1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-20 10:37:24 -07:00
Commit Graph

707 Commits

Author SHA1 Message Date
Frank Denis
cd2a7019f1 pre.js: unlink /dev/(u)random before re-registering them 2014-11-22 11:56:36 -08:00
Frank Denis
b0403efc80 Fail if JS crypto is not available.
Emscripten registers /dev/urandom and /dev/random by default, but falls back to
Math.random()*256 when crypto.getRandomValues() is not available, which is not
acceptable. So we need to re-register them no matter what.
2014-11-22 11:24:32 -08:00
Frank Denis
d42634d466 Tests: use explicit casts when shortening types 2014-11-20 13:12:08 -08:00
Frank Denis
d311731bad Revert "Fix integer narrowing warnings in tests."
This reverts commit 173ad74d3e.
2014-11-20 12:00:37 -08:00
Frank Denis
394c6a1970 Merge pull request #205 from evoskuil/master
Update VS projects and fix test warnings.
2014-11-20 12:00:06 -08:00
Frank Denis
4f70e7c171 C++ compat 2014-11-20 11:35:32 -08:00
Frank Denis
d3e716aa49 curve25519-donna-c64: don't read an extra byte when expanding a 32-byte number into polynomial form
Reported by Michael Holmwood.
2014-11-20 11:22:24 -08:00
evoskuil
173ad74d3e Fix integer narrowing warnings in tests. 2014-11-02 22:35:36 -08:00
Frank Denis
5fd91b8f0f SIGSEGV handlers are incompatible with -fsanitize=address 2014-10-16 14:08:43 -07:00
Frank Denis
cb07df046f Remove S<l check.
Plan is to add is_standard()/is_canonical() instead of changing the current behavior
of the verification function. Suggested by CodesInChaos.
2014-10-06 12:21:40 -07:00
Frank Denis
71b5184224 Add a test for chacha20poly1305 with overlapping pointers 2014-10-05 00:02:45 -07:00
Frank Denis
c3b0de7393 Test box_easy with overlapping in/out. 2014-10-04 23:53:19 -07:00
Frank Denis
d34743241e Add a test for ed25519 malleability and restore traditional behavior.
If an application really requires non-malleability, ED25519_PREVENT_MALLEABILITY
can be defined to enable the check.

This might become the default behavior depending on what other implementations
are planning to do.
2014-10-04 23:25:01 -07:00
Frank Denis
9f6d37d9c6 Support overlapping input and output regions in crypto_secretbox_detached()
crypto_stream_salsa20() doesn't support overlapping input and output regions,
except when they are aliases.
2014-10-04 22:08:09 -07:00
Frank Denis
18f4dd241e C++ compat 2014-09-23 21:30:37 -07:00
Frank Denis
727f3993a1 lcov exclusion 2014-09-23 21:22:44 -07:00
Frank Denis
5a7782eb6e Extra tests for invalid pwhash strings 2014-09-23 21:15:38 -07:00
Frank Denis
7670932918 test pwhash_str_verify() with an invalid character 2014-09-23 15:38:31 -07:00
Frank Denis
b07dfc5da3 The test for pwhash is too slow for some systems.
Stop checking alterations for every single character.
2014-09-23 15:18:06 -07:00
Frank Denis
ced2c40a1a Update pwhash.exp for the new case that has to fail (empty password) 2014-09-23 14:57:11 -07:00
Frank Denis
7a54ba58e9 Test password verification with an empty password 2014-09-23 14:54:19 -07:00
Frank Denis
d6d539a0ce Test crypto_pwhash_scryptsalsa208sha256_str_verify() with invalid input. 2014-09-23 13:58:59 -07:00
Frank Denis
d511c43ca9 Test crypto_hash() with an input longer than the block size 2014-09-23 13:40:08 -07:00
Frank Denis
46df8ea890 Test pwhash with opslimit < 32768 2014-09-23 13:19:03 -07:00
Frank Denis
34df07f0c7 Test generichash with no key, with salt or personalization 2014-09-23 12:37:21 -07:00
Frank Denis
471922cb05 crypto_sign() test: explicitly initialize sig in case the previous tests failed. 2014-09-22 17:09:16 -07:00
Frank Denis
5558885953 Add a test for crypto_sign() with overlapping buffers. 2014-09-21 22:10:25 -07:00
Frank Denis
4de4e57a8e chacha20: test more than 1 block 2014-09-18 22:13:00 -07:00
Frank Denis
9eefb2e487 More test + lcov exclusions 2014-09-18 22:02:25 -07:00
Frank Denis
b062a555da scalarmult: check that the top bit is ignored 2014-09-18 21:27:49 -07:00
Frank Denis
595e98a224 Check return code of crypto_generichash_init() 2014-09-16 21:41:33 -07:00
Frank Denis
31d842a432 Test for (secret)box_easy behavior with a huge input. 2014-09-16 21:20:05 -07:00
Frank Denis
37580f4f52 More tests 2014-09-16 20:46:43 -07:00
Frank Denis
fbfbbdd349 Ensure that nothing explodes when calling crypto_generichash_blake2b_init_salt_personal with salt/personal == NULL 2014-09-16 20:09:33 -07:00
Frank Denis
51d9b223aa Test crypto_box_(before|after)nm 2014-09-16 20:01:58 -07:00
Frank Denis
1cf170a90e Test sodium_allocarray(), and sodium_malloc() with a huge size 2014-09-16 15:35:21 -07:00
Frank Denis
4993073501 Test chacha20 with a null output length 2014-09-16 15:25:54 -07:00
Frank Denis
6837c2d2c2 Include extra 0 in the key used for the hmacsha512 test 2014-09-16 15:25:38 -07:00
Frank Denis
fe4bbdc5ca More crypto_pwhash() tests 2014-09-16 15:07:42 -07:00
Frank Denis
a721543b58 Test hmacsha512 with keys larger than the block size 2014-09-16 14:59:19 -07:00
Frank Denis
e333e55209 Increase generichash test coverage 2014-09-16 14:44:38 -07:00
Frank Denis
cee8af9b66 Test chacha20 with length == 0 2014-09-16 10:32:04 -07:00
Frank Denis
81aa4ef4a3 Check crypto_onetimeauth() streaming interface 2014-09-16 10:19:32 -07:00
Frank Denis
d7edf5c34b crypto_generichash_keybytes_min() cannot be 0, even if 0 is a valid key length 2014-09-15 10:26:29 -07:00
Frank Denis
1217d30bae More chacha20 tests 2014-09-14 13:09:15 -07:00
Frank Denis
2f7d98a73d Fix format in auth5 test 2014-09-14 12:58:50 -07:00
Frank Denis
dc49ae0491 Add tests for invalid generichash parameters 2014-09-14 12:56:32 -07:00
Frank Denis
0ec5a25c88 More tests for randombytes 2014-09-14 12:43:53 -07:00
Frank Denis
82bc039d6c Consistent syle for the tests. 2014-09-14 11:32:55 -07:00
Frank Denis
0e559b94d5 Make the tests a little bit more readable 2014-09-14 10:34:16 -07:00
Frank Denis
f41bfa9b94 More tests for constants 2014-09-13 15:17:19 -07:00
Frank Denis
fcc2513967 More tests for constants 2014-09-13 15:12:23 -07:00
Frank Denis
d65c791e58 More tests for constants 2014-09-13 15:03:04 -07:00
Frank Denis
2645422a32 Test crypto_aead with a short ciphertext 2014-09-13 14:51:21 -07:00
Frank Denis
a92731a9f4 More tests for constants 2014-09-13 14:47:29 -07:00
Frank Denis
12a3f27706 More tests for constants 2014-09-13 14:37:04 -07:00
Frank Denis
2c1b507045 More constant tests 2014-09-13 14:29:59 -07:00
Frank Denis
ab37bd3e0b Tests: no need for crypto_uint8 2014-09-13 14:15:55 -07:00
Frank Denis
b7b0436fb8 Test the presence of some extra functions 2014-09-13 14:12:40 -07:00
Frank Denis
4d276a81e7 Include header files commonly used by the tests to cmptest.h 2014-09-13 14:11:12 -07:00
Frank Denis
3b680e0a52 Use high-level APIs in tests 2014-09-13 13:56:41 -07:00
Frank Denis
6c0852f22f Remove unused macros 2014-09-04 13:24:09 -07:00
Frank Denis
0e23192159 Add crypto_sign_ed25519_sk_to_seed() and crypto_sign_ed25519_sk_to_pk() 2014-08-15 13:52:08 -07:00
Frank Denis
473e1718cc Add sodium_{malloc,allocarray,free}() and sodium_mprotect_*()
ptr = sodium_malloc(size) returns a pointer from which exactly "size" bytes
can be accessed.

ptr = sodium_allocarray(count, size) allocates enough storage space for
"count" pointers or scalars of unit size "size".

In both cases, the region is immediately followed by a guard page.
As a result, any attempt to access a memory location after ptr[size - 1] will
immediately trigger a segmentation fault.

The allocated region is mlock()ed and filled with 0xd0 bytes.

A read-only page with the size, a guard page, as well as a canary are
placed before the returned pointer.

The canary is checked by sodium_free(); as a result, altering data right
before ptr is likely to cause sodium_free() to kill the process.

sodium_free() munlock()s the region and fills it with zeros before
actually calling free().

sodium_mprotect_noaccess(), sodium_mprotect_readonly() and
sodium_mprotect_readwrite() can be used to change the protection on the set
of allocated pages.

Reverting the protection to read+write is not required before calling
sodium_free().
2014-08-14 21:41:05 -07:00
Frank Denis
9f0208050e crypto_sign_SECRETKEYBYTES already includes the public key 2014-08-05 14:26:39 -07:00
Frank Denis
eae4add8de Implement ed25519 -> curve25519 keys conversion 2014-08-05 13:32:25 -07:00
Frank Denis
7b0eeda1c6 Remove aes256estream.
AES-256 will be reintroduced, but not until we have a bitsliced implementation.
2014-08-05 00:57:10 -07:00
Frank Denis
c16502fc2c Coverity FP 2014-07-15 22:48:49 -07:00
Frank Denis
25ea5b65db Add explicit checks for crypto_box_detached() 2014-07-11 12:28:52 -07:00
Frank Denis
ad7b1c58a8 Add tests for short messages with (secret)box_easy 2014-07-11 12:23:52 -07:00
Frank Denis
2bb8ae26d5 Test detached signatures 2014-07-10 23:21:23 -07:00
Frank Denis
16fa9960e0 Test crypto_sign_detached() 2014-07-10 23:21:22 -07:00
Frank Denis
96b840cfcf Add a test for short (non-detached) signed messages 2014-07-10 22:39:11 -07:00
Frank Denis
f6519378b4 + --enable-minimal to build a smaller library without less-used functions. 2014-07-09 20:24:04 -07:00
Frank Denis
0e4f4d6205 Use unsigned types for sizes in tests. 2014-07-01 19:33:59 +00:00
Frank Denis
9154d7416e Add a test for crypto_aead without any additional data 2014-06-30 16:23:34 -07:00
Frank Denis
768b78b711 crypto_(secret)box_easy_detached() -> crypto_(secret)box_detached() 2014-06-27 18:29:03 -07:00
Frank Denis
44f7a9f3cb Allow the authentication tag to be stored separately from the message.
Encrypting in-place and storing the tag separately is a very common need.
Instead of forcing people to do their own cuisine, let's provide simple
variants of the _easy interfaces to do that.
2014-06-26 15:18:39 -07:00
Frank Denis
eec0f78af6 Move the tag to the end for crypto_aead_chacha20poly1305 2014-06-26 09:15:20 -07:00
Frank Denis
efe53d118b chachapoly1305 test: check output length 2014-06-26 08:56:17 -07:00
Frank Denis
a7410966ea Rename secretbox_chacha20poly1305() -> aead_chacha20poly1305()
The tag is still at the end. This will be changed right after.
2014-06-26 08:48:13 -07:00
Frank Denis
5e89fc9303 Import secretbox_chacha20poly1305.exp 2014-06-19 23:07:20 -07:00
Frank Denis
bd1490a6cd Add AEAD_CHACHA20_POLY1305
With a twist: in order to be consistent with the crypto_stream
interface, the tag has to come before the ciphertext.
2014-06-19 22:49:33 -07:00
Frank Denis
1fcb676aed test/default/sign.c: make the test vectors static 2014-06-09 19:27:54 -07:00
Frank Denis
06e089ef6a Make crypto_sign() test code more explicit.
crypto_sign() doesn't just need the secret key. The public key has to follow.
Which is why the test vectors are laid out in this order.
But this can confuse static analysis, as well as people looking at the test
in order to better understand how crypto_sign() works.
So, just copy the sk and the pk into a dedicated buffer, for clarity.
2014-06-09 19:27:49 -07:00
Frank Denis
8560366cd8 Disable the pwhash_scrypt_ll test that requires 1 Gb RAM.
This is way too much for many devices and for VPS users.
2014-06-07 10:16:03 -07:00
Frank Denis
2058eaea99 Revert bd8cbd3175
Go back to masking the high bit in curve25519 instead of processing the
key as a 256-bit value.
2014-06-06 08:22:11 -07:00
Frank Denis
e737c94271 More test/default/pwhash_scrypt_ll.c fixes 2014-06-03 23:48:25 -07:00
Frank Denis
f341a4c9a3 Make arguments match the format string in test/default/pwhash_scrypt_ll.c ... 2014-06-03 23:22:38 -07:00
Anders Johansson
1d4849465b Change spaces to tab in Makefile.am after pwhash_scrypt_ll addition 2014-06-03 13:04:26 +02:00
Anders Johansson
e7e4ab514c To comply with C89:
- Moved variable declarations to top of function
 - Constant output buffer inside the function

Moved strlen calls from main to inside function to make code easier to read.

Also switched from fancy quotes to single quotes in expected output
2014-06-03 12:15:39 +02:00
Anders Johansson
e477e51323 Fix Travis g++ errors 2014-06-01 21:31:44 +02:00
Anders Johansson
d47d5d8623 Add test for Tarsnap testvectors to low-level scrypt interface 2014-06-01 20:58:20 +02:00
Jan Varho
9f52b0f0e9 Change crypto_box_seed_keypair to use SHA-512 of the seed
This makes it compatible with what js-nacl and racl do.
2014-05-25 19:13:04 -07:00
Jan Varho
f438116b6b Test crypto_box_seed_keypair 2014-05-23 10:33:58 +03:00
Frank Denis
a517bf9f0f One more chacha20 test 2014-05-15 15:26:44 -07:00
Frank Denis
0d9f25999a +chacha20.exp 2014-05-15 13:35:56 -07:00
Frank Denis
7381983f8b Preliminary chacha20 support 2014-05-15 13:27:15 -07:00
Frank Denis
bd05b7d292 Rename scryptxsalsa208sha256 to scryptsalsa208sha256 2014-05-15 00:01:16 -07:00
Frank Denis
62e37fbfe4 crypto_pwhash_scryptxsalsa208sha256_str() test vectors 2014-05-14 23:46:15 -07:00
Frank Denis
eca5267df9 crypto_pwhash_scryptxsalsa208sha256 test vectors 2014-05-14 23:22:11 -07:00
Frank Denis
84cceed1f6 Do not require crypto_sign_BYTES extra bytes for the message in crypto_sign_open()
This is a common source of confusion.
2014-05-12 22:54:05 -07:00
Frank Denis
0c63926ef1 Fix sign.c test, classic crypto_sign_open() confusion. 2014-05-12 21:43:33 -07:00
Frank Denis
30c1e13f2a Switch opslimit and memlimit in pwhash, to be closer to PHC's proposed API. 2014-05-12 12:34:41 -07:00
Frank Denis
37d73684b8 More crypto_pwhash tests 2014-05-12 11:26:39 -07:00
Frank Denis
9383d59e21 It's totally fine for sodium_library_version_minor() to be 0. 2014-05-08 21:32:36 -07:00
Frank Denis
42d87bf926 The pwhash test requires a 32 bytes salt. 2014-05-08 20:39:14 -07:00
Frank Denis
e48b1e6b75 Remove extra puts() in pwhash test. 2014-05-08 19:09:43 -07:00
Frank Denis
299ff0ceb3 Add a minimal test for crypto_pwhash 2014-05-07 23:54:55 -07:00
Frank Denis
9d29f94ac2 Add overdue crypto_sign test 2014-05-07 23:23:13 -07:00
Frank Denis
01059444ee Wait, what, printf(3) on Windows doesn't even support %zu? o_O 2014-04-17 22:15:09 -07:00
Frank Denis
219db714cf Add sodium_hex2bin() 2014-04-15 00:39:14 -07:00
Frank Denis
8960e5ad77 Add tests for auth_hmac_sha512 2014-04-14 21:34:55 -07:00
Frank Denis
e2262de49c Add a default value for TEST_SRCDIR 2014-04-14 15:52:55 -07:00
Frank Denis
aa88415338 Remove unused variables 2014-04-14 15:51:03 -07:00
Frank Denis
3f4a8f285d Add a test for crypto_verify_*() 2014-04-08 14:36:09 -07:00
Frank Denis
aaa4dab74a Add a simple test for the secretbox easy interface. 2013-12-31 18:46:10 +01:00
Frank Denis
e8509072a9 Add an easy interface to secretbox 2013-12-31 18:37:36 +01:00
Frank Denis
a29fcf90a6 Add a simple test for crypto_box_open_easy() 2013-12-31 18:37:36 +01:00
Frank Denis
02ec147a00 Add a crypto_box easy interface 2013-12-31 18:37:36 +01:00
Frank Denis
3fbbffc2c6 Check xmain() return code in tests. 2013-12-31 18:37:05 +01:00
Frank Denis
deaa893ce4 Add a test for blake2 with salt&personalization 2013-11-11 23:33:16 -08:00
Frank Denis
1ca05f6b16 Have sodium_memcmp(a,b,s) return -1 if a != b, document return value. 2013-10-30 06:47:13 -07:00
Frank Denis
d29dcf44ca Tell people that we are running the test suite. 2013-10-21 20:11:56 -07:00
Frank Denis
21f5f9790f If wintest.bat is run from srcdir, cd test/default 2013-10-21 20:07:05 -07:00
Frank Denis
f5e81693ee Fix wintest.bat usage 2013-10-21 16:31:19 -07:00
Frank Denis
d996d14f1f Import wintest.bat 2013-10-19 21:06:55 -07:00
Frank Denis
bd8cbd3175 Make curve25519-donna-c64 handle non-canonical points like the ref implementation. 2013-10-13 12:49:15 -07:00
Frank Denis
2c7aba48f3 Use arc4random() in tests if available. 2013-10-06 15:51:45 -07:00
Frank Denis
1a3786705e Add a sodium_bin2hex utility function. 2013-07-07 23:38:14 -07:00
Frank Denis
43132738d2 Add a pre-js script for providing /dev/urandom to tests in Javascript.
Not plugged to the build system yet.
2013-07-07 22:04:13 -07:00
Frank Denis
942c371d3c Use rand() instead of random() in regression tests. 2013-04-28 01:02:52 -07:00
Frank Denis
f16186671d Have "make distclean" remove *.res files 2013-04-27 16:42:37 -07:00
Frank Denis
404237d09b Fix "make check" target when compiled in a dedicated directory. 2013-04-27 11:43:26 -07:00
Frank Denis
cfe3f24964 sizes are unsigned. 2013-04-27 04:41:34 -07:00
Frank Denis
d923f3ef4b Sizes are unsigned 2013-04-27 04:34:36 -07:00
Frank Denis
0afc36c827 Tests: use size_t for sizes, not int.
Remove unused variables by the way.
2013-04-26 23:25:14 -07:00
Frank Denis
47de75e935 Keep ming Visual C++ happy 2013-04-26 21:52:21 -07:00
Frank Denis
de517b70d9 char vs unsigned char in the sodium_utils test 2013-04-26 21:51:59 -07:00
Frank Denis
4628a747ed Trim leading space in Makefile 2013-04-26 21:11:38 -07:00
Frank Denis
57a4552eb1 + aes256estream 2013-04-26 21:06:34 -07:00
Frank Denis
162b485cf6 printf can be a macro already, so #undef it 2013-04-25 23:25:39 -07:00
Frank Denis
1827e508ea Remove trailing spaces 2013-04-25 22:38:06 -07:00
Frank Denis
4c31bb5ef1 Add tests for sodium_*() functions. 2013-04-25 22:37:15 -07:00
Frank Denis
11d09e0d4e windows quirks are needed for secretbox8 test. 2013-04-22 13:17:37 -07:00
Frank Denis
b52f513f90 Untab, remove trailing spaces and other no-ops. 2013-04-21 17:32:09 -07:00
Frank Denis
9459a4b5ff Change the generichash API to better match other NaCl APIs
i.e. give a size right after the pointer.
2013-04-21 17:32:09 -07:00
Frank Denis
e56415489c Add some test vectors for the generichash streaming API 2013-04-21 17:32:09 -07:00
Frank Denis
d43309490a Add preliminary tests for crypto_generichash (blake2) 2013-04-21 17:32:08 -07:00
Frank Denis
220ad48353 Make the tests compileable from a separate directory. 2013-04-21 17:32:07 -07:00
Frank Denis
fc98102f2a sodium_reinit() and sodium_shutdown() are gone. 2013-04-21 17:32:05 -07:00
Frank Denis
47bc0aab79 sodium_init() doesn't take any options any more. 2013-04-21 17:32:04 -07:00
Frank Denis
faa399c3df Only include sodium.h in tests.
Tests should always be passing by just including that.
2013-04-21 17:32:04 -07:00
Frank Denis
fd11d8b7d7 Include sodium.h in cmptest.h and call sodium_init()/sodium_shutdown() 2013-04-21 17:32:04 -07:00
Frank Denis
6774b47cd4 Reintroduce shorthash, this time with the key... 2013-02-13 21:14:29 +08:00
Frank Denis
e5e2150919 Revert "Add crypto_shorthash() for non collision-resistant hash functions"
This reverts commit c8fe5c4afb.

Conflicts:
	.gitignore
	test/Makefile.am
	test/default/shorthash.c
	test/default/shorthash.exp
2013-02-13 20:33:17 +08:00
Frank Denis
5c946f9c61 Move tests to test/default and windows to quirks/windows.
test/default contains only tests using the default primitives
for a given operation. We need to add other tests as well.
2013-02-09 04:21:32 +08:00