From d47d5d8623db54338f1e5fb307d6e24c6ab5474a Mon Sep 17 00:00:00 2001
From: Anders Johansson <anders@truenull.se>
Date: Sun, 1 Jun 2014 20:58:20 +0200
Subject: [PATCH] Add test for Tarsnap testvectors to low-level scrypt
 interface

---
 .gitignore                        |  1 +
 test/default/Makefile.am          |  6 +++
 test/default/pwhash_scrypt_ll.c   | 69 +++++++++++++++++++++++++++++++
 test/default/pwhash_scrypt_ll.exp | 20 +++++++++
 4 files changed, 96 insertions(+)
 create mode 100644 test/default/pwhash_scrypt_ll.c
 create mode 100644 test/default/pwhash_scrypt_ll.exp

diff --git a/.gitignore b/.gitignore
index 925e6a20..c10fb6dc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -82,6 +82,7 @@ test/default/onetimeauth
 test/default/onetimeauth2
 test/default/onetimeauth7
 test/default/pwhash
+test/default/pwhash_scrypt_ll
 test/default/randombytes
 test/default/scalarmult
 test/default/scalarmult2
diff --git a/test/default/Makefile.am b/test/default/Makefile.am
index 0b09a26d..468657c7 100644
--- a/test/default/Makefile.am
+++ b/test/default/Makefile.am
@@ -32,6 +32,7 @@ EXTRA_DIST = \
 	onetimeauth2.exp \
 	onetimeauth7.exp \
 	pwhash.exp \
+    pwhash_scrypt_ll.exp \
 	scalarmult.exp \
 	scalarmult2.exp \
 	scalarmult5.exp \
@@ -88,6 +89,7 @@ DISTCLEANFILES = \
 	onetimeauth2.res \
 	onetimeauth7.res \
 	pwhash.res \
+    pwhash_scrypt_ll.res \
 	scalarmult.res \
 	scalarmult2.res \
 	scalarmult5.res \
@@ -151,6 +153,7 @@ TESTS_TARGETS = \
 	onetimeauth2 \
 	onetimeauth7 \
 	pwhash \
+    pwhash_scrypt_ll \
 	randombytes \
 	scalarmult \
 	scalarmult2 \
@@ -271,6 +274,9 @@ onetimeauth7_LDADD        = $(TESTS_LDADD)
 pwhash_SOURCE             = cmptest.h pwhash.c
 pwhash_LDADD              = $(TESTS_LDADD)
 
+pwhash_scrypt_ll_SOURCE   = cmptest.h pwhash_scrypt_ll.c
+pwhash_scrypt_ll_LDADD    = $(TESTS_LDADD)
+
 randombytes_SOURCE        = randombytes.c
 randombytes_LDADD         = $(TESTS_LDADD)
 
diff --git a/test/default/pwhash_scrypt_ll.c b/test/default/pwhash_scrypt_ll.c
new file mode 100644
index 00000000..8df44daa
--- /dev/null
+++ b/test/default/pwhash_scrypt_ll.c
@@ -0,0 +1,69 @@
+#include <stdio.h>
+#include <string.h>
+
+#define TEST_NAME "pwhash_scrypt_ll"
+#include "cmptest.h"
+
+/* Tarsnap test vectors, see: https://www.tarsnap.com/scrypt/scrypt.pdf */
+unsigned long olenGlobal = 64ul;
+
+uint8_t password1[] = "\0";
+uint8_t salt1[] = "\0";
+uint64_t N1 = 16ul;
+uint32_t r1 = 1ul;
+uint32_t p1 = 1ul;
+
+uint8_t password2[] = "password\0";
+uint8_t salt2[] = "NaCl\0";
+uint64_t N2 = 1024ul;
+uint32_t r2 = 8ul;
+uint32_t p2 = 16ul;
+
+uint8_t password3[] = "pleaseletmein\0";
+uint8_t salt3[] = "SodiumChloride\0";
+uint64_t N3 = 16384ul;
+uint32_t r3 = 8ul;
+uint32_t p3 = 1ul;
+
+uint8_t password4[] = "pleaseletmein\0";
+uint8_t salt4[] = "SodiumChloride\0";
+size_t N4 = 1048576ul;
+size_t r4 = 8ul;
+size_t p4 = 1ul;
+
+void test_vector(uint8_t * password, size_t passwordLength, uint8_t * salt, size_t saltLenght, uint64_t N, uint32_t r, uint32_t p, size_t olen)
+{
+    uint8_t data[olen];
+    int ret = crypto_pwhash_scryptsalsa208sha256_ll(password, passwordLength, salt, saltLenght, N, r, p, data, olen);
+    if(ret != 0)
+    {
+        printf("crypto_scrypt_compat failed!");
+    } 
+    
+    // Print header
+    printf("scrypt(“");
+    printf(password);
+    printf("”, “");
+    printf(salt);
+    printf("”, %u, %u, %u, %u) =\n", N, r, p, olen);
+
+    // Print test result
+    int lineitems = 0;
+    const int lineitemsLimit = 15;
+    for(int i = 0; i < olen; ++i)
+    {
+        printf("%02x", data[i]);
+        printf((lineitems < lineitemsLimit)? " " : "\n");
+        lineitems = (lineitems < lineitemsLimit)? lineitems+1 : 0;
+    }
+}
+
+int main(void)
+{
+   test_vector(password1, strlen(password1), salt1, strlen(salt1), N1, r1, p1, olenGlobal);
+   test_vector(password2, strlen(password2), salt2, strlen(salt2), N2, r2, p2, olenGlobal);
+   test_vector(password3, strlen(password3), salt3, strlen(salt3), N3, r3, p3, olenGlobal);
+   test_vector(password4, strlen(password4), salt4, strlen(salt4), N4, r4, p4, olenGlobal);
+
+   return 0;
+}
diff --git a/test/default/pwhash_scrypt_ll.exp b/test/default/pwhash_scrypt_ll.exp
new file mode 100644
index 00000000..cf4c0d3e
--- /dev/null
+++ b/test/default/pwhash_scrypt_ll.exp
@@ -0,0 +1,20 @@
+scrypt(“”, “”, 16, 1, 1, 64) =
+77 d6 57 62 38 65 7b 20 3b 19 ca 42 c1 8a 04 97
+f1 6b 48 44 e3 07 4a e8 df df fa 3f ed e2 14 42
+fc d0 06 9d ed 09 48 f8 32 6a 75 3a 0f c8 1f 17
+e8 d3 e0 fb 2e 0d 36 28 cf 35 e2 0c 38 d1 89 06
+scrypt(“password”, “NaCl”, 1024, 8, 16, 64) =
+fd ba be 1c 9d 34 72 00 78 56 e7 19 0d 01 e9 fe
+7c 6a d7 cb c8 23 78 30 e7 73 76 63 4b 37 31 62
+2e af 30 d9 2e 22 a3 88 6f f1 09 27 9d 98 30 da
+c7 27 af b9 4a 83 ee 6d 83 60 cb df a2 cc 06 40
+scrypt(“pleaseletmein”, “SodiumChloride”, 16384, 8, 1, 64) =
+70 23 bd cb 3a fd 73 48 46 1c 06 cd 81 fd 38 eb
+fd a8 fb ba 90 4f 8e 3e a9 b5 43 f6 54 5d a1 f2
+d5 43 29 55 61 3f 0f cf 62 d4 97 05 24 2a 9a f9
+e6 1e 85 dc 0d 65 1e 40 df cf 01 7b 45 57 58 87
+scrypt(“pleaseletmein”, “SodiumChloride”, 1048576, 8, 1, 64) =
+21 01 cb 9b 6a 51 1a ae ad db be 09 cf 70 f8 81
+ec 56 8d 57 4a 2f fd 4d ab e5 ee 98 20 ad aa 47
+8e 56 fd 8f 4b a5 d0 9f fa 1c 6d 92 7c 40 f4 c3
+37 30 40 49 e8 a9 52 fb cb f4 5c 6f a7 7a 41 a4