Commit Graph

646 Commits

Author SHA1 Message Date
Frank Denis
69a5643477 Add chacha20-poly1305 test from Project Wycheproof 2018-09-04 15:44:42 +02:00
Frank Denis
cb22446db1 Add aes256gcm tests from project wycheproof 2018-08-30 09:51:28 +02:00
Frank Denis
cdc4822c92 Remove unneeded trailing commas 2018-08-30 09:26:16 +02:00
Frank Denis
f8377e9818 Add x25519 test vectors from project wycheproof 2018-08-29 15:08:26 +02:00
Jakob Rieck
d7df251cd0 Fixes padding for blocksizes > 256 2018-08-27 12:22:07 +02:00
Jakob Rieck
543b5ad068 Fixes padding for blocksizes > 256 2018-08-27 11:42:49 +02:00
Frank Denis
49f112da5d xchacha20 test: initialize the full nonce
Spotted by @FiloSottile, thanks!

Fixes #742
2018-08-03 23:24:55 +02:00
Frank Denis
ccb2390e9c xchacha20 test: initialize the full nonce
Spotted by @FiloSottile, thanks!

Fixes #742
2018-08-03 23:23:53 +02:00
Frank Denis
415f079692 zap trailing spaces 2018-04-29 17:49:01 +02:00
Frank Denis
9c6b2e0ceb zap trailing spaces 2018-04-29 17:48:39 +02:00
Emil Bay
1600dda632 Missing test for abytes 2018-04-29 17:47:55 +02:00
Emil Bay
2ad8162218
Missing test for abytes 2018-04-12 17:24:10 +02:00
Frank Denis
06ee95c3f1 Regen autoconf scripts 2018-03-14 12:03:49 -07:00
Frank Denis
6a60818982 C++ compat 2017-12-21 22:35:02 +01:00
Frank Denis
8a2833f01a Remove the dummy FS call from the Javascript tests 2017-12-21 21:37:02 +01:00
Frank Denis
72ab8739a2 Javascript tests: don't call FS.*() if the filesystem module is not present 2017-12-21 21:36:56 +01:00
Frank Denis
6b38e87f01 Remove the dummy FS call from the Javascript tests 2017-12-21 21:36:15 +01:00
Frank Denis
f8ad9651f9 Javascript tests: don't call FS.*() if the filesystem module is not present 2017-12-21 21:27:50 +01:00
Frank Denis
bd631649c1 Emscripten: run the tests in benchmark mode 2017-12-21 18:52:59 +01:00
Frank Denis
eeb135010d Emscripten: run the tests in benchmark mode 2017-12-21 18:51:56 +01:00
Frank Denis
69834d667e Static 2017-12-21 18:50:11 +01:00
Frank Denis
d7f8f6bc80 Static 2017-12-21 18:47:43 +01:00
Frank Denis
0187ba70ad Require the generichash state to be aligned
Alignment is already required by other functions anyway.
2017-12-21 18:21:43 +01:00
Frank Denis
1e7839a90c Lift alignment requirements in crypto_generichash() 2017-12-21 18:14:17 +01:00
Frank Denis
266571b5b1 Use default randombytes implementation for tests on emscripten 2017-12-21 02:04:21 +01:00
Frank Denis
dce1614eee Use default randombytes implementation for tests on emscripten 2017-12-21 02:02:39 +01:00
Frank Denis
dd0aa7cccf emscripten: stick to the unique randombytes implementation 2017-12-21 00:33:27 +01:00
Frank Denis
13201046e6 emscripten: stick to the unique randombytes implementation 2017-12-21 00:32:42 +01:00
Frank Denis
69642f0409 Undefine printf if required 2017-12-16 21:01:23 +01:00
Frank Denis
83b031bfd7 Undefine printf if required 2017-12-16 21:01:12 +01:00
Frank Denis
192fd92cc7 Plug memory leaks in the pwhash_argon2* tests 2017-12-16 14:53:01 +01:00
Frank Denis
bfc8ec1248 Add a memleak checker to the benchmark code
Plug the leaks it surfaced in pwhash_argon2* tests
2017-12-16 14:51:11 +01:00
Frank Denis
afbef83c6b Add missing sodium_free() calls in the kdf test 2017-12-16 14:31:41 +01:00
Frank Denis
b84e4b9ddf Add missing sodium_free() calls in the kdf test 2017-12-16 14:31:01 +01:00
Frank Denis
765710c1f4 Sort 2017-12-16 13:29:53 +01:00
Frank Denis
7e02306443 + #include <limits.h> 2017-12-16 13:29:49 +01:00
Frank Denis
99fe302562 Make things more explicit 2017-12-16 13:12:07 +01:00
Frank Denis
b6dab1029d Sort 2017-12-16 13:08:55 +01:00
Frank Denis
31b13ada14 + #include <limits.h> 2017-12-16 13:08:34 +01:00
Frank Denis
18d5940bc6 Use a simple memory pool for benchmarks
In the test suite, a significant amount of time is spent in memory
allocations. A memory pool helps achieve more relevant results with
less iterations.
2017-12-16 13:07:15 +01:00
Frank Denis
5bc564cac1 1.0.16
* master: (221 commits)
  Comment
  Comments
  msys2 build scripts: just use -Ofast
  Always prefer vararrays to alloca()
  Don't redefine alloca
  Return -1 if the scalar is 0 in crypto_scalarmult_ed25519()
  Remove trailing space
  Import the regen-msvc script
  Update ChangeLog
  Do not wipe the workspace after argon2 completes
  Remove tests for deprecated functions
  Give the compiler a change to inline index_alpha()
  Immediately allocate all required memory in argon2/scrypt
  Check reduced-round salsa variants in non-minimal mode
  Coverage exclusion -- this is just an extra, redundant check
  Remove incorrect and useless cast
  -fomit-frame-pointer makes a different on mips
  WebAssembly benefits from the 128-bit types, too
  Remove extra spaces
  Undef devel
  ...
2017-12-13 16:21:20 +01:00
Frank Denis
ac8dffbecb Return -1 if the scalar is 0 in crypto_scalarmult_ed25519()
For consistency with _base()
2017-12-12 14:35:08 +01:00
Frank Denis
21c1a3160c Remove tests for deprecated functions 2017-12-11 23:22:34 +01:00
Frank Denis
cf59e049e7 Check reduced-round salsa variants in non-minimal mode 2017-12-11 20:11:27 +01:00
Frank Denis
bdca518edc Remove incorrect and useless cast 2017-12-11 19:54:10 +01:00
Frank Denis
99fa31a595 More tests 2017-12-06 14:08:00 +00:00
Frank Denis
609e42be75 One more test 2017-12-06 13:53:22 +00:00
Frank Denis
43fa5ecc49 Add some tests for reduced-rounds salsa20 2017-12-06 13:38:46 +00:00
Frank Denis
0b6370dd0a Always undef NDEBUG in tests 2017-12-06 12:17:57 +00:00
Frank Denis
625e313e74 Avoid an expression in a assert() with side effects 2017-12-06 12:16:37 +00:00
Frank Denis
e89c43edf6 secretstream: add a test for rekeying using TAG_REKEY 2017-12-06 11:45:47 +00:00
Frank Denis
22b65dc57c Add a call to sodium_stackzero() 2017-12-05 17:49:58 +00:00
Frank Denis
01072a2f6a More tests 2017-12-03 21:16:46 +01:00
Frank Denis
cdd7d5f37d Add explicit cast 2017-12-03 21:02:17 +01:00
Frank Denis
8ad6ffa9d6 More tests 2017-12-03 20:56:17 +01:00
Frank Denis
b6262d982f Don't even try to compile non-minimal code 2017-12-03 16:55:46 +01:00
Frank Denis
139cadc76d Skip tests 13&14 in minimal mode 2017-12-03 16:49:55 +01:00
Frank Denis
99fe9eb67f More misuse tests 2017-12-03 16:39:05 +01:00
Frank Denis
947cf4ada5 casts 2017-12-01 17:29:41 +01:00
Frank Denis
229dac07ee casts 2017-12-01 17:29:29 +01:00
Frank Denis
217a9330a4 More tests 2017-12-01 17:21:59 +01:00
Frank Denis
84047b703a More tests 2017-12-01 17:04:09 +01:00
Frank Denis
dbaa94fe27 Casts 2017-12-01 16:33:10 +01:00
Frank Denis
e44614505b Casts 2017-12-01 16:32:25 +01:00
Frank Denis
18af4c61eb Fix format string sign 2017-12-01 15:28:09 +01:00
Frank Denis
218dac349a Fix format string sign 2017-12-01 15:24:48 +01:00
Frank Denis
d2a48e9f60 secretstream test: provide additional data to lift ambiguity on what is being tested
Spotted by @emilbayes - Thanks!
2017-11-26 22:04:18 +01:00
Frank Denis
46e2a46490 secretstream test: provide additional data to lift ambiguity on what is being tested
Spotted by @emilbayes - Thanks!
2017-11-26 22:02:26 +01:00
Frank Denis
ee2403deba Check for RDRAND presence 2017-11-25 17:53:33 +01:00
Frank Denis
c190574cee x25519-ref10: reject low order points before the multiplication 2017-11-17 10:47:00 +01:00
Frank Denis
fc10e78580 Add a test for constants 2017-11-15 16:58:31 +01:00
Frank Denis
a60d877327 Add a test for crypto_scalarmult_ed25519 2017-11-15 16:57:29 +01:00
Frank Denis
7653df070c Keep only the second test 2017-11-15 16:15:25 +01:00
Frank Denis
222ab9857c Check that add/sub don't enforce the canonical form 2017-11-15 15:31:01 +01:00
Frank Denis
4fe7f88063 Re-merge previous test; add the correct prime 2017-11-15 15:26:41 +01:00
Frank Denis
d8c36842eb Remove a test that doesn't make sense 2017-11-15 01:59:43 +01:00
Frank Denis
97e6f73230 Add a pretty obvious assertion 2017-11-15 01:48:28 +01:00
Frank Denis
3d8889560e Export constants 2017-11-15 01:47:54 +01:00
Frank Denis
1e06b32f45 Add a couple more tests for ed25519_is_valid_point() 2017-11-15 01:44:55 +01:00
Frank Denis
63f7727a74 C++ compat 2017-11-15 01:37:33 +01:00
Frank Denis
1df2285362 Add a preliminary test for core_ed25519 2017-11-15 01:34:43 +01:00
Frank Denis
7e75ad4ca9 Remove unused var 2017-10-23 23:43:19 +02:00
Frank Denis
f5e1767b22 sign_keygen(): don't hash the secret scalar in non-deterministic mode
Improve clarity
No need to clamp the key prior to computing a synthetic nonce
nonce -> Z for clarity
2017-10-11 21:30:52 +02:00
Frank Denis
f54c6db981 sign_keygen(): don't hash the secret scalar in non-deterministic mode 2017-10-11 21:27:48 +02:00
Frank Denis
99eee854fe Add a compile-time switch to create non-deterministic signatures 2017-10-06 16:36:06 +02:00
Frank Denis
0dd8338b83 Add a compile-time switch to create non-deterministic signatures 2017-10-06 15:35:07 +02:00
Frank Denis
2a367074fe Add actual performance API emulation for old browsers 2017-10-05 07:52:33 +02:00
Frank Denis
e784a3fb40 Add no-ops for very old browsers without the performance API 2017-10-05 01:46:02 +02:00
Frank Denis
4b4fce0be9 Use less memory for the pwhash tests 2017-10-05 00:42:58 +02:00
Frank Denis
37d9f09f5b Round duration 2017-10-05 00:20:55 +02:00
Frank Denis
752c1fff2d emscripten template: make the module global 2017-10-05 00:16:37 +02:00
Frank Denis
cc8cd391c9 Fix emscripten template 2017-10-05 00:11:40 +02:00
Frank Denis
93e39760b9 Wasm: add basic benchmark
Not really fair yet since the script isn't preloaded
2017-10-05 00:02:37 +02:00
Frank Denis
f0daa92f50 Remove index-wasm.html.tpl 2017-10-04 23:52:39 +02:00
Frank Denis
6a0e144899 Use less memory for the pwhash tests 2017-10-04 22:52:11 +02:00
Frank Denis
cd1b97d5a2 Regen autoconf files 2017-10-01 17:17:11 +02:00
Frank Denis
d3e20869af crypto_pwhash_ALG_DEFAULT is now Argon2id 2017-10-01 12:12:13 +02:00
Frank Denis
2f51ed3397 Rename the test/pwhash.c -> test/pwhash_argon2i.c 2017-10-01 11:09:55 +02:00
Frank Denis
d49d7e8d4f pwhash: don't enforce the same limits for argon2i and argon2id
Fixes #606

Also, keep enforcing a minimum number of iterations to create argon2i
hashes, but relax that restriction for verification, as it can be
useful to migrate from hashes made using other libraries.
2017-10-01 11:02:46 +02:00
Frank Denis
2542367c2d secretstream: set the initial counter to 1
Avoids using the first block for two different purposes, and will be more
consistent with the AES-based version.

This breaks backwards compatibility, but better do it now that most distro are
still shipping < 1.0.14, that no applications seem to be already using that new
API, and that there will be an update to the library major due to the aes128ctr
removal.
2017-10-01 10:08:04 +02:00