Frank Denis
e1abc1de7e
Rename randombytes_salsa20 to randombytes_internal and switch to ChaCha20
2019-03-17 19:25:32 +01:00
Frank Denis
1e847cc60b
More tests
2019-02-18 11:10:51 +01:00
Frank Denis
db0319fb8e
Initial support for ristretto255
2019-02-18 00:56:48 +01:00
Frank Denis
e6aa7e1da4
The time has come to remove support for (p)nacl
2019-02-14 14:41:09 +01:00
Frank Denis
83a873ea1b
Fix tests, use guard page instead of NULL because of Wasm
2019-02-09 20:47:24 +01:00
Ilya Maykov
6934a8d0c8
Relax most __attribute__ ((nonnull)) to allow 0-length inputs to be NULL.
...
Justifications:
- crypto_(auth|hash|generichash|onetimeauth|shorthash)*:
it's legal to hash or HMAC a 0-length message
- crypto_box*: it's legal to encrypt a 0-length message
- crypto_sign*: it's legal to sign a 0-length message
- utils:
comparing two 0-length byte arrays is legal
memzero on a 0-length byte array is a no-op
converting an empty hex string to binary results in an empty binary string
converting an empty binary string to hex results in an empty hex string
converting an empty b64 string to binary results in an empty binary string
converting an empty binary string to b64 results in an empty b64 string
sodium_add / sodium_sub on zero-length arrays is a no-op
For the functions declared in utils.h, I moved the logic into private functions that
have the __attribute__ ((nonnull)) check, but they are only called when the
corresponding length argument is non-0. I didn't do this for the hash/box/sign
functions since it would have been a lot more work and quite a large refactor.
2019-02-09 20:26:10 +01:00
Frank Denis
0cdf963799
Add another test
2019-01-05 23:11:02 +01:00
Frank Denis
909983a9d2
Avoid memory leak and overflow in addition test
2019-01-05 23:08:03 +01:00
Frank Denis
d4eec69ef1
More tests
2019-01-05 21:17:48 +01:00
Frank Denis
0205a8035e
More tests
2019-01-05 20:56:22 +01:00
Frank Denis
7ac557498f
C++ compat
2019-01-03 09:49:33 +01:00
Frank Denis
bdfda5dc83
Nits
2019-01-02 16:14:15 +01:00
Frank Denis
d333f509a2
Add a test for sodium_sub()
2019-01-02 15:32:59 +01:00
Frank Denis
1542d473da
Add crypto_core_ed25519_scalar_complement(), _negate(), _add(), _sub()
2018-12-30 01:48:58 +01:00
Frank Denis
cff3d7f6c7
Remove unused variables
2018-12-29 16:42:09 +01:00
Frank Denis
cce84d05b2
Use unsigned indices
2018-12-26 18:39:07 +01:00
Frank Denis
d3976446a0
ED25519_NONDETERMINISTIC: derive keys from the seed the same way
...
as when ED25519_NONDETERMINISTIC is not defined
2018-12-25 13:25:57 +01:00
Frank Denis
59bd82edab
Add a crypto_core_ed25519_NONREDUCEDSCALARBYTES constant
...
and reject 0 in crypto_core_ed25519_random()
2018-12-24 17:26:38 +01:00
Frank Denis
8dd554d2c4
Leverage sodium_add()
2018-12-24 15:25:34 +01:00
Frank Denis
902f0997c0
Add a test for scalar_reduce()
2018-12-24 15:24:04 +01:00
Frank Denis
34e787030f
Use a guard page instead of NULL for opt arguments in tests
2018-12-24 15:02:59 +01:00
Frank Denis
63573bb98c
Add crypto_core_ed25519_scalar_random()
2018-12-23 12:32:07 +01:00
Frank Denis
6fa0220302
Export crypto_core_ed25519_scalar_reduce, add tests
2018-12-23 02:56:11 +01:00
Frank Denis
b6051b7ee2
Add tests for unclamped scalars
2018-12-18 23:11:15 +01:00
Frank Denis
cf217e3dfc
Call misuse() if we ask too much data from the IETF variant of ChaCha20
...
Fix #753
2018-09-08 02:12:23 +02:00
Frank Denis
69a5643477
Add chacha20-poly1305 test from Project Wycheproof
2018-09-04 15:44:42 +02:00
Frank Denis
cb22446db1
Add aes256gcm tests from project wycheproof
2018-08-30 09:51:28 +02:00
Frank Denis
cdc4822c92
Remove unneeded trailing commas
2018-08-30 09:26:16 +02:00
Frank Denis
f8377e9818
Add x25519 test vectors from project wycheproof
2018-08-29 15:08:26 +02:00
Jakob Rieck
543b5ad068
Fixes padding for blocksizes > 256
2018-08-27 11:42:49 +02:00
Frank Denis
ccb2390e9c
xchacha20 test: initialize the full nonce
...
Spotted by @FiloSottile, thanks!
Fixes #742
2018-08-03 23:23:53 +02:00
Frank Denis
415f079692
zap trailing spaces
2018-04-29 17:49:01 +02:00
Emil Bay
2ad8162218
Missing test for abytes
2018-04-12 17:24:10 +02:00
Frank Denis
6a60818982
C++ compat
2017-12-21 22:35:02 +01:00
Frank Denis
8a2833f01a
Remove the dummy FS call from the Javascript tests
2017-12-21 21:37:02 +01:00
Frank Denis
72ab8739a2
Javascript tests: don't call FS.*() if the filesystem module is not present
2017-12-21 21:36:56 +01:00
Frank Denis
bd631649c1
Emscripten: run the tests in benchmark mode
2017-12-21 18:52:59 +01:00
Frank Denis
d7f8f6bc80
Static
2017-12-21 18:47:43 +01:00
Frank Denis
0187ba70ad
Require the generichash state to be aligned
...
Alignment is already required by other functions anyway.
2017-12-21 18:21:43 +01:00
Frank Denis
1e7839a90c
Lift alignment requirements in crypto_generichash()
2017-12-21 18:14:17 +01:00
Frank Denis
dce1614eee
Use default randombytes implementation for tests on emscripten
2017-12-21 02:02:39 +01:00
Frank Denis
13201046e6
emscripten: stick to the unique randombytes implementation
2017-12-21 00:32:42 +01:00
Frank Denis
69642f0409
Undefine printf if required
2017-12-16 21:01:23 +01:00
Frank Denis
bfc8ec1248
Add a memleak checker to the benchmark code
...
Plug the leaks it surfaced in pwhash_argon2* tests
2017-12-16 14:51:11 +01:00
Frank Denis
b84e4b9ddf
Add missing sodium_free() calls in the kdf test
2017-12-16 14:31:01 +01:00
Frank Denis
99fe302562
Make things more explicit
2017-12-16 13:12:07 +01:00
Frank Denis
b6dab1029d
Sort
2017-12-16 13:08:55 +01:00
Frank Denis
31b13ada14
+ #include <limits.h>
2017-12-16 13:08:34 +01:00
Frank Denis
18d5940bc6
Use a simple memory pool for benchmarks
...
In the test suite, a significant amount of time is spent in memory
allocations. A memory pool helps achieve more relevant results with
less iterations.
2017-12-16 13:07:15 +01:00
Frank Denis
ac8dffbecb
Return -1 if the scalar is 0 in crypto_scalarmult_ed25519()
...
For consistency with _base()
2017-12-12 14:35:08 +01:00