Home | History | Annotate | Line # | Download | only in default 
      1  1.1  riastrad #define TEST_NAME "scalarmult_ed25519"
      2  1.1  riastrad #include "cmptest.h"
      3  1.1  riastrad 
      4  1.1  riastrad static const unsigned char non_canonical_p[32] = {
      5  1.1  riastrad     0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
      6  1.1  riastrad     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
      7  1.1  riastrad };
      8  1.1  riastrad static const unsigned char non_canonical_invalid_p[32] = {
      9  1.1  riastrad     0xf5, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
     10  1.1  riastrad     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
     11  1.1  riastrad };
     12  1.1  riastrad static const unsigned char max_canonical_p[32] = {
     13  1.1  riastrad     0xe4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
     14  1.1  riastrad     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
     15  1.1  riastrad };
     16  1.1  riastrad 
     17  1.1  riastrad static const unsigned char B[32] = {
     18  1.1  riastrad     0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
     19  1.1  riastrad     0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66
     20  1.1  riastrad };
     21  1.1  riastrad 
     22  1.1  riastrad int
     23  1.1  riastrad main(void)
     24  1.1  riastrad {
     25  1.1  riastrad     unsigned char *n, *p, *q, *q2;
     26  1.1  riastrad 
     27  1.1  riastrad     n = (unsigned char *) sodium_malloc(crypto_scalarmult_ed25519_SCALARBYTES);
     28  1.1  riastrad     p = (unsigned char *) sodium_malloc(crypto_scalarmult_ed25519_BYTES);
     29  1.1  riastrad     q = (unsigned char *) sodium_malloc(crypto_scalarmult_ed25519_BYTES);
     30  1.1  riastrad     q2 = (unsigned char *) sodium_malloc(crypto_scalarmult_ed25519_BYTES);
     31  1.1  riastrad 
     32  1.1  riastrad     randombytes_buf(n, crypto_scalarmult_ed25519_SCALARBYTES);
     33  1.1  riastrad     if (crypto_scalarmult_ed25519_base(q, n) != 0) {
     34  1.1  riastrad         printf("crypto_scalarmult_ed25519_base() failed\n");
     35  1.1  riastrad     }
     36  1.1  riastrad     memcpy(p, B, crypto_scalarmult_ed25519_BYTES);
     37  1.1  riastrad     if (crypto_scalarmult_ed25519(q2, n, p) != 0) {
     38  1.1  riastrad         printf("crypto_scalarmult_ed25519() failed\n");
     39  1.1  riastrad     }
     40  1.1  riastrad     if (memcmp(q, q2, crypto_scalarmult_ed25519_BYTES) != 0) {
     41  1.1  riastrad         printf("crypto_scalarmult_ed25519_base(n) != crypto_scalarmult_ed25519(n, 9)\n");
     42  1.1  riastrad     }
     43  1.1  riastrad 
     44  1.1  riastrad     memset(n, 0, crypto_scalarmult_ed25519_SCALARBYTES);
     45  1.1  riastrad     if (crypto_scalarmult_ed25519_base(q, n) != -1) {
     46  1.1  riastrad         printf("crypto_scalarmult_ed25519_base(0) failed\n");
     47  1.1  riastrad     }
     48  1.1  riastrad     if (crypto_scalarmult_ed25519(q2, n, p) != -1) {
     49  1.1  riastrad         printf("crypto_scalarmult_ed25519(0) passed\n");
     50  1.1  riastrad     }
     51  1.1  riastrad 
     52  1.1  riastrad     n[0] = 1;
     53  1.1  riastrad     if (crypto_scalarmult_ed25519_base(q, n) != 0) {
     54  1.1  riastrad         printf("crypto_scalarmult_ed25519_base() failed\n");
     55  1.1  riastrad     }
     56  1.1  riastrad     if (crypto_scalarmult_ed25519(q2, n, p) != 0) {
     57  1.1  riastrad         printf("crypto_scalarmult_ed25519() passed\n");
     58  1.1  riastrad     }
     59  1.1  riastrad 
     60  1.1  riastrad     if (crypto_scalarmult_ed25519(q, n, non_canonical_p) != -1) {
     61  1.1  riastrad         printf("crypto_scalarmult_ed25519() didn't fail\n");
     62  1.1  riastrad     }
     63  1.1  riastrad     if (crypto_scalarmult_ed25519(q, n, non_canonical_invalid_p) != -1) {
     64  1.1  riastrad         printf("crypto_scalarmult_ed25519() didn't fail\n");
     65  1.1  riastrad     }
     66  1.1  riastrad     if (crypto_scalarmult_ed25519(q, n, max_canonical_p) != 0) {
     67  1.1  riastrad         printf("crypto_scalarmult_ed25519() failed\n");
     68  1.1  riastrad     }
     69  1.1  riastrad 
     70  1.1  riastrad     memset(p, 0, crypto_scalarmult_ed25519_BYTES);
     71  1.1  riastrad     if (crypto_scalarmult_ed25519(q, n, p) != -1) {
     72  1.1  riastrad         printf("crypto_scalarmult_ed25519() didn't fail\n");
     73  1.1  riastrad     }
     74  1.1  riastrad     n[0] = 8;
     75  1.1  riastrad     if (crypto_scalarmult_ed25519(q, n, p) != -1) {
     76  1.1  riastrad         printf("crypto_scalarmult_ed25519() didn't fail\n");
     77  1.1  riastrad     }
     78  1.1  riastrad 
     79  1.1  riastrad     sodium_free(q2);
     80  1.1  riastrad     sodium_free(q);
     81  1.1  riastrad     sodium_free(p);
     82  1.1  riastrad     sodium_free(n);
     83  1.1  riastrad 
     84  1.1  riastrad     assert(crypto_scalarmult_ed25519_BYTES == crypto_scalarmult_ed25519_bytes());
     85  1.1  riastrad     assert(crypto_scalarmult_ed25519_SCALARBYTES == crypto_scalarmult_ed25519_scalarbytes());
     86  1.1  riastrad 
     87  1.1  riastrad     printf("OK\n");
     88  1.1  riastrad 
     89  1.1  riastrad     return 0;
     90  1.1  riastrad }
     91