diff --git a/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c b/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c index 3778dfe3..8d0f2536 100644 --- a/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c +++ b/src/libsodium/crypto_hash/sha512/cp/hash_sha512_cp.c @@ -222,9 +222,11 @@ crypto_hash_sha512_update(crypto_hash_sha512_state *state, bitlen[1] = ((uint64_t) inlen) << 3; bitlen[0] = ((uint64_t) inlen) >> 61; + /* LCOV_EXCL_START */ if ((state->count[1] += bitlen[1]) < bitlen[1]) { state->count[0]++; } + /* LCOV_EXCL_STOP */ state->count[0] += bitlen[0]; if (inlen < 128 - r) { for (i = 0; i < inlen; i++) { diff --git a/src/libsodium/crypto_pwhash/argon2/argon2-core.c b/src/libsodium/crypto_pwhash/argon2/argon2-core.c index 091ce33f..85846b78 100644 --- a/src/libsodium/crypto_pwhash/argon2/argon2-core.c +++ b/src/libsodium/crypto_pwhash/argon2/argon2-core.c @@ -154,12 +154,12 @@ static void clear_memory(argon2_instance_t *instance, int clear); static void clear_memory(argon2_instance_t *instance, int clear) { + /* LCOV_EXCL_START */ if (instance->region != NULL && clear) { - /* LCOV_EXCL_START */ sodium_memzero(instance->region->memory, sizeof(block) * instance->memory_blocks); - /* LCOV_EXCL_STOP */ } + /* LCOV_EXCL_STOP */ } /* Deallocates memory @@ -510,10 +510,12 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type) crypto_generichash_blake2b_update( &BlakeHash, (const uint8_t *) context->pwd, context->pwdlen); + /* LCOV_EXCL_START */ if (context->flags & ARGON2_FLAG_CLEAR_PASSWORD) { - sodium_memzero(context->pwd, context->pwdlen); /* LCOV_EXCL_LINE */ - context->pwdlen = 0; /* LCOV_EXCL_LINE */ + sodium_memzero(context->pwd, context->pwdlen); + context->pwdlen = 0; } + /* LCOV_EXCL_STOP */ } STORE32_LE(value, context->saltlen); @@ -527,8 +529,8 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type) STORE32_LE(value, context->secretlen); crypto_generichash_blake2b_update(&BlakeHash, value, sizeof(value)); + /* LCOV_EXCL_START */ if (context->secret != NULL) { - /* LCOV_EXCL_START */ crypto_generichash_blake2b_update( &BlakeHash, (const uint8_t *) context->secret, context->secretlen); @@ -536,18 +538,18 @@ initial_hash(uint8_t *blockhash, argon2_context *context, argon2_type type) sodium_memzero(context->secret, context->secretlen); context->secretlen = 0; } - /* LCOV_EXCL_STOP */ } + /* LCOV_EXCL_STOP */ STORE32_LE(value, context->adlen); crypto_generichash_blake2b_update(&BlakeHash, value, sizeof(value)); + /* LCOV_EXCL_START */ if (context->ad != NULL) { - /* LCOV_EXCL_START */ crypto_generichash_blake2b_update( &BlakeHash, (const uint8_t *) context->ad, context->adlen); - /* LCOV_EXCL_STOP */ } + /* LCOV_EXCL_STOP */ crypto_generichash_blake2b_final(&BlakeHash, blockhash, ARGON2_PREHASH_DIGEST_LENGTH); diff --git a/test/default/box2.c b/test/default/box2.c index b0174d47..3e46fda8 100644 --- a/test/default/box2.c +++ b/test/default/box2.c @@ -64,6 +64,8 @@ main(void) assert(ret == -1); memset(m, 0, sizeof m); + ret = crypto_box_beforenm(k, small_order_p, bobsk); + assert(ret == -1); ret = crypto_box_beforenm(k, alicepk, bobsk); assert(ret == 0); if (crypto_box_open_afternm(m, c, 163, nonce, k) == 0) { diff --git a/test/default/misuse.c b/test/default/misuse.c index 0a08cd91..d8564625 100644 --- a/test/default/misuse.c +++ b/test/default/misuse.c @@ -5,12 +5,22 @@ #include static void -sigabrt_handler_5(int sig) +sigabrt_handler_6(int sig) { (void) sig; exit(0); } +static void +sigabrt_handler_5(int sig) +{ + (void) sig; + signal(SIGABRT, sigabrt_handler_6); + assert(crypto_aead_xchacha20poly1305_ietf_encrypt(NULL, NULL, NULL, UINT64_MAX, + NULL, 0, NULL, NULL, NULL) == -1); + exit(1); +} + static void sigabrt_handler_4(int sig) { diff --git a/test/default/xchacha20.c b/test/default/xchacha20.c index 0074e827..cbb12a0b 100644 --- a/test/default/xchacha20.c +++ b/test/default/xchacha20.c @@ -164,6 +164,11 @@ tv_stream_xchacha20(void) hex = (char *) sodium_malloc(192 * 2 + 1); sodium_bin2hex(hex, 192 * 2 + 1, out, 192); printf("%s\n", hex); + + memset(key, 0, crypto_stream_xchacha20_KEYBYTES); + crypto_stream_xchacha20_keygen(key); + assert(sodium_is_zero(key, crypto_stream_xchacha20_KEYBYTES) == 0); + sodium_free(hex); sodium_free(out); sodium_free(out2); @@ -234,6 +239,12 @@ tv_secretbox_xchacha20poly1305(void) assert(memcmp(out, out2, crypto_secretbox_xchacha20poly1305_MACBYTES + m_len) == 0); n = randombytes_uniform(crypto_secretbox_xchacha20poly1305_MACBYTES + m_len); + assert(crypto_secretbox_xchacha20poly1305_open_easy + (out2, out2, crypto_secretbox_xchacha20poly1305_MACBYTES - 1, + nonce, key) == -1); + assert(crypto_secretbox_xchacha20poly1305_open_easy + (out2, out2, 0, + nonce, key) == -1); out2[n]++; assert(crypto_secretbox_xchacha20poly1305_open_easy (out2, out2, crypto_secretbox_xchacha20poly1305_MACBYTES + m_len, @@ -326,6 +337,12 @@ tv_box_xchacha20poly1305(void) (out, m, SIZE_MAX, nonce, pc) == -1); assert(crypto_box_curve25519xchacha20poly1305_easy_afternm (out, m, m_len, nonce, pc) == 0); + assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm + (m2, out, crypto_box_curve25519xchacha20poly1305_MACBYTES - 1, + nonce, pc) == -1); + assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm + (m2, out, 0, + nonce, pc) == -1); assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm (m2, out, crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len, nonce, pc) == 0);