diff --git a/.gitignore b/.gitignore
index bbe102bc..4a1eff9b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -128,6 +128,7 @@ test/default/pwhash_scrypt
 test/default/pwhash_scrypt_ll
 test/default/randombytes
 test/default/scalarmult
+test/default/scalarmult_ed25519
 test/default/scalarmult2
 test/default/scalarmult5
 test/default/scalarmult6
diff --git a/test/default/Makefile.am b/test/default/Makefile.am
index 59c40151..88d6e2aa 100644
--- a/test/default/Makefile.am
+++ b/test/default/Makefile.am
@@ -50,6 +50,7 @@ EXTRA_DIST = \
 	pwhash_scrypt_ll.exp \
 	randombytes.exp \
 	scalarmult.exp \
+	scalarmult_ed25519.exp \
 	scalarmult2.exp \
 	scalarmult5.exp \
 	scalarmult6.exp \
@@ -124,6 +125,7 @@ DISTCLEANFILES = \
 	pwhash_scrypt_ll.res \
 	randombytes.res \
 	scalarmult.res \
+	scalarmult_ed25519.res \
 	scalarmult2.res \
 	scalarmult5.res \
 	scalarmult6.res \
@@ -199,6 +201,7 @@ CLEANFILES = \
 	pwhash_scrypt_ll.final \
 	randombytes.final \
 	scalarmult.final \
+	scalarmult_ed25519.final \
 	scalarmult2.final \
 	scalarmult5.final \
 	scalarmult6.final \
@@ -269,6 +272,7 @@ CLEANFILES = \
 	pwhash_scrypt_ll.nexe \
 	randombytes.nexe \
 	scalarmult.nexe \
+	scalarmult_ed25519.nexe \
 	scalarmult2.nexe \
 	scalarmult5.nexe \
 	scalarmult6.nexe \
@@ -523,6 +527,9 @@ randombytes_LDADD         = $(TESTS_LDADD)
 scalarmult_SOURCE         = cmptest.h scalarmult.c
 scalarmult_LDADD          = $(TESTS_LDADD)
 
+scalarmult_ed25519_SOURCE = cmptest.h scalarmult_ed25519.c
+scalarmult_ed25519_LDADD  = $(TESTS_LDADD)
+
 scalarmult2_SOURCE        = cmptest.h scalarmult2.c
 scalarmult2_LDADD         = $(TESTS_LDADD)
 
@@ -603,6 +610,7 @@ TESTS_TARGETS += \
 	core_ed25519 \
 	pwhash_scrypt \
 	pwhash_scrypt_ll \
+	scalarmult_ed25519 \
 	siphashx24 \
 	xchacha20
 endif
diff --git a/test/default/scalarmult_ed25519.c b/test/default/scalarmult_ed25519.c
new file mode 100644
index 00000000..07e5e9e0
--- /dev/null
+++ b/test/default/scalarmult_ed25519.c
@@ -0,0 +1,48 @@
+#define TEST_NAME "scalarmult_ed25519"
+#include "cmptest.h"
+
+int
+main(void)
+{
+    static const unsigned char B[32] = {
+        0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+        0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+        0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+        0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+    };
+    unsigned char *n, *p, *q, *q2;
+
+    n = (unsigned char *) sodium_malloc(crypto_scalarmult_ed25519_SCALARBYTES);
+    p = (unsigned char *) sodium_malloc(crypto_scalarmult_ed25519_BYTES);
+    q = (unsigned char *) sodium_malloc(crypto_scalarmult_ed25519_BYTES);
+    q2 = (unsigned char *) sodium_malloc(crypto_scalarmult_ed25519_BYTES);
+
+    randombytes_buf(n, crypto_scalarmult_ed25519_SCALARBYTES);
+    if (crypto_scalarmult_ed25519_base(q, n) != 0) {
+        printf("crypto_scalarmult_ed25519_base() failed\n");
+    }
+    memcpy(p, B, crypto_scalarmult_ed25519_BYTES);
+    if (crypto_scalarmult_ed25519(q2, n, p) != 0) {
+        printf("crypto_scalarmult_ed25519() failed\n");
+    }
+    if (memcmp(q, q2, crypto_scalarmult_ed25519_BYTES) != 0) {
+        printf("crypto_scalarmult_ed25519_base(n) != crypto_scalarmult_ed25519(n, 9)\n");
+    }
+
+    memset(n, 0, crypto_scalarmult_ed25519_BYTES);
+    if (crypto_scalarmult_ed25519_base(q, n) != 0) {
+        printf("crypto_scalarmult_ed25519_base() didn't fail\n");
+    }
+    if (crypto_scalarmult_ed25519(q2, n, p) != 0) {
+        printf("crypto_scalarmult_ed25519() didn't fail\n");
+    }
+
+    sodium_free(q2);
+    sodium_free(q);
+    sodium_free(p);
+    sodium_free(n);
+
+    printf("OK\n");
+
+    return 0;
+}
diff --git a/test/default/scalarmult_ed25519.exp b/test/default/scalarmult_ed25519.exp
new file mode 100644
index 00000000..d86bac9d
--- /dev/null
+++ b/test/default/scalarmult_ed25519.exp
@@ -0,0 +1 @@
+OK