1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-24 12:36:01 -07:00
Commit Graph

753 Commits

Author SHA1 Message Date
Frank Denis
bfc8ec1248 Add a memleak checker to the benchmark code
Plug the leaks it surfaced in pwhash_argon2* tests
2017-12-16 14:51:11 +01:00
Frank Denis
b84e4b9ddf Add missing sodium_free() calls in the kdf test 2017-12-16 14:31:01 +01:00
Frank Denis
99fe302562 Make things more explicit 2017-12-16 13:12:07 +01:00
Frank Denis
b6dab1029d Sort 2017-12-16 13:08:55 +01:00
Frank Denis
31b13ada14 + #include <limits.h> 2017-12-16 13:08:34 +01:00
Frank Denis
18d5940bc6 Use a simple memory pool for benchmarks
In the test suite, a significant amount of time is spent in memory
allocations. A memory pool helps achieve more relevant results with
less iterations.
2017-12-16 13:07:15 +01:00
Frank Denis
ac8dffbecb Return -1 if the scalar is 0 in crypto_scalarmult_ed25519()
For consistency with _base()
2017-12-12 14:35:08 +01:00
Frank Denis
21c1a3160c Remove tests for deprecated functions 2017-12-11 23:22:34 +01:00
Frank Denis
cf59e049e7 Check reduced-round salsa variants in non-minimal mode 2017-12-11 20:11:27 +01:00
Frank Denis
bdca518edc Remove incorrect and useless cast 2017-12-11 19:54:10 +01:00
Frank Denis
99fa31a595 More tests 2017-12-06 14:08:00 +00:00
Frank Denis
609e42be75 One more test 2017-12-06 13:53:22 +00:00
Frank Denis
43fa5ecc49 Add some tests for reduced-rounds salsa20 2017-12-06 13:38:46 +00:00
Frank Denis
0b6370dd0a Always undef NDEBUG in tests 2017-12-06 12:17:57 +00:00
Frank Denis
625e313e74 Avoid an expression in a assert() with side effects 2017-12-06 12:16:37 +00:00
Frank Denis
e89c43edf6 secretstream: add a test for rekeying using TAG_REKEY 2017-12-06 11:45:47 +00:00
Frank Denis
22b65dc57c Add a call to sodium_stackzero() 2017-12-05 17:49:58 +00:00
Frank Denis
01072a2f6a More tests 2017-12-03 21:16:46 +01:00
Frank Denis
cdd7d5f37d Add explicit cast 2017-12-03 21:02:17 +01:00
Frank Denis
8ad6ffa9d6 More tests 2017-12-03 20:56:17 +01:00
Frank Denis
b6262d982f Don't even try to compile non-minimal code 2017-12-03 16:55:46 +01:00
Frank Denis
139cadc76d Skip tests 13&14 in minimal mode 2017-12-03 16:49:55 +01:00
Frank Denis
99fe9eb67f More misuse tests 2017-12-03 16:39:05 +01:00
Frank Denis
229dac07ee casts 2017-12-01 17:29:29 +01:00
Frank Denis
217a9330a4 More tests 2017-12-01 17:21:59 +01:00
Frank Denis
84047b703a More tests 2017-12-01 17:04:09 +01:00
Frank Denis
e44614505b Casts 2017-12-01 16:32:25 +01:00
Frank Denis
218dac349a Fix format string sign 2017-12-01 15:24:48 +01:00
Frank Denis
46e2a46490 secretstream test: provide additional data to lift ambiguity on what is being tested
Spotted by @emilbayes - Thanks!
2017-11-26 22:02:26 +01:00
Frank Denis
ee2403deba Check for RDRAND presence 2017-11-25 17:53:33 +01:00
Frank Denis
c190574cee x25519-ref10: reject low order points before the multiplication 2017-11-17 10:47:00 +01:00
Frank Denis
fc10e78580 Add a test for constants 2017-11-15 16:58:31 +01:00
Frank Denis
a60d877327 Add a test for crypto_scalarmult_ed25519 2017-11-15 16:57:29 +01:00
Frank Denis
7653df070c Keep only the second test 2017-11-15 16:15:25 +01:00
Frank Denis
222ab9857c Check that add/sub don't enforce the canonical form 2017-11-15 15:31:01 +01:00
Frank Denis
4fe7f88063 Re-merge previous test; add the correct prime 2017-11-15 15:26:41 +01:00
Frank Denis
d8c36842eb Remove a test that doesn't make sense 2017-11-15 01:59:43 +01:00
Frank Denis
97e6f73230 Add a pretty obvious assertion 2017-11-15 01:48:28 +01:00
Frank Denis
3d8889560e Export constants 2017-11-15 01:47:54 +01:00
Frank Denis
1e06b32f45 Add a couple more tests for ed25519_is_valid_point() 2017-11-15 01:44:55 +01:00
Frank Denis
63f7727a74 C++ compat 2017-11-15 01:37:33 +01:00
Frank Denis
1df2285362 Add a preliminary test for core_ed25519 2017-11-15 01:34:43 +01:00
Frank Denis
7e75ad4ca9 Remove unused var 2017-10-23 23:43:19 +02:00
Frank Denis
f54c6db981 sign_keygen(): don't hash the secret scalar in non-deterministic mode 2017-10-11 21:27:48 +02:00
Frank Denis
0dd8338b83 Add a compile-time switch to create non-deterministic signatures 2017-10-06 15:35:07 +02:00
Frank Denis
2a367074fe Add actual performance API emulation for old browsers 2017-10-05 07:52:33 +02:00
Frank Denis
e784a3fb40 Add no-ops for very old browsers without the performance API 2017-10-05 01:46:02 +02:00
Frank Denis
37d9f09f5b Round duration 2017-10-05 00:20:55 +02:00
Frank Denis
752c1fff2d emscripten template: make the module global 2017-10-05 00:16:37 +02:00
Frank Denis
cc8cd391c9 Fix emscripten template 2017-10-05 00:11:40 +02:00
Frank Denis
93e39760b9 Wasm: add basic benchmark
Not really fair yet since the script isn't preloaded
2017-10-05 00:02:37 +02:00
Frank Denis
f0daa92f50 Remove index-wasm.html.tpl 2017-10-04 23:52:39 +02:00
Frank Denis
6a0e144899 Use less memory for the pwhash tests 2017-10-04 22:52:11 +02:00
Frank Denis
d3e20869af crypto_pwhash_ALG_DEFAULT is now Argon2id 2017-10-01 12:12:13 +02:00
Frank Denis
2f51ed3397 Rename the test/pwhash.c -> test/pwhash_argon2i.c 2017-10-01 11:09:55 +02:00
Frank Denis
d49d7e8d4f pwhash: don't enforce the same limits for argon2i and argon2id
Fixes #606

Also, keep enforcing a minimum number of iterations to create argon2i
hashes, but relax that restriction for verification, as it can be
useful to migrate from hashes made using other libraries.
2017-10-01 11:02:46 +02:00
Frank Denis
2542367c2d secretstream: set the initial counter to 1
Avoids using the first block for two different purposes, and will be more
consistent with the AES-based version.

This breaks backwards compatibility, but better do it now that most distro are
still shipping < 1.0.14, that no applications seem to be already using that new
API, and that there will be an update to the library major due to the aes128ctr
removal.
2017-10-01 10:08:04 +02:00
Frank Denis
3e0b4dec6e Add sodium_base64_encoded_len() 2017-09-21 11:25:09 +02:00
Frank Denis
18f0fff89e More tests: verify that they key gets updated after the counter wraps 2017-09-20 17:10:10 +02:00
Frank Denis
ee1d5c96d8 Move the codecs tests to their own test file 2017-09-19 22:51:05 +02:00
Frank Denis
558355e566 Check if SIGABRT can be trapped multiple times in a row 2017-09-19 22:33:09 +02:00
Frank Denis
8ee67b1dd7 More tests 2017-09-19 22:19:50 +02:00
Frank Denis
1f72dec89d More tests 2017-09-19 22:17:10 +02:00
Frank Denis
41dc933226 More tests 2017-09-19 22:08:31 +02:00
Frank Denis
aec433cecc Additional check 2017-09-19 20:04:57 +02:00
Frank Denis
7423408cd3 Make the behavior of hex2bin() consistent with base642bin()
Return -1 on incomplete sequences and on complete sequences
with trailing, non-ignored characters if no pointers to store the
last parsed byte has been provided
2017-09-19 18:45:23 +02:00
Frank Denis
00660d79b9 secretstream test: don't pull twice if we don't test with AD 2017-09-19 17:32:15 +02:00
Frank Denis
3c8a7f17f0 Add tests for short, invalid unpadded base64 strings 2017-09-19 16:59:18 +02:00
Frank Denis
9209e89d96 More tests 2017-09-19 00:34:26 +02:00
Frank Denis
31e9a5541d More tests 2017-09-18 23:57:29 +02:00
Frank Denis
525c21ed10 Tests 2017-09-18 23:29:58 +02:00
Frank Denis
1875980d33 More tests 2017-09-18 23:18:46 +02:00
Frank Denis
5b9680ead6 More tests 2017-09-18 23:13:50 +02:00
Frank Denis
e878bc141b More keygen tests 2017-09-17 23:13:38 +02:00
Frank Denis
f244f658d6 int -> size_t 2017-09-17 23:13:27 +02:00
Frank Denis
9c53da4a6d metamorphic tests for HMAC 2017-09-17 21:55:29 +02:00
Frank Denis
bd69a3083a metamorphic tests for onetimeauth 2017-09-17 21:48:16 +02:00
Frank Denis
a7b75a2d7d + simple metamorphic tests for crypto_generichash()
This needs to be extended to other APIs with a streaming interface
2017-09-17 21:41:32 +02:00
Frank Denis
bfab44aa40 initbytes -> headerbytes for clarity 2017-09-16 23:21:28 +02:00
Frank Denis
19496bcc01 Don't try to access /usr/local on Travis CI 2017-09-15 13:08:14 +02:00
Frank Denis
ca43a12683 Old tcc versions miscompile while (++in[x])
So, let's just keep things readable, even for compilers.
2017-09-15 12:58:47 +02:00
Frank Denis
10edd16b40 Modernize the core3 test 2017-09-15 12:39:18 +02:00
Frank Denis
c6aa04108e Move #ifdef up 2017-09-15 10:19:34 +02:00
Frank Denis
4aba976d5f Explicit casts 2017-09-15 01:00:43 +02:00
Frank Denis
15ee95c64c Remove unused var 2017-09-15 00:57:44 +02:00
Frank Denis
70f66c9a6d Check for avx/avx2/avx512f linkage 2017-09-14 00:05:37 +02:00
Frank Denis
390f865e35 Add tests for scrypt rehash 2017-09-13 18:47:55 +02:00
Frank Denis
2a2b85eeea Add tests for crypto_pwhash_str_needs_rehash() 2017-09-13 18:40:14 +02:00
Frank Denis
979b21d67b Remove extra semicolumns 2017-09-13 12:45:04 +02:00
Frank Denis
0af31aeb26 Fill the max output buffer size in sodium_bin2base64()
Unlike hex encoding, due to optional padding, computing the correct size is
not straightforward. Ensuring that the string ends with `\0` is fine, but
if the size is not exact, some unrelated data might be send around by the
application. So, zero it to be safe.
2017-08-31 19:32:14 +02:00
Frank Denis
fd4478288e Test sodium_pad() with a NULL pointer 2017-08-25 15:24:46 +02:00
Frank Denis
f8e535a446 messagesbytes -> messagebytes 2017-08-25 15:12:35 +02:00
Frank Denis
aa20d2e86e Add secretstream constants 2017-08-25 14:51:02 +02:00
Frank Denis
a0b9bc46e4 constcheck: grab a few more constants 2017-08-25 14:49:47 +02:00
Frank Denis
4c93d0391c C++ compat 2017-08-17 23:27:20 +02:00
Frank Denis
0850e55808 Check that a zero blocksize returns -1 2017-08-17 21:00:02 +02:00
Frank Denis
a27c18d0e8 No need for two buffers in the padding test 2017-08-17 20:58:14 +02:00
Frank Denis
d5574a69fa Complete sodium_pad/unpad() and add a couple tests 2017-08-17 20:54:20 +02:00
Frank Denis
6e8e0a93f9 Add a couple tests for crypto_secretstream_*() 2017-08-16 14:53:54 +02:00
Frank Denis
265bdcfe07 bin2hex & bin2base64: return a null size on error
This might prevent applications that don't properly check return codes
from reusing previous data.
2017-08-09 22:41:20 +02:00
Frank Denis
a6480aec44 b64 test: intentionally overestimate sizes
overflows will be caught by the guard page, if any
2017-08-09 18:03:56 +02:00
Frank Denis
74fd8fd1ce C++ compat 2017-08-09 16:08:03 +02:00
Frank Denis
cdbb43f444 base64 tests 2017-08-09 15:56:58 +02:00
Frank Denis
8f0953b31f Merge branch 'master' of github.com:jedisct1/libsodium
* 'master' of github.com:jedisct1/libsodium:
  Bench: don't tie the printed result to the number of iterations
  Make the number of iterations configurable; reduce the default
  Add an interesting test case for a custom randombytes_uniform implementation
  Add a benchmark mode
  randombytes test: restore the salsa20-based rng at the end, for benchmarks
  Indent
2017-08-05 20:58:23 +02:00
Frank Denis
a894ec93f2 Add crypto_pwhash_str_alg() 2017-08-05 20:56:59 +02:00
Frank Denis
cde31281d1 Bench: don't tie the printed result to the number of iterations 2017-08-04 23:30:30 +02:00
Frank Denis
6d59a5897d Make the number of iterations configurable; reduce the default 2017-08-04 23:16:42 +02:00
Frank Denis
28a1e6886e Add an interesting test case for a custom randombytes_uniform implementation 2017-08-04 23:13:29 +02:00
Frank Denis
5b4db091df Add a benchmark mode 2017-08-04 23:08:22 +02:00
Frank Denis
8813c36fff randombytes test: restore the salsa20-based rng at the end, for benchmarks 2017-08-04 23:01:16 +02:00
Frank Denis
a8cc1634f4 Indent 2017-08-04 22:59:06 +02:00
Frank Denis
544ce64000 Just a simple script to match constants with functions 2017-08-03 16:28:29 +02:00
Frank Denis
e1fa9cc90c Add *_messagebytes_max() wrappers 2017-08-03 13:34:31 +02:00
Frank Denis
f02770b2ad Revert "+ sodium_alloc_overhead()"
This reverts commit c5b61d8129.
2017-08-02 14:26:56 +02:00
Frank Denis
c5b61d8129 + sodium_alloc_overhead() 2017-08-02 12:34:56 +02:00
Frank Denis
774ec67e22 Repair sodium_core test 2017-07-30 18:22:53 +02:00
Frank Denis
8a14f5c167 Don't call sodium_misuse() in the sodium_core test for Javascript/wasm targets 2017-07-30 18:10:00 +02:00
Frank Denis
0ce03b6cea misuse test: just return from main() on unsupported platforms 2017-07-30 17:54:54 +02:00
Frank Denis
180a89cb21 More tests for signatures 2017-07-29 22:42:05 +02:00
Frank Denis
b34b89ab37 secrebox: add a test with in/out buffers next to each other 2017-07-29 22:27:17 +02:00
Frank Denis
ff8bb6705a More tests for scrypt 2017-07-29 22:01:13 +02:00
Frank Denis
a3f90d6020 Indent 2017-07-29 21:49:20 +02:00
Frank Denis
63d8a896fe Test KX with a weak PK 2017-07-29 21:46:14 +02:00
Frank Denis
7ad9a46cb7 More tests 2017-07-29 21:43:18 +02:00
Frank Denis
a9a21a7dff Test Ed->X conversion with x not being a square root 2017-07-29 21:36:02 +02:00
Frank Denis
982cde1a77 Test crypto_box_open_detached() with a weak PK 2017-07-29 21:34:28 +02:00
Frank Denis
c15173de1e Turn a few calls with an insane message length into a sodium_misuse() 2017-07-29 18:37:55 +02:00
Frank Denis
8d91a32754 Add more tests for crypto_sign_ed25519_pk_to_curve25519() 2017-07-24 23:56:56 +02:00
Frank Denis
214fe473f1 Add an invalid key to the signature tests 2017-07-24 23:40:14 +02:00
Frank Denis
e1b0448205 Test crypto_secretbox_open_detached() with a NULL message pointer 2017-07-24 23:17:55 +02:00
Frank Denis
c90ddae75e Use the right state type for the auth256 test 2017-07-24 23:04:23 +02:00
Frank Denis
51a0b96f1d Test crypto_hmac_sha256_update() with empty chunks 2017-07-24 22:25:33 +02:00
Frank Denis
33d6908f9b Test crypto_auth_hmacsha256_*() 2017-07-24 22:08:07 +02:00
Frank Denis
f92c82537b More tests 2017-07-24 15:16:22 +02:00
Frank Denis
b57f9668fc More tests 2017-07-21 16:52:01 +02:00
Frank Denis
8b9b6a54be Remove error string from sodium_misuse()
Returning the name of an internal function to bindings is useless.

They need way more context to recover from these errors, and
their own backtrace will be way more useful for diagnostics.
2017-07-19 00:57:19 +02:00
Frank Denis
63cbad7506 Visual Studio doesn't like abort() chains
Let's limit this test to systems this has been tested on for the
time being.
2017-07-19 00:20:06 +02:00
Frank Denis
9df008a786 Add some invalid base64 strings to pwhash_str_verify() tests 2017-07-17 23:26:36 +02:00
Frank Denis
5d56821d3d More tests, and start testing misuse cases 2017-07-17 23:09:44 +02:00
Frank Denis
0e8d7c9268 Implement sodium_set_misuse_handler() 2017-07-17 01:00:00 +02:00
Frank Denis
9def4d9a8a Add tests for crypto_kx_*() when a single key is required 2017-07-17 00:36:55 +02:00
Frank Denis
608e103e45 Finish the Argon2id tests 2017-07-16 18:34:01 +02:00
Frank Denis
ff615b270a Fix the AES test on error path 2017-07-13 21:41:06 +02:00
Frank Denis
7cfbb5922b Dont expect EFBIG to be returned if a requested allocation is too large
Some environments return funny things such as "function not implemented",
EINVAL or "permission denied" instead.

So, don't assume anything.
2017-07-12 21:36:33 +02:00
Frank Denis
28e32dd5a2 Remove scrypt from minimal builds 2017-07-11 22:08:02 +02:00
Frank Denis
f586752afe + Argon2id tests 2017-06-28 15:49:49 +02:00
Frank Denis
7334060f43 Add a workaround for old asan versions (CentOS 7) 2017-06-23 17:30:48 +02:00
Frank Denis
c3045e2cb0 Check that SIGSEGV handlers work
Tools such as ASAN may trap violations instead of our handlers,
making the sodium_utils{2,3} test fail.

This has been documented for a long time, but it's probably better
to detect this and ignore tests depending on working signal handlers.
2017-06-23 11:11:16 +02:00
Frank Denis
efb097d957 Consistency 2017-05-19 14:58:16 +02:00
Frank Denis
b28c7bcad9 Unbreak NaCl tests (parse error near '}') 2017-05-19 14:56:31 +02:00
Jim Patterson
1fd6a4bfc2 Replace which with command for portability (#542)
The `which` command is not part of the posix standard and not available
in some environments.  The `command` command is part of the posix
standard and well supported.

See https://unix.stackexchange.com/q/85249 for a discussion about the
use of `command` instead of `which`.

If a system had `libtool` but not `which`, the build process would issue
an erroneous error stating:

    libtool is required, but wasn't found on this system

Switching to `command` corrects this problem.
2017-05-19 14:51:56 +02:00
Frank Denis
3e85167657 Fix crypto_pwhash_argon2i_str_verify() and its tests after errno changes 2017-05-12 15:09:54 +02:00
Emil Bay
94760400a6 Add crypto_pwhash_MISMATCH errno (#541)
* Add crypto_pwhash_MISMATCH errno

* Use EINVAL for invalid password

* Only set errno on mismatch
2017-05-12 14:30:26 +02:00
Frank Denis
4809639ae1 box_easy2 test: increase the minimum test size 2017-04-07 07:59:13 -07:00
Frank Denis
d4dbf0cc4f Import preliminary compilation script for webassembly
Thanks to @facekapow

This still needs quite a bit of work, so don't add to the distfiles yet
2017-03-12 17:44:29 +01:00
Frank Denis
849a35bd82 + crypto_kx_*() API
This doesn't include a full key exchange API yet.
2017-03-12 13:15:39 +01:00
Frank Denis
88c77d6aa7 Do not use a zero nonce in randombytes_buf_deterministic()
This can mitigate implications of reusing the same key across different
functions.
2017-03-09 13:57:37 +01:00
Frank Denis
8679e717db + sodium_library_minimal() and SODIUM_LIBRARY_MINIMAL 2017-03-06 09:47:09 +01:00
Frank Denis
707f4c8e08 Add ed25519ph 2017-03-05 14:45:13 +01:00
Frank Denis
2ae516079b chacha20 can only be tested with a 32-bit ic 2017-03-03 10:39:03 +01:00
Frank Denis
588c03c536 C++ compat 2017-03-03 10:29:50 +01:00
Frank Denis
e46bc4c5dd Add tests for chacha&salsa with a counter around 2^32 2017-03-03 10:14:08 +01:00
Frank DENIS
36c038ccd1 Additional ChaCha20/Salsa20 tests with a short output length 2017-03-02 18:01:28 +01:00
Frank Denis
617862eb5a Make aead_xchacha20_poly1305 a first-class citizen 2017-03-02 10:19:08 +01:00
Frank Denis
ff931a9ab5 Remove useless assignments 2017-02-28 20:54:13 +01:00
Frank Denis
3cd883d33e Remove debugging leftover in tests 2017-02-27 16:25:32 +01:00
Frank Denis
c0c645da45 Test crypto_kdf constants, add _PRIMITIVE 2017-02-26 21:30:40 +01:00
Frank Denis
d203d87d2f const static -> static const 2017-02-26 16:10:32 +01:00
Frank Denis
d860121ebc Fix previous 2017-02-25 21:01:52 +01:00
Frank Denis
4e6091b347 Merge branch 'master' of https://github.com/jedisct1/libsodium
* 'master' of https://github.com/jedisct1/libsodium:
  spelling fixes (touches code in tests) (#494)
  Feature/spelling (#495)
2017-02-25 21:00:52 +01:00
Frank Denis
eb1c92d2ec Reformat the scrypt tests 2017-02-25 20:59:54 +01:00
ka7
76e87fb547 spelling fixes (touches code in tests) (#494) 2017-02-25 14:21:30 +01:00
Frank Denis
0a5a40de5b Trim spaces 2017-02-24 19:23:55 +01:00
Frank Denis
8fb5918fb6 Add a test for siphashx24 2017-02-24 19:23:14 +01:00
Frank Denis
7bbeba5723 Indent 2017-02-23 11:30:21 +01:00
Frank Denis
4a958f9e9e Indent 2017-02-23 11:28:12 +01:00
Frank Denis
f4da7fe314 Indent 2017-02-23 11:27:45 +01:00
Frank Denis
3d96ea4b6a Indent 2017-02-23 11:27:19 +01:00
Frank Denis
4037465983 Indent 2017-02-23 11:26:24 +01:00
Frank Denis
d5bf3954d6 Indentx 2017-02-23 11:25:09 +01:00
Frank Denis
cac2dde218 Indent 2017-02-23 11:24:48 +01:00
Frank Denis
cadee98e13 Indentx 2017-02-23 11:23:50 +01:00
Frank Denis
efbc49f100 Indent 2017-02-23 11:23:19 +01:00
Frank Denis
434e3691ba Indent 2017-02-23 11:22:58 +01:00
Frank Denis
e747cec677 Indent 2017-02-23 11:22:36 +01:00
Frank Denis
3cce789304 Indent 2017-02-23 11:22:00 +01:00
Frank Denis
db7c0e1956 Indent 2017-02-23 11:21:30 +01:00
Frank Denis
c8f6121429 Indent 2017-02-23 11:20:37 +01:00
Frank Denis
20b12aa9d4 Indent 2017-02-23 11:19:53 +01:00
Frank Denis
5351efb122 Indentx 2017-02-23 11:15:29 +01:00
Frank Denis
dd9d8e283b Indent 2017-02-23 11:13:43 +01:00
Frank Denis
0877b14c68 Correct array size check in xchacha20 test 2017-02-20 11:35:13 +01:00
Frank Denis
5957e2c735 C++ compat 2017-02-19 21:23:34 +01:00
Frank Denis
8af252bf87 use crypto_*_keygen() in tests 2017-02-19 21:20:45 +01:00
Frank Denis
7e5d64834c untab 2017-02-19 21:17:42 +01:00
Frank Denis
7f7e7235c5 Add a keygen function to all the primitives 2017-02-19 21:15:54 +01:00
Frank Denis
93d02019da Trigger randombytes_seedbytes() 2017-02-19 19:10:08 +01:00
Frank Denis
cafb0a695b Add randombytes_buf_deterministic() 2017-02-19 18:40:29 +01:00
Frank Denis
70c2796ae5 + crypto_kdf high-level API
This is a common need, and people end up reimplementing HKDF.

So, add a crypto_kdf() API similiar to libhydrogen's. The later has a
higher limit for the output length using BLAKE2X if required.

We can implement the same strategy later in libsodium if needed.
2017-02-19 18:13:10 +01:00
Frank Denis
e0150faf56 Always zero the argon2 output buffer prior to doing anything
This is consistent with what we are doing with scrypt.
On error/misuse, the buffer is zeroed; this may prevent bugs with
reused/invalid buffers.
2017-02-19 12:40:28 +01:00
Frank Denis
2c6fb87708 Set crypto_pwhash_scryptsalsa208sha256_BYTES_MIN to 128 bits 2017-02-19 12:31:05 +01:00
Frank Denis
2e4e1c66a0 Complete 08c0e03f83 2017-02-19 12:23:37 +01:00
Emil Bay
08c0e03f83 WIP: crypto_pwhash constants (#464)
* Test exposed constraint constants on crypto_pwhash

This includes the following constants for crypto_pwhash, crypto_pwhash_argon2i,
and crypto_pwhash_scryptsalsa208sha256:

- crypto_pwhash_BYTES_MIN
- crypto_pwhash_BYTES_MAX
- crypto_pwhash_PASSWD_MIN
- crypto_pwhash_PASSWD_MAX
- crypto_pwhash_OPSLIMIT_MIN
- crypto_pwhash_OPSLIMIT_MAX
- crypto_pwhash_MEMLIMIT_MIN
- crypto_pwhash_MEMLIMIT_MAX

* Expose constraint constants for crypto_pwhash

* Expose constant methods for crypto_pwhash
2017-02-19 11:19:01 +01:00
Frank Denis
532ea6bd95 + test for aead_xchacha20poly1305 2017-02-18 22:10:30 +01:00
Frank Denis
a329340d90 Remove the NaCl-like APIs from *xchacha20 additions
These APIs were useful with the salsa20 constructions for compatibility
with NaCl, but they are tricky to use and don't provide any benefits over
the _easy APIs.

Having them around was good for consistency with the salsa20-based ones,
but this is code that is unlikely to be used in actual projects.

So, don't include them, unless people actually ask for them.
2017-02-18 21:22:39 +01:00
Frank Denis
eb5c17d3ec Add tests for box_xchacha20poly1305 2017-02-18 20:31:39 +01:00
Frank Denis
99e6c94739 C++ compat 2017-02-16 09:57:01 +01:00
Frank Denis
b146082d68 More tests for *xchacha20* 2017-02-14 15:41:59 +01:00
Frank Denis
071a1afde3 C++ compat 2017-02-12 22:34:15 +01:00
Frank Denis
b209a7c0af Add a test for HChaCha20 2017-02-12 22:28:35 +01:00
Frank Denis
3499cbfbe5 Add dist-build/nativeclient-x86-64.sh 2016-04-29 21:55:06 +02:00
Frank Denis
858b8e8c5e Put then and if on the same line.
Having `then` aligned with `if` was pretty confusing, and I kept
reading `else` instead of `then`.
2016-04-29 20:49:35 +02:00
Frank Denis
8326bc1d75 CRLF 2016-04-29 20:36:06 +02:00
Frank Denis
251b836f01 NativeClient complains about __memset_chk being undefined on OSX.
Work around this. There might be a better fix, but at least the
test suite compiles with the newlib.
2016-04-29 20:34:24 +02:00
Frank Denis
492d4b1dd6 Repair NativeClient support 2016-04-18 21:40:18 +02:00
Frank Denis
e2f75d6168 Make assertions more readable 2016-04-12 01:23:14 +02:00
Frank Denis
1818267d64 Return -1 if crypto_generichash_final() is called twice 2016-04-06 01:00:49 +02:00
Frank Denis
b09e1970bc Test that ciphertexts shorter than the MAC size aren't even read 2016-04-04 10:47:54 +02:00
Frank Denis
d73124a025 Make the test of truncated chacha20poly1305 ciphers less deterministic 2016-04-04 10:40:23 +02:00
Frank Denis
d7f5877df5 Add crypto_pwhash_argon2i_ALG_ARGON2I13 2016-04-01 20:48:34 +02:00
Frank Denis
384e08b7f4 Require an algorithm identifier in crypto_pwhash() 2016-04-01 20:29:28 +02:00
Frank Denis
5d8c878ffb Remove mlen_p from the AEAD detached interface 2016-03-30 21:20:34 +02:00
Frank Denis
7afe93f9a2 Mark test functions as static and __attribute__ ((noreturn)) 2016-03-27 00:32:25 +01:00
Frank Denis
2aa703fcc7 Restore the previous sodium_malloc(0) behavior
If aligned memory cannot be obtained, allocate 1 byte
to always return a non-NULL pointer.
2016-03-25 16:26:37 +01:00
Frank Denis
1f1d3f70b9 More Argon2 tests 2016-03-25 15:45:50 +01:00
Frank Denis
fb865c9a5c More tests / lcov exclusions 2016-03-25 15:36:57 +01:00
Frank Denis
a25569320c The version in Argon2i strings is separated from other parameters 2016-03-25 12:27:04 +01:00
Frank Denis
d91adb2cff Avoid implicit sodium_malloc(0) in tests 2016-03-25 10:50:52 +01:00
Frank Denis
eb13ec0cff Make sodium_malloc(0) well-defined. It always returns NULL. 2016-03-25 09:44:41 +01:00
Frank Denis
346f8c131e More tests 2016-03-24 22:16:52 +01:00
Frank Denis
71a548ac10 Additional tests for BLAKE2b 2016-03-24 21:57:33 +01:00
Frank Denis
caae5e85f3 C++ compat 2016-03-23 17:22:35 +01:00
Frank Denis
b483845eb5 Tests must use sodium_malloc() as much as possible 2016-03-23 16:23:40 +01:00
Frank Denis
cb150c2d3d sizeof() -> constants 2016-03-23 15:55:45 +01:00
Frank Denis
2b79c12f93 Nits 2016-03-23 15:41:55 +01:00
Frank Denis
f137857e18 Add tests for the detached chacha20poly1305 API 2016-03-23 15:20:23 +01:00
Frank Denis
3fb2ee07cb Add crypto_pwhash_primitive() 2016-03-21 20:59:43 +01:00
Frank Denis
79935dc918 test/pwhash_argon2i -> test/pwhash 2016-03-21 09:48:01 +01:00
Frank Denis
359553f07d Add support for optional parameters to future-proof crypto_pwhash() 2016-03-21 09:38:43 +01:00
Frank Denis
05d82ad147 Simplify quirks for C++Builder 2016-03-18 22:13:23 +01:00
unknown
2085693c32 Introduce C++Builder compatibility
Add new preprocessor directives to allow libsodium to be easily
built in C++Builder.
2016-03-18 14:46:00 -04:00
Frank Denis
0a18d18daf Consistent comment style 2016-03-18 09:56:21 +01:00
Frank Denis
cf4f0c48dc Add tests for the detached aes256gcm API 2016-03-15 11:21:23 +01:00
Frank Denis
7597b7cc13 Check what the implications of versioned Argon2 strings will be 2016-03-10 12:26:17 +01:00
Frank Denis
62911edb7f Ed25519: verify 0<=s<2^252+27742317777372353535851937790883648493
This reintroduces removed code to match the irtf-cfrg-eddsa draft

ED25519_COMPAT can be defined to keep the old behavior
2016-03-08 20:35:21 +01:00
Frank Denis
845e3e7cff Update test for short output 2016-03-08 13:57:16 +01:00
Frank Denis
ae6ecda055 Explicit downcast 2016-03-07 15:45:59 +01:00
Frank Denis
a5ca5b1b25 Unused param 2016-03-06 14:00:18 +01:00
Frank Denis
5353569d9a Remove obsolete and redundant globals 2016-03-06 13:59:26 +01:00
Frank Denis
212841b28d int vs size_t 2016-03-06 13:58:10 +01:00