From 5e17a7adf8e6de84f8f1adba95eeca99c9199bc8 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 17 Nov 2015 09:09:44 +0100 Subject: [PATCH] Check that scalarmult() returns -1 with a point of small order 325606250916557431795983626356110631294008115727848805560023387167927233504 is a point of order 8 --- test/default/scalarmult.c | 12 +++++++++++- test/default/scalarmult.exp | 1 + 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/test/default/scalarmult.c b/test/default/scalarmult.c index 6b6e0336..b09af5de 100644 --- a/test/default/scalarmult.c +++ b/test/default/scalarmult.c @@ -12,6 +12,11 @@ const unsigned char bobsk[crypto_scalarmult_BYTES] 0x8b, 0x83, 0x80, 0x0e, 0xe6, 0x6f, 0x3b, 0xb1, 0x29, 0x26, 0x18, 0xb6, 0xfd, 0x1c, 0x2f, 0x8b, 0x27, 0xff, 0x88, 0xe0, 0xeb }; +const unsigned char small_order_p[crypto_scalarmult_BYTES] + = { 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae, 0x16, 0x56, 0xe3, + 0xfa, 0xf1, 0x9f, 0xc4, 0x6a, 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, + 0xb1, 0xfd, 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 }; + char hex[crypto_scalarmult_BYTES * 2 + 1]; int main(void) @@ -44,9 +49,14 @@ int main(void) sodium_bin2hex(hex, sizeof hex, k, crypto_scalarmult_BYTES); printf("%s\n", hex); - sodium_free(k); + ret = crypto_scalarmult(k, bobsk, small_order_p); + assert(ret == -1); + sodium_bin2hex(hex, sizeof hex, k, crypto_scalarmult_BYTES); + printf("%s\n", hex); + sodium_free(bobpk); sodium_free(alicepk); + sodium_free(k); assert(crypto_scalarmult_bytes() > 0U); assert(crypto_scalarmult_scalarbytes() > 0U); diff --git a/test/default/scalarmult.exp b/test/default/scalarmult.exp index 1a38d891..4847bb04 100644 --- a/test/default/scalarmult.exp +++ b/test/default/scalarmult.exp @@ -2,3 +2,4 @@ de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f 4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742 4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742 +0000000000000000000000000000000000000000000000000000000000000000