diff --git a/test/default/core_ed25519.c b/test/default/core_ed25519.c index e884d2ff..93edc675 100644 --- a/test/default/core_ed25519.c +++ b/test/default/core_ed25519.c @@ -46,8 +46,9 @@ main(void) { unsigned char *h; unsigned char *p, *p2, *p3; - unsigned char *sc; + unsigned char *sc, *sc2, *sc3; unsigned char *sc64; + char *hex; unsigned int i, j; h = (unsigned char *) sodium_malloc(crypto_core_ed25519_UNIFORMBYTES); @@ -210,7 +211,115 @@ main(void) assert(p[i] == 0); } + hex = sodium_malloc(crypto_core_ed25519_SCALARBYTES * 2 + 1); + + for (i = 0; i < crypto_core_ed25519_SCALARBYTES; i++) { + sc[i] = 255 - i; + } + if (crypto_core_ed25519_scalar_invert(sc, sc) != 0) { + printf("crypto_core_ed25519_scalar_invert() failed\n"); + } + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("inv1: %s\n", hex); + if (crypto_core_ed25519_scalar_invert(sc, sc) != 0) { + printf("crypto_core_ed25519_scalar_invert() failed\n"); + } + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("inv2: %s\n", hex); + for (i = 0; i < crypto_core_ed25519_SCALARBYTES; i++) { + sc[i] = 32 - i; + } + if (crypto_core_ed25519_scalar_invert(sc, sc) != 0) { + printf("crypto_core_ed25519_scalar_invert() failed\n"); + } + hex = sodium_malloc(crypto_core_ed25519_SCALARBYTES * 2 + 1); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("inv3: %s\n", hex); + if (crypto_core_ed25519_scalar_invert(sc, sc) != 0) { + printf("crypto_core_ed25519_scalar_invert() failed\n"); + } + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("inv4: %s\n", hex); + + for (i = 0; i < crypto_core_ed25519_SCALARBYTES; i++) { + sc[i] = 255 - i; + } + crypto_core_ed25519_scalar_negate(sc, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("neg1: %s\n", hex); + crypto_core_ed25519_scalar_negate(sc, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("neg2: %s\n", hex); + for (i = 0; i < crypto_core_ed25519_SCALARBYTES; i++) { + sc[i] = 32 - i; + } + crypto_core_ed25519_scalar_negate(sc, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("neg3: %s\n", hex); + crypto_core_ed25519_scalar_negate(sc, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("neg4: %s\n", hex); + + for (i = 0; i < crypto_core_ed25519_SCALARBYTES; i++) { + sc[i] = 255 - i; + } + crypto_core_ed25519_scalar_complement(sc, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("comp1: %s\n", hex); + crypto_core_ed25519_scalar_complement(sc, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("comp2: %s\n", hex); + for (i = 0; i < crypto_core_ed25519_SCALARBYTES; i++) { + sc[i] = 32 - i; + } + crypto_core_ed25519_scalar_complement(sc, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("comp3: %s\n", hex); + crypto_core_ed25519_scalar_complement(sc, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("comp4: %s\n", hex); + + sc2 = sodium_malloc(crypto_core_ed25519_SCALARBYTES); + sc3 = sodium_malloc(crypto_core_ed25519_SCALARBYTES); + randombytes_buf(sc, crypto_core_ed25519_SCALARBYTES); + randombytes_buf(sc2, crypto_core_ed25519_SCALARBYTES); + crypto_core_ed25519_scalar_add(sc3, sc, sc2); + assert(!sodium_is_zero(sc, crypto_core_ed25519_SCALARBYTES)); + crypto_core_ed25519_scalar_sub(sc3, sc3, sc2); + assert(!sodium_is_zero(sc, crypto_core_ed25519_SCALARBYTES)); + crypto_core_ed25519_scalar_sub(sc3, sc3, sc); + assert(sodium_is_zero(sc3, crypto_core_ed25519_SCALARBYTES)); + + memset(sc, 0x69, crypto_core_ed25519_UNIFORMBYTES); + memset(sc2, 0x42, crypto_core_ed25519_UNIFORMBYTES); + crypto_core_ed25519_scalar_add(sc, sc, sc2); + crypto_core_ed25519_scalar_add(sc, sc2, sc); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("add: %s\n", hex); + + crypto_core_ed25519_scalar_sub(sc, sc2, sc); + crypto_core_ed25519_scalar_sub(sc, sc, sc2); + sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1, + sc, crypto_core_ed25519_SCALARBYTES); + printf("sub: %s\n", hex); + + sodium_free(hex); sodium_free(sc64); + sodium_free(sc3); + sodium_free(sc2); sodium_free(sc); sodium_free(p3); sodium_free(p2); diff --git a/test/default/core_ed25519.exp b/test/default/core_ed25519.exp index d86bac9d..6b8c1686 100644 --- a/test/default/core_ed25519.exp +++ b/test/default/core_ed25519.exp @@ -1 +1,15 @@ +inv1: 5858cdec40a044b1548b3bb08f8ce0d71103d1f887df84ebc502643dac4df40b +inv2: 09688ce78a8ff8273f636b0bc748c0cceeeeedecebeae9e8e7e6e5e4e3e2e100 +inv3: f70b4f272b47bd6a1015a511fb3c9fc1b9c21ca4ca2e17d5a225b4c410b9b60d +inv4: 201f1e1d1c1b1a191817161514131211100f0e0d0c0b0a090807060504030201 +neg1: e46b69758fd3193097398c9717b11e48111112131415161718191a1b1c1d1e0f +neg2: 09688ce78a8ff8273f636b0bc748c0cceeeeedecebeae9e8e7e6e5e4e3e2e100 +neg3: cdb4d73ffe47f83ebe85e18dcae6cc03f0f0f1f2f3f4f5f6f7f8f9fafbfcfd0e +neg4: 201f1e1d1c1b1a191817161514131211100f0e0d0c0b0a090807060504030201 +comp1: e56b69758fd3193097398c9717b11e48111112131415161718191a1b1c1d1e0f +comp2: 09688ce78a8ff8273f636b0bc748c0cceeeeedecebeae9e8e7e6e5e4e3e2e100 +comp3: ceb4d73ffe47f83ebe85e18dcae6cc03f0f0f1f2f3f4f5f6f7f8f9fafbfcfd0e +comp4: 201f1e1d1c1b1a191817161514131211100f0e0d0c0b0a090807060504030201 +add: f7567cd87c82ec1c355a6304c143bcc9ecedededededededededededededed0d +sub: f67c79849de0253ba142949e1db6224b13121212121212121212121212121202 OK