Add a test for scalar_reduce()

This commit is contained in:
Frank Denis 2018-12-24 15:22:49 +01:00
parent 34e787030f
commit 902f0997c0
2 changed files with 48 additions and 17 deletions

View File

@ -23,15 +23,22 @@ add_P(unsigned char * const S)
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
}; };
unsigned char c = 0U;
unsigned int i;
unsigned int s;
for (i = 0U; i < 32U; i++) { sodium_add(S, P, sizeof P);
s = S[i] + P[i] + c; }
S[i] = (unsigned char) s;
c = (s >> 8) & 1; static void
} add_l64(unsigned char * const S)
{
static const unsigned char l[64] =
{ 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
sodium_add(S, l, sizeof l);
} }
int int
@ -40,6 +47,7 @@ main(void)
unsigned char *h; unsigned char *h;
unsigned char *p, *p2, *p3; unsigned char *p, *p2, *p3;
unsigned char *sc; unsigned char *sc;
unsigned char *sc64;
int i, j; int i, j;
h = (unsigned char *) sodium_malloc(crypto_core_ed25519_UNIFORMBYTES); h = (unsigned char *) sodium_malloc(crypto_core_ed25519_UNIFORMBYTES);
@ -152,6 +160,20 @@ main(void)
assert(memcmp(p3, p, crypto_core_ed25519_BYTES) == 0); assert(memcmp(p3, p, crypto_core_ed25519_BYTES) == 0);
} }
sc64 = (unsigned char *) sodium_malloc(64);
crypto_core_ed25519_scalar_random(sc);
memcpy(sc64, sc, crypto_core_ed25519_BYTES);
memset(sc64 + crypto_core_ed25519_BYTES, 0,
64 - crypto_core_ed25519_BYTES);
i = randombytes_uniform(100);
do {
add_l64(sc64);
} while (i-- > 0U);
crypto_core_ed25519_scalar_reduce(sc64, sc64);
if (memcmp(sc64, sc, crypto_core_ed25519_BYTES) != 0) {
printf("crypto_core_ed25519_scalar_reduce() failed\n");
}
sodium_free(sc); sodium_free(sc);
sodium_free(p3); sodium_free(p3);
sodium_free(p2); sodium_free(p2);

View File

@ -54,7 +54,8 @@ sigabrt_handler_11(int sig)
{ {
(void) sig; (void) sig;
signal(SIGABRT, sigabrt_handler_12); signal(SIGABRT, sigabrt_handler_12);
assert(crypto_box_easy(guard_page, guard_page, crypto_stream_xsalsa20_MESSAGEBYTES_MAX, assert(crypto_box_easy(guard_page, guard_page,
crypto_stream_xsalsa20_MESSAGEBYTES_MAX,
guard_page, guard_page, guard_page) == -1); guard_page, guard_page, guard_page) == -1);
exit(1); exit(1);
} }
@ -64,7 +65,8 @@ sigabrt_handler_10(int sig)
{ {
(void) sig; (void) sig;
signal(SIGABRT, sigabrt_handler_11); signal(SIGABRT, sigabrt_handler_11);
assert(crypto_box_easy_afternm(guard_page, guard_page, crypto_stream_xsalsa20_MESSAGEBYTES_MAX, assert(crypto_box_easy_afternm(guard_page, guard_page,
crypto_stream_xsalsa20_MESSAGEBYTES_MAX,
guard_page, guard_page) == -1); guard_page, guard_page) == -1);
exit(1); exit(1);
} }
@ -74,7 +76,8 @@ sigabrt_handler_9(int sig)
{ {
(void) sig; (void) sig;
signal(SIGABRT, sigabrt_handler_10); signal(SIGABRT, sigabrt_handler_10);
assert(sodium_base642bin(guard_page, 1, guard_page, 1, NULL, NULL, NULL, -1) == -1); assert(sodium_base642bin(guard_page, 1, guard_page, 1,
NULL, NULL, NULL, -1) == -1);
exit(1); exit(1);
} }
@ -83,7 +86,8 @@ sigabrt_handler_8(int sig)
{ {
(void) sig; (void) sig;
signal(SIGABRT, sigabrt_handler_9); signal(SIGABRT, sigabrt_handler_9);
assert(sodium_bin2base64(guard_page, 1, guard_page, 1, sodium_base64_VARIANT_ORIGINAL) == NULL); assert(sodium_bin2base64(guard_page, 1, guard_page, 1,
sodium_base64_VARIANT_ORIGINAL) == NULL);
exit(1); exit(1);
} }
@ -111,7 +115,8 @@ sigabrt_handler_5(int sig)
(void) sig; (void) sig;
signal(SIGABRT, sigabrt_handler_6); signal(SIGABRT, sigabrt_handler_6);
assert(crypto_aead_xchacha20poly1305_ietf_encrypt(guard_page, NULL, NULL, UINT64_MAX, assert(crypto_aead_xchacha20poly1305_ietf_encrypt(guard_page, NULL, NULL, UINT64_MAX,
NULL, 0, NULL, guard_page, NULL) == -1); NULL, 0, NULL,
guard_page, guard_page) == -1);
exit(1); exit(1);
} }
@ -121,7 +126,8 @@ sigabrt_handler_4(int sig)
(void) sig; (void) sig;
signal(SIGABRT, sigabrt_handler_5); signal(SIGABRT, sigabrt_handler_5);
assert(crypto_aead_chacha20poly1305_ietf_encrypt(guard_page, NULL, NULL, UINT64_MAX, assert(crypto_aead_chacha20poly1305_ietf_encrypt(guard_page, NULL, NULL, UINT64_MAX,
NULL, 0, NULL, guard_page, NULL) == -1); NULL, 0, NULL,
guard_page, guard_page) == -1);
exit(1); exit(1);
} }
@ -131,7 +137,8 @@ sigabrt_handler_3(int sig)
(void) sig; (void) sig;
signal(SIGABRT, sigabrt_handler_4); signal(SIGABRT, sigabrt_handler_4);
assert(crypto_aead_chacha20poly1305_encrypt(guard_page, NULL, NULL, UINT64_MAX, assert(crypto_aead_chacha20poly1305_encrypt(guard_page, NULL, NULL, UINT64_MAX,
NULL, 0, NULL, guard_page, NULL) == -1); NULL, 0, NULL,
guard_page, guard_page) == -1);
exit(1); exit(1);
} }
@ -153,7 +160,8 @@ sigabrt_handler_1(int sig)
{ {
(void) sig; (void) sig;
signal(SIGABRT, sigabrt_handler_2); signal(SIGABRT, sigabrt_handler_2);
assert(crypto_kx_server_session_keys(NULL, NULL, guard_page, guard_page, guard_page) == -1); assert(crypto_kx_server_session_keys(NULL, NULL, guard_page, guard_page,
guard_page) == -1);
exit(1); exit(1);
} }
@ -161,7 +169,8 @@ int
main(void) main(void)
{ {
signal(SIGABRT, sigabrt_handler_1); signal(SIGABRT, sigabrt_handler_1);
assert(crypto_kx_client_session_keys(NULL, NULL, guard_page, guard_page, guard_page) == -1); assert(crypto_kx_client_session_keys(NULL, NULL, guard_page, guard_page,
guard_page) == -1);
return 1; return 1;
} }
#else #else