Frank Denis
ffdaf6d16b
aead_xchacha20poly1305_ietf_decrypt(): add a test with a NULL message
2019-05-06 11:15:11 +02:00
Frank Denis
4b7e497a92
Revert "Postpone from_hash()"
...
Use proper reduction, and don't mask the high bit, so that
H2C-Curve25519-SHA512-Elligator-Clear can be implemented if required
2019-05-02 13:51:12 +02:00
Frank Denis
56d93ffe62
Lucet now has a --reserved-size knob
2019-05-02 10:16:21 +02:00
Frank Denis
ab1e720a30
Postpone from_hash()
2019-05-02 10:12:12 +02:00
Frank Denis
24c54073a8
Add core_ed25519_from_hash() and core_{ed25519, ristretto255}_random()
2019-05-02 00:51:17 +02:00
Frank Denis
689407c36d
Rename ristretto_from_uniform() to ristretto_from_hash()
2019-05-01 19:56:08 +02:00
Frank Denis
cec56d867f
Lucet: set min-reserved-size to the same value as max-heap-size
...
If <min-reserved-size> is less than <max-heap-size>, the code will
still assume that only <min-reserved-size> bytes are accessible and
will trap even if the runtime could allocate more..
So, `max` should always be <= `min`. Naming options is hard.
2019-04-23 14:57:07 +02:00
Frank Denis
e7942ad150
Make the stream and stream2 test object code 1000x smaller
2019-04-23 09:57:36 +02:00
Frank Denis
3fde7349e1
Clarify that --min-reserved-size surprisingly sets the max memory
2019-04-23 03:14:19 +02:00
Frank Denis
05c86927f4
Remove temporary files
2019-04-23 02:02:19 +02:00
Frank Denis
fbe5d52a81
Spaces
2019-04-23 01:24:12 +02:00
Frank Denis
ff88392d8c
Make the WASI backend configurable
2019-04-23 01:23:41 +02:00
Frank Denis
2277e7f4f0
Lucet requires --min-reserved-size or tests with large allocations will fail
2019-04-23 01:13:25 +02:00
Frank Denis
e38128998b
lucet --dir=.:. works
...
Current WebAssembly runtimes status:
- wasmtime: no tests are failing.
- wasmer: 3 tests are failing:
sodium_core, sodium_utils2, sodium_utils3
- lucet: 8 tests are failing:
core3, pwhash_argon2i, pwhash_argon2id, secretstream, stream, stream2,
pwhash_scrypt, pwhash_scrypt_ll
2019-04-23 00:47:43 +02:00
Frank Denis
7993e35227
Try wasmer and lucet as alternatives to wasmtime
...
However:
- wasmer seems to have issues with signals, causing some tests to fail
- lucet's --dir option doesn't seem to work with relative paths
These are temporary limitations, that are likely to be fixed soon.
2019-04-22 23:57:00 +02:00
Frank Denis
3d6151ae62
constcheck: ignore deprecated declarations
2019-04-22 19:49:18 +02:00
Frank Denis
22c289d195
Ensure that we use non-zero random scalars for inversion
2019-04-15 10:18:15 +02:00
Frank Denis
db6f43d25e
Add crypto_core_{ed25519,ristretto255}_scalar_mul
2019-04-15 10:12:19 +02:00
Frank Denis
2d87abe21a
Use the correct constant for the buffer lengths in scalar tests
2019-04-15 09:44:32 +02:00
Frank Denis
a7ebe2856f
Turn on wasmtime optimizations
2019-04-09 15:48:23 +02:00
Frank Denis
aaa9d0d940
Include wasi-test-wrapper.sh in dist builds
2019-04-09 12:09:16 +02:00
Frank Denis
449e6d12b9
Don't forget to free() r_inv in the core_ristretto255 test
2019-04-08 23:12:55 +02:00
Frank Denis
9dbf03c115
Run the WASI checks using wasmtime
2019-04-08 21:45:08 +02:00
Frank Denis
8745c85114
First step towards WASI support
2019-04-08 20:47:33 +02:00
Frank Denis
6a83cd05ec
Be positive
2019-03-21 09:27:55 +01:00
Frank Denis
773a94d70b
Just use some test vectors around the counter overflow
2019-03-21 03:08:40 +01:00
Frank Denis
9218397375
Remove useless tests, add more meaningful ones.
2019-03-21 02:04:09 +01:00
Frank Denis
b579de9ac7
Additional salsa20 tests
2019-03-21 01:15:13 +01:00
Frank Denis
e1abc1de7e
Rename randombytes_salsa20 to randombytes_internal and switch to ChaCha20
2019-03-17 19:25:32 +01:00
Frank Denis
1e847cc60b
More tests
2019-02-18 11:10:51 +01:00
Frank Denis
db0319fb8e
Initial support for ristretto255
2019-02-18 00:56:48 +01:00
Frank Denis
e6aa7e1da4
The time has come to remove support for (p)nacl
2019-02-14 14:41:09 +01:00
Frank Denis
83a873ea1b
Fix tests, use guard page instead of NULL because of Wasm
2019-02-09 20:47:24 +01:00
Ilya Maykov
6934a8d0c8
Relax most __attribute__ ((nonnull)) to allow 0-length inputs to be NULL.
...
Justifications:
- crypto_(auth|hash|generichash|onetimeauth|shorthash)*:
it's legal to hash or HMAC a 0-length message
- crypto_box*: it's legal to encrypt a 0-length message
- crypto_sign*: it's legal to sign a 0-length message
- utils:
comparing two 0-length byte arrays is legal
memzero on a 0-length byte array is a no-op
converting an empty hex string to binary results in an empty binary string
converting an empty binary string to hex results in an empty hex string
converting an empty b64 string to binary results in an empty binary string
converting an empty binary string to b64 results in an empty b64 string
sodium_add / sodium_sub on zero-length arrays is a no-op
For the functions declared in utils.h, I moved the logic into private functions that
have the __attribute__ ((nonnull)) check, but they are only called when the
corresponding length argument is non-0. I didn't do this for the hash/box/sign
functions since it would have been a lot more work and quite a large refactor.
2019-02-09 20:26:10 +01:00
Frank Denis
0cdf963799
Add another test
2019-01-05 23:11:02 +01:00
Frank Denis
909983a9d2
Avoid memory leak and overflow in addition test
2019-01-05 23:08:03 +01:00
Frank Denis
d4eec69ef1
More tests
2019-01-05 21:17:48 +01:00
Frank Denis
0205a8035e
More tests
2019-01-05 20:56:22 +01:00
Frank Denis
7ac557498f
C++ compat
2019-01-03 09:49:33 +01:00
Frank Denis
bdfda5dc83
Nits
2019-01-02 16:14:15 +01:00
Frank Denis
d333f509a2
Add a test for sodium_sub()
2019-01-02 15:32:59 +01:00
Frank Denis
1542d473da
Add crypto_core_ed25519_scalar_complement(), _negate(), _add(), _sub()
2018-12-30 01:48:58 +01:00
Frank Denis
cff3d7f6c7
Remove unused variables
2018-12-29 16:42:09 +01:00
Frank Denis
cce84d05b2
Use unsigned indices
2018-12-26 18:39:07 +01:00
Frank Denis
d3976446a0
ED25519_NONDETERMINISTIC: derive keys from the seed the same way
...
as when ED25519_NONDETERMINISTIC is not defined
2018-12-25 13:25:57 +01:00
Frank Denis
59bd82edab
Add a crypto_core_ed25519_NONREDUCEDSCALARBYTES constant
...
and reject 0 in crypto_core_ed25519_random()
2018-12-24 17:26:38 +01:00
Frank Denis
8dd554d2c4
Leverage sodium_add()
2018-12-24 15:25:34 +01:00
Frank Denis
902f0997c0
Add a test for scalar_reduce()
2018-12-24 15:24:04 +01:00
Frank Denis
34e787030f
Use a guard page instead of NULL for opt arguments in tests
2018-12-24 15:02:59 +01:00
Frank Denis
63573bb98c
Add crypto_core_ed25519_scalar_random()
2018-12-23 12:32:07 +01:00