More tests

2017-07-24 15:16:22 +02:00 · 2017-07-24 15:16:22 +02:00 · f92c82537b
commit f92c82537b
parent 67a7df73b1
5 changed files with 42 additions and 9 deletions
--- a/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c
+++ b/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c
@ -222,9 +222,11 @@ crypto_hash_sha512_update(crypto_hash_sha512_state *state,

    bitlen[1] = ((uint64_t) inlen) << 3;
    bitlen[0] = ((uint64_t) inlen) >> 61;
+    /* LCOV_EXCL_START */
    if ((state->count[1] += bitlen[1]) < bitlen[1]) {
        state->count[0]++;
    }
+    /* LCOV_EXCL_STOP */
    state->count[0] += bitlen[0];
    if (inlen < 128 - r) {
        for (i = 0; i < inlen; i++) {
--- a/src/libsodium/crypto_pwhash/argon2/argon2-core.c
+++ b/src/libsodium/crypto_pwhash/argon2/argon2-core.c
@ -154,12 +154,12 @@ static void clear_memory(argon2_instance_t *instance, int clear);
 static void
 clear_memory(argon2_instance_t *instance, int clear)
 {
+    /* LCOV_EXCL_START */
    if (instance->region != NULL && clear) {
-        /* LCOV_EXCL_START */
        sodium_memzero(instance->region->memory,
                       sizeof(block) * instance->memory_blocks);
-        /* LCOV_EXCL_STOP */
    }
+    /* LCOV_EXCL_STOP */
 }

 /* Deallocates memory
@ -510,10 +510,12 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type)
        crypto_generichash_blake2b_update(
            &BlakeHash, (const uint8_t *) context->pwd, context->pwdlen);

+        /* LCOV_EXCL_START */
        if (context->flags & ARGON2_FLAG_CLEAR_PASSWORD) {
-            sodium_memzero(context->pwd, context->pwdlen); /* LCOV_EXCL_LINE */
-            context->pwdlen = 0;                           /* LCOV_EXCL_LINE */
+            sodium_memzero(context->pwd, context->pwdlen);
+            context->pwdlen = 0;
        }
+        /* LCOV_EXCL_STOP */
    }

    STORE32_LE(value, context->saltlen);
@ -527,8 +529,8 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type)
    STORE32_LE(value, context->secretlen);
    crypto_generichash_blake2b_update(&BlakeHash, value, sizeof(value));

+    /* LCOV_EXCL_START */
    if (context->secret != NULL) {
-        /* LCOV_EXCL_START */
        crypto_generichash_blake2b_update(
            &BlakeHash, (const uint8_t *) context->secret, context->secretlen);

@ -536,18 +538,18 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type)
            sodium_memzero(context->secret, context->secretlen);
            context->secretlen = 0;
        }
-        /* LCOV_EXCL_STOP */
    }
+    /* LCOV_EXCL_STOP */

    STORE32_LE(value, context->adlen);
    crypto_generichash_blake2b_update(&BlakeHash, value, sizeof(value));

+    /* LCOV_EXCL_START */    
    if (context->ad != NULL) {
-        /* LCOV_EXCL_START */
        crypto_generichash_blake2b_update(
            &BlakeHash, (const uint8_t *) context->ad, context->adlen);
-        /* LCOV_EXCL_STOP */
    }
+    /* LCOV_EXCL_STOP */

    crypto_generichash_blake2b_final(&BlakeHash, blockhash,
                                     ARGON2_PREHASH_DIGEST_LENGTH);
--- a/test/default/box2.c
+++ b/test/default/box2.c
@ -64,6 +64,8 @@ main(void)
    assert(ret == -1);

    memset(m, 0, sizeof m);
+    ret = crypto_box_beforenm(k, small_order_p, bobsk);
+    assert(ret == -1);
    ret = crypto_box_beforenm(k, alicepk, bobsk);
    assert(ret == 0);
    if (crypto_box_open_afternm(m, c, 163, nonce, k) == 0) {
--- a/test/default/misuse.c
+++ b/test/default/misuse.c
@ -5,12 +5,22 @@
 #include <signal.h>

 static void
-sigabrt_handler_5(int sig)
+sigabrt_handler_6(int sig)
 {
    (void) sig;
    exit(0);
 }

+static void
+sigabrt_handler_5(int sig)
+{
+    (void) sig;
+    signal(SIGABRT, sigabrt_handler_6);
+    assert(crypto_aead_xchacha20poly1305_ietf_encrypt(NULL, NULL, NULL, UINT64_MAX,
+                                                      NULL, 0, NULL, NULL, NULL) == -1);
+    exit(1);
+}
+
 static void
 sigabrt_handler_4(int sig)
 {
--- a/test/default/xchacha20.c
+++ b/test/default/xchacha20.c
@ -164,6 +164,11 @@ tv_stream_xchacha20(void)
    hex = (char *) sodium_malloc(192 * 2 + 1);
    sodium_bin2hex(hex, 192 * 2 + 1, out, 192);
    printf("%s\n", hex);
+
+    memset(key, 0, crypto_stream_xchacha20_KEYBYTES);
+    crypto_stream_xchacha20_keygen(key);
+    assert(sodium_is_zero(key, crypto_stream_xchacha20_KEYBYTES) == 0);
+
    sodium_free(hex);
    sodium_free(out);
    sodium_free(out2);
@ -234,6 +239,12 @@ tv_secretbox_xchacha20poly1305(void)
        assert(memcmp(out, out2,
                      crypto_secretbox_xchacha20poly1305_MACBYTES + m_len) == 0);
        n = randombytes_uniform(crypto_secretbox_xchacha20poly1305_MACBYTES + m_len);
+        assert(crypto_secretbox_xchacha20poly1305_open_easy
+               (out2, out2, crypto_secretbox_xchacha20poly1305_MACBYTES - 1,
+                nonce, key) == -1);
+        assert(crypto_secretbox_xchacha20poly1305_open_easy
+               (out2, out2, 0,
+                nonce, key) == -1);
        out2[n]++;
        assert(crypto_secretbox_xchacha20poly1305_open_easy
               (out2, out2, crypto_secretbox_xchacha20poly1305_MACBYTES + m_len,
@ -326,6 +337,12 @@ tv_box_xchacha20poly1305(void)
               (out, m, SIZE_MAX, nonce, pc) == -1);
        assert(crypto_box_curve25519xchacha20poly1305_easy_afternm
               (out, m, m_len, nonce, pc) == 0);
+        assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm
+               (m2, out, crypto_box_curve25519xchacha20poly1305_MACBYTES - 1,
+                nonce, pc) == -1);
+        assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm
+               (m2, out, 0,
+                nonce, pc) == -1);
        assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm
               (m2, out, crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len,
                nonce, pc) == 0);