mirror of
https://github.com/jedisct1/libsodium.git
synced 2024-12-23 20:15:19 -07:00
More tests, and start testing misuse cases
This commit is contained in:
parent
0238cbcf68
commit
5d56821d3d
1
.gitignore
vendored
1
.gitignore
vendored
@ -114,6 +114,7 @@ test/default/hash3
|
||||
test/default/kdf
|
||||
test/default/keygen
|
||||
test/default/kx
|
||||
test/default/misuse
|
||||
test/default/onetimeauth
|
||||
test/default/onetimeauth2
|
||||
test/default/onetimeauth7
|
||||
|
@ -89,5 +89,5 @@ _crypto_stream_salsa20_pick_best_implementation(void)
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
return 0;
|
||||
return 0; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
|
@ -41,11 +41,11 @@ int
|
||||
sodium_init(void)
|
||||
{
|
||||
if (sodium_crit_enter() != 0) {
|
||||
return -1;
|
||||
return -1; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
if (initialized != 0) {
|
||||
if (sodium_crit_leave() != 0) {
|
||||
return -1;
|
||||
return -1; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
@ -60,7 +60,7 @@ sodium_init(void)
|
||||
_crypto_stream_salsa20_pick_best_implementation();
|
||||
initialized = 1;
|
||||
if (sodium_crit_leave() != 0) {
|
||||
return -1;
|
||||
return -1; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@ -95,7 +95,7 @@ int
|
||||
sodium_crit_enter(void)
|
||||
{
|
||||
if (_sodium_crit_init() != 0) {
|
||||
return -1;
|
||||
return -1; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
EnterCriticalSection(&_sodium_lock);
|
||||
|
||||
@ -191,10 +191,10 @@ int
|
||||
sodium_set_misuse_handler(void (*handler)(const char *err))
|
||||
{
|
||||
if (sodium_crit_enter() != 0) {
|
||||
return -1;
|
||||
return -1; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
_misuse_handler = handler;
|
||||
if (sodium_crit_leave() != 0) {
|
||||
return -1;
|
||||
return -1; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
}
|
||||
|
@ -68,8 +68,8 @@ __attribute__((weak)) void
|
||||
_sodium_dummy_symbol_to_prevent_memzero_lto(void *const pnt,
|
||||
const size_t len)
|
||||
{
|
||||
(void) pnt;
|
||||
(void) len;
|
||||
(void) pnt; /* LCOV_EXCL_LINE */
|
||||
(void) len; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -37,6 +37,7 @@ EXTRA_DIST = \
|
||||
kdf.exp \
|
||||
keygen.exp \
|
||||
kx.exp \
|
||||
misuse.exp \
|
||||
onetimeauth.exp \
|
||||
onetimeauth2.exp \
|
||||
onetimeauth7.exp \
|
||||
@ -106,6 +107,7 @@ DISTCLEANFILES = \
|
||||
kdf.res \
|
||||
keygen.res \
|
||||
kx.res \
|
||||
misuse.res \
|
||||
onetimeauth.res \
|
||||
onetimeauth2.res \
|
||||
onetimeauth7.res \
|
||||
@ -176,6 +178,7 @@ CLEANFILES = \
|
||||
kdf.final \
|
||||
keygen.final \
|
||||
kx.final \
|
||||
misuse.final \
|
||||
onetimeauth.final \
|
||||
onetimeauth2.final \
|
||||
onetimeauth7.final \
|
||||
@ -241,6 +244,7 @@ CLEANFILES = \
|
||||
kdf.nexe \
|
||||
keygen.nexe \
|
||||
kx.nexe \
|
||||
misuse.nexe \
|
||||
onetimeauth.nexe \
|
||||
onetimeauth2.nexe \
|
||||
onetimeauth7.nexe \
|
||||
@ -318,6 +322,7 @@ TESTS_TARGETS = \
|
||||
kdf \
|
||||
keygen \
|
||||
kx \
|
||||
misuse \
|
||||
onetimeauth \
|
||||
onetimeauth2 \
|
||||
onetimeauth7 \
|
||||
@ -460,6 +465,9 @@ keygen_LDADD = $(TESTS_LDADD)
|
||||
kx_SOURCE = cmptest.h kx.c
|
||||
kx_LDADD = $(TESTS_LDADD)
|
||||
|
||||
misuse_SOURCE = cmptest.h misuse.c
|
||||
misuse_LDADD = $(TESTS_LDADD)
|
||||
|
||||
onetimeauth_SOURCE = cmptest.h onetimeauth.c
|
||||
onetimeauth_LDADD = $(TESTS_LDADD)
|
||||
|
||||
|
@ -29,6 +29,7 @@ tv(void)
|
||||
= { 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7 };
|
||||
unsigned char *c = (unsigned char *) sodium_malloc(CLEN);
|
||||
unsigned char *detached_c = (unsigned char *) sodium_malloc(MLEN);
|
||||
unsigned char *key2 = (unsigned char *) sodium_malloc(crypto_aead_xchacha20poly1305_ietf_KEYBYTES);
|
||||
unsigned char *mac = (unsigned char *) sodium_malloc(crypto_aead_xchacha20poly1305_ietf_ABYTES);
|
||||
unsigned char *m2 = (unsigned char *) sodium_malloc(MLEN);
|
||||
unsigned long long found_clen;
|
||||
@ -161,8 +162,15 @@ tv(void)
|
||||
printf("m != c (adlen=0)\n");
|
||||
}
|
||||
|
||||
crypto_aead_xchacha20poly1305_ietf_keygen(key2);
|
||||
if (crypto_aead_xchacha20poly1305_ietf_decrypt(c, &m2len, NULL, c, CLEN,
|
||||
NULL, 0U, nonce, key2) == 0) {
|
||||
printf("crypto_aead_xchacha20poly1305_ietf_decrypt() with a wrong key should have failed\n");
|
||||
}
|
||||
|
||||
sodium_free(c);
|
||||
sodium_free(detached_c);
|
||||
sodium_free(key2);
|
||||
sodium_free(mac);
|
||||
sodium_free(m2);
|
||||
sodium_free(m);
|
||||
|
@ -172,8 +172,13 @@ main(void)
|
||||
tv_ietf();
|
||||
|
||||
assert(crypto_stream_chacha20_keybytes() > 0U);
|
||||
assert(crypto_stream_chacha20_keybytes() == crypto_stream_chacha20_KEYBYTES);
|
||||
assert(crypto_stream_chacha20_noncebytes() > 0U);
|
||||
assert(crypto_stream_chacha20_noncebytes() == crypto_stream_chacha20_NONCEBYTES);
|
||||
assert(crypto_stream_chacha20_ietf_keybytes() > 0U);
|
||||
assert(crypto_stream_chacha20_ietf_keybytes() == crypto_stream_chacha20_ietf_KEYBYTES);
|
||||
assert(crypto_stream_chacha20_ietf_noncebytes() > 0U);
|
||||
assert(crypto_stream_chacha20_ietf_noncebytes() == crypto_stream_chacha20_ietf_NONCEBYTES);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -19,8 +19,8 @@ tv_kdf(void)
|
||||
}
|
||||
subkey = (unsigned char *) sodium_malloc(crypto_kdf_BYTES_MAX);
|
||||
for (i = 0; i < 10; i++) {
|
||||
assert(crypto_kdf_blake2b_derive_from_key(subkey, crypto_kdf_BYTES_MAX,
|
||||
i, context, master_key) == 0);
|
||||
assert(crypto_kdf_derive_from_key(subkey, crypto_kdf_BYTES_MAX,
|
||||
i, context, master_key) == 0);
|
||||
sodium_bin2hex(hex, sizeof hex, subkey, crypto_kdf_BYTES_MAX);
|
||||
printf("%s\n", hex);
|
||||
}
|
||||
@ -28,8 +28,8 @@ tv_kdf(void)
|
||||
|
||||
for (i = 0; i < crypto_kdf_BYTES_MAX + 2; i++) {
|
||||
subkey = (unsigned char *) sodium_malloc(crypto_kdf_BYTES_MAX);
|
||||
if (crypto_kdf_blake2b_derive_from_key(subkey, (size_t) i,
|
||||
i, context, master_key) == 0) {
|
||||
if (crypto_kdf_derive_from_key(subkey, (size_t) i,
|
||||
i, context, master_key) == 0) {
|
||||
sodium_bin2hex(hex, sizeof hex, subkey, (size_t) i);
|
||||
printf("%s\n", hex);
|
||||
} else {
|
||||
@ -48,6 +48,10 @@ tv_kdf(void)
|
||||
assert(crypto_kdf_contextbytes() == crypto_kdf_CONTEXTBYTES);
|
||||
assert(crypto_kdf_KEYBYTES >= 16);
|
||||
assert(crypto_kdf_keybytes() == crypto_kdf_KEYBYTES);
|
||||
assert(crypto_kdf_bytes_min() == crypto_kdf_blake2b_bytes_min());
|
||||
assert(crypto_kdf_bytes_max() == crypto_kdf_blake2b_bytes_max());
|
||||
assert(crypto_kdf_contextbytes() == crypto_kdf_blake2b_contextbytes());
|
||||
assert(crypto_kdf_keybytes() == crypto_kdf_blake2b_keybytes());
|
||||
|
||||
printf("tv_kdf: ok\n");
|
||||
}
|
||||
|
50
test/default/misuse.c
Normal file
50
test/default/misuse.c
Normal file
@ -0,0 +1,50 @@
|
||||
|
||||
#define TEST_NAME "misuse"
|
||||
#include "cmptest.h"
|
||||
|
||||
#include <signal.h>
|
||||
|
||||
static void
|
||||
sigabrt_handler_3(int sig)
|
||||
{
|
||||
(void) sig;
|
||||
exit(0);
|
||||
}
|
||||
|
||||
static void
|
||||
sigabrt_handler_2(int sig)
|
||||
{
|
||||
(void) sig;
|
||||
signal(SIGABRT, sigabrt_handler_3);
|
||||
#if SIZE_MAX > 0x4000000000ULL
|
||||
randombytes_buf_deterministic(NULL, 0x4000000001ULL, NULL);
|
||||
#else
|
||||
abort();
|
||||
#endif
|
||||
exit(1);
|
||||
}
|
||||
|
||||
static void
|
||||
sigabrt_handler_1(int sig)
|
||||
{
|
||||
(void) sig;
|
||||
signal(SIGABRT, sigabrt_handler_2);
|
||||
assert(crypto_kx_server_session_keys(NULL, NULL, NULL, NULL, NULL) == -1);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
#if defined(SIGABRT) && !defined(__EMSCRIPTEN__) && !defined(__native_client__)
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
signal(SIGABRT, sigabrt_handler_1);
|
||||
assert(crypto_kx_client_session_keys(NULL, NULL, NULL, NULL, NULL) == -1);
|
||||
return 1;
|
||||
}
|
||||
#else
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
exit(0);
|
||||
}
|
||||
#endif
|
0
test/default/misuse.exp
Normal file
0
test/default/misuse.exp
Normal file
@ -56,6 +56,8 @@ main(void)
|
||||
assert(crypto_onetimeauth_poly1305_bytes() == crypto_onetimeauth_bytes());
|
||||
assert(crypto_onetimeauth_poly1305_keybytes() ==
|
||||
crypto_onetimeauth_keybytes());
|
||||
assert(crypto_onetimeauth_statebytes() > 0);
|
||||
assert(crypto_onetimeauth_statebytes() == crypto_onetimeauth_poly1305_statebytes());
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -157,6 +157,10 @@ tv2(void)
|
||||
1ULL << 12, 0) != -1) {
|
||||
printf("[tv2] pwhash should have failed (0)\n");
|
||||
}
|
||||
if (crypto_pwhash_argon2i(out, sizeof out, "password", strlen("password"), salt, 3,
|
||||
1ULL << 12, 0) != -1) {
|
||||
printf("[tv2] pwhash should have failed (0')\n");
|
||||
}
|
||||
if (crypto_pwhash(out, sizeof out, "password", strlen("password"), salt, 3,
|
||||
1, crypto_pwhash_alg_default()) != -1) {
|
||||
printf("[tv2] pwhash should have failed (1)\n");
|
||||
@ -408,6 +412,9 @@ main(void)
|
||||
crypto_pwhash_argon2i_alg_argon2i13());
|
||||
assert(crypto_pwhash_alg_argon2i13() == crypto_pwhash_ALG_ARGON2I13);
|
||||
assert(crypto_pwhash_alg_argon2i13() == crypto_pwhash_alg_default());
|
||||
assert(crypto_pwhash_alg_argon2id13() == crypto_pwhash_ALG_ARGON2ID13);
|
||||
assert(crypto_pwhash_alg_argon2id13() != crypto_pwhash_alg_argon2i13());
|
||||
assert(crypto_pwhash_alg_argon2id13() != crypto_pwhash_alg_default());
|
||||
|
||||
sodium_free(salt);
|
||||
sodium_free(str_out);
|
||||
|
@ -257,6 +257,9 @@ main(void)
|
||||
if (crypto_pwhash_argon2id_str_verify(str_out, passwd, strlen(passwd)) != 0) {
|
||||
printf("pwhash_argon2id_str_verify(1) failure\n");
|
||||
}
|
||||
if (crypto_pwhash_str_verify(str_out, passwd, strlen(passwd)) != 0) {
|
||||
printf("pwhash_argon2id_str_verify(1') failure\n");
|
||||
}
|
||||
str_out[14]++;
|
||||
if (crypto_pwhash_argon2id_str_verify(str_out, passwd, strlen(passwd)) != -1) {
|
||||
printf("pwhash_argon2id_str_verify(2) failure\n");
|
||||
@ -309,26 +312,22 @@ main(void)
|
||||
"password", strlen("password")) != -1) {
|
||||
printf("pwhash_argon2id_str_verify(invalid(6)) failure\n");
|
||||
}
|
||||
if (crypto_pwhash_argon2id_str_verify(
|
||||
"$argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
|
||||
"$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
|
||||
"password", strlen("password")) != 0) {
|
||||
if (crypto_pwhash_str_verify("$argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
|
||||
"$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
|
||||
"password", strlen("password")) != 0) {
|
||||
printf("pwhash_argon2id_str_verify(valid(7)) failure\n");
|
||||
}
|
||||
if (crypto_pwhash_argon2id_str_verify(
|
||||
"$argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
|
||||
if (crypto_pwhash_argon2id_str_verify("$argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
|
||||
"$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
|
||||
"passwore", strlen("passwore")) != -1 || errno != EINVAL) {
|
||||
printf("pwhash_argon2id_str_verify(invalid(7)) failure\n");
|
||||
}
|
||||
if (crypto_pwhash_argon2id_str_verify(
|
||||
"$Argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
|
||||
if (crypto_pwhash_argon2id_str_verify("$Argon2id$v=19$m=256,t=3,p=1$MDEyMzQ1Njc"
|
||||
"$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
|
||||
"password", strlen("password")) != -1 || errno != EINVAL) {
|
||||
printf("pwhash_argon2id_str_verify(invalid(8)) failure\n");
|
||||
}
|
||||
if (crypto_pwhash_argon2id_str_verify(
|
||||
"$argon2id$v=19$m=256,t=3,p=2$MDEyMzQ1Njc"
|
||||
if (crypto_pwhash_argon2id_str_verify("$argon2id$v=19$m=256,t=3,p=2$MDEyMzQ1Njc"
|
||||
"$G5ajKFCoUzaXRLdz7UJb5wGkb2Xt+X5/GQjUYtS2+TE",
|
||||
"password", strlen("password")) != -1 || errno != EINVAL) {
|
||||
printf("pwhash_argon2id_str_verify(invalid(9)) failure\n");
|
||||
|
@ -55,6 +55,11 @@ main(void)
|
||||
}
|
||||
printf("\n");
|
||||
|
||||
assert(crypto_secretbox(c, c, 31, nonce, firstkey) == -1);
|
||||
assert(crypto_secretbox(c, c, 12, nonce, firstkey) == -1);
|
||||
assert(crypto_secretbox(c, c, 1, nonce, firstkey) == -1);
|
||||
assert(crypto_secretbox(c, c, 0, nonce, firstkey) == -1);
|
||||
|
||||
assert(crypto_secretbox_keybytes() > 0U);
|
||||
assert(crypto_secretbox_noncebytes() > 0U);
|
||||
assert(crypto_secretbox_zerobytes() > 0U);
|
||||
|
@ -46,5 +46,10 @@ main(void)
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
assert(crypto_secretbox_open(m, c, 31, nonce, firstkey) == -1);
|
||||
assert(crypto_secretbox_open(m, c, 16, nonce, firstkey) == -1);
|
||||
assert(crypto_secretbox_open(m, c, 1, nonce, firstkey) == -1);
|
||||
assert(crypto_secretbox_open(m, c, 0, nonce, firstkey) == -1);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -229,7 +229,8 @@ tv_secretbox_xchacha20poly1305(void)
|
||||
(crypto_secretbox_xchacha20poly1305_MACBYTES + m_len);
|
||||
sodium_hex2bin(out, crypto_secretbox_xchacha20poly1305_MACBYTES + m_len,
|
||||
tv->out, strlen(tv->out), NULL, NULL, NULL);
|
||||
crypto_secretbox_xchacha20poly1305_easy(out2, m, m_len, nonce, key);
|
||||
assert(crypto_secretbox_xchacha20poly1305_easy(out2, m, m_len, nonce, key) == 0);
|
||||
assert(crypto_secretbox_xchacha20poly1305_easy(out2, m, SIZE_MAX, nonce, key) == -1);
|
||||
assert(memcmp(out, out2,
|
||||
crypto_secretbox_xchacha20poly1305_MACBYTES + m_len) == 0);
|
||||
n = randombytes_uniform(crypto_secretbox_xchacha20poly1305_MACBYTES + m_len);
|
||||
@ -246,10 +247,18 @@ tv_secretbox_xchacha20poly1305(void)
|
||||
assert(crypto_secretbox_xchacha20poly1305_open_easy
|
||||
(out2, out2, crypto_secretbox_xchacha20poly1305_MACBYTES + m_len,
|
||||
nonce, key) == 0);
|
||||
assert(crypto_secretbox_xchacha20poly1305_open_easy
|
||||
(out2, out2, crypto_secretbox_xchacha20poly1305_MACBYTES - 1,
|
||||
nonce, key) == -1);
|
||||
assert(crypto_secretbox_xchacha20poly1305_open_easy
|
||||
(out2, out2, 0, nonce, key) == -1);
|
||||
assert(memcmp(m, out2, m_len) == 0);
|
||||
assert(crypto_secretbox_xchacha20poly1305_open_detached
|
||||
(out2, out + crypto_secretbox_xchacha20poly1305_MACBYTES, out,
|
||||
m_len, nonce, key) == 0);
|
||||
assert(crypto_secretbox_xchacha20poly1305_open_detached
|
||||
(NULL, out + crypto_secretbox_xchacha20poly1305_MACBYTES, out,
|
||||
m_len, nonce, key) == 0);
|
||||
crypto_secretbox_xchacha20poly1305_detached
|
||||
(out2 + crypto_secretbox_xchacha20poly1305_MACBYTES, out2, m,
|
||||
m_len, nonce, key);
|
||||
@ -302,6 +311,8 @@ tv_box_xchacha20poly1305(void)
|
||||
assert(crypto_box_curve25519xchacha20poly1305_keypair(pk, sk) == 0);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_easy(out, m, m_len, nonce,
|
||||
pk, sk) == 0);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_easy(out, m, SIZE_MAX, nonce,
|
||||
pk, sk) == -1);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_open_easy
|
||||
(m2, out, crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len,
|
||||
nonce, pk, sk) == 0);
|
||||
@ -311,6 +322,8 @@ tv_box_xchacha20poly1305(void)
|
||||
out = (unsigned char *) sodium_malloc
|
||||
(crypto_box_curve25519xchacha20poly1305_MACBYTES + m_len);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_beforenm(pc, pk, sk) == 0);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_easy_afternm
|
||||
(out, m, SIZE_MAX, nonce, pc) == -1);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_easy_afternm
|
||||
(out, m, m_len, nonce, pc) == 0);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_open_easy_afternm
|
||||
@ -360,6 +373,7 @@ tv_box_xchacha20poly1305(void)
|
||||
assert(crypto_box_curve25519xchacha20poly1305_secretkeybytes() == crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_beforenmbytes() == crypto_box_curve25519xchacha20poly1305_BEFORENMBYTES);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_noncebytes() == crypto_box_curve25519xchacha20poly1305_NONCEBYTES);
|
||||
assert(crypto_box_curve25519xchacha20poly1305_macbytes() == crypto_box_curve25519xchacha20poly1305_MACBYTES);
|
||||
|
||||
printf("tv_box_xchacha20poly1305: ok\n");
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user