Frank Denis
e46bc4c5dd
Add tests for chacha&salsa with a counter around 2^32
2017-03-03 10:14:08 +01:00
Frank DENIS
36c038ccd1
Additional ChaCha20/Salsa20 tests with a short output length
2017-03-02 18:01:28 +01:00
Frank Denis
617862eb5a
Make aead_xchacha20_poly1305 a first-class citizen
2017-03-02 10:19:08 +01:00
Frank Denis
ff931a9ab5
Remove useless assignments
2017-02-28 20:54:13 +01:00
Frank Denis
3cd883d33e
Remove debugging leftover in tests
2017-02-27 16:25:32 +01:00
Frank Denis
c0c645da45
Test crypto_kdf constants, add _PRIMITIVE
2017-02-26 21:30:40 +01:00
Frank Denis
d203d87d2f
const static -> static const
2017-02-26 16:10:32 +01:00
Frank Denis
d860121ebc
Fix previous
2017-02-25 21:01:52 +01:00
Frank Denis
4e6091b347
Merge branch 'master' of https://github.com/jedisct1/libsodium
...
* 'master' of https://github.com/jedisct1/libsodium :
spelling fixes (touches code in tests) (#494 )
Feature/spelling (#495 )
2017-02-25 21:00:52 +01:00
Frank Denis
eb1c92d2ec
Reformat the scrypt tests
2017-02-25 20:59:54 +01:00
ka7
76e87fb547
spelling fixes (touches code in tests) ( #494 )
2017-02-25 14:21:30 +01:00
Frank Denis
0a5a40de5b
Trim spaces
2017-02-24 19:23:55 +01:00
Frank Denis
8fb5918fb6
Add a test for siphashx24
2017-02-24 19:23:14 +01:00
Frank Denis
7bbeba5723
Indent
2017-02-23 11:30:21 +01:00
Frank Denis
4a958f9e9e
Indent
2017-02-23 11:28:12 +01:00
Frank Denis
f4da7fe314
Indent
2017-02-23 11:27:45 +01:00
Frank Denis
3d96ea4b6a
Indent
2017-02-23 11:27:19 +01:00
Frank Denis
4037465983
Indent
2017-02-23 11:26:24 +01:00
Frank Denis
d5bf3954d6
Indentx
2017-02-23 11:25:09 +01:00
Frank Denis
cac2dde218
Indent
2017-02-23 11:24:48 +01:00
Frank Denis
cadee98e13
Indentx
2017-02-23 11:23:50 +01:00
Frank Denis
efbc49f100
Indent
2017-02-23 11:23:19 +01:00
Frank Denis
434e3691ba
Indent
2017-02-23 11:22:58 +01:00
Frank Denis
e747cec677
Indent
2017-02-23 11:22:36 +01:00
Frank Denis
3cce789304
Indent
2017-02-23 11:22:00 +01:00
Frank Denis
db7c0e1956
Indent
2017-02-23 11:21:30 +01:00
Frank Denis
c8f6121429
Indent
2017-02-23 11:20:37 +01:00
Frank Denis
20b12aa9d4
Indent
2017-02-23 11:19:53 +01:00
Frank Denis
5351efb122
Indentx
2017-02-23 11:15:29 +01:00
Frank Denis
dd9d8e283b
Indent
2017-02-23 11:13:43 +01:00
Frank Denis
0877b14c68
Correct array size check in xchacha20 test
2017-02-20 11:35:13 +01:00
Frank Denis
5957e2c735
C++ compat
2017-02-19 21:23:34 +01:00
Frank Denis
8af252bf87
use crypto_*_keygen() in tests
2017-02-19 21:20:45 +01:00
Frank Denis
7e5d64834c
untab
2017-02-19 21:17:42 +01:00
Frank Denis
7f7e7235c5
Add a keygen function to all the primitives
2017-02-19 21:15:54 +01:00
Frank Denis
93d02019da
Trigger randombytes_seedbytes()
2017-02-19 19:10:08 +01:00
Frank Denis
cafb0a695b
Add randombytes_buf_deterministic()
2017-02-19 18:40:29 +01:00
Frank Denis
70c2796ae5
+ crypto_kdf high-level API
...
This is a common need, and people end up reimplementing HKDF.
So, add a crypto_kdf() API similiar to libhydrogen's. The later has a
higher limit for the output length using BLAKE2X if required.
We can implement the same strategy later in libsodium if needed.
2017-02-19 18:13:10 +01:00
Frank Denis
e0150faf56
Always zero the argon2 output buffer prior to doing anything
...
This is consistent with what we are doing with scrypt.
On error/misuse, the buffer is zeroed; this may prevent bugs with
reused/invalid buffers.
2017-02-19 12:40:28 +01:00
Frank Denis
2c6fb87708
Set crypto_pwhash_scryptsalsa208sha256_BYTES_MIN to 128 bits
2017-02-19 12:31:05 +01:00
Frank Denis
2e4e1c66a0
Complete 08c0e03f83
2017-02-19 12:23:37 +01:00
Emil Bay
08c0e03f83
WIP: crypto_pwhash constants ( #464 )
...
* Test exposed constraint constants on crypto_pwhash
This includes the following constants for crypto_pwhash, crypto_pwhash_argon2i,
and crypto_pwhash_scryptsalsa208sha256:
- crypto_pwhash_BYTES_MIN
- crypto_pwhash_BYTES_MAX
- crypto_pwhash_PASSWD_MIN
- crypto_pwhash_PASSWD_MAX
- crypto_pwhash_OPSLIMIT_MIN
- crypto_pwhash_OPSLIMIT_MAX
- crypto_pwhash_MEMLIMIT_MIN
- crypto_pwhash_MEMLIMIT_MAX
* Expose constraint constants for crypto_pwhash
* Expose constant methods for crypto_pwhash
2017-02-19 11:19:01 +01:00
Frank Denis
532ea6bd95
+ test for aead_xchacha20poly1305
2017-02-18 22:10:30 +01:00
Frank Denis
a329340d90
Remove the NaCl-like APIs from *xchacha20 additions
...
These APIs were useful with the salsa20 constructions for compatibility
with NaCl, but they are tricky to use and don't provide any benefits over
the _easy APIs.
Having them around was good for consistency with the salsa20-based ones,
but this is code that is unlikely to be used in actual projects.
So, don't include them, unless people actually ask for them.
2017-02-18 21:22:39 +01:00
Frank Denis
eb5c17d3ec
Add tests for box_xchacha20poly1305
2017-02-18 20:31:39 +01:00
Frank Denis
99e6c94739
C++ compat
2017-02-16 09:57:01 +01:00
Frank Denis
b146082d68
More tests for *xchacha20*
2017-02-14 15:41:59 +01:00
Frank Denis
071a1afde3
C++ compat
2017-02-12 22:34:15 +01:00
Frank Denis
b209a7c0af
Add a test for HChaCha20
2017-02-12 22:28:35 +01:00
Frank Denis
3499cbfbe5
Add dist-build/nativeclient-x86-64.sh
2016-04-29 21:55:06 +02:00
Frank Denis
858b8e8c5e
Put then
and if
on the same line.
...
Having `then` aligned with `if` was pretty confusing, and I kept
reading `else` instead of `then`.
2016-04-29 20:49:35 +02:00
Frank Denis
8326bc1d75
CRLF
2016-04-29 20:36:06 +02:00
Frank Denis
251b836f01
NativeClient complains about __memset_chk being undefined on OSX.
...
Work around this. There might be a better fix, but at least the
test suite compiles with the newlib.
2016-04-29 20:34:24 +02:00
Frank Denis
492d4b1dd6
Repair NativeClient support
2016-04-18 21:40:18 +02:00
Frank Denis
e2f75d6168
Make assertions more readable
2016-04-12 01:23:14 +02:00
Frank Denis
1818267d64
Return -1 if crypto_generichash_final() is called twice
2016-04-06 01:00:49 +02:00
Frank Denis
b09e1970bc
Test that ciphertexts shorter than the MAC size aren't even read
2016-04-04 10:47:54 +02:00
Frank Denis
d73124a025
Make the test of truncated chacha20poly1305 ciphers less deterministic
2016-04-04 10:40:23 +02:00
Frank Denis
d7f5877df5
Add crypto_pwhash_argon2i_ALG_ARGON2I13
2016-04-01 20:48:34 +02:00
Frank Denis
384e08b7f4
Require an algorithm identifier in crypto_pwhash()
2016-04-01 20:29:28 +02:00
Frank Denis
5d8c878ffb
Remove mlen_p from the AEAD detached interface
2016-03-30 21:20:34 +02:00
Frank Denis
7afe93f9a2
Mark test functions as static and __attribute__ ((noreturn))
2016-03-27 00:32:25 +01:00
Frank Denis
2aa703fcc7
Restore the previous sodium_malloc(0) behavior
...
If aligned memory cannot be obtained, allocate 1 byte
to always return a non-NULL pointer.
2016-03-25 16:26:37 +01:00
Frank Denis
1f1d3f70b9
More Argon2 tests
2016-03-25 15:45:50 +01:00
Frank Denis
fb865c9a5c
More tests / lcov exclusions
2016-03-25 15:36:57 +01:00
Frank Denis
a25569320c
The version in Argon2i strings is separated from other parameters
2016-03-25 12:27:04 +01:00
Frank Denis
d91adb2cff
Avoid implicit sodium_malloc(0) in tests
2016-03-25 10:50:52 +01:00
Frank Denis
eb13ec0cff
Make sodium_malloc(0) well-defined. It always returns NULL.
2016-03-25 09:44:41 +01:00
Frank Denis
346f8c131e
More tests
2016-03-24 22:16:52 +01:00
Frank Denis
71a548ac10
Additional tests for BLAKE2b
2016-03-24 21:57:33 +01:00
Frank Denis
caae5e85f3
C++ compat
2016-03-23 17:22:35 +01:00
Frank Denis
b483845eb5
Tests must use sodium_malloc() as much as possible
2016-03-23 16:23:40 +01:00
Frank Denis
cb150c2d3d
sizeof() -> constants
2016-03-23 15:55:45 +01:00
Frank Denis
2b79c12f93
Nits
2016-03-23 15:41:55 +01:00
Frank Denis
f137857e18
Add tests for the detached chacha20poly1305 API
2016-03-23 15:20:23 +01:00
Frank Denis
3fb2ee07cb
Add crypto_pwhash_primitive()
2016-03-21 20:59:43 +01:00
Frank Denis
79935dc918
test/pwhash_argon2i -> test/pwhash
2016-03-21 09:48:01 +01:00
Frank Denis
359553f07d
Add support for optional parameters to future-proof crypto_pwhash()
2016-03-21 09:38:43 +01:00
Frank Denis
05d82ad147
Simplify quirks for C++Builder
2016-03-18 22:13:23 +01:00
unknown
2085693c32
Introduce C++Builder compatibility
...
Add new preprocessor directives to allow libsodium to be easily
built in C++Builder.
2016-03-18 14:46:00 -04:00
Frank Denis
0a18d18daf
Consistent comment style
2016-03-18 09:56:21 +01:00
Frank Denis
cf4f0c48dc
Add tests for the detached aes256gcm API
2016-03-15 11:21:23 +01:00
Frank Denis
7597b7cc13
Check what the implications of versioned Argon2 strings will be
2016-03-10 12:26:17 +01:00
Frank Denis
62911edb7f
Ed25519: verify 0<=s<2^252+27742317777372353535851937790883648493
...
This reintroduces removed code to match the irtf-cfrg-eddsa draft
ED25519_COMPAT can be defined to keep the old behavior
2016-03-08 20:35:21 +01:00
Frank Denis
845e3e7cff
Update test for short output
2016-03-08 13:57:16 +01:00
Frank Denis
ae6ecda055
Explicit downcast
2016-03-07 15:45:59 +01:00
Frank Denis
a5ca5b1b25
Unused param
2016-03-06 14:00:18 +01:00
Frank Denis
5353569d9a
Remove obsolete and redundant globals
2016-03-06 13:59:26 +01:00
Frank Denis
212841b28d
int vs size_t
2016-03-06 13:58:10 +01:00
Frank Denis
aafff07689
Add support for running the test suite with Valgrind
2016-03-06 01:35:06 +01:00
Frank Denis
b55febaafa
Bump ARGON2_MIN_TIME to 3, adjust tests accordingly
2016-03-01 14:08:31 +01:00
Frank Denis
bb596e8eb7
Trim/untab/indent
2016-02-27 13:26:42 +01:00
Frank Denis
11caf90c1f
Update Argon2 tests
2016-02-17 16:39:20 +01:00
Frank Denis
17248540e3
Add aes256gcm stubs for platforms where it is not available
2016-01-22 10:21:24 +01:00
Frank Denis
53419d7b06
Merge pull request #348 from betafive/pbarker/blake2
...
Add crypt_generichash_blake2b_statebytes function
2016-01-16 20:15:00 +01:00
Paul Barker
e20291d78e
Add crypt_generichash_blake2b_statebytes function
...
The function crypto_generichash_statebytes exists to dynamically determine the
size of a crypto_generichash_state struct. This is useful when using libsodium
from a language which can't use sizeof on C types. However, no equivalent
existed for the crypto_generichash_blake2b_state struct for users who want to
explicitly use the blake2b algorithm.
The function crypt_generichash_blake2b_statebytes is added to fill this gap.
2016-01-16 17:25:14 +00:00
Frank Denis
8c0b916729
Add new macros for chacha20poly1305_ietf constants, for clarity
2016-01-16 12:36:30 +01:00
Frank Denis
1cce9b1e00
argon2i strings are variable length; check that they are zero-padded
2016-01-08 16:55:08 +01:00
Frank Denis
cfd597298f
Bring back tests vectors for argon2 strings
2016-01-06 15:36:36 +01:00
Frank Denis
29fb06cd23
Check for crypto_pwhash_*limit_moderate() presence
2015-12-30 11:59:15 +01:00
Frank Denis
77a61b8ad7
Test the high-level crypto_pwhash() functions
2015-12-29 21:53:56 +01:00
Frank Denis
654a2b3f95
Shorten a few test argon2i test vectors for V8
...
This is enough to reproduce an bug with Chrome
2015-12-29 21:06:23 +01:00
Frank Denis
61c5b4a35c
argon2i test: remove tv3 for now; it's too much for web browsers
...
Proper test vectors will be reintroduced later
2015-12-29 19:16:31 +01:00
Frank Denis
c48eaad3cd
Don't require too much memory for the pwhash_argon2i() test
...
so that the Javascript version can run in web browsers
2015-12-29 17:54:21 +01:00
Frank Denis
7a95e921ac
Add tests for pwhash_argon2i
2015-12-29 17:12:23 +01:00
Frank Denis
14bf02af88
Rename the pwhash test as as pwhash_scrypt
2015-12-29 16:14:19 +01:00
Frank Denis
d839d74c89
lcov exclusion
2015-12-25 02:09:12 +01:00
Frank Denis
9784038ad0
Check crypto_box_detached() with a small order pk
2015-12-25 02:01:51 +01:00
Frank Denis
2f1cec7352
Test crypto_box_beforenm() with a small order pk
2015-12-25 02:00:01 +01:00
Frank Denis
b80d037b4d
Check that crypto_box[_beforenm] fails with a small order pk
2015-12-24 19:35:05 +01:00
Frank Denis
60d05339fd
Constify
2015-12-24 19:00:42 +01:00
Frank Denis
386ce83df1
Test crypto_onetimeauth_update() with a null size
2015-12-22 14:32:14 +01:00
Brian Silverman
63b82c28e9
Use the right type for sizeof's result
2015-12-16 22:54:06 -05:00
Frank Denis
b977a53d1d
printf("%llu") is not expected work on mingw32/Windows XP.
2015-12-10 16:38:26 +01:00
Frank Denis
054579d3bb
Remove dead globals, bump the number of rounds in the box{7,8} tests
2015-12-09 01:43:57 +01:00
Frank Denis
d9e38003dc
Reduce the number of rounds in the box7 test, use guarded memory
2015-12-09 01:41:30 +01:00
Frank Denis
fb09514949
Shorten the verify1 test
2015-12-09 01:37:58 +01:00
Frank Denis
ea43d1b18b
Shorten auth7
2015-12-07 17:41:20 +01:00
Frank Denis
4bf74c7574
C++ compat
2015-12-07 10:46:03 +01:00
Frank Denis
48b9c4e75c
Ignore test/default/browser, import HTML template
2015-12-07 09:57:49 +01:00
Frank Denis
43c25a343b
Reduce box8 even more
2015-12-07 09:43:34 +01:00
Frank Denis
8e54dd6d5f
Use guarded memory for the box8 test
2015-12-07 09:32:53 +01:00
Frank Denis
3e2bef97dc
Reduce a few expensive tests
2015-12-07 09:09:04 +01:00
Frank Denis
7ada62b1ff
Reduce some test cases, generate html test files
2015-12-07 08:58:35 +01:00
Frank Denis
e262425a4a
Reduce even more, for Chrome
2015-12-07 02:16:22 +01:00
Frank Denis
1600ccfdda
On a web browser, reduce the number of vectors for the sign test
2015-12-07 02:12:44 +01:00
Frank Denis
0eaa2294a4
Revert "Output signatures prefix in the signature test"
...
This reverts commit c73cbc42d9
.
2015-12-07 02:04:22 +01:00
Frank Denis
c73cbc42d9
Output signatures prefix in the signature test
2015-12-07 01:57:53 +01:00
Frank Denis
3d1e11fe81
Support a BROWSER_TESTS env variable to build tests for browsers
2015-12-07 01:44:33 +01:00
Frank Denis
ec6b86611f
More checks for sodium_add() (overlaps) and sodium_increment()
2015-12-06 19:06:27 +01:00
Frank Denis
27ce39ebbe
Add a test with a null message in box_easy()
2015-11-27 14:18:43 +01:00
Frank Denis
b482401b46
Add tests with null message in secretbox_easy.c
2015-11-27 14:13:21 +01:00
Frank Denis
ba6833cc16
Use sodium_malloc() for the secretbox_easy2 test
2015-11-27 12:30:13 +01:00
Frank Denis
2e5c94a34f
Use guarded memory for the box_easy2() test
...
+ non-deterministic buffer sizes
2015-11-27 12:13:58 +01:00
Frank Denis
4ec7fb481d
Remove generichash tests with invalid parameters
...
They must be reintroduced at some point, probably by overriding
the `abort` symbol.
2015-11-27 11:00:29 +01:00
Frank Denis
1c8e34577f
Less deterministic crypto_verify_*() tests
2015-11-25 14:10:36 +01:00
Frank Denis
d8b9b395a3
Mark everything as static in tests
2015-11-23 16:07:13 +01:00
Frank Denis
5e17a7adf8
Check that scalarmult() returns -1 with a point of small order
...
325606250916557431795983626356110631294008115727848805560023387167927233504
is a point of order 8
2015-11-17 11:07:37 +01:00
Frank Denis
2bc5874874
Check that the output of X25519 is not the all-zero value
...
Return -1 if this happens, and mark crypto_scalarmult() as warn_unused_result
Mark dependent functions with warn_unused_result as well
2015-11-17 11:07:33 +01:00
Frank Denis
9337ecfa60
Add tests for sodium_add(), more tests for sodium_increment() and is_zero()
2015-11-16 23:22:01 +01:00
Frank Denis
7561a25d5a
Add a is_zero() helper
2015-11-13 01:48:34 +01:00
Frank Denis
debed38314
Check a return value in the secretbox_easy2 test
2015-11-01 14:45:35 +01:00
Frank Denis
17bcbbbd45
Force functions whose result must be checked to be checked
2015-11-01 13:57:51 +01:00
Frank Denis
26fdfec99b
Add sodium_runtime_has_ssse3() and sodium_runtime_has_sse41()
2015-10-31 23:42:44 +01:00
Frank Denis
84695c8d42
Make sodium_compare() work on little-endian numbers as expected
2015-10-31 22:36:54 +01:00
Frank Denis
a1e4d3df3f
Add AES256-GCM tests for decryption of truncated ciphertext
2015-10-30 19:47:47 +01:00
Frank Denis
688e1c4742
C++ compat
2015-10-26 22:48:56 +01:00
Frank Denis
437ce023c9
Exercise ChaCha20 with different output sizes
2015-10-26 21:30:46 +01:00
Frank Denis
771e32bd18
CompCert compatibility
2015-10-26 16:59:28 +01:00
Frank Denis
4b1478cd5b
Extra sanity checks for blake2b_salt_personal()
2015-10-25 01:57:07 +02:00
Frank Denis
5d0236c25e
C++ compat
2015-10-21 17:42:22 +02:00
Frank Denis
143e1c1a14
Do not compile unused sections
2015-10-18 01:33:35 +02:00
Frank Denis
1cfa5ec6c1
Add Blake2b test vectors from the reference code
2015-10-18 00:55:10 +02:00
Frank Denis
f01c303631
Blake2b: refuse a NULL key with a length > 0
2015-10-18 00:27:03 +02:00
Frank Denis
eeb31af578
Let crypto_generichash_statebytes() return a size rounded to the alignment
...
Add similar check in the aead_aes256gcm test.
2015-10-18 00:16:05 +02:00
Frank Denis
a2c8ff5ccb
Visual Studio doesn't have %zu
2015-10-17 21:32:25 +02:00
Frank Denis
d667efde68
Add sodium_compare()
...
A constant-time version of memcmp(), useful to compare nonces and counters
in little-endian format, that plays well with sodium_increment().
Unlike sodium_memcmp() which can compare anything for equality,
sodium_compare() is designed to compare things that are comparable, byte by
byte. Therefore, the prototype is slightly different: its arguments are
supposed to be `const unsigned char *`.
The names sodium_memcmp() and sodium_compare() are slightly confusing.
But we're not going to rename sodium_memcmp(), and I cannot think of a
better name for sodium_compare() than sodium_compare().
2015-10-17 21:25:30 +02:00
Frank Denis
2aef671fd9
Indent
2015-10-17 21:10:52 +02:00
Frank Denis
bfed7b91b6
Explicit cast
2015-10-14 15:54:27 +02:00
Frank Denis
2ee2e86f80
Explicit cast
2015-10-14 11:29:38 +02:00
Frank Denis
f169623d4e
C++ compat
2015-10-12 14:44:00 +02:00
Frank Denis
84625742c6
More test vectors
2015-10-12 13:58:10 +02:00
Frank Denis
40ba7ea531
More test vectors
...
from http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf
2015-10-12 10:03:09 +02:00
Frank Denis
98550acafb
Add tests for the aes256gcm functions returning sizes
...
Which spotted a typo by the way.
2015-10-11 19:19:31 +02:00
Frank Denis
7082a3c8d1
Ignore the aes256gcm test if aes256gcm hasn't been compiled in
2015-10-11 19:14:29 +02:00
Frank Denis
20e384988c
Test for presence of new sodium_runtime_has_*() functions
2015-10-11 18:51:30 +02:00
Frank Denis
c8be336506
C++ compat
2015-10-11 14:35:32 +02:00
Frank Denis
aa965a580b
Expose only crypto_aead_aes256gcm_*() not crypto_aead_aes256gcm_aesni_*()
...
libsodium typically doesn't expose specific implementations.
It shouldn't be the case for that construction either, especially since
an ARM8 implementation might be added later.
We want a single interface for both.
2015-10-11 14:29:25 +02:00
Frank Denis
dadc5d9906
Add crypto_aead_aes256gcm_aesni_is_available()
2015-10-11 13:05:32 +02:00
Frank Denis
93295855cf
Add aes256gcm test vectors
2015-10-11 12:56:20 +02:00
Frank Denis
dca2131f45
C++ compat
2015-09-21 16:05:53 +02:00
Frank Denis
6be1ce3f34
scalarmult: add the exact test from the irtf-cfrg-curves draft
...
Use guarded memory by the way.
2015-09-21 15:45:32 +02:00
Frank Denis
7fa840e486
C++ compat
2015-09-09 17:42:38 +02:00
Frank Denis
8ee4950eb3
Use sodium_malloc() for the secretbox_*() tests
2015-09-09 10:00:18 +02:00
Frank Denis
0f1f8a6ea6
Check that secretbox works as expected when m and c are overlapping
2015-09-09 09:00:08 +02:00
Frank Denis
f51fb6a90e
Add a test for crypto_secretbox() with c == m
2015-09-09 08:51:19 +02:00
Frank Denis
90d9f5debd
Remove bashisms in nacl-test-wrapper.sh
2015-08-02 14:39:17 +02:00
Frank Denis
7fca230be8
Nits after pnacl merge
2015-08-02 13:53:22 +02:00
Frank Denis
f610f781f2
Merge remote-tracking branch 'arbinger/pnacl' into nacl
...
* arbinger/pnacl:
removed comment
Added .final and .nexe output files to CLEANFILES
revert original hack
Initial patch for Chrome NaCl implementation
Added patch to obtain random bytes for Chrome NaCl via IRT -- allows build with NaCl SDK toolchain
2015-08-02 12:54:05 +02:00
Frank Denis
c8e8983430
Test crypto_stream_*() with an output buffer previously filled with junk
...
Obviously, the previous content shouldn't change the output.
2015-07-21 13:37:06 +02:00
James Robson
e119c3e502
Added .final and .nexe output files to CLEANFILES
2015-06-22 14:16:07 -05:00
James Robson
1b633bb8ca
Merge branch 'master' into pnacl
2015-06-22 13:19:33 -05:00
James Robson
34a4931d9a
Initial patch for Chrome NaCl implementation
2015-06-22 13:02:21 -05:00
Frank Denis
e2fca8cac5
Add sodium_increment()
2015-06-22 15:44:58 +02:00
Frank Denis
bf920dc717
Add IETF-compatible version of chacha20poly1305
2015-05-09 16:12:03 +02:00
Frank Denis
ee97d5e3f8
Add tests for custom randombytes_uniform.
...
Check for crypto_auth_hmacsha512256_statebytes() presence.
2015-05-09 15:54:18 +02:00
Frank Denis
1b0e51da5e
Use sodium_malloc() in the pwhash test.
2015-05-01 17:35:45 +02:00
Frank Denis
eb4e9e48f9
Turn ASAN errors into warnings in sodium_utils{2,3} tests
2015-04-24 15:11:29 +02:00
Frank Denis
575ce93058
+ crypto_box_seal()
2015-04-17 01:01:32 +02:00
Frank Denis
f379ab8766
Add a test for sodium_allocarray(0, x)
2015-03-23 21:47:44 +01:00
Frank Denis
3316db5c87
Use proper nonce length now that's it's a pointer in box_easy2 test.
2015-02-17 18:42:57 +01:00
Frank Denis
a1b3da7dd9
Add crypto_stream_xsalsa20_ic()
2015-02-02 21:27:19 +01:00
Frank Denis
666fd4323b
Add a test for crypto_stream_salsa20_xor_ic()
2015-02-02 21:27:12 +01:00
Frank Denis
5db61c617b
Add statebytes for crypto_hmac_*
2015-01-23 23:08:49 +01:00
Frank Denis
b5deb4d070
+ crypto_hash_sha(256|512)_statebytes
2015-01-23 11:17:40 +01:00
Frank Denis
cdbb2dfe75
Import moved quirks.h
2015-01-23 11:02:13 +01:00
Frank Denis
9e538624f4
+ crypto_generichash_statebytes()
2015-01-23 11:00:57 +01:00
Frank Denis
c9ba75a48f
Add crypto_generichash_statebytes()
...
sizeof() is not always an option when accessing the library from
other languages.
2015-01-23 10:56:01 +01:00
Frank Denis
4921836512
Move quirks inclusion to cmptest.h, emscsripten quirks to quirks.h
2015-01-23 10:41:28 +01:00
Frank Denis
4724440492
quirks\windows\windows-quirks.h -> quirks\quirks.h
2015-01-23 10:35:20 +01:00
Frank Denis
8088e486ee
strcmp() with optimization level > 1 is broken on Emscripten (!)
...
Trivial workaround that should eventually go to the quirks file
until this is fixed in Emscripten.
2015-01-22 19:06:21 +01:00
Frank Denis
388baa5380
Add an extra test for randombytes
2015-01-18 10:34:31 +01:00
Frank Denis
feaba594db
|| -> | spotted by Ahmad
2015-01-18 10:17:53 +01:00
Frank Denis
add0fcede4
randombytes_random() is 32 bits, even in JS.
2015-01-18 09:50:17 +01:00
Frank Denis
9c0613525c
Do not require /dev/urandom emulation in Javascript any more.
2015-01-17 21:43:57 +01:00
Frank Denis
9a386d0a6d
Test crypto_box[_open]_easy_afternm() with short and overflowing lengths
2015-01-15 14:37:26 +01:00
Frank Denis
f20ecbed94
Skip sodium_utils{2,3} tests when the target is Javascript
2015-01-15 11:12:58 +01:00
Frank Denis
820a2b70e3
Move macros up
2015-01-15 00:51:53 +01:00
Frank Denis
69d9553ec2
Test crypto_sign_open() with NULL as a pointer to the message size
2015-01-14 19:59:44 +01:00
Frank Denis
6104af1189
Add new tests for the crypto_box_*() precomputed interface
2015-01-06 21:18:36 +01:00
Frank Denis
bfcd1612c7
C++ compat
2014-12-18 00:12:50 +01:00
Frank Denis
9036d62fc9
Use guarded memory for the box_easy/box_detached tests.
2014-12-18 00:00:19 +01:00
Frank Denis
5e364632e0
Make sodium_free() callable even if protection is PROT_NONE.
...
Reported by @stouset, thanks!
2014-12-07 14:52:44 -08:00
Frank Denis
d556a56c3c
Add extra assert() in tests allocating memory on the heap.
2014-11-25 16:19:20 -08:00
Frank Denis
6189eec330
Remove unused and shadowed global
2014-11-25 15:30:26 -08:00
Frank Denis
61620d7e42
Make 'make check' actually run the tests on Emscripten.
2014-11-25 09:51:39 -08:00
Frank Denis
5437f8974d
Don't expect signals to work in Javascript
2014-11-24 17:48:51 -08:00
Frank Denis
69e3674c29
Include the test pre.js script only for tests.
2014-11-24 17:19:55 -08:00
Frank Denis
77caa2b4d5
Correct /test-data mount point
2014-11-22 14:34:10 -08:00
Frank Denis
df1a75858c
Mount the current dir as /test-data (nodefs) for testing Javascript code
2014-11-22 13:46:09 -08:00
Frank Denis
cd2a7019f1
pre.js: unlink /dev/(u)random before re-registering them
2014-11-22 11:56:36 -08:00
Frank Denis
b0403efc80
Fail if JS crypto is not available.
...
Emscripten registers /dev/urandom and /dev/random by default, but falls back to
Math.random()*256 when crypto.getRandomValues() is not available, which is not
acceptable. So we need to re-register them no matter what.
2014-11-22 11:24:32 -08:00
Frank Denis
d42634d466
Tests: use explicit casts when shortening types
2014-11-20 13:12:08 -08:00
Frank Denis
d311731bad
Revert "Fix integer narrowing warnings in tests."
...
This reverts commit 173ad74d3e
.
2014-11-20 12:00:37 -08:00
Frank Denis
394c6a1970
Merge pull request #205 from evoskuil/master
...
Update VS projects and fix test warnings.
2014-11-20 12:00:06 -08:00
Frank Denis
4f70e7c171
C++ compat
2014-11-20 11:35:32 -08:00
Frank Denis
d3e716aa49
curve25519-donna-c64: don't read an extra byte when expanding a 32-byte number into polynomial form
...
Reported by Michael Holmwood.
2014-11-20 11:22:24 -08:00
evoskuil
173ad74d3e
Fix integer narrowing warnings in tests.
2014-11-02 22:35:36 -08:00
Frank Denis
5fd91b8f0f
SIGSEGV handlers are incompatible with -fsanitize=address
2014-10-16 14:08:43 -07:00
Frank Denis
cb07df046f
Remove S<l check.
...
Plan is to add is_standard()/is_canonical() instead of changing the current behavior
of the verification function. Suggested by CodesInChaos.
2014-10-06 12:21:40 -07:00
Frank Denis
71b5184224
Add a test for chacha20poly1305 with overlapping pointers
2014-10-05 00:02:45 -07:00
Frank Denis
c3b0de7393
Test box_easy with overlapping in/out.
2014-10-04 23:53:19 -07:00
Frank Denis
d34743241e
Add a test for ed25519 malleability and restore traditional behavior.
...
If an application really requires non-malleability, ED25519_PREVENT_MALLEABILITY
can be defined to enable the check.
This might become the default behavior depending on what other implementations
are planning to do.
2014-10-04 23:25:01 -07:00
Frank Denis
9f6d37d9c6
Support overlapping input and output regions in crypto_secretbox_detached()
...
crypto_stream_salsa20() doesn't support overlapping input and output regions,
except when they are aliases.
2014-10-04 22:08:09 -07:00
Frank Denis
18f4dd241e
C++ compat
2014-09-23 21:30:37 -07:00
Frank Denis
727f3993a1
lcov exclusion
2014-09-23 21:22:44 -07:00
Frank Denis
5a7782eb6e
Extra tests for invalid pwhash strings
2014-09-23 21:15:38 -07:00
Frank Denis
7670932918
test pwhash_str_verify() with an invalid character
2014-09-23 15:38:31 -07:00
Frank Denis
b07dfc5da3
The test for pwhash is too slow for some systems.
...
Stop checking alterations for every single character.
2014-09-23 15:18:06 -07:00
Frank Denis
ced2c40a1a
Update pwhash.exp for the new case that has to fail (empty password)
2014-09-23 14:57:11 -07:00
Frank Denis
7a54ba58e9
Test password verification with an empty password
2014-09-23 14:54:19 -07:00
Frank Denis
d6d539a0ce
Test crypto_pwhash_scryptsalsa208sha256_str_verify() with invalid input.
2014-09-23 13:58:59 -07:00
Frank Denis
d511c43ca9
Test crypto_hash() with an input longer than the block size
2014-09-23 13:40:08 -07:00
Frank Denis
46df8ea890
Test pwhash with opslimit < 32768
2014-09-23 13:19:03 -07:00
Frank Denis
34df07f0c7
Test generichash with no key, with salt or personalization
2014-09-23 12:37:21 -07:00
Frank Denis
471922cb05
crypto_sign() test: explicitly initialize sig in case the previous tests failed.
2014-09-22 17:09:16 -07:00
Frank Denis
5558885953
Add a test for crypto_sign() with overlapping buffers.
2014-09-21 22:10:25 -07:00
Frank Denis
4de4e57a8e
chacha20: test more than 1 block
2014-09-18 22:13:00 -07:00
Frank Denis
9eefb2e487
More test + lcov exclusions
2014-09-18 22:02:25 -07:00
Frank Denis
b062a555da
scalarmult: check that the top bit is ignored
2014-09-18 21:27:49 -07:00
Frank Denis
595e98a224
Check return code of crypto_generichash_init()
2014-09-16 21:41:33 -07:00
Frank Denis
31d842a432
Test for (secret)box_easy behavior with a huge input.
2014-09-16 21:20:05 -07:00
Frank Denis
37580f4f52
More tests
2014-09-16 20:46:43 -07:00
Frank Denis
fbfbbdd349
Ensure that nothing explodes when calling crypto_generichash_blake2b_init_salt_personal with salt/personal == NULL
2014-09-16 20:09:33 -07:00
Frank Denis
51d9b223aa
Test crypto_box_(before|after)nm
2014-09-16 20:01:58 -07:00
Frank Denis
1cf170a90e
Test sodium_allocarray(), and sodium_malloc() with a huge size
2014-09-16 15:35:21 -07:00
Frank Denis
4993073501
Test chacha20 with a null output length
2014-09-16 15:25:54 -07:00
Frank Denis
6837c2d2c2
Include extra 0 in the key used for the hmacsha512 test
2014-09-16 15:25:38 -07:00
Frank Denis
fe4bbdc5ca
More crypto_pwhash() tests
2014-09-16 15:07:42 -07:00
Frank Denis
a721543b58
Test hmacsha512 with keys larger than the block size
2014-09-16 14:59:19 -07:00
Frank Denis
e333e55209
Increase generichash test coverage
2014-09-16 14:44:38 -07:00
Frank Denis
cee8af9b66
Test chacha20 with length == 0
2014-09-16 10:32:04 -07:00
Frank Denis
81aa4ef4a3
Check crypto_onetimeauth() streaming interface
2014-09-16 10:19:32 -07:00
Frank Denis
d7edf5c34b
crypto_generichash_keybytes_min() cannot be 0, even if 0 is a valid key length
2014-09-15 10:26:29 -07:00
Frank Denis
1217d30bae
More chacha20 tests
2014-09-14 13:09:15 -07:00
Frank Denis
2f7d98a73d
Fix format in auth5 test
2014-09-14 12:58:50 -07:00
Frank Denis
dc49ae0491
Add tests for invalid generichash parameters
2014-09-14 12:56:32 -07:00
Frank Denis
0ec5a25c88
More tests for randombytes
2014-09-14 12:43:53 -07:00
Frank Denis
82bc039d6c
Consistent syle for the tests.
2014-09-14 11:32:55 -07:00
Frank Denis
0e559b94d5
Make the tests a little bit more readable
2014-09-14 10:34:16 -07:00
Frank Denis
f41bfa9b94
More tests for constants
2014-09-13 15:17:19 -07:00
Frank Denis
fcc2513967
More tests for constants
2014-09-13 15:12:23 -07:00
Frank Denis
d65c791e58
More tests for constants
2014-09-13 15:03:04 -07:00
Frank Denis
2645422a32
Test crypto_aead with a short ciphertext
2014-09-13 14:51:21 -07:00
Frank Denis
a92731a9f4
More tests for constants
2014-09-13 14:47:29 -07:00
Frank Denis
12a3f27706
More tests for constants
2014-09-13 14:37:04 -07:00
Frank Denis
2c1b507045
More constant tests
2014-09-13 14:29:59 -07:00
Frank Denis
ab37bd3e0b
Tests: no need for crypto_uint8
2014-09-13 14:15:55 -07:00
Frank Denis
b7b0436fb8
Test the presence of some extra functions
2014-09-13 14:12:40 -07:00
Frank Denis
4d276a81e7
Include header files commonly used by the tests to cmptest.h
2014-09-13 14:11:12 -07:00
Frank Denis
3b680e0a52
Use high-level APIs in tests
2014-09-13 13:56:41 -07:00
Frank Denis
6c0852f22f
Remove unused macros
2014-09-04 13:24:09 -07:00
Frank Denis
0e23192159
Add crypto_sign_ed25519_sk_to_seed() and crypto_sign_ed25519_sk_to_pk()
2014-08-15 13:52:08 -07:00
Frank Denis
473e1718cc
Add sodium_{malloc,allocarray,free}() and sodium_mprotect_*()
...
ptr = sodium_malloc(size) returns a pointer from which exactly "size" bytes
can be accessed.
ptr = sodium_allocarray(count, size) allocates enough storage space for
"count" pointers or scalars of unit size "size".
In both cases, the region is immediately followed by a guard page.
As a result, any attempt to access a memory location after ptr[size - 1] will
immediately trigger a segmentation fault.
The allocated region is mlock()ed and filled with 0xd0 bytes.
A read-only page with the size, a guard page, as well as a canary are
placed before the returned pointer.
The canary is checked by sodium_free(); as a result, altering data right
before ptr is likely to cause sodium_free() to kill the process.
sodium_free() munlock()s the region and fills it with zeros before
actually calling free().
sodium_mprotect_noaccess(), sodium_mprotect_readonly() and
sodium_mprotect_readwrite() can be used to change the protection on the set
of allocated pages.
Reverting the protection to read+write is not required before calling
sodium_free().
2014-08-14 21:41:05 -07:00
Frank Denis
9f0208050e
crypto_sign_SECRETKEYBYTES already includes the public key
2014-08-05 14:26:39 -07:00
Frank Denis
eae4add8de
Implement ed25519 -> curve25519 keys conversion
2014-08-05 13:32:25 -07:00
Frank Denis
7b0eeda1c6
Remove aes256estream.
...
AES-256 will be reintroduced, but not until we have a bitsliced implementation.
2014-08-05 00:57:10 -07:00
Frank Denis
c16502fc2c
Coverity FP
2014-07-15 22:48:49 -07:00
Frank Denis
25ea5b65db
Add explicit checks for crypto_box_detached()
2014-07-11 12:28:52 -07:00
Frank Denis
ad7b1c58a8
Add tests for short messages with (secret)box_easy
2014-07-11 12:23:52 -07:00
Frank Denis
2bb8ae26d5
Test detached signatures
2014-07-10 23:21:23 -07:00
Frank Denis
16fa9960e0
Test crypto_sign_detached()
2014-07-10 23:21:22 -07:00
Frank Denis
96b840cfcf
Add a test for short (non-detached) signed messages
2014-07-10 22:39:11 -07:00
Frank Denis
f6519378b4
+ --enable-minimal to build a smaller library without less-used functions.
2014-07-09 20:24:04 -07:00
Frank Denis
0e4f4d6205
Use unsigned types for sizes in tests.
2014-07-01 19:33:59 +00:00
Frank Denis
9154d7416e
Add a test for crypto_aead without any additional data
2014-06-30 16:23:34 -07:00
Frank Denis
768b78b711
crypto_(secret)box_easy_detached() -> crypto_(secret)box_detached()
2014-06-27 18:29:03 -07:00
Frank Denis
44f7a9f3cb
Allow the authentication tag to be stored separately from the message.
...
Encrypting in-place and storing the tag separately is a very common need.
Instead of forcing people to do their own cuisine, let's provide simple
variants of the _easy interfaces to do that.
2014-06-26 15:18:39 -07:00
Frank Denis
eec0f78af6
Move the tag to the end for crypto_aead_chacha20poly1305
2014-06-26 09:15:20 -07:00
Frank Denis
efe53d118b
chachapoly1305 test: check output length
2014-06-26 08:56:17 -07:00