcessorCompilation> + <PreprocessorDefinitions>UNICODE;_UNICODE;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <PreprocessorDefinitions>NATIVE_LITTLE_ENDIAN=1;%(PreprocessorDefinitions)</PreprocessorDefinitions> + <PreprocessorDefinitions>inline=__inline;%(PreprocessorDefinitions)</PreprocessorDefinitions> </ClCompile> <PreBuildEvent> <Command>$(SolutionDir)/msvc-scripts/process.bat</Command> diff --git a/packaging/nuget/package.config b/packaging/nuget/package.config index c986633..6e68a3b 100644 --- a/packaging/nuget/package.config +++ b/packaging/nuget/package.config @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="utf-8"?> <!-- These values are populated into the package.gsl templates by package.bat. --> <!-- The target attribute controls path and file name only, id controls package naming. --> -<package id="libsodium_vc120" target="libsodium" version = "0.6.0.1" pathversion="0_6_0_1" platformtoolset="v120" /> +<package id="libsodium_vc120" target="libsodium" version = "0.7.0.0" pathversion="0_7_0_0" platformtoolset="v120" /> diff --git a/packaging/nuget/package.nuspec b/packaging/nuget/package.nuspec index 36ee748..f836a8a 100644 --- a/packaging/nuget/package.nuspec +++ b/packaging/nuget/package.nuspec @@ -7,7 +7,7 @@ <package xmlns="http://schemas.microsoft.com/packaging/2013/01/nuspec.xsd"> <metadata minClientVersion="2.5"> <id>libsodium_vc120</id> - <version>0.6.0.1</version> + <version>0.7.0.0</version> <title>libsodium_vc120</title> <authors>libsodium contributors</authors> <owners>Eric Voskuil</owners> @@ -40,52 +40,52 @@ <!-- libraries --> <!-- x86 Dynamic libraries (.dll) --> - <file src="..\..\bin\Win32\Release\v120\dynamic\libsodium.dll" target="build\native\bin\libsodium-x86-v120-mt-0_6_0_1.dll" /> - <file src="..\..\bin\Win32\Debug\v120\dynamic\libsodium.dll" target="build\native\bin\libsodium-x86-v120-mt-gd-0_6_0_1.dll" /> + <file src="..\..\bin\Win32\Release\v120\dynamic\libsodium.dll" target="build\native\bin\libsodium-x86-v120-mt-0_7_0_0.dll" /> + <file src="..\..\bin\Win32\Debug\v120\dynamic\libsodium.dll" target="build\native\bin\libsodium-x86-v120-mt-gd-0_7_0_0.dll" /> <!-- x86 Debugging symbols (.pdb) --> - <!--<file src="..\..\bin\Win32\Release\v120\dynamic\libsodium.pdb" target="build\native\bin\libsodium-x86-v120-mt-0_6_0_1.pdb" />--> - <file src="..\..\bin\Win32\Debug\v120\dynamic\libsodium.pdb" target="build\native\bin\libsodium-x86-v120-mt-gd-0_6_0_1.pdb" /> + <!--<file src="..\..\bin\Win32\Release\v120\dynamic\libsodium.pdb" target="build\native\bin\libsodium-x86-v120-mt-0_7_0_0.pdb" />--> + <file src="..\..\bin\Win32\Debug\v120\dynamic\libsodium.pdb" target="build\native\bin\libsodium-x86-v120-mt-gd-0_7_0_0.pdb" /> <!-- x86 Import libraries (.imp.lib) --> - <file src="..\..\bin\Win32\Release\v120\dynamic\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-0_6_0_1.imp.lib" /> - <file src="..\..\bin\Win32\Debug\v120\dynamic\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-gd-0_6_0_1.imp.lib" /> + <file src="..\..\bin\Win32\Release\v120\dynamic\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-0_7_0_0.imp.lib" /> + <file src="..\..\bin\Win32\Debug\v120\dynamic\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-gd-0_7_0_0.imp.lib" /> <!-- x86 Export libraries (.exp) --> - <file src="..\..\bin\Win32\Release\v120\dynamic\libsodium.exp" target="build\native\bin\libsodium-x86-v120-mt-0_6_0_1.exp" /> - <file src="..\..\bin\Win32\Debug\v120\dynamic\libsodium.exp" target="build\native\bin\libsodium-x86-v120-mt-gd-0_6_0_1.exp" /> + <file src="..\..\bin\Win32\Release\v120\dynamic\libsodium.exp" target="build\native\bin\libsodium-x86-v120-mt-0_7_0_0.exp" /> + <file src="..\..\bin\Win32\Debug\v120\dynamic\libsodium.exp" target="build\native\bin\libsodium-x86-v120-mt-gd-0_7_0_0.exp" /> <!-- x86 Static libraries (.lib) --> - <file src="..\..\bin\Win32\Release\v120\static\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-s-0_6_0_1.lib" /> - <file src="..\..\bin\Win32\Debug\v120\static\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-sgd-0_6_0_1.lib" /> + <file src="..\..\bin\Win32\Release\v120\static\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-s-0_7_0_0.lib" /> + <file src="..\..\bin\Win32\Debug\v120\static\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-sgd-0_7_0_0.lib" /> <!-- x86 Static link time code generation libraries (.ltcg.lib) --> - <file src="..\..\bin\Win32\Release\v120\ltcg\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-s-0_6_0_1.ltcg.lib" /> - <file src="..\..\bin\Win32\Debug\v120\ltcg\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-sgd-0_6_0_1.ltcg.lib" /> + <file src="..\..\bin\Win32\Release\v120\ltcg\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-s-0_7_0_0.ltcg.lib" /> + <file src="..\..\bin\Win32\Debug\v120\ltcg\libsodium.lib" target="build\native\bin\libsodium-x86-v120-mt-sgd-0_7_0_0.ltcg.lib" /> <!-- x64 Dynamic libraries (.dll) --> - <file src="..\..\bin\x64\Release\v120\dynamic\libsodium.dll" target="build\native\bin\libsodium-x64-v120-mt-0_6_0_1.dll" /> - <file src="..\..\bin\x64\Debug\v120\dynamic\libsodium.dll" target="build\native\bin\libsodium-x64-v120-mt-gd-0_6_0_1.dll" /> + <file src="..\..\bin\x64\Release\v120\dynamic\libsodium.dll" target="build\native\bin\libsodium-x64-v120-mt-0_7_0_0.dll" /> + <file src="..\..\bin\x64\Debug\v120\dynamic\libsodium.dll" target="build\native\bin\libsodium-x64-v120-mt-gd-0_7_0_0.dll" /> <!-- x64 Debugging symbols (.pdb) --> - <!--<file src="..\..\bin\x64\Release\v120\dynamic\libsodium.pdb" target="build\native\bin\libsodium-x64-v120-mt-0_6_0_1.pdb" />--> - <file src="..\..\bin\x64\Debug\v120\dynamic\libsodium.pdb" target="build\native\bin\libsodium-x64-v120-mt-gd-0_6_0_1.pdb" /> + <!--<file src="..\..\bin\x64\Release\v120\dynamic\libsodium.pdb" target="build\native\bin\libsodium-x64-v120-mt-0_7_0_0.pdb" />--> + <file src="..\..\bin\x64\Debug\v120\dynamic\libsodium.pdb" target="build\native\bin\libsodium-x64-v120-mt-gd-0_7_0_0.pdb" /> <!-- x64 Import libraries (.imp.lib) --> - <file src="..\..\bin\x64\Release\v120\dynamic\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-0_6_0_1.imp.lib" /> - <file src="..\..\bin\x64\Debug\v120\dynamic\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-gd-0_6_0_1.imp.lib" /> + <file src="..\..\bin\x64\Release\v120\dynamic\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-0_7_0_0.imp.lib" /> + <file src="..\..\bin\x64\Debug\v120\dynamic\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-gd-0_7_0_0.imp.lib" /> <!-- x64 Export libraries (.exp) --> - <file src="..\..\bin\x64\Release\v120\dynamic\libsodium.exp" target="build\native\bin\libsodium-x64-v120-mt-0_6_0_1.exp" /> - <file src="..\..\bin\x64\Debug\v120\dynamic\libsodium.exp" target="build\native\bin\libsodium-x64-v120-mt-gd-0_6_0_1.exp" /> + <file src="..\..\bin\x64\Release\v120\dynamic\libsodium.exp" target="build\native\bin\libsodium-x64-v120-mt-0_7_0_0.exp" /> + <file src="..\..\bin\x64\Debug\v120\dynamic\libsodium.exp" target="build\native\bin\libsodium-x64-v120-mt-gd-0_7_0_0.exp" /> <!-- x64 Static libraries (.lib) --> - <file src="..\..\bin\x64\Release\v120\static\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-s-0_6_0_1.lib" /> - <file src="..\..\bin\x64\Debug\v120\static\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-sgd-0_6_0_1.lib" /> + <file src="..\..\bin\x64\Release\v120\static\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-s-0_7_0_0.lib" /> + <file src="..\..\bin\x64\Debug\v120\static\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-sgd-0_7_0_0.lib" /> <!-- x64 Static link time code generation libraries (.ltcg.lib) --> - <file src="..\..\bin\x64\Release\v120\ltcg\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-s-0_6_0_1.ltcg.lib" /> - <file src="..\..\bin\x64\Debug\v120\ltcg\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-sgd-0_6_0_1.ltcg.lib" /> + <file src="..\..\bin\x64\Release\v120\ltcg\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-s-0_7_0_0.ltcg.lib" /> + <file src="..\..\bin\x64\Debug\v120\ltcg\libsodium.lib" target="build\native\bin\libsodium-x64-v120-mt-sgd-0_7_0_0.ltcg.lib" /> </files> <!-- ################################################################# diff --git a/packaging/nuget/package.targets b/packaging/nuget/package.targets index c6a049c..e0e130d 100644 --- a/packaging/nuget/package.targets +++ b/packaging/nuget/package.targets @@ -30,66 +30,66 @@ <!-- static libraries --> <ItemDefinitionGroup Condition="'$(Platform)' == 'Win32' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'static' And $(Configuration.IndexOf('Release')) != -1"> <Link> - <AdditionalDependencies>libsodium-x86-v120-mt-s-0_6_0_1.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x86-v120-mt-s-0_7_0_0.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'Win32' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'static' And $(Configuration.IndexOf('Debug')) != -1"> <Link> - <AdditionalDependencies>libsodium-x86-v120-mt-sgd-0_6_0_1.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x86-v120-mt-sgd-0_7_0_0.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'x64' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'static' And $(Configuration.IndexOf('Release')) != -1"> <Link> - <AdditionalDependencies>libsodium-x64-v120-mt-s-0_6_0_1.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x64-v120-mt-s-0_7_0_0.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'x64' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'static' And $(Configuration.IndexOf('Debug')) != -1"> <Link> - <AdditionalDependencies>libsodium-x64-v120-mt-sgd-0_6_0_1.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x64-v120-mt-sgd-0_7_0_0.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <!-- static ltcg libraries --> <ItemDefinitionGroup Condition="'$(Platform)' == 'Win32' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'ltcg' And $(Configuration.IndexOf('Release')) != -1"> <Link> - <AdditionalDependencies>libsodium-x86-v120-mt-s-0_6_0_1.ltcg.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x86-v120-mt-s-0_7_0_0.ltcg.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'Win32' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'ltcg' And $(Configuration.IndexOf('Debug')) != -1"> <Link> - <AdditionalDependencies>libsodium-x86-v120-mt-sgd-0_6_0_1.ltcg.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x86-v120-mt-sgd-0_7_0_0.ltcg.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'x64' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'ltcg' And $(Configuration.IndexOf('Release')) != -1"> <Link> - <AdditionalDependencies>libsodium-x64-v120-mt-s-0_6_0_1.ltcg.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x64-v120-mt-s-0_7_0_0.ltcg.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'x64' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'ltcg' And $(Configuration.IndexOf('Debug')) != -1"> <Link> - <AdditionalDependencies>libsodium-x64-v120-mt-sgd-0_6_0_1.ltcg.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x64-v120-mt-sgd-0_7_0_0.ltcg.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <!-- dynamic import libraries --> <ItemDefinitionGroup Condition="'$(Platform)' == 'Win32' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'dynamic' And $(Configuration.IndexOf('Release')) != -1"> <Link> - <AdditionalDependencies>libsodium-x86-v120-mt-0_6_0_1.imp.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x86-v120-mt-0_7_0_0.imp.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'Win32' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'dynamic' And $(Configuration.IndexOf('Debug')) != -1"> <Link> - <AdditionalDependencies>libsodium-x86-v120-mt-gd-0_6_0_1.imp.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x86-v120-mt-gd-0_7_0_0.imp.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'x64' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'dynamic' And $(Configuration.IndexOf('Release')) != -1"> <Link> - <AdditionalDependencies>libsodium-x64-v120-mt-0_6_0_1.imp.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x64-v120-mt-0_7_0_0.imp.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> <ItemDefinitionGroup Condition="'$(Platform)' == 'x64' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'dynamic' And $(Configuration.IndexOf('Debug')) != -1"> <Link> - <AdditionalDependencies>libsodium-x64-v120-mt-gd-0_6_0_1.imp.lib;%(AdditionalDependencies)</AdditionalDependencies> + <AdditionalDependencies>libsodium-x64-v120-mt-gd-0_7_0_0.imp.lib;%(AdditionalDependencies)</AdditionalDependencies> </Link> </ItemDefinitionGroup> @@ -98,26 +98,26 @@ <Target Name="libsodium_AfterBuild_Win32_v120_Dynamic_Release" Condition="'$(Platform)' == 'Win32' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'dynamic' And $(Configuration.IndexOf('Release')) != -1" AfterTargets="libsodium_AfterBuild"> - <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x86-v120-mt-0_6_0_1.dll" DestinationFiles="$(TargetDir)libsodium.dll" SkipUnchangedFiles="true" /> - <!--<Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x86-v120-mt-0_6_0_1.pdb" DestinationFiles="$(TargetDir)libsodium.pdb" SkipUnchangedFiles="true" />--> + <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x86-v120-mt-0_7_0_0.dll" DestinationFiles="$(TargetDir)libsodium.dll" SkipUnchangedFiles="true" /> + <!--<Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x86-v120-mt-0_7_0_0.pdb" DestinationFiles="$(TargetDir)libsodium.pdb" SkipUnchangedFiles="true" />--> </Target> <Target Name="libsodium_AfterBuild_Win32_v120_Dynamic_Debug" Condition="'$(Platform)' == 'Win32' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'dynamic' And $(Configuration.IndexOf('Debug')) != -1" AfterTargets="libsodium_AfterBuild"> - <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x86-v120-mt-gd-0_6_0_1.dll" DestinationFiles="$(TargetDir)libsodium.dll" SkipUnchangedFiles="true" /> - <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x86-v120-mt-gd-0_6_0_1.pdb" DestinationFiles="$(TargetDir)libsodium.pdb" SkipUnchangedFiles="true" /> + <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x86-v120-mt-gd-0_7_0_0.dll" DestinationFiles="$(TargetDir)libsodium.dll" SkipUnchangedFiles="true" /> + <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x86-v120-mt-gd-0_7_0_0.pdb" DestinationFiles="$(TargetDir)libsodium.pdb" SkipUnchangedFiles="true" /> </Target> <Target Name="libsodium_AfterBuild_x64_v120_Dynamic_Release" Condition="'$(Platform)' == 'x64' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'dynamic' And $(Configuration.IndexOf('Release')) != -1" AfterTargets="libsodium_AfterBuild"> - <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x64-v120-mt-0_6_0_1.dll" DestinationFiles="$(TargetDir)libsodium.dll" SkipUnchangedFiles="true" /> - <!--<Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x64-v120-mt-0_6_0_1.pdb" DestinationFiles="$(TargetDir)libsodium.pdb" SkipUnchangedFiles="true" />--> + <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x64-v120-mt-0_7_0_0.dll" DestinationFiles="$(TargetDir)libsodium.dll" SkipUnchangedFiles="true" /> + <!--<Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x64-v120-mt-0_7_0_0.pdb" DestinationFiles="$(TargetDir)libsodium.pdb" SkipUnchangedFiles="true" />--> </Target> <Target Name="libsodium_AfterBuild_x64_v120_Dynamic_Debug" Condition="'$(Platform)' == 'x64' And ('$(PlatformToolset)' == 'v120' Or '$(PlatformToolset)' == 'CTP_Nov2013') And '$(Linkage-libsodium)' == 'dynamic' And $(Configuration.IndexOf('Debug')) != -1" AfterTargets="libsodium_AfterBuild"> - <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x64-v120-mt-gd-0_6_0_1.dll" DestinationFiles="$(TargetDir)libsodium.dll" SkipUnchangedFiles="true" /> - <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x64-v120-mt-gd-0_6_0_1.pdb" DestinationFiles="$(TargetDir)libsodium.pdb" SkipUnchangedFiles="true" /> + <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x64-v120-mt-gd-0_7_0_0.dll" DestinationFiles="$(TargetDir)libsodium.dll" SkipUnchangedFiles="true" /> + <Copy SourceFiles="$(MSBuildThisFileDirectory)bin\libsodium-x64-v120-mt-gd-0_7_0_0.pdb" DestinationFiles="$(TargetDir)libsodium.pdb" SkipUnchangedFiles="true" /> </Target> <!-- diff --git a/src/libsodium/Makefile.am b/src/libsodium/Makefile.am index 4c6260a..869c439 100644 --- a/src/libsodium/Makefile.am +++ b/src/libsodium/Makefile.am @@ -224,14 +224,6 @@ libsodium_la_SOURCES += \ crypto_stream/aes128ctr/portable/stream_aes128ctr.c \ crypto_stream/aes128ctr/portable/types.h \ crypto_stream/aes128ctr/portable/xor_afternm_aes128ctr.c \ - crypto_stream/aes256estream/hongjun/aes-table.h \ - crypto_stream/aes256estream/hongjun/aes-table-be.h \ - crypto_stream/aes256estream/hongjun/aes-table-le.h \ - crypto_stream/aes256estream/hongjun/aes256-ctr.c \ - crypto_stream/aes256estream/hongjun/aes256.h \ - crypto_stream/aes256estream/stream_aes256estream_api.c \ - crypto_stream/aes256estream/hongjun/api.h \ - crypto_stream/aes256estream/hongjun/ecrypt-sync.h \ crypto_stream/salsa2012/stream_salsa2012_api.c \ crypto_stream/salsa2012/ref/api.h \ crypto_stream/salsa2012/ref/stream_salsa2012.c \ @@ -239,8 +231,7 @@ libsodium_la_SOURCES += \ crypto_stream/salsa208/stream_salsa208_api.c \ crypto_stream/salsa208/ref/api.h \ crypto_stream/salsa208/ref/stream_salsa208.c \ - crypto_stream/salsa208/ref/xor_salsa208.c \ - sodium/compat.c + crypto_stream/salsa208/ref/xor_salsa208.c endif libsodium_la_LDFLAGS = \ diff --git a/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c b/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c index 3439cb3..945efe3 100644 --- a/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c +++ b/src/libsodium/crypto_aead/chacha20poly1305/sodium/aead_chacha20poly1305.c @@ -37,6 +37,7 @@ crypto_aead_chacha20poly1305_encrypt(unsigned char *c, unsigned char slen[8U]; (void) nsec; +/* LCOV_EXCL_START */ #ifdef ULONG_LONG_MAX if (mlen > ULONG_LONG_MAX - crypto_aead_chacha20poly1305_ABYTES) { if (clen != NULL) { @@ -45,6 +46,7 @@ crypto_aead_chacha20poly1305_encrypt(unsigned char *c, return -1; } #endif +/* LCOV_EXCL_STOP */ crypto_stream_chacha20(block0, sizeof block0, npub, k); crypto_onetimeauth_poly1305_init(&state, block0); diff --git a/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c b/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c index b6cf489..be9d34f 100644 --- a/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c +++ b/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c @@ -1,9 +1,11 @@ #include "api.h" #include "crypto_verify_32.h" +#include "utils.h" int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned long long inlen,const unsigned char *k) { unsigned char correct[32]; crypto_auth(correct,in,inlen,k); - return crypto_verify_32(h,correct); + return crypto_verify_32(h,correct) | (-(h - correct == 0)) | + sodium_memcmp(correct,h,32); } diff --git a/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c b/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c index fccdc1a..28e0dfb 100644 --- a/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c +++ b/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c @@ -1,10 +1,12 @@ #include "api.h" #include "crypto_verify_64.h" +#include "utils.h" int crypto_auth_verify(const unsigned char *h, const unsigned char *in, unsigned long long inlen, const unsigned char *k) { unsigned char correct[64]; crypto_auth(correct,in,inlen,k); - return crypto_verify_64(h,correct); + return crypto_verify_64(h,correct) | (-(h - correct == 0)) | + sodium_memcmp(correct,h,64); } diff --git a/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c b/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c index 1e6e18d..6c263f3 100644 --- a/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c +++ b/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c @@ -1,10 +1,12 @@ #include "api.h" #include "crypto_verify_32.h" +#include "utils.h" int crypto_auth_verify(const unsigned char *h, const unsigned char *in, unsigned long long inlen, const unsigned char *k) { unsigned char correct[32]; crypto_auth(correct,in,inlen,k); - return crypto_verify_32(h,correct); + return crypto_verify_32(h,correct) | (-(h - correct == 0)) | + sodium_memcmp(correct,h,32); } diff --git a/src/libsodium/crypto_auth/try.c b/src/libsodium/crypto_auth/try.c deleted file mode 100644 index c2f2c80..0000000 --- a/src/libsodium/crypto_auth/try.c +++ /dev/null @@ -1,119 +0,0 @@ -/* - * crypto_auth/try.c version 20090118 - * D. J. Bernstein - * Public domain. - */ - -#include <stdlib.h> -#include "crypto_hash_sha256.h" -#include "crypto_auth.h" -#include "utils.h" -#include "windows/windows-quirks.h" - -extern unsigned char *alignedcalloc(unsigned long long); - -const char *primitiveimplementation = crypto_auth_IMPLEMENTATION; - -#define MAXTEST_BYTES 10000 -#define CHECKSUM_BYTES 4096 -#define TUNE_BYTES 1536 - -static unsigned char *h; -static unsigned char *m; -static unsigned char *k; -static unsigned char *h2; -static unsigned char *m2; -static unsigned char *k2; - -void preallocate(void) -{ -} - -void allocate(void) -{ - h = alignedcalloc(crypto_auth_BYTES); - m = alignedcalloc(MAXTEST_BYTES); - k = alignedcalloc(crypto_auth_KEYBYTES); - h2 = alignedcalloc(crypto_auth_BYTES); - m2 = alignedcalloc(MAXTEST_BYTES + crypto_auth_BYTES); - k2 = alignedcalloc(crypto_auth_KEYBYTES + crypto_auth_BYTES); -} - -void predoit(void) -{ -} - -void doit(void) -{ - crypto_auth(h,m,TUNE_BYTES,k); - crypto_auth_verify(h,m,TUNE_BYTES,k); -} - -char checksum[crypto_auth_BYTES * 2 + 1]; - -const char *checksum_compute(void) -{ - long long i; - long long j; - - for (i = 0;i < CHECKSUM_BYTES;++i) { - long long mlen = i; - long long klen = crypto_auth_KEYBYTES; - long long hlen = crypto_auth_BYTES; - - for (j = -16;j < 0;++j) h[j] = rand(); - for (j = -16;j < 0;++j) k[j] = rand(); - for (j = -16;j < 0;++j) m[j] = rand(); - for (j = hlen;j < hlen + 16;++j) h[j] = rand(); - for (j = klen;j < klen + 16;++j) k[j] = rand(); - for (j = mlen;j < mlen + 16;++j) m[j] = rand(); - for (j = -16;j < hlen + 16;++j) h2[j] = h[j]; - for (j = -16;j < klen + 16;++j) k2[j] = k[j]; - for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; - - if (crypto_auth(h,m,mlen,k) != 0) return "crypto_auth returns nonzero"; - - for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_auth overwrites k"; - for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_auth overwrites m"; - for (j = -16;j < 0;++j) if (h[j] != h2[j]) return "crypto_auth writes before output"; - for (j = hlen;j < hlen + 16;++j) if (h[j] != h2[j]) return "crypto_auth writes after output"; - - for (j = -16;j < 0;++j) h[j] = rand(); - for (j = -16;j < 0;++j) k[j] = rand(); - for (j = -16;j < 0;++j) m[j] = rand(); - for (j = hlen;j < hlen + 16;++j) h[j] = rand(); - for (j = klen;j < klen + 16;++j) k[j] = rand(); - for (j = mlen;j < mlen + 16;++j) m[j] = rand(); - for (j = -16;j < hlen + 16;++j) h2[j] = h[j]; - for (j = -16;j < klen + 16;++j) k2[j] = k[j]; - for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; - - if (crypto_auth(m2,m2,mlen,k) != 0) return "crypto_auth returns nonzero"; - for (j = 0;j < hlen;++j) if (m2[j] != h[j]) return "crypto_auth does not handle m overlap"; - for (j = 0;j < hlen;++j) m2[j] = m[j]; - if (crypto_auth(k2,m2,mlen,k2) != 0) return "crypto_auth returns nonzero"; - for (j = 0;j < hlen;++j) if (k2[j] != h[j]) return "crypto_auth does not handle k overlap"; - for (j = 0;j < hlen;++j) k2[j] = k[j]; - - if (crypto_auth_verify(h,m,mlen,k) != 0) return "crypto_auth_verify returns nonzero"; - - for (j = -16;j < hlen + 16;++j) if (h[j] != h2[j]) return "crypto_auth overwrites h"; - for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_auth overwrites k"; - for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_auth overwrites m"; - - crypto_hash_sha256(h2,h,hlen); - for (j = 0;j < klen;++j) k[j] ^= h2[j % 32]; - if (crypto_auth(h,m,mlen,k) != 0) return "crypto_auth returns nonzero"; - if (crypto_auth_verify(h,m,mlen,k) != 0) return "crypto_auth_verify returns nonzero"; - - crypto_hash_sha256(h2,h,hlen); - for (j = 0;j < mlen;++j) m[j] ^= h2[j % 32]; - m[mlen] = h2[0]; - } - if (crypto_auth(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_auth returns nonzero"; - if (crypto_auth_verify(h,m,CHECKSUM_BYTES,k) != 0) return "crypto_auth_verify returns nonzero"; - - sodium_bin2hex(checksum, sizeof checksum, h, crypto_auth_BYTES); - - return 0; -} diff --git a/src/libsodium/crypto_box/crypto_box_easy.c b/src/libsodium/crypto_box/crypto_box_easy.c index 7224f24..7f39e22 100644 --- a/src/libsodium/crypto_box/crypto_box_easy.c +++ b/src/libsodium/crypto_box/crypto_box_easy.c @@ -1,4 +1,8 @@ +#include <limits.h> +#include <stdint.h> +#include <stdlib.h> + #include "crypto_box.h" #include "crypto_secretbox.h" #include "utils.h" @@ -26,6 +30,9 @@ crypto_box_easy(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *pk, const unsigned char *sk) { + if (mlen > SIZE_MAX - crypto_box_MACBYTES) { + return -1; + } return crypto_box_detached(c + crypto_box_MACBYTES, c, m, mlen, n, pk, sk); } diff --git a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c index 88183ea..e2a03fa 100644 --- a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c +++ b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c @@ -22,6 +22,6 @@ int crypto_box_keypair( unsigned char *sk ) { - randombytes(sk,32); + randombytes_buf(sk,32); return crypto_scalarmult_curve25519_base(pk,sk); } diff --git a/src/libsodium/crypto_box/try.c b/src/libsodium/crypto_box/try.c deleted file mode 100644 index 5f4b7cb..0000000 --- a/src/libsodium/crypto_box/try.c +++ /dev/null @@ -1,195 +0,0 @@ -/* - * crypto_box/try.c version 20090118 - * D. J. Bernstein - * Public domain. - */ - -#include <stdlib.h> -#include "crypto_box.h" -#include "utils.h" -#include "windows/windows-quirks.h" - -extern unsigned char *alignedcalloc(unsigned long long); - -const char *primitiveimplementation = crypto_box_IMPLEMENTATION; - -#define MAXTEST_BYTES 10000 -#define CHECKSUM_BYTES 4096 -#define TUNE_BYTES 1536 - -static unsigned char *ska; -static unsigned char *pka; -static unsigned char *skb; -static unsigned char *pkb; -static unsigned char *s; -static unsigned char *n; -static unsigned char *m; -static unsigned char *c; -static unsigned char *t; -static unsigned char *ska2; -static unsigned char *pka2; -static unsigned char *skb2; -static unsigned char *pkb2; -static unsigned char *s2; -static unsigned char *n2; -static unsigned char *m2; -static unsigned char *c2; -static unsigned char *t2; - -#define sklen crypto_box_SECRETKEYBYTES -#define pklen crypto_box_PUBLICKEYBYTES -#define nlen crypto_box_NONCEBYTES -#define slen crypto_box_BEFORENMBYTES - -void preallocate(void) -{ -} - -void allocate(void) -{ - ska = alignedcalloc(sklen); - pka = alignedcalloc(pklen); - skb = alignedcalloc(sklen); - pkb = alignedcalloc(pklen); - n = alignedcalloc(nlen); - m = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES); - c = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES); - t = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES); - s = alignedcalloc(slen); - ska2 = alignedcalloc(sklen); - pka2 = alignedcalloc(pklen); - skb2 = alignedcalloc(sklen); - pkb2 = alignedcalloc(pklen); - n2 = alignedcalloc(nlen); - m2 = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES); - c2 = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES); - t2 = alignedcalloc(MAXTEST_BYTES + crypto_box_ZEROBYTES); - s2 = alignedcalloc(slen); -} - -void predoit(void) -{ -} - -void doit(void) -{ - crypto_box(c,m,TUNE_BYTES + crypto_box_ZEROBYTES,n,pka,skb); - crypto_box_open(t,c,TUNE_BYTES + crypto_box_ZEROBYTES,n,pkb,ska); -} - -char checksum[nlen * 2 + 1]; - -const char *checksum_compute(void) -{ - long long i; - long long j; - - if (crypto_box_keypair(pka,ska) != 0) return "crypto_box_keypair returns nonzero"; - if (crypto_box_keypair(pkb,skb) != 0) return "crypto_box_keypair returns nonzero"; - - for (j = 0;j < crypto_box_ZEROBYTES;++j) m[j] = 0; - - for (i = 0;i < CHECKSUM_BYTES;++i) { - long long mlen = i + crypto_box_ZEROBYTES; - long long tlen = i + crypto_box_ZEROBYTES; - long long clen = i + crypto_box_ZEROBYTES; - - for (j = -16;j < 0;++j) ska[j] = rand(); - for (j = -16;j < 0;++j) skb[j] = rand(); - for (j = -16;j < 0;++j) pka[j] = rand(); - for (j = -16;j < 0;++j) pkb[j] = rand(); - for (j = -16;j < 0;++j) m[j] = rand(); - for (j = -16;j < 0;++j) n[j] = rand(); - - for (j = sklen;j < sklen + 16;++j) ska[j] = rand(); - for (j = sklen;j < sklen + 16;++j) skb[j] = rand(); - for (j = pklen;j < pklen + 16;++j) pka[j] = rand(); - for (j = pklen;j < pklen + 16;++j) pkb[j] = rand(); - for (j = mlen;j < mlen + 16;++j) m[j] = rand(); - for (j = nlen;j < nlen + 16;++j) n[j] = rand(); - - for (j = -16;j < sklen + 16;++j) ska2[j] = ska[j]; - for (j = -16;j < sklen + 16;++j) skb2[j] = skb[j]; - for (j = -16;j < pklen + 16;++j) pka2[j] = pka[j]; - for (j = -16;j < pklen + 16;++j) pkb2[j] = pkb[j]; - for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; - for (j = -16;j < nlen + 16;++j) n2[j] = n[j]; - for (j = -16;j < clen + 16;++j) c2[j] = c[j] = rand(); - - if (crypto_box(c,m,mlen,n,pkb,ska) != 0) return "crypto_box returns nonzero"; - - for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_box overwrites m"; - for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_box overwrites n"; - for (j = -16;j < 0;++j) if (c2[j] != c[j]) return "crypto_box writes before output"; - for (j = clen;j < clen + 16;++j) if (c2[j] != c[j]) return "crypto_box writes after output"; - for (j = 0;j < crypto_box_BOXZEROBYTES;++j) - if (c[j] != 0) return "crypto_box does not clear extra bytes"; - - for (j = -16;j < sklen + 16;++j) if (ska2[j] != ska[j]) return "crypto_box overwrites ska"; - for (j = -16;j < sklen + 16;++j) if (skb2[j] != skb[j]) return "crypto_box overwrites skb"; - for (j = -16;j < pklen + 16;++j) if (pka2[j] != pka[j]) return "crypto_box overwrites pka"; - for (j = -16;j < pklen + 16;++j) if (pkb2[j] != pkb[j]) return "crypto_box overwrites pkb"; - - for (j = -16;j < 0;++j) c[j] = rand(); - for (j = clen;j < clen + 16;++j) c[j] = rand(); - for (j = -16;j < clen + 16;++j) c2[j] = c[j]; - for (j = -16;j < tlen + 16;++j) t2[j] = t[j] = rand(); - - if (crypto_box_open(t,c,clen,n,pka,skb) != 0) return "crypto_box_open returns nonzero"; - - for (j = -16;j < clen + 16;++j) if (c2[j] != c[j]) return "crypto_box_open overwrites c"; - for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_box_open overwrites n"; - for (j = -16;j < 0;++j) if (t2[j] != t[j]) return "crypto_box_open writes before output"; - for (j = tlen;j < tlen + 16;++j) if (t2[j] != t[j]) return "crypto_box_open writes after output"; - for (j = 0;j < crypto_box_ZEROBYTES;++j) - if (t[j] != 0) return "crypto_box_open does not clear extra bytes"; - - for (j = -16;j < sklen + 16;++j) if (ska2[j] != ska[j]) return "crypto_box_open overwrites ska"; - for (j = -16;j < sklen + 16;++j) if (skb2[j] != skb[j]) return "crypto_box_open overwrites skb"; - for (j = -16;j < pklen + 16;++j) if (pka2[j] != pka[j]) return "crypto_box_open overwrites pka"; - for (j = -16;j < pklen + 16;++j) if (pkb2[j] != pkb[j]) return "crypto_box_open overwrites pkb"; - - for (j = 0;j < mlen;++j) if (t[j] != m[j]) return "plaintext does not match"; - - for (j = -16;j < slen + 16;++j) s2[j] = s[j] = rand(); - if (crypto_box_beforenm(s,pkb,ska) != 0) return "crypto_box_beforenm returns nonzero"; - for (j = -16;j < pklen + 16;++j) if (pka2[j] != pka[j]) return "crypto_box_open overwrites pk"; - for (j = -16;j < sklen + 16;++j) if (skb2[j] != skb[j]) return "crypto_box_open overwrites sk"; - for (j = -16;j < 0;++j) if (s2[j] != s[j]) return "crypto_box_beforenm writes before output"; - for (j = slen;j < slen + 16;++j) if (s2[j] != s[j]) return "crypto_box_beforenm writes after output"; - - for (j = -16;j < slen + 16;++j) s2[j] = s[j]; - for (j = -16;j < tlen + 16;++j) t2[j] = t[j] = rand(); - if (crypto_box_afternm(t,m,mlen,n,s) != 0) return "crypto_box_afternm returns nonzero"; - for (j = -16;j < slen + 16;++j) if (s2[j] != s[j]) return "crypto_box_afternm overwrites s"; - for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_box_afternm overwrites m"; - for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_box_afternm overwrites n"; - for (j = -16;j < 0;++j) if (t2[j] != t[j]) return "crypto_box_afternm writes before output"; - for (j = tlen;j < tlen + 16;++j) if (t2[j] != t[j]) return "crypto_box_afternm writes after output"; - for (j = 0;j < crypto_box_BOXZEROBYTES;++j) - if (t[j] != 0) return "crypto_box_afternm does not clear extra bytes"; - for (j = 0;j < mlen;++j) if (t[j] != c[j]) return "crypto_box_afternm does not match crypto_box"; - - if (crypto_box_beforenm(s,pka,skb) != 0) return "crypto_box_beforenm returns nonzero"; - - for (j = -16;j < tlen + 16;++j) t2[j] = t[j] = rand(); - if (crypto_box_open_afternm(t,c,clen,n,s) != 0) return "crypto_box_open_afternm returns nonzero"; - for (j = -16;j < slen + 16;++j) if (s2[j] != s[j]) return "crypto_box_open_afternm overwrites s"; - for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_box_open_afternm overwrites m"; - for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_box_open_afternm overwrites n"; - for (j = -16;j < 0;++j) if (t2[j] != t[j]) return "crypto_box_open_afternm writes before output"; - for (j = tlen;j < tlen + 16;++j) if (t2[j] != t[j]) return "crypto_box_open_afternm writes after output"; - for (j = 0;j < crypto_box_ZEROBYTES;++j) - if (t[j] != 0) return "crypto_box_open_afternm does not clear extra bytes"; - for (j = 0;j < mlen;++j) if (t[j] != m[j]) return "crypto_box_open_afternm does not match crypto_box_open"; - - for (j = 0;j < i;++j) n[j % nlen] ^= c[j + crypto_box_BOXZEROBYTES]; - if (i == 0) m[crypto_box_ZEROBYTES] = 0; - m[i + crypto_box_ZEROBYTES] = m[crypto_box_ZEROBYTES]; - for (j = 0;j < i;++j) m[j + crypto_box_ZEROBYTES] ^= c[j + crypto_box_BOXZEROBYTES]; - } - - sodium_bin2hex(checksum, sizeof checksum, n, nlen); - - return 0; -} diff --git a/src/libsodium/crypto_generichash/blake2/ref/blake2-impl.h b/src/libsodium/crypto_generichash/blake2/ref/blake2-impl.h index 276d305..1838bff 100644 --- a/src/libsodium/crypto_generichash/blake2/ref/blake2-impl.h +++ b/src/libsodium/crypto_generichash/blake2/ref/blake2-impl.h @@ -15,13 +15,16 @@ #define __BLAKE2_IMPL_H__ #include <stdint.h> +#include <string.h> #include "utils.h" static inline uint32_t load32( const void *src ) { #if defined(NATIVE_LITTLE_ENDIAN) - return *( uint32_t * )( src ); + uint32_t w; + memcpy(&w, src, sizeof w); + return w; #else const uint8_t *p = ( const uint8_t * )src; uint32_t w = *p++; @@ -35,7 +38,9 @@ static inline uint32_t load32( const void *src ) static inline uint64_t load64( const void *src ) { #if defined(NATIVE_LITTLE_ENDIAN) - return *( uint64_t * )( src ); + uint64_t w; + memcpy(&w, src, sizeof w); + return w; #else const uint8_t *p = ( const uint8_t * )src; uint64_t w = *p++; @@ -53,7 +58,7 @@ static inline uint64_t load64( const void *src ) static inline void store32( void *dst, uint32_t w ) { #if defined(NATIVE_LITTLE_ENDIAN) - *( uint32_t * )( dst ) = w; + memcpy(dst, &w, sizeof w); #else uint8_t *p = ( uint8_t * )dst; *p++ = ( uint8_t )w; w >>= 8; @@ -66,7 +71,7 @@ static inline void store32( void *dst, uint32_t w ) static inline void store64( void *dst, uint64_t w ) { #if defined(NATIVE_LITTLE_ENDIAN) - *( uint64_t * )( dst ) = w; + memcpy(dst, &w, sizeof w); #else uint8_t *p = ( uint8_t * )dst; *p++ = ( uint8_t )w; w >>= 8; diff --git a/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c b/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c index 9cc7ede..2610477 100644 --- a/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c +++ b/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c @@ -43,11 +43,13 @@ static const uint8_t blake2b_sigma[12][16] = }; +/* LCOV_EXCL_START */ static inline int blake2b_set_lastnode( blake2b_state *S ) { S->f[1] = ~0ULL; return 0; } +/* LCOV_EXCL_STOP */ #if 0 static inline int blake2b_clear_lastnode( blake2b_state *S ) { @@ -387,12 +389,15 @@ int blake2b_final( blake2b_state *S, uint8_t *out, uint8_t outlen ) uint8_t buffer[BLAKE2B_OUTBYTES]; int i; + if( outlen > BLAKE2B_OUTBYTES ) { + return -1; + } if( S->buflen > BLAKE2B_BLOCKBYTES ) { blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); blake2b_compress( S, S->buf ); S->buflen -= BLAKE2B_BLOCKBYTES; - memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, S->buflen ); + memmove( S->buf, S->buf + BLAKE2B_BLOCKBYTES, S->buflen ); } blake2b_increment_counter( S, S->buflen ); diff --git a/src/libsodium/crypto_generichash/blake2/ref/blake2s-ref.c b/src/libsodium/crypto_generichash/blake2/ref/blake2s-ref.c deleted file mode 100644 index 0e79aa5..0000000 --- a/src/libsodium/crypto_generichash/blake2/ref/blake2s-ref.c +++ /dev/null @@ -1,356 +0,0 @@ -/* - BLAKE2 reference source code package - reference C implementations - - Written in 2012 by Samuel Neves <sneves@dei.uc.pt> - - To the extent possible under law, the author(s) have dedicated all copyright - and related and neighboring rights to this software to the public domain - worldwide. This software is distributed without any warranty. - - You should have received a copy of the CC0 Public Domain Dedication along with - this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>. -*/ - -#include <stdint.h> -#include <string.h> -#include <stdio.h> - -#include "crypto_generichash_blake2b.h" -#include "blake2.h" -#include "blake2-impl.h" - -static const uint32_t blake2s_IV[8] = -{ - 0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL, - 0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL -}; - -static const uint8_t blake2s_sigma[10][16] = -{ - { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , - { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } , - { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } , - { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } , - { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } , - { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } , - { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } , - { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } , - { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } , - { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } , -}; - -static inline int blake2s_set_lastnode( blake2s_state *S ) -{ - S->f[1] = ~0U; - return 0; -} -#if 0 -static inline int blake2s_clear_lastnode( blake2s_state *S ) -{ - S->f[1] = 0U; - return 0; -} -#endif -/* Some helper functions, not necessarily useful */ -static inline int blake2s_set_lastblock( blake2s_state *S ) -{ - if( S->last_node ) blake2s_set_lastnode( S ); - - S->f[0] = ~0U; - return 0; -} -#if 0 -static inline int blake2s_clear_lastblock( blake2s_state *S ) -{ - if( S->last_node ) blake2s_clear_lastnode( S ); - - S->f[0] = 0U; - return 0; -} -#endif -static inline int blake2s_increment_counter( blake2s_state *S, const uint32_t inc ) -{ - S->t[0] += inc; - S->t[1] += ( S->t[0] < inc ); - return 0; -} - -// Parameter-related functions -#if 0 -static inline int blake2s_param_set_digest_length( blake2s_param *P, const uint8_t digest_length ) -{ - P->digest_length = digest_length; - return 0; -} - -static inline int blake2s_param_set_fanout( blake2s_param *P, const uint8_t fanout ) -{ - P->fanout = fanout; - return 0; -} - -static inline int blake2s_param_set_max_depth( blake2s_param *P, const uint8_t depth ) -{ - P->depth = depth; - return 0; -} - -static inline int blake2s_param_set_leaf_length( blake2s_param *P, const uint32_t leaf_length ) -{ - store32( &P->leaf_length, leaf_length ); - return 0; -} - -static inline int blake2s_param_set_node_offset( blake2s_param *P, const uint64_t node_offset ) -{ - store48( P->node_offset, node_offset ); - return 0; -} - -static inline int blake2s_param_set_node_depth( blake2s_param *P, const uint8_t node_depth ) -{ - P->node_depth = node_depth; - return 0; -} - -static inline int blake2s_param_set_inner_length( blake2s_param *P, const uint8_t inner_length ) -{ - P->inner_length = inner_length; - return 0; -} -#endif -static inline int blake2s_param_set_salt( blake2s_param *P, const uint8_t salt[BLAKE2S_SALTBYTES] ) -{ - memcpy( P->salt, salt, BLAKE2S_SALTBYTES ); - return 0; -} - -static inline int blake2s_param_set_personal( blake2s_param *P, const uint8_t personal[BLAKE2S_PERSONALBYTES] ) -{ - memcpy( P->personal, personal, BLAKE2S_PERSONALBYTES ); - return 0; -} - -static inline int blake2s_init0( blake2s_state *S ) -{ - int i; - - memset( S, 0, sizeof( blake2s_state ) ); - - for( i = 0; i < 8; ++i ) S->h[i] = blake2s_IV[i]; - - return 0; -} - -/* init2 xors IV with input parameter block */ -int blake2s_init_param( blake2s_state *S, const blake2s_param *P ) -{ - size_t i; - uint32_t *p; - - blake2s_init0( S ); - p = ( uint32_t * )( P ); - - /* IV XOR ParamBlock */ - for( i = 0; i < 8; ++i ) - S->h[i] ^= load32( &p[i] ); - - return 0; -} - - -// Sequential blake2s initialization -int blake2s_init( blake2s_state *S, const uint8_t outlen ) -{ - blake2s_param P[1]; - - /* Move interval verification here? */ - if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1; - - P->digest_length = outlen; - P->key_length = 0; - P->fanout = 1; - P->depth = 1; - store32( &P->leaf_length, 0 ); - store48( &P->node_offset, 0 ); - P->node_depth = 0; - P->inner_length = 0; - // memset(P->reserved, 0, sizeof(P->reserved) ); - memset( P->salt, 0, sizeof( P->salt ) ); - memset( P->personal, 0, sizeof( P->personal ) ); - return blake2s_init_param( S, P ); -} - -int blake2s_init_key( blake2s_state *S, const uint8_t outlen, const void *key, const uint8_t keylen ) -{ - blake2s_param P[1]; - - if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1; - - if ( !key || !keylen || keylen > BLAKE2S_KEYBYTES ) return -1; - - P->digest_length = outlen; - P->key_length = keylen; - P->fanout = 1; - P->depth = 1; - store32( &P->leaf_length, 0 ); - store48( &P->node_offset, 0 ); - P->node_depth = 0; - P->inner_length = 0; - // memset(P->reserved, 0, sizeof(P->reserved) ); - memset( P->salt, 0, sizeof( P->salt ) ); - memset( P->personal, 0, sizeof( P->personal ) ); - - if( blake2s_init_param( S, P ) < 0 ) return -1; - - { - uint8_t block[BLAKE2S_BLOCKBYTES]; - memset( block, 0, BLAKE2S_BLOCKBYTES ); - memcpy( block, key, keylen ); - blake2s_update( S, block, BLAKE2S_BLOCKBYTES ); - secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */ - } - return 0; -} - -static int blake2s_compress( blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES] ) -{ - uint32_t m[16]; - uint32_t v[16]; - size_t i; - - for( i = 0; i < 16; ++i ) - m[i] = load32( block + i * sizeof( m[i] ) ); - - for( i = 0; i < 8; ++i ) - v[i] = S->h[i]; - - v[ 8] = blake2s_IV[0]; - v[ 9] = blake2s_IV[1]; - v[10] = blake2s_IV[2]; - v[11] = blake2s_IV[3]; - v[12] = S->t[0] ^ blake2s_IV[4]; - v[13] = S->t[1] ^ blake2s_IV[5]; - v[14] = S->f[0] ^ blake2s_IV[6]; - v[15] = S->f[1] ^ blake2s_IV[7]; -#define G(r,i,a,b,c,d) \ - do { \ - a = a + b + m[blake2s_sigma[r][2*i+0]]; \ - d = rotr32(d ^ a, 16); \ - c = c + d; \ - b = rotr32(b ^ c, 12); \ - a = a + b + m[blake2s_sigma[r][2*i+1]]; \ - d = rotr32(d ^ a, 8); \ - c = c + d; \ - b = rotr32(b ^ c, 7); \ - } while(0) -#define ROUND(r) \ - do { \ - G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \ - G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \ - G(r,2,v[ 2],v[ 6],v[10],v[14]); \ - G(r,3,v[ 3],v[ 7],v[11],v[15]); \ - G(r,4,v[ 0],v[ 5],v[10],v[15]); \ - G(r,5,v[ 1],v[ 6],v[11],v[12]); \ - G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \ - G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \ - } while(0) - ROUND( 0 ); - ROUND( 1 ); - ROUND( 2 ); - ROUND( 3 ); - ROUND( 4 ); - ROUND( 5 ); - ROUND( 6 ); - ROUND( 7 ); - ROUND( 8 ); - ROUND( 9 ); - - for( i = 0; i < 8; ++i ) - S->h[i] = S->h[i] ^ v[i] ^ v[i + 8]; - -#undef G -#undef ROUND - return 0; -} - - -int blake2s_update( blake2s_state *S, const uint8_t *in, uint64_t inlen ) -{ - while( inlen > 0 ) - { - size_t left = S->buflen; - size_t fill = 2 * BLAKE2S_BLOCKBYTES - left; - - if( inlen > fill ) - { - memcpy( S->buf + left, in, fill ); // Fill buffer - S->buflen += fill; - blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES ); - blake2s_compress( S, S->buf ); // Compress - memcpy( S->buf, S->buf + BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES ); // Shift buffer left - S->buflen -= BLAKE2S_BLOCKBYTES; - in += fill; - inlen -= fill; - } - else // inlen <= fill - { - memcpy( S->buf + left, in, inlen ); - S->buflen += inlen; // Be lazy, do not compress - in += inlen; - inlen -= inlen; - } - } - - return 0; -} - -int blake2s_final( blake2s_state *S, uint8_t *out, uint8_t outlen ) -{ - uint8_t buffer[BLAKE2S_OUTBYTES]; - int i; - - if( S->buflen > BLAKE2S_BLOCKBYTES ) - { - blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES ); - blake2s_compress( S, S->buf ); - S->buflen -= BLAKE2S_BLOCKBYTES; - memcpy( S->buf, S->buf + BLAKE2S_BLOCKBYTES, S->buflen ); - } - - blake2s_increment_counter( S, ( uint32_t )S->buflen ); - blake2s_set_lastblock( S ); - memset( S->buf + S->buflen, 0, 2 * BLAKE2S_BLOCKBYTES - S->buflen ); /* Padding */ - blake2s_compress( S, S->buf ); - - for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ - store32( buffer + sizeof( S->h[i] ) * i, S->h[i] ); - - memcpy( out, buffer, outlen ); - return 0; -} - -int blake2s( uint8_t *out, const void *in, const void *key, const uint8_t outlen, const uint64_t inlen, uint8_t keylen ) -{ - blake2s_state S[1]; - - /* Verify parameters */ - if ( NULL == in ) return -1; - - if ( NULL == out ) return -1; - - if ( NULL == key ) keylen = 0; /* Fail here instead if keylen != 0 and key == NULL? */ - - if( keylen > 0 ) - { - if( blake2s_init_key( S, outlen, key, keylen ) < 0 ) return -1; - } - else - { - if( blake2s_init( S, outlen ) < 0 ) return -1; - } - - blake2s_update( S, ( uint8_t * )in, inlen ); - blake2s_final( S, out, outlen ); - return 0; -} diff --git a/src/libsodium/crypto_generichash/blake2/ref/generichash_blake2b.c b/src/libsodium/crypto_generichash/blake2/ref/generichash_blake2b.c index 6a637ec..7253cbf 100644 --- a/src/libsodium/crypto_generichash/blake2/ref/generichash_blake2b.c +++ b/src/libsodium/crypto_generichash/blake2/ref/generichash_blake2b.c @@ -54,11 +54,11 @@ crypto_generichash_blake2b_init(crypto_generichash_blake2b_state *state, assert(keylen <= UINT8_MAX); if (key == NULL || keylen <= 0U) { if (blake2b_init(state, (uint8_t) outlen) != 0) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } } else if (blake2b_init_key(state, (uint8_t) outlen, key, (uint8_t) keylen) != 0) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } return 0; } @@ -79,13 +79,13 @@ crypto_generichash_blake2b_init_salt_personal(crypto_generichash_blake2b_state * if (key == NULL || keylen <= 0U) { if (blake2b_init_salt_personal(state, (uint8_t) outlen, salt, personal) != 0) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } } else if (blake2b_init_key_salt_personal(state, (uint8_t) outlen, key, (uint8_t) keylen, salt, personal) != 0) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } return 0; } diff --git a/src/libsodium/crypto_hash/sha256/cp/hash_sha256.c b/src/libsodium/crypto_hash/sha256/cp/hash_sha256.c index 721bbe9..738794a 100644 --- a/src/libsodium/crypto_hash/sha256/cp/hash_sha256.c +++ b/src/libsodium/crypto_hash/sha256/cp/hash_sha256.c @@ -245,9 +245,11 @@ crypto_hash_sha256_update(crypto_hash_sha256_state *state, bitlen[1] = ((uint32_t)inlen) << 3; bitlen[0] = (uint32_t)(inlen >> 29); + /* LCOV_EXCL_START */ if ((state->count[1] += bitlen[1]) < bitlen[1]) { state->count[0]++; } + /* LCOV_EXCL_STOP */ state->count[0] += bitlen[0]; if (inlen < 64 - r) { diff --git a/src/libsodium/crypto_hash/sha512/cp/hash_sha512.c b/src/libsodium/crypto_hash/sha512/cp/hash_sha512.c index a740770..e85be74 100644 --- a/src/libsodium/crypto_hash/sha512/cp/hash_sha512.c +++ b/src/libsodium/crypto_hash/sha512/cp/hash_sha512.c @@ -272,9 +272,11 @@ crypto_hash_sha512_update(crypto_hash_sha512_state *state, bitlen[1] = ((uint64_t)inlen) << 3; bitlen[0] = ((uint64_t)inlen) >> 61; + /* LCOV_EXCL_START */ if ((state->count[1] += bitlen[1]) < bitlen[1]) { state->count[0]++; } + /* LCOV_EXCL_STOP */ state->count[0] += bitlen[0]; if (inlen < 128 - r) { diff --git a/src/libsodium/crypto_hash/try.c b/src/libsodium/crypto_hash/try.c deleted file mode 100644 index 5e8b569..0000000 --- a/src/libsodium/crypto_hash/try.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * crypto_hash/try.c version 20090118 - * D. J. Bernstein - * Public domain. - */ - -#include <stdlib.h> -#include "crypto_hash.h" -#include "utils.h" -#include "windows/windows-quirks.h" - -extern unsigned char *alignedcalloc(unsigned long long); - -const char *primitiveimplementation = crypto_hash_IMPLEMENTATION; - -#define MAXTEST_BYTES (10000 + crypto_hash_BYTES) -#define CHECKSUM_BYTES 4096 -#define TUNE_BYTES 1536 - -static unsigned char *h; -static unsigned char *h2; -static unsigned char *m; -static unsigned char *m2; - -void preallocate(void) -{ -} - -void allocate(void) -{ - h = alignedcalloc(crypto_hash_BYTES); - h2 = alignedcalloc(crypto_hash_BYTES); - m = alignedcalloc(MAXTEST_BYTES); - m2 = alignedcalloc(MAXTEST_BYTES); -} - -void predoit(void) -{ -} - -void doit(void) -{ - crypto_hash(h,m,TUNE_BYTES); -} - -char checksum[crypto_hash_BYTES * 2 + 1]; - -const char *checksum_compute(void) -{ - long long i; - long long j; - - for (i = 0;i < CHECKSUM_BYTES;++i) { - long long hlen = crypto_hash_BYTES; - long long mlen = i; - for (j = -16;j < 0;++j) h[j] = rand(); - for (j = hlen;j < hlen + 16;++j) h[j] = rand(); - for (j = -16;j < hlen + 16;++j) h2[j] = h[j]; - for (j = -16;j < 0;++j) m[j] = rand(); - for (j = mlen;j < mlen + 16;++j) m[j] = rand(); - for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; - if (crypto_hash(h,m,mlen) != 0) return "crypto_hash returns nonzero"; - for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_hash writes to input"; - for (j = -16;j < 0;++j) if (h2[j] != h[j]) return "crypto_hash writes before output"; - for (j = hlen;j < hlen + 16;++j) if (h2[j] != h[j]) return "crypto_hash writes after output"; - if (crypto_hash(m2,m2,mlen) != 0) return "crypto_hash returns nonzero"; - for (j = 0;j < hlen;++j) if (m2[j] != h[j]) return "crypto_hash does not handle overlap"; - for (j = 0;j < mlen;++j) m[j] ^= h[j % hlen]; - m[mlen] = h[0]; - } - if (crypto_hash(h,m,CHECKSUM_BYTES) != 0) return "crypto_hash returns nonzero"; - - sodium_bin2hex(checksum, sizeof checksum, h, crypto_hash_BYTES); - - return 0; -} diff --git a/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c b/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c index acd04c0..eb05e02 100644 --- a/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c +++ b/src/libsodium/crypto_onetimeauth/poly1305/donna/auth_poly1305_donna.c @@ -86,12 +86,13 @@ crypto_onetimeauth_poly1305_donna_final(crypto_onetimeauth_poly1305_state *state return 0; } - +/* LCOV_EXCL_START */ const char * crypto_onetimeauth_poly1305_donna_implementation_name(void) { return POLY1305_IMPLEMENTATION_NAME; } +/* LCOV_EXCL_STOP */ struct crypto_onetimeauth_poly1305_implementation crypto_onetimeauth_poly1305_donna_implementation = { diff --git a/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c b/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c index 3eb28e5..14253b7 100644 --- a/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c +++ b/src/libsodium/crypto_onetimeauth/poly1305/onetimeauth_poly1305.c @@ -2,6 +2,7 @@ #include "crypto_onetimeauth_poly1305.h" #include "donna/poly1305_donna.h" +/* LCOV_EXCL_START */ static const crypto_onetimeauth_poly1305_implementation *implementation = &crypto_onetimeauth_poly1305_donna_implementation; @@ -18,6 +19,7 @@ crypto_onetimeauth_poly1305_implementation_name(void) { return implementation->implementation_name(); } +/* LCOV_EXCL_STOP */ int crypto_onetimeauth_poly1305(unsigned char *out, const unsigned char *in, diff --git a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c index 837ce3f..01a1e09 100644 --- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c +++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/crypto_scrypt-common.c @@ -36,7 +36,7 @@ encode64_uint32(uint8_t * dst, size_t dstlen, uint32_t src, uint32_t srcbits) for (bit = 0; bit < srcbits; bit += 6) { if (dstlen < 1) { - return NULL; + return NULL; /* LCOV_EXCL_LINE */ } *dst++ = itoa64[src & 0x3f]; dstlen--; @@ -60,7 +60,7 @@ encode64(uint8_t * dst, size_t dstlen, const uint8_t * src, size_t srclen) } while (bits < 24 && i < srclen); dnext = encode64_uint32(dst, dstlen, value, bits); if (!dnext) { - return NULL; + return NULL; /* LCOV_EXCL_LINE */ } dstlen -= dnext - dst; dst = dnext; @@ -171,8 +171,8 @@ escrypt_r(escrypt_local_t * local, const uint8_t * passwd, size_t passwdlen, dst = encode64(dst, buflen - (dst - buf), hash, sizeof(hash)); sodium_memzero(hash, sizeof hash); - if (!dst || dst >= buf + buflen) { /* Can't happen */ - return NULL; + if (!dst || dst >= buf + buflen) { + return NULL; /* Can't happen LCOV_EXCL_LINE */ } *dst = 0; /* NUL termination */ @@ -192,7 +192,7 @@ escrypt_gensalt_r(uint32_t N_log2, uint32_t r, uint32_t p, need = prefixlen + saltlen + 1; if (need > buflen || need < saltlen || saltlen < srclen) { - return NULL; + return NULL; /* LCOV_EXCL_LINE */ } if (N_log2 > 63 || ((uint64_t)r * (uint64_t)p >= (1U << 30))) { return NULL; @@ -205,16 +205,16 @@ escrypt_gensalt_r(uint32_t N_log2, uint32_t r, uint32_t p, *dst++ = itoa64[N_log2]; dst = encode64_uint32(dst, buflen - (dst - buf), r, 30); - if (!dst) { /* Can't happen */ - return NULL; + if (!dst) { + return NULL; /* Can't happen LCOV_EXCL_LINE */ } dst = encode64_uint32(dst, buflen - (dst - buf), p, 30); - if (!dst) { /* Can't happen */ - return NULL; + if (!dst) { + return NULL; /* Can't happen LCOV_EXCL_LINE */ } dst = encode64(dst, buflen - (dst - buf), src, srclen); - if (!dst || dst >= buf + buflen) { /* Can't happen */ - return NULL; + if (!dst || dst >= buf + buflen) { + return NULL; /* Can't happen LCOV_EXCL_LINE */ } *dst = 0; /* NUL termination */ @@ -232,7 +232,7 @@ crypto_pwhash_scryptsalsa208sha256_ll(const uint8_t * passwd, size_t passwdlen, int retval; if (escrypt_init_local(&local)) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } #if defined(HAVE_EMMINTRIN_H) || defined(_MSC_VER) escrypt_kdf = @@ -244,7 +244,7 @@ crypto_pwhash_scryptsalsa208sha256_ll(const uint8_t * passwd, size_t passwdlen, passwd, passwdlen, salt, saltlen, N, r, p, buf, buflen); if (escrypt_free_local(&local)) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } return retval; } diff --git a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c index ac426d3..9b585a2 100644 --- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c +++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pbkdf2-sha256.c @@ -44,41 +44,42 @@ void PBKDF2_SHA256(const uint8_t * passwd, size_t passwdlen, const uint8_t * salt, size_t saltlen, uint64_t c, uint8_t * buf, size_t dkLen) { - crypto_auth_hmacsha256_state PShctx, hctx; - size_t i; - uint8_t ivec[4]; - uint8_t U[32]; - uint8_t T[32]; - uint64_t j; - int k; - size_t clen; + crypto_auth_hmacsha256_state PShctx, hctx; + size_t i; + uint8_t ivec[4]; + uint8_t U[32]; + uint8_t T[32]; + uint64_t j; + int k; + size_t clen; crypto_auth_hmacsha256_init(&PShctx, passwd, passwdlen); crypto_auth_hmacsha256_update(&PShctx, salt, saltlen); - for (i = 0; i * 32 < dkLen; i++) { - be32enc(ivec, (uint32_t)(i + 1)); - memcpy(&hctx, &PShctx, sizeof(crypto_auth_hmacsha256_state)); - crypto_auth_hmacsha256_update(&hctx, ivec, 4); - crypto_auth_hmacsha256_final(&hctx, U); + for (i = 0; i * 32 < dkLen; i++) { + be32enc(ivec, (uint32_t)(i + 1)); + memcpy(&hctx, &PShctx, sizeof(crypto_auth_hmacsha256_state)); + crypto_auth_hmacsha256_update(&hctx, ivec, 4); + crypto_auth_hmacsha256_final(&hctx, U); - memcpy(T, U, 32); + memcpy(T, U, 32); + /* LCOV_EXCL_START */ + for (j = 2; j <= c; j++) { + crypto_auth_hmacsha256_init(&hctx, passwd, passwdlen); + crypto_auth_hmacsha256_update(&hctx, U, 32); + crypto_auth_hmacsha256_final(&hctx, U); - for (j = 2; j <= c; j++) { - crypto_auth_hmacsha256_init(&hctx, passwd, passwdlen); - crypto_auth_hmacsha256_update(&hctx, U, 32); - crypto_auth_hmacsha256_final(&hctx, U); - - for (k = 0; k < 32; k++) { - T[k] ^= U[k]; + for (k = 0; k < 32; k++) { + T[k] ^= U[k]; } - } - - clen = dkLen - i * 32; - if (clen > 32) { - clen = 32; } - memcpy(&buf[i * 32], T, clen); + /* LCOV_EXCL_STOP */ + + clen = dkLen - i * 32; + if (clen > 32) { + clen = 32; } + memcpy(&buf[i * 32], T, clen); + } sodium_memzero((void *) &PShctx, sizeof PShctx); } diff --git a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c index b4e64a5..e7962cc 100644 --- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c +++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c @@ -41,9 +41,11 @@ pickparams(unsigned long long opslimit, const size_t memlimit, } } maxrp = (opslimit / 4) / ((uint64_t) (1) << *N_log2); + /* LCOV_EXCL_START */ if (maxrp > 0x3fffffff) { maxrp = 0x3fffffff; } + /* LCOV_EXCL_STOP */ *p = (uint32_t) (maxrp) / *r; } return 0; @@ -61,6 +63,12 @@ crypto_pwhash_scryptsalsa208sha256_strbytes(void) return crypto_pwhash_scryptsalsa208sha256_STRBYTES; } +const char * +crypto_pwhash_scryptsalsa208sha256_strprefix(void) +{ + return crypto_pwhash_scryptsalsa208sha256_STRPREFIX; +} + size_t crypto_pwhash_scryptsalsa208sha256_opslimit_interactive(void) { @@ -100,12 +108,12 @@ crypto_pwhash_scryptsalsa208sha256(unsigned char * const out, memset(out, 0, outlen); if (passwdlen > SIZE_MAX || outlen > SIZE_MAX) { - errno = EFBIG; - return -1; + errno = EFBIG; /* LCOV_EXCL_LINE */ + return -1; /* LCOV_EXCL_LINE */ } if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) { - errno = EINVAL; - return -1; + errno = EINVAL; /* LCOV_EXCL_LINE */ + return -1; /* LCOV_EXCL_LINE */ } return crypto_pwhash_scryptsalsa208sha256_ll((const uint8_t *) passwd, (size_t) passwdlen, @@ -131,28 +139,30 @@ crypto_pwhash_scryptsalsa208sha256_str(char out[crypto_pwhash_scryptsalsa208sha2 memset(out, 0, crypto_pwhash_scryptsalsa208sha256_STRBYTES); if (passwdlen > SIZE_MAX) { - errno = EFBIG; - return -1; + errno = EFBIG; /* LCOV_EXCL_LINE */ + return -1; /* LCOV_EXCL_LINE */ } if (pickparams(opslimit, memlimit, &N_log2, &p, &r) != 0) { - errno = EINVAL; - return -1; + errno = EINVAL; /* LCOV_EXCL_LINE */ + return -1; /* LCOV_EXCL_LINE */ } randombytes_buf(salt, sizeof salt); if (escrypt_gensalt_r(N_log2, r, p, salt, sizeof salt, (uint8_t *) setting, sizeof setting) == NULL) { - errno = EINVAL; - return -1; + errno = EINVAL; /* LCOV_EXCL_LINE */ + return -1; /* LCOV_EXCL_LINE */ } if (escrypt_init_local(&escrypt_local) != 0) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } if (escrypt_r(&escrypt_local, (const uint8_t *) passwd, (size_t) passwdlen, (const uint8_t *) setting, (uint8_t *) out, crypto_pwhash_scryptsalsa208sha256_STRBYTES) == NULL) { + /* LCOV_EXCL_START */ escrypt_free_local(&escrypt_local); errno = EINVAL; return -1; + /* LCOV_EXCL_STOP */ } escrypt_free_local(&escrypt_local); @@ -181,7 +191,7 @@ crypto_pwhash_scryptsalsa208sha256_str_verify(const char str[crypto_pwhash_scryp return -1; } if (escrypt_init_local(&escrypt_local) != 0) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } if (escrypt_r(&escrypt_local, (const uint8_t *) passwd, (size_t) passwdlen, (const uint8_t *) str, (uint8_t *) wanted, diff --git a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/scrypt_platform.c b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/scrypt_platform.c index cddf964..da8b433 100644 --- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/scrypt_platform.c +++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/scrypt_platform.c @@ -43,7 +43,7 @@ alloc_region(escrypt_region_t * region, size_t size) MAP_ANON | MAP_PRIVATE, #endif -1, 0)) == MAP_FAILED) - base = NULL; + base = NULL; /* LCOV_EXCL_LINE */ aligned = base; #elif defined(HAVE_POSIX_MEMALIGN) if ((errno = posix_memalign((void **) &base, 64, size)) != 0) @@ -77,7 +77,7 @@ free_region(escrypt_region_t * region) if (region->base) { #ifdef MAP_ANON if (munmap(region->base, region->size)) - return -1; + return -1; /* LCOV_EXCL_LINE */ #else free(region->base); #endif diff --git a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c index d340dd0..15d4a14 100644 --- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c +++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c @@ -365,9 +365,9 @@ escrypt_kdf_sse(escrypt_local_t * local, } if (local->size < need) { if (free_region(local)) - return -1; + return -1; /* LCOV_EXCL_LINE */ if (!alloc_region(local, need)) - return -1; + return -1; /* LCOV_EXCL_LINE */ } B = (uint8_t *)local->aligned; V = (uint32_t *)((uint8_t *)B + B_size); diff --git a/src/libsodium/crypto_scalarmult/curve25519/ref10/pow225521.h b/src/libsodium/crypto_scalarmult/curve25519/ref10/pow225521.h index 109df77..8397222 100644 --- a/src/libsodium/crypto_scalarmult/curve25519/ref10/pow225521.h +++ b/src/libsodium/crypto_scalarmult/curve25519/ref10/pow225521.h @@ -50,7 +50,7 @@ /* qhasm: z2 = z1^2^1 */ /* asm 1: fe_sq(>z2=fe#1,<z1=fe#11); for (i = 1;i < 1;++i) fe_sq(>z2=fe#1,>z2=fe#1); */ /* asm 2: fe_sq(>z2=t0,<z1=z); for (i = 1;i < 1;++i) fe_sq(>z2=t0,>z2=t0); */ -fe_sq(t0,z); for (i = 1;i < 1;++i) fe_sq(t0,t0); +fe_sq(t0,z); /* for (i = 1;i < 1;++i) fe_sq(t0,t0); */ /* qhasm: z8 = z2^2^2 */ /* asm 1: fe_sq(>z8=fe#2,<z2=fe#1); for (i = 1;i < 2;++i) fe_sq(>z8=fe#2,>z8=fe#2); */ @@ -70,7 +70,7 @@ fe_mul(t0,t0,t1); /* qhasm: z22 = z11^2^1 */ /* asm 1: fe_sq(>z22=fe#3,<z11=fe#1); for (i = 1;i < 1;++i) fe_sq(>z22=fe#3,>z22=fe#3); */ /* asm 2: fe_sq(>z22=t2,<z11=t0); for (i = 1;i < 1;++i) fe_sq(>z22=t2,>z22=t2); */ -fe_sq(t2,t0); for (i = 1;i < 1;++i) fe_sq(t2,t2); +fe_sq(t2,t0); /* for (i = 1;i < 1;++i) fe_sq(t2,t2); */ /* qhasm: z_5_0 = z9*z22 */ /* asm 1: fe_mul(>z_5_0=fe#2,<z9=fe#2,<z22=fe#3); */ diff --git a/src/libsodium/crypto_scalarmult/try.c b/src/libsodium/crypto_scalarmult/try.c deleted file mode 100644 index 1f75ab7..0000000 --- a/src/libsodium/crypto_scalarmult/try.c +++ /dev/null @@ -1,125 +0,0 @@ -/* - * crypto_scalarmult/try.c version 20090118 - * D. J. Bernstein - * Public domain. - */ - -#include <stdlib.h> -#include "crypto_scalarmult.h" -#include "utils.h" -#include "windows/windows-quirks.h" - -extern unsigned char *alignedcalloc(unsigned long long); - -const char *primitiveimplementation = crypto_scalarmult_IMPLEMENTATION; - -#define mlen crypto_scalarmult_SCALARBYTES -#define nlen crypto_scalarmult_SCALARBYTES -#define plen crypto_scalarmult_BYTES -#define qlen crypto_scalarmult_BYTES -#define rlen crypto_scalarmult_BYTES - -static unsigned char *m; -static unsigned char *n; -static unsigned char *p; -static unsigned char *q; -static unsigned char *r; - -static unsigned char *m2; -static unsigned char *n2; -static unsigned char *p2; -static unsigned char *q2; -static unsigned char *r2; - -void preallocate(void) -{ -} - -void allocate(void) -{ - m = alignedcalloc(mlen); - n = alignedcalloc(nlen); - p = alignedcalloc(plen); - q = alignedcalloc(qlen); - r = alignedcalloc(rlen); - m2 = alignedcalloc(mlen + crypto_scalarmult_BYTES); - n2 = alignedcalloc(nlen + crypto_scalarmult_BYTES); - p2 = alignedcalloc(plen + crypto_scalarmult_BYTES); - q2 = alignedcalloc(qlen + crypto_scalarmult_BYTES); - r2 = alignedcalloc(rlen + crypto_scalarmult_BYTES); -} - -void predoit(void) -{ -} - -void doit(void) -{ - crypto_scalarmult(q,n,p); - crypto_scalarmult_base(r,n); -} - -char checksum[crypto_scalarmult_BYTES * 2 + 1]; - -const char *checksum_compute(void) -{ - long long i; - long long j; - long long tests; - - for (i = 0;i < mlen;++i) m[i] = i; - for (i = 0;i < nlen;++i) n[i] = i + 1; - for (i = 0;i < plen;++i) p[i] = i + 2; - for (i = 0;i < qlen;++i) q[i] = i + 3; - for (i = 0;i < rlen;++i) r[i] = i + 4; - - for (i = -16;i < 0;++i) p[i] = rand(); - for (i = -16;i < 0;++i) n[i] = rand(); - for (i = plen;i < plen + 16;++i) p[i] = rand(); - for (i = nlen;i < nlen + 16;++i) n[i] = rand(); - for (i = -16;i < plen + 16;++i) p2[i] = p[i]; - for (i = -16;i < nlen + 16;++i) n2[i] = n[i]; - - if (crypto_scalarmult_base(p,n) != 0) return "crypto_scalarmult_base returns nonzero"; - - for (i = -16;i < nlen + 16;++i) if (n2[i] != n[i]) return "crypto_scalarmult_base overwrites input"; - for (i = -16;i < 0;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes before output"; - for (i = plen;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes after output"; - - for (tests = 0;tests < 100;++tests) { - for (i = -16;i < 0;++i) q[i] = rand(); - for (i = -16;i < 0;++i) p[i] = rand(); - for (i = -16;i < 0;++i) m[i] = rand(); - for (i = qlen;i < qlen + 16;++i) q[i] = rand(); - for (i = plen;i < plen + 16;++i) p[i] = rand(); - for (i = mlen;i < mlen + 16;++i) m[i] = rand(); - for (i = -16;i < qlen + 16;++i) q2[i] = q[i]; - for (i = -16;i < plen + 16;++i) p2[i] = p[i]; - for (i = -16;i < mlen + 16;++i) m2[i] = m[i]; - - if (crypto_scalarmult(q,m,p) != 0) return "crypto_scalarmult returns nonzero"; - - for (i = -16;i < mlen + 16;++i) if (m2[i] != m[i]) return "crypto_scalarmult overwrites n input"; - for (i = -16;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult overwrites p input"; - for (i = -16;i < 0;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes before output"; - for (i = qlen;i < qlen + 16;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes after output"; - - if (crypto_scalarmult(m2,m2,p) != 0) return "crypto_scalarmult returns nonzero"; - for (i = 0;i < qlen;++i) if (q[i] != m2[i]) return "crypto_scalarmult does not handle n overlap"; - for (i = 0;i < qlen;++i) m2[i] = m[i]; - - if (crypto_scalarmult(p2,m2,p2) != 0) return "crypto_scalarmult returns nonzero"; - for (i = 0;i < qlen;++i) if (q[i] != p2[i]) return "crypto_scalarmult does not handle p overlap"; - - if (crypto_scalarmult(r,n,q) != 0) return "crypto_scalarmult returns nonzero"; - if (crypto_scalarmult(q,n,p) != 0) return "crypto_scalarmult returns nonzero"; - if (crypto_scalarmult(p,m,q) != 0) return "crypto_scalarmult returns nonzero"; - for (j = 0;j < plen;++j) if (p[j] != r[j]) return "crypto_scalarmult not associative"; - for (j = 0;j < mlen;++j) m[j] ^= q[j % qlen]; - for (j = 0;j < nlen;++j) n[j] ^= p[j % plen]; - } - - sodium_bin2hex(checksum, sizeof checksum, p, crypto_scalarmult_BYTES); - - return 0; -} diff --git a/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c b/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c index 08de096..5000a05 100644 --- a/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c +++ b/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c @@ -27,9 +27,6 @@ crypto_secretbox_detached(unsigned char *c, unsigned char *mac, unsigned long long i; unsigned long long mlen0; - if (mlen > SIZE_MAX - crypto_secretbox_MACBYTES) { - return -1; - } crypto_core_hsalsa20(subkey, n, k, sigma); memset(block0, 0U, crypto_secretbox_ZEROBYTES); @@ -68,6 +65,9 @@ crypto_secretbox_easy(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) { + if (mlen > SIZE_MAX - crypto_secretbox_MACBYTES) { + return -1; + } return crypto_secretbox_detached(c + crypto_secretbox_MACBYTES, c, m, mlen, n, k); } diff --git a/src/libsodium/crypto_secretbox/try.c b/src/libsodium/crypto_secretbox/try.c deleted file mode 100644 index 9478187..0000000 --- a/src/libsodium/crypto_secretbox/try.c +++ /dev/null @@ -1,129 +0,0 @@ -/* - * crypto_secretbox/try.c version 20090118 - * D. J. Bernstein - * Public domain. - */ - -#include <stdlib.h> -#include "crypto_secretbox.h" -#include "utils.h" -#include "windows/windows-quirks.h" - -extern unsigned char *alignedcalloc(unsigned long long); - -const char *primitiveimplementation = crypto_secretbox_IMPLEMENTATION; - -#define MAXTEST_BYTES 10000 -#define CHECKSUM_BYTES 4096 -#define TUNE_BYTES 1536 - -static unsigned char *k; -static unsigned char *n; -static unsigned char *m; -static unsigned char *c; -static unsigned char *t; -static unsigned char *k2; -static unsigned char *n2; -static unsigned char *m2; -static unsigned char *c2; -static unsigned char *t2; - -#define klen crypto_secretbox_KEYBYTES -#define nlen crypto_secretbox_NONCEBYTES - -void preallocate(void) -{ -} - -void allocate(void) -{ - k = alignedcalloc(klen); - n = alignedcalloc(nlen); - m = alignedcalloc(MAXTEST_BYTES + crypto_secretbox_ZEROBYTES); - c = alignedcalloc(MAXTEST_BYTES + crypto_secretbox_ZEROBYTES); - t = alignedcalloc(MAXTEST_BYTES + crypto_secretbox_ZEROBYTES); - k2 = alignedcalloc(klen); - n2 = alignedcalloc(nlen); - m2 = alignedcalloc(MAXTEST_BYTES + crypto_secretbox_ZEROBYTES); - c2 = alignedcalloc(MAXTEST_BYTES + crypto_secretbox_ZEROBYTES); - t2 = alignedcalloc(MAXTEST_BYTES + crypto_secretbox_ZEROBYTES); -} - -void predoit(void) -{ -} - -void doit(void) -{ - crypto_secretbox(c,m,TUNE_BYTES + crypto_secretbox_ZEROBYTES,n,k); - crypto_secretbox_open(t,c,TUNE_BYTES + crypto_secretbox_ZEROBYTES,n,k); -} - -char checksum[klen * 2 + 1]; - -const char *checksum_compute(void) -{ - long long i; - long long j; - - for (j = 0;j < crypto_secretbox_ZEROBYTES;++j) m[j] = 0; - - for (i = 0;i < CHECKSUM_BYTES;++i) { - long long mlen = i + crypto_secretbox_ZEROBYTES; - long long tlen = i + crypto_secretbox_ZEROBYTES; - long long clen = i + crypto_secretbox_ZEROBYTES; - - for (j = -16;j < 0;++j) k[j] = rand(); - for (j = -16;j < 0;++j) n[j] = rand(); - for (j = -16;j < 0;++j) m[j] = rand(); - for (j = klen;j < klen + 16;++j) k[j] = rand(); - for (j = nlen;j < nlen + 16;++j) n[j] = rand(); - for (j = mlen;j < mlen + 16;++j) m[j] = rand(); - for (j = -16;j < klen + 16;++j) k2[j] = k[j]; - for (j = -16;j < nlen + 16;++j) n2[j] = n[j]; - for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; - for (j = -16;j < clen + 16;++j) c2[j] = c[j] = rand(); - - if (crypto_secretbox(c,m,mlen,n,k) != 0) return "crypto_secretbox returns nonzero"; - - for (j = -16;j < mlen + 16;++j) if (m2[j] != m[j]) return "crypto_secretbox overwrites m"; - for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_secretbox overwrites n"; - for (j = -16;j < klen + 16;++j) if (k2[j] != k[j]) return "crypto_secretbox overwrites k"; - for (j = -16;j < 0;++j) if (c2[j] != c[j]) return "crypto_secretbox writes before output"; - for (j = clen;j < clen + 16;++j) if (c2[j] != c[j]) return "crypto_secretbox writes after output"; - for (j = 0;j < crypto_secretbox_BOXZEROBYTES;++j) - if (c[j] != 0) return "crypto_secretbox does not clear extra bytes"; - - for (j = -16;j < 0;++j) c[j] = rand(); - for (j = clen;j < clen + 16;++j) c[j] = rand(); - for (j = -16;j < clen + 16;++j) c2[j] = c[j]; - for (j = -16;j < tlen + 16;++j) t2[j] = t[j] = rand(); - - if (crypto_secretbox_open(t,c,clen,n,k) != 0) return "crypto_secretbox_open returns nonzero"; - - for (j = -16;j < clen + 16;++j) if (c2[j] != c[j]) return "crypto_secretbox_open overwrites c"; - for (j = -16;j < nlen + 16;++j) if (n2[j] != n[j]) return "crypto_secretbox_open overwrites n"; - for (j = -16;j < klen + 16;++j) if (k2[j] != k[j]) return "crypto_secretbox_open overwrites k"; - for (j = -16;j < 0;++j) if (t2[j] != t[j]) return "crypto_secretbox_open writes before output"; - for (j = tlen;j < tlen + 16;++j) if (t2[j] != t[j]) return "crypto_secretbox_open writes after output"; - for (j = 0;j < crypto_secretbox_ZEROBYTES;++j) - if (t[j] != 0) return "crypto_secretbox_open does not clear extra bytes"; - - for (j = 0;j < i;++j) if (t[j] != m[j]) return "plaintext does not match"; - - for (j = 0;j < i;++j) - k[j % klen] ^= c[j + crypto_secretbox_BOXZEROBYTES]; - crypto_secretbox(c,m,mlen,n,k); - for (j = 0;j < i;++j) - n[j % nlen] ^= c[j + crypto_secretbox_BOXZEROBYTES]; - crypto_secretbox(c,m,mlen,n,k); - if (i == 0) m[crypto_secretbox_ZEROBYTES + 0] = 0; - m[crypto_secretbox_ZEROBYTES + i] = m[crypto_secretbox_ZEROBYTES + 0]; - for (j = 0;j < i;++j) - m[j + crypto_secretbox_ZEROBYTES] ^= c[j + crypto_secretbox_BOXZEROBYTES]; - } - - sodium_bin2hex(checksum, sizeof checksum, k, klen); - - return 0; -} diff --git a/src/libsodium/crypto_sign/ed25519/ref10/keypair.c b/src/libsodium/crypto_sign/ed25519/ref10/keypair.c index 7955647..2268cd6 100644 --- a/src/libsodium/crypto_sign/ed25519/ref10/keypair.c +++ b/src/libsodium/crypto_sign/ed25519/ref10/keypair.c @@ -2,8 +2,11 @@ #include <string.h> #include "api.h" -#include "randombytes.h" #include "crypto_hash_sha512.h" +#include "crypto_scalarmult_curve25519.h" +#include "randombytes.h" +#include "utils.h" +#include "fe.h" #include "ge.h" int crypto_sign_seed_keypair(unsigned char *pk, unsigned char *sk, @@ -27,7 +30,47 @@ int crypto_sign_seed_keypair(unsigned char *pk, unsigned char *sk, int crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { unsigned char seed[32]; + int ret; + + randombytes_buf(seed, sizeof seed); + ret = crypto_sign_seed_keypair(pk, sk, seed); + sodium_memzero(seed, sizeof seed); + + return ret; +} + +int crypto_sign_ed25519_pk_to_curve25519(unsigned char *curve25519_pk, + const unsigned char *ed25519_pk) +{ + ge_p3 A; + fe x; + fe one_minus_y; - randombytes(seed,32); - return crypto_sign_seed_keypair(pk,sk,seed); + ge_frombytes_negate_vartime(&A, ed25519_pk); + fe_1(one_minus_y); + fe_sub(one_minus_y, one_minus_y, A.Y); + fe_invert(one_minus_y, one_minus_y); + fe_1(x); + fe_add(x, x, A.Y); + fe_mul(x, x, one_minus_y); + fe_tobytes(curve25519_pk, x); + + return 0; +} + +int crypto_sign_ed25519_sk_to_curve25519(unsigned char *curve25519_sk, + const unsigned char *ed25519_sk) +{ + unsigned char h[crypto_hash_sha512_BYTES]; + + crypto_hash_sha512(h, ed25519_sk, + crypto_sign_ed25519_SECRETKEYBYTES - + crypto_sign_ed25519_PUBLICKEYBYTES); + h[0] &= 248; + h[31] &= 127; + h[31] |= 64; + memcpy(curve25519_sk, h, crypto_scalarmult_curve25519_BYTES); + sodium_memzero(h, sizeof h); + + return 0; } diff --git a/src/libsodium/crypto_sign/ed25519/ref10/open.c b/src/libsodium/crypto_sign/ed25519/ref10/open.c index 36eb084..488333e 100644 --- a/src/libsodium/crypto_sign/ed25519/ref10/open.c +++ b/src/libsodium/crypto_sign/ed25519/ref10/open.c @@ -43,16 +43,8 @@ crypto_sign_verify_detached(const unsigned char *sig, const unsigned char *m, ge_double_scalarmult_vartime(&R, h, &A, sig + 32); ge_tobytes(rcheck, &R); - if (crypto_verify_32(rcheck, sig) != 0) { - return -1; - } - if (sig == rcheck) { - return -1; - } - if (sodium_memcmp(sig, rcheck, 32) != 0) { - return -1; - } - return 0; + return crypto_verify_32(rcheck, sig) | (-(rcheck - sig == 0)) | + sodium_memcmp(sig, rcheck, 32); } int diff --git a/src/libsodium/crypto_sign/ed25519/ref10/sign.c b/src/libsodium/crypto_sign/ed25519/ref10/sign.c index 88f4710..1ee5d6c 100644 --- a/src/libsodium/crypto_sign/ed25519/ref10/sign.c +++ b/src/libsodium/crypto_sign/ed25519/ref10/sign.c @@ -5,6 +5,7 @@ #include "crypto_hash_sha512.h" #include "ge.h" #include "sc.h" +#include "utils.h" int crypto_sign_detached(unsigned char *sig, unsigned long long *siglen, @@ -44,6 +45,9 @@ crypto_sign_detached(unsigned char *sig, unsigned long long *siglen, sc_reduce(hram); sc_muladd(sig + 32, hram, az, nonce); + sodium_memzero(az, sizeof az); + sodium_memzero(nonce, sizeof nonce); + if (siglen != NULL) { *siglen = 64U; } @@ -57,13 +61,19 @@ crypto_sign(unsigned char *sm, unsigned long long *smlen, { unsigned long long siglen; - if (crypto_sign_detached(sm, &siglen, m, mlen, sk) != 0 || - siglen > crypto_sign_ed25519_BYTES) { - *smlen = 0; + memmove(sm + crypto_sign_ed25519_BYTES, m, mlen); +/* LCOV_EXCL_START */ + if (crypto_sign_detached(sm, &siglen, sm + crypto_sign_ed25519_BYTES, + mlen, sk) != 0 || + siglen != crypto_sign_ed25519_BYTES) { + if (smlen != NULL) { + *smlen = 0; + } memset(sm, 0, mlen + crypto_sign_ed25519_BYTES); return -1; } - memmove(sm + siglen, m, mlen); +/* LCOV_EXCL_STOP */ + if (smlen != NULL) { *smlen = mlen + siglen; } diff --git a/src/libsodium/crypto_sign/ed25519/sign_ed25519_api.c b/src/libsodium/crypto_sign/ed25519/sign_ed25519_api.c index 9f999d2..7ba6b4c 100644 --- a/src/libsodium/crypto_sign/ed25519/sign_ed25519_api.c +++ b/src/libsodium/crypto_sign/ed25519/sign_ed25519_api.c @@ -1,3 +1,6 @@ + +#include <string.h> + #include "crypto_sign_ed25519.h" size_t @@ -19,3 +22,18 @@ size_t crypto_sign_ed25519_secretkeybytes(void) { return crypto_sign_ed25519_SECRETKEYBYTES; } + +int +crypto_sign_ed25519_sk_to_seed(unsigned char *seed, const unsigned char *sk) +{ + memmove(seed, sk, crypto_sign_ed25519_SEEDBYTES); + return 0; +} + +int +crypto_sign_ed25519_sk_to_pk(unsigned char *pk, const unsigned char *sk) +{ + memmove(pk, sk + crypto_sign_ed25519_SEEDBYTES, + crypto_sign_ed25519_PUBLICKEYBYTES); + return 0; +} diff --git a/src/libsodium/crypto_sign/edwards25519sha512batch/ref/sign_edwards25519sha512batch.c b/src/libsodium/crypto_sign/edwards25519sha512batch/ref/sign_edwards25519sha512batch.c index 885d7b1..9c548dc 100644 --- a/src/libsodium/crypto_sign/edwards25519sha512batch/ref/sign_edwards25519sha512batch.c +++ b/src/libsodium/crypto_sign/edwards25519sha512batch/ref/sign_edwards25519sha512batch.c @@ -13,7 +13,7 @@ int crypto_sign_keypair( sc25519 scsk; ge25519 gepk; - randombytes(sk, 32); + randombytes_buf(sk, 32); crypto_hash_sha512(sk, sk, 32); sk[0] &= 248; sk[31] &= 127; diff --git a/src/libsodium/crypto_sign/try.c b/src/libsodium/crypto_sign/try.c deleted file mode 100644 index 8ea81b6..0000000 --- a/src/libsodium/crypto_sign/try.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * crypto_sign/try.c version 20090118 - * D. J. Bernstein - * Public domain. - */ - -#include <stdlib.h> -#include "randombytes.h" -#include "crypto_sign.h" -#include "windows/windows-quirks.h" - -#define MAXTEST_BYTES 10000 -#define TUNE_BYTES 1536 - -extern unsigned char *alignedcalloc(unsigned long long); - -const char *primitiveimplementation = crypto_sign_IMPLEMENTATION; - -static unsigned char *pk; -static unsigned char *sk; -static unsigned char *m; unsigned long long mlen; -static unsigned char *sm; unsigned long long smlen; -static unsigned char *t; unsigned long long tlen; - -void preallocate(void) -{ -#ifdef RAND_R_PRNG_NOT_SEEDED - RAND_status(); -#endif -} - -void allocate(void) -{ - pk = alignedcalloc(crypto_sign_PUBLICKEYBYTES); - sk = alignedcalloc(crypto_sign_SECRETKEYBYTES); - m = alignedcalloc(MAXTEST_BYTES + crypto_sign_BYTES); - sm = alignedcalloc(MAXTEST_BYTES + crypto_sign_BYTES); - t = alignedcalloc(MAXTEST_BYTES + crypto_sign_BYTES); -} - -void predoit(void) -{ - crypto_sign_keypair(pk,sk); - mlen = TUNE_BYTES; - smlen = 0; - randombytes(m,mlen); - crypto_sign(sm,&smlen,m,mlen,sk); -} - -void doit(void) -{ - crypto_sign_open(t,&tlen,sm,smlen,pk); -} - -char checksum[crypto_sign_BYTES * 2 + 1]; - -const char *checksum_compute(void) -{ - long long mlen; - long long i; - long long j; - - if (crypto_sign_keypair(pk,sk) != 0) return "crypto_sign_keypair returns nonzero"; - for (mlen = 0;mlen < MAXTEST_BYTES;mlen += 1 + (mlen / 16)) { - if (crypto_sign(sm,&smlen,m,mlen,sk) != 0) return "crypto_sign returns nonzero"; - if (crypto_sign_open(t,&tlen,sm,smlen,pk) != 0) return "crypto_sign_open returns nonzero"; - if (tlen != mlen) return "crypto_sign_open does not match length"; - for (i = 0;i < tlen;++i) - if (t[i] != m[i]) - return "crypto_sign_open does not match contents"; - - j = rand() % smlen; - sm[j] ^= 1; - if (crypto_sign_open(t,&tlen,sm,smlen,pk) == 0) { - if (tlen != mlen) return "crypto_sign_open allows trivial forgery of length"; - for (i = 0;i < tlen;++i) - if (t[i] != m[i]) - return "crypto_sign_open allows trivial forgery of contents"; - } - sm[j] ^= 1; - - } - - /* do some long-term checksum */ - checksum[0] = 0; - return 0; -} diff --git a/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table-be.h b/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table-be.h deleted file mode 100644 index 8a4a49c..0000000 --- a/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table-be.h +++ /dev/null @@ -1,273 +0,0 @@ - -#ifndef __AES_TABLE_BE_H__ -#define __AES_TABLE_BE_H__ - -ALIGN(64) static unsigned int T0[256] = { - 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, - 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, - 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, - 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, - 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, - 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, - 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, - 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, - 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, - 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, - 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, - 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, - 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, - 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, - 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, - 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, - 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, - 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, - 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, - 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497, - 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, - 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, - 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b, - 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, - 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, - 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, - 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, - 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, - 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, - 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, - 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, - 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d, - 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, - 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, - 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, - 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, - 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, - 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, - 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, - 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, - 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, - 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, - 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, - 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, - 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, - 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, - 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, - 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, - 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, - 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, - 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, - 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, - 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, - 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, - 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, - 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9, - 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, - 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, - 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920, - 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, - 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, - 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, - 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, - 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a -}; - -ALIGN(64) static unsigned int T1[256] = { - 0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, - 0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5, - 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b, - 0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, - 0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d, - 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0, - 0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, - 0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0, - 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626, - 0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, - 0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1, - 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515, - 0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, - 0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a, - 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2, - 0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, - 0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a, - 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0, - 0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, - 0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484, - 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded, - 0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, - 0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939, - 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf, - 0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, - 0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585, - 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f, - 0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, - 0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f, - 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5, - 0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, - 0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2, - 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec, - 0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, - 0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d, - 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373, - 0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, - 0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888, - 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414, - 0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, - 0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a, - 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c, - 0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, - 0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979, - 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d, - 0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, - 0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea, - 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808, - 0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, - 0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6, - 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f, - 0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, - 0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666, - 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e, - 0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, - 0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e, - 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111, - 0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, - 0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9, - 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf, - 0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, - 0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868, - 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f, - 0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616 -}; - -ALIGN(64) static unsigned int T2[256] = { - 0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, - 0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5, - 0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b, - 0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, - 0xca458fca, 0x829d1f82, 0xc94089c9, 0x7d87fa7d, - 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0, - 0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, - 0x9cbf239c, 0xa4f753a4, 0x7296e472, 0xc05b9bc0, - 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26, - 0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, - 0x345c6834, 0xa5f451a5, 0xe534d1e5, 0xf108f9f1, - 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15, - 0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, - 0x18283018, 0x96a13796, 0x050f0a05, 0x9ab52f9a, - 0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2, - 0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, - 0x091b1209, 0x839e1d83, 0x2c74582c, 0x1a2e341a, - 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0, - 0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, - 0x297b5229, 0xe33edde3, 0x2f715e2f, 0x84971384, - 0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed, - 0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, - 0x6abed46a, 0xcb468dcb, 0xbed967be, 0x394b7239, - 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf, - 0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, - 0x43c58643, 0x4dd79a4d, 0x33556633, 0x85941185, - 0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f, - 0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, - 0x51f3a251, 0xa3fe5da3, 0x40c08040, 0x8f8a058f, - 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5, - 0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, - 0x10302010, 0xff1ae5ff, 0xf30efdf3, 0xd26dbfd2, - 0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec, - 0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, - 0xc45793c4, 0xa7f255a7, 0x7e82fc7e, 0x3d477a3d, - 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673, - 0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, - 0x22664422, 0x2a7e542a, 0x90ab3b90, 0x88830b88, - 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814, - 0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, - 0xe03bdbe0, 0x32566432, 0x3a4e743a, 0x0a1e140a, - 0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c, - 0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, - 0x91a83991, 0x95a43195, 0xe437d3e4, 0x798bf279, - 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d, - 0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, - 0x6cb4d86c, 0x56faac56, 0xf407f3f4, 0xea25cfea, - 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008, - 0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, - 0x1c24381c, 0xa6f157a6, 0xb4c773b4, 0xc65197c6, - 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f, - 0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, - 0x7090e070, 0x3e427c3e, 0xb5c471b5, 0x66aacc66, - 0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e, - 0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, - 0x86911786, 0xc15899c1, 0x1d273a1d, 0x9eb9279e, - 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211, - 0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, - 0x9bb62d9b, 0x1e223c1e, 0x87921587, 0xe920c9e9, - 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df, - 0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, - 0xbfda65bf, 0xe631d7e6, 0x42c68442, 0x68b8d068, - 0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f, - 0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16 -}; - -ALIGN(64) static unsigned int T3[256] = { - 0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, - 0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491, - 0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56, - 0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, - 0xcaca458f, 0x82829d1f, 0xc9c94089, 0x7d7d87fa, - 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb, - 0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, - 0x9c9cbf23, 0xa4a4f753, 0x727296e4, 0xc0c05b9b, - 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c, - 0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, - 0x34345c68, 0xa5a5f451, 0xe5e534d1, 0xf1f108f9, - 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a, - 0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, - 0x18182830, 0x9696a137, 0x05050f0a, 0x9a9ab52f, - 0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf, - 0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, - 0x09091b12, 0x83839e1d, 0x2c2c7458, 0x1a1a2e34, - 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b, - 0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, - 0x29297b52, 0xe3e33edd, 0x2f2f715e, 0x84849713, - 0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1, - 0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, - 0x6a6abed4, 0xcbcb468d, 0xbebed967, 0x39394b72, - 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85, - 0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, - 0x4343c586, 0x4d4dd79a, 0x33335566, 0x85859411, - 0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe, - 0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, - 0x5151f3a2, 0xa3a3fe5d, 0x4040c080, 0x8f8f8a05, - 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1, - 0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, - 0x10103020, 0xffff1ae5, 0xf3f30efd, 0xd2d26dbf, - 0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3, - 0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, - 0xc4c45793, 0xa7a7f255, 0x7e7e82fc, 0x3d3d477a, - 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6, - 0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, - 0x22226644, 0x2a2a7e54, 0x9090ab3b, 0x8888830b, - 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28, - 0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, - 0xe0e03bdb, 0x32325664, 0x3a3a4e74, 0x0a0a1e14, - 0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8, - 0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, - 0x9191a839, 0x9595a431, 0xe4e437d3, 0x79798bf2, - 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da, - 0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, - 0x6c6cb4d8, 0x5656faac, 0xf4f407f3, 0xeaea25cf, - 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810, - 0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, - 0x1c1c2438, 0xa6a6f157, 0xb4b4c773, 0xc6c65197, - 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e, - 0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, - 0x707090e0, 0x3e3e427c, 0xb5b5c471, 0x6666aacc, - 0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c, - 0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, - 0x86869117, 0xc1c15899, 0x1d1d273a, 0x9e9eb927, - 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322, - 0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, - 0x9b9bb62d, 0x1e1e223c, 0x87879215, 0xe9e920c9, - 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5, - 0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, - 0xbfbfda65, 0xe6e631d7, 0x4242c684, 0x6868b8d0, - 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e, - 0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c -}; - -#endif diff --git a/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table-le.h b/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table-le.h deleted file mode 100644 index 9d61039..0000000 --- a/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table-le.h +++ /dev/null @@ -1,274 +0,0 @@ - -#ifndef __AES_TABLE_LE_H__ -#define __AES_TABLE_LE_H__ - -ALIGN(64) static unsigned int T0[256] = { - 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, - 0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, - 0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56, - 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec, - 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa, - 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, - 0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, - 0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b, - 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c, - 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, - 0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9, - 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a, - 0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d, - 0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f, - 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df, - 0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, - 0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34, - 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b, - 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d, - 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413, - 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, - 0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, - 0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972, - 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85, - 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, - 0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511, - 0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe, - 0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b, - 0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05, - 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1, - 0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, - 0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf, - 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3, - 0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e, - 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a, - 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, - 0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3, - 0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b, - 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428, - 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, - 0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14, - 0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8, - 0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4, - 0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2, - 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda, - 0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, - 0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf, - 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810, - 0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c, - 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697, - 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, - 0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, - 0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc, - 0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c, - 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, - 0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27, - 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122, - 0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433, - 0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9, - 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5, - 0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, - 0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0, - 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e, - 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c -}; - - -ALIGN(64) static unsigned int T1[256] = { - 0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, - 0xf2f2ff0d, 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154, - 0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d, - 0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a, - 0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87, - 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b, - 0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, - 0x9c9c23bf, 0xa4a453f7, 0x7272e496, 0xc0c09b5b, - 0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a, - 0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f, - 0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908, - 0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f, - 0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e, - 0x18183028, 0x969637a1, 0x05050a0f, 0x9a9a2fb5, - 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d, - 0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, - 0x0909121b, 0x83831d9e, 0x2c2c5874, 0x1a1a342e, - 0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb, - 0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce, - 0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397, - 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c, - 0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, - 0x6a6ad4be, 0xcbcb8d46, 0xbebe67d9, 0x3939724b, - 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a, - 0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16, - 0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194, - 0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81, - 0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3, - 0x5151a2f3, 0xa3a35dfe, 0x404080c0, 0x8f8f058a, - 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104, - 0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, - 0x10102030, 0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d, - 0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f, - 0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39, - 0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47, - 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695, - 0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f, - 0x22224466, 0x2a2a547e, 0x90903bab, 0x88880b83, - 0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c, - 0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76, - 0xe0e0db3b, 0x32326456, 0x3a3a744e, 0x0a0a141e, - 0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4, - 0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6, - 0x919139a8, 0x959531a4, 0xe4e4d337, 0x7979f28b, - 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7, - 0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, - 0x6c6cd8b4, 0x5656acfa, 0xf4f4f307, 0xeaeacf25, - 0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018, - 0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72, - 0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751, - 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21, - 0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, - 0x7070e090, 0x3e3e7c42, 0xb5b571c4, 0x6666ccaa, - 0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12, - 0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0, - 0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9, - 0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233, - 0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7, - 0x9b9b2db6, 0x1e1e3c22, 0x87871592, 0xe9e9c920, - 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a, - 0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, - 0xbfbf65da, 0xe6e6d731, 0x424284c6, 0x6868d0b8, - 0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11, - 0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a -}; - -ALIGN(64) static unsigned int T2[256] = { - 0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, - 0xf2ff0df2, 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5, - 0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b, - 0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76, - 0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d, - 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0, - 0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, - 0x9c23bf9c, 0xa453f7a4, 0x72e49672, 0xc09b5bc0, - 0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26, - 0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc, - 0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1, - 0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15, - 0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3, - 0x18302818, 0x9637a196, 0x050a0f05, 0x9a2fb59a, - 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2, - 0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, - 0x09121b09, 0x831d9e83, 0x2c58742c, 0x1a342e1a, - 0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0, - 0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3, - 0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784, - 0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced, - 0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, - 0x6ad4be6a, 0xcb8d46cb, 0xbe67d9be, 0x39724b39, - 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf, - 0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb, - 0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485, - 0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f, - 0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8, - 0x51a2f351, 0xa35dfea3, 0x4080c040, 0x8f058a8f, - 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5, - 0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, - 0x10203010, 0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2, - 0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec, - 0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917, - 0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d, - 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573, - 0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc, - 0x22446622, 0x2a547e2a, 0x903bab90, 0x880b8388, - 0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14, - 0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db, - 0xe0db3be0, 0x32645632, 0x3a744e3a, 0x0a141e0a, - 0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c, - 0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662, - 0x9139a891, 0x9531a495, 0xe4d337e4, 0x79f28b79, - 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d, - 0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, - 0x6cd8b46c, 0x56acfa56, 0xf4f307f4, 0xeacf25ea, - 0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808, - 0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e, - 0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6, - 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f, - 0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, - 0x70e09070, 0x3e7c423e, 0xb571c4b5, 0x66ccaa66, - 0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e, - 0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9, - 0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e, - 0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311, - 0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794, - 0x9b2db69b, 0x1e3c221e, 0x87159287, 0xe9c920e9, - 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf, - 0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, - 0xbf65dabf, 0xe6d731e6, 0x4284c642, 0x68d0b868, - 0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f, - 0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16 -}; - -ALIGN(64) static unsigned int T3[256] = { - 0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, - 0xff0df2f2, 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5, - 0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b, - 0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676, - 0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d, - 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0, - 0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, - 0x23bf9c9c, 0x53f7a4a4, 0xe4967272, 0x9b5bc0c0, - 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626, - 0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc, - 0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1, - 0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515, - 0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3, - 0x30281818, 0x37a19696, 0x0a0f0505, 0x2fb59a9a, - 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2, - 0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, - 0x121b0909, 0x1d9e8383, 0x58742c2c, 0x342e1a1a, - 0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0, - 0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3, - 0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484, - 0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded, - 0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, - 0xd4be6a6a, 0x8d46cbcb, 0x67d9bebe, 0x724b3939, - 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf, - 0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb, - 0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585, - 0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f, - 0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8, - 0xa2f35151, 0x5dfea3a3, 0x80c04040, 0x058a8f8f, - 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5, - 0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, - 0x20301010, 0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2, - 0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec, - 0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717, - 0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d, - 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373, - 0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc, - 0x44662222, 0x547e2a2a, 0x3bab9090, 0x0b838888, - 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414, - 0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb, - 0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a, - 0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c, - 0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262, - 0x39a89191, 0x31a49595, 0xd337e4e4, 0xf28b7979, - 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d, - 0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, - 0xd8b46c6c, 0xacfa5656, 0xf307f4f4, 0xcf25eaea, - 0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808, - 0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e, - 0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6, - 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f, - 0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, - 0xe0907070, 0x7c423e3e, 0x71c4b5b5, 0xccaa6666, - 0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e, - 0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9, - 0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e, - 0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111, - 0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494, - 0x2db69b9b, 0x3c221e1e, 0x15928787, 0xc920e9e9, - 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf, - 0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, - 0x65dabfbf, 0xd731e6e6, 0x84c64242, 0xd0b86868, - 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f, - 0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616 -}; - -#endif diff --git a/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table.h b/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table.h deleted file mode 100644 index 89839e5..0000000 --- a/src/libsodium/crypto_stream/aes256estream/hongjun/aes-table.h +++ /dev/null @@ -1,62 +0,0 @@ - -#ifndef __AES_TABLE_H__ -#define __AES_TABLE_H__ - -#if defined(_MSC_VER) -# define ALIGN(x) __declspec(align(x)) -#else -# define ALIGN(x) __attribute__((aligned(x))) -#endif - -#ifdef NATIVE_LITTLE_ENDIAN -# include "aes-table-le.h" -#elif defined(NATIVE_BIG_ENDIAN) -# include "aes-table-be.h" -#else -# error Unsupported byte ordering -#endif - -static const unsigned char Rcon[31] = -{ - 0x0, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, - 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xc0, - 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, - 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, - 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 -}; - - -ALIGN(64) static const unsigned char Sbox[256] = { - 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, - 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, - 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, - 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, - 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, - 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, - 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, - 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, - 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, - 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, - 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, - 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, - 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, - 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, - 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, - 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, - 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, - 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, - 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, - 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, - 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, - 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, - 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, - 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, - 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, - 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, - 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, - 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, - 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, - 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, - 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, - 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16}; -#endif diff --git a/src/libsodium/crypto_stream/aes256estream/hongjun/aes256-ctr.c b/src/libsodium/crypto_stream/aes256estream/hongjun/aes256-ctr.c deleted file mode 100644 index c35e310..0000000 --- a/src/libsodium/crypto_stream/aes256estream/hongjun/aes256-ctr.c +++ /dev/null @@ -1,239 +0,0 @@ -/* aes-ctr.c */ -/* AES in CTR mode. */ - -/* Hongjun Wu, January 2007*/ - - -/* ------------------------------------------------------------------------- */ - -#include "api.h" -#include "aes256.h" - -#include <string.h> - -/* ------------------------------------------------------------------------- */ -/* key setup for AES-256*/ -static void -ECRYPT_keysetup(ECRYPT_ctx* ctx, const u8* key, u32 keysize, u32 ivsize) -{ - unsigned int w[Nk*(Nr+1)], temp; - int i, j; - - (void) keysize; - (void) ivsize; - (void) sizeof(char[sizeof *ctx == crypto_stream_BEFORENMBYTES ? 1 : -1]); - - for( i = 0; i < Nk; i++ ) { - w[i] = key[(i << 2)]; - w[i] |= key[(i << 2)+1] << 8; - w[i] |= key[(i << 2)+2] << 16; - w[i] |= (unsigned int) key[(i << 2)+3] << 24; - } - - i = Nk; - - while( i < Nb*(Nr+1) ) { - temp = w[i-1]; - - temp = (unsigned int) Sbox[temp & 0xFF] << 24 ^ - Sbox[(temp >> 8) & 0xFF] ^ - (Sbox[(temp >> 16) & 0xFF] << 8 ) ^ - (Sbox[(temp >> 24) & 0xFF] << 16) ^ - Rcon[i/Nk]; - w[i] = w[i-Nk] ^ temp; - i++; - - temp = w[i-1]; - w[i] = w[i-Nk] ^ temp; - i++; - - temp = w[i-1]; - w[i] = w[i-Nk] ^ temp; - i++; - - temp = w[i-1]; - w[i] = w[i-Nk] ^ temp; - i++; - - temp = w[i-1]; - temp = Sbox[temp & 0xFF] ^ - Sbox[(temp >> 8) & 0xFF] << 8 ^ - (Sbox[(temp >> 16) & 0xFF] << 16) ^ - ((unsigned int) Sbox[(temp >> 24) & 0xFF] << 24); - w[i] = w[i-Nk] ^ temp; - i++; - - temp = w[i-1]; - w[i] = w[i-Nk] ^ temp; - i++; - - temp = w[i-1]; - w[i] = w[i-Nk] ^ temp; - i++; - - temp = w[i-1]; - w[i] = w[i-Nk] ^ temp; - i++; - } - - for (i = 0; i <= Nr; i++) { - for (j = 0; j < Nb; j++) { - ctx->round_key[i][j] = SWP32(w[(i<<2)+j]); - } - } -} - -/* ------------------------------------------------------------------------- */ - -static void -ECRYPT_ivsetup(ECRYPT_ctx* ctx, const u8* iv) -{ - (void) sizeof(char[(sizeof ctx->counter) == crypto_stream_NONCEBYTES ? 1 : -1]); - memcpy(ctx->counter, iv, crypto_stream_NONCEBYTES); -} - -/* ------------------------------------------------------------------------- */ - -/*compute the intermediate values for the first two rounds*/ -static void -partial_precompute_tworounds(ECRYPT_ctx* ctx) -{ - u32 x0,x1,x2,x3,y0,y1,y2,y3; - - x0 = ctx->counter[0] ^ ctx->round_key[0][0]; - x1 = ctx->counter[1] ^ ctx->round_key[0][1]; - x2 = ctx->counter[2] ^ ctx->round_key[0][2]; - x3 = ctx->counter[3] ^ ctx->round_key[0][3]; - x0 &= SWP32(0xffffff00); - round(ctx,x0,x1,x2,x3,y0,y1,y2,y3,1); - ctx->first_round_output_x0 = y0 ^ T0[0]; - y0 = 0; - round(ctx,y0,y1,y2,y3,x0,x1,x2,x3,2); - ctx->second_round_output[0] = x0 ^ T0[0]; - ctx->second_round_output[1] = x1 ^ T3[0]; - ctx->second_round_output[2] = x2 ^ T2[0]; - ctx->second_round_output[3] = x3 ^ T1[0]; -} - -/* ------------------------------------------------------------------------- */ - -#ifndef CPU_ALIGNED_ACCESS_REQUIRED -# define UNALIGNED_U32_READ(P, I) (((const u32 *)(const void *) (P))[(I)]) -#else -static inline uint32_t -UNALIGNED_U32_READ(const u8 * const p, const size_t i) -{ - uint32_t t; - (void) sizeof(int[sizeof(*p) == sizeof(char) ? 1 : -1]); - memcpy(&t, p + i * (sizeof t / sizeof *p), sizeof t); - return t; -} -#endif - -/* ------------------------------------------------------------------------- */ - -static void -ECRYPT_process_bytes(int action, ECRYPT_ctx* ctx, const u8* input, u8* output, - u32 msglen) -{ - __attribute__((aligned(32))) u8 keystream[16]; - u32 i; - - (void) action; - memset(keystream, 0, sizeof keystream); - partial_precompute_tworounds(ctx); - - for ( ; msglen >= 16; msglen -= 16, input += 16, output += 16) { - aes256_enc_block(ctx->counter, keystream, ctx); - - ((u32*)output)[0] = UNALIGNED_U32_READ(input, 0) ^ ((u32*)keystream)[0] ^ ctx->round_key[Nr][0]; - ((u32*)output)[1] = UNALIGNED_U32_READ(input, 1) ^ ((u32*)keystream)[1] ^ ctx->round_key[Nr][1]; - ((u32*)output)[2] = UNALIGNED_U32_READ(input, 2) ^ ((u32*)keystream)[2] ^ ctx->round_key[Nr][2]; - ((u32*)output)[3] = UNALIGNED_U32_READ(input, 3) ^ ((u32*)keystream)[3] ^ ctx->round_key[Nr][3]; - - ctx->counter[0] = SWP32(SWP32(ctx->counter[0]) + 1); - - if ((ctx->counter[0] & SWP32(0xff))== 0) { - partial_precompute_tworounds(ctx); - } - } - - if (msglen > 0) { - aes256_enc_block(ctx->counter, keystream, ctx); - ((u32*)keystream)[0] ^= ctx->round_key[Nr][0]; - ((u32*)keystream)[1] ^= ctx->round_key[Nr][1]; - ((u32*)keystream)[2] ^= ctx->round_key[Nr][2]; - ((u32*)keystream)[3] ^= ctx->round_key[Nr][3]; - - for (i = 0; i < msglen; i ++) { - output[i] = input[i] ^ keystream[i]; - } - } -} - -/* ------------------------------------------------------------------------- */ - -#include "ecrypt-sync.h" - -int -crypto_stream_beforenm(unsigned char *c, const unsigned char *k) -{ - ECRYPT_ctx * const ctx = (ECRYPT_ctx *) c; - - ECRYPT_keysetup(ctx, k, crypto_stream_KEYBYTES * 8, - crypto_stream_NONCEBYTES * 8); - return 0; -} - -int -crypto_stream_afternm(unsigned char *out, unsigned long long len, - const unsigned char *nonce, const unsigned char *c) -{ - ECRYPT_ctx * const ctx = (ECRYPT_ctx *) c; - unsigned long long i; - - ECRYPT_ivsetup(ctx, nonce); - for (i = 0U; i < len; ++i) { - out[i] = 0U; - } - ECRYPT_encrypt_bytes(ctx, (u8 *) out, (u8 *) out, len); - - return 0; -} - -int -crypto_stream_xor_afternm(unsigned char *out, const unsigned char *in, - unsigned long long len, const unsigned char *nonce, - const unsigned char *c) -{ - ECRYPT_ctx * const ctx = (ECRYPT_ctx *) c; - - ECRYPT_ivsetup(ctx, nonce); - ECRYPT_encrypt_bytes(ctx, (const u8 *) in, (u8 *) out, len); - - return 0; -} - -int -crypto_stream(unsigned char *out, unsigned long long outlen, - const unsigned char *n, const unsigned char *k) -{ - unsigned char d[crypto_stream_BEFORENMBYTES]; - - crypto_stream_beforenm(d, k); - crypto_stream_afternm(out, outlen, n, d); - - return 0; -} - -int crypto_stream_xor(unsigned char *out, const unsigned char *in, - unsigned long long inlen, const unsigned char *n, - const unsigned char *k) -{ - unsigned char d[crypto_stream_BEFORENMBYTES]; - - crypto_stream_beforenm(d, k); - crypto_stream_xor_afternm(out, in, inlen, n, d); - - return 0; -} diff --git a/src/libsodium/crypto_stream/aes256estream/hongjun/aes256.h b/src/libsodium/crypto_stream/aes256estream/hongjun/aes256.h deleted file mode 100644 index d562b1d..0000000 --- a/src/libsodium/crypto_stream/aes256estream/hongjun/aes256.h +++ /dev/null @@ -1,171 +0,0 @@ -/* aes256.h */ -/* Hongjun Wu, January 2007*/ - - -#include "ecrypt-sync.h" -#include "aes-table.h" - -#include <stdio.h> - -#ifdef NATIVE_LITTLE_ENDIAN -# define LEROT(X, S) ((uint8_t) ((uint32_t)(X) >> (S))) -# define SWP32(X) (X) -#elif defined(NATIVE_BIG_ENDIAN) -# define LEROT(X, S) ((uint8_t) ((uint32_t)(X) >> (24 - (S)))) -# define SWP32(X) ((uint32_t)((((uint32_t)(X) & 0xff000000) >> 24) | \ - (((uint32_t)(X) & 0x00ff0000) >> 8) | \ - (((uint32_t)(X) & 0x0000ff00) << 8) | \ - (((uint32_t)(X) & 0x000000ff) << 24))) -#else -# error Unsupported byte ordering -#endif - -#define first_round(ctx,x0,y0) { \ - u32 z0,t0,tem0; \ - z0 = (x0) ^ ctx->round_key[0][0]; \ - t0 = LEROT(z0, 0); \ - tem0 = T0[t0]; \ - (y0) = tem0 ^ ctx->first_round_output_x0; \ -} - -#define second_round(ctx,x0,y0,y1,y2,y3) { \ - u32 t0,t7,t10,t13; \ - u32 tem0,tem7,tem10,tem13; \ - t0 = LEROT(x0, 0); \ - tem0 = T0[t0]; \ - (y0) = tem0 ^ ctx->second_round_output[0]; \ - t7 = LEROT(x0, 24); \ - tem7 = T3[t7]; \ - (y1) = tem7 ^ ctx->second_round_output[1]; \ - t10 = LEROT(x0, 16); \ - tem10 = T2[t10]; \ - (y2) = tem10 ^ ctx->second_round_output[2]; \ - t13 = LEROT(x0, 8); \ - tem13 = T1[t13];\ - (y3) = tem13 ^ ctx->second_round_output[3]; \ -} - -#define round(ctx,x0,x1,x2,x3,y0,y1,y2,y3,r) { \ - u32 t0,t1,t2,t3; \ - u32 t4,t5,t6,t7; \ - u32 t8,t9,t10,t11; \ - u32 t12,t13,t14,t15;\ - u32 tem0,tem1,tem2,tem3; \ - u32 tem4,tem5,tem6,tem7; \ - u32 tem8,tem9,tem10,tem11; \ - u32 tem12,tem13,tem14,tem15;\ - \ - t0 = LEROT(x0, 0); \ - tem0 = T0[t0]; \ - t1 = LEROT(x1, 8); \ - tem1 = tem0 ^ T1[t1]; \ - t2 = LEROT(x2, 16); \ - tem2 = tem1 ^ T2[t2]; \ - t3 = LEROT(x3, 24); \ - tem3 = tem2 ^ T3[t3]; \ - (y0) = tem3 ^ ctx->round_key[r][0]; \ - \ - t4 = LEROT(x1, 0); \ - tem4 = T0[t4]; \ - t5 = LEROT(x2, 8); \ - tem5 = tem4 ^ T1[t5]; \ - t6 = LEROT(x3, 16); \ - tem6 = tem5 ^ T2[t6]; \ - t7 = LEROT(x0, 24); \ - tem7 = tem6 ^ T3[t7]; \ - (y1) = tem7 ^ ctx->round_key[r][1]; \ - \ - t8 = LEROT(x2, 0); \ - tem8 = T0[t8]; \ - t9 = LEROT(x3, 8); \ - tem9 = tem8 ^ T1[t9]; \ - t10 = LEROT(x0, 16); \ - tem10 = tem9 ^ T2[t10]; \ - t11 = LEROT(x1, 24); \ - tem11 = tem10 ^ T3[t11];\ - (y2) = tem11 ^ ctx->round_key[r][2]; \ - \ - t12 = LEROT(x3, 0); \ - tem12 = T0[t12]; \ - t13 = LEROT(x0, 8); \ - tem13 = tem12 ^ T1[t13];\ - t14 = LEROT(x1, 16); \ - tem14 = tem13 ^ T2[t14];\ - t15 = LEROT(x2, 24); \ - tem15 = tem14 ^ T3[t15];\ - (y3) = tem15 ^ ctx->round_key[r][3]; \ -} - -/* 22.14 cycles/byte*/ -#define last_round(ctx,x0,x1,x2,x3,output,r) { \ - u32 t0,t1,t2,t3; \ - u32 t4,t5,t6,t7; \ - u32 t8,t9,t10,t11; \ - u32 t12,t13,t14,t15;\ - \ - t0 = LEROT(x0, 0); \ - output[0] = Sbox[t0]; \ - t7 = LEROT(x0, 24); \ - output[7] = Sbox[t7]; \ - t10 = LEROT(x0, 16); \ - output[10] = Sbox[t10]; \ - t13 = LEROT(x0, 8); \ - output[13] = Sbox[t13]; \ - \ - t1 = LEROT(x1, 8); \ - output[1] = Sbox[t1]; \ - t4 = LEROT(x1, 0); \ - output[4] = Sbox[t4]; \ - t11 = LEROT(x1, 24); \ - output[11] = Sbox[t11]; \ - t14 = LEROT(x1, 16); \ - output[14] = Sbox[t14]; \ - \ - t2 = LEROT(x2, 16); \ - output[2] = Sbox[t2]; \ - t5 = LEROT(x2, 8); \ - output[5] = Sbox[t5]; \ - t8 = LEROT(x2, 0); \ - output[8] = Sbox[t8]; \ - t15 = LEROT(x2, 24); \ - output[15] = Sbox[t15]; \ - \ - t3 = LEROT(x3, 24); \ - output[3] = Sbox[t3]; \ - t6 = LEROT(x3, 16); \ - output[6] = Sbox[t6]; \ - t9 = LEROT(x3, 8); \ - output[9] = Sbox[t9]; \ - t12 = LEROT(x3, 0); \ - output[12] = Sbox[t12]; \ -} - -#define aes256_enc_block(x,output,ctx) {\ - u32 y0;\ - u32 z0,z1,z2,z3;\ - u32 a0,a1,a2,a3;\ - u32 b0,b1,b2,b3;\ - u32 c0,c1,c2,c3;\ - u32 d0,d1,d2,d3;\ - u32 e0,e1,e2,e3;\ - u32 f0,f1,f2,f3;\ - u32 g0,g1,g2,g3;\ - u32 h0,h1,h2,h3;\ - u32 i0,i1,i2,i3;\ - u32 j0,j1,j2,j3;\ - u32 k0,k1,k2,k3;\ - first_round(ctx,x[0],y0);\ - second_round(ctx,y0,z0,z1,z2,z3);\ - round(ctx,z0,z1,z2,z3,a0,a1,a2,a3,3);\ - round(ctx,a0,a1,a2,a3,b0,b1,b2,b3,4);\ - round(ctx,b0,b1,b2,b3,c0,c1,c2,c3,5);\ - round(ctx,c0,c1,c2,c3,d0,d1,d2,d3,6);\ - round(ctx,d0,d1,d2,d3,e0,e1,e2,e3,7);\ - round(ctx,e0,e1,e2,e3,f0,f1,f2,f3,8);\ - round(ctx,f0,f1,f2,f3,g0,g1,g2,g3,9);\ - round(ctx,g0,g1,g2,g3,h0,h1,h2,h3,10);\ - round(ctx,h0,h1,h2,h3,i0,i1,i2,i3,11);\ - round(ctx,i0,i1,i2,i3,j0,j1,j2,j3,12);\ - round(ctx,j0,j1,j2,j3,k0,k1,k2,k3,13);\ - last_round(ctx,k0,k1,k2,k3,(output),14);\ -} diff --git a/src/libsodium/crypto_stream/aes256estream/hongjun/api.h b/src/libsodium/crypto_stream/aes256estream/hongjun/api.h deleted file mode 100644 index 017babe..0000000 --- a/src/libsodium/crypto_stream/aes256estream/hongjun/api.h +++ /dev/null @@ -1,13 +0,0 @@ - -#include "crypto_stream_aes256estream.h" - -#define crypto_stream crypto_stream_aes256estream -#define crypto_stream_xor crypto_stream_aes256estream_xor -#define crypto_stream_beforenm crypto_stream_aes256estream_beforenm -#define crypto_stream_afternm crypto_stream_aes256estream_afternm -#define crypto_stream_xor_afternm crypto_stream_aes256estream_xor_afternm -#define crypto_stream_KEYBYTES crypto_stream_aes256estream_KEYBYTES -#define crypto_stream_NONCEBYTES crypto_stream_aes256estream_NONCEBYTES -#define crypto_stream_BEFORENMBYTES crypto_stream_aes256estream_BEFORENMBYTES -#define crypto_stream_IMPLEMENTATION crypto_stream_aes256estream_IMPLEMENTATION -#define crypto_stream_VERSION crypto_stream_aes256estream_VERSION diff --git a/src/libsodium/crypto_stream/aes256estream/hongjun/ecrypt-sync.h b/src/libsodium/crypto_stream/aes256estream/hongjun/ecrypt-sync.h deleted file mode 100644 index 23f2aee..0000000 --- a/src/libsodium/crypto_stream/aes256estream/hongjun/ecrypt-sync.h +++ /dev/null @@ -1,27 +0,0 @@ - -#ifndef __ECRYPT_SYNC__ -#define __ECRYPT_SYNC__ - -#include <stdint.h> - -typedef uint8_t u8; -typedef uint32_t u32; - -#define Nr 14 -#define Nk 8 -#define Nb 4 - -#pragma pack(push, 1) -typedef struct ECRYPT_ctx -{ - u32 round_key[Nr+1][4]; - u32 counter[4]; - u32 first_round_output_x0; - u32 second_round_output[4]; -} ECRYPT_ctx; -#pragma pack(pop) - -#define ECRYPT_encrypt_bytes(ctx, plaintext, ciphertext, msglen) \ - ECRYPT_process_bytes(0, ctx, plaintext, ciphertext, msglen) - -#endif diff --git a/src/libsodium/crypto_stream/aes256estream/stream_aes256estream_api.c b/src/libsodium/crypto_stream/aes256estream/stream_aes256estream_api.c deleted file mode 100644 index 2d3d1cb..0000000 --- a/src/libsodium/crypto_stream/aes256estream/stream_aes256estream_api.c +++ /dev/null @@ -1,16 +0,0 @@ -#include "crypto_stream_aes256estream.h" - -size_t -crypto_stream_aes256estream_keybytes(void) { - return crypto_stream_aes256estream_KEYBYTES; -} - -size_t -crypto_stream_aes256estream_noncebytes(void) { - return crypto_stream_aes256estream_NONCEBYTES; -} - -size_t -crypto_stream_aes256estream_beforenmbytes(void) { - return crypto_stream_aes256estream_BEFORENMBYTES; -} diff --git a/src/libsodium/crypto_stream/chacha20/ref/stream_chacha20_ref.c b/src/libsodium/crypto_stream/chacha20/ref/stream_chacha20_ref.c index 7c7d1a5..d6d943e 100644 --- a/src/libsodium/crypto_stream/chacha20/ref/stream_chacha20_ref.c +++ b/src/libsodium/crypto_stream/chacha20/ref/stream_chacha20_ref.c @@ -101,7 +101,7 @@ chacha_encrypt_bytes(chacha_ctx *x, const u8 *m, u8 *c, unsigned long long bytes unsigned long long i; if (!bytes) { - return; + return; /* LCOV_EXCL_LINE */ } j0 = x->input[0]; j1 = x->input[1]; @@ -190,10 +190,11 @@ chacha_encrypt_bytes(chacha_ctx *x, const u8 *m, u8 *c, unsigned long long bytes x15 = XOR(x15, U8TO32_LITTLE(m + 60)); j12 = PLUSONE(j12); + /* LCOV_EXCL_START */ if (!j12) { j13 = PLUSONE(j13); - /* stopping at 2^70 bytes per nonce is user's responsibility */ } + /* LCOV_EXCL_STOP */ U32TO8_LITTLE(c + 0, x0); U32TO8_LITTLE(c + 4, x1); diff --git a/src/libsodium/crypto_stream/try.c b/src/libsodium/crypto_stream/try.c deleted file mode 100644 index 61bf8ab..0000000 --- a/src/libsodium/crypto_stream/try.c +++ /dev/null @@ -1,122 +0,0 @@ -/* - * crypto_stream/try.c version 20090118 - * D. J. Bernstein - * Public domain. - */ - -#include <stdlib.h> -#include "crypto_stream.h" -#include "utils.h" -#include "windows/windows-quirks.h" - -extern unsigned char *alignedcalloc(unsigned long long); - -const char *primitiveimplementation = crypto_stream_IMPLEMENTATION; - -#define MAXTEST_BYTES 10000 -#define CHECKSUM_BYTES 4096 -#define TUNE_BYTES 1536 - -static unsigned char *k; -static unsigned char *n; -static unsigned char *m; -static unsigned char *c; -static unsigned char *s; -static unsigned char *k2; -static unsigned char *n2; -static unsigned char *m2; -static unsigned char *c2; -static unsigned char *s2; - -void preallocate(void) -{ -} - -void allocate(void) -{ - k = alignedcalloc(crypto_stream_KEYBYTES); - n = alignedcalloc(crypto_stream_NONCEBYTES); - m = alignedcalloc(MAXTEST_BYTES); - c = alignedcalloc(MAXTEST_BYTES); - s = alignedcalloc(MAXTEST_BYTES); - k2 = alignedcalloc(crypto_stream_KEYBYTES); - n2 = alignedcalloc(crypto_stream_NONCEBYTES); - m2 = alignedcalloc(MAXTEST_BYTES); - c2 = alignedcalloc(MAXTEST_BYTES); - s2 = alignedcalloc(MAXTEST_BYTES); -} - -void predoit(void) -{ -} - -void doit(void) -{ - crypto_stream_xor(c,m,TUNE_BYTES,n,k); -} - -char checksum[crypto_stream_KEYBYTES * 2 + 1]; - -const char *checksum_compute(void) -{ - long long i; - long long j; - - for (i = 0;i < CHECKSUM_BYTES;++i) { - long long mlen = i; - long long clen = i; - long long slen = i; - long long klen = crypto_stream_KEYBYTES; - long long nlen = crypto_stream_NONCEBYTES; - for (j = -16;j < 0;++j) m[j] = rand(); - for (j = -16;j < 0;++j) c[j] = rand(); - for (j = -16;j < 0;++j) s[j] = rand(); - for (j = -16;j < 0;++j) n[j] = rand(); - for (j = -16;j < 0;++j) k[j] = rand(); - for (j = mlen;j < mlen + 16;++j) m[j] = rand(); - for (j = clen;j < clen + 16;++j) c[j] = rand(); - for (j = slen;j < slen + 16;++j) s[j] = rand(); - for (j = nlen;j < nlen + 16;++j) n[j] = rand(); - for (j = klen;j < klen + 16;++j) k[j] = rand(); - for (j = -16;j < mlen + 16;++j) m2[j] = m[j]; - for (j = -16;j < clen + 16;++j) c2[j] = c[j]; - for (j = -16;j < slen + 16;++j) s2[j] = s[j]; - for (j = -16;j < nlen + 16;++j) n2[j] = n[j]; - for (j = -16;j < klen + 16;++j) k2[j] = k[j]; - - crypto_stream_xor(c,m,mlen,n,k); - - for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_stream_xor overwrites m"; - for (j = -16;j < slen + 16;++j) if (s[j] != s2[j]) return "crypto_stream_xor overwrites s"; - for (j = -16;j < nlen + 16;++j) if (n[j] != n2[j]) return "crypto_stream_xor overwrites n"; - for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_stream_xor overwrites k"; - for (j = -16;j < 0;++j) if (c[j] != c2[j]) return "crypto_stream_xor writes before output"; - for (j = clen;j < clen + 16;++j) if (c[j] != c2[j]) return "crypto_stream_xor writes after output"; - - for (j = -16;j < clen + 16;++j) c2[j] = c[j]; - - crypto_stream(s,slen,n,k); - - for (j = -16;j < mlen + 16;++j) if (m[j] != m2[j]) return "crypto_stream overwrites m"; - for (j = -16;j < clen + 16;++j) if (c[j] != c2[j]) return "crypto_stream overwrites c"; - for (j = -16;j < nlen + 16;++j) if (n[j] != n2[j]) return "crypto_stream overwrites n"; - for (j = -16;j < klen + 16;++j) if (k[j] != k2[j]) return "crypto_stream overwrites k"; - for (j = -16;j < 0;++j) if (s[j] != s2[j]) return "crypto_stream writes before output"; - for (j = slen;j < slen + 16;++j) if (s[j] != s2[j]) return "crypto_stream writes after output"; - - for (j = 0;j < mlen;++j) - if ((s[j] ^ m[j]) != c[j]) return "crypto_stream_xor does not match crypto_stream"; - - for (j = 0;j < clen;++j) k[j % klen] ^= c[j]; - crypto_stream_xor(m,c,clen,n,k); - crypto_stream(s,slen,n,k); - for (j = 0;j < mlen;++j) - if ((s[j] ^ m[j]) != c[j]) return "crypto_stream_xor does not match crypto_stream"; - for (j = 0;j < mlen;++j) n[j % nlen] ^= m[j]; - m[mlen] = 0; - } - - sodium_bin2hex(checksum, sizeof checksum, k, crypto_stream_KEYBYTES); - - return 0; -} diff --git a/src/libsodium/crypto_verify/try.c b/src/libsodium/crypto_verify/try.c deleted file mode 100644 index 06684e7..0000000 --- a/src/libsodium/crypto_verify/try.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * crypto_verify/try.c version 20090118 - * D. J. Bernstein - * Public domain. - */ - -#include <stdlib.h> -#include "crypto_verify.h" -#include "windows/windows-quirks.h" - -extern unsigned char *alignedcalloc(unsigned long long); - -const char *primitiveimplementation = crypto_verify_IMPLEMENTATION; - -static unsigned char *x; -static unsigned char *y; - -void preallocate(void) -{ -} - -void allocate(void) -{ - x = alignedcalloc(crypto_verify_BYTES); - y = alignedcalloc(crypto_verify_BYTES); -} - -void predoit(void) -{ -} - -void doit(void) -{ - crypto_verify(x,y); -} - -static const char *check(void) -{ - int r = crypto_verify(x,y); - if (r == 0) { - if (memcmp(x,y,crypto_verify_BYTES)) return "different strings pass verify"; - } else if (r == -1) { - if (!memcmp(x,y,crypto_verify_BYTES)) return "equal strings fail verify"; - } else { - return "weird return value from verify"; - } - return 0; -} - -char checksum[2]; - -const char *checksum_compute(void) -{ - long long tests; - long long i; - long long j; - const char *c; - - for (tests = 0;tests < 100000;++tests) { - for (i = 0;i < crypto_verify_BYTES;++i) x[i] = rand(); - for (i = 0;i < crypto_verify_BYTES;++i) y[i] = rand(); - c = check(); if (c) return c; - for (i = 0;i < crypto_verify_BYTES;++i) y[i] = x[i]; - c = check(); if (c) return c; - y[rand() % crypto_verify_BYTES] = rand(); - c = check(); if (c) return c; - y[rand() % crypto_verify_BYTES] = rand(); - c = check(); if (c) return c; - y[rand() % crypto_verify_BYTES] = rand(); - c = check(); if (c) return c; - } - - checksum[0] = '0'; - checksum[1] = 0; - return 0; -} diff --git a/src/libsodium/include/Makefile.am b/src/libsodium/include/Makefile.am index 45a82d7..894c371 100644 --- a/src/libsodium/include/Makefile.am +++ b/src/libsodium/include/Makefile.am @@ -32,7 +32,6 @@ SODIUM_EXPORT = \ sodium/crypto_sign_edwards25519sha512batch.h \ sodium/crypto_stream.h \ sodium/crypto_stream_aes128ctr.h \ - sodium/crypto_stream_aes256estream.h \ sodium/crypto_stream_chacha20.h \ sodium/crypto_stream_salsa20.h \ sodium/crypto_stream_salsa2012.h \ diff --git a/src/libsodium/include/sodium.h b/src/libsodium/include/sodium.h index dcb6b45..4a57108 100644 --- a/src/libsodium/include/sodium.h +++ b/src/libsodium/include/sodium.h @@ -32,7 +32,6 @@ #include <sodium/crypto_sign_ed25519.h> #include <sodium/crypto_stream.h> #include <sodium/crypto_stream_aes128ctr.h> -#include <sodium/crypto_stream_aes256estream.h> #include <sodium/crypto_stream_chacha20.h> #include <sodium/crypto_stream_salsa20.h> #include <sodium/crypto_stream_salsa2012.h> diff --git a/src/libsodium/include/sodium/crypto_onetimeauth_poly1305.h b/src/libsodium/include/sodium/crypto_onetimeauth_poly1305.h index 54f4a73..fb6eb49 100644 --- a/src/libsodium/include/sodium/crypto_onetimeauth_poly1305.h +++ b/src/libsodium/include/sodium/crypto_onetimeauth_poly1305.h @@ -54,9 +54,8 @@ const char *crypto_onetimeauth_poly1305_implementation_name(void); SODIUM_EXPORT int crypto_onetimeauth_poly1305_set_implementation(crypto_onetimeauth_poly1305_implementation *impl); -SODIUM_EXPORT crypto_onetimeauth_poly1305_implementation * - crypto_onetimeauth_pick_best_implementation(void); +crypto_onetimeauth_pick_best_implementation(void); SODIUM_EXPORT int crypto_onetimeauth_poly1305(unsigned char *out, diff --git a/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h b/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h index 7de8395..a83233b 100644 --- a/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h +++ b/src/libsodium/include/sodium/crypto_pwhash_scryptsalsa208sha256.h @@ -2,6 +2,7 @@ #define crypto_pwhash_scryptsalsa208sha256_H #include <stddef.h> +#include <stdint.h> #include "export.h" @@ -20,6 +21,10 @@ size_t crypto_pwhash_scryptsalsa208sha256_saltbytes(void); SODIUM_EXPORT size_t crypto_pwhash_scryptsalsa208sha256_strbytes(void); +#define crypto_pwhash_scryptsalsa208sha256_STRPREFIX "$7$" +SODIUM_EXPORT +const char *crypto_pwhash_scryptsalsa208sha256_strprefix(void); + #define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE 524288ULL SODIUM_EXPORT size_t crypto_pwhash_scryptsalsa208sha256_opslimit_interactive(void); diff --git a/src/libsodium/include/sodium/crypto_sign_ed25519.h b/src/libsodium/include/sodium/crypto_sign_ed25519.h index 101b6c9..0194c39 100644 --- a/src/libsodium/include/sodium/crypto_sign_ed25519.h +++ b/src/libsodium/include/sodium/crypto_sign_ed25519.h @@ -57,6 +57,21 @@ SODIUM_EXPORT int crypto_sign_ed25519_seed_keypair(unsigned char *pk, unsigned char *sk, const unsigned char *seed); +SODIUM_EXPORT +int crypto_sign_ed25519_pk_to_curve25519(unsigned char *curve25519_pk, + const unsigned char *ed25519_pk); + +SODIUM_EXPORT +int crypto_sign_ed25519_sk_to_curve25519(unsigned char *curve25519_sk, + const unsigned char *ed25519_sk); + +SODIUM_EXPORT +int crypto_sign_ed25519_sk_to_seed(unsigned char *seed, + const unsigned char *sk); + +SODIUM_EXPORT +int crypto_sign_ed25519_sk_to_pk(unsigned char *pk, const unsigned char *sk); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/include/sodium/crypto_stream_aes256estream.h b/src/libsodium/include/sodium/crypto_stream_aes256estream.h deleted file mode 100644 index d497834..0000000 --- a/src/libsodium/include/sodium/crypto_stream_aes256estream.h +++ /dev/null @@ -1,67 +0,0 @@ -#ifndef crypto_stream_aes256estream_H -#define crypto_stream_aes256estream_H - -/* - * WARNING: This is just a stream cipher. It is NOT authenticated encryption. - * While it provides some protection against eavesdropping, it does NOT - * provide any security against active attacks. - * Furthermore, this implementation was not part of NaCl. - * - * If you are looking for a stream cipher, you might consider - * crypto_stream_aes128ctr, crypto_stream_chacha20 or crypto_stream_(x)salsa20 - * which are timing-attack resistant. - * - * But unless you know what you're doing, what you are looking for is probably - * the crypto_box or crypto_secretbox functions. - */ - -#include <stddef.h> -#include "export.h" - -#ifdef __cplusplus -# if __GNUC__ -# pragma GCC diagnostic ignored "-Wlong-long" -# endif -extern "C" { -#endif - -#define crypto_stream_aes256estream_KEYBYTES 32U -SODIUM_EXPORT -size_t crypto_stream_aes256estream_keybytes(void); - -#define crypto_stream_aes256estream_NONCEBYTES 16U -SODIUM_EXPORT -size_t crypto_stream_aes256estream_noncebytes(void); - -#define crypto_stream_aes256estream_BEFORENMBYTES 276U -SODIUM_EXPORT -size_t crypto_stream_aes256estream_beforenmbytes(void); - -SODIUM_EXPORT -int crypto_stream_aes256estream(unsigned char *out, unsigned long long len, - const unsigned char *nonce, const unsigned char *c); - -SODIUM_EXPORT -int crypto_stream_aes256estream_xor(unsigned char *out, const unsigned char *in, - unsigned long long inlen, const unsigned char *n, - const unsigned char *k); - -SODIUM_EXPORT -int crypto_stream_aes256estream_beforenm(unsigned char *c, const unsigned char *k); - -SODIUM_EXPORT -int crypto_stream_aes256estream_afternm(unsigned char *out, unsigned long long len, - const unsigned char *nonce, - const unsigned char *c); - -SODIUM_EXPORT -int crypto_stream_aes256estream_xor_afternm(unsigned char *out, const unsigned char *in, - unsigned long long len, - const unsigned char *nonce, - const unsigned char *c); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/libsodium/include/sodium/randombytes.h b/src/libsodium/include/sodium/randombytes.h index c5175b2..4d07cd5 100644 --- a/src/libsodium/include/sodium/randombytes.h +++ b/src/libsodium/include/sodium/randombytes.h @@ -26,28 +26,30 @@ typedef struct randombytes_implementation { } randombytes_implementation; SODIUM_EXPORT -int randombytes_set_implementation(randombytes_implementation *impl); +void randombytes_buf(void * const buf, const size_t size); SODIUM_EXPORT -void randombytes(unsigned char * const buf, const unsigned long long buf_len); +uint32_t randombytes_random(void); SODIUM_EXPORT -const char *randombytes_implementation_name(void); +uint32_t randombytes_uniform(const uint32_t upper_bound); SODIUM_EXPORT -uint32_t randombytes_random(void); +void randombytes_stir(void); SODIUM_EXPORT -void randombytes_stir(void); +int randombytes_close(void); SODIUM_EXPORT -uint32_t randombytes_uniform(const uint32_t upper_bound); +int randombytes_set_implementation(randombytes_implementation *impl); SODIUM_EXPORT -void randombytes_buf(void * const buf, const size_t size); +const char *randombytes_implementation_name(void); + +/* -- Compatibility layer with NaCl -- */ SODIUM_EXPORT -int randombytes_close(void); +void randombytes(unsigned char * const buf, const unsigned long long buf_len); #ifdef __cplusplus } diff --git a/src/libsodium/include/sodium/utils.h b/src/libsodium/include/sodium/utils.h index 817919b..1ac78eb 100644 --- a/src/libsodium/include/sodium/utils.h +++ b/src/libsodium/include/sodium/utils.h @@ -16,12 +16,14 @@ extern "C" { # define _SODIUM_C99(X) X #endif -unsigned char *_sodium_alignedcalloc(unsigned char ** const unaligned_p, - const size_t len); - SODIUM_EXPORT void sodium_memzero(void * const pnt, const size_t len); +/* WARNING: sodium_memcmp() must be used to verify if two secret keys + * are equal, in constant time. + * It returns 0 if the keys are equal, and -1 if they differ. + * This function is not designed for lexicographical comparisons. + */ SODIUM_EXPORT int sodium_memcmp(const void * const b1_, const void * const b2_, size_t len); @@ -41,6 +43,55 @@ int sodium_mlock(void * const addr, const size_t len); SODIUM_EXPORT int sodium_munlock(void * const addr, const size_t len); +/* WARNING: sodium_malloc() and sodium_allocarray() are not general-purpose + * allocation functions. + * + * They return a pointer to a region filled with 0xd0 bytes, immediately + * followed by a guard page. + * As a result, accessing a single byte after the requested allocation size + * will intentionally trigger a segmentation fault. + * + * A canary and an additional guard page placed before the beginning of the + * region may also kill the process if a buffer underflow is detected. + * + * The memory layout is: + * [unprotected region size (read only)][guard page (no access)][unprotected pages (read/write)][guard page (no access)] + * With the layout of the unprotected pages being: + * [optional padding][16-bytes canary][user region] + * + * However: + * - These functions are significantly slower than standard functions + * - Each allocation requires 3 or 4 additional pages + * - The returned address will not be aligned if the allocation size is not + * a multiple of the required alignment. For this reason, these functions + * are designed to store data, such as secret keys and messages. + * They should not be used to store pointers mixed with other types + * in portable code unless extreme care is taken to ensure correct + * pointers alignment. + */ + +SODIUM_EXPORT +void *sodium_malloc(const size_t size); + +SODIUM_EXPORT +void *sodium_allocarray(size_t count, size_t size); + +SODIUM_EXPORT +void sodium_free(void *ptr); + +SODIUM_EXPORT +int sodium_mprotect_noaccess(void *ptr); + +SODIUM_EXPORT +int sodium_mprotect_readonly(void *ptr); + +SODIUM_EXPORT +int sodium_mprotect_readwrite(void *ptr); + +/* -------- */ + +int _sodium_alloc_init(void); + #ifdef __cplusplus } #endif diff --git a/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c b/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c index 374ff4d..2b44469 100644 --- a/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c +++ b/src/libsodium/randombytes/salsa20/randombytes_salsa20_random.c @@ -41,7 +41,7 @@ BOOLEAN NTAPI RtlGenRandom(PVOID RandomBuffer, ULONG RandomBufferLength); typedef struct Salsa20Random_ { unsigned char key[crypto_stream_salsa20_KEYBYTES]; - unsigned char rnd32[SALSA20_RANDOM_BLOCK_SIZE]; + unsigned char rnd32[16U * SALSA20_RANDOM_BLOCK_SIZE]; uint64_t nonce; size_t rnd32_outleft; #ifndef _MSC_VER @@ -67,7 +67,10 @@ sodium_hrtime(void) #ifdef _WIN32 struct _timeb tb; +# pragma warning(push) +# pragma warning(disable: 4996) _ftime(&tb); +# pragma warning(pop) tv.tv_sec = (long) tb.time; tv.tv_usec = ((int) tb.millitm) * 1000; ret = 0; @@ -91,12 +94,12 @@ safe_read(const int fd, void * const buf_, size_t count) assert(count > (size_t) 0U); do { while ((readnb = read(fd, buf, count)) < (ssize_t) 0 && - errno == EINTR); + errno == EINTR); /* LCOV_EXCL_LINE */ if (readnb < (ssize_t) 0) { - return readnb; + return readnb; /* LCOV_EXCL_LINE */ } if (readnb == (ssize_t) 0) { - break; + break; /* LCOV_EXCL_LINE */ } count -= (size_t) readnb; buf += readnb; @@ -110,6 +113,7 @@ safe_read(const int fd, void * const buf_, size_t count) static int randombytes_salsa20_random_random_dev_open(void) { +/* LCOV_EXCL_START */ struct stat st; static const char *devices[] = { # ifndef USE_BLOCKING_RANDOM @@ -131,6 +135,7 @@ randombytes_salsa20_random_random_dev_open(void) } while (*device != NULL); return -1; +/* LCOV_EXCL_STOP */ } static void @@ -143,7 +148,7 @@ randombytes_salsa20_random_init(void) if ((stream.random_data_source_fd = randombytes_salsa20_random_random_dev_open()) == -1) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } errno = errno_save; } @@ -181,11 +186,11 @@ randombytes_salsa20_random_stir(void) #ifndef _WIN32 if (safe_read(stream.random_data_source_fd, m0, sizeof m0) != (ssize_t) sizeof m0) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } #else /* _WIN32 */ if (! RtlGenRandom((PVOID) m0, (ULONG) sizeof m0)) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } #endif COMPILER_ASSERT(sizeof stream.key == crypto_auth_hmacsha512256_BYTES); @@ -214,14 +219,26 @@ randombytes_salsa20_random_stir_if_needed(void) #endif } +static void +randombytes_salsa20_random_rekey(const unsigned char * const mix) +{ + unsigned char *key = stream.key; + size_t i; + + for (i = (size_t) 0U; i < sizeof stream.key; i++) { + key[i] ^= mix[i]; + } +} + static uint32_t randombytes_salsa20_random_getword(void) { uint32_t val; int ret; - COMPILER_ASSERT(sizeof stream.rnd32 >= sizeof val); - COMPILER_ASSERT(sizeof stream.rnd32 % sizeof val == (size_t) 0U); + COMPILER_ASSERT(sizeof stream.rnd32 >= (sizeof stream.key) + (sizeof val)); + COMPILER_ASSERT(((sizeof stream.rnd32) - (sizeof stream.key)) + % sizeof val == (size_t) 0U); if (stream.rnd32_outleft <= (size_t) 0U) { randombytes_salsa20_random_stir_if_needed(); COMPILER_ASSERT(sizeof stream.nonce == crypto_stream_salsa20_NONCEBYTES); @@ -230,11 +247,13 @@ randombytes_salsa20_random_getword(void) (unsigned char *) &stream.nonce, stream.key); assert(ret == 0); + stream.rnd32_outleft = (sizeof stream.rnd32) - (sizeof stream.key); + randombytes_salsa20_random_rekey(&stream.rnd32[stream.rnd32_outleft]); stream.nonce++; - stream.rnd32_outleft = sizeof stream.rnd32; } stream.rnd32_outleft -= sizeof val; memcpy(&val, &stream.rnd32[stream.rnd32_outleft], sizeof val); + memset(&stream.rnd32[stream.rnd32_outleft], 0, sizeof val); return val; } @@ -278,10 +297,11 @@ randombytes_salsa20_random_buf(void * const buf, const size_t size) assert(size <= ULONG_LONG_MAX); #endif ret = crypto_stream_salsa20((unsigned char *) buf, (unsigned long long) size, - (unsigned char *) &stream.nonce, - stream.key); + (unsigned char *) &stream.nonce, stream.key); assert(ret == 0); stream.nonce++; + crypto_stream_salsa20_xor(stream.key, stream.key, sizeof stream.key, + (unsigned char *) &stream.nonce, stream.key); } /* @@ -304,7 +324,7 @@ randombytes_salsa20_random_uniform(const uint32_t upper_bound) if (r >= min) { break; } - } + } /* LCOV_EXCL_LINE */ return r % upper_bound; } diff --git a/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c b/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c index 0ffcc2e..2979ef3 100644 --- a/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c +++ b/src/libsodium/randombytes/sysrandom/randombytes_sysrandom.c @@ -83,12 +83,12 @@ safe_read(const int fd, void * const buf_, size_t count) assert(count > (size_t) 0U); do { while ((readnb = read(fd, buf, count)) < (ssize_t) 0 && - errno == EINTR); + errno == EINTR); /* LCOV_EXCL_LINE */ if (readnb < (ssize_t) 0) { - return readnb; + return readnb; /* LCOV_EXCL_LINE */ } if (readnb == (ssize_t) 0) { - break; + break; /* LCOV_EXCL_LINE */ } count -= (size_t) readnb; buf += readnb; @@ -102,6 +102,7 @@ safe_read(const int fd, void * const buf_, size_t count) static int randombytes_sysrandom_random_dev_open(void) { +/* LCOV_EXCL_START */ struct stat st; static const char *devices[] = { # ifndef USE_BLOCKING_RANDOM @@ -123,6 +124,7 @@ randombytes_sysrandom_random_dev_open(void) } while (*device != NULL); return -1; +/* LCOV_EXCL_STOP */ } static void @@ -132,7 +134,7 @@ randombytes_sysrandom_init(void) if ((stream.random_data_source_fd = randombytes_sysrandom_random_dev_open()) == -1) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } errno = errno_save; } @@ -203,14 +205,14 @@ randombytes_sysrandom_buf(void * const buf, const size_t size) #endif #ifndef _WIN32 if (safe_read(stream.random_data_source_fd, buf, size) != (ssize_t) size) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } #else if (size > 0xffffffff) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } if (! RtlGenRandom((PVOID) buf, (ULONG) size)) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } #endif } @@ -235,7 +237,7 @@ randombytes_sysrandom_uniform(const uint32_t upper_bound) if (r >= min) { break; } - } + } /* LCOV_EXCL_LINE */ return r % upper_bound; } diff --git a/src/libsodium/sodium/compat.c b/src/libsodium/sodium/compat.c deleted file mode 100644 index ece2dbc..0000000 --- a/src/libsodium/sodium/compat.c +++ /dev/null @@ -1,361 +0,0 @@ - -#include "crypto_auth_hmacsha256.h" -#include "crypto_auth_hmacsha512256.h" -#include "crypto_box_curve25519xsalsa20poly1305.h" -#include "crypto_hash_sha256.h" -#include "crypto_hash_sha512.h" -#include "crypto_onetimeauth_poly1305.h" -#include "crypto_pwhash_scryptsalsa208sha256.h" -#include "crypto_scalarmult_curve25519.h" -#include "crypto_secretbox_xsalsa20poly1305.h" -#include "crypto_sign_ed25519.h" -#include "crypto_stream_salsa20.h" -#include "crypto_stream_xsalsa20.h" -#include "crypto_verify_16.h" -#include "crypto_verify_32.h" -#include "export.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#undef crypto_pwhash_scryptxsalsa208sha256_saltbytes -SODIUM_EXPORT size_t -crypto_pwhash_scryptxsalsa208sha256_saltbytes(void) -{ - return crypto_pwhash_scryptsalsa208sha256_saltbytes(); -} - -#undef crypto_pwhash_scryptxsalsa208sha256_strbytes -SODIUM_EXPORT size_t -crypto_pwhash_scryptxsalsa208sha256_strbytes(void) -{ - return crypto_pwhash_scryptsalsa208sha256_strbytes(); -} - -#undef crypto_pwhash_scryptxsalsa208sha256 -SODIUM_EXPORT int -crypto_pwhash_scryptxsalsa208sha256(unsigned char * const out, - unsigned long long outlen, - const char * const passwd, - unsigned long long passwdlen, - const unsigned char * const salt, - unsigned long long opslimit, - size_t memlimit) -{ - return crypto_pwhash_scryptsalsa208sha256(out, outlen, passwd, passwdlen, - salt, opslimit, memlimit); -} - -#undef crypto_pwhash_scryptxsalsa208sha256_str -SODIUM_EXPORT int -crypto_pwhash_scryptxsalsa208sha256_str(char out[crypto_pwhash_scryptsalsa208sha256_STRBYTES], - const char * const passwd, - unsigned long long passwdlen, - unsigned long long opslimit, - size_t memlimit) -{ - return crypto_pwhash_scryptsalsa208sha256_str(out, passwd, passwdlen, - opslimit, memlimit); -} - -#undef crypto_pwhash_scryptxsalsa208sha256_str_verify -SODIUM_EXPORT int -crypto_pwhash_scryptxsalsa208sha256_str_verify(const char str[crypto_pwhash_scryptsalsa208sha256_STRBYTES], - const char * const passwd, - unsigned long long passwdlen) -{ - return crypto_pwhash_scryptsalsa208sha256_str_verify(str, - passwd, passwdlen); -} - -#ifdef EXPORT_ORIGINAL_IMPLEMENTATIONS - -#undef crypto_hash_sha256_ref -SODIUM_EXPORT int -crypto_hash_sha256_ref(unsigned char *out, const unsigned char *in, - unsigned long long inlen) -{ - return crypto_hash_sha256(out, in, inlen); -} - -#undef crypto_hash_sha512_ref -SODIUM_EXPORT int -crypto_hash_sha512_ref(unsigned char *out, const unsigned char *in, - unsigned long long inlen) -{ - return crypto_hash_sha512(out, in, inlen); -} - -#undef crypto_auth_hmacsha256_ref -SODIUM_EXPORT int -crypto_auth_hmacsha256_ref(unsigned char *out, const unsigned char *in, - unsigned long long inlen, const unsigned char *k) -{ - return crypto_auth_hmacsha256(out, in, inlen, k); -} - -#undef crypto_auth_hmacsha256_ref_verify -SODIUM_EXPORT int -crypto_auth_hmacsha256_ref_verify(const unsigned char *h, - const unsigned char *in, - unsigned long long inlen, - const unsigned char *k) -{ - return crypto_auth_hmacsha256_verify(h, in, inlen, k); -} - -#undef crypto_auth_hmacsha512256_ref -SODIUM_EXPORT int -crypto_auth_hmacsha512256_ref(unsigned char *out, const unsigned char *in, - unsigned long long inlen, const unsigned char *k) -{ - return crypto_auth_hmacsha512256(out, in, inlen, k); -} - -#undef crypto_auth_hmacsha512256_ref_verify -SODIUM_EXPORT int -crypto_auth_hmacsha512256_ref_verify(const unsigned char *h, - const unsigned char *in, - unsigned long long inlen, - const unsigned char *k) -{ - return crypto_auth_hmacsha512256_verify(h, in, inlen, k); -} - -#undef crypto_box_curve25519xsalsa20poly1305_ref_keypair -SODIUM_EXPORT int -crypto_box_curve25519xsalsa20poly1305_ref_keypair(unsigned char *pk, - unsigned char *sk) -{ - return crypto_box_curve25519xsalsa20poly1305_keypair(pk, sk); -} - -#undef crypto_box_curve25519xsalsa20poly1305_ref_beforenm -SODIUM_EXPORT int -crypto_box_curve25519xsalsa20poly1305_ref_beforenm(unsigned char *k, - const unsigned char *pk, - const unsigned char *sk) -{ - return crypto_box_curve25519xsalsa20poly1305_beforenm(k, pk, sk); -} - -#undef crypto_box_curve25519xsalsa20poly1305_ref_afternm -SODIUM_EXPORT int -crypto_box_curve25519xsalsa20poly1305_ref_afternm(unsigned char *c, - const unsigned char *m, - unsigned long long mlen, - const unsigned char *n, - const unsigned char *k) -{ - return crypto_box_curve25519xsalsa20poly1305_afternm(c, m, mlen, n, k); -} - -#undef crypto_box_curve25519xsalsa20poly1305_ref_open_afternm -SODIUM_EXPORT int -crypto_box_curve25519xsalsa20poly1305_ref_open_afternm(unsigned char *m, - const unsigned char *c, - unsigned long long clen, - const unsigned char *n, - const unsigned char *k) -{ - return crypto_box_curve25519xsalsa20poly1305_open_afternm(m, c, clen, n, k); -} - -#undef crypto_box_curve25519xsalsa20poly1305_ref -SODIUM_EXPORT int -crypto_box_curve25519xsalsa20poly1305_ref(unsigned char *c, - const unsigned char *m, - unsigned long long mlen, - const unsigned char *n, - const unsigned char *pk, - const unsigned char *sk) -{ - return crypto_box_curve25519xsalsa20poly1305(c, m, mlen, n, pk, sk); -} - -#undef crypto_box_curve25519xsalsa20poly1305_ref_open -SODIUM_EXPORT int -crypto_box_curve25519xsalsa20poly1305_ref_open(unsigned char *m, - const unsigned char *c, - unsigned long long clen, - const unsigned char *n, - const unsigned char *pk, - const unsigned char *sk) -{ - return crypto_box_curve25519xsalsa20poly1305_open(m, c, clen, n, pk, sk); -} - -#undef crypto_scalarmult_curve25519_ref_base -SODIUM_EXPORT int -crypto_scalarmult_curve25519_ref_base(unsigned char *q, const unsigned char *n) -{ - return crypto_scalarmult_curve25519_base(q, n); -} - -#undef crypto_scalarmult_curve25519_ref -SODIUM_EXPORT int -crypto_scalarmult_curve25519_ref(unsigned char *q, const unsigned char *n, - const unsigned char *p) -{ - return crypto_scalarmult_curve25519(q, n, p); -} - -#undef crypto_scalarmult_curve25519_donna_c64_base -SODIUM_EXPORT int -crypto_scalarmult_curve25519_donna_c64_base(unsigned char *q, const unsigned char *n) -{ - return crypto_scalarmult_curve25519_base(q, n); -} - -#undef crypto_scalarmult_curve25519_donna_c64 -SODIUM_EXPORT int -crypto_scalarmult_curve25519_donna_c64(unsigned char *q, const unsigned char *n, - const unsigned char *p) -{ - return crypto_scalarmult_curve25519(q, n, p); -} - -#undef crypto_secretbox_xsalsa20poly1305_ref -SODIUM_EXPORT int -crypto_secretbox_xsalsa20poly1305_ref(unsigned char *c, - const unsigned char *m, - unsigned long long mlen, - const unsigned char *n, - const unsigned char *k) -{ - return crypto_secretbox_xsalsa20poly1305(c, m, mlen, n, k); -} - -#undef crypto_secretbox_xsalsa20poly1305_ref_open -SODIUM_EXPORT int -crypto_secretbox_xsalsa20poly1305_ref_open(unsigned char *m, - const unsigned char *c, - unsigned long long clen, - const unsigned char *n, - const unsigned char *k) -{ - return crypto_secretbox_xsalsa20poly1305_open(m, c, clen, n, k); -} - -#undef crypto_sign_ed25519_ref_seed_keypair -SODIUM_EXPORT int -crypto_sign_ed25519_ref_seed_keypair(unsigned char *pk, unsigned char *sk, - const unsigned char *seed) -{ - return crypto_sign_ed25519_seed_keypair(pk, sk, seed); -} - -#undef crypto_sign_ed25519_ref_keypair -SODIUM_EXPORT int -crypto_sign_ed25519_ref_keypair(unsigned char *pk, unsigned char *sk) -{ - return crypto_sign_ed25519_keypair(pk, sk); -} - -#undef crypto_sign_ed25519_ref -SODIUM_EXPORT int -crypto_sign_ed25519_ref(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, - const unsigned char *sk) -{ - return crypto_sign_ed25519(sm, smlen, m, mlen, sk); -} - -#undef crypto_sign_ed25519_ref_open -SODIUM_EXPORT int -crypto_sign_ed25519_ref_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, - const unsigned char *pk) -{ - return crypto_sign_ed25519_open(m, mlen, sm, smlen, pk); -} - -#undef crypto_stream_xsalsa20_ref -SODIUM_EXPORT int -crypto_stream_xsalsa20_ref(unsigned char *c, unsigned long long clen, - const unsigned char *n, const unsigned char *k) -{ - return crypto_stream_xsalsa20(c, clen, n, k); -} - -#undef crypto_stream_xsalsa20_ref_xor -SODIUM_EXPORT int -crypto_stream_xsalsa20_ref_xor(unsigned char *c, const unsigned char *m, - unsigned long long mlen, const unsigned char *n, - const unsigned char *k) -{ - return crypto_stream_xsalsa20_xor(c, m, mlen, n, k); -} - -#undef crypto_verify_16_ref -SODIUM_EXPORT int -crypto_verify_16_ref(const unsigned char *x, const unsigned char *y) -{ - return crypto_verify_16(x, y); -} - -#undef crypto_verify_32_ref -SODIUM_EXPORT int -crypto_verify_32_ref(const unsigned char *x, const unsigned char *y) -{ - return crypto_verify_32(x, y); -} - -#undef crypto_onetimeauth_poly1305_ref -SODIUM_EXPORT int -crypto_onetimeauth_poly1305_ref(unsigned char *out, - const unsigned char *in, - unsigned long long inlen, - const unsigned char *k) -{ - return crypto_onetimeauth_poly1305(out, in, inlen, k); -} - -#undef crypto_stream_salsa20_amd64_xmm6 -SODIUM_EXPORT int -crypto_stream_salsa20_amd64_xmm6(unsigned char *c, - unsigned long long clen, - const unsigned char *n, - const unsigned char *k) -{ - return crypto_stream_salsa20(c, clen, n, k); -} - -#undef crypto_stream_salsa20_ref -SODIUM_EXPORT int -crypto_stream_salsa20_ref(unsigned char *c, - unsigned long long clen, - const unsigned char *n, - const unsigned char *k) -{ - return crypto_stream_salsa20(c, clen, n, k); -} - -#undef crypto_stream_salsa20_amd64_xmm6_xor -SODIUM_EXPORT int -crypto_stream_salsa20_amd64_xmm6_xor(unsigned char *c, - const unsigned char *m, - unsigned long long mlen, - const unsigned char *n, - const unsigned char *k) -{ - return crypto_stream_salsa20_xor(c, m, mlen, n, k); -} - -#undef crypto_stream_salsa20_ref_xor -SODIUM_EXPORT int -crypto_stream_salsa20_ref_xor(unsigned char *c, - const unsigned char *m, - unsigned long long mlen, - const unsigned char *n, - const unsigned char *k) -{ - return crypto_stream_salsa20_xor(c, m, mlen, n, k); -} - -#endif - -#ifdef __cplusplus -} -#endif diff --git a/src/libsodium/sodium/core.c b/src/libsodium/sodium/core.c index 652f31e..367f275 100644 --- a/src/libsodium/sodium/core.c +++ b/src/libsodium/sodium/core.c @@ -3,6 +3,7 @@ #include "crypto_onetimeauth.h" #include "randombytes.h" #include "runtime.h" +#include "utils.h" static int initialized; @@ -14,9 +15,10 @@ sodium_init(void) } sodium_runtime_get_cpu_features(); if (crypto_onetimeauth_pick_best_implementation() == NULL) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } randombytes_stir(); + _sodium_alloc_init(); initialized = 1; return 0; diff --git a/src/libsodium/sodium/runtime.c b/src/libsodium/sodium/runtime.c index 52b3707..3e424a0 100644 --- a/src/libsodium/sodium/runtime.c +++ b/src/libsodium/sodium/runtime.c @@ -44,7 +44,7 @@ static void _cpuid(unsigned int cpu_info[4U], const unsigned int cpu_info_type) { #ifdef _MSC_VER - __cpuidex((int *) cpu_info, cpu_info_type, 0); + __cpuid((int *) cpu_info, cpu_info_type); #elif defined(HAVE_CPUID) cpu_info[0] = cpu_info[1] = cpu_info[2] = cpu_info[3] = 0; # ifdef __i386__ @@ -56,7 +56,7 @@ _cpuid(unsigned int cpu_info[4U], const unsigned int cpu_info_type) "=&r" (cpu_info[0]), "=&r" (cpu_info[1]) : "i" (0x200000)); if (((cpu_info[0] ^ cpu_info[1]) & 0x200000) == 0x0) { - return; + return; /* LCOV_EXCL_LINE */ } # endif # ifdef __i386__ @@ -88,7 +88,7 @@ _sodium_runtime_intel_cpu_features(CPUFeatures * const cpu_features) _cpuid(cpu_info, 0x0); if ((id = cpu_info[0]) == 0U) { - return -1; + return -1; /* LCOV_EXCL_LINE */ } _cpuid(cpu_info, 0x00000001); #ifndef HAVE_EMMINTRIN_H diff --git a/src/libsodium/sodium/utils.c b/src/libsodium/sodium/utils.c index eff9d0c..e51ae6b 100644 --- a/src/libsodium/sodium/utils.c +++ b/src/libsodium/sodium/utils.c @@ -1,8 +1,10 @@ #ifndef __STDC_WANT_LIB_EXT1__ # define __STDC_WANT_LIB_EXT1__ 1 #endif +#include <assert.h> #include <errno.h> #include <limits.h> +#include <signal.h> #include <stddef.h> #include <stdint.h> #include <stdlib.h> @@ -17,8 +19,32 @@ #ifdef _WIN32 # include <windows.h> # include <wincrypt.h> +#else +# include <unistd.h> +#endif + +#define CANARY_SIZE 16U +#define GARBAGE_VALUE 0xd0 + +#ifndef MAP_NOCORE +# define MAP_NOCORE 0 +#endif +#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS) +# define MAP_ANON MAP_ANONYMOUS +#endif +#if defined(_WIN32) || defined(MAP_ANON) || defined(HAVE_POSIX_MEMALIGN) +# define HAVE_ALIGNED_MALLOC +#endif +#if defined(HAVE_MPROTECT) && !(defined(PROT_NONE) && defined(PROT_READ) && defined(PROT_WRITE)) +# undef HAVE_MPROTECT +#endif +#if defined(HAVE_ALIGNED_MALLOC) && (defined(_WIN32) || defined(HAVE_MPROTECT)) +# define HAVE_PAGE_PROTECTION #endif +static size_t page_size; +static unsigned char canary[CANARY_SIZE]; + #ifdef HAVE_WEAK_SYMBOLS __attribute__((weak)) void __sodium_dummy_symbol_to_prevent_lto(void * const pnt, const size_t len) @@ -31,11 +57,11 @@ __sodium_dummy_symbol_to_prevent_lto(void * const pnt, const size_t len) void sodium_memzero(void * const pnt, const size_t len) { -#ifdef HAVE_SECUREZEROMEMORY +#ifdef _WIN32 SecureZeroMemory(pnt, len); #elif defined(HAVE_MEMSET_S) if (memset_s(pnt, (rsize_t) len, 0, (rsize_t) len) != 0) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } #elif defined(HAVE_EXPLICIT_BZERO) explicit_bzero(pnt, len); @@ -66,34 +92,6 @@ sodium_memcmp(const void * const b1_, const void * const b2_, size_t len) return (int) ((1 & ((d - 1) >> 8)) - 1); } -unsigned char * -_sodium_alignedcalloc(unsigned char ** const unaligned_p, const size_t len) -{ - unsigned char *aligned; - unsigned char *unaligned; - size_t i; - - if (SIZE_MAX - (size_t) 256U < len || - (unaligned = (unsigned char *) malloc(len + (size_t) 256U)) == NULL) { - *unaligned_p = NULL; - return NULL; - } - *unaligned_p = unaligned; -#ifdef HAVE_ARC4RANDOM_BUF - (void) i; - arc4random_buf(unaligned, len + (size_t) 256U); -#else - for (i = (size_t) 0U; i < len + (size_t) 256U; ++i) { - unaligned[i] = (unsigned char) rand(); - } -#endif - aligned = unaligned + 64; - aligned += (ptrdiff_t) 63 & (-(ptrdiff_t) aligned); - memset(aligned, 0, len); - - return aligned; -} - char * sodium_bin2hex(char * const hex, const size_t hex_maxlen, const unsigned char * const bin, const size_t bin_len) @@ -106,7 +104,7 @@ sodium_bin2hex(char * const hex, const size_t hex_maxlen, size_t j = (size_t) 0U; if (bin_len >= SIZE_MAX / 2 || hex_maxlen < bin_len * 2U) { - abort(); + abort(); /* LCOV_EXCL_LINE */ } while (i < bin_len) { hex[j++] = hexdigits[bin[i] >> 4]; @@ -178,7 +176,7 @@ sodium_mlock(void * const addr, const size_t len) #endif #ifdef HAVE_MLOCK return mlock(addr, len); -#elif defined(HAVE_VIRTUALLOCK) +#elif defined(_WIN32) return -(VirtualLock(addr, len) == 0); #else errno = ENOSYS; @@ -195,10 +193,286 @@ sodium_munlock(void * const addr, const size_t len) #endif #ifdef HAVE_MLOCK return munlock(addr, len); -#elif defined(HAVE_VIRTUALLOCK) +#elif defined(_WIN32) return -(VirtualUnlock(addr, len) == 0); #else errno = ENOSYS; return -1; #endif } + +int +_sodium_alloc_init(void) +{ +#if defined(_SC_PAGESIZE) + long page_size_ = sysconf(_SC_PAGESIZE); + if (page_size_ > 0L) { + page_size = (size_t) page_size_; + } +#elif defined(_WIN32) + SYSTEM_INFO si; + GetSystemInfo(&si); + page_size = (size_t) si.dwPageSize; +#endif + if (page_size < CANARY_SIZE) { + abort(); /* LCOV_EXCL_LINE */ + } + randombytes_buf(canary, sizeof canary); + + return 0; +} + +static inline size_t +_page_round(const size_t size) +{ + const size_t page_mask = page_size - 1U; + + return (size + page_mask) & ~page_mask; +} + +static int +_mprotect_noaccess(void *ptr, size_t size) +{ +#if defined(HAVE_MPROTECT) && defined(HAVE_PAGE_PROTECTION) + return mprotect(ptr, size, PROT_NONE); +#elif defined(_WIN32) + { + DWORD old; + return -(VirtualProtect(ptr, size, PAGE_NOACCESS, &old) == 0); + } +#else + errno = ENOSYS; + return -1; +#endif +} + +static int +_mprotect_readonly(void *ptr, size_t size) +{ +#if defined(HAVE_MPROTECT) && defined(HAVE_PAGE_PROTECTION) + return mprotect(ptr, size, PROT_READ); +#elif defined(_WIN32) + { + DWORD old; + return -(VirtualProtect(ptr, size, PAGE_READONLY, &old) == 0); + } +#else + errno = ENOSYS; + return -1; +#endif +} + +static int +_mprotect_readwrite(void *ptr, size_t size) +{ +#if defined(HAVE_MPROTECT) && defined(HAVE_PAGE_PROTECTION) + return mprotect(ptr, size, PROT_READ | PROT_WRITE); +#elif defined(_WIN32) + { + DWORD old; + return -(VirtualProtect(ptr, size, PAGE_READWRITE, &old) == 0); + } +#else + errno = ENOSYS; + return -1; +#endif +} + +static void +_out_of_bounds(void) +{ +#ifdef SIGSEGV + raise(SIGSEGV); +#elif defined(SIGKILL) + raise(SIGKILL); +#endif + abort(); +} /* LCOV_EXCL_LINE */ + +static __attribute__((malloc)) unsigned char * +_alloc_aligned(const size_t size) +{ + void *ptr; + +#ifdef MAP_ANON + if ((ptr = mmap(NULL, size, PROT_READ | PROT_WRITE, + MAP_ANON | MAP_PRIVATE | MAP_NOCORE, -1, 0)) == MAP_FAILED) { + ptr = NULL; /* LCOV_EXCL_LINE */ + } /* LCOV_EXCL_LINE */ +#elif defined(HAVE_POSIX_MEMALIGN) + if (posix_memalign(&ptr, page_size, size) != 0) { + ptr = NULL; /* LCOV_EXCL_LINE */ + } /* LCOV_EXCL_LINE */ +#elif defined(_WIN32) + ptr = VirtualAlloc(NULL, size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE); +#elif !defined(HAVE_ALIGNED_MALLOC) + ptr = malloc(size); +#else +# error Bug +#endif + return (unsigned char *) ptr; +} + +static void +_free_aligned(unsigned char * const ptr, const size_t size) +{ +#ifdef MAP_ANON + (void) munmap(ptr, size); +#elif defined(HAVE_POSIX_MEMALIGN) + free(ptr); +#elif defined(_WIN32) + VirtualFree(ptr, 0U, MEM_RELEASE); +#else + free(ptr); +#endif +} + +static unsigned char * +_unprotected_ptr_from_user_ptr(const void *ptr) +{ + uintptr_t unprotected_ptr_u; + unsigned char *canary_ptr; + size_t page_mask; + + canary_ptr = ((unsigned char *) ptr) - sizeof canary; + page_mask = page_size - 1U; + unprotected_ptr_u = ((uintptr_t) canary_ptr & (uintptr_t) ~page_mask); + if (unprotected_ptr_u <= page_size * 2U) { + abort(); /* LCOV_EXCL_LINE */ + } + return (unsigned char *) unprotected_ptr_u; +} + +static __attribute__((malloc)) void * +_sodium_malloc(const size_t size) +{ + void *user_ptr; + unsigned char *base_ptr; + unsigned char *canary_ptr; + unsigned char *unprotected_ptr; + size_t page_mask; + size_t size_with_canary; + size_t total_size; + size_t unprotected_size; + + if (size >= SIZE_MAX - page_size * 4U) { + errno = ENOMEM; + return NULL; + } + if (page_size <= sizeof canary || page_size < sizeof unprotected_size) { + abort(); /* LCOV_EXCL_LINE */ + } + size_with_canary = (sizeof canary) + size; + unprotected_size = _page_round(size_with_canary); + total_size = page_size + page_size + unprotected_size + page_size; + if ((base_ptr = _alloc_aligned(total_size)) == NULL) { + return NULL; /* LCOV_EXCL_LINE */ + } + unprotected_ptr = base_ptr + page_size * 2U; + _mprotect_noaccess(base_ptr + page_size, page_size); +#ifndef HAVE_PAGE_PROTECTION + memcpy(unprotected_ptr + unprotected_size, canary, sizeof canary); +#endif + _mprotect_noaccess(unprotected_ptr + unprotected_size, page_size); + sodium_mlock(unprotected_ptr, unprotected_size); + page_mask = page_size - 1U; + canary_ptr = unprotected_ptr + _page_round(size_with_canary) - + size_with_canary; + user_ptr = canary_ptr + sizeof canary; + memcpy(canary_ptr, canary, sizeof canary); + memcpy(base_ptr, &unprotected_size, sizeof unprotected_size); + _mprotect_readonly(base_ptr, page_size); + assert(_unprotected_ptr_from_user_ptr(user_ptr) == unprotected_ptr); + + return user_ptr; +} + +__attribute__((malloc)) void * +sodium_malloc(const size_t size) +{ + void *ptr; + + if ((ptr = _sodium_malloc(size)) == NULL) { + return NULL; /* LCOV_EXCL_LINE */ + } + memset(ptr, (int) GARBAGE_VALUE, size); + + return ptr; +} + +__attribute__((malloc)) void * +sodium_allocarray(size_t count, size_t size) +{ + size_t total_size; + + if (size >= SIZE_MAX / count) { + errno = ENOMEM; + return NULL; + } + total_size = count * size; + + return sodium_malloc(total_size); +} + +void +sodium_free(void *ptr) +{ + unsigned char *base_ptr; + unsigned char *canary_ptr; + unsigned char *unprotected_ptr; + size_t total_size; + size_t unprotected_size; + + if (ptr == NULL) { + return; + } + canary_ptr = ((unsigned char *) ptr) - sizeof canary; + if (sodium_memcmp(canary_ptr, canary, sizeof canary) != 0) { + _out_of_bounds(); + } + unprotected_ptr = _unprotected_ptr_from_user_ptr(ptr); + base_ptr = unprotected_ptr - page_size * 2U; + memcpy(&unprotected_size, base_ptr, sizeof unprotected_size); + total_size = page_size + page_size + unprotected_size + page_size; + _mprotect_readwrite(base_ptr, total_size); +#ifndef HAVE_PAGE_PROTECTION + if (sodium_memcmp(unprotected_ptr + unprotected_size, + canary, sizeof canary) != 0) { + _out_of_bounds(); + } +#endif + sodium_munlock(unprotected_ptr, unprotected_size); + _free_aligned(base_ptr, total_size); +} + +static int +_sodium_mprotect(void *ptr, int (*cb)(void *ptr, size_t size)) +{ + unsigned char *base_ptr; + unsigned char *unprotected_ptr; + size_t unprotected_size; + + unprotected_ptr = _unprotected_ptr_from_user_ptr(ptr); + base_ptr = unprotected_ptr - page_size * 2U; + memcpy(&unprotected_size, base_ptr, sizeof unprotected_size); + + return cb(unprotected_ptr, unprotected_size); +} + +int +sodium_mprotect_noaccess(void *ptr) +{ + return _sodium_mprotect(ptr, _mprotect_noaccess); +} + +int +sodium_mprotect_readonly(void *ptr) +{ + return _sodium_mprotect(ptr, _mprotect_readonly); +} + +int +sodium_mprotect_readwrite(void *ptr) +{ + return _sodium_mprotect(ptr, _mprotect_readwrite); +} diff --git a/test/default/Makefile.am b/test/default/Makefile.am index 8ad3c1f..11d76e0 100644 --- a/test/default/Makefile.am +++ b/test/default/Makefile.am @@ -23,6 +23,7 @@ EXTRA_DIST = \ core4.exp \ core5.exp \ core6.exp \ + ed25519_convert.exp \ generichash.exp \ generichash2.exp \ generichash3.exp \ @@ -34,10 +35,12 @@ EXTRA_DIST = \ onetimeauth7.exp \ pwhash.exp \ pwhash_scrypt_ll.exp \ + randombytes.exp \ scalarmult.exp \ scalarmult2.exp \ scalarmult5.exp \ scalarmult6.exp \ + scalarmult7.exp \ secretbox.exp \ secretbox2.exp \ secretbox7.exp \ @@ -48,13 +51,13 @@ EXTRA_DIST = \ sign.exp \ sodium_core.exp \ sodium_utils.exp \ + sodium_utils2.exp \ + sodium_utils3.exp \ sodium_version.exp \ stream.exp \ stream2.exp \ stream3.exp \ stream4.exp \ - stream5.exp \ - stream6.exp \ verify1.exp DISTCLEANFILES = \ @@ -79,6 +82,7 @@ DISTCLEANFILES = \ core4.res \ core5.res \ core6.res \ + ed25519_convert.res \ generichash.res \ generichash2.res \ generichash3.res \ @@ -90,10 +94,12 @@ DISTCLEANFILES = \ onetimeauth7.res \ pwhash.res \ pwhash_scrypt_ll.res \ + randombytes.res \ scalarmult.res \ scalarmult2.res \ scalarmult5.res \ scalarmult6.res \ + scalarmult7.res \ secretbox.res \ secretbox2.res \ secretbox7.res \ @@ -104,13 +110,13 @@ DISTCLEANFILES = \ sign.res \ sodium_core.res \ sodium_utils.res \ + sodium_utils2.res \ + sodium_utils3.res \ sodium_version.res \ stream.res \ stream2.res \ stream3.res \ stream4.res \ - stream5.res \ - stream6.res \ verify1.res AM_CPPFLAGS = \ @@ -143,6 +149,7 @@ TESTS_TARGETS = \ core4 \ core5 \ core6 \ + ed25519_convert \ generichash \ generichash2 \ generichash3 \ @@ -158,6 +165,7 @@ TESTS_TARGETS = \ scalarmult2 \ scalarmult5 \ scalarmult6 \ + scalarmult7 \ secretbox \ secretbox2 \ secretbox7 \ @@ -168,6 +176,8 @@ TESTS_TARGETS = \ sign \ sodium_core \ sodium_utils \ + sodium_utils2 \ + sodium_utils3 \ sodium_version \ stream \ stream2 \ @@ -175,12 +185,6 @@ TESTS_TARGETS = \ stream4 \ verify1 -if !MINIMAL -TESTS_TARGETS += \ - stream5 \ - stream6 -endif - check_PROGRAMS = $(TESTS_TARGETS) TESTS = $(TESTS_TARGETS) @@ -251,6 +255,9 @@ core5_LDADD = $(TESTS_LDADD) core6_SOURCE = cmptest.h core6.c core6_LDADD = $(TESTS_LDADD) +ed25519_convert_SOURCE = cmptest.h ed25519_convert.c +ed25519_convert_LDADD = $(TESTS_LDADD) + generichash_SOURCE = cmptest.h generichash.c generichash_LDADD = $(TESTS_LDADD) @@ -281,7 +288,7 @@ pwhash_LDADD = $(TESTS_LDADD) pwhash_scrypt_ll_SOURCE = cmptest.h pwhash_scrypt_ll.c pwhash_scrypt_ll_LDADD = $(TESTS_LDADD) -randombytes_SOURCE = randombytes.c +randombytes_SOURCE = cmptest.h randombytes.c randombytes_LDADD = $(TESTS_LDADD) scalarmult_SOURCE = cmptest.h scalarmult.c @@ -296,6 +303,9 @@ scalarmult5_LDADD = $(TESTS_LDADD) scalarmult6_SOURCE = cmptest.h scalarmult6.c scalarmult6_LDADD = $(TESTS_LDADD) +scalarmult7_SOURCE = cmptest.h scalarmult7.c +scalarmult7_LDADD = $(TESTS_LDADD) + secretbox_SOURCE = cmptest.h secretbox.c secretbox_LDADD = $(TESTS_LDADD) @@ -326,6 +336,12 @@ sodium_core_LDADD = $(TESTS_LDADD) sodium_utils_SOURCE = cmptest.h sodium_utils.c sodium_utils_LDADD = $(TESTS_LDADD) +sodium_utils2_SOURCE = cmptest.h sodium_utils2.c +sodium_utils2_LDADD = $(TESTS_LDADD) + +sodium_utils3_SOURCE = cmptest.h sodium_utils3.c +sodium_utils3_LDADD = $(TESTS_LDADD) + sodium_version_SOURCE = cmptest.h sodium_version.c sodium_version_LDADD = $(TESTS_LDADD) @@ -341,12 +357,6 @@ stream3_LDADD = $(TESTS_LDADD) stream4_SOURCE = cmptest.h stream4.c stream4_LDADD = $(TESTS_LDADD) -stream5_SOURCE = cmptest.h stream5.c -stream5_LDADD = $(TESTS_LDADD) - -stream6_SOURCE = cmptest.h stream6.c -stream6_LDADD = $(TESTS_LDADD) - verify1_SOURCE = cmptest.h verify1.c verify1_LDADD = $(TESTS_LDADD) diff --git a/test/default/aead_chacha20poly1305.c b/test/default/aead_chacha20poly1305.c index 036d001..c587e96 100644 --- a/test/default/aead_chacha20poly1305.c +++ b/test/default/aead_chacha20poly1305.c @@ -1,36 +1,29 @@ -#include <stdio.h> -#include <string.h> #define TEST_NAME "aead_chacha20poly1305" #include "cmptest.h" -static unsigned char firstkey[crypto_aead_chacha20poly1305_KEYBYTES] = { - 0x42, 0x90, 0xbc, 0xb1, 0x54, 0x17, 0x35, 0x31, - 0xf3, 0x14, 0xaf, 0x57, 0xf3, 0xbe, 0x3b, 0x50, - 0x06, 0xda, 0x37, 0x1e, 0xce, 0x27, 0x2a, 0xfa, - 0x1b, 0x5d, 0xbd, 0xd1, 0x10, 0x0a, 0x10, 0x07 -}; +static unsigned char firstkey[crypto_aead_chacha20poly1305_KEYBYTES] + = { 0x42, 0x90, 0xbc, 0xb1, 0x54, 0x17, 0x35, 0x31, 0xf3, 0x14, 0xaf, + 0x57, 0xf3, 0xbe, 0x3b, 0x50, 0x06, 0xda, 0x37, 0x1e, 0xce, 0x27, + 0x2a, 0xfa, 0x1b, 0x5d, 0xbd, 0xd1, 0x10, 0x0a, 0x10, 0x07 }; -static unsigned char m[10U] = { - 0x86, 0xd0, 0x99, 0x74, 0x84, 0x0b, 0xde, 0xd2, 0xa5, 0xca -}; +static unsigned char m[10U] + = { 0x86, 0xd0, 0x99, 0x74, 0x84, 0x0b, 0xde, 0xd2, 0xa5, 0xca }; -static unsigned char nonce[crypto_aead_chacha20poly1305_NPUBBYTES] = { - 0xcd, 0x7c, 0xf6, 0x7b, 0xe3, 0x9c, 0x79, 0x4a -}; +static unsigned char nonce[crypto_aead_chacha20poly1305_NPUBBYTES] + = { 0xcd, 0x7c, 0xf6, 0x7b, 0xe3, 0x9c, 0x79, 0x4a }; -static unsigned char ad[10U] = { - 0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0 -}; +static unsigned char ad[10U] + = { 0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0 }; static unsigned char c[10U + crypto_aead_chacha20poly1305_ABYTES]; int main(void) { - unsigned char m2[10U]; + unsigned char m2[10U]; unsigned long long clen; unsigned long long m2len; - size_t i; + size_t i; crypto_aead_chacha20poly1305_encrypt(c, &clen, m, sizeof m, ad, sizeof ad, NULL, nonce, firstkey); @@ -38,16 +31,15 @@ int main(void) printf("clen is not properly set\n"); } for (i = 0U; i < sizeof c; ++i) { - printf(",0x%02x", (unsigned int) c[i]); + printf(",0x%02x", (unsigned int)c[i]); if (i % 8 == 7) { printf("\n"); } } printf("\n"); - if (crypto_aead_chacha20poly1305_decrypt(m2, &m2len, NULL, c, sizeof c, - ad, sizeof ad, - nonce, firstkey) != 0) { + if (crypto_aead_chacha20poly1305_decrypt(m2, &m2len, NULL, c, sizeof c, ad, + sizeof ad, nonce, firstkey) != 0) { printf("crypto_aead_chacha20poly1305_decrypt() failed\n"); } if (m2len != sizeof c - crypto_aead_chacha20poly1305_abytes()) { @@ -60,21 +52,20 @@ int main(void) for (i = 0U; i < sizeof c; i++) { c[i] ^= (i + 1U); if (crypto_aead_chacha20poly1305_decrypt(m2, NULL, NULL, c, sizeof c, - ad, sizeof ad, - nonce, firstkey) == 0 || - memcmp(m, m2, sizeof m) == 0) { + ad, sizeof ad, nonce, firstkey) + == 0 || memcmp(m, m2, sizeof m) == 0) { printf("message can be forged\n"); } c[i] ^= (i + 1U); } - crypto_aead_chacha20poly1305_encrypt(c, &clen, m, sizeof m, NULL, 0U, - NULL, nonce, firstkey); + crypto_aead_chacha20poly1305_encrypt(c, &clen, m, sizeof m, NULL, 0U, NULL, + nonce, firstkey); if (clen != sizeof m + crypto_aead_chacha20poly1305_abytes()) { printf("clen is not properly set (adlen=0)\n"); } for (i = 0U; i < sizeof c; ++i) { - printf(",0x%02x", (unsigned int) c[i]); + printf(",0x%02x", (unsigned int)c[i]); if (i % 8 == 7) { printf("\n"); } @@ -82,8 +73,7 @@ int main(void) printf("\n"); if (crypto_aead_chacha20poly1305_decrypt(m2, &m2len, NULL, c, sizeof c, - NULL, 0U, - nonce, firstkey) != 0) { + NULL, 0U, nonce, firstkey) != 0) { printf("crypto_aead_chacha20poly1305_decrypt() failed (adlen=0)\n"); } if (m2len != sizeof c - crypto_aead_chacha20poly1305_abytes()) { @@ -93,5 +83,21 @@ int main(void) printf("m != m2 (adlen=0)\n"); } + if (crypto_aead_chacha20poly1305_decrypt( + m2, &m2len, NULL, c, crypto_aead_chacha20poly1305_ABYTES / 2, NULL, + 0U, nonce, firstkey) != -1) { + printf("crypto_aead_chacha20poly1305_decrypt() worked with a short " + "ciphertext\n"); + } + if (crypto_aead_chacha20poly1305_decrypt(m2, &m2len, NULL, c, 0U, NULL, 0U, + nonce, firstkey) != -1) { + printf("crypto_aead_chacha20poly1305_decrypt() worked with an empty " + "ciphertext\n"); + } + + assert(crypto_aead_chacha20poly1305_keybytes() > 0U); + assert(crypto_aead_chacha20poly1305_npubbytes() > 0U); + assert(crypto_aead_chacha20poly1305_nsecbytes() == 0U); + return 0; } diff --git a/test/default/aead_chacha20poly1305.exp b/test/default/aead_chacha20poly1305.exp new file mode 100644 index 0000000..14355fa --- /dev/null +++ b/test/default/aead_chacha20poly1305.exp @@ -0,0 +1,8 @@ +,0xe3,0xe4,0x46,0xf7,0xed,0xe9,0xa1,0x9b +,0x62,0xa4,0x67,0x7d,0xab,0xf4,0xe3,0xd2 +,0x4b,0x87,0x6b,0xb2,0x84,0x75,0x38,0x96 +,0xe1,0xd6 +,0xe3,0xe4,0x46,0xf7,0xed,0xe9,0xa1,0x9b +,0x62,0xa4,0x69,0xe7,0x78,0x9b,0xcd,0x95 +,0x4e,0x65,0x8e,0xd3,0x84,0x23,0xe2,0x31 +,0x61,0xdc diff --git a/test/default/auth.c b/test/default/auth.c index 88c8207..913ada4 100644 --- a/test/default/auth.c +++ b/test/default/auth.c @@ -1,4 +1,3 @@ -#include <stdio.h> #define TEST_NAME "auth" #include "cmptest.h" @@ -7,15 +6,55 @@ unsigned char key[32] = "Jefe"; unsigned char c[] = "what do ya want for nothing?"; -unsigned char a[32]; +/* Hacker manifesto */ +unsigned char key2[] = "Another one got caught today, it's all over the papers. \"Teenager Arrested in Computer Crime Scandal\", \"Hacker Arrested after Bank Tampering\"... Damn kids. They're all alike."; + +unsigned char a[crypto_auth_BYTES]; +unsigned char a2[crypto_auth_hmacsha512_BYTES]; int main(void) { - int i; - crypto_auth_hmacsha512256(a,c,sizeof c - 1U,key); - for (i = 0;i < 32;++i) { - printf(",0x%02x",(unsigned int) a[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + crypto_auth_hmacsha512_state st; + int i; + + crypto_auth(a, c, sizeof c - 1U, key); + for (i = 0; i < sizeof a; ++i) { + printf(",0x%02x", (unsigned int)a[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); + + crypto_auth_hmacsha512_init(&st, key, sizeof key); + crypto_auth_hmacsha512_update(&st, c, 1U); + crypto_auth_hmacsha512_update(&st, c, sizeof c - 2U); + crypto_auth_hmacsha512_final(&st, a2); + for (i = 0; i < sizeof a2; ++i) { + printf(",0x%02x", (unsigned int)a2[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); + + crypto_auth_hmacsha512_init(&st, key2, sizeof key2); + crypto_auth_hmacsha512_update(&st, c, 1U); + crypto_auth_hmacsha512_update(&st, c, sizeof c - 2U); + crypto_auth_hmacsha512_final(&st, a2); + for (i = 0; i < sizeof a2; ++i) { + printf(",0x%02x", (unsigned int)a2[i]); + if (i % 8 == 7) + printf("\n"); + } + + assert(crypto_auth_bytes() > 0U); + assert(crypto_auth_keybytes() > 0U); + assert(strcmp(crypto_auth_primitive(), "hmacsha512256") == 0); + assert(crypto_auth_hmacsha256_bytes() > 0U); + assert(crypto_auth_hmacsha256_keybytes() > 0U); + assert(crypto_auth_hmacsha512_bytes() > 0U); + assert(crypto_auth_hmacsha512_keybytes() > 0U); + assert(crypto_auth_hmacsha512256_bytes() == crypto_auth_bytes()); + assert(crypto_auth_hmacsha512256_keybytes() == crypto_auth_keybytes()); + + return 0; } diff --git a/test/default/auth.exp b/test/default/auth.exp new file mode 100644 index 0000000..b18278c --- /dev/null +++ b/test/default/auth.exp @@ -0,0 +1,22 @@ +,0x16,0x4b,0x7a,0x7b,0xfc,0xf8,0x19,0xe2 +,0xe3,0x95,0xfb,0xe7,0x3b,0x56,0xe0,0xa3 +,0x87,0xbd,0x64,0x22,0x2e,0x83,0x1f,0xd6 +,0x10,0x27,0x0c,0xd7,0xea,0x25,0x05,0x54 + +,0x7b,0x9d,0x83,0x38,0xeb,0x1e,0x3d,0xdd +,0xba,0x8a,0x9a,0x35,0x08,0xd0,0x34,0xa1 +,0xec,0xbe,0x75,0x11,0x37,0xfa,0x1b,0xcb +,0xa0,0xf9,0x2a,0x3e,0x6d,0xfc,0x79,0x80 +,0xb8,0x81,0xa8,0x64,0x5f,0x92,0x67,0x22 +,0x74,0x37,0x96,0x4b,0xf3,0x07,0x0b,0xe2 +,0xb3,0x36,0xb3,0xa3,0x20,0xf8,0x25,0xce +,0xc9,0x87,0x2d,0xb2,0x50,0x4b,0xf3,0x6d + +,0x73,0xe0,0x0d,0xcb,0xf4,0xf8,0xa3,0x33 +,0x30,0xac,0x52,0xed,0x2c,0xc9,0xd1,0xb2 +,0xef,0xb1,0x77,0x13,0xd3,0xec,0xe3,0x96 +,0x14,0x9f,0x37,0x65,0x3c,0xfe,0x70,0xe7 +,0x1f,0x2c,0x6f,0x9a,0x62,0xc3,0xc5,0x3a +,0x31,0x8a,0x9a,0x0b,0x3b,0x78,0x60,0xa4 +,0x31,0x6f,0x72,0x9b,0x8d,0x30,0x0f,0x15 +,0x9b,0x2f,0x60,0x93,0xa8,0x60,0xc1,0xed diff --git a/test/default/auth2.c b/test/default/auth2.c index b3301cf..ffab022 100644 --- a/test/default/auth2.c +++ b/test/default/auth2.c @@ -1,36 +1,31 @@ /* "Test Case AUTH256-4" from RFC 4868 */ -#include <stdio.h> - #define TEST_NAME "auth2" #include "cmptest.h" -unsigned char key[32] = { - 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 -,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10 -,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18 -,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f,0x20 -} ; +unsigned char key[32] + = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 }; -unsigned char c[50] = { - 0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd -} ; +unsigned char c[50] + = { 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd }; unsigned char a[32]; int main(void) { - int i; - crypto_auth_hmacsha256(a,c,sizeof c,key); - for (i = 0;i < 32;++i) { - printf(",0x%02x",(unsigned int) a[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_auth_hmacsha256(a, c, sizeof c, key); + for (i = 0; i < 32; ++i) { + printf(",0x%02x", (unsigned int)a[i]); + if (i % 8 == 7) + printf("\n"); + } + return 0; } diff --git a/test/default/auth2.exp b/test/default/auth2.exp new file mode 100644 index 0000000..955951a --- /dev/null +++ b/test/default/auth2.exp @@ -0,0 +1,4 @@ +,0x37,0x2e,0xfc,0xf9,0xb4,0x0b,0x35,0xc2 +,0x11,0x5b,0x13,0x46,0x90,0x3d,0x2e,0xf4 +,0x2f,0xce,0xd4,0x6f,0x08,0x46,0xe7,0x25 +,0x7b,0xb1,0x56,0xd3,0xd7,0xb3,0x0d,0x3f diff --git a/test/default/auth3.c b/test/default/auth3.c index 08e275a..3a299da 100644 --- a/test/default/auth3.c +++ b/test/default/auth3.c @@ -1,36 +1,28 @@ /* "Test Case AUTH256-4" from RFC 4868 */ -#include <stdio.h> - #define TEST_NAME "auth3" #include "cmptest.h" -unsigned char key[32] = { - 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 -,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10 -,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18 -,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f,0x20 -} ; +unsigned char key[32] + = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 }; -unsigned char c[50] = { - 0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd,0xcd -,0xcd,0xcd -} ; +unsigned char c[50] + = { 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd }; -unsigned char a[32] = { - 0x37,0x2e,0xfc,0xf9,0xb4,0x0b,0x35,0xc2 -,0x11,0x5b,0x13,0x46,0x90,0x3d,0x2e,0xf4 -,0x2f,0xce,0xd4,0x6f,0x08,0x46,0xe7,0x25 -,0x7b,0xb1,0x56,0xd3,0xd7,0xb3,0x0d,0x3f -} ; +unsigned char a[32] + = { 0x37, 0x2e, 0xfc, 0xf9, 0xb4, 0x0b, 0x35, 0xc2, 0x11, 0x5b, 0x13, + 0x46, 0x90, 0x3d, 0x2e, 0xf4, 0x2f, 0xce, 0xd4, 0x6f, 0x08, 0x46, + 0xe7, 0x25, 0x7b, 0xb1, 0x56, 0xd3, 0xd7, 0xb3, 0x0d, 0x3f }; int main(void) { - printf("%d\n",crypto_auth_hmacsha256_verify(a,c,sizeof c,key)); - return 0; + printf("%d\n", crypto_auth_hmacsha256_verify(a, c, sizeof c, key)); + + return 0; } diff --git a/test/default/auth3.exp b/test/default/auth3.exp new file mode 100644 index 0000000..573541a --- /dev/null +++ b/test/default/auth3.exp @@ -0,0 +1 @@ +0 diff --git a/test/default/auth5.c b/test/default/auth5.c index ded9489..7557bd7 100644 --- a/test/default/auth5.c +++ b/test/default/auth5.c @@ -1,5 +1,4 @@ -#include <stdio.h> -#include <stdlib.h> + #include "windows/windows-quirks.h" #define TEST_NAME "auth5" @@ -11,27 +10,28 @@ unsigned char a[32]; int main(void) { - int clen; - for (clen = 0;clen < 10000;++clen) { - randombytes(key,sizeof key); - randombytes(c,clen); - crypto_auth_hmacsha512256(a,c,clen,key); - if (crypto_auth_hmacsha512256_verify(a,c,clen,key) != 0) { - printf("fail %d\n",clen); - return 100; - } - if (clen > 0) { - c[rand() % clen] += 1 + (rand() % 255); - if (crypto_auth_hmacsha512256_verify(a,c,clen,key) == 0) { - printf("forgery %d\n",clen); - return 100; - } - a[rand() % sizeof a] += 1 + (rand() % 255); - if (crypto_auth_hmacsha512256_verify(a,c,clen,key) == 0) { - printf("forgery %d\n",clen); - return 100; - } + size_t clen; + + for (clen = 0; clen < 10000; ++clen) { + randombytes_buf(key, sizeof key); + randombytes_buf(c, clen); + crypto_auth(a, c, clen, key); + if (crypto_auth_verify(a, c, clen, key) != 0) { + printf("fail %u\n", (unsigned int) clen); + return 100; + } + if (clen > 0) { + c[rand() % clen] += 1 + (rand() % 255); + if (crypto_auth_verify(a, c, clen, key) == 0) { + printf("forgery %u\n", (unsigned int) clen); + return 100; + } + a[rand() % sizeof a] += 1 + (rand() % 255); + if (crypto_auth_verify(a, c, clen, key) == 0) { + printf("forgery %u\n", (unsigned int) clen); + return 100; + } + } } - } - return 0; + return 0; } diff --git a/test/default/auth5.exp b/test/default/auth5.exp new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/test/default/auth5.exp diff --git a/test/default/auth6.c b/test/default/auth6.c index 5bf0500..9e7b671 100644 --- a/test/default/auth6.c +++ b/test/default/auth6.c @@ -1,4 +1,3 @@ -#include <stdio.h> #define TEST_NAME "auth6" #include "cmptest.h" @@ -11,11 +10,13 @@ unsigned char a[64]; int main(void) { - int i; - crypto_auth_hmacsha512(a,c,sizeof c - 1U,key); - for (i = 0;i < 64;++i) { - printf(",0x%02x",(unsigned int) a[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_auth_hmacsha512(a, c, sizeof c - 1U, key); + for (i = 0; i < 64; ++i) { + printf(",0x%02x", (unsigned int)a[i]); + if (i % 8 == 7) + printf("\n"); + } + return 0; } diff --git a/test/default/auth6.exp b/test/default/auth6.exp new file mode 100644 index 0000000..da0c528 --- /dev/null +++ b/test/default/auth6.exp @@ -0,0 +1,8 @@ +,0x16,0x4b,0x7a,0x7b,0xfc,0xf8,0x19,0xe2 +,0xe3,0x95,0xfb,0xe7,0x3b,0x56,0xe0,0xa3 +,0x87,0xbd,0x64,0x22,0x2e,0x83,0x1f,0xd6 +,0x10,0x27,0x0c,0xd7,0xea,0x25,0x05,0x54 +,0x97,0x58,0xbf,0x75,0xc0,0x5a,0x99,0x4a +,0x6d,0x03,0x4f,0x65,0xf8,0xf0,0xe6,0xfd +,0xca,0xea,0xb1,0xa3,0x4d,0x4a,0x6b,0x4b +,0x63,0x6e,0x07,0x0a,0x38,0xbc,0xe7,0x37 diff --git a/test/default/auth7.c b/test/default/auth7.c index be67312..9a1e90c 100644 --- a/test/default/auth7.c +++ b/test/default/auth7.c @@ -1,5 +1,4 @@ -#include <stdio.h> -#include <stdlib.h> + #include "windows/windows-quirks.h" #define TEST_NAME "auth7" @@ -11,27 +10,28 @@ unsigned char a[64]; int main(void) { - int clen; - for (clen = 0;clen < 10000;++clen) { - randombytes(key,sizeof key); - randombytes(c,clen); - crypto_auth_hmacsha512(a,c,clen,key); - if (crypto_auth_hmacsha512_verify(a,c,clen,key) != 0) { - printf("fail %d\n",clen); - return 100; - } - if (clen > 0) { - c[rand() % clen] += 1 + (rand() % 255); - if (crypto_auth_hmacsha512_verify(a,c,clen,key) == 0) { - printf("forgery %d\n",clen); - return 100; - } - a[rand() % sizeof a] += 1 + (rand() % 255); - if (crypto_auth_hmacsha512_verify(a,c,clen,key) == 0) { - printf("forgery %d\n",clen); - return 100; - } + int clen; + + for (clen = 0; clen < 10000; ++clen) { + randombytes_buf(key, sizeof key); + randombytes_buf(c, clen); + crypto_auth_hmacsha512(a, c, clen, key); + if (crypto_auth_hmacsha512_verify(a, c, clen, key) != 0) { + printf("fail %d\n", clen); + return 100; + } + if (clen > 0) { + c[rand() % clen] += 1 + (rand() % 255); + if (crypto_auth_hmacsha512_verify(a, c, clen, key) == 0) { + printf("forgery %d\n", clen); + return 100; + } + a[rand() % sizeof a] += 1 + (rand() % 255); + if (crypto_auth_hmacsha512_verify(a, c, clen, key) == 0) { + printf("forgery %d\n", clen); + return 100; + } + } } - } - return 0; + return 0; } diff --git a/test/default/auth7.exp b/test/default/auth7.exp new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/test/default/auth7.exp diff --git a/test/default/box.c b/test/default/box.c index d9f2629..b9ba1cc 100644 --- a/test/default/box.c +++ b/test/default/box.c @@ -1,65 +1,88 @@ -#include <stdio.h> #define TEST_NAME "box" #include "cmptest.h" -unsigned char alicesk[32] = { - 0x77,0x07,0x6d,0x0a,0x73,0x18,0xa5,0x7d -,0x3c,0x16,0xc1,0x72,0x51,0xb2,0x66,0x45 -,0xdf,0x4c,0x2f,0x87,0xeb,0xc0,0x99,0x2a -,0xb1,0x77,0xfb,0xa5,0x1d,0xb9,0x2c,0x2a -} ; +unsigned char alicesk[32] + = { 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 0xc1, + 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 0xeb, 0xc0, + 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 0x2c, 0x2a }; -unsigned char bobpk[32] = { - 0xde,0x9e,0xdb,0x7d,0x7b,0x7d,0xc1,0xb4 -,0xd3,0x5b,0x61,0xc2,0xec,0xe4,0x35,0x37 -,0x3f,0x83,0x43,0xc8,0x5b,0x78,0x67,0x4d -,0xad,0xfc,0x7e,0x14,0x6f,0x88,0x2b,0x4f -} ; +unsigned char bobpk[32] + = { 0xde, 0x9e, 0xdb, 0x7d, 0x7b, 0x7d, 0xc1, 0xb4, 0xd3, 0x5b, 0x61, + 0xc2, 0xec, 0xe4, 0x35, 0x37, 0x3f, 0x83, 0x43, 0xc8, 0x5b, 0x78, + 0x67, 0x4d, 0xad, 0xfc, 0x7e, 0x14, 0x6f, 0x88, 0x2b, 0x4f }; -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; // API requires first 32 bytes to be 0 -unsigned char m[163] = { - 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -,0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 -,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b -,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 -,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc -,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a -,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 -,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 -,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 -,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d -,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 -,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a -,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde -,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd -,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 -,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 -,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 -,0x5e,0x07,0x05 -} ; +unsigned char m[163] + = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0xbe, 0x07, 0x5f, 0xc5, + 0x3c, 0x81, 0xf2, 0xd5, 0xcf, 0x14, 0x13, 0x16, 0xeb, 0xeb, 0x0c, 0x7b, + 0x52, 0x28, 0xc5, 0x2a, 0x4c, 0x62, 0xcb, 0xd4, 0x4b, 0x66, 0x84, 0x9b, + 0x64, 0x24, 0x4f, 0xfc, 0xe5, 0xec, 0xba, 0xaf, 0x33, 0xbd, 0x75, 0x1a, + 0x1a, 0xc7, 0x28, 0xd4, 0x5e, 0x6c, 0x61, 0x29, 0x6c, 0xdc, 0x3c, 0x01, + 0x23, 0x35, 0x61, 0xf4, 0x1d, 0xb6, 0x6c, 0xce, 0x31, 0x4a, 0xdb, 0x31, + 0x0e, 0x3b, 0xe8, 0x25, 0x0c, 0x46, 0xf0, 0x6d, 0xce, 0xea, 0x3a, 0x7f, + 0xa1, 0x34, 0x80, 0x57, 0xe2, 0xf6, 0x55, 0x6a, 0xd6, 0xb1, 0x31, 0x8a, + 0x02, 0x4a, 0x83, 0x8f, 0x21, 0xaf, 0x1f, 0xde, 0x04, 0x89, 0x77, 0xeb, + 0x48, 0xf5, 0x9f, 0xfd, 0x49, 0x24, 0xca, 0x1c, 0x60, 0x90, 0x2e, 0x52, + 0xf0, 0xa0, 0x89, 0xbc, 0x76, 0x89, 0x70, 0x40, 0xe0, 0x82, 0xf9, 0x37, + 0x76, 0x38, 0x48, 0x64, 0x5e, 0x07, 0x05 }; unsigned char c[163]; int main(void) { - int i; - crypto_box_curve25519xsalsa20poly1305( - c,m,163,nonce,bobpk,alicesk - ); - for (i = 16;i < 163;++i) { - printf(",0x%02x",(unsigned int) c[i]); - if (i % 8 == 7) printf("\n"); - } - printf("\n"); - return 0; + unsigned char k[crypto_box_BEFORENMBYTES]; + int i; + + crypto_box(c, m, 163, nonce, bobpk, alicesk); + for (i = 16; i < 163; ++i) { + printf(",0x%02x", (unsigned int)c[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); + + memset(c, 0, sizeof c); + crypto_box_beforenm(k, bobpk, alicesk); + crypto_box_afternm(c, m, 163, nonce, k); + for (i = 16; i < 163; ++i) { + printf(",0x%02x", (unsigned int)c[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); + + assert(crypto_box_seedbytes() > 0U); + assert(crypto_box_publickeybytes() > 0U); + assert(crypto_box_secretkeybytes() > 0U); + assert(crypto_box_beforenmbytes() > 0U); + assert(crypto_box_noncebytes() > 0U); + assert(crypto_box_zerobytes() > 0U); + assert(crypto_box_boxzerobytes() > 0U); + assert(crypto_box_macbytes() > 0U); + assert(strcmp(crypto_box_primitive(), "curve25519xsalsa20poly1305") == 0); + assert(crypto_box_curve25519xsalsa20poly1305_seedbytes() + == crypto_box_seedbytes()); + assert(crypto_box_curve25519xsalsa20poly1305_publickeybytes() + == crypto_box_publickeybytes()); + assert(crypto_box_curve25519xsalsa20poly1305_secretkeybytes() + == crypto_box_secretkeybytes()); + assert(crypto_box_curve25519xsalsa20poly1305_beforenmbytes() + == crypto_box_beforenmbytes()); + assert(crypto_box_curve25519xsalsa20poly1305_noncebytes() + == crypto_box_noncebytes()); + assert(crypto_box_curve25519xsalsa20poly1305_zerobytes() + == crypto_box_zerobytes()); + assert(crypto_box_curve25519xsalsa20poly1305_boxzerobytes() + == crypto_box_boxzerobytes()); + assert(crypto_box_curve25519xsalsa20poly1305_macbytes() + == crypto_box_macbytes()); + + return 0; } diff --git a/test/default/box.exp b/test/default/box.exp new file mode 100644 index 0000000..25db669 --- /dev/null +++ b/test/default/box.exp @@ -0,0 +1,38 @@ +,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 +,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 +,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 +,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce +,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 +,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a +,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b +,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 +,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 +,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 +,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a +,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae +,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea +,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda +,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde +,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 +,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 +,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 +,0xe3,0x55,0xa5 +,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 +,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 +,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 +,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce +,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 +,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a +,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b +,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 +,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 +,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 +,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a +,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae +,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea +,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda +,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde +,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 +,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 +,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 +,0xe3,0x55,0xa5 diff --git a/test/default/box2.c b/test/default/box2.c index 7af2f58..93785f8 100644 --- a/test/default/box2.c +++ b/test/default/box2.c @@ -1,66 +1,63 @@ -#include <stdio.h> #define TEST_NAME "box2" #include "cmptest.h" -unsigned char bobsk[32] = { - 0x5d,0xab,0x08,0x7e,0x62,0x4a,0x8a,0x4b -,0x79,0xe1,0x7f,0x8b,0x83,0x80,0x0e,0xe6 -,0x6f,0x3b,0xb1,0x29,0x26,0x18,0xb6,0xfd -,0x1c,0x2f,0x8b,0x27,0xff,0x88,0xe0,0xeb -} ; +unsigned char bobsk[32] + = { 0x5d, 0xab, 0x08, 0x7e, 0x62, 0x4a, 0x8a, 0x4b, 0x79, 0xe1, 0x7f, + 0x8b, 0x83, 0x80, 0x0e, 0xe6, 0x6f, 0x3b, 0xb1, 0x29, 0x26, 0x18, + 0xb6, 0xfd, 0x1c, 0x2f, 0x8b, 0x27, 0xff, 0x88, 0xe0, 0xeb }; -unsigned char alicepk[32] = { - 0x85,0x20,0xf0,0x09,0x89,0x30,0xa7,0x54 -,0x74,0x8b,0x7d,0xdc,0xb4,0x3e,0xf7,0x5a -,0x0d,0xbf,0x3a,0x0d,0x26,0x38,0x1a,0xf4 -,0xeb,0xa4,0xa9,0x8e,0xaa,0x9b,0x4e,0x6a -} ; +unsigned char alicepk[32] + = { 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b, 0x7d, + 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d, 0x26, 0x38, + 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 0x4e, 0x6a }; -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; // API requires first 16 bytes to be 0 -unsigned char c[163] = { - 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 -,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 -,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 -,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce -,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 -,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a -,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b -,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 -,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 -,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 -,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a -,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae -,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea -,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda -,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde -,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 -,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 -,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 -,0xe3,0x55,0xa5 -} ; +unsigned char c[163] + = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0xf3, 0xff, 0xc7, 0x70, 0x3f, 0x94, 0x00, 0xe5, + 0x2a, 0x7d, 0xfb, 0x4b, 0x3d, 0x33, 0x05, 0xd9, 0x8e, 0x99, 0x3b, 0x9f, + 0x48, 0x68, 0x12, 0x73, 0xc2, 0x96, 0x50, 0xba, 0x32, 0xfc, 0x76, 0xce, + 0x48, 0x33, 0x2e, 0xa7, 0x16, 0x4d, 0x96, 0xa4, 0x47, 0x6f, 0xb8, 0xc5, + 0x31, 0xa1, 0x18, 0x6a, 0xc0, 0xdf, 0xc1, 0x7c, 0x98, 0xdc, 0xe8, 0x7b, + 0x4d, 0xa7, 0xf0, 0x11, 0xec, 0x48, 0xc9, 0x72, 0x71, 0xd2, 0xc2, 0x0f, + 0x9b, 0x92, 0x8f, 0xe2, 0x27, 0x0d, 0x6f, 0xb8, 0x63, 0xd5, 0x17, 0x38, + 0xb4, 0x8e, 0xee, 0xe3, 0x14, 0xa7, 0xcc, 0x8a, 0xb9, 0x32, 0x16, 0x45, + 0x48, 0xe5, 0x26, 0xae, 0x90, 0x22, 0x43, 0x68, 0x51, 0x7a, 0xcf, 0xea, + 0xbd, 0x6b, 0xb3, 0x73, 0x2b, 0xc0, 0xe9, 0xda, 0x99, 0x83, 0x2b, 0x61, + 0xca, 0x01, 0xb6, 0xde, 0x56, 0x24, 0x4a, 0x9e, 0x88, 0xd5, 0xf9, 0xb3, + 0x79, 0x73, 0xf6, 0x22, 0xa4, 0x3d, 0x14, 0xa6, 0x59, 0x9b, 0x1f, 0x65, + 0x4c, 0xb4, 0x5a, 0x74, 0xe3, 0x55, 0xa5 }; unsigned char m[163]; int main(void) { - int i; - if (crypto_box_curve25519xsalsa20poly1305_open( - m,c,163,nonce,alicepk,bobsk - ) == 0) { - for (i = 32;i < 163;++i) { - printf(",0x%02x",(unsigned int) m[i]); - if (i % 8 == 7) printf("\n"); + unsigned char k[crypto_box_BEFORENMBYTES]; + int i; + + if (crypto_box_open(m, c, 163, nonce, alicepk, bobsk) == 0) { + for (i = 32; i < 163; ++i) { + printf(",0x%02x", (unsigned int)m[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); + } + + memset(m, 0, sizeof m); + crypto_box_beforenm(k, alicepk, bobsk); + if (crypto_box_open_afternm(m, c, 163, nonce, k) == 0) { + for (i = 32; i < 163; ++i) { + printf(",0x%02x", (unsigned int)m[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); } - printf("\n"); - } - return 0; + return 0; } diff --git a/test/default/box2.exp b/test/default/box2.exp new file mode 100644 index 0000000..51deccd --- /dev/null +++ b/test/default/box2.exp @@ -0,0 +1,34 @@ +,0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 +,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b +,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 +,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc +,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a +,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 +,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 +,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 +,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d +,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 +,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a +,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde +,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd +,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 +,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 +,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 +,0x5e,0x07,0x05 +,0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 +,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b +,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 +,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc +,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a +,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 +,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 +,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 +,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d +,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 +,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a +,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde +,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd +,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 +,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 +,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 +,0x5e,0x07,0x05 diff --git a/test/default/box7.c b/test/default/box7.c index ea7b484..e9b1db5 100644 --- a/test/default/box7.c +++ b/test/default/box7.c @@ -1,4 +1,3 @@ -#include <stdio.h> #define TEST_NAME "box7" #include "cmptest.h" @@ -14,24 +13,27 @@ unsigned char m2[10000]; int main(void) { - size_t mlen; - size_t i; + size_t mlen; + size_t i; - for (mlen = 0;mlen < 1000 && mlen + crypto_box_ZEROBYTES < sizeof m;++mlen) { - crypto_box_keypair(alicepk,alicesk); - crypto_box_keypair(bobpk,bobsk); - randombytes(n,crypto_box_NONCEBYTES); - randombytes(m + crypto_box_ZEROBYTES,mlen); - crypto_box(c,m,mlen + crypto_box_ZEROBYTES,n,bobpk,alicesk); - if (crypto_box_open(m2,c,mlen + crypto_box_ZEROBYTES,n,alicepk,bobsk) == 0) { - for (i = 0;i < mlen + crypto_box_ZEROBYTES;++i) - if (m2[i] != m[i]) { - printf("bad decryption\n"); - break; + for (mlen = 0; mlen < 1000 && mlen + crypto_box_ZEROBYTES < sizeof m; + ++mlen) { + crypto_box_keypair(alicepk, alicesk); + crypto_box_keypair(bobpk, bobsk); + randombytes_buf(n, crypto_box_NONCEBYTES); + randombytes_buf(m + crypto_box_ZEROBYTES, mlen); + crypto_box(c, m, mlen + crypto_box_ZEROBYTES, n, bobpk, alicesk); + if (crypto_box_open(m2, c, mlen + crypto_box_ZEROBYTES, n, alicepk, + bobsk) == 0) { + for (i = 0; i < mlen + crypto_box_ZEROBYTES; ++i) { + if (m2[i] != m[i]) { + printf("bad decryption\n"); + break; + } + } + } else { + printf("ciphertext fails verification\n"); } - } else { - printf("ciphertext fails verification\n"); } - } - return 0; + return 0; } diff --git a/test/default/box7.exp b/test/default/box7.exp new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/test/default/box7.exp diff --git a/test/default/box8.c b/test/default/box8.c index cc85057..fbfcff8 100644 --- a/test/default/box8.c +++ b/test/default/box8.c @@ -1,5 +1,4 @@ -#include <stdio.h> -#include <stdlib.h> + #include "windows/windows-quirks.h" #define TEST_NAME "box8" @@ -16,29 +15,32 @@ unsigned char m2[10000]; int main(void) { - size_t mlen; - size_t i; - int caught; + size_t mlen; + size_t i; + int caught; - for (mlen = 0;mlen < 1000 && mlen + crypto_box_ZEROBYTES < sizeof m;++mlen) { - crypto_box_keypair(alicepk,alicesk); - crypto_box_keypair(bobpk,bobsk); - randombytes(n,crypto_box_NONCEBYTES); - randombytes(m + crypto_box_ZEROBYTES,mlen); - crypto_box(c,m,mlen + crypto_box_ZEROBYTES,n,bobpk,alicesk); - caught = 0; - while (caught < 10) { - c[rand() % (mlen + crypto_box_ZEROBYTES)] = rand(); - if (crypto_box_open(m2,c,mlen + crypto_box_ZEROBYTES,n,alicepk,bobsk) == 0) { - for (i = 0;i < mlen + crypto_box_ZEROBYTES;++i) - if (m2[i] != m[i]) { - printf("forgery\n"); - return 100; - } - } else { - ++caught; - } + for (mlen = 0; mlen < 1000 && mlen + crypto_box_ZEROBYTES < sizeof m; + ++mlen) { + crypto_box_keypair(alicepk, alicesk); + crypto_box_keypair(bobpk, bobsk); + randombytes_buf(n, crypto_box_NONCEBYTES); + randombytes_buf(m + crypto_box_ZEROBYTES, mlen); + crypto_box(c, m, mlen + crypto_box_ZEROBYTES, n, bobpk, alicesk); + caught = 0; + while (caught < 10) { + c[rand() % (mlen + crypto_box_ZEROBYTES)] = rand(); + if (crypto_box_open(m2, c, mlen + crypto_box_ZEROBYTES, n, alicepk, + bobsk) == 0) { + for (i = 0; i < mlen + crypto_box_ZEROBYTES; ++i) { + if (m2[i] != m[i]) { + printf("forgery\n"); + return 100; + } + } + } else { + ++caught; + } + } } - } - return 0; + return 0; } diff --git a/test/default/box8.exp b/test/default/box8.exp new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/test/default/box8.exp diff --git a/test/default/box_easy.c b/test/default/box_easy.c index d3b899f..e4ce8a6 100644 --- a/test/default/box_easy.c +++ b/test/default/box_easy.c @@ -1,47 +1,33 @@ -#include <stdio.h> #define TEST_NAME "box_easy" #include "cmptest.h" -unsigned char alicesk[32] = { - 0x77,0x07,0x6d,0x0a,0x73,0x18,0xa5,0x7d -,0x3c,0x16,0xc1,0x72,0x51,0xb2,0x66,0x45 -,0xdf,0x4c,0x2f,0x87,0xeb,0xc0,0x99,0x2a -,0xb1,0x77,0xfb,0xa5,0x1d,0xb9,0x2c,0x2a -} ; - -unsigned char bobpk[32] = { - 0xde,0x9e,0xdb,0x7d,0x7b,0x7d,0xc1,0xb4 -,0xd3,0x5b,0x61,0xc2,0xec,0xe4,0x35,0x37 -,0x3f,0x83,0x43,0xc8,0x5b,0x78,0x67,0x4d -,0xad,0xfc,0x7e,0x14,0x6f,0x88,0x2b,0x4f -} ; - -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; - -unsigned char m[131] = { - 0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 -,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b -,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 -,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc -,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a -,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 -,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 -,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 -,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d -,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 -,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a -,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde -,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd -,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 -,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 -,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 -,0x5e,0x07,0x05 -} ; +unsigned char alicesk[32] + = { 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 0xc1, + 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 0xeb, 0xc0, + 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 0x2c, 0x2a }; + +unsigned char bobpk[32] + = { 0xde, 0x9e, 0xdb, 0x7d, 0x7b, 0x7d, 0xc1, 0xb4, 0xd3, 0x5b, 0x61, + 0xc2, 0xec, 0xe4, 0x35, 0x37, 0x3f, 0x83, 0x43, 0xc8, 0x5b, 0x78, + 0x67, 0x4d, 0xad, 0xfc, 0x7e, 0x14, 0x6f, 0x88, 0x2b, 0x4f }; + +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; + +unsigned char m[131] + = { 0xbe, 0x07, 0x5f, 0xc5, 0x3c, 0x81, 0xf2, 0xd5, 0xcf, 0x14, 0x13, 0x16, + 0xeb, 0xeb, 0x0c, 0x7b, 0x52, 0x28, 0xc5, 0x2a, 0x4c, 0x62, 0xcb, 0xd4, + 0x4b, 0x66, 0x84, 0x9b, 0x64, 0x24, 0x4f, 0xfc, 0xe5, 0xec, 0xba, 0xaf, + 0x33, 0xbd, 0x75, 0x1a, 0x1a, 0xc7, 0x28, 0xd4, 0x5e, 0x6c, 0x61, 0x29, + 0x6c, 0xdc, 0x3c, 0x01, 0x23, 0x35, 0x61, 0xf4, 0x1d, 0xb6, 0x6c, 0xce, + 0x31, 0x4a, 0xdb, 0x31, 0x0e, 0x3b, 0xe8, 0x25, 0x0c, 0x46, 0xf0, 0x6d, + 0xce, 0xea, 0x3a, 0x7f, 0xa1, 0x34, 0x80, 0x57, 0xe2, 0xf6, 0x55, 0x6a, + 0xd6, 0xb1, 0x31, 0x8a, 0x02, 0x4a, 0x83, 0x8f, 0x21, 0xaf, 0x1f, 0xde, + 0x04, 0x89, 0x77, 0xeb, 0x48, 0xf5, 0x9f, 0xfd, 0x49, 0x24, 0xca, 0x1c, + 0x60, 0x90, 0x2e, 0x52, 0xf0, 0xa0, 0x89, 0xbc, 0x76, 0x89, 0x70, 0x40, + 0xe0, 0x82, 0xf9, 0x37, 0x76, 0x38, 0x48, 0x64, 0x5e, 0x07, 0x05 }; unsigned char c[147 + crypto_box_MACBYTES]; @@ -51,9 +37,13 @@ int main(void) crypto_box_easy(c, m, 131, nonce, bobpk, alicesk); for (i = 0; i < 131 + crypto_box_MACBYTES; ++i) { - printf(",0x%02x",(unsigned int) c[i]); - if (i % 8 == 7) printf("\n"); + printf(",0x%02x", (unsigned int)c[i]); + if (i % 8 == 7) + printf("\n"); } printf("\n"); + + assert(crypto_box_easy(c, m, SIZE_MAX - 1U, nonce, bobpk, alicesk) == -1); + return 0; } diff --git a/test/default/box_easy.exp b/test/default/box_easy.exp new file mode 100644 index 0000000..2b6c51e --- /dev/null +++ b/test/default/box_easy.exp @@ -0,0 +1,19 @@ +,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 +,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 +,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 +,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce +,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 +,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a +,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b +,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 +,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 +,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 +,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a +,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae +,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea +,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda +,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde +,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 +,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 +,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 +,0xe3,0x55,0xa5 diff --git a/test/default/box_easy2.c b/test/default/box_easy2.c index c8753ee..5e22677 100644 --- a/test/default/box_easy2.c +++ b/test/default/box_easy2.c @@ -1,5 +1,3 @@ -#include <stdio.h> -#include <string.h> #define TEST_NAME "box_easy2" #include "cmptest.h" @@ -21,12 +19,12 @@ int main(void) crypto_box_keypair(alicepk, alicesk); crypto_box_keypair(bobpk, bobsk); - mlen = (unsigned long long) randombytes_uniform((uint32_t) sizeof m); + mlen = (unsigned long long)randombytes_uniform((uint32_t)sizeof m); randombytes_buf(m, mlen); randombytes_buf(nonce, sizeof nonce); crypto_box_easy(c, m, mlen, nonce, bobpk, alicesk); - if (crypto_box_open_easy(m2, c, mlen + crypto_box_MACBYTES, - nonce, alicepk, bobsk) != 0) { + if (crypto_box_open_easy(m2, c, mlen + crypto_box_MACBYTES, nonce, alicepk, + bobsk) != 0) { printf("open() failed"); return 1; } diff --git a/test/default/box_easy2.exp b/test/default/box_easy2.exp new file mode 100644 index 0000000..aa47d0d --- /dev/null +++ b/test/default/box_easy2.exp @@ -0,0 +1,2 @@ +0 +0 diff --git a/test/default/box_seed.c b/test/default/box_seed.c index 6533d8c..5af2a50 100644 --- a/test/default/box_seed.c +++ b/test/default/box_seed.c @@ -1,28 +1,28 @@ -#include <stdio.h> #define TEST_NAME "box_seed" #include "cmptest.h" -unsigned char seed[32] = { - 0x77,0x07,0x6d,0x0a,0x73,0x18,0xa5,0x7d -,0x3c,0x16,0xc1,0x72,0x51,0xb2,0x66,0x45 -,0xdf,0x4c,0x2f,0x87,0xeb,0xc0,0x99,0x2a -,0xb1,0x77,0xfb,0xa5,0x1d,0xb9,0x2c,0x2a -}; +unsigned char seed[32] + = { 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 0xc1, + 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 0xeb, 0xc0, + 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 0x2c, 0x2a }; int main(void) { - int i; - unsigned char sk[32]; - unsigned char pk[32]; - crypto_box_curve25519xsalsa20poly1305_seed_keypair(pk, sk, seed); - for (i = 0;i < 32;++i) { - printf(",0x%02x",(unsigned int) pk[i]); - if (i % 8 == 7) printf("\n"); - } - for (i = 0;i < 32;++i) { - printf(",0x%02x",(unsigned int) sk[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + unsigned char sk[32]; + unsigned char pk[32]; + + crypto_box_seed_keypair(pk, sk, seed); + for (i = 0; i < 32; ++i) { + printf(",0x%02x", (unsigned int)pk[i]); + if (i % 8 == 7) + printf("\n"); + } + for (i = 0; i < 32; ++i) { + printf(",0x%02x", (unsigned int)sk[i]); + if (i % 8 == 7) + printf("\n"); + } + return 0; } diff --git a/test/default/box_seed.exp b/test/default/box_seed.exp new file mode 100644 index 0000000..20e6806 --- /dev/null +++ b/test/default/box_seed.exp @@ -0,0 +1,8 @@ +,0xed,0x77,0x49,0xb4,0xd9,0x89,0xf6,0x95 +,0x7f,0x3b,0xfd,0xe6,0xc5,0x67,0x67,0xe9 +,0x88,0xe2,0x1c,0x9f,0x87,0x84,0xd9,0x1d +,0x61,0x00,0x11,0xcd,0x55,0x3f,0x9b,0x06 +,0xac,0xcd,0x44,0xeb,0x8e,0x93,0x31,0x9c +,0x05,0x70,0xbc,0x11,0x00,0x5c,0x0e,0x01 +,0x89,0xd3,0x4f,0xf0,0x2f,0x6c,0x17,0x77 +,0x34,0x11,0xad,0x19,0x12,0x93,0xc9,0x8f diff --git a/test/default/chacha20.c b/test/default/chacha20.c index 6dbc16c..b4334a8 100644 --- a/test/default/chacha20.c +++ b/test/default/chacha20.c @@ -1,7 +1,4 @@ -#include <stdio.h> -#include <string.h> - #define TEST_NAME "chacha20" #include "cmptest.h" @@ -10,36 +7,59 @@ static void tv(void) static struct { const char *key_hex; const char *nonce_hex; - } tests[] = { - {"0000000000000000000000000000000000000000000000000000000000000000","0000000000000000"}, - {"0000000000000000000000000000000000000000000000000000000000000001","0000000000000000"}, - {"0000000000000000000000000000000000000000000000000000000000000000","0000000000000001"}, - {"0000000000000000000000000000000000000000000000000000000000000000","0100000000000000"}, - {"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f","0001020304050607"} - }; + } tests[] + = { { "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000" }, + { "0000000000000000000000000000000000000000000000000000000000000001", + "0000000000000000" }, + { "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000001" }, + { "0000000000000000000000000000000000000000000000000000000000000000", + "0100000000000000" }, + { "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "0001020304050607" } }; unsigned char key[crypto_stream_chacha20_KEYBYTES]; unsigned char nonce[crypto_stream_chacha20_NONCEBYTES]; - unsigned char out[60]; - char out_hex[60 * 2 + 1]; - size_t i = 0U; + unsigned char out[160]; + char out_hex[160 * 2 + 1]; + size_t i = 0U; do { - sodium_hex2bin((unsigned char *) key, sizeof key, - tests[i].key_hex, strlen(tests[i].key_hex), - NULL, NULL, NULL); - sodium_hex2bin(nonce, sizeof nonce, - tests[i].nonce_hex, strlen(tests[i].nonce_hex), - NULL, NULL, NULL); + sodium_hex2bin((unsigned char *)key, sizeof key, tests[i].key_hex, + strlen(tests[i].key_hex), NULL, NULL, NULL); + sodium_hex2bin(nonce, sizeof nonce, tests[i].nonce_hex, + strlen(tests[i].nonce_hex), NULL, NULL, NULL); crypto_stream_chacha20(out, sizeof out, nonce, key); sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); printf("[%s]\n", out_hex); } while (++i < (sizeof tests) / (sizeof tests[0])); + + memset(out, 0x42, sizeof out); + + assert(crypto_stream_chacha20(out, 0U, nonce, key) == 0); + assert(crypto_stream_chacha20_xor(out, out, 0U, nonce, key) == 0); + assert(crypto_stream_chacha20_xor(out, out, 0U, nonce, key) == 0); + assert(crypto_stream_chacha20_xor_ic(out, out, 0U, nonce, 1U, key) == 0); + + crypto_stream_chacha20_xor(out, out, sizeof out, nonce, key); + sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); + printf("[%s]\n", out_hex); + + crypto_stream_chacha20_xor_ic(out, out, sizeof out, nonce, 0U, key); + sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); + printf("[%s]\n", out_hex); + + crypto_stream_chacha20_xor_ic(out, out, sizeof out, nonce, 1U, key); + sodium_bin2hex(out_hex, sizeof out_hex, out, sizeof out); + printf("[%s]\n", out_hex); }; int main(void) { tv(); - return 0; -} + assert(crypto_stream_chacha20_keybytes() > 0U); + assert(crypto_stream_chacha20_noncebytes() > 0U); + return 0; +} diff --git a/test/default/chacha20.exp b/test/default/chacha20.exp new file mode 100644 index 0000000..b669430 --- /dev/null +++ b/test/default/chacha20.exp @@ -0,0 +1,8 @@ +[76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee65869f07e7be5551387a98ba977c732d080dcb0f29a048e3656912c6533e32ee7aed29b721769ce64e43d57133b074d839d531ed1f28510afb45ace10a1f4b794d6f2d09a0e663266ce1ae7ed1081968a0758e718e997bd362c6b0c34634a9a0b35d] +[4540f05a9f1fb296d7736e7b208e3c96eb4fe1834688d2604f450952ed432d41bbe2a0b6ea7566d2a5d1e7e20d42af2c53d792b1c43fea817e9ad275ae5469633aeb5224ecf849929b9d828db1ced4dd832025e8018b8160b82284f3c949aa5a8eca00bbb4a73bdad192b5c42f73f2fd4e273644c8b36125a64addeb006c13a096d68b9ff7b57e7090f880392effd5b297a83bbaf2fbe8cf5d4618965e3dc776] +[de9cba7bf3d69ef5e786dc63973f653a0b49e015adbff7134fcb7df137821031e85a050278a7084527214f73efc7fa5b5277062eb7a0433e445f41e31afab757283547e3d3d30ee0371c1e6025ff4c91b794a291cf7568d48ff84b37329e2730b12738a072a2b2c7169e326fe4893a7b2421bb910b79599a7ce4fbaee86be427c5ee0e8225eb6f48231fd504939d59eac8bd106cc138779b893c54da8758f62a] +[ef3fdfd6c61578fbf5cf35bd3dd33b8009631634d21e42ac33960bd138e50d32111e4caf237ee53ca8ad6426194a88545ddc497a0b466e7d6bbdb0041b2f586b5305e5e44aff19b235936144675efbe4409eb7e8e5f1430f5f5836aeb49bb5328b017c4b9dc11f8a03863fa803dc71d5726b2b6b31aa32708afe5af1d6b690584d58792b271e5fdb92c486051c48b79a4d48a109bb2d0477956e74c25e93c3c2] +[f798a189f195e66982105ffb640bb7757f579da31602fc93ec01ac56f85ac3c134a4547b733b46413042c9440049176905d3be59ea1c53f15916155c2be8241a38008b9a26bc35941e2444177c8ade6689de95264986d95889fb60e84629c9bd9a5acb1cc118be563eb9b3a4a472f82e09a7e778492b562ef7130e88dfe031c79db9d4f7c7a899151b9a475032b63fc385245fe054e3dd5a97a5f576fe064025] +[b5dae3cbb3d7a42bc0521db92649f5373d15dfe15440bed1ae43ee14ba18818376e616393179040372008b06420b552b4791fc1ba85e11b31b54571e69aa66587a42c9d864fe77d65c6606553ec89c24cb9cd7640bc49b1acbb922aa046b8bffd818895e835afc147cfbf1e6e630ba6c4be5a53a0b69146cb5514cca9da27385dffb96b585eadb5759d8051270f47d81c7661da216a19f18d5e7b734bc440267] +[42424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242] +[7a42c9d864fe77d65c6606553ec89c24cb9cd7640bc49b1acbb922aa046b8bffd818895e835afc147cfbf1e6e630ba6c4be5a53a0b69146cb5514cca9da27385dffb96b585eadb5759d8051270f47d81c7661da216a19f18d5e7b734bc440267918c466e1428f08745f37a99c77c7f2b1b244bd4162e8b86e4a8bf85358202954ced04b52fef7b3ba787744e715554285ecb0ed6e133c528d69d346abc0ce8b0] diff --git a/test/default/cmptest.h b/test/default/cmptest.h index ae84e43..156640c 100644 --- a/test/default/cmptest.h +++ b/test/default/cmptest.h @@ -2,7 +2,11 @@ #ifndef __CMPTEST_H__ #define __CMPTEST_H__ +#include <assert.h> #include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> #include "sodium.h" diff --git a/test/default/core1.c b/test/default/core1.c index 4c9453f..44f90c4 100644 --- a/test/default/core1.c +++ b/test/default/core1.c @@ -1,32 +1,39 @@ -#include <stdio.h> #define TEST_NAME "core1" #include "cmptest.h" -unsigned char shared[32] = { - 0x4a,0x5d,0x9d,0x5b,0xa4,0xce,0x2d,0xe1 -,0x72,0x8e,0x3b,0xf4,0x80,0x35,0x0f,0x25 -,0xe0,0x7e,0x21,0xc9,0x47,0xd1,0x9e,0x33 -,0x76,0xf0,0x9b,0x3c,0x1e,0x16,0x17,0x42 -} ; +unsigned char shared[32] + = { 0x4a, 0x5d, 0x9d, 0x5b, 0xa4, 0xce, 0x2d, 0xe1, 0x72, 0x8e, 0x3b, + 0xf4, 0x80, 0x35, 0x0f, 0x25, 0xe0, 0x7e, 0x21, 0xc9, 0x47, 0xd1, + 0x9e, 0x33, 0x76, 0xf0, 0x9b, 0x3c, 0x1e, 0x16, 0x17, 0x42 }; unsigned char zero[32] = { 0 }; -unsigned char c[16] = { - 0x65,0x78,0x70,0x61,0x6e,0x64,0x20,0x33 -,0x32,0x2d,0x62,0x79,0x74,0x65,0x20,0x6b -} ; +unsigned char c[16] = { 0x65, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x20, 0x33, + 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b }; unsigned char firstkey[32]; int main(void) { - int i; - crypto_core_hsalsa20(firstkey,zero,shared,c); - for (i = 0;i < 32;++i) { - if (i > 0) printf(","); else printf(" "); - printf("0x%02x",(unsigned int) firstkey[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_core_hsalsa20(firstkey, zero, shared, c); + for (i = 0; i < 32; ++i) { + if (i > 0) { + printf(","); + } else { + printf(" "); + } + printf("0x%02x", (unsigned int)firstkey[i]); + if (i % 8 == 7) { + printf("\n"); + } + } + assert(crypto_core_hsalsa20_outputbytes() > 0U); + assert(crypto_core_hsalsa20_inputbytes() > 0U); + assert(crypto_core_hsalsa20_keybytes() > 0U); + assert(crypto_core_hsalsa20_constbytes() > 0U); + + return 0; } diff --git a/test/default/core1.exp b/test/default/core1.exp new file mode 100644 index 0000000..715a489 --- /dev/null +++ b/test/default/core1.exp @@ -0,0 +1,4 @@ + 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 +,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 +,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 +,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 diff --git a/test/default/core2.c b/test/default/core2.c index b07df8d..6870acb 100644 --- a/test/default/core2.c +++ b/test/default/core2.c @@ -1,35 +1,36 @@ -#include <stdio.h> #define TEST_NAME "core2" #include "cmptest.h" -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; +unsigned char firstkey[32] + = { 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 0x51, + 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 0xac, 0x64, + 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 0x83, 0x89 }; -unsigned char nonceprefix[16] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -} ; +unsigned char nonceprefix[16] + = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6 }; -unsigned char c[16] = { - 0x65,0x78,0x70,0x61,0x6e,0x64,0x20,0x33 -,0x32,0x2d,0x62,0x79,0x74,0x65,0x20,0x6b -} ; +unsigned char c[16] = { 0x65, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x20, 0x33, + 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b }; unsigned char secondkey[32]; int main(void) { - int i; - crypto_core_hsalsa20(secondkey,nonceprefix,firstkey,c); - for (i = 0;i < 32;++i) { - if (i > 0) printf(","); else printf(" "); - printf("0x%02x",(unsigned int) secondkey[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_core_hsalsa20(secondkey, nonceprefix, firstkey, c); + for (i = 0; i < 32; ++i) { + if (i > 0) { + printf(","); + } else { + printf(" "); + } + printf("0x%02x", (unsigned int)secondkey[i]); + if (i % 8 == 7) { + printf("\n"); + } + } + return 0; } diff --git a/test/default/core2.exp b/test/default/core2.exp new file mode 100644 index 0000000..f4682af --- /dev/null +++ b/test/default/core2.exp @@ -0,0 +1,4 @@ + 0xdc,0x90,0x8d,0xda,0x0b,0x93,0x44,0xa9 +,0x53,0x62,0x9b,0x73,0x38,0x20,0x77,0x88 +,0x80,0xf3,0xce,0xb4,0x21,0xbb,0x61,0xb9 +,0x1c,0xbd,0x4c,0x3e,0x66,0x25,0x6c,0xe4 diff --git a/test/default/core3.c b/test/default/core3.c index 5d24fdd..210e25c 100644 --- a/test/default/core3.c +++ b/test/default/core3.c @@ -1,25 +1,19 @@ -#include <stdio.h> #define TEST_NAME "core3" #include "cmptest.h" -unsigned char secondkey[32] = { - 0xdc,0x90,0x8d,0xda,0x0b,0x93,0x44,0xa9 -,0x53,0x62,0x9b,0x73,0x38,0x20,0x77,0x88 -,0x80,0xf3,0xce,0xb4,0x21,0xbb,0x61,0xb9 -,0x1c,0xbd,0x4c,0x3e,0x66,0x25,0x6c,0xe4 -} ; +unsigned char secondkey[32] + = { 0xdc, 0x90, 0x8d, 0xda, 0x0b, 0x93, 0x44, 0xa9, 0x53, 0x62, 0x9b, + 0x73, 0x38, 0x20, 0x77, 0x88, 0x80, 0xf3, 0xce, 0xb4, 0x21, 0xbb, + 0x61, 0xb9, 0x1c, 0xbd, 0x4c, 0x3e, 0x66, 0x25, 0x6c, 0xe4 }; -unsigned char noncesuffix[8] = { - 0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; +unsigned char noncesuffix[8] + = { 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; -unsigned char c[16] = { - 0x65,0x78,0x70,0x61,0x6e,0x64,0x20,0x33 -,0x32,0x2d,0x62,0x79,0x74,0x65,0x20,0x6b -} ; +unsigned char c[16] = { 0x65, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x20, 0x33, + 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b }; -unsigned char in[16] = { 0 } ; +unsigned char in[16] = { 0 }; unsigned char output[64 * 256 * 256]; @@ -27,16 +21,26 @@ unsigned char h[32]; int main(void) { - int i; - long long pos = 0; - for (i = 0;i < 8;++i) in[i] = noncesuffix[i]; - do { + int i; + long long pos = 0; + + for (i = 0; i < 8; ++i) + in[i] = noncesuffix[i]; do { - crypto_core_salsa20(output + pos,in,secondkey,c); - pos += 64; - } while (++in[8]); - } while (++in[9]); - crypto_hash_sha256(h,output,sizeof output); - for (i = 0;i < 32;++i) printf("%02x",h[i]); printf("\n"); - return 0; + do { + crypto_core_salsa20(output + pos, in, secondkey, c); + pos += 64; + } while (++in[8]); + } while (++in[9]); + crypto_hash_sha256(h, output, sizeof output); + for (i = 0; i < 32; ++i) { + printf("%02x", h[i]); + } + printf("\n"); + assert(crypto_core_salsa20_outputbytes() > 0U); + assert(crypto_core_salsa20_inputbytes() > 0U); + assert(crypto_core_salsa20_keybytes() > 0U); + assert(crypto_core_salsa20_constbytes() > 0U); + + return 0; } diff --git a/test/default/core3.exp b/test/default/core3.exp new file mode 100644 index 0000000..5fa208c --- /dev/null +++ b/test/default/core3.exp @@ -0,0 +1 @@ +662b9d0e3463029156069b12f918691a98f7dfb2ca0393c96bbfc6b1fbd630a2 diff --git a/test/default/core4.c b/test/default/core4.c index d818723..611d392 100644 --- a/test/default/core4.c +++ b/test/default/core4.c @@ -1,35 +1,34 @@ -#include <stdio.h> #define TEST_NAME "core4" #include "cmptest.h" -unsigned char k[32] = { - 1, 2, 3, 4, 5, 6, 7, 8 -, 9, 10, 11, 12, 13, 14, 15, 16 -,201,202,203,204,205,206,207,208 -,209,210,211,212,213,214,215,216 -} ; +unsigned char k[32] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, + 12, 13, 14, 15, 16, 201, 202, 203, 204, 205, 206, + 207, 208, 209, 210, 211, 212, 213, 214, 215, 216 }; -unsigned char in[16] = { - 101,102,103,104,105,106,107,108 -,109,110,111,112,113,114,115,116 -} ; +unsigned char in[16] = { 101, 102, 103, 104, 105, 106, 107, 108, + 109, 110, 111, 112, 113, 114, 115, 116 }; -unsigned char c[16] = { - 101,120,112, 97,110,100, 32, 51 -, 50, 45, 98,121,116,101, 32,107 -} ; +unsigned char c[16] = { 101, 120, 112, 97, 110, 100, 32, 51, + 50, 45, 98, 121, 116, 101, 32, 107 }; unsigned char out[64]; int main(void) { - int i; - crypto_core_salsa20(out,in,k,c); - for (i = 0;i < 64;++i) { - if (i > 0) printf(","); else printf(" "); - printf("%3d",(unsigned int) out[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_core_salsa20(out, in, k, c); + for (i = 0; i < 64; ++i) { + if (i > 0) { + printf(","); + } else { + printf(" "); + } + printf("%3d", (unsigned int)out[i]); + if (i % 8 == 7) { + printf("\n"); + } + } + return 0; } diff --git a/test/default/core4.exp b/test/default/core4.exp new file mode 100644 index 0000000..d04e5b5 --- /dev/null +++ b/test/default/core4.exp @@ -0,0 +1,8 @@ + 69, 37, 68, 39, 41, 15,107,193 +,255,139,122, 6,170,233,217, 98 +, 89,144,182,106, 21, 51,200, 65 +,239, 49,222, 34,215,114, 40,126 +,104,197, 7,225,197,153, 31, 2 +,102, 78, 76,176, 84,245,246,184 +,177,160,133,130, 6, 72,149,119 +,192,195,132,236,234,103,246, 74 diff --git a/test/default/core5.c b/test/default/core5.c index 467b27a..cf37397 100644 --- a/test/default/core5.c +++ b/test/default/core5.c @@ -1,34 +1,30 @@ -#include <stdio.h> #define TEST_NAME "core5" #include "cmptest.h" -unsigned char k[32] = { - 0xee,0x30,0x4f,0xca,0x27,0x00,0x8d,0x8c -,0x12,0x6f,0x90,0x02,0x79,0x01,0xd8,0x0f -,0x7f,0x1d,0x8b,0x8d,0xc9,0x36,0xcf,0x3b -,0x9f,0x81,0x96,0x92,0x82,0x7e,0x57,0x77 -} ; +unsigned char k[32] + = { 0xee, 0x30, 0x4f, 0xca, 0x27, 0x00, 0x8d, 0x8c, 0x12, 0x6f, 0x90, + 0x02, 0x79, 0x01, 0xd8, 0x0f, 0x7f, 0x1d, 0x8b, 0x8d, 0xc9, 0x36, + 0xcf, 0x3b, 0x9f, 0x81, 0x96, 0x92, 0x82, 0x7e, 0x57, 0x77 }; -unsigned char in[16] = { - 0x81,0x91,0x8e,0xf2,0xa5,0xe0,0xda,0x9b -,0x3e,0x90,0x60,0x52,0x1e,0x4b,0xb3,0x52 -} ; +unsigned char in[16] = { 0x81, 0x91, 0x8e, 0xf2, 0xa5, 0xe0, 0xda, 0x9b, + 0x3e, 0x90, 0x60, 0x52, 0x1e, 0x4b, 0xb3, 0x52 }; -unsigned char c[16] = { - 101,120,112, 97,110,100, 32, 51 -, 50, 45, 98,121,116,101, 32,107 -} ; +unsigned char c[16] = { 101, 120, 112, 97, 110, 100, 32, 51, + 50, 45, 98, 121, 116, 101, 32, 107 }; unsigned char out[32]; int main(void) { - int i; - crypto_core_hsalsa20(out,in,k,c); - for (i = 0;i < 32;++i) { - printf(",0x%02x",(unsigned int) out[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_core_hsalsa20(out, in, k, c); + for (i = 0; i < 32; ++i) { + printf(",0x%02x", (unsigned int)out[i]); + if (i % 8 == 7) { + printf("\n"); + } + } + return 0; } diff --git a/test/default/core5.exp b/test/default/core5.exp new file mode 100644 index 0000000..562cf71 --- /dev/null +++ b/test/default/core5.exp @@ -0,0 +1,4 @@ +,0xbc,0x1b,0x30,0xfc,0x07,0x2c,0xc1,0x40 +,0x75,0xe4,0xba,0xa7,0x31,0xb5,0xa8,0x45 +,0xea,0x9b,0x11,0xe9,0xa5,0x19,0x1f,0x94 +,0xe1,0x8c,0xba,0x8f,0xd8,0x21,0xa7,0xcd diff --git a/test/default/core6.c b/test/default/core6.c index 8a98696..67be323 100644 --- a/test/default/core6.c +++ b/test/default/core6.c @@ -1,49 +1,48 @@ -#include <stdio.h> #define TEST_NAME "core6" #include "cmptest.h" -unsigned char k[32] = { - 0xee,0x30,0x4f,0xca,0x27,0x00,0x8d,0x8c -,0x12,0x6f,0x90,0x02,0x79,0x01,0xd8,0x0f -,0x7f,0x1d,0x8b,0x8d,0xc9,0x36,0xcf,0x3b -,0x9f,0x81,0x96,0x92,0x82,0x7e,0x57,0x77 -} ; +unsigned char k[32] + = { 0xee, 0x30, 0x4f, 0xca, 0x27, 0x00, 0x8d, 0x8c, 0x12, 0x6f, 0x90, + 0x02, 0x79, 0x01, 0xd8, 0x0f, 0x7f, 0x1d, 0x8b, 0x8d, 0xc9, 0x36, + 0xcf, 0x3b, 0x9f, 0x81, 0x96, 0x92, 0x82, 0x7e, 0x57, 0x77 }; -unsigned char in[16] = { - 0x81,0x91,0x8e,0xf2,0xa5,0xe0,0xda,0x9b -,0x3e,0x90,0x60,0x52,0x1e,0x4b,0xb3,0x52 -} ; +unsigned char in[16] = { 0x81, 0x91, 0x8e, 0xf2, 0xa5, 0xe0, 0xda, 0x9b, + 0x3e, 0x90, 0x60, 0x52, 0x1e, 0x4b, 0xb3, 0x52 }; -unsigned char c[16] = { - 101,120,112, 97,110,100, 32, 51 -, 50, 45, 98,121,116,101, 32,107 -} ; +unsigned char c[16] = { 101, 120, 112, 97, 110, 100, 32, 51, + 50, 45, 98, 121, 116, 101, 32, 107 }; unsigned char out[64]; -void print(unsigned char *x,unsigned char *y) +void print(unsigned char *x, unsigned char *y) { - int i; - unsigned int borrow = 0; - for (i = 0;i < 4;++i) { - unsigned int xi = x[i]; - unsigned int yi = y[i]; - printf(",0x%02x",255 & (xi - yi - borrow)); - borrow = (xi < yi + borrow); - } + int i; + unsigned int borrow = 0; + + for (i = 0; i < 4; ++i) { + unsigned int xi = x[i]; + unsigned int yi = y[i]; + printf(",0x%02x", 255 & (xi - yi - borrow)); + borrow = (xi < yi + borrow); + } } int main(void) { - crypto_core_salsa20(out,in,k,c); - print(out,c); - print(out + 20,c + 4); printf("\n"); - print(out + 40,c + 8); - print(out + 60,c + 12); printf("\n"); - print(out + 24,in); - print(out + 28,in + 4); printf("\n"); - print(out + 32,in + 8); - print(out + 36,in + 12); printf("\n"); - return 0; + crypto_core_salsa20(out, in, k, c); + print(out, c); + print(out + 20, c + 4); + printf("\n"); + print(out + 40, c + 8); + print(out + 60, c + 12); + printf("\n"); + print(out + 24, in); + print(out + 28, in + 4); + printf("\n"); + print(out + 32, in + 8); + print(out + 36, in + 12); + printf("\n"); + + return 0; } diff --git a/test/default/core6.exp b/test/default/core6.exp new file mode 100644 index 0000000..562cf71 --- /dev/null +++ b/test/default/core6.exp @@ -0,0 +1,4 @@ +,0xbc,0x1b,0x30,0xfc,0x07,0x2c,0xc1,0x40 +,0x75,0xe4,0xba,0xa7,0x31,0xb5,0xa8,0x45 +,0xea,0x9b,0x11,0xe9,0xa5,0x19,0x1f,0x94 +,0xe1,0x8c,0xba,0x8f,0xd8,0x21,0xa7,0xcd diff --git a/test/default/ed25519_convert.c b/test/default/ed25519_convert.c new file mode 100644 index 0000000..02c0641 --- /dev/null +++ b/test/default/ed25519_convert.c @@ -0,0 +1,44 @@ + +#define TEST_NAME "ed25519_convert" +#include "cmptest.h" + +static const unsigned char keypair_seed[crypto_sign_ed25519_SEEDBYTES] + = { 0x42, 0x11, 0x51, 0xa4, 0x59, 0xfa, 0xea, 0xde, 0x3d, 0x24, 0x71, + 0x15, 0xf9, 0x4a, 0xed, 0xae, 0x42, 0x31, 0x81, 0x24, 0x09, 0x5a, + 0xfa, 0xbe, 0x4d, 0x14, 0x51, 0xa5, 0x59, 0xfa, 0xed, 0xee }; + +int main(void) +{ + unsigned char ed25519_pk[crypto_sign_ed25519_PUBLICKEYBYTES]; + unsigned char ed25519_skpk[crypto_sign_ed25519_SECRETKEYBYTES]; + unsigned char curve25519_pk[crypto_scalarmult_curve25519_BYTES]; + unsigned char curve25519_pk2[crypto_scalarmult_curve25519_BYTES]; + unsigned char curve25519_sk[crypto_scalarmult_curve25519_BYTES]; + char curve25519_pk_hex[crypto_scalarmult_curve25519_BYTES * 2 + 1]; + char curve25519_sk_hex[crypto_scalarmult_curve25519_BYTES * 2 + 1]; + unsigned int i; + + crypto_sign_ed25519_seed_keypair(ed25519_pk, ed25519_skpk, keypair_seed); + crypto_sign_ed25519_pk_to_curve25519(curve25519_pk, ed25519_pk); + crypto_sign_ed25519_sk_to_curve25519(curve25519_sk, ed25519_skpk); + sodium_bin2hex(curve25519_pk_hex, sizeof curve25519_pk_hex, curve25519_pk, + sizeof curve25519_pk); + sodium_bin2hex(curve25519_sk_hex, sizeof curve25519_sk_hex, curve25519_sk, + sizeof curve25519_sk); + + printf("curve25519 pk: [%s]\n", curve25519_pk_hex); + printf("curve25519 sk: [%s]\n", curve25519_sk_hex); + + for (i = 0U; i < 500U; i++) { + crypto_sign_ed25519_keypair(ed25519_pk, ed25519_skpk); + crypto_sign_ed25519_pk_to_curve25519(curve25519_pk, ed25519_pk); + crypto_sign_ed25519_sk_to_curve25519(curve25519_sk, ed25519_skpk); + crypto_scalarmult_curve25519_base(curve25519_pk2, curve25519_sk); + if (memcmp(curve25519_pk, curve25519_pk2, sizeof curve25519_pk) != 0) { + printf("conversion failed\n"); + } + } + printf("ok\n"); + + return 0; +} diff --git a/test/default/ed25519_convert.exp b/test/default/ed25519_convert.exp new file mode 100644 index 0000000..cba2b7b --- /dev/null +++ b/test/default/ed25519_convert.exp @@ -0,0 +1,3 @@ +curve25519 pk: [f1814f0e8ff1043d8a44d25babff3cedcae6c22c3edaa48f857ae70de2baae50] +curve25519 sk: [8052030376d47112be7f73ed7a019293dd12ad910b654455798b4667d73de166] +ok diff --git a/test/default/generichash.c b/test/default/generichash.c index 42a4a39..71c12e4 100644 --- a/test/default/generichash.c +++ b/test/default/generichash.c @@ -1,6 +1,3 @@ -#include <stdio.h> - -#include "crypto_uint8.h" #define TEST_NAME "generichash" #include "cmptest.h" @@ -8,20 +5,67 @@ int main(void) { #define MAXLEN 64 - crypto_uint8 in[MAXLEN], out[crypto_generichash_BYTES_MAX], k[crypto_generichash_KEYBYTES_MAX]; - size_t h,i,j; - - for(h = 0; h < crypto_generichash_KEYBYTES_MAX; ++h) k[h] = h; - - for(i = 0; i < MAXLEN; ++i) { - in[i]=i; - crypto_generichash(out, 1 + i % crypto_generichash_BYTES_MAX, - in, i, - k, 1 + i % crypto_generichash_KEYBYTES_MAX); - for (j = 0;j < 1 + i % crypto_generichash_BYTES_MAX;++j) { - printf("%02x",(unsigned int) out[j]); + unsigned char in[MAXLEN], out[crypto_generichash_BYTES_MAX], + k[crypto_generichash_KEYBYTES_MAX]; + size_t h, i, j; + + for (h = 0; h < crypto_generichash_KEYBYTES_MAX; ++h) + k[h] = h; + + for (i = 0; i < MAXLEN; ++i) { + in[i] = i; + crypto_generichash(out, 1 + i % crypto_generichash_BYTES_MAX, in, i, k, + 1 + i % crypto_generichash_KEYBYTES_MAX); + for (j = 0; j < 1 + i % crypto_generichash_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); } printf("\n"); } + + memset(out, 0, sizeof out); + crypto_generichash(out, crypto_generichash_BYTES_MAX, in, i, k, 0U); + for (j = 0; j < crypto_generichash_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash(out, crypto_generichash_BYTES_MAX, in, i, NULL, 1U); + for (j = 0; j < crypto_generichash_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + assert(crypto_generichash(out, 0U, in, sizeof in, k, sizeof k) == -1); + assert(crypto_generichash(out, crypto_generichash_BYTES_MAX + 1U, in, sizeof in, + k, sizeof k) == -1); + assert(crypto_generichash(out, sizeof out, in, sizeof in, + k, crypto_generichash_KEYBYTES_MAX + 1U) == -1); + + assert(crypto_generichash_bytes_min() > 0U); + assert(crypto_generichash_bytes_max() > 0U); + assert(crypto_generichash_bytes() > 0U); + assert(crypto_generichash_bytes() >= crypto_generichash_bytes_min()); + assert(crypto_generichash_bytes() <= crypto_generichash_bytes_max()); + assert(crypto_generichash_keybytes_min() > 0U); + assert(crypto_generichash_keybytes_max() > 0U); + assert(crypto_generichash_keybytes() > 0U); + assert(crypto_generichash_keybytes() >= crypto_generichash_keybytes_min()); + assert(crypto_generichash_keybytes() <= crypto_generichash_keybytes_max()); + assert(strcmp(crypto_generichash_primitive(), "blake2b") == 0); + assert(crypto_generichash_bytes_min() + == crypto_generichash_blake2b_bytes_min()); + assert(crypto_generichash_bytes_max() + == crypto_generichash_blake2b_bytes_max()); + assert(crypto_generichash_bytes() == crypto_generichash_blake2b_bytes()); + assert(crypto_generichash_keybytes_min() + == crypto_generichash_blake2b_keybytes_min()); + assert(crypto_generichash_keybytes_max() + == crypto_generichash_blake2b_keybytes_max()); + assert(crypto_generichash_keybytes() + == crypto_generichash_blake2b_keybytes()); + assert(crypto_generichash_blake2b_saltbytes() > 0U); + assert(crypto_generichash_blake2b_personalbytes() > 0U); + return 0; } diff --git a/test/default/generichash.exp b/test/default/generichash.exp new file mode 100644 index 0000000..4a918f9 --- /dev/null +++ b/test/default/generichash.exp @@ -0,0 +1,66 @@ +05 +5d8c +22221b +d4974470 +be8492fb36 +edc178279907 +26848f2ae0c2e6 +045cf1235112b9f6 +5110bad569356dfa6c +1339d95145bc8a33d3aa +3dbb39b4d57c5566808a88 +22378260939cee01022686a2 +e18b37abcead6cc520e6504dac +3cbb356604cf862e62ad2f534323 +44c41ba227b191961b475ec5875057 +0c7c9c3922d41a7b2b3b20f92685d560 +8508c01d19709bdd881866aa1f8c63ca06 +f6b2dddfbece6d7d52e114c7e5a97772e18d +d36b5af9591d0cd3747254e26bc6e1de5b6081 +f7f7ce69149418d7ec33327bd86e14bcca4b8ed7 +2c9aba9a56de21165753c4f3cee9310a9c8fe546b9 +ee5e08cee5fbbcb51900341bb30db6695920faecda6a +fe9ffb56dc5716b91bc7d77ce7b05e7cc39c31683bec91 +c500ae0f5bff0f1106ce104ae9c291add7207e0d8ebcb1ed +68e23d12000b387158afd6458d3bcef9c26936ca68b5c0f3d6 +220efa2c09f67dbb02aa623bbc0cb92107a30f53b633e78d4b44 +54df984b47e4bcd489d9c045c488743fac91c9b3e0cbcc37495fac +b4852cf66c6ce164c002bbb62ded0faeb4a39c39fdffb372ff14dd31 +d79cafb5565e7775616e1c9b09100d61fb71efaf25affcf2d480d2c980 +ae557883145e374adef583ba0550429d5cdd86b254c33bf52d02e070efda +9f53d28c0df7b327c2eb4c8a12c742829225b7f30fda7baf64135098fdb01b +a9f51bb7f6a3e9cdb96ce652c07d177962a348a9cced1b92f948187e59b44463 +f2960cf5fd57fc92f549cd5a2803147964f60e7703e1b8897c088cded74c7bd39f +89981acbb690eb03ed2a67510d1d85a1b4f9d496fdfe134550ae14146bb05fd5fedd +6d8245383fd7c418b46511339e711b9d4a0d1f5fdf6de45fdd3d0664164b7bf878a124 +1f0b6b083d524e0741710ddef499ce88f51083bb3ad80a1815cc57acf006436e9b6ad72b +fc35bfe34c915020bb8b44fa0a19933774eaaf61919780fd55564e085bc31646dfc1d426e9 +117d58f1f8cb2c036102686035975be90550795e5a0e3469a8f7a2cba9bc88961852b18c8ae3 +c679c950818729c799bb7f39cef2d89fa80a147817f379a073ef1ccafea5d369815c70373bf5be +d487ad2143024ee8c645a066c035b74abe3a11f1c9fcd738b154b8ca37134d74fb78c40d1a2274cf +2d3ee00828b0ccea6812b40f214fab6d4f23f7e74ae228115bcb208ced2d5e1cb9cdff41de912af7a8 +a697b26d4c4475e312288b98ae2ec4954d3c74c8e144c0ab518616ff9f52918a946fd765af75e761178c +f647bcba2a711f431d6d453aa7d75dcf5bb9ab6f8b83f89117230f633e7580f27c71c4f4c211cadd04f587 +1fc1d6a4db753e2f4fd1456b2b709dd70ad58547eeda9d5a55762b5cd4097a7a1bd73cc633ec27168ee65631 +1cfe0f63ab155379b4a1b5bf694a33635097b8e4b6dbd3b983d62454d36d7bf4550bece301abdd27b2dd76ca9f +73dee8a0a558e7b6f6eefe411280e253b05ef006d499849fea5d6a95f9141ee160322fff3a3f70e10c84025e02ce +edf9e706f4acae4f4bed72404f14458ba075d2b9d9a4a1ed46d1f1c5e23113a74cce9f7735432a922a3d8097f22c7a +95d5cd54c6722ac4335fa0ab38d388c9fd0baea48a9078605e400534ef38f13abb1d770da84b90b0256e1c1b64f54ba9 +fe6b85ee8b5eb7da035264ed46e6dcd948571018d1f6976de4102fcb4bb5f1422e7df1b5aaa5b6b56c5961966db29ead6e +499ab83c01e4bf74ea5036392f9f810eae8a066fff49e316e4288baccb2001efa24f64cef7bfae70c90f139b198e53ad87f1 +eac6c9d97264241a8adba22ee925438ed9787a547018608a10676a7594bc51c60294bd9159fbcada9022b44880a37c5b07c1b4 +0771e3ae24bbfe424800d4bae776fef3da1607990019e7c4b30bc8140061ebf0b64aad7b018a878d579caa67154b98a04402735e +d569e5f5fe197387451441911a2be2effa606dad39820af44cea056bd9d1499dde41fa1c6c3a0459d5866c944bec2ac83328953726 +68e523ded865c4d8318d61c312189a59597bbc3995e312e85137611af761a5f73508ac79e359edf729d4508830fc642b432f09185914 +601af664ae596166707244adbb4f704593b355c6a659c844d853c6647fb265cdbcea26ed43657251dec37f2d6453fa0ace55f22d303cb0 +703d8e552236b2090143444545f0a61a809d8ef9843bcf6883f61671fb31c8d6ac9fd373e7f9f79a0c72fa6a37dc655ba1fb01a5f41e36d1 +03896f594afd1bf97acb862106eb05a1d8b54ec08d184812a79f4dc7b287a7486e60927b6c23e5f51fcbc94798648b28fd13438300567bec95 +cc66a891768e95a2717b040c111996f14942f10f2475c33aa5f1c97476e6f8386733d6b21c16102d01ff1f715475f01099e1f19aa763238a38a9 +007aac8eae29e5bf2be1b54857f5fe80c324424a3273b46e55482fbc4ae1033df4a97016b60c81a5344abd6366f56d8cee2c2e94619418293990de +50c81e92605a6111ea4c7c602acfb3945d4c2631c8c08fa4b594134577f5c2ffcca90d48604162cfdb2a0bb40416ff9134a275461b829ff1b875f995 +661b7a1c70170aa7559aa82639fa65c1bdcfb5e336cb23b40a9edf5b4f6eeca1a176a9844da705cafb990dd94b9dc6194eb6b2de3eca9dbd255bb267a1 +9ff11c233aaf5e0242b0dbe6e110a42e58b86141ad0ef130fd2bb895700019782de66d435bf0a8d6f5eda5d7d1105e7a6f3ef17a9da8f9c16fc21075431a +bdd3d0fafe8ba2b29d1ac0b79aa46e249cc9d3a82d0f772d690637bbdd353722356658d00436ff5dd5239ab747979329345eb8c7ed11b7331456ae87350fcf +bd965bf31e87d70327536f2a341cebc4768eca275fa05ef98f7f1b71a0351298de006fba73fe6733ed01d75801b4a928e54231b38e38c562b2e33ea1284992fa +2fc6e69fa26a89a5ed269092cb9b2a449a4409a7a44011eecad13d7c4b0456602d402fa5844f1a7a758136ce3d5d8d0e8b86921ffff4f692dd95bdc8e5ff0052 +2fc6e69fa26a89a5ed269092cb9b2a449a4409a7a44011eecad13d7c4b0456602d402fa5844f1a7a758136ce3d5d8d0e8b86921ffff4f692dd95bdc8e5ff0052 diff --git a/test/default/generichash2.c b/test/default/generichash2.c index 4693a5f..cd9c889 100644 --- a/test/default/generichash2.c +++ b/test/default/generichash2.c @@ -1,6 +1,3 @@ -#include <stdio.h> - -#include "crypto_uint8.h" #define TEST_NAME "generichash2" #include "cmptest.h" @@ -9,23 +6,43 @@ int main(void) { #define MAXLEN 64 crypto_generichash_state st; - crypto_uint8 in[MAXLEN], out[crypto_generichash_BYTES_MAX], k[crypto_generichash_KEYBYTES_MAX]; - size_t h,i,j; + unsigned char in[MAXLEN], out[crypto_generichash_BYTES_MAX], + k[crypto_generichash_KEYBYTES_MAX]; + size_t h, i, j; - for(h = 0; h < crypto_generichash_KEYBYTES_MAX; ++h) k[h] = h; + for (h = 0; h < crypto_generichash_KEYBYTES_MAX; ++h) + k[h] = h; - for(i = 0; i < MAXLEN; ++i) { - in[i]=i; - crypto_generichash_init(&st, k, 1 + i % crypto_generichash_KEYBYTES_MAX, - 1 + i % crypto_generichash_BYTES_MAX); + for (i = 0; i < MAXLEN; ++i) { + in[i] = i; + if (crypto_generichash_init(&st, k, + 1 + i % crypto_generichash_KEYBYTES_MAX, + 1 + i % crypto_generichash_BYTES_MAX) != 0) { + printf("crypto_generichash_init()\n"); + return 1; + } crypto_generichash_update(&st, in, i); crypto_generichash_update(&st, in, i); crypto_generichash_update(&st, in, i); - crypto_generichash_final(&st, out, 1 + i % crypto_generichash_BYTES_MAX); - for (j = 0;j < 1 + i % crypto_generichash_BYTES_MAX;++j) { - printf("%02x",(unsigned int) out[j]); + crypto_generichash_final(&st, out, + 1 + i % crypto_generichash_BYTES_MAX); + for (j = 0; j < 1 + i % crypto_generichash_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); } printf("\n"); } + + assert(crypto_generichash_init(&st, k, sizeof k, 0U) == -1); + assert(crypto_generichash_init(&st, k, sizeof k, + crypto_generichash_BYTES_MAX + 1U) == -1); + assert(crypto_generichash_init(&st, k, crypto_generichash_KEYBYTES_MAX + 1U, + sizeof out) == -1); + assert(crypto_generichash_init(&st, k, 0U, sizeof out) == 0); + assert(crypto_generichash_init(&st, k, 1U, sizeof out) == 0); + assert(crypto_generichash_init(&st, NULL, 1U, 0U) == -1); + assert(crypto_generichash_init(&st, NULL, crypto_generichash_KEYBYTES, + 1U) == 0); + assert(crypto_generichash_init(&st, NULL, crypto_generichash_KEYBYTES, + 0U) == -1); return 0; } diff --git a/test/default/generichash2.exp b/test/default/generichash2.exp new file mode 100644 index 0000000..5ee6f60 --- /dev/null +++ b/test/default/generichash2.exp @@ -0,0 +1,64 @@ +05 +22a8 +287a9d +d8eeab1c +d4ce34973f +584f7ac46f0c +32c848bb67545b +8438e21361bca125 +27a6faae998b4fabb4 +508c05a4f2daee150bad +68c886c97dce370e8c72fa +d41e90824ace31ba7bf512ac +6e0d7a1e2b92a68e45ea867895 +1fc5ee8715312db38da9066152a5 +3138504ba58fcd56c62752bc98a6d2 +b689ecd5357cb5276007627fbdf4082e +afe251881beb8b9dfa3d4f76aafc7b2995 +980eaa215cb0911027c5564db809bb8ac0a1 +56048436883efdfc8feaa239d960fa5ce24d42 +fce905b6d57fd841f58899a77887a4988e6aa2d1 +6f7afd81d24ccf4d98188b71bdbb7e6c637620879b +50406b4c37b48621505942b35dff30a75f7d2868146b +32c21792e18e7a79a4a20ef291721d7eab4e4cf99fbe79 +4b9d9ac5dbfb825acd87588667e6683e0fde4cdcd0a532f9 +2b55a3ebb461623e5de4fbacfb8b26819cfa8adeb094c8c13b +4c7d261780b25a864a008352ad64d1ae7fc21d608317813cf63f +f0ca06b8e12c48f1511d0991ba562f06dbe6ba6d5e18280224cc6a +838a5f7056bfbca65a245796dd3510cb07ff1614b44989d91ac650b2 +a58a8da276577160441f8b9e9c52a041b7caf7cd316acc506f620ab0e1 +e03940a7231049ff2b86c47a28e4951f105d2a3aa3421190fe0ed6aa4ad6 +a7af977c0b34294b1a03d0cc2dcf6eb72f9a32721c3f70128384aeb1f56047 +0e5625d74ada70b8a3b23ca76894e9a0f9dee88f5e3e370e27ad25061ea9dd6f +775fd9257b265997a16557a445985091798af60e68d06e3ae8e2e886d23ed12f6e +852e8d4208166a990e215ed06b86c708f491e014584ac9b08f97f24d9f08a84c8e83 +fbdca0db9a933fcffcce2ae694d7e16e7571b100564fcb3d69cec82ea42f254a493a32 +50530ae5eb9780f3fafc5d179f7b363a0d69314a8545d68588b5fec28c8e8d1a011857f6 +5eb71553ff1ac4aba3f84faeb70281c738e3428aae68edc9842ebf55ffd7184a015e323445 +39b279c6d9cca89f8052f953abf71041faf3491b2b965cef503d715e8bf339e02a58fd0e0fba +e315bef5f4918e881dc8d39d3c6b3948c2ea8e21ac00ee7c7ab875a53e194add0c3d9b8bcba5b2 +4e950f0e1da3111d054136fbdf10b4b88b20de6ad0c6bd5024a5e0a8b4cd7059685c0b663a00cbfa +b1ed8d99fd62a4f504ecdd58a01759a85932a7783f88f314cdca5019e05063dcc1fcb3c39b8c07758e +e4d78e734b0cb5bbd83e22bc67f97bbc8a3644f789f6c26a3ec2fe72c75b4d48a3bc000e6f2f2f0726fe +162e01beb796433a2771eab54611fc93677ed12c73a93ea4d75e148bec7ab14b3e31ab7f395456fb2b47ab +759c30631fd52e80a22f0614125dcd136287db65079908b75fb5b03be1cdf6dd0a1c9de0cc759cdd82c33758 +af2992acdaf0908f03a2025854de6446123c919b1e24db711df6cb070091343b4e6f5b2716c20c2547f50f1fde +b833064955778a611fe41a9f1a2de730a16fb4e61a7e2fb67425ce199101d4e71dd7b0c731ea4188e9cc30e9bc52 +e546ee327168d9b4e0d73d9a043f9ef03f880bc8aee91b0923704eb7361ac916b00f5c71c872e2f911a77ef76704b5 +83d86f056729fa1a6e1d3fe8c3d2ebe42b327025747f2e6ba923d2b7b893e31571839937222852033844e585b17d462f +5d70402524fbef569552a3ff6854087e090ff9ac9ea03aba92cf9f33a28845fa6a1631090dca10e05cdd3341b391a15fcf +64f4d3ebf0717900f7c04512d1e18f9985975991d4254d76c4e2ee02c0edd6f912f715991984731b808b8370be1f201e53bf +7d45eae6626dfc9ec3591764b8c39c72ca67e6c1893ab590963a75922719937d1d0ff188a510ffbdf9c777a4d565b3683cbf38 +68e007db5067874548c0d12a9ca709221f9bd352e3eb9847fde6c5de4a8550f4b85b67fe4e5aad70626ebb27d71e5b528effb2e6 +b0dc4dc0bd0d41a8ccfa45a127542079bc4e6f63a63863a9ce21f44481d23eff1060ea03851759b9317209405d5b7cc4387cc2759b +adf6a9df484e93eb3a6113c3fd68a49b2166878fc652833c9cbef3fd8dd281d385ad0374bc25bc865b216ca395e21c30b9eda1d58a8d +f1df9bc169323da338daa8a94867db96a1a2a6feb26569198fb4591ae602ba6f766a879e745d71e93b6cb8886b914f2bf4aa55d4c48045 +0c7446078a5077f33bba1ebfad60bbf1b1df47aab2eb3f3f3274ce56ead7800cf095af8208b6d570c4c832fe33227bbbc0842a13e1e82ad9 +accd0b4682e56698ecc55a60a8db8b3f950b6bffc5a1d160daf6ca25e13e3b4983ced5903df0bdc21f70c2ec5adb1a2ec9617df645cdd17ac9 +b787bae190ff2608eb383e0299cc10d6b7232de67ab74285e7bfa933d79f91226066537d74a9d40140d7b1683c2d42cd1935f6430cc554db2b69 +d09b717a0c80f581c07b8813e0ae79cec2188f77122f7477954610655a20420f13eb1b68cacde8c1fdf7a9a398efa72f40c85f0122812eaa33aba0 +87fff156d9895917468e92848fdcfacc134ca3bfc7fce484bd6db41c682ee2ee47151df0fa863d5641633d908c0328e6cbe080e80d8293530ffd2c4f +1b17b2c0e7afcd224ec9bbe9ce9a13a00bd0a336b863f1b4d5304043778244323bd23fb6154a2e1e94aa48f6ff0e12787a50ca09e9e72ece9e038f6218 +23ac1ccd5e7df51b65b284650158d662e7ef51ebae01b879f39cec484b688c792f8e854bd8ca31ffe8796d28f10e49ab402dab47878a21cb95556dc32b0a +f8f5323ebcc28bf927e72d342b5b70d80ba67794afb4c28debad21b0dae24c7a9252e862eb4b83bea6d9c0bb7c108983c987f13d73f250c7f14483f0454a24 +55b97ca594d68ccf69a0a93fe7fa4004c7e2947a8cac4ca4a44e17ac6876f472e3f221b341a28004cd35a79cfad7fabb9378ce5af03e4c0445ebbe9540943bbd diff --git a/test/default/generichash3.c b/test/default/generichash3.c index dcd29e0..dca852d 100644 --- a/test/default/generichash3.c +++ b/test/default/generichash3.c @@ -1,6 +1,3 @@ -#include <stdio.h> - -#include "crypto_uint8.h" #define TEST_NAME "generichash3" #include "cmptest.h" @@ -9,28 +6,165 @@ int main(void) { #define MAXLEN 64 crypto_generichash_blake2b_state st; - crypto_uint8 salt[crypto_generichash_blake2b_SALTBYTES] = { - '5', 'b', '6', 'b', '4', '1', 'e', 'd', '9', 'b', '3', '4', '3', 'f', 'e', '0' - }; - crypto_uint8 personal[crypto_generichash_blake2b_PERSONALBYTES] = { - '5', '1', '2', '6', 'f', 'b', '2', 'a', '3', '7', '4', '0', '0', 'd', '2', 'a' - }; - crypto_uint8 in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX], k[crypto_generichash_blake2b_KEYBYTES_MAX]; - size_t h,i,j; - - for(h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) k[h] = h; - - for(i = 0; i < MAXLEN; ++i) { - in[i]=i; - crypto_generichash_blake2b_init_salt_personal(&st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX, - 1 + i % crypto_generichash_blake2b_BYTES_MAX, - salt, personal); + unsigned char salt[crypto_generichash_blake2b_SALTBYTES] + = { '5', 'b', '6', 'b', '4', '1', 'e', 'd', + '9', 'b', '3', '4', '3', 'f', 'e', '0' }; + unsigned char personal[crypto_generichash_blake2b_PERSONALBYTES] + = { '5', '1', '2', '6', 'f', 'b', '2', 'a', + '3', '7', '4', '0', '0', 'd', '2', 'a' }; + unsigned char in[MAXLEN], out[crypto_generichash_blake2b_BYTES_MAX], + k[crypto_generichash_blake2b_KEYBYTES_MAX]; + size_t h, i, j; + + for (h = 0; h < crypto_generichash_blake2b_KEYBYTES_MAX; ++h) + k[h] = h; + + for (i = 0; i < MAXLEN; ++i) { + in[i] = i; + crypto_generichash_blake2b_init_salt_personal( + &st, k, 1 + i % crypto_generichash_blake2b_KEYBYTES_MAX, + 1 + i % crypto_generichash_blake2b_BYTES_MAX, salt, personal); crypto_generichash_blake2b_update(&st, in, i); - crypto_generichash_blake2b_final(&st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX); - for (j = 0;j < 1 + i % crypto_generichash_blake2b_BYTES_MAX;++j) { - printf("%02x",(unsigned int) out[j]); + crypto_generichash_blake2b_final( + &st, out, 1 + i % crypto_generichash_blake2b_BYTES_MAX); + for (j = 0; j < 1 + i % crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); } printf("\n"); } + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_init_salt_personal( + &st, k, 0U, crypto_generichash_blake2b_BYTES_MAX, salt, personal); + crypto_generichash_blake2b_update(&st, in, MAXLEN); + crypto_generichash_blake2b_final(&st, out, + crypto_generichash_blake2b_BYTES_MAX); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_init_salt_personal( + &st, NULL, 1U, crypto_generichash_blake2b_BYTES_MAX, salt, personal); + crypto_generichash_blake2b_update(&st, in, MAXLEN); + crypto_generichash_blake2b_final(&st, out, + crypto_generichash_blake2b_BYTES_MAX); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_init_salt_personal( + &st, k, crypto_generichash_blake2b_KEYBYTES_MAX, + crypto_generichash_blake2b_BYTES_MAX, NULL, personal); + crypto_generichash_blake2b_update(&st, in, MAXLEN); + crypto_generichash_blake2b_final(&st, out, + crypto_generichash_blake2b_BYTES_MAX); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_init_salt_personal( + &st, k, crypto_generichash_blake2b_KEYBYTES_MAX, + crypto_generichash_blake2b_BYTES_MAX, salt, NULL); + crypto_generichash_blake2b_update(&st, in, MAXLEN); + assert(crypto_generichash_blake2b_final( + &st, out, crypto_generichash_blake2b_BYTES_MAX + 1U) == -1); + crypto_generichash_blake2b_final( + &st, out, crypto_generichash_blake2b_BYTES_MAX); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_salt_personal( + out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, + k, 0U, salt, personal); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_salt_personal( + out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, + NULL, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_salt_personal( + out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, + k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, personal); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_salt_personal( + out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, + k, crypto_generichash_blake2b_KEYBYTES_MAX, NULL, personal); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + memset(out, 0, sizeof out); + crypto_generichash_blake2b_salt_personal( + out, crypto_generichash_blake2b_BYTES_MAX, in, MAXLEN, + k, crypto_generichash_blake2b_KEYBYTES_MAX, salt, NULL); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES, + NULL, personal); + crypto_generichash_blake2b_update(&st, in, MAXLEN); + crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + crypto_generichash_blake2b_init_salt_personal(&st, NULL, 0U, crypto_generichash_BYTES, + salt, NULL); + crypto_generichash_blake2b_update(&st, in, MAXLEN); + crypto_generichash_blake2b_final(&st, out, crypto_generichash_blake2b_BYTES_MAX); + for (j = 0; j < crypto_generichash_blake2b_BYTES_MAX; ++j) { + printf("%02x", (unsigned int)out[j]); + } + printf("\n"); + + assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, 0U, + salt, personal) == -1); + assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, + crypto_generichash_BYTES_MAX + 1U, + salt, personal) == -1); + assert(crypto_generichash_blake2b_init_salt_personal(&st, k, + crypto_generichash_KEYBYTES_MAX + 1U, + sizeof out, salt, personal) == -1); + + assert(crypto_generichash_blake2b_salt_personal(out, 0U, in, MAXLEN, + k, sizeof k, + salt, personal) == -1); + assert(crypto_generichash_blake2b_salt_personal(out, crypto_generichash_BYTES_MAX + 1U, + in, MAXLEN, k, sizeof k, + salt, personal) == -1); + assert(crypto_generichash_blake2b_salt_personal(out, sizeof out, in, MAXLEN, + k, crypto_generichash_KEYBYTES_MAX + 1U, + salt, personal) == -1); + assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES, + NULL, personal) == 0); + assert(crypto_generichash_blake2b_init_salt_personal(&st, k, sizeof k, crypto_generichash_BYTES, + salt, NULL) == 0); return 0; } diff --git a/test/default/generichash3.exp b/test/default/generichash3.exp new file mode 100644 index 0000000..75a62d4 --- /dev/null +++ b/test/default/generichash3.exp @@ -0,0 +1,75 @@ +ba +6139 +3a1666 +5797e9d0 +834a26efe6 +d7e9e862bbce +40d8b84c374750 +276789189244cf04 +16f73ffe0673cc9992 +b3835bfaf6eb71d94078 +8c624e844d34f4a59f34cc +e0a394962413ad09975df3cf +47f043c3aacb501f97e0458ae3 +b4a11f2fb72a7e6f96fdacf98d49 +f434079e9adeb244047cb6855f9854 +5fbe885c4b2d4e0d78dc5905622a277a +e262ba3e2ab76efdf83513108e3b987d1b +add93dde78d32e77bc039c34a49043f19d26 +093842ac10e2eb1237ddc9ca9e7990cf397772 +09e7f6a0e2ea4888f1dbf6562effd1561c65029c +bd33a9ec914f5b81864a49184338e4062d6c6b2b2e +8dc46295235d94f5881d429a5ad47f9db9e35cf8c6b3 +ba5df554dca7ac1cba4889fa88adf3070fbf4ab5d187b5 +1ff84715e71c66214d271d421395fb6166db97b1d47ed697 +75a0d227c70549f5b0c933b7b21f151355bd47e04b6085c91f +a32a5c9439a0fa771dcbe7f338b5dcef62a754edc4952614d6f0 +53a87de519cdcc7f64730d58bce6baaf7b44c5c428a4611a208ad4 +5e5ad8f0c4f083f9b7a5154d9c0dfd0f3d2fce94cf54fc215450314a +9c76b9e63c77e6564b1e5111c2fb140046e1e5a4f900a7cfc2bac3fcfa +bb919251ca310eb9b994e5d7883bc9fa2144b59b8d5d940677b7130ac777 +faa492a66f08ef0c7adb868fcb7b523aedd35b8ff1414bd1d554794f144474 +9b273ebe335540b87be899abe169389ed61ed262c3a0a16e4998bbf752f0bee3 +1e0070b92429c151b33bdd1bb4430a0e650a3dfc94d404054e93c8568330ecc505 +e3b64149f1b76231686d592d1d4af984ce2826ba03c2224a92f95f9526130ce4eb40 +5f8e378120b73db9eefa65ddcdcdcb4acd8046c31a5e47f298caa400937d5623f1394b +74c757a4165a1782c933e587353a9fd8f6d7bf26b7f51b52c542747030bfb3d560c2e5c2 +2d5ee85cc238b923806dd98db18919d1924f2340ec88917d4ce1799cbfd5f2cb9df99db2e1 +c93ff727e6f9822efec0a77eed0025c0eff19127bf8746b7c71c2a098f57cef02febb86a1e6c +adfb6d7ba13779a5dd1bbf268e400f4156f0f5c9d5b670ff539e1d9c1a63373416f3001f338407 +3a6900e58a448887d77c5911e4bdde620e64f25b2d71723fa60f7cb3efa7c320b6153bdbc3287949 +413eb0fd379b32dd88e82242a87cc58ce3e64c72352387a4c70f92ee5c8d23fa7ecd86f6df170a32d2 +92d0d3cacc3e25628caf6f2c4cd50d25d154ac45098f531d690230b859f37cfe089eb169f76bba72a3ff +92f6ccc11a9a3bee520b17e0cddc4550c0e9cf47ddd9a6161284259ffb161c1d0675b505cb1066872768e8 +a3cd675804e6be7f120138a9eaadcd56bb7763d1c046e87fe0d358c8276b0d24621f46c60b46e397933b75b4 +304a1af53cbdd6486b8419d1ebd5e9528c540d8dc46a10be49067f46a0617229577015d776783f702b2954df43 +d8a6358970446453ac0c82c758644ab68989b5b4f06f9768807ce0c5f2a0dbac1e8450f4e3a02deecf7b54b6a45d +1264b8dee9ac4aa8de69a43ada95cc95f20230f33836d4a1db8c2466ab38361686e5ac282025ccc2e0f6a1cd98a4dd +7eed787abaa7f4e8b8aa3090f0676201cfbaaf350899661cdd5216ac0b5cd874443f5c0688ffd7ca1ccbfe1ca7e1a3f5 +8907f0218585167962a8e8213559a643dd03c2bf1a7a5ad3e3bc5f88c0ff1532ee8cd29880e7e0e68da22a5798aef27cc5 +12dea17b0733e5060751b1115e10c3d4b2f4583bcd009d9f1f42ec23d4a6a0df1185d3abbdbe86de08569e70583d6de1c1fe +8ff75e91f1de547dc3a25472db2f51f5910a290c449603da54207b5e39bd735d240ec913b52df90709b5d29357971d6c341452 +4a3b16b12400f38e74778efc3a4caa52ec6fdf6b0180a5bfac9189e52e162c10e8911a54ab33e2b389ee1949e58edaa119e2b2b9 +c9943e7186fdc9bbfa1d7087fa7086babe6fcf95a6196d1772187854071304e2f1fff39e6e6f48f76addb16d5c00249e0523aac91f +0297f16fdd34add9cc87b4adf816525b590ba08ac733c43f8d225d194df4f9c83b4dce617be51e25b5f6c80dff249f27c707de20e422 +576bb891eab9930998e2e73b5d0498e3c5f040f8dec9397a8c7a622c17de01fee7cc936e3bd4de1f7fd8b31dea9e70c65462bbb5dc7b50 +9416a57ae7c8c51c6e008f940fe06d8ebc02c350c19a2f71583a6d260b085670d73a95248fef0f4cae5292ba7db1189a7cd9c51122ba7913 +ea644b9051cca5eee8868a553e3f0f4e14739e1555474151156e10578256b288a233870dd43a380765400ea446df7f452c1e03a9e5b6731256 +f99cc1603de221abc1ecb1a7eb4bbf06e99561d1cc5541d8d601bae2b1dd3cbe448ac276667f26de5e269183a09f7deaf35d33174b3cc8ad4aa2 +ee2be1ec57fdac23f89402a534177eca0f4b982a4ed2c2e900b6a79e1f47a2d023eff2e647baf4f4c0da3a28d08a44bc780516974074e2523e6651 +9cda001868949a2bad96c5b3950a8315e6e5214d0b54dcd596280565d351806ef22cf3053f63623da72fcad9afa3896641658632334c9ec4f644c984 +c6d6722a916651a8671383d8260873347d9c248696b4cb3dac4dea9ba57ed971127cb18e44211d7e14177ace248b3c6e0785356ee261ebdc6ef0faf143 +5dd258a3e7505bc6b9776b0df25676a1c19e2c8258c7b5f2e361423523d96299eb6827bc7c27e7bca2d2b59d717c2ebcb05e6dcaa32289d96fae9a4077ef +19c14de35fe19c92cc0e624280e4136355d4cfa9a0a98b090c4b06f5665021920725852ff1f566b0c8c37157b25fb9f947a2e70b40577a17860a0732c170ac +5fcdcc02be7714a0dbc77df498bf999ea9225d564adca1c121c9af03af92cac8177b9b4a86bcc47c79aa32aac58a3fef967b2132e9352d4613fe890beed2571b +1afc8ec818bef0a479d2b4cac81d40a52cafa27f6d80c42fc23cbaf4141882ab59ab1101922fcb6e707ef2f61efd07cce5d09094e6bee420b1b96998c7cee96d +1afc8ec818bef0a479d2b4cac81d40a52cafa27f6d80c42fc23cbaf4141882ab59ab1101922fcb6e707ef2f61efd07cce5d09094e6bee420b1b96998c7cee96d +5789f474edd5206ededaccfc35e7dd3ed730748125b5395abf802b2601126b19b109a1db67556945bc79bb25e1ab59610599d155070e0e04354f11a6a5d6f3ac +e78efc663a5547c089f2b3b08973c974c4bfd365eac18b80c68bdb3b1ba4554b54d6b8465a68a3b9aa0bc020621f16efd5b8dd8c7c01ed9ee3ec5544aae465ff +1afc8ec818bef0a479d2b4cac81d40a52cafa27f6d80c42fc23cbaf4141882ab59ab1101922fcb6e707ef2f61efd07cce5d09094e6bee420b1b96998c7cee96d +1afc8ec818bef0a479d2b4cac81d40a52cafa27f6d80c42fc23cbaf4141882ab59ab1101922fcb6e707ef2f61efd07cce5d09094e6bee420b1b96998c7cee96d +fb4e2ad6b7fe6afd2ba06d5c1d79379c5bf10e336a35c89a1aaf408a805171716e0635a5b1d18190131e15b6888510bcb3e3752b050f892a09dbbde60b051495 +5789f474edd5206ededaccfc35e7dd3ed730748125b5395abf802b2601126b19b109a1db67556945bc79bb25e1ab59610599d155070e0e04354f11a6a5d6f3ac +e78efc663a5547c089f2b3b08973c974c4bfd365eac18b80c68bdb3b1ba4554b54d6b8465a68a3b9aa0bc020621f16efd5b8dd8c7c01ed9ee3ec5544aae465ff +4f9875a42ba0da8ae3448d2d62b1ff51be672eb1b8a1b0fa5bcd5334c861eff06b5903d672d318fd04e0ef94ddd37eca6d4ad2051a36a0236dc4cc09a5a44358 +ec9f272db92d1fa99324115f34cda8b4690ad029c1df36986cf9e1f844d8fdeca8e8e8311620ad24cbbfa12eccb676b979565405c8e2e20a2e4f18fb27c93d76 diff --git a/test/default/hash.c b/test/default/hash.c index c24f9c4..c220bd4 100644 --- a/test/default/hash.c +++ b/test/default/hash.c @@ -1,16 +1,41 @@ -#include <stdio.h> #define TEST_NAME "hash" #include "cmptest.h" unsigned char x[] = "testing\n"; +unsigned char x2[] = "The Conscience of a Hacker is a small essay written January 8, 1986 by a computer security hacker who went by the handle of The Mentor, who belonged to the 2nd generation of Legion of Doom."; unsigned char h[crypto_hash_BYTES]; int main(void) { - size_t i; - crypto_hash(h,x,sizeof x - 1U); - for (i = 0;i < crypto_hash_BYTES;++i) printf("%02x",(unsigned int) h[i]); - printf("\n"); - return 0; + size_t i; + + crypto_hash(h, x, sizeof x - 1U); + for (i = 0; i < crypto_hash_BYTES; ++i) { + printf("%02x", (unsigned int)h[i]); + } + printf("\n"); + crypto_hash(h, x2, sizeof x2 - 1U); + for (i = 0; i < crypto_hash_BYTES; ++i) { + printf("%02x", (unsigned int)h[i]); + } + printf("\n"); + crypto_hash_sha256(h, x, sizeof x - 1U); + for (i = 0; i < crypto_hash_sha256_BYTES; ++i) { + printf("%02x", (unsigned int)h[i]); + } + printf("\n"); + crypto_hash_sha256(h, x2, sizeof x2 - 1U); + for (i = 0; i < crypto_hash_sha256_BYTES; ++i) { + printf("%02x", (unsigned int)h[i]); + } + printf("\n"); + + assert(crypto_hash_bytes() > 0U); + assert(strcmp(crypto_hash_primitive(), "sha512") == 0); + assert(crypto_hash_sha256_bytes() > 0U); + assert(crypto_hash_sha512_bytes() >= crypto_hash_sha256_bytes()); + assert(crypto_hash_sha512_bytes() == crypto_hash_bytes()); + + return 0; } diff --git a/test/default/hash.exp b/test/default/hash.exp new file mode 100644 index 0000000..f26c0b0 --- /dev/null +++ b/test/default/hash.exp @@ -0,0 +1,4 @@ +24f950aac7b9ea9b3cb728228a0c82b67c39e96b4b344798870d5daee93e3ae5931baae8c7cacfea4b629452c38026a81d138bc7aad1af3ef7bfd5ec646d6c28 +a77abe1ccf8f5497e228fbc0acd73a521ededb21b89726684a6ebbc3baa32361aca5a244daa84f24bf19c68baf78e6907625a659b15479eb7bd426fc62aafa73 +12a61f4e173fb3a11c05d6471f74728f76231b4a5fcd9667cef3af87a3ae4dc2 +71cc8123fef8c236e451d3c3ddf1adae9aa6cd9521e7041769d737024900a03a diff --git a/test/default/hash2.exp b/test/default/hash2.exp new file mode 100644 index 0000000..df58217 --- /dev/null +++ b/test/default/hash2.exp @@ -0,0 +1 @@ +24f950aac7b9ea9b3cb728228a0c82b67c39e96b4b344798870d5daee93e3ae5931baae8c7cacfea4b629452c38026a81d138bc7aad1af3ef7bfd5ec646d6c28 diff --git a/test/default/hash3.c b/test/default/hash3.c index a546125..01df6f0 100644 --- a/test/default/hash3.c +++ b/test/default/hash3.c @@ -1,16 +1,19 @@ -#include <stdio.h> #define TEST_NAME "hash3" #include "cmptest.h" unsigned char x[] = "testing\n"; -unsigned char h[crypto_hash_sha512_BYTES]; +unsigned char h[crypto_hash_BYTES]; int main(void) { - size_t i; - crypto_hash_sha512(h,x,sizeof x - 1U); - for (i = 0;i < crypto_hash_sha512_BYTES;++i) printf("%02x",(unsigned int) h[i]); - printf("\n"); - return 0; + size_t i; + + crypto_hash(h, x, sizeof x - 1U); + for (i = 0; i < crypto_hash_BYTES; ++i) { + printf("%02x", (unsigned int)h[i]); + } + printf("\n"); + + return 0; } diff --git a/test/default/hash3.exp b/test/default/hash3.exp new file mode 100644 index 0000000..df58217 --- /dev/null +++ b/test/default/hash3.exp @@ -0,0 +1 @@ +24f950aac7b9ea9b3cb728228a0c82b67c39e96b4b344798870d5daee93e3ae5931baae8c7cacfea4b629452c38026a81d138bc7aad1af3ef7bfd5ec646d6c28 diff --git a/test/default/onetimeauth.c b/test/default/onetimeauth.c index ddeb8ee..9a8b4f5 100644 --- a/test/default/onetimeauth.c +++ b/test/default/onetimeauth.c @@ -1,44 +1,56 @@ -#include <stdio.h> #define TEST_NAME "onetimeauth" #include "cmptest.h" -unsigned char rs[32] = { - 0xee,0xa6,0xa7,0x25,0x1c,0x1e,0x72,0x91 -,0x6d,0x11,0xc2,0xcb,0x21,0x4d,0x3c,0x25 -,0x25,0x39,0x12,0x1d,0x8e,0x23,0x4e,0x65 -,0x2d,0x65,0x1f,0xa4,0xc8,0xcf,0xf8,0x80 -} ; - -unsigned char c[131] = { - 0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 -,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce -,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 -,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a -,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b -,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 -,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 -,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 -,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a -,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae -,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea -,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda -,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde -,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 -,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 -,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 -,0xe3,0x55,0xa5 -} ; +unsigned char rs[32] + = { 0xee, 0xa6, 0xa7, 0x25, 0x1c, 0x1e, 0x72, 0x91, 0x6d, 0x11, 0xc2, + 0xcb, 0x21, 0x4d, 0x3c, 0x25, 0x25, 0x39, 0x12, 0x1d, 0x8e, 0x23, + 0x4e, 0x65, 0x2d, 0x65, 0x1f, 0xa4, 0xc8, 0xcf, 0xf8, 0x80 }; + +unsigned char c[131] + = { 0x8e, 0x99, 0x3b, 0x9f, 0x48, 0x68, 0x12, 0x73, 0xc2, 0x96, 0x50, 0xba, + 0x32, 0xfc, 0x76, 0xce, 0x48, 0x33, 0x2e, 0xa7, 0x16, 0x4d, 0x96, 0xa4, + 0x47, 0x6f, 0xb8, 0xc5, 0x31, 0xa1, 0x18, 0x6a, 0xc0, 0xdf, 0xc1, 0x7c, + 0x98, 0xdc, 0xe8, 0x7b, 0x4d, 0xa7, 0xf0, 0x11, 0xec, 0x48, 0xc9, 0x72, + 0x71, 0xd2, 0xc2, 0x0f, 0x9b, 0x92, 0x8f, 0xe2, 0x27, 0x0d, 0x6f, 0xb8, + 0x63, 0xd5, 0x17, 0x38, 0xb4, 0x8e, 0xee, 0xe3, 0x14, 0xa7, 0xcc, 0x8a, + 0xb9, 0x32, 0x16, 0x45, 0x48, 0xe5, 0x26, 0xae, 0x90, 0x22, 0x43, 0x68, + 0x51, 0x7a, 0xcf, 0xea, 0xbd, 0x6b, 0xb3, 0x73, 0x2b, 0xc0, 0xe9, 0xda, + 0x99, 0x83, 0x2b, 0x61, 0xca, 0x01, 0xb6, 0xde, 0x56, 0x24, 0x4a, 0x9e, + 0x88, 0xd5, 0xf9, 0xb3, 0x79, 0x73, 0xf6, 0x22, 0xa4, 0x3d, 0x14, 0xa6, + 0x59, 0x9b, 0x1f, 0x65, 0x4c, 0xb4, 0x5a, 0x74, 0xe3, 0x55, 0xa5 }; unsigned char a[16]; int main(void) { - int i; - crypto_onetimeauth_poly1305(a,c,131,rs); - for (i = 0;i < 16;++i) { - printf(",0x%02x",(unsigned int) a[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + crypto_onetimeauth_state st; + int i; + + crypto_onetimeauth(a, c, 131, rs); + for (i = 0; i < 16; ++i) { + printf(",0x%02x", (unsigned int)a[i]); + if (i % 8 == 7) + printf("\n"); + } + + memset(a, 0, sizeof a); + crypto_onetimeauth_init(&st, rs); + crypto_onetimeauth_update(&st, c, 100); + crypto_onetimeauth_update(&st, c + 100, 31); + crypto_onetimeauth_final(&st, a); + for (i = 0; i < 16; ++i) { + printf(",0x%02x", (unsigned int)a[i]); + if (i % 8 == 7) + printf("\n"); + } + + assert(crypto_onetimeauth_bytes() > 0U); + assert(crypto_onetimeauth_keybytes() > 0U); + assert(strcmp(crypto_onetimeauth_primitive(), "poly1305") == 0); + assert(crypto_onetimeauth_poly1305_bytes() == crypto_onetimeauth_bytes()); + assert(crypto_onetimeauth_poly1305_keybytes() + == crypto_onetimeauth_keybytes()); + + return 0; } diff --git a/test/default/onetimeauth.exp b/test/default/onetimeauth.exp new file mode 100644 index 0000000..33973bd --- /dev/null +++ b/test/default/onetimeauth.exp @@ -0,0 +1,4 @@ +,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 +,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 +,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 +,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 diff --git a/test/default/onetimeauth2.c b/test/default/onetimeauth2.c index 2114e29..e33a9fe 100644 --- a/test/default/onetimeauth2.c +++ b/test/default/onetimeauth2.c @@ -1,42 +1,30 @@ -#include <stdio.h> #define TEST_NAME "onetimeauth2" #include "cmptest.h" -unsigned char rs[32] = { - 0xee,0xa6,0xa7,0x25,0x1c,0x1e,0x72,0x91 -,0x6d,0x11,0xc2,0xcb,0x21,0x4d,0x3c,0x25 -,0x25,0x39,0x12,0x1d,0x8e,0x23,0x4e,0x65 -,0x2d,0x65,0x1f,0xa4,0xc8,0xcf,0xf8,0x80 -} ; +unsigned char rs[32] + = { 0xee, 0xa6, 0xa7, 0x25, 0x1c, 0x1e, 0x72, 0x91, 0x6d, 0x11, 0xc2, + 0xcb, 0x21, 0x4d, 0x3c, 0x25, 0x25, 0x39, 0x12, 0x1d, 0x8e, 0x23, + 0x4e, 0x65, 0x2d, 0x65, 0x1f, 0xa4, 0xc8, 0xcf, 0xf8, 0x80 }; -unsigned char c[131] = { - 0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 -,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce -,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 -,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a -,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b -,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 -,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 -,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 -,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a -,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae -,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea -,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda -,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde -,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 -,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 -,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 -,0xe3,0x55,0xa5 -} ; +unsigned char c[131] + = { 0x8e, 0x99, 0x3b, 0x9f, 0x48, 0x68, 0x12, 0x73, 0xc2, 0x96, 0x50, 0xba, + 0x32, 0xfc, 0x76, 0xce, 0x48, 0x33, 0x2e, 0xa7, 0x16, 0x4d, 0x96, 0xa4, + 0x47, 0x6f, 0xb8, 0xc5, 0x31, 0xa1, 0x18, 0x6a, 0xc0, 0xdf, 0xc1, 0x7c, + 0x98, 0xdc, 0xe8, 0x7b, 0x4d, 0xa7, 0xf0, 0x11, 0xec, 0x48, 0xc9, 0x72, + 0x71, 0xd2, 0xc2, 0x0f, 0x9b, 0x92, 0x8f, 0xe2, 0x27, 0x0d, 0x6f, 0xb8, + 0x63, 0xd5, 0x17, 0x38, 0xb4, 0x8e, 0xee, 0xe3, 0x14, 0xa7, 0xcc, 0x8a, + 0xb9, 0x32, 0x16, 0x45, 0x48, 0xe5, 0x26, 0xae, 0x90, 0x22, 0x43, 0x68, + 0x51, 0x7a, 0xcf, 0xea, 0xbd, 0x6b, 0xb3, 0x73, 0x2b, 0xc0, 0xe9, 0xda, + 0x99, 0x83, 0x2b, 0x61, 0xca, 0x01, 0xb6, 0xde, 0x56, 0x24, 0x4a, 0x9e, + 0x88, 0xd5, 0xf9, 0xb3, 0x79, 0x73, 0xf6, 0x22, 0xa4, 0x3d, 0x14, 0xa6, + 0x59, 0x9b, 0x1f, 0x65, 0x4c, 0xb4, 0x5a, 0x74, 0xe3, 0x55, 0xa5 }; -unsigned char a[16] = { - 0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 -,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 -} ; +unsigned char a[16] = { 0xf3, 0xff, 0xc7, 0x70, 0x3f, 0x94, 0x00, 0xe5, + 0x2a, 0x7d, 0xfb, 0x4b, 0x3d, 0x33, 0x05, 0xd9 }; int main(void) { - printf("%d\n",crypto_onetimeauth_poly1305_verify(a,c,131,rs)); - return 0; + printf("%d\n", crypto_onetimeauth_verify(a, c, 131, rs)); + return 0; } diff --git a/test/default/onetimeauth2.exp b/test/default/onetimeauth2.exp new file mode 100644 index 0000000..573541a --- /dev/null +++ b/test/default/onetimeauth2.exp @@ -0,0 +1 @@ +0 diff --git a/test/default/onetimeauth7.c b/test/default/onetimeauth7.c index 6d99134..18d1186 100644 --- a/test/default/onetimeauth7.c +++ b/test/default/onetimeauth7.c @@ -1,5 +1,4 @@ -#include <stdio.h> -#include <stdlib.h> + #include "windows/windows-quirks.h" #define TEST_NAME "onetimeauth7" @@ -11,27 +10,28 @@ unsigned char a[16]; int main(void) { - int clen; - for (clen = 0;clen < 10000;++clen) { - randombytes(key,sizeof key); - randombytes(c,clen); - crypto_onetimeauth_poly1305(a,c,clen,key); - if (crypto_onetimeauth_poly1305_verify(a,c,clen,key) != 0) { - printf("fail %d\n",clen); - return 100; - } - if (clen > 0) { - c[rand() % clen] += 1 + (rand() % 255); - if (crypto_onetimeauth_poly1305_verify(a,c,clen,key) == 0) { - printf("forgery %d\n",clen); - return 100; - } - a[rand() % sizeof a] += 1 + (rand() % 255); - if (crypto_onetimeauth_poly1305_verify(a,c,clen,key) == 0) { - printf("forgery %d\n",clen); - return 100; - } + int clen; + + for (clen = 0; clen < 10000; ++clen) { + randombytes_buf(key, sizeof key); + randombytes_buf(c, clen); + crypto_onetimeauth(a, c, clen, key); + if (crypto_onetimeauth_verify(a, c, clen, key) != 0) { + printf("fail %d\n", clen); + return 100; + } + if (clen > 0) { + c[rand() % clen] += 1 + (rand() % 255); + if (crypto_onetimeauth_verify(a, c, clen, key) == 0) { + printf("forgery %d\n", clen); + return 100; + } + a[rand() % sizeof a] += 1 + (rand() % 255); + if (crypto_onetimeauth_verify(a, c, clen, key) == 0) { + printf("forgery %d\n", clen); + return 100; + } + } } - } - return 0; + return 0; } diff --git a/test/default/onetimeauth7.exp b/test/default/onetimeauth7.exp new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/test/default/onetimeauth7.exp diff --git a/test/default/pwhash.c b/test/default/pwhash.c index 7d00902..f61214f 100644 --- a/test/default/pwhash.c +++ b/test/default/pwhash.c @@ -1,5 +1,3 @@ -#include <stdio.h> -#include <string.h> #define TEST_NAME "pwhash" #include "cmptest.h" @@ -7,42 +5,102 @@ static void tv(void) { static struct { - const char *passwd_hex; - unsigned long long passwdlen; - const char *salt_hex; - unsigned long long outlen; - unsigned long long opslimit; - size_t memlimit; + const char *passwd_hex; + unsigned long long passwdlen; + const char *salt_hex; + unsigned long long outlen; + unsigned long long opslimit; + size_t memlimit; } tests[] = { - {"a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae065577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08da232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f58d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", 127, "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", 155, 481326, 7256678}, - {"e125cee61c8cb7778d9e5ad0a6f5d978ce9f84de213a8556d9ffe202020ab4a6ed9074a4eb3416f9b168f137510f3a30b70b96cbfa219ff99f6c6eaffb15c06b60e00cc2890277f0fd3c622115772f7048adaebed86e", 86, "f1192dd5dc2368b9cd421338b22433455ee0a3699f9379a08b9650ea2c126f0d", 250, 535778, 7849083}, - {"92263cbf6ac376499f68a4289d3bb59e5a22335eba63a32e6410249155b956b6a3b48d4a44906b18b897127300b375b8f834f1ceffc70880a885f47c33876717e392be57f7da3ae58da4fd1f43daa7e44bb82d3717af4319349c24cd31e46d295856b0441b6b289992a11ced1cc3bf3011604590244a3eb737ff221129215e4e4347f4915d41292b5173d196eb9add693be5319fdadc242906178bb6c0286c9b6ca6012746711f58c8c392016b2fdfc09c64f0f6b6ab7b", 183, "3b840e20e9555e9fb031c4ba1f1747ce25cc1d0ff664be676b9b4a90641ff194", 249, 311757, 7994791}, - {"027b6d8e8c8c474e9b69c7d9ed4f9971e8e1ce2f6ba95048414c3970f0f09b70e3b6c5ae05872b3d8678705b7d381829c351a5a9c88c233569b35d6b0b809df44b6451a9c273f1150e2ef8a0b5437eb701e373474cd44b97ef0248ebce2ca0400e1b53f3d86221eca3f18eb45b702b9172440f774a82cbf1f6f525df30a6e293c873cce69bb078ed1f0d31e7f9b8062409f37f19f8550aae", 152, "eb2a3056a09ad2d7d7f975bcd707598f24cd32518cde3069f2e403b34bfee8a5", 5, 643464, 1397645}, - {"4a857e2ee8aa9b6056f2424e84d24a72473378906ee04a46cb05311502d5250b82ad86b83c8f20a23dbb74f6da60b0b6ecffd67134d45946ac8ebfb3064294bc097d43ced68642bfb8bbbdd0f50b30118f5e", 82, "39d82eef32010b8b79cc5ba88ed539fbaba741100f2edbeca7cc171ffeabf258", 190, 758010, 5432947}, - {"1845e375479537e9dd4f4486d5c91ac72775d66605eeb11a787b78a7745f1fd0052d526c67235dbae1b2a4d575a74cb551c8e9096c593a497aee74ba3047d911358ede57bc27c9ea1829824348daaab606217cc931dcb6627787bd6e4e5854f0e8", 97, "3ee91a805aa62cfbe8dce29a2d9a44373a5006f4a4ce24022aca9cecb29d1473", 212, 233177, 13101817}, - {"c7b09aec680e7b42fedd7fc792e78b2f6c1bea8f4a884320b648f81e8cf515e8ba9dcfb11d43c4aae114c1734aa69ca82d44998365db9c93744fa28b63fd16000e8261cbbe083e7e2da1e5f696bde0834fe53146d7e0e35e7de9920d041f5a5621aabe02da3e2b09b405b77937efef3197bd5772e41fdb73fb5294478e45208063b5f58e089dbeb6d6342a909c1307b3fff5fe2cf4da56bdae50848f", 156, "039c056d933b475032777edbaffac50f143f64c123329ed9cf59e3b65d3f43b6", 178, 234753, 4886999}, - {"8f3a06e2fd8711350a517bb12e31f3d3423e8dc0bb14aac8240fca0995938d59bb37bd0a7dfc9c9cc0705684b46612e8c8b1d6655fb0f9887562bb9899791a0250d1320f945eda48cdc20c233f40a5bb0a7e3ac5ad7250ce684f68fc0b8c9633bfd75aad116525af7bdcdbbdb4e00ab163fd4df08f243f12557e", 122, "90631f686a8c3dbc0703ffa353bc1fdf35774568ac62406f98a13ed8f47595fd", 55, 695191, 15738350}, - {"b540beb016a5366524d4605156493f9874514a5aa58818cd0c6dfffaa9e90205f17b", 34, "44071f6d181561670bda728d43fb79b443bb805afdebaf98622b5165e01b15fb", 231, 78652, 6631659}, - {"a14975c26c088755a8b715ff2528d647cd343987fcf4aa25e7194a8417fb2b4b3f7268da9f3182b4cfb22d138b2749d673a47ecc7525dd15a0a3c66046971784bb63d7eae24cc84f2631712075a10e10a96b0e0ee67c43e01c423cb9c44e5371017e9c496956b632158da3fe12addecb88912e6759bc37f9af2f45af72c5cae3b179ffb676a697de6ebe45cd4c16d4a9d642d29ddc0186a0a48cb6cd62bfc3dd229d313b301560971e740e2cf1f99a9a090a5b283f35475057e96d7064e2e0fc81984591068d55a3b4169f22cccb0745a2689407ea1901a0a766eb99", 220, "3d968b2752b8838431165059319f3ff8910b7b8ecb54ea01d3f54769e9d98daf", 167, 717248, 10784179}, - }; - char passwd[256]; + { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0" + "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d" + "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5" + "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", + 127, + "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", + 155, 481326, 7256678 }, + { "e125cee61c8cb7778d9e5ad0a6f5d978ce9f84de213a8556d9ffe202020ab4a6ed" + "9074a4eb3416f9b168f137510f3a30b70b96cbfa219ff99f6c6eaffb15c06b60e0" + "0cc2890277f0fd3c622115772f7048adaebed86e", + 86, + "f1192dd5dc2368b9cd421338b22433455ee0a3699f9379a08b9650ea2c126f0d", + 250, 535778, 7849083 }, + { "92263cbf6ac376499f68a4289d3bb59e5a22335eba63a32e6410249155b956b6a3" + "b48d4a44906b18b897127300b375b8f834f1ceffc70880a885f47c33876717e392" + "be57f7da3ae58da4fd1f43daa7e44bb82d3717af4319349c24cd31e46d295856b0" + "441b6b289992a11ced1cc3bf3011604590244a3eb737ff221129215e4e4347f491" + "5d41292b5173d196eb9add693be5319fdadc242906178bb6c0286c9b6ca6012746" + "711f58c8c392016b2fdfc09c64f0f6b6ab7b", + 183, + "3b840e20e9555e9fb031c4ba1f1747ce25cc1d0ff664be676b9b4a90641ff194", + 249, 311757, 7994791 }, + { "027b6d8e8c8c474e9b69c7d9ed4f9971e8e1ce2f6ba95048414c3970f0f09b70e3" + "b6c5ae05872b3d8678705b7d381829c351a5a9c88c233569b35d6b0b809df44b64" + "51a9c273f1150e2ef8a0b5437eb701e373474cd44b97ef0248ebce2ca0400e1b53" + "f3d86221eca3f18eb45b702b9172440f774a82cbf1f6f525df30a6e293c873cce6" + "9bb078ed1f0d31e7f9b8062409f37f19f8550aae", + 152, + "eb2a3056a09ad2d7d7f975bcd707598f24cd32518cde3069f2e403b34bfee8a5", + 5, 643464, 1397645 }, + { "4a857e2ee8aa9b6056f2424e84d24a72473378906ee04a46cb05311502d5250b82" + "ad86b83c8f20a23dbb74f6da60b0b6ecffd67134d45946ac8ebfb3064294bc097d" + "43ced68642bfb8bbbdd0f50b30118f5e", + 82, + "39d82eef32010b8b79cc5ba88ed539fbaba741100f2edbeca7cc171ffeabf258", + 190, 758010, 5432947 }, + { "1845e375479537e9dd4f4486d5c91ac72775d66605eeb11a787b78a7745f1fd005" + "2d526c67235dbae1b2a4d575a74cb551c8e9096c593a497aee74ba3047d911358e" + "de57bc27c9ea1829824348daaab606217cc931dcb6627787bd6e4e5854f0e8", + 97, + "3ee91a805aa62cfbe8dce29a2d9a44373a5006f4a4ce24022aca9cecb29d1473", + 212, 233177, 13101817 }, + { "c7b09aec680e7b42fedd7fc792e78b2f6c1bea8f4a884320b648f81e8cf515e8ba" + "9dcfb11d43c4aae114c1734aa69ca82d44998365db9c93744fa28b63fd16000e82" + "61cbbe083e7e2da1e5f696bde0834fe53146d7e0e35e7de9920d041f5a5621aabe" + "02da3e2b09b405b77937efef3197bd5772e41fdb73fb5294478e45208063b5f58e" + "089dbeb6d6342a909c1307b3fff5fe2cf4da56bdae50848f", + 156, + "039c056d933b475032777edbaffac50f143f64c123329ed9cf59e3b65d3f43b6", + 178, 234753, 4886999 }, + { "8f3a06e2fd8711350a517bb12e31f3d3423e8dc0bb14aac8240fca0995938d59bb" + "37bd0a7dfc9c9cc0705684b46612e8c8b1d6655fb0f9887562bb9899791a0250d1" + "320f945eda48cdc20c233f40a5bb0a7e3ac5ad7250ce684f68fc0b8c9633bfd75a" + "ad116525af7bdcdbbdb4e00ab163fd4df08f243f12557e", + 122, + "90631f686a8c3dbc0703ffa353bc1fdf35774568ac62406f98a13ed8f47595fd", + 55, 695191, 15738350 }, + { "b540beb016a5366524d4605156493f9874514a5aa58818cd0c6dfffaa9e90205f1" + "7b", + 34, + "44071f6d181561670bda728d43fb79b443bb805afdebaf98622b5165e01b15fb", + 231, 78652, 6631659 }, + { "a14975c26c088755a8b715ff2528d647cd343987fcf4aa25e7194a8417fb2b4b3f" + "7268da9f3182b4cfb22d138b2749d673a47ecc7525dd15a0a3c66046971784bb63" + "d7eae24cc84f2631712075a10e10a96b0e0ee67c43e01c423cb9c44e5371017e9c" + "496956b632158da3fe12addecb88912e6759bc37f9af2f45af72c5cae3b179ffb6" + "76a697de6ebe45cd4c16d4a9d642d29ddc0186a0a48cb6cd62bfc3dd229d313b30" + "1560971e740e2cf1f99a9a090a5b283f35475057e96d7064e2e0fc81984591068d" + "55a3b4169f22cccb0745a2689407ea1901a0a766eb99", + 220, + "3d968b2752b8838431165059319f3ff8910b7b8ecb54ea01d3f54769e9d98daf", + 167, 717248, 10784179 }, + }; + char passwd[256]; unsigned char salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; unsigned char out[256]; - char out_hex[256 * 2 + 1]; - size_t i = 0U; + char out_hex[256 * 2 + 1]; + size_t i = 0U; do { - sodium_hex2bin((unsigned char *) passwd, sizeof passwd, - tests[i].passwd_hex, strlen(tests[i].passwd_hex), - NULL, NULL, NULL); - sodium_hex2bin(salt, sizeof salt, - tests[i].salt_hex, strlen(tests[i].salt_hex), - NULL, NULL, NULL); - if (crypto_pwhash_scryptsalsa208sha256(out, tests[i].outlen, - passwd, tests[i].passwdlen, - (const unsigned char *) salt, - tests[i].opslimit, - tests[i].memlimit) != 0) { + sodium_hex2bin((unsigned char *)passwd, sizeof passwd, + tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL, + NULL, NULL); + sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex, + strlen(tests[i].salt_hex), NULL, NULL, NULL); + if (crypto_pwhash_scryptsalsa208sha256( + out, tests[i].outlen, passwd, tests[i].passwdlen, + (const unsigned char *)salt, tests[i].opslimit, + tests[i].memlimit) != 0) { printf("pwhash failure\n"); } sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen); @@ -53,28 +111,169 @@ static void tv(void) static void tv2(void) { static struct { - const char *passwd; - const char *out; + const char *passwd_hex; + unsigned long long passwdlen; + const char *salt_hex; + unsigned long long outlen; + unsigned long long opslimit; + size_t memlimit; } tests[] = { - {"^T5H$JYt39n%K*j:W]!1s?vg!:jGi]Ax?..l7[p0v:1jHTpla9;]bUN;?bWyCbtqg nrDFal+Jxl3,2`#^tFSu%v_+7iYse8-cCkNf!tD=KrW)", "$7$B6....1....75gBMAGwfFWZqBdyF3WdTQnWdUsuTiWjG1fF9c1jiSD$tc8RoB3.Em3/zNgMLWo2u00oGIoTyJv4fl3Fl8Tix72"}, - {"bl72h6#y<':MFRZ>B IA1=NRkCKS%W8`1I.2uQxJN0g)N N aTt^4K!Iw5r H6;crDsv^a55j9tsk'/GqweZn;cdk6+F_St6:#*=?ZCD_lw>.", "$7$A6....3....Iahc6qM0.UQJHVgE4h9oa1/4OWlWLm9CCtfguvz6bQD$QnXCo3M7nIqtry2WKsUZ5gQ.mY0wAlJu.WUhtE8vF66"}, - {"Py >e.5b+tLo@rL`dC2k@eJ&4eVl!W=JJ4+k&mAt@gt',FS1JjqKW3aq21:]^kna`mde7kVkN5NrpKUptu)@4*b&?BE_sJMG1=&@`3GBCV]Wg7xwgo7x3El", "$7$96..../....f6bEusKt79kK4wdYN0ki2nw4bJQ7P3rN6k3BSigsK/D$Dsvuw7vXj5xijmrb/NOhdgoyK/OiSIYv88cEtl9Cik7"}, - {"2vj;Um]FKOL27oam(:Uo8+UmSTvb1FD*h?jk_,S=;RDgF-$Fjk?]9yvfxe@fN^!NN(Cuml?+2Raa", "$7$86....I....7XwIxLtCx4VphmFeUa6OGuGJrFaIaYzDiLNu/tyUPhD$U3q5GCEqCWxMwh.YQHDJrlg7FIZgViv9pcXE3h1vg61"}, - {"CT=[9uUoGav,J`kU+348tA50ue#sL:ABZ3QgF+r[#vh:tTOiL>s8tv%,Jeo]jH/_4^i(*jD-_ku[9Ko[=86 06V", "$7$A6....2....R3.bjH6YS9wz9z8Jsj.3weGQ3J80ZZElGw2oVux1TP6$i5u6lFzXDHaIgYEICinLD6WNaovbiXP8SnLrDRdKgA9"}, - {"J#wNn`hDgOpTHNI.w^1a70%f,.9V_m038H_JIJQln`vdWnn/rmILR?9H5g(+`;@H(2VosN9Fgk[WEjaBr'yB9Q19-imNa04[Mk5kvGcSn-TV", "$7$B6....1....Dj1y.4mF1J9XmT/6IDskYdCLaPFJTq9xcCwXQ1DpT92$92/hYfZLRq1nTLyIz.uc/dC6wLqwnsoqpkadrCXusm6"}, - {"j4BS38Asa;p)[K+9TY!3YDj<LK-`nLVXQw9%*QfM", "$7$B6....1....5Ods8mojVwXJq4AywF/uI9BdMSiJ/zT8hQP/4cB68VC$nk4ExHNXJ802froj51/1wJTrSZvTIyyK7PecOxRRaz0"}, - {"M.R>Qw+!qJb]>pP :_.9`dxM9k [eR7Y!yL-3)sNs[R,j_/^ TH=5ny'15>6UXWcQW^6D%XCsO[vN[%ReA-`tV1vW(Nt*0KVK#]45P_A", "$7$B6....1....D/eyk8N5y6Z8YVQEsw521cTx.9zzLuK7YDs1KMMh.o4$alfW8ZbsUWnXc.vqon2zoljVk24Tt1.IsCuo2KurvS2"}, - {"K3S=KyH#)36_?]LxeR8QNKw6X=gFb'ai$C%29V* tyh^Wo$TN-#Q4qkmtTCf0LLb.^E$0uykkP", "$7$B6....1....CuBuU97xgAage8whp/JNKobo0TFbsORGVbfcQIefyP8$aqalP.XofGViB8EPLONqHma8vs1xc9uTIMYh9CgE.S8"}, - {"Y0!?iQa9M%5ekffW(`", "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5"}, - }; + { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0" + "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d" + "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5" + "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", + 127, + "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", + 155, 64, 1397645 }, + { "a347ae92bce9f80f6f595a4480fc9c2fe7e7d7148d371e9487d75f5c23008ffae0" + "65577a928febd9b1973a5a95073acdbeb6a030cfc0d79caa2dc5cd011cef02c08d" + "a232d76d52dfbca38ca8dcbd665b17d1665f7cf5fe59772ec909733b24de97d6f5" + "8d220b20c60d7c07ec1fd93c52c31020300c6c1facd77937a597c7a6", + 127, + "5541fbc995d5c197ba290346d2c559dedf405cf97e5f95482143202f9e74f5c2", + 155, 32768, 1397645 }, + }; + char passwd[256]; + unsigned char salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; + unsigned char out[256]; + char out_hex[256 * 2 + 1]; size_t i = 0U; do { - if (crypto_pwhash_scryptsalsa208sha256_str_verify(tests[i].out, - tests[i].passwd, - strlen(tests[i].passwd)) != 0) { - printf("pwhash_str failure\n"); + sodium_hex2bin((unsigned char *)passwd, sizeof passwd, + tests[i].passwd_hex, strlen(tests[i].passwd_hex), NULL, + NULL, NULL); + sodium_hex2bin(salt, sizeof salt, tests[i].salt_hex, + strlen(tests[i].salt_hex), NULL, NULL, NULL); + if (crypto_pwhash_scryptsalsa208sha256( + out, tests[i].outlen, passwd, tests[i].passwdlen, + (const unsigned char *)salt, tests[i].opslimit, + tests[i].memlimit) != 0) { + printf("pwhash failure\n"); } + sodium_bin2hex(out_hex, sizeof out_hex, out, tests[i].outlen); + printf("%s\n", out_hex); + } while (++i < (sizeof tests) / (sizeof tests[0])); +} + +static void tv3(void) +{ + static struct { + const char *passwd; + const char *out; + } tests[] = { + { "^T5H$JYt39n%K*j:W]!1s?vg!:jGi]Ax?..l7[p0v:1jHTpla9;]bUN;?bWyCbtqg " + "nrDFal+Jxl3,2`#^tFSu%v_+7iYse8-cCkNf!tD=KrW)", + "$7$B6....1....75gBMAGwfFWZqBdyF3WdTQnWdUsuTiWjG1fF9c1jiSD$tc8RoB3." + "Em3/zNgMLWo2u00oGIoTyJv4fl3Fl8Tix72" }, + { "bl72h6#y<':MFRZ>B IA1=NRkCKS%W8`1I.2uQxJN0g)N N aTt^4K!Iw5r " + "H6;crDsv^a55j9tsk'/GqweZn;cdk6+F_St6:#*=?ZCD_lw>.", + "$7$A6....3....Iahc6qM0.UQJHVgE4h9oa1/" + "4OWlWLm9CCtfguvz6bQD$QnXCo3M7nIqtry2WKsUZ5gQ.mY0wAlJu." + "WUhtE8vF66" }, + { "Py " + ">e.5b+tLo@rL`dC2k@eJ&4eVl!W=JJ4+k&mAt@gt',FS1JjqKW3aq21:]^kna`" + "mde7kVkN5NrpKUptu)@4*b&?BE_sJMG1=&@`3GBCV]Wg7xwgo7x3El", + "$7$96..../....f6bEusKt79kK4wdYN0ki2nw4bJQ7P3rN6k3BSigsK/" + "D$Dsvuw7vXj5xijmrb/NOhdgoyK/OiSIYv88cEtl9Cik7" }, + { "2vj;Um]FKOL27oam(:Uo8+UmSTvb1FD*h?jk_,S=;RDgF-$Fjk?]9yvfxe@fN^!NN(" + "Cuml?+2Raa", + "$7$86....I....7XwIxLtCx4VphmFeUa6OGuGJrFaIaYzDiLNu/" + "tyUPhD$U3q5GCEqCWxMwh.YQHDJrlg7FIZgViv9pcXE3h1vg61" }, + { "CT=[9uUoGav,J`kU+348tA50ue#sL:ABZ3QgF+r[#vh:tTOiL>s8tv%,Jeo]jH/" + "_4^i(*jD-_ku[9Ko[=86 06V", + "$7$A6....2....R3.bjH6YS9wz9z8Jsj.3weGQ3J80ZZElGw2oVux1TP6$" + "i5u6lFzXDHaIgYEICinLD6WNaovbiXP8SnLrDRdKgA9" }, + { "J#wNn`hDgOpTHNI.w^1a70%f,.9V_m038H_JIJQln`vdWnn/" + "rmILR?9H5g(+`;@H(2VosN9Fgk[WEjaBr'yB9Q19-imNa04[Mk5kvGcSn-TV", + "$7$B6....1....Dj1y.4mF1J9XmT/6IDskYdCLaPFJTq9xcCwXQ1DpT92$92/" + "hYfZLRq1nTLyIz.uc/dC6wLqwnsoqpkadrCXusm6" }, + { "j4BS38Asa;p)[K+9TY!3YDj<LK-`nLVXQw9%*QfM", + "$7$B6....1....5Ods8mojVwXJq4AywF/uI9BdMSiJ/zT8hQP/" + "4cB68VC$nk4ExHNXJ802froj51/1wJTrSZvTIyyK7PecOxRRaz0" }, + { "M.R>Qw+!qJb]>pP :_.9`dxM9k [eR7Y!yL-3)sNs[R,j_/^ " + "TH=5ny'15>6UXWcQW^6D%XCsO[vN[%ReA-`tV1vW(Nt*0KVK#]45P_A", + "$7$B6....1....D/" + "eyk8N5y6Z8YVQEsw521cTx.9zzLuK7YDs1KMMh.o4$alfW8ZbsUWnXc." + "vqon2zoljVk24Tt1.IsCuo2KurvS2" }, + { "K3S=KyH#)36_?]LxeR8QNKw6X=gFb'ai$C%29V* " + "tyh^Wo$TN-#Q4qkmtTCf0LLb.^E$0uykkP", + "$7$B6....1....CuBuU97xgAage8whp/" + "JNKobo0TFbsORGVbfcQIefyP8$aqalP." + "XofGViB8EPLONqHma8vs1xc9uTIMYh9CgE.S8" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + + /* Invalid pwhash strings */ + + { "Y0!?iQa9M%5ekffW(`", + "$7$A6....1....$TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$.6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A.....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A6.........TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i44269$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AH" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx54269" }, + { "Y0!?iQa9M%5ekffW(`", + "$7^A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$!6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A!....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A6....!....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "", + "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7fA6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4#" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$AX....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A6....1!...TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "a4ik5hGDN7foMuHOW.cp.CtX01UyCeO0.JAG.AHPpx5" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A6....1" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$" }, + { "Y0!?iQa9M%5ekffW(`", + "" }, + { "Y0!?iQa9M%5ekffW(`", + "$7$A6....1....TrXs5Zk6s8sWHpQgWDIXTR8kUU3s6Jc3s.DtdS8M2i4$" + "" }, + }; + char *out; + char *passwd; + size_t i = 0U; + + do { + out = (char *) sodium_malloc(strlen(tests[i].out) + 1U); + memcpy(out, tests[i].out, strlen(tests[i].out) + 1U); + passwd = (char *) sodium_malloc(strlen(tests[i].passwd) + 1U); + memcpy(passwd, tests[i].passwd, strlen(tests[i].passwd) + 1U); + if (crypto_pwhash_scryptsalsa208sha256_str_verify( + out, passwd, strlen(passwd)) != 0) { + printf("pwhash_str failure: [%u]\n", (unsigned int)i); + } + sodium_free(out); + sodium_free(passwd); } while (++i < (sizeof tests) / (sizeof tests[0])); } @@ -84,43 +283,52 @@ static void tv2(void) int main(void) { - char str_out[crypto_pwhash_scryptsalsa208sha256_STRBYTES]; - char str_out2[crypto_pwhash_scryptsalsa208sha256_STRBYTES]; - unsigned char out[OUT_LEN]; - char out_hex[OUT_LEN * 2 + 1]; - const char *salt = "[<~A 32-bytes salt for scrypt~>]"; - const char *passwd = "Correct Horse Battery Staple"; - size_t i; + char str_out[crypto_pwhash_scryptsalsa208sha256_STRBYTES]; + char str_out2[crypto_pwhash_scryptsalsa208sha256_STRBYTES]; + unsigned char out[OUT_LEN]; + char out_hex[OUT_LEN * 2 + 1]; + const char *salt = "[<~A 32-bytes salt for scrypt~>]"; + const char *passwd = "Correct Horse Battery Staple"; + size_t i; tv(); tv2(); + tv3(); if (crypto_pwhash_scryptsalsa208sha256_str(str_out, passwd, strlen(passwd), - OPSLIMIT, MEMLIMIT) != 0) { + OPSLIMIT, MEMLIMIT) != 0) { printf("pwhash_str failure\n"); } if (crypto_pwhash_scryptsalsa208sha256_str(str_out2, passwd, strlen(passwd), - OPSLIMIT, MEMLIMIT) != 0) { + OPSLIMIT, MEMLIMIT) != 0) { printf("pwhash_str(2) failure\n"); } if (strcmp(str_out, str_out2) == 0) { printf("pwhash_str doesn't generate different salts\n"); } if (crypto_pwhash_scryptsalsa208sha256_str_verify(str_out, passwd, - strlen(passwd)) != 0) { + strlen(passwd)) != 0) { printf("pwhash_str_verify failure\n"); } if (crypto_pwhash_scryptsalsa208sha256_str_verify(str_out, passwd, - strlen(passwd)) != 0) { + strlen(passwd)) != 0) { printf("pwhash_str_verify failure\n"); } - for (i = 14U; i < sizeof str_out; i++) { - str_out[i]++; - if (crypto_pwhash_scryptsalsa208sha256_str_verify(str_out, passwd, - strlen(passwd)) == 0) { - printf("pwhash_str_verify(2) failure\n"); - } - str_out[i]--; + str_out[14]++; + if (crypto_pwhash_scryptsalsa208sha256_str_verify( + str_out, passwd, strlen(passwd)) == 0) { + printf("pwhash_str_verify(2) failure\n"); } + str_out[14]--; + + assert(crypto_pwhash_scryptsalsa208sha256_saltbytes() > 0U); + assert(crypto_pwhash_scryptsalsa208sha256_strbytes() > 1U); + assert(crypto_pwhash_scryptsalsa208sha256_strbytes() > + strlen(crypto_pwhash_scryptsalsa208sha256_strprefix())); + assert(crypto_pwhash_scryptsalsa208sha256_opslimit_interactive() > 0U); + assert(crypto_pwhash_scryptsalsa208sha256_memlimit_interactive() > 0U); + assert(crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive() > 0U); + assert(crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive() > 0U); + printf("OK\n"); return 0; diff --git a/test/default/pwhash.exp b/test/default/pwhash.exp new file mode 100644 index 0000000..5c58d53 --- /dev/null +++ b/test/default/pwhash.exp @@ -0,0 +1,31 @@ +8d40f5f8c6a1791204f03e19a98cd74f918b6e331b39cfc2415e5014d7738b7bb0a83551fb14a035e07fdd4dc0c60c1a6822ac253918979f6324ff0c87cba75d3b91f88f41ca5414a0f152bdc4d636f42ab2250afd058c19ec31a3374d1bd7133289bf21513ff67cbf8482e626aee9864c58fd05f9ea02e508a10182b7d838157119866f072004987ef6c56683ed207705923921af9d76444a331a +d985d4c278343a46d82af0c4268b7ae6b6d1d2dd289675ef45bfb6d0648bffe5bab8c91228f3a31b091154a9c1142670a07b92e70a298333066de07db9300e046fd7cacc99780804683df7babdfc9d019047178400b2875bde0a1ad824dda7a422d9ed48475af9a3876378dd3a2f206e34984e223afb82c0c1e4644c9a458f4666379fdd3e2d9206d87e3c32c3977f35826a27590baaa1ec1a3bd7d15a92bc84c95dcfc56c14fca7c4c9810162dfdf9dc08a191e79fe40250b7e07d3a9317d9a5cb56e1062c419a6cd6a9b73128e8ad79ab7efffbb3cc52c1f49f86d2ebb46e6e4846aecdb14c2d046f5380517ff8cc794e4a772a58b93083dad +ee7e9e1369267ec555981f0ea088ff6f93953abfcb767d88ec3c46393d24cfbaba5e4e26e0f35b5d5259647748476d65cd8881c96f8cda049d9c877b2d33d932e67f4c0df2cb434b4b4900e0c49c3f8ba9663795420577e65d0b456201ad9162fbc485c7b44f2b34e6673aa3692c123021ee3b624c3bb22b808b89613d8ecc7b87da47f57152eb3f7b10ad206f6b09cb6935b347b5e42bc3b8c9c9bcd8d7b7c44929b367fc279dec48ea78e6ee3e2620d7459700bd0aedb1c9aa5a323ca94403927f5e5c2b73bda7c5c3287b62fe51874cfeb1dc3151cd886b26d83ece68833229d2d432798c602d85b0505947207d8430febbe901164b12ce +1828b82997 +bcc5c2fd785e4781d1201ed43d84925537e2a540d3de55f5812f29e9dd0a4a00451a5c8ddbb4862c03d45c75bf91b7fb49265feb667ad5c899fdbf2ca19eac67aa5e48595d5b02f8183ab07f71b1ce0d76e5df54919f63810ad0893ded7d1ca18fc956ec06ffd4c3d1f77a00ed53608947b25eea5df6bea02272be15815f974c321a2a9208674fdf59d1d798c2a12f1889df68b0c222b37ee9ef0d6391fc160b0281ec53073cb3a3706ce1d71c3af2f5237a1b3d8545d99012eecc0b4abb +82765c040c58c1810f8c053ef5c248556299385476bde44bdd91a0d9a239f24e9b1717fd8b23209ffa45b7aa7937296c601b79e77da99e8d2fda0ea4459be2d0900f5bc5a269b5488d873d4632d1baf75965e509ee24b12501a9ce3bbbd8b7d759987d545a1c221a363195e5802d768b3b9e00ebe5ac0ed8ad2362c1c4157b910a40f94adf2561a2b0d3e65dbb06f244e5ac44d362103df54c9b9175777b3db1cdadb03e977ab8a79baf1e1e18ec9f5d0f25c487ddc53d7e81910f83576b44e9caeece26e2eb376569ad3a8cdccbde8bc355210e +ca9216d4127e2e4a6ee3584b49be106217bb61cc807016d46d0cfbb1fd722e2bbac33541386bdfeac41a299ead22790993fcaa8e1d23bd1c8426afa5ff4c08e731dc476ef834f142c32dfb2c1be12b9978802e63b2cd6f226b1a8df59f0c79154d7ef4296a68ec654538d987104f9a11aca1b7c83ab2ed8fd69da6b88f0bcbd27d3fea01329cecf10c57ec3ba163d57b38801bd6c3b31ce527b33717bb56a46f78fb96be9f2424a21b3284232388cbba6a74 +2732a7566023c8db90a5fdd08dbe6c1b5e70c046d50c5735c8d86a589ba177f69db12d6cc3596319fa27c9e063ed05b8a31970a07dc905 +d7b1ef464be03ce9050b5108e25f0b8e821299986fe0ff89e17fbae65ba9fad167fbd265866ac03efc86ab0b50d46d6740a59adf5949b44f7f9f3ac3f3d4cc9f128966db9099deb1b6b78505242b2401a193820408eb0780b27162ebafb7c505b0e7c32ce66c6efc0be487008c1201454680498a2fc06e00b454e0b20933906bbb0e43b399b9ee46d882f107df1ebdd1e7cd867c9cdba6015b7e80064ae8b3417d969524bec046e782a13b125f058cd36b5d1ae65886ae7caab45a6d98651ada435b8ee11d5c1224232f5f515df974138dd6cf347b730481d4b073af8ff0394fe9f0b8cdfd99f5 +1839be14287053bfcd4ea60db82777fad1a6e9535c388b770743e61235449e668717199defd516c438b3ebd79b3529eb32482ef414525292ea1bbec09da10790a2330a4399f2fe6dd63d80954e3c547a5f1c619db5a30bde495b23f2214b4fa7572851d75246f2817775f0b521acc6efbc7832c9a76de7465e3c65cade88e86c973f85a882bb54f92b983977c6e937c88f083ba68c70fb49497065b158e2e789809b1d4cc9ec2d +d54916748076b9d9f72198c8fbef563462dc8c706e1ad38abd1fac570016721acd0a7659ab49a47299a996b43597690c0c947143069f35d83e606273dbf2d622321393949b8ed5a68315362c4f84804384d05e0e0e86bc00e3641233f9f975ab46b60ba185c5e5fe47f78efd207e69fd8f6390730828b93b9b3763ea1283caa03bc36726763715de811915681dd214524f5ad4dd386608cac6c7f2 +d54916748076b9d9f72198c8fbef563462dc8c706e1ad38abd1fac570016721acd0a7659ab49a47299a996b43597690c0c947143069f35d83e606273dbf2d622321393949b8ed5a68315362c4f84804384d05e0e0e86bc00e3641233f9f975ab46b60ba185c5e5fe47f78efd207e69fd8f6390730828b93b9b3763ea1283caa03bc36726763715de811915681dd214524f5ad4dd386608cac6c7f2 +pwhash_str failure: [10] +pwhash_str failure: [11] +pwhash_str failure: [12] +pwhash_str failure: [13] +pwhash_str failure: [14] +pwhash_str failure: [15] +pwhash_str failure: [16] +pwhash_str failure: [17] +pwhash_str failure: [18] +pwhash_str failure: [19] +pwhash_str failure: [20] +pwhash_str failure: [21] +pwhash_str failure: [22] +pwhash_str failure: [23] +pwhash_str failure: [24] +pwhash_str failure: [25] +pwhash_str failure: [26] +pwhash_str failure: [27] +OK diff --git a/test/default/pwhash_scrypt_ll.c b/test/default/pwhash_scrypt_ll.c index db72e4e..9b3951a 100644 --- a/test/default/pwhash_scrypt_ll.c +++ b/test/default/pwhash_scrypt_ll.c @@ -1,6 +1,3 @@ -#include <stdio.h> -#include <stdint.h> -#include <string.h> #define TEST_NAME "pwhash_scrypt_ll" #include "cmptest.h" @@ -9,47 +6,44 @@ static const char *password1 = ""; static const char *salt1 = ""; -static uint64_t N1 = 16U; -static uint32_t r1 = 1U; -static uint32_t p1 = 1U; +static uint64_t N1 = 16U; +static uint32_t r1 = 1U; +static uint32_t p1 = 1U; static const char *password2 = "password"; static const char *salt2 = "NaCl"; -static uint64_t N2 = 1024U; -static uint32_t r2 = 8U; -static uint32_t p2 = 16U; +static uint64_t N2 = 1024U; +static uint32_t r2 = 8U; +static uint32_t p2 = 16U; static const char *password3 = "pleaseletmein"; -static const char *salt3 = "SodiumChloride"; -static uint64_t N3 = 16384U; -static uint32_t r3 = 8U; -static uint32_t p3 = 1U; +static const char *salt3 = "SodiumChloride"; +static uint64_t N3 = 16384U; +static uint32_t r3 = 8U; +static uint32_t p3 = 1U; -static void test_vector(const char *password, const char *salt, - uint64_t N, uint32_t r, uint32_t p) +static void test_vector(const char *password, const char *salt, uint64_t N, + uint32_t r, uint32_t p) { uint8_t data[64]; - size_t i; - size_t olen = (sizeof data / sizeof data[0]); - size_t passwordLength = strlen(password); - size_t saltLenght = strlen(salt); - int lineitems = 0; - int lineitemsLimit = 15; - - if (crypto_pwhash_scryptsalsa208sha256_ll((const uint8_t *) password, - passwordLength, - (const uint8_t *) salt, - saltLenght, - N, r, p, data, olen) != 0) { - printf("pwhash_scryptsalsa208sha256_ll([%s],[%s]) failure\n", - password, salt); + size_t i; + size_t olen = (sizeof data / sizeof data[0]); + size_t passwordLength = strlen(password); + size_t saltLenght = strlen(salt); + int lineitems = 0; + int lineitemsLimit = 15; + + if (crypto_pwhash_scryptsalsa208sha256_ll( + (const uint8_t *)password, passwordLength, (const uint8_t *)salt, + saltLenght, N, r, p, data, olen) != 0) { + printf("pwhash_scryptsalsa208sha256_ll([%s],[%s]) failure\n", password, + salt); return; } - printf("scrypt('%s', '%s', %llu, %lu, %lu, %lu) =\n", - password, salt, - (unsigned long long) N, (unsigned long) r, (unsigned long) p, - (unsigned long) olen); + printf("scrypt('%s', '%s', %llu, %lu, %lu, %lu) =\n", password, salt, + (unsigned long long)N, (unsigned long)r, (unsigned long)p, + (unsigned long)olen); for (i = 0; i < olen; ++i) { printf("%02x%c", data[i], lineitems < lineitemsLimit ? ' ' : '\n'); @@ -59,9 +53,9 @@ static void test_vector(const char *password, const char *salt, int main(void) { - test_vector(password1, salt1, N1, r1, p1); - test_vector(password2, salt2, N2, r2, p2); - test_vector(password3, salt3, N3, r3, p3); + test_vector(password1, salt1, N1, r1, p1); + test_vector(password2, salt2, N2, r2, p2); + test_vector(password3, salt3, N3, r3, p3); - return 0; + return 0; } diff --git a/test/default/pwhash_scrypt_ll.exp b/test/default/pwhash_scrypt_ll.exp new file mode 100644 index 0000000..9b7f6a7 --- /dev/null +++ b/test/default/pwhash_scrypt_ll.exp @@ -0,0 +1,15 @@ +scrypt('', '', 16, 1, 1, 64) = +77 d6 57 62 38 65 7b 20 3b 19 ca 42 c1 8a 04 97 +f1 6b 48 44 e3 07 4a e8 df df fa 3f ed e2 14 42 +fc d0 06 9d ed 09 48 f8 32 6a 75 3a 0f c8 1f 17 +e8 d3 e0 fb 2e 0d 36 28 cf 35 e2 0c 38 d1 89 06 +scrypt('password', 'NaCl', 1024, 8, 16, 64) = +fd ba be 1c 9d 34 72 00 78 56 e7 19 0d 01 e9 fe +7c 6a d7 cb c8 23 78 30 e7 73 76 63 4b 37 31 62 +2e af 30 d9 2e 22 a3 88 6f f1 09 27 9d 98 30 da +c7 27 af b9 4a 83 ee 6d 83 60 cb df a2 cc 06 40 +scrypt('pleaseletmein', 'SodiumChloride', 16384, 8, 1, 64) = +70 23 bd cb 3a fd 73 48 46 1c 06 cd 81 fd 38 eb +fd a8 fb ba 90 4f 8e 3e a9 b5 43 f6 54 5d a1 f2 +d5 43 29 55 61 3f 0f cf 62 d4 97 05 24 2a 9a f9 +e6 1e 85 dc 0d 65 1e 40 df cf 01 7b 45 57 58 87 diff --git a/test/default/randombytes.c b/test/default/randombytes.c index f805c47..f9f337f 100644 --- a/test/default/randombytes.c +++ b/test/default/randombytes.c @@ -1,16 +1,93 @@ -#include "randombytes.h" + +#define TEST_NAME "randombytes" +#include "cmptest.h" unsigned char x[65536]; unsigned long long freq[256]; -int main(void) +static int compat_tests(void) { - unsigned long long i; + size_t i; + + memset(x, 0, sizeof x); + randombytes(x, sizeof x); + for (i = 0; i < 256; ++i) { + freq[i] = 0; + } + for (i = 0; i < sizeof x; ++i) { + ++freq[255 & (int)x[i]]; + } + for (i = 0; i < 256; ++i) { + if (!freq[i]) { + printf("nacl_tests failed\n"); + } + } + return 0; +} + +static int randombytes_tests(void) +{ + unsigned int i; + + assert(strcmp(randombytes_implementation_name(), "sysrandom") == 0); - randombytes(x,sizeof x); - for (i = 0;i < 256;++i) freq[i] = 0; - for (i = 0;i < sizeof x;++i) ++freq[255 & (int) x[i]]; - for (i = 0;i < 256;++i) if (!freq[i]) return 111; + randombytes(x, 1U); + randombytes_close(); + + for (i = 0; i < 256; ++i) { + freq[i] = 0; + } + for (i = 0; i < 65536; ++i) { + ++freq[randombytes_uniform(256)]; + } + for (i = 0; i < 256; ++i) { + if (!freq[i]) { + printf("randombytes_uniform() test failed\n"); + } + } + assert(randombytes_uniform(1U) == 0U); + randombytes_close(); + randombytes_set_implementation(&randombytes_salsa20_implementation); + assert(strcmp(randombytes_implementation_name(), "salsa20") == 0); + randombytes_stir(); + for (i = 0; i < 256; ++i) { + freq[i] = 0; + } + for (i = 0; i < 65536; ++i) { + ++freq[randombytes_uniform(256)]; + } + for (i = 0; i < 256; ++i) { + if (!freq[i]) { + printf("randombytes_uniform() test failed\n"); + } + } + memset(x, 0, sizeof x); + randombytes_buf(x, sizeof x); + for (i = 0; i < 256; ++i) { + freq[i] = 0; + } + for (i = 0; i < sizeof x; ++i) { + ++freq[255 & (int)x[i]]; + } + for (i = 0; i < 256; ++i) { + if (!freq[i]) { + printf("randombytes_buf() test failed\n"); + } + } + assert(randombytes_uniform(1U) == 0U); + randombytes_close(); + + randombytes(x, 1U); + randombytes_close(); + + return 0; +} + +int main(void) +{ + compat_tests(); + randombytes_tests(); + printf("OK\n"); - return 0; + return 0; } diff --git a/test/default/randombytes.exp b/test/default/randombytes.exp new file mode 100644 index 0000000..d86bac9 --- /dev/null +++ b/test/default/randombytes.exp @@ -0,0 +1 @@ +OK diff --git a/test/default/scalarmult.c b/test/default/scalarmult.c index 957bc9c..f931555 100644 --- a/test/default/scalarmult.c +++ b/test/default/scalarmult.c @@ -1,25 +1,38 @@ -#include <stdio.h> #define TEST_NAME "scalarmult" #include "cmptest.h" -unsigned char alicesk[32] = { - 0x77,0x07,0x6d,0x0a,0x73,0x18,0xa5,0x7d -,0x3c,0x16,0xc1,0x72,0x51,0xb2,0x66,0x45 -,0xdf,0x4c,0x2f,0x87,0xeb,0xc0,0x99,0x2a -,0xb1,0x77,0xfb,0xa5,0x1d,0xb9,0x2c,0x2a -} ; +unsigned char alicesk[32] + = { 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 0xc1, + 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 0xeb, 0xc0, + 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 0x2c, 0x2a }; unsigned char alicepk[32]; int main(void) { - int i; - crypto_scalarmult_curve25519_base(alicepk,alicesk); - for (i = 0;i < 32;++i) { - if (i > 0) printf(","); else printf(" "); - printf("0x%02x",(unsigned int) alicepk[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_scalarmult_base(alicepk, alicesk); + + for (i = 0; i < 32; ++i) { + if (i > 0) { + printf(","); + } else { + printf(" "); + } + printf("0x%02x", (unsigned int)alicepk[i]); + if (i % 8 == 7) { + printf("\n"); + } + } + assert(crypto_scalarmult_bytes() > 0U); + assert(crypto_scalarmult_scalarbytes() > 0U); + assert(strcmp(crypto_scalarmult_primitive(), "curve25519") == 0); + assert(crypto_scalarmult_bytes() == crypto_scalarmult_curve25519_bytes()); + assert(crypto_scalarmult_scalarbytes() + == crypto_scalarmult_curve25519_scalarbytes()); + assert(crypto_scalarmult_bytes() == crypto_scalarmult_scalarbytes()); + + return 0; } diff --git a/test/default/scalarmult.exp b/test/default/scalarmult.exp new file mode 100644 index 0000000..ddd130d --- /dev/null +++ b/test/default/scalarmult.exp @@ -0,0 +1,4 @@ + 0x85,0x20,0xf0,0x09,0x89,0x30,0xa7,0x54 +,0x74,0x8b,0x7d,0xdc,0xb4,0x3e,0xf7,0x5a +,0x0d,0xbf,0x3a,0x0d,0x26,0x38,0x1a,0xf4 +,0xeb,0xa4,0xa9,0x8e,0xaa,0x9b,0x4e,0x6a diff --git a/test/default/scalarmult2.c b/test/default/scalarmult2.c index 93a37d0..b5593df 100644 --- a/test/default/scalarmult2.c +++ b/test/default/scalarmult2.c @@ -1,25 +1,30 @@ -#include <stdio.h> #define TEST_NAME "scalarmult2" #include "cmptest.h" -unsigned char bobsk[32] = { - 0x5d,0xab,0x08,0x7e,0x62,0x4a,0x8a,0x4b -,0x79,0xe1,0x7f,0x8b,0x83,0x80,0x0e,0xe6 -,0x6f,0x3b,0xb1,0x29,0x26,0x18,0xb6,0xfd -,0x1c,0x2f,0x8b,0x27,0xff,0x88,0xe0,0xeb -} ; +unsigned char bobsk[32] + = { 0x5d, 0xab, 0x08, 0x7e, 0x62, 0x4a, 0x8a, 0x4b, 0x79, 0xe1, 0x7f, + 0x8b, 0x83, 0x80, 0x0e, 0xe6, 0x6f, 0x3b, 0xb1, 0x29, 0x26, 0x18, + 0xb6, 0xfd, 0x1c, 0x2f, 0x8b, 0x27, 0xff, 0x88, 0xe0, 0xeb }; unsigned char bobpk[32]; int main(void) { - int i; - crypto_scalarmult_curve25519_base(bobpk,bobsk); - for (i = 0;i < 32;++i) { - if (i > 0) printf(","); else printf(" "); - printf("0x%02x",(unsigned int) bobpk[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_scalarmult_base(bobpk, bobsk); + + for (i = 0; i < 32; ++i) { + if (i > 0) { + printf(","); + } else { + printf(" "); + } + printf("0x%02x", (unsigned int)bobpk[i]); + if (i % 8 == 7) { + printf("\n"); + } + } + return 0; } diff --git a/test/default/scalarmult2.exp b/test/default/scalarmult2.exp new file mode 100644 index 0000000..b539186 --- /dev/null +++ b/test/default/scalarmult2.exp @@ -0,0 +1,4 @@ + 0xde,0x9e,0xdb,0x7d,0x7b,0x7d,0xc1,0xb4 +,0xd3,0x5b,0x61,0xc2,0xec,0xe4,0x35,0x37 +,0x3f,0x83,0x43,0xc8,0x5b,0x78,0x67,0x4d +,0xad,0xfc,0x7e,0x14,0x6f,0x88,0x2b,0x4f diff --git a/test/default/scalarmult5.c b/test/default/scalarmult5.c index b6852a9..3dc6977 100644 --- a/test/default/scalarmult5.c +++ b/test/default/scalarmult5.c @@ -1,32 +1,35 @@ -#include <stdio.h> #define TEST_NAME "scalarmult5" #include "cmptest.h" -unsigned char alicesk[32] = { - 0x77,0x07,0x6d,0x0a,0x73,0x18,0xa5,0x7d -,0x3c,0x16,0xc1,0x72,0x51,0xb2,0x66,0x45 -,0xdf,0x4c,0x2f,0x87,0xeb,0xc0,0x99,0x2a -,0xb1,0x77,0xfb,0xa5,0x1d,0xb9,0x2c,0x2a -} ; +unsigned char alicesk[32] + = { 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 0xc1, + 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 0xeb, 0xc0, + 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 0x2c, 0x2a }; -unsigned char bobpk[32] = { - 0xde,0x9e,0xdb,0x7d,0x7b,0x7d,0xc1,0xb4 -,0xd3,0x5b,0x61,0xc2,0xec,0xe4,0x35,0x37 -,0x3f,0x83,0x43,0xc8,0x5b,0x78,0x67,0x4d -,0xad,0xfc,0x7e,0x14,0x6f,0x88,0x2b,0x4f -} ; +unsigned char bobpk[32] + = { 0xde, 0x9e, 0xdb, 0x7d, 0x7b, 0x7d, 0xc1, 0xb4, 0xd3, 0x5b, 0x61, + 0xc2, 0xec, 0xe4, 0x35, 0x37, 0x3f, 0x83, 0x43, 0xc8, 0x5b, 0x78, + 0x67, 0x4d, 0xad, 0xfc, 0x7e, 0x14, 0x6f, 0x88, 0x2b, 0x4f }; unsigned char k[32]; int main(void) { - int i; - crypto_scalarmult_curve25519(k,alicesk,bobpk); - for (i = 0;i < 32;++i) { - if (i > 0) printf(","); else printf(" "); - printf("0x%02x",(unsigned int) k[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_scalarmult(k, alicesk, bobpk); + + for (i = 0; i < 32; ++i) { + if (i > 0) { + printf(","); + } else { + printf(" "); + } + printf("0x%02x", (unsigned int)k[i]); + if (i % 8 == 7) { + printf("\n"); + } + } + return 0; } diff --git a/test/default/scalarmult5.exp b/test/default/scalarmult5.exp new file mode 100644 index 0000000..bec2113 --- /dev/null +++ b/test/default/scalarmult5.exp @@ -0,0 +1,4 @@ + 0x4a,0x5d,0x9d,0x5b,0xa4,0xce,0x2d,0xe1 +,0x72,0x8e,0x3b,0xf4,0x80,0x35,0x0f,0x25 +,0xe0,0x7e,0x21,0xc9,0x47,0xd1,0x9e,0x33 +,0x76,0xf0,0x9b,0x3c,0x1e,0x16,0x17,0x42 diff --git a/test/default/scalarmult6.c b/test/default/scalarmult6.c index c1ac885..6b4e576 100644 --- a/test/default/scalarmult6.c +++ b/test/default/scalarmult6.c @@ -1,32 +1,35 @@ -#include <stdio.h> #define TEST_NAME "scalarmult6" #include "cmptest.h" -unsigned char bobsk[32] = { - 0x5d,0xab,0x08,0x7e,0x62,0x4a,0x8a,0x4b -,0x79,0xe1,0x7f,0x8b,0x83,0x80,0x0e,0xe6 -,0x6f,0x3b,0xb1,0x29,0x26,0x18,0xb6,0xfd -,0x1c,0x2f,0x8b,0x27,0xff,0x88,0xe0,0xeb -} ; +unsigned char bobsk[32] + = { 0x5d, 0xab, 0x08, 0x7e, 0x62, 0x4a, 0x8a, 0x4b, 0x79, 0xe1, 0x7f, + 0x8b, 0x83, 0x80, 0x0e, 0xe6, 0x6f, 0x3b, 0xb1, 0x29, 0x26, 0x18, + 0xb6, 0xfd, 0x1c, 0x2f, 0x8b, 0x27, 0xff, 0x88, 0xe0, 0xeb }; -unsigned char alicepk[32] = { - 0x85,0x20,0xf0,0x09,0x89,0x30,0xa7,0x54 -,0x74,0x8b,0x7d,0xdc,0xb4,0x3e,0xf7,0x5a -,0x0d,0xbf,0x3a,0x0d,0x26,0x38,0x1a,0xf4 -,0xeb,0xa4,0xa9,0x8e,0xaa,0x9b,0x4e,0x6a -} ; +unsigned char alicepk[32] + = { 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b, 0x7d, + 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d, 0x26, 0x38, + 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 0x4e, 0x6a }; unsigned char k[32]; int main(void) { - int i; - crypto_scalarmult_curve25519(k,bobsk,alicepk); - for (i = 0;i < 32;++i) { - if (i > 0) printf(","); else printf(" "); - printf("0x%02x",(unsigned int) k[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_scalarmult(k, bobsk, alicepk); + + for (i = 0; i < 32; ++i) { + if (i > 0) { + printf(","); + } else { + printf(" "); + } + printf("0x%02x", (unsigned int)k[i]); + if (i % 8 == 7) { + printf("\n"); + } + } + return 0; } diff --git a/test/default/scalarmult6.exp b/test/default/scalarmult6.exp new file mode 100644 index 0000000..bec2113 --- /dev/null +++ b/test/default/scalarmult6.exp @@ -0,0 +1,4 @@ + 0x4a,0x5d,0x9d,0x5b,0xa4,0xce,0x2d,0xe1 +,0x72,0x8e,0x3b,0xf4,0x80,0x35,0x0f,0x25 +,0xe0,0x7e,0x21,0xc9,0x47,0xd1,0x9e,0x33 +,0x76,0xf0,0x9b,0x3c,0x1e,0x16,0x17,0x42 diff --git a/test/default/scalarmult7.c b/test/default/scalarmult7.c new file mode 100644 index 0000000..e83493e --- /dev/null +++ b/test/default/scalarmult7.c @@ -0,0 +1,31 @@ + +#define TEST_NAME "scalarmult7" +#include "cmptest.h" + +unsigned char p1[32] = { + 0x72, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, + 0x74, 0x8b, 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, + 0x0d, 0xbf, 0x3a, 0x0d, 0x26, 0x38, 0x1a, 0xf4, + 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 0x4e, 0xea +}; + +unsigned char p2[32] = { + 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, + 0x74, 0x8b, 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, + 0x0d, 0xbf, 0x3a, 0x0d, 0x26, 0x38, 0x1a, 0xf4, + 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 0x4e, 0x6a +}; + +unsigned char scalar[32]; +unsigned char out1[32]; +unsigned char out2[32]; + +int main(void) +{ + scalar[0] = 1U; + crypto_scalarmult_curve25519(out1, scalar, p1); + crypto_scalarmult_curve25519(out2, scalar, p2); + printf("%d\n", !!memcmp(out1, out2, 32)); + + return 0; +} diff --git a/test/default/scalarmult7.exp b/test/default/scalarmult7.exp new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/test/default/scalarmult7.exp @@ -0,0 +1 @@ +1 diff --git a/test/default/secretbox.c b/test/default/secretbox.c index 485a97a..6a06b29 100644 --- a/test/default/secretbox.c +++ b/test/default/secretbox.c @@ -1,58 +1,63 @@ -#include <stdio.h> #define TEST_NAME "secretbox" #include "cmptest.h" -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; +unsigned char firstkey[32] + = { 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 0x51, + 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 0xac, 0x64, + 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 0x83, 0x89 }; -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; // API requires first 32 bytes to be 0 -unsigned char m[163] = { - 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -,0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 -,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b -,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 -,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc -,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a -,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 -,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 -,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 -,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d -,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 -,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a -,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde -,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd -,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 -,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 -,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 -,0x5e,0x07,0x05 -} ; +unsigned char m[163] + = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0xbe, 0x07, 0x5f, 0xc5, + 0x3c, 0x81, 0xf2, 0xd5, 0xcf, 0x14, 0x13, 0x16, 0xeb, 0xeb, 0x0c, 0x7b, + 0x52, 0x28, 0xc5, 0x2a, 0x4c, 0x62, 0xcb, 0xd4, 0x4b, 0x66, 0x84, 0x9b, + 0x64, 0x24, 0x4f, 0xfc, 0xe5, 0xec, 0xba, 0xaf, 0x33, 0xbd, 0x75, 0x1a, + 0x1a, 0xc7, 0x28, 0xd4, 0x5e, 0x6c, 0x61, 0x29, 0x6c, 0xdc, 0x3c, 0x01, + 0x23, 0x35, 0x61, 0xf4, 0x1d, 0xb6, 0x6c, 0xce, 0x31, 0x4a, 0xdb, 0x31, + 0x0e, 0x3b, 0xe8, 0x25, 0x0c, 0x46, 0xf0, 0x6d, 0xce, 0xea, 0x3a, 0x7f, + 0xa1, 0x34, 0x80, 0x57, 0xe2, 0xf6, 0x55, 0x6a, 0xd6, 0xb1, 0x31, 0x8a, + 0x02, 0x4a, 0x83, 0x8f, 0x21, 0xaf, 0x1f, 0xde, 0x04, 0x89, 0x77, 0xeb, + 0x48, 0xf5, 0x9f, 0xfd, 0x49, 0x24, 0xca, 0x1c, 0x60, 0x90, 0x2e, 0x52, + 0xf0, 0xa0, 0x89, 0xbc, 0x76, 0x89, 0x70, 0x40, 0xe0, 0x82, 0xf9, 0x37, + 0x76, 0x38, 0x48, 0x64, 0x5e, 0x07, 0x05 }; unsigned char c[163]; int main(void) { - int i; - crypto_secretbox_xsalsa20poly1305( - c,m,163,nonce,firstkey - ); - for (i = 16;i < 163;++i) { - printf(",0x%02x",(unsigned int) c[i]); - if (i % 8 == 7) printf("\n"); - } - printf("\n"); - return 0; + int i; + + crypto_secretbox(c, m, 163, nonce, firstkey); + for (i = 16; i < 163; ++i) { + printf(",0x%02x", (unsigned int)c[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); + + assert(crypto_secretbox_keybytes() > 0U); + assert(crypto_secretbox_noncebytes() > 0U); + assert(crypto_secretbox_zerobytes() > 0U); + assert(crypto_secretbox_boxzerobytes() > 0U); + assert(crypto_secretbox_macbytes() > 0U); + assert(strcmp(crypto_secretbox_primitive(), "xsalsa20poly1305") == 0); + assert(crypto_secretbox_keybytes() + == crypto_secretbox_xsalsa20poly1305_keybytes()); + assert(crypto_secretbox_noncebytes() + == crypto_secretbox_xsalsa20poly1305_noncebytes()); + assert(crypto_secretbox_zerobytes() + == crypto_secretbox_xsalsa20poly1305_zerobytes()); + assert(crypto_secretbox_boxzerobytes() + == crypto_secretbox_xsalsa20poly1305_boxzerobytes()); + assert(crypto_secretbox_macbytes() + == crypto_secretbox_xsalsa20poly1305_macbytes()); + + return 0; } diff --git a/test/default/secretbox.exp b/test/default/secretbox.exp new file mode 100644 index 0000000..2b6c51e --- /dev/null +++ b/test/default/secretbox.exp @@ -0,0 +1,19 @@ +,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 +,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 +,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 +,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce +,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 +,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a +,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b +,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 +,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 +,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 +,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a +,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae +,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea +,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda +,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde +,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 +,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 +,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 +,0xe3,0x55,0xa5 diff --git a/test/default/secretbox2.c b/test/default/secretbox2.c index 5af6c41..37fc634 100644 --- a/test/default/secretbox2.c +++ b/test/default/secretbox2.c @@ -1,59 +1,46 @@ -#include <stdio.h> #define TEST_NAME "secretbox2" #include "cmptest.h" -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; +unsigned char firstkey[32] + = { 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 0x51, + 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 0xac, 0x64, + 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 0x83, 0x89 }; -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; // API requires first 16 bytes to be 0 -unsigned char c[163] = { - 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 -,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 -,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 -,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce -,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 -,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a -,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b -,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 -,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 -,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 -,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a -,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae -,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea -,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda -,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde -,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 -,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 -,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 -,0xe3,0x55,0xa5 -} ; +unsigned char c[163] + = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0xf3, 0xff, 0xc7, 0x70, 0x3f, 0x94, 0x00, 0xe5, + 0x2a, 0x7d, 0xfb, 0x4b, 0x3d, 0x33, 0x05, 0xd9, 0x8e, 0x99, 0x3b, 0x9f, + 0x48, 0x68, 0x12, 0x73, 0xc2, 0x96, 0x50, 0xba, 0x32, 0xfc, 0x76, 0xce, + 0x48, 0x33, 0x2e, 0xa7, 0x16, 0x4d, 0x96, 0xa4, 0x47, 0x6f, 0xb8, 0xc5, + 0x31, 0xa1, 0x18, 0x6a, 0xc0, 0xdf, 0xc1, 0x7c, 0x98, 0xdc, 0xe8, 0x7b, + 0x4d, 0xa7, 0xf0, 0x11, 0xec, 0x48, 0xc9, 0x72, 0x71, 0xd2, 0xc2, 0x0f, + 0x9b, 0x92, 0x8f, 0xe2, 0x27, 0x0d, 0x6f, 0xb8, 0x63, 0xd5, 0x17, 0x38, + 0xb4, 0x8e, 0xee, 0xe3, 0x14, 0xa7, 0xcc, 0x8a, 0xb9, 0x32, 0x16, 0x45, + 0x48, 0xe5, 0x26, 0xae, 0x90, 0x22, 0x43, 0x68, 0x51, 0x7a, 0xcf, 0xea, + 0xbd, 0x6b, 0xb3, 0x73, 0x2b, 0xc0, 0xe9, 0xda, 0x99, 0x83, 0x2b, 0x61, + 0xca, 0x01, 0xb6, 0xde, 0x56, 0x24, 0x4a, 0x9e, 0x88, 0xd5, 0xf9, 0xb3, + 0x79, 0x73, 0xf6, 0x22, 0xa4, 0x3d, 0x14, 0xa6, 0x59, 0x9b, 0x1f, 0x65, + 0x4c, 0xb4, 0x5a, 0x74, 0xe3, 0x55, 0xa5 }; unsigned char m[163]; int main(void) { - int i; - if (crypto_secretbox_xsalsa20poly1305_open( - m,c,163,nonce,firstkey - ) == 0) { - for (i = 32;i < 163;++i) { - printf(",0x%02x",(unsigned int) m[i]); - if (i % 8 == 7) printf("\n"); + int i; + + if (crypto_secretbox_open(m, c, 163, nonce, firstkey) == 0) { + for (i = 32; i < 163; ++i) { + printf(",0x%02x", (unsigned int)m[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); } - printf("\n"); - } - return 0; + return 0; } diff --git a/test/default/secretbox2.exp b/test/default/secretbox2.exp new file mode 100644 index 0000000..c61d455 --- /dev/null +++ b/test/default/secretbox2.exp @@ -0,0 +1,17 @@ +,0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 +,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b +,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 +,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc +,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a +,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 +,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 +,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 +,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d +,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 +,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a +,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde +,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd +,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 +,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 +,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 +,0x5e,0x07,0x05 diff --git a/test/default/secretbox7.c b/test/default/secretbox7.c index 337f081..492dd34 100644 --- a/test/default/secretbox7.c +++ b/test/default/secretbox7.c @@ -1,4 +1,3 @@ -#include <stdio.h> #define TEST_NAME "secretbox7" #include "cmptest.h" @@ -11,23 +10,26 @@ unsigned char m2[10000]; int main(void) { - size_t mlen; - size_t i; + size_t mlen; + size_t i; - for (mlen = 0;mlen < 1000 && mlen + crypto_secretbox_ZEROBYTES < sizeof m;++mlen) { - randombytes(k,crypto_secretbox_KEYBYTES); - randombytes(n,crypto_secretbox_NONCEBYTES); - randombytes(m + crypto_secretbox_ZEROBYTES,mlen); - crypto_secretbox(c,m,mlen + crypto_secretbox_ZEROBYTES,n,k); - if (crypto_secretbox_open(m2,c,mlen + crypto_secretbox_ZEROBYTES,n,k) == 0) { - for (i = 0;i < mlen + crypto_secretbox_ZEROBYTES;++i) - if (m2[i] != m[i]) { - printf("bad decryption\n"); - break; + for (mlen = 0; mlen < 1000 && mlen + crypto_secretbox_ZEROBYTES < sizeof m; + ++mlen) { + randombytes_buf(k, crypto_secretbox_KEYBYTES); + randombytes_buf(n, crypto_secretbox_NONCEBYTES); + randombytes_buf(m + crypto_secretbox_ZEROBYTES, mlen); + crypto_secretbox(c, m, mlen + crypto_secretbox_ZEROBYTES, n, k); + if (crypto_secretbox_open(m2, c, mlen + crypto_secretbox_ZEROBYTES, n, + k) == 0) { + for (i = 0; i < mlen + crypto_secretbox_ZEROBYTES; ++i) { + if (m2[i] != m[i]) { + printf("bad decryption\n"); + break; + } + } + } else { + printf("ciphertext fails verification\n"); } - } else { - printf("ciphertext fails verification\n"); } - } - return 0; + return 0; } diff --git a/test/default/secretbox7.exp b/test/default/secretbox7.exp new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/test/default/secretbox7.exp diff --git a/test/default/secretbox8.c b/test/default/secretbox8.c index 94808dc..7fbb811 100644 --- a/test/default/secretbox8.c +++ b/test/default/secretbox8.c @@ -1,5 +1,4 @@ -#include <stdio.h> -#include <stdlib.h> + #include "windows/windows-quirks.h" #define TEST_NAME "secretbox8" @@ -13,28 +12,31 @@ unsigned char m2[10000]; int main(void) { - size_t mlen; - size_t i; - int caught; + size_t mlen; + size_t i; + int caught; - for (mlen = 0;mlen < 1000 && mlen + crypto_secretbox_ZEROBYTES < sizeof m;++mlen) { - randombytes(k,crypto_secretbox_KEYBYTES); - randombytes(n,crypto_secretbox_NONCEBYTES); - randombytes(m + crypto_secretbox_ZEROBYTES,mlen); - crypto_secretbox(c,m,mlen + crypto_secretbox_ZEROBYTES,n,k); - caught = 0; - while (caught < 10) { - c[rand() % (mlen + crypto_secretbox_ZEROBYTES)] = rand(); - if (crypto_secretbox_open(m2,c,mlen + crypto_secretbox_ZEROBYTES,n,k) == 0) { - for (i = 0;i < mlen + crypto_secretbox_ZEROBYTES;++i) - if (m2[i] != m[i]) { - printf("forgery\n"); - return 100; - } - } else { - ++caught; - } + for (mlen = 0; mlen < 1000 && mlen + crypto_secretbox_ZEROBYTES < sizeof m; + ++mlen) { + randombytes_buf(k, crypto_secretbox_KEYBYTES); + randombytes_buf(n, crypto_secretbox_NONCEBYTES); + randombytes_buf(m + crypto_secretbox_ZEROBYTES, mlen); + crypto_secretbox(c, m, mlen + crypto_secretbox_ZEROBYTES, n, k); + caught = 0; + while (caught < 10) { + c[rand() % (mlen + crypto_secretbox_ZEROBYTES)] = rand(); + if (crypto_secretbox_open(m2, c, mlen + crypto_secretbox_ZEROBYTES, + n, k) == 0) { + for (i = 0; i < mlen + crypto_secretbox_ZEROBYTES; ++i) { + if (m2[i] != m[i]) { + printf("forgery\n"); + return 100; + } + } + } else { + ++caught; + } + } } - } - return 0; + return 0; } diff --git a/test/default/secretbox8.exp b/test/default/secretbox8.exp new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/test/default/secretbox8.exp diff --git a/test/default/secretbox_easy.c b/test/default/secretbox_easy.c index dc3f3bd..df85070 100644 --- a/test/default/secretbox_easy.c +++ b/test/default/secretbox_easy.c @@ -1,63 +1,57 @@ -#include <stdio.h> #define TEST_NAME "secretbox_easy" #include "cmptest.h" -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; - -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; - -unsigned char m[131] = { - 0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 -,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b -,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 -,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc -,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a -,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 -,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 -,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 -,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d -,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 -,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a -,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde -,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd -,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 -,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 -,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 -,0x5e,0x07,0x05 -} ; +unsigned char firstkey[32] + = { 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 0x51, + 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 0xac, 0x64, + 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 0x83, 0x89 }; + +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; + +unsigned char m[131] + = { 0xbe, 0x07, 0x5f, 0xc5, 0x3c, 0x81, 0xf2, 0xd5, 0xcf, 0x14, 0x13, 0x16, + 0xeb, 0xeb, 0x0c, 0x7b, 0x52, 0x28, 0xc5, 0x2a, 0x4c, 0x62, 0xcb, 0xd4, + 0x4b, 0x66, 0x84, 0x9b, 0x64, 0x24, 0x4f, 0xfc, 0xe5, 0xec, 0xba, 0xaf, + 0x33, 0xbd, 0x75, 0x1a, 0x1a, 0xc7, 0x28, 0xd4, 0x5e, 0x6c, 0x61, 0x29, + 0x6c, 0xdc, 0x3c, 0x01, 0x23, 0x35, 0x61, 0xf4, 0x1d, 0xb6, 0x6c, 0xce, + 0x31, 0x4a, 0xdb, 0x31, 0x0e, 0x3b, 0xe8, 0x25, 0x0c, 0x46, 0xf0, 0x6d, + 0xce, 0xea, 0x3a, 0x7f, 0xa1, 0x34, 0x80, 0x57, 0xe2, 0xf6, 0x55, 0x6a, + 0xd6, 0xb1, 0x31, 0x8a, 0x02, 0x4a, 0x83, 0x8f, 0x21, 0xaf, 0x1f, 0xde, + 0x04, 0x89, 0x77, 0xeb, 0x48, 0xf5, 0x9f, 0xfd, 0x49, 0x24, 0xca, 0x1c, + 0x60, 0x90, 0x2e, 0x52, 0xf0, 0xa0, 0x89, 0xbc, 0x76, 0x89, 0x70, 0x40, + 0xe0, 0x82, 0xf9, 0x37, 0x76, 0x38, 0x48, 0x64, 0x5e, 0x07, 0x05 }; unsigned char c[147 + crypto_secretbox_MACBYTES]; unsigned char mac[crypto_secretbox_MACBYTES]; int main(void) { - size_t i; - - crypto_secretbox_easy(c, m, 131, nonce, firstkey); - for (i = 0;i < 131 + crypto_secretbox_MACBYTES; ++i) { - printf(",0x%02x",(unsigned int) c[i]); - if (i % 8 == 7) printf("\n"); - } - printf("\n"); - - crypto_secretbox_detached(c, mac, m, 131, nonce, firstkey); - for (i = 0;i < crypto_secretbox_MACBYTES; ++i) { - printf(",0x%02x",(unsigned int) mac[i]); - if (i % 8 == 7) printf("\n"); - } - for (i = 0;i < 131; ++i) { - printf(",0x%02x",(unsigned int) c[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + size_t i; + + crypto_secretbox_easy(c, m, 131, nonce, firstkey); + for (i = 0; i < 131 + crypto_secretbox_MACBYTES; ++i) { + printf(",0x%02x", (unsigned int)c[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); + + crypto_secretbox_detached(c, mac, m, 131, nonce, firstkey); + for (i = 0; i < crypto_secretbox_MACBYTES; ++i) { + printf(",0x%02x", (unsigned int)mac[i]); + if (i % 8 == 7) + printf("\n"); + } + for (i = 0; i < 131; ++i) { + printf(",0x%02x", (unsigned int)c[i]); + if (i % 8 == 7) + printf("\n"); + } + + assert(crypto_secretbox_easy(c, m, SIZE_MAX - 1U, nonce, firstkey) == -1); + + return 0; } diff --git a/test/default/secretbox_easy.exp b/test/default/secretbox_easy.exp new file mode 100644 index 0000000..c4b4066 --- /dev/null +++ b/test/default/secretbox_easy.exp @@ -0,0 +1,38 @@ +,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 +,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 +,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 +,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce +,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 +,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a +,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b +,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 +,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 +,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 +,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a +,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae +,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea +,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda +,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde +,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 +,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 +,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 +,0xe3,0x55,0xa5 +,0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5 +,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9 +,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 +,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce +,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 +,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a +,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b +,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 +,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 +,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 +,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a +,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae +,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea +,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda +,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde +,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 +,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 +,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 +,0xe3,0x55,0xa5
\ No newline at end of file diff --git a/test/default/secretbox_easy2.c b/test/default/secretbox_easy2.c index 63105b6..3ad71ce 100644 --- a/test/default/secretbox_easy2.c +++ b/test/default/secretbox_easy2.c @@ -1,5 +1,3 @@ -#include <stdio.h> -#include <string.h> #define TEST_NAME "secretbox_easy2" #include "cmptest.h" @@ -17,12 +15,12 @@ int main(void) unsigned long long i; randombytes_buf(k, sizeof k); - mlen = (unsigned long long) randombytes_uniform((uint32_t) sizeof m); + mlen = (unsigned long long)randombytes_uniform((uint32_t)sizeof m); randombytes_buf(m, mlen); randombytes_buf(nonce, sizeof nonce); crypto_secretbox_easy(c, m, mlen, nonce, k); - crypto_secretbox_open_easy(m2, c, mlen + crypto_secretbox_MACBYTES, - nonce, k); + crypto_secretbox_open_easy(m2, c, mlen + crypto_secretbox_MACBYTES, nonce, + k); printf("%d\n", memcmp(m, m2, mlen)); for (i = 0; i < mlen + crypto_secretbox_MACBYTES - 1; i++) { diff --git a/test/default/secretbox_easy2.exp b/test/default/secretbox_easy2.exp new file mode 100644 index 0000000..aa47d0d --- /dev/null +++ b/test/default/secretbox_easy2.exp @@ -0,0 +1,2 @@ +0 +0 diff --git a/test/default/shorthash.c b/test/default/shorthash.c index 6f1d7f3..18081cd 100644 --- a/test/default/shorthash.c +++ b/test/default/shorthash.c @@ -1,6 +1,3 @@ -#include <stdio.h> - -#include "crypto_uint8.h" #define TEST_NAME "shorthash" #include "cmptest.h" @@ -8,16 +5,26 @@ int main(void) { #define MAXLEN 64 - crypto_uint8 in[MAXLEN], out[crypto_shorthash_BYTES], k[crypto_shorthash_KEYBYTES]; - size_t i,j; + unsigned char in[MAXLEN], out[crypto_shorthash_BYTES], + k[crypto_shorthash_KEYBYTES]; + size_t i, j; - for( i = 0; i < crypto_shorthash_KEYBYTES; ++i ) k[i] = i; + for (i = 0; i < crypto_shorthash_KEYBYTES; ++i) + k[i] = i; - for(i=0;i<MAXLEN;++i) { - in[i]=i; - crypto_shorthash( out, in, i, k ); - for (j = 0;j < crypto_shorthash_BYTES;++j) printf("%02x",(unsigned int) out[j]); + for (i = 0; i < MAXLEN; ++i) { + in[i] = i; + crypto_shorthash(out, in, i, k); + for (j = 0; j < crypto_shorthash_BYTES; ++j) + printf("%02x", (unsigned int)out[j]); printf("\n"); } + assert(crypto_shorthash_bytes() > 0); + assert(crypto_shorthash_keybytes() > 0); + assert(strcmp(crypto_shorthash_primitive(), "siphash24") == 0); + assert(crypto_shorthash_bytes() == crypto_shorthash_siphash24_bytes()); + assert(crypto_shorthash_keybytes() + == crypto_shorthash_siphash24_keybytes()); + return 0; } diff --git a/test/default/shorthash.exp b/test/default/shorthash.exp new file mode 100644 index 0000000..6ec8684 --- /dev/null +++ b/test/default/shorthash.exp @@ -0,0 +1,64 @@ +310e0edd47db6f72 +fd67dc93c539f874 +5a4fa9d909806c0d +2d7efbd796666785 +b7877127e09427cf +8da699cd64557618 +cee3fe586e46c9cb +37d1018bf50002ab +6224939a79f5f593 +b0e4a90bdf82009e +f3b9dd94c5bb5d7a +a7ad6b22462fb3f4 +fbe50e86bc8f1e75 +903d84c02756ea14 +eef27a8e90ca23f7 +e545be4961ca29a1 +db9bc2577fcc2a3f +9447be2cf5e99a69 +9cd38d96f0b3c14b +bd6179a71dc96dbb +98eea21af25cd6be +c7673b2eb0cbf2d0 +883ea3e395675393 +c8ce5ccd8c030ca8 +94af49f6c650adb8 +eab8858ade92e1bc +f315bb5bb835d817 +adcf6b0763612e2f +a5c91da7acaa4dde +716595876650a2a6 +28ef495c53a387ad +42c341d8fa92d832 +ce7cf2722f512771 +e37859f94623f3a7 +381205bb1ab0e012 +ae97a10fd434e015 +b4a31508beff4d31 +81396229f0907902 +4d0cf49ee5d4dcca +5c73336a76d8bf9a +d0a704536ba93e0e +925958fcd6420cad +a915c29bc8067318 +952b79f3bc0aa6d4 +f21df2e41d4535f9 +87577519048f53a9 +10a56cf5dfcd9adb +eb75095ccd986cd0 +51a9cb9ecba312e6 +96afadfc2ce666c7 +72fe52975a4364ee +5a1645b276d592a1 +b274cb8ebf87870a +6f9bb4203de7b381 +eaecb2a30b22a87f +9924a43cc1315724 +bd838d3aafbf8db7 +0b1a2a3265d51aea +135079a3231ce660 +932b2846e4d70666 +e1915f5cb1eca46c +f325965ca16d629f +575ff28e60381be5 +724506eb4c328a95 diff --git a/test/default/sign.c b/test/default/sign.c index 7267491..99ed085 100644 --- a/test/default/sign.c +++ b/test/default/sign.c @@ -1,23 +1,14 @@ -#include <stdio.h> -#include <string.h> #define TEST_NAME "sign" #include "cmptest.h" -#define KEYPAIR_SEED "1@ABCFGHLOPRSTUWabcdefghiklmnopq" - -#define crypto_sign_SECRETKEYBYTES_WITHOUT_PK \ - (crypto_sign_SECRETKEYBYTES - crypto_sign_PUBLICKEYBYTES) - -static const unsigned char keypair_seed[] = { - 0x42, 0x11, 0x51, 0xa4, 0x59, 0xfa, 0xea, 0xde, - 0x3d, 0x24, 0x71, 0x15, 0xf9, 0x4a, 0xed, 0xae, - 0x42, 0x31, 0x81, 0x24, 0x09, 0x5a, 0xfa, 0xbe, - 0x4d, 0x14, 0x51, 0xa5, 0x59, 0xfa, 0xed, 0xee -}; +static const unsigned char keypair_seed[] + = { 0x42, 0x11, 0x51, 0xa4, 0x59, 0xfa, 0xea, 0xde, 0x3d, 0x24, 0x71, + 0x15, 0xf9, 0x4a, 0xed, 0xae, 0x42, 0x31, 0x81, 0x24, 0x09, 0x5a, + 0xfa, 0xbe, 0x4d, 0x14, 0x51, 0xa5, 0x59, 0xfa, 0xed, 0xee }; typedef struct TestData_ { - const unsigned char sk[crypto_sign_SECRETKEYBYTES_WITHOUT_PK]; + const unsigned char sk[crypto_sign_SEEDBYTES]; const unsigned char pk[crypto_sign_PUBLICKEYBYTES]; const unsigned char sig[crypto_sign_BYTES]; const char *m; @@ -1052,26 +1043,29 @@ static TestData test_data[] = { int main(void) { - unsigned char sig[crypto_sign_BYTES]; - unsigned char sm[1024 + crypto_sign_BYTES]; - unsigned char m[1024]; - unsigned char skpk[crypto_sign_SECRETKEYBYTES + - crypto_sign_PUBLICKEYBYTES]; - unsigned char pk[crypto_sign_PUBLICKEYBYTES]; - unsigned char sk[crypto_sign_SECRETKEYBYTES]; - char pk_hex[crypto_sign_PUBLICKEYBYTES * 2 + 1]; - char sk_hex[crypto_sign_SECRETKEYBYTES * 2 + 1]; + unsigned char extracted_seed[crypto_sign_ed25519_SEEDBYTES]; + unsigned char extracted_pk[crypto_sign_ed25519_PUBLICKEYBYTES]; + unsigned char sig[crypto_sign_BYTES]; + unsigned char sm[1024 + crypto_sign_BYTES]; + unsigned char m[1024]; + unsigned char skpk[crypto_sign_SECRETKEYBYTES]; + unsigned char pk[crypto_sign_PUBLICKEYBYTES]; + unsigned char sk[crypto_sign_SECRETKEYBYTES]; + char pk_hex[crypto_sign_PUBLICKEYBYTES * 2 + 1]; + char sk_hex[crypto_sign_SECRETKEYBYTES * 2 + 1]; unsigned long long siglen; unsigned long long smlen; unsigned long long mlen; - unsigned int i; + unsigned int i; + unsigned int j; + memset(sig, 0, sizeof sig); for (i = 0U; i < (sizeof test_data) / (sizeof test_data[0]); i++) { - memcpy(skpk, test_data[i].sk, crypto_sign_SECRETKEYBYTES_WITHOUT_PK); - memcpy(skpk + crypto_sign_SECRETKEYBYTES_WITHOUT_PK, - test_data[i].pk, crypto_sign_PUBLICKEYBYTES); - if (crypto_sign(sm, &smlen, - (const unsigned char *) test_data[i].m, i, skpk) != 0) { + memcpy(skpk, test_data[i].sk, crypto_sign_SEEDBYTES); + memcpy(skpk + crypto_sign_SEEDBYTES, test_data[i].pk, + crypto_sign_PUBLICKEYBYTES); + if (crypto_sign(sm, &smlen, (const unsigned char *)test_data[i].m, i, + skpk) != 0) { printf("crypto_sign() failure: [%u]\n", i); continue; } @@ -1083,7 +1077,7 @@ int main(void) printf("crypto_sign_open() failure: [%u]\n", i); continue; } - if (memcmp(test_data[i].m, m, (size_t) mlen) != 0) { + if (memcmp(test_data[i].m, m, (size_t)mlen) != 0) { printf("message verification failure: [%u]\n", i); continue; } @@ -1095,12 +1089,12 @@ int main(void) if (crypto_sign_open(m, &mlen, sm, i % crypto_sign_BYTES, test_data[i].pk) == 0) { printf("short signed message verifies: [%u]\n", - i % crypto_sign_BYTES); + i % crypto_sign_BYTES); continue; } if (crypto_sign_detached(sig, &siglen, - (const unsigned char *) test_data[i].m, i, - test_data[i].sk) != 0) { + (const unsigned char *)test_data[i].m, i, skpk) + != 0) { printf("detached signature failed: [%u]\n", i); continue; } @@ -1113,7 +1107,7 @@ int main(void) continue; } if (crypto_sign_verify_detached(sig, - (const unsigned char *) test_data[i].m, + (const unsigned char *)test_data[i].m, i, test_data[i].pk) != 0) { printf("detached signature verification failed: [%u]\n", i); continue; @@ -1121,6 +1115,37 @@ int main(void) } printf("%u tests\n", i); + i--; + + memcpy(sm, test_data[i].m, i); + if (crypto_sign(sm, &smlen, sm, i, skpk) != 0) { + printf("crypto_sign() with overlap failed\n"); + } + if (crypto_sign_open(sm, &mlen, sm, smlen, test_data[i].pk) != 0) { + printf("crypto_sign_open() with overlap failed\n"); + } + if (memcmp(test_data[i].m, sm, (size_t)mlen) != 0) { + printf("crypto_sign_open() with overlap failed (content)\n"); + } + + for (j = 1U; j < 8U; j++) { + sig[63] ^= (j << 5); + if (crypto_sign_verify_detached(sig, + (const unsigned char *)test_data[i].m, + i, test_data[i].pk) != -1) { + printf("detached signature verification should have failed\n"); + continue; + } + sig[63] ^= (j << 5); + } + + memset(pk, 0, sizeof pk); + if (crypto_sign_verify_detached(sig, + (const unsigned char *)test_data[i].m, + i, pk) != -1) { + printf("detached signature verification should have failed\n"); + } + if (crypto_sign_keypair(pk, sk) != 0) { printf("crypto_sign_keypair() failure\n"); } @@ -1128,11 +1153,32 @@ int main(void) printf("crypto_sign_seed_keypair() failure\n"); return -1; } + crypto_sign_ed25519_sk_to_seed(extracted_seed, sk); + if (memcmp(extracted_seed, keypair_seed, crypto_sign_ed25519_SEEDBYTES) + != 0) { + printf("crypto_sign_ed25519_sk_to_seed() failure\n"); + } + crypto_sign_ed25519_sk_to_pk(extracted_pk, sk); + if (memcmp(extracted_pk, pk, crypto_sign_ed25519_PUBLICKEYBYTES) != 0) { + printf("crypto_sign_ed25519_sk_to_pk() failure\n"); + } sodium_bin2hex(pk_hex, sizeof pk_hex, pk, sizeof pk); sodium_bin2hex(sk_hex, sizeof sk_hex, sk, sizeof sk); printf("pk: [%s]\n", pk_hex); printf("sk: [%s]\n", sk_hex); + assert(crypto_sign_bytes() > 0U); + assert(crypto_sign_seedbytes() > 0U); + assert(crypto_sign_publickeybytes() > 0U); + assert(crypto_sign_secretkeybytes() > 0U); + assert(strcmp(crypto_sign_primitive(), "ed25519") == 0); + assert(crypto_sign_bytes() == crypto_sign_ed25519_bytes()); + assert(crypto_sign_seedbytes() == crypto_sign_ed25519_seedbytes()); + assert(crypto_sign_publickeybytes() + == crypto_sign_ed25519_publickeybytes()); + assert(crypto_sign_secretkeybytes() + == crypto_sign_ed25519_secretkeybytes()); + return 0; } diff --git a/test/default/sign.exp b/test/default/sign.exp new file mode 100644 index 0000000..04bf653 --- /dev/null +++ b/test/default/sign.exp @@ -0,0 +1,3 @@ +1024 tests +pk: [b5076a8474a832daee4dd5b4040983b6623b5f344aca57d4d6ee4baf3f259e6e] +sk: [421151a459faeade3d247115f94aedae42318124095afabe4d1451a559faedeeb5076a8474a832daee4dd5b4040983b6623b5f344aca57d4d6ee4baf3f259e6e] diff --git a/test/default/sodium_core.c b/test/default/sodium_core.c index 7bdcca8..89599ab 100644 --- a/test/default/sodium_core.c +++ b/test/default/sodium_core.c @@ -1,11 +1,14 @@ -#include <stdio.h> #define TEST_NAME "sodium_core" #include "cmptest.h" int main(void) { - printf ("%d\n", sodium_init()); + printf("%d\n", sodium_init()); - return 0; + (void)sodium_runtime_has_neon(); + (void)sodium_runtime_has_sse2(); + (void)sodium_runtime_has_sse3(); + + return 0; } diff --git a/test/default/sodium_core.exp b/test/default/sodium_core.exp new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/test/default/sodium_core.exp @@ -0,0 +1 @@ +1 diff --git a/test/default/sodium_utils.c b/test/default/sodium_utils.c index e50de24..89274de 100644 --- a/test/default/sodium_utils.c +++ b/test/default/sodium_utils.c @@ -1,35 +1,64 @@ -#include <stdio.h> -#include <string.h> #define TEST_NAME "sodium_utils" #include "cmptest.h" int main(void) { - unsigned char buf1[1000]; - unsigned char buf2[1000]; - char buf3[33]; - unsigned char buf4[4]; - const char *hex; - size_t bin_len; - - randombytes(buf1, sizeof buf1); - memcpy(buf2, buf1, sizeof buf2); - printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); - sodium_memzero(buf1, 0U); - printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); - sodium_memzero(buf1, sizeof buf1 / 2); - printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); - printf("%d\n", sodium_memcmp(buf1, buf2, 0U)); - sodium_memzero(buf2, sizeof buf2 / 2); - printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); - printf("%s\n", sodium_bin2hex(buf3, 33U, - (const unsigned char *) - "0123456789ABCDEF", 16U)); - hex = "Cafe : 6942"; - sodium_hex2bin(buf4, sizeof buf4, hex, strlen(hex), ": ", &bin_len, NULL); - printf("%lu:%02x%02x%02x%02x\n", (unsigned long) bin_len, - buf4[0], buf4[1], buf4[2], buf4[3]); - - return 0; + unsigned char buf1[1000]; + unsigned char buf2[1000]; + char buf3[33]; + unsigned char buf4[4]; + const char *hex; + const char *hex_end; + size_t bin_len; + + randombytes_buf(buf1, sizeof buf1); + memcpy(buf2, buf1, sizeof buf2); + printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); + sodium_memzero(buf1, 0U); + printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); + sodium_memzero(buf1, sizeof buf1 / 2); + printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); + printf("%d\n", sodium_memcmp(buf1, buf2, 0U)); + sodium_memzero(buf2, sizeof buf2 / 2); + printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); + printf("%s\n", + sodium_bin2hex(buf3, 33U, (const unsigned char *)"0123456789ABCDEF", + 16U)); + hex = "Cafe : 6942"; + sodium_hex2bin(buf4, sizeof buf4, hex, strlen(hex), ": ", &bin_len, &hex_end); + printf("%lu:%02x%02x%02x%02x\n", (unsigned long)bin_len, buf4[0], buf4[1], + buf4[2], buf4[3]); + printf("dt1: %ld\n", (long) (hex_end - hex)); + + hex = "Cafe : 6942"; + sodium_hex2bin(buf4, sizeof buf4, hex, strlen(hex), ": ", &bin_len, NULL); + printf("%lu:%02x%02x%02x%02x\n", (unsigned long)bin_len, buf4[2], buf4[3], + buf4[2], buf4[3]); + + hex = "deadbeef"; + if (sodium_hex2bin(buf1, 1U, hex, 8U, NULL, &bin_len, &hex_end) != -1) { + printf("sodium_hex2bin() overflow not detected\n"); + } + printf("dt2: %ld\n", (long) (hex_end - hex)); + + hex = "de:ad:be:eff"; + if (sodium_hex2bin(buf1, 4U, hex, 12U, ":", &bin_len, &hex_end) != -1) { + printf("sodium_hex2bin() with an odd input length and a short output buffer\n"); + } + printf("dt3: %ld\n", (long) (hex_end - hex)); + + hex = "de:ad:be:eff"; + if (sodium_hex2bin(buf1, sizeof buf1, hex, 12U, ":", &bin_len, &hex_end) != 0) { + printf("sodium_hex2bin() with an odd input length\n"); + } + printf("dt4: %ld\n", (long) (hex_end - hex)); + + hex = "de:ad:be:eff"; + if (sodium_hex2bin(buf1, sizeof buf1, hex, 13U, ":", &bin_len, &hex_end) != 0) { + printf("sodium_hex2bin() with an odd input length\n"); + } + printf("dt5: %ld\n", (long) (hex_end - hex)); + + return 0; } diff --git a/test/default/sodium_utils.exp b/test/default/sodium_utils.exp new file mode 100644 index 0000000..e087a91 --- /dev/null +++ b/test/default/sodium_utils.exp @@ -0,0 +1,13 @@ +0 +0 +-1 +0 +0 +30313233343536373839414243444546 +4:cafe6942 +dt1: 11 +4:69426942 +dt2: 2 +dt3: 11 +dt4: 11 +dt5: 11 diff --git a/test/default/sodium_utils2.c b/test/default/sodium_utils2.c new file mode 100644 index 0000000..11f1df6 --- /dev/null +++ b/test/default/sodium_utils2.c @@ -0,0 +1,72 @@ + +#include <sys/types.h> + +#include <limits.h> +#include <signal.h> + +#define TEST_NAME "sodium_utils2" +#include "cmptest.h" + +static void segv_handler(int sig) +{ + printf("Intentional segfault / bus error caught\n"); + printf("OK\n"); +#ifdef SIGSEGV + signal(SIGSEGV, SIG_DFL); +#endif +#ifdef SIGBUS + signal(SIGBUS, SIG_DFL); +#endif +#ifdef SIGABRT + signal(SIGABRT, SIG_DFL); +#endif + exit(0); +} + +int main(void) +{ + void *buf; + size_t size; + unsigned int i; + + if (sodium_malloc(SIZE_MAX - 1U) != NULL) { + return 1; + } + if (sodium_allocarray(SIZE_MAX / 2U + 1U, SIZE_MAX / 2U) != NULL) { + return 1; + } + buf = sodium_allocarray(1000U, 50U); + memset(buf, 0, 50000U); + sodium_free(buf); + + sodium_free(sodium_malloc(0U)); + sodium_free(NULL); + for (i = 0U; i < 10000U; i++) { + size = randombytes_uniform(100000U); + buf = sodium_malloc(size); + memset(buf, i, size); + sodium_mprotect_readonly(buf); + sodium_free(buf); + } + printf("OK\n"); + +#ifdef SIGSEGV + signal(SIGSEGV, segv_handler); +#endif +#ifdef SIGBUS + signal(SIGBUS, segv_handler); +#endif +#ifdef SIGABRT + signal(SIGABRT, segv_handler); +#endif + size = randombytes_uniform(100000U); + buf = sodium_malloc(size); + sodium_mprotect_readonly(buf); + sodium_mprotect_readwrite(buf); + sodium_memzero(((unsigned char *)buf) + size, 1U); + sodium_mprotect_noaccess(buf); + sodium_free(buf); + printf("Overflow not caught\n"); + + return 0; +} diff --git a/test/default/sodium_utils2.exp b/test/default/sodium_utils2.exp new file mode 100644 index 0000000..f796351 --- /dev/null +++ b/test/default/sodium_utils2.exp @@ -0,0 +1,3 @@ +OK +Intentional segfault / bus error caught +OK diff --git a/test/default/sodium_utils3.c b/test/default/sodium_utils3.c new file mode 100644 index 0000000..f2bcdae --- /dev/null +++ b/test/default/sodium_utils3.c @@ -0,0 +1,50 @@ + +#include <sys/types.h> + +#include <limits.h> +#include <signal.h> + +#define TEST_NAME "sodium_utils3" +#include "cmptest.h" + +static void segv_handler(int sig) +{ + printf("Intentional segfault / bus error caught\n"); + printf("OK\n"); +#ifdef SIGSEGV + signal(SIGSEGV, SIG_DFL); +#endif +#ifdef SIGBUS + signal(SIGBUS, SIG_DFL); +#endif +#ifdef SIGABRT + signal(SIGABRT, SIG_DFL); +#endif + exit(0); +} + +int main(void) +{ + void *buf; + size_t size; + +#ifdef SIGSEGV + signal(SIGSEGV, segv_handler); +#endif +#ifdef SIGBUS + signal(SIGBUS, segv_handler); +#endif +#ifdef SIGABRT + signal(SIGABRT, segv_handler); +#endif + size = randombytes_uniform(100000U); + buf = sodium_malloc(size); + sodium_mprotect_noaccess(buf); + sodium_mprotect_readwrite(buf); + sodium_memzero(((unsigned char *)buf) - 8, 8U); + sodium_mprotect_readonly(buf); + sodium_free(buf); + printf("Underflow not caught\n"); + + return 0; +} diff --git a/test/default/sodium_utils3.exp b/test/default/sodium_utils3.exp new file mode 100644 index 0000000..37e114f --- /dev/null +++ b/test/default/sodium_utils3.exp @@ -0,0 +1,2 @@ +Intentional segfault / bus error caught +OK diff --git a/test/default/sodium_version.c b/test/default/sodium_version.c index 0b63d38..d32fd79 100644 --- a/test/default/sodium_version.c +++ b/test/default/sodium_version.c @@ -1,13 +1,12 @@ -#include <stdio.h> #define TEST_NAME "sodium_version" #include "cmptest.h" int main(void) { - printf ("%d\n", sodium_version_string() != NULL); - printf ("%d\n", sodium_library_version_major() > 0); - printf ("%d\n", sodium_library_version_minor() >= 0); + printf("%d\n", sodium_version_string() != NULL); + printf("%d\n", sodium_library_version_major() > 0); + printf("%d\n", sodium_library_version_minor() >= 0); - return 0; + return 0; } diff --git a/test/default/sodium_version.exp b/test/default/sodium_version.exp new file mode 100644 index 0000000..e8183f0 --- /dev/null +++ b/test/default/sodium_version.exp @@ -0,0 +1,3 @@ +1 +1 +1 diff --git a/test/default/stream.c b/test/default/stream.c index cc6d416..5e3d5dc 100644 --- a/test/default/stream.c +++ b/test/default/stream.c @@ -1,20 +1,15 @@ -#include <stdio.h> #define TEST_NAME "stream" #include "cmptest.h" -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; +unsigned char firstkey[32] + = { 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 0x51, + 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 0xac, 0x64, + 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 0x83, 0x89 }; -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; unsigned char output[4194304]; @@ -22,9 +17,20 @@ unsigned char h[32]; int main(void) { - int i; - crypto_stream_xsalsa20(output,4194304,nonce,firstkey); - crypto_hash_sha256(h,output,sizeof output); - for (i = 0;i < 32;++i) printf("%02x",h[i]); printf("\n"); - return 0; + int i; + + crypto_stream(output, 4194304, nonce, firstkey); + crypto_hash_sha256(h, output, sizeof output); + + for (i = 0; i < 32; ++i) + printf("%02x", h[i]); + printf("\n"); + + assert(crypto_stream_keybytes() > 0U); + assert(crypto_stream_noncebytes() > 0U); + assert(strcmp(crypto_stream_primitive(), "xsalsa20") == 0); + assert(crypto_stream_keybytes() == crypto_stream_xsalsa20_keybytes()); + assert(crypto_stream_noncebytes() == crypto_stream_xsalsa20_noncebytes()); + + return 0; } diff --git a/test/default/stream.exp b/test/default/stream.exp new file mode 100644 index 0000000..5fa208c --- /dev/null +++ b/test/default/stream.exp @@ -0,0 +1 @@ +662b9d0e3463029156069b12f918691a98f7dfb2ca0393c96bbfc6b1fbd630a2 diff --git a/test/default/stream2.c b/test/default/stream2.c index 25cdb35..b3c5ac5 100644 --- a/test/default/stream2.c +++ b/test/default/stream2.c @@ -1,18 +1,14 @@ -#include <stdio.h> #define TEST_NAME "stream2" #include "cmptest.h" -unsigned char secondkey[32] = { - 0xdc,0x90,0x8d,0xda,0x0b,0x93,0x44,0xa9 -,0x53,0x62,0x9b,0x73,0x38,0x20,0x77,0x88 -,0x80,0xf3,0xce,0xb4,0x21,0xbb,0x61,0xb9 -,0x1c,0xbd,0x4c,0x3e,0x66,0x25,0x6c,0xe4 -} ; +unsigned char secondkey[32] + = { 0xdc, 0x90, 0x8d, 0xda, 0x0b, 0x93, 0x44, 0xa9, 0x53, 0x62, 0x9b, + 0x73, 0x38, 0x20, 0x77, 0x88, 0x80, 0xf3, 0xce, 0xb4, 0x21, 0xbb, + 0x61, 0xb9, 0x1c, 0xbd, 0x4c, 0x3e, 0x66, 0x25, 0x6c, 0xe4 }; -unsigned char noncesuffix[8] = { - 0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; +unsigned char noncesuffix[8] + = { 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; unsigned char output[4194304]; @@ -20,9 +16,15 @@ unsigned char h[32]; int main(void) { - int i; - crypto_stream_salsa20(output,4194304,noncesuffix,secondkey); - crypto_hash_sha256(h,output,sizeof output); - for (i = 0;i < 32;++i) printf("%02x",h[i]); printf("\n"); - return 0; + int i; + crypto_stream_salsa20(output, 4194304, noncesuffix, secondkey); + crypto_hash_sha256(h, output, sizeof output); + for (i = 0; i < 32; ++i) + printf("%02x", h[i]); + printf("\n"); + + assert(crypto_stream_salsa20_keybytes() > 0U); + assert(crypto_stream_salsa20_noncebytes() > 0U); + + return 0; } diff --git a/test/default/stream2.exp b/test/default/stream2.exp new file mode 100644 index 0000000..5fa208c --- /dev/null +++ b/test/default/stream2.exp @@ -0,0 +1 @@ +662b9d0e3463029156069b12f918691a98f7dfb2ca0393c96bbfc6b1fbd630a2 diff --git a/test/default/stream3.c b/test/default/stream3.c index 3a1f559..d121228 100644 --- a/test/default/stream3.c +++ b/test/default/stream3.c @@ -1,30 +1,28 @@ -#include <stdio.h> #define TEST_NAME "stream3" #include "cmptest.h" -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; +unsigned char firstkey[32] + = { 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 0x51, + 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 0xac, 0x64, + 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 0x83, 0x89 }; -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; unsigned char rs[32]; int main(void) { - int i; - crypto_stream_xsalsa20(rs,32,nonce,firstkey); - for (i = 0;i < 32;++i) { - printf(",0x%02x",(unsigned int) rs[i]); - if (i % 8 == 7) printf("\n"); - } - return 0; + int i; + + crypto_stream(rs, 32, nonce, firstkey); + + for (i = 0; i < 32; ++i) { + printf(",0x%02x", (unsigned int)rs[i]); + if (i % 8 == 7) + printf("\n"); + } + return 0; } diff --git a/test/default/stream3.exp b/test/default/stream3.exp new file mode 100644 index 0000000..9cd7879 --- /dev/null +++ b/test/default/stream3.exp @@ -0,0 +1,4 @@ +,0xee,0xa6,0xa7,0x25,0x1c,0x1e,0x72,0x91 +,0x6d,0x11,0xc2,0xcb,0x21,0x4d,0x3c,0x25 +,0x25,0x39,0x12,0x1d,0x8e,0x23,0x4e,0x65 +,0x2d,0x65,0x1f,0xa4,0xc8,0xcf,0xf8,0x80 diff --git a/test/default/stream4.c b/test/default/stream4.c index 91c724f..37d8203 100644 --- a/test/default/stream4.c +++ b/test/default/stream4.c @@ -1,55 +1,46 @@ -#include <stdio.h> #define TEST_NAME "stream4" #include "cmptest.h" -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; - -unsigned char nonce[24] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -,0x82,0x19,0xe0,0x03,0x6b,0x7a,0x0b,0x37 -} ; - -unsigned char m[163] = { - 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -,0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 -,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b -,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 -,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc -,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a -,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 -,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 -,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 -,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d -,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 -,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a -,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde -,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd -,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 -,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 -,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 -,0x5e,0x07,0x05 -} ; +unsigned char firstkey[32] + = { 0x1b, 0x27, 0x55, 0x64, 0x73, 0xe9, 0x85, 0xd4, 0x62, 0xcd, 0x51, + 0x19, 0x7a, 0x9a, 0x46, 0xc7, 0x60, 0x09, 0x54, 0x9e, 0xac, 0x64, + 0x74, 0xf2, 0x06, 0xc4, 0xee, 0x08, 0x44, 0xf6, 0x83, 0x89 }; + +unsigned char nonce[24] = { 0x69, 0x69, 0x6e, 0xe9, 0x55, 0xb6, 0x2b, 0x73, + 0xcd, 0x62, 0xbd, 0xa8, 0x75, 0xfc, 0x73, 0xd6, + 0x82, 0x19, 0xe0, 0x03, 0x6b, 0x7a, 0x0b, 0x37 }; + +unsigned char m[163] + = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0xbe, 0x07, 0x5f, 0xc5, + 0x3c, 0x81, 0xf2, 0xd5, 0xcf, 0x14, 0x13, 0x16, 0xeb, 0xeb, 0x0c, 0x7b, + 0x52, 0x28, 0xc5, 0x2a, 0x4c, 0x62, 0xcb, 0xd4, 0x4b, 0x66, 0x84, 0x9b, + 0x64, 0x24, 0x4f, 0xfc, 0xe5, 0xec, 0xba, 0xaf, 0x33, 0xbd, 0x75, 0x1a, + 0x1a, 0xc7, 0x28, 0xd4, 0x5e, 0x6c, 0x61, 0x29, 0x6c, 0xdc, 0x3c, 0x01, + 0x23, 0x35, 0x61, 0xf4, 0x1d, 0xb6, 0x6c, 0xce, 0x31, 0x4a, 0xdb, 0x31, + 0x0e, 0x3b, 0xe8, 0x25, 0x0c, 0x46, 0xf0, 0x6d, 0xce, 0xea, 0x3a, 0x7f, + 0xa1, 0x34, 0x80, 0x57, 0xe2, 0xf6, 0x55, 0x6a, 0xd6, 0xb1, 0x31, 0x8a, + 0x02, 0x4a, 0x83, 0x8f, 0x21, 0xaf, 0x1f, 0xde, 0x04, 0x89, 0x77, 0xeb, + 0x48, 0xf5, 0x9f, 0xfd, 0x49, 0x24, 0xca, 0x1c, 0x60, 0x90, 0x2e, 0x52, + 0xf0, 0xa0, 0x89, 0xbc, 0x76, 0x89, 0x70, 0x40, 0xe0, 0x82, 0xf9, 0x37, + 0x76, 0x38, 0x48, 0x64, 0x5e, 0x07, 0x05 }; unsigned char c[163]; int main(void) { - int i; - crypto_stream_xsalsa20_xor(c,m,163,nonce,firstkey); - for (i = 32;i < 163;++i) { - printf(",0x%02x",(unsigned int) c[i]); - if (i % 8 == 7) printf("\n"); - } - printf("\n"); - return 0; + int i; + + crypto_stream_xor(c, m, 163, nonce, firstkey); + + for (i = 32; i < 163; ++i) { + printf(",0x%02x", (unsigned int)c[i]); + if (i % 8 == 7) + printf("\n"); + } + printf("\n"); + + return 0; } diff --git a/test/default/stream4.exp b/test/default/stream4.exp new file mode 100644 index 0000000..0d3d8e9 --- /dev/null +++ b/test/default/stream4.exp @@ -0,0 +1,17 @@ +,0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73 +,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce +,0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4 +,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a +,0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b +,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72 +,0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2 +,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38 +,0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a +,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae +,0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea +,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda +,0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde +,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3 +,0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6 +,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74 +,0xe3,0x55,0xa5 diff --git a/test/default/stream5.c b/test/default/stream5.c deleted file mode 100644 index 58aa36f..0000000 --- a/test/default/stream5.c +++ /dev/null @@ -1,29 +0,0 @@ -#include <stdio.h> - -#define TEST_NAME "stream5" -#include "cmptest.h" - -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; - -unsigned char nonce[16] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -} ; - -unsigned char output[4194304]; - -unsigned char h[32]; - -int main(void) -{ - int i; - crypto_stream_aes256estream(output,4194304,nonce,firstkey); - crypto_hash_sha256(h,output,sizeof output); - for (i = 0;i < 32;++i) printf("%02x",h[i]); printf("\n"); - return 0; -} diff --git a/test/default/stream6.c b/test/default/stream6.c deleted file mode 100644 index 668389f..0000000 --- a/test/default/stream6.c +++ /dev/null @@ -1,54 +0,0 @@ -#include <stdio.h> - -#define TEST_NAME "stream6" -#include "cmptest.h" - -unsigned char firstkey[32] = { - 0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4 -,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7 -,0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2 -,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89 -} ; - -unsigned char nonce[16] = { - 0x69,0x69,0x6e,0xe9,0x55,0xb6,0x2b,0x73 -,0xcd,0x62,0xbd,0xa8,0x75,0xfc,0x73,0xd6 -} ; - -unsigned char m[163] = { - 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -, 0, 0, 0, 0, 0, 0, 0, 0 -,0xbe,0x07,0x5f,0xc5,0x3c,0x81,0xf2,0xd5 -,0xcf,0x14,0x13,0x16,0xeb,0xeb,0x0c,0x7b -,0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4 -,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc -,0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a -,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29 -,0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4 -,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31 -,0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d -,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57 -,0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a -,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde -,0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd -,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52 -,0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40 -,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64 -,0x5e,0x07,0x05 -} ; - -unsigned char c[163]; - -int main(void) -{ - int i; - crypto_stream_aes256estream_xor(c,m,163,nonce,firstkey); - for (i = 32;i < 163;++i) { - printf(",0x%02x",(unsigned int) c[i]); - if (i % 8 == 7) printf("\n"); - } - printf("\n"); - return 0; -} diff --git a/test/default/verify1.c b/test/default/verify1.c index def6421..d3f7e17 100644 --- a/test/default/verify1.c +++ b/test/default/verify1.c @@ -1,5 +1,3 @@ -#include <stdio.h> -#include <string.h> #define TEST_NAME "verify1" #include "cmptest.h" @@ -10,25 +8,29 @@ unsigned char v64[64], v64x[64]; int main(void) { - randombytes_buf(v16, sizeof v16); - randombytes_buf(v32, sizeof v32); - randombytes_buf(v64, sizeof v64); + randombytes_buf(v16, sizeof v16); + randombytes_buf(v32, sizeof v32); + randombytes_buf(v64, sizeof v64); - memcpy(v16x, v16, sizeof v16); - memcpy(v32x, v32, sizeof v32); - memcpy(v64x, v64, sizeof v64); + memcpy(v16x, v16, sizeof v16); + memcpy(v32x, v32, sizeof v32); + memcpy(v64x, v64, sizeof v64); - printf("%d\n", crypto_verify_16(v16, v16x)); - printf("%d\n", crypto_verify_32(v32, v32x)); - printf("%d\n", crypto_verify_64(v64, v64x)); + printf("%d\n", crypto_verify_16(v16, v16x)); + printf("%d\n", crypto_verify_32(v32, v32x)); + printf("%d\n", crypto_verify_64(v64, v64x)); - v16x[randombytes_random() & 15U]++; - v32x[randombytes_random() & 31U]++; - v64x[randombytes_random() & 63U]++; + v16x[randombytes_random() & 15U]++; + v32x[randombytes_random() & 31U]++; + v64x[randombytes_random() & 63U]++; - printf("%d\n", crypto_verify_16(v16, v16x)); - printf("%d\n", crypto_verify_32(v32, v32x)); - printf("%d\n", crypto_verify_64(v64, v64x)); + printf("%d\n", crypto_verify_16(v16, v16x)); + printf("%d\n", crypto_verify_32(v32, v32x)); + printf("%d\n", crypto_verify_64(v64, v64x)); - return 0; + assert(crypto_verify_16_bytes() == 16U); + assert(crypto_verify_32_bytes() == 32U); + assert(crypto_verify_64_bytes() == 64U); + + return 0; } diff --git a/test/default/verify1.exp b/test/default/verify1.exp new file mode 100644 index 0000000..2b84500 --- /dev/null +++ b/test/default/verify1.exp @@ -0,0 +1,6 @@ +0 +0 +0 +-1 +-1 +-1 |