Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
with
15,568 additions
and 0 deletions.
- +4 −0 Makefile
- +3 −0 conf-cc
- +93 −0 crypto-tests/crypto_box_curve25519xsalsa20poly1305test.c
- +42 −0 crypto-tests/crypto_hash_sha512test.c
- +56 −0 crypto-tests/crypto_onetimeauth_poly1305test.c
- +134 −0 crypto-tests/crypto_scalarmult_curve25519test.c
- +71 −0 crypto-tests/crypto_secretbox_xsalsa20poly1305test.c
- +59 −0 crypto-tests/crypto_stream_salsa20test.c
- +59 −0 crypto-tests/crypto_stream_xsalsa20test.c
- +48 −0 crypto-tests/crypto_verify_16test.c
- +48 −0 crypto-tests/crypto_verify_32test.c
- +193 −0 crypto-tests/misc.h
- +1,080 −0 crypto-tests/precomp.data
- +21 −0 crypto-tests/precomp.data.py
- +1,080 −0 crypto-tests/precomp.txt
- +1,080 −0 crypto-tests/precomp_curve25519.data
- +84 −0 crypto-tests/precomp_curve25519.data.py
- +90 −0 crypto-tests/randombytestest.c
- +22 −0 crypto/CRYPTOLIBS
- +16 −0 crypto/CRYPTOPRIMITIVES
- +22 −0 crypto/CRYPTOSOURCES
- +6 −0 crypto/cleanup.h
- +75 −0 crypto/crypto_box_curve25519xsalsa20poly1305.c
- +32 −0 crypto/crypto_box_curve25519xsalsa20poly1305.h
- +122 −0 crypto/crypto_hash_sha512.c
- +12 −0 crypto/crypto_hash_sha512.h
- +144 −0 crypto/crypto_onetimeauth_poly1305.c
- +16 −0 crypto/crypto_onetimeauth_poly1305.h
- +69 −0 crypto/crypto_scalarmult_curve25519.c
- +16 −0 crypto/crypto_scalarmult_curve25519.h
- +26 −0 crypto/crypto_secretbox_xsalsa20poly1305.c
- +20 −0 crypto/crypto_secretbox_xsalsa20poly1305.h
- +15 −0 crypto/crypto_stream_salsa20.c
- +16 −0 crypto/crypto_stream_salsa20.h
- +24 −0 crypto/crypto_stream_xsalsa20.c
- +16 −0 crypto/crypto_stream_xsalsa20.h
- +5 −0 crypto/crypto_verify_16.c
- +12 −0 crypto/crypto_verify_16.h
- +5 −0 crypto/crypto_verify_32.c
- +12 −0 crypto/crypto_verify_32.h
- +202 −0 crypto/fe.c
- +26 −0 crypto/fe.h
- +242 −0 crypto/fe25519.c
- +22 −0 crypto/fe25519.h
- +32 −0 crypto/randombytes.c
- +10 −0 crypto/randombytes.h
- +112 −0 crypto/salsa.c
- +9 −0 crypto/salsa.h
- +16 −0 crypto/uint32_pack.c
- +8 −0 crypto/uint32_pack.h
- +12 −0 crypto/uint32_pack_big.c
- +8 −0 crypto/uint32_pack_big.h
- +18 −0 crypto/uint32_unpack.c
- +8 −0 crypto/uint32_unpack.h
- +14 −0 crypto/uint32_unpack_big.c
- +8 −0 crypto/uint32_unpack_big.h
- +16 −0 crypto/uint64_pack.c
- +8 −0 crypto/uint64_pack.h
- +12 −0 crypto/uint64_pack_big.c
- +8 −0 crypto/uint64_pack_big.h
- +18 −0 crypto/uint64_unpack.c
- +8 −0 crypto/uint64_unpack.h
- +14 −0 crypto/uint64_unpack_big.c
- +8 −0 crypto/uint64_unpack_big.h
- +8 −0 crypto/verify.c
- +6 −0 crypto/verify.h
- +58 −0 debian/changelog
- +1 −0 debian/compat
- +17 −0 debian/control
- +1 −0 debian/dq.install
- +3 −0 debian/dqcache.dirs
- +7 −0 debian/dqcache.install
- +38 −0 debian/dqcache.postinst
- +9 −0 debian/dqcache.postrm
- +21 −0 debian/dqcache.prerm
- +1 −0 debian/env/CACHESIZE
- +1 −0 debian/env/IP
- +1 −0 debian/env/ROOT
- +24 −0 debian/root/servers/@
- +15 −0 debian/rules
- +3 −0 debian/service/dqcache/log/run
- +12 −0 debian/service/dqcache/run
- +72 −0 dq/LIBS
- +76 −0 dq/SOURCES
- +2 −0 dq/TARGETS
- +154 −0 dq/alloc.c
- +16 −0 dq/alloc.h
- +48 −0 dq/base32decode.c
- +6 −0 dq/base32decode.h
- +12 −0 dq/blocking.c
- +7 −0 dq/blocking.h
- +11 −0 dq/buffer.c
- +63 −0 dq/buffer.h
- +5 −0 dq/buffer_2.c
- +94 −0 dq/buffer_put.c
- +9 −0 dq/buffer_write.c
- +84 −0 dq/byte.c
- +12 −0 dq/byte.h
- +321 −0 dq/cache.c
- +12 −0 dq/cache.h
- +46 −0 dq/case.c
- +11 −0 dq/case.h
- +44 −0 dq/die.c
- +16 −0 dq/die.h
- +155 −0 dq/dns.h
- +109 −0 dq/dns_base32.c
- +16 −0 dq/dns_data.c
- +200 −0 dq/dns_domain.c
- +36 −0 dq/dns_dtda.c
- +291 −0 dq/dns_ip.c
- +108 −0 dq/dns_ipq.c
- +43 −0 dq/dns_iptoname.c
- +20 −0 dq/dns_keys.c
- +89 −0 dq/dns_nonce.c
- +117 −0 dq/dns_packet.c
- +91 −0 dq/dns_rcip.c
- +138 −0 dq/dns_rcrw.c
- +30 −0 dq/dns_resolve.c
- +111 −0 dq/dns_sortip.c
- +606 −0 dq/dns_transmit.c
- +212 −0 dq/dns_verbosity.c
- +302 −0 dq/dq.c
- +507 −0 dq/dqcache.c
- +50 −0 dq/droproot.c
- +6 −0 dq/droproot.h
- +108 −0 dq/e.c
- +443 −0 dq/e.h
- +27 −0 dq/env.c
- +7 −0 dq/env.h
- +37 −0 dq/fastrandombytes.c
- +6 −0 dq/fastrandombytes.h
- +15 −0 dq/fastrandommod.c
- +6 −0 dq/fastrandommod.h
- +26 −0 dq/hexdecode.c
- +6 −0 dq/hexdecode.h
- +25 −0 dq/hexparse.c
- +6 −0 dq/hexparse.h
- +174 −0 dq/inet_pton.c
- +7 −0 dq/inet_pton.h
- +102 −0 dq/iptostr.c
- +8 −0 dq/iptostr.h
- +38 −0 dq/keyparse.c
- +6 −0 dq/keyparse.h
- +343 −0 dq/log.c
- +39 −0 dq/log.h
- +18 −0 dq/milliseconds.c
- +6 −0 dq/milliseconds.h
- +21 −0 dq/nanoseconds.c
- +6 −0 dq/nanoseconds.h
- +33 −0 dq/numtostr.c
- +8 −0 dq/numtostr.h
- +13 −0 dq/okclient.c
- +6 −0 dq/okclient.h
- +12 −0 dq/open.h
- +17 −0 dq/open_read.c
- +17 −0 dq/open_trunc.c
- +41 −0 dq/openreadclose.c
- +8 −0 dq/openreadclose.h
- +16 −0 dq/portparse.c
- +6 −0 dq/portparse.h
- +16 −0 dq/porttostr.c
- +10 −0 dq/porttostr.h
- +89 −0 dq/printpacket.c
- +8 −0 dq/printpacket.h
- +162 −0 dq/printrecord.c
- +9 −0 dq/printrecord.h
- +1,210 −0 dq/query.c
- +40 −0 dq/query.h
- +117 −0 dq/response.c
- +27 −0 dq/response.h
- +199 −0 dq/roots.c
- +8 −0 dq/roots.h
- +7 −0 dq/seconds.c
- +6 −0 dq/seconds.h
- +62 −0 dq/str.c
- +11 −0 dq/str.h
- +141 −0 dq/stralloc.c
- +23 −0 dq/stralloc.h
- +36 −0 dq/strtoip.c
- +8 −0 dq/strtoip.h
- +76 −0 dq/strtomultiip.c
- +10 −0 dq/strtomultiip.h
- +56 −0 dq/strtonum.c
- +6 −0 dq/strtonum.h
- +30 −0 dq/typeparse.c
- +6 −0 dq/typeparse.h
- +7 −0 dq/uint16_pack_big.c
- +8 −0 dq/uint16_pack_big.h
- +11 −0 dq/uint16_unpack_big.c
- +8 −0 dq/uint16_unpack_big.h
- +42 −0 dq/warn.c
- +15 −0 dq/warn.h
- +28 −0 dq/writeall.c
- +6 −0 dq/writeall.h
- +41 −0 dq/xsocket.h
- +70 −0 dq/xsocket_accept.c
- +74 −0 dq/xsocket_bind.c
- +72 −0 dq/xsocket_conn.c
- +11 −0 dq/xsocket_listen.c
- +68 −0 dq/xsocket_recv.c
- +62 −0 dq/xsocket_send.c
- +48 −0 dq/xsocket_tcp.c
- +13 −0 dq/xsocket_type.c
- +48 −0 dq/xsocket_udp.c
- +266 −0 make-dq.sh
- +3 −0 sysdep/crypto_int16.h-short.c
- +3 −0 sysdep/crypto_int32.h-int.c
- +3 −0 sysdep/crypto_int32.h-long.c
- +3 −0 sysdep/crypto_int64.h-attr.c
- +3 −0 sysdep/crypto_int64.h-long.c
- +3 −0 sysdep/crypto_int64.h-longlong.c
- +3 −0 sysdep/crypto_int8.h-char.c
- +3 −0 sysdep/crypto_uint16.h-short.c
- +3 −0 sysdep/crypto_uint32.h-int.c
- +3 −0 sysdep/crypto_uint32.h-long.c
- +3 −0 sysdep/crypto_uint64.h-attr.c
- +3 −0 sysdep/crypto_uint64.h-long.c
- +3 −0 sysdep/crypto_uint64.h-longlong.c
- +3 −0 sysdep/crypto_uint8.h-char.c
- +9 −0 sysdep/default.h-no.c
- +20 −0 sysdep/direntry.h-direct.c
- +20 −0 sysdep/direntry.h-dirent.c
- +27 −0 sysdep/do
- +30 −0 sysdep/hasipv6.h-yes.c
- +32 −0 sysdep/list
- +15 −0 sysdep/order.h-big.c
- +15 −0 sysdep/order.h-little.c
- +59 −0 sysdep/trynum.h
@@ -0,0 +1,4 @@ | ||
compile: make-dq.sh | ||
sh -e make-dq.sh | ||
clean: | ||
rm -rf build |
@@ -0,0 +1,3 @@ | ||
gcc -O3 -fomit-frame-pointer -funroll-loops | ||
clang -O3 -fomit-frame-pointer -funroll-loops | ||
cc -O3 -fomit-frame-pointer -funroll-loops |
@@ -0,0 +1,93 @@ | ||
/* | ||
20141017 | ||
Jan Mojzis | ||
Public domain. | ||
*/ | ||
|
||
#include "misc.h" | ||
#include "crypto_box_curve25519xsalsa20poly1305.h" | ||
|
||
#define SPACESIZE 5232 | ||
|
||
static unsigned char m[SPACESIZE + 16]; | ||
static unsigned char n[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES + 16]; | ||
static unsigned char c[SPACESIZE + 16 + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES]; | ||
static unsigned char pk[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES + 16]; | ||
static unsigned char sk[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES + 16]; | ||
|
||
static unsigned char test_pseudorandom_checksum[32] = { | ||
0xb7, 0xd4, 0xf1, 0x92, 0x3d, 0x4b, 0x80, 0xf0, | ||
0xb5, 0x3c, 0xdb, 0x38, 0xdb, 0x53, 0xcf, 0xb6, | ||
0xe8, 0x3d, 0x52, 0x96, 0xb6, 0x73, 0x61, 0x07, | ||
0x95, 0x72, 0x37, 0x69, 0xad, 0xda, 0x65, 0x8b | ||
}; | ||
|
||
|
||
static void zerobytes(void *yv, long long ylen) { | ||
|
||
long long i; | ||
char *y = yv; | ||
|
||
for (i = 0; i < ylen; ++i) y[i] = 0; | ||
} | ||
|
||
|
||
static void copy(void *yv, long long ylen, const void *xv) { | ||
|
||
long long i; | ||
const char *x = xv; | ||
char *y = yv; | ||
|
||
for (i = 0; i < ylen; ++i) y[i] = x[i]; | ||
} | ||
|
||
|
||
static unsigned char skdata[1080][32] = { | ||
#include "precomp.data" | ||
}; | ||
|
||
static unsigned char pkdata[1080][32] = { | ||
#include "precomp_curve25519.data" | ||
}; | ||
|
||
|
||
static void test_pseudorandom(void) { | ||
|
||
long long i, j; | ||
|
||
checksum_zero(); | ||
i = 0; | ||
for (j = crypto_box_curve25519xsalsa20poly1305_ZEROBYTES; j < SPACESIZE; j += 1 + j / 16) { | ||
|
||
pseudorandombytes(m + i, j); | ||
pseudorandombytes(n + i, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES); | ||
zerobytes(m + i, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); | ||
|
||
copy(sk + i, 32, skdata[i]); | ||
copy(pk + i, 32, pkdata[i]); | ||
|
||
crypto_box_curve25519xsalsa20poly1305(c + i, m + i, j, n, pk + i, sk + i); | ||
checksum(c + i, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); | ||
|
||
zerobytes(c + i, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); | ||
if (crypto_box_curve25519xsalsa20poly1305_open(m + i, c + i, j, n, pk + i, sk + i) != 0) { | ||
fail_printdata("m", m + i, j); | ||
fail_printdata("c", c + i, j); | ||
fail_printdata("pk", pk + i, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); | ||
fail_printdata("sk", sk + i, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); | ||
fail_printdata("n", n + i, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES); | ||
fail("crypto_box_curve25519xsalsa20poly1305_open() failure"); | ||
} | ||
++i; | ||
i %= 16; | ||
} | ||
fail_whenbadchecksum(test_pseudorandom_checksum); | ||
} | ||
|
||
|
||
int main(void) { | ||
|
||
test_pseudorandom(); | ||
|
||
_exit(0); | ||
} |
@@ -0,0 +1,42 @@ | ||
/* | ||
20141018 | ||
Jan Mojzis | ||
Public domain. | ||
*/ | ||
|
||
#include "misc.h" | ||
#include "crypto_hash_sha512.h" | ||
|
||
#define SPACESIZE 5232 | ||
|
||
static unsigned char space[SPACESIZE + 16]; | ||
static unsigned char buf[crypto_hash_sha512_BYTES + 16]; | ||
|
||
static unsigned char test_pseudorandom_checksum[32] = { | ||
0xa1, 0x57, 0x2f, 0x67, 0x19, 0xa6, 0x88, 0x2f, | ||
0x54, 0xa5, 0xa4, 0x7d, 0xe2, 0xd3, 0xa3, 0xfd, | ||
0xd1, 0x1a, 0x73, 0x58, 0x84, 0xc7, 0xb9, 0xfd, | ||
0x7f, 0xa2, 0x33, 0xbf, 0x86, 0xf7, 0x15, 0xee | ||
}; | ||
|
||
static void test_pseudorandom(void) { | ||
|
||
long long i, j; | ||
|
||
checksum_zero(); | ||
i = 0; | ||
for (j = 0; j < SPACESIZE; j += 1 + j / 16) { | ||
pseudorandombytes(space + i, j); | ||
crypto_hash_sha512(buf + i, space + i, j); | ||
checksum(buf + i, crypto_hash_sha512_BYTES); | ||
++i; | ||
i %= 16; | ||
} | ||
fail_whenbadchecksum(test_pseudorandom_checksum); | ||
} | ||
|
||
int main(void) { | ||
|
||
test_pseudorandom(); | ||
_exit(0); | ||
} |
@@ -0,0 +1,56 @@ | ||
/* | ||
20141017 | ||
Jan Mojzis | ||
Public domain. | ||
*/ | ||
|
||
#include "misc.h" | ||
#include "crypto_onetimeauth_poly1305.h" | ||
|
||
#define SPACESIZE 5232 | ||
|
||
static unsigned char space[SPACESIZE + 16]; | ||
static unsigned char key[crypto_onetimeauth_poly1305_KEYBYTES + 16]; | ||
static unsigned char buf[crypto_onetimeauth_poly1305_BYTES + 16]; | ||
|
||
static unsigned char test_pseudorandom_checksum[32] = { | ||
0xaf, 0xe7, 0xbb, 0x79, 0x2a, 0xe5, 0x81, 0xee, | ||
0xbc, 0x1f, 0x5b, 0x79, 0x96, 0xb7, 0x27, 0x1a, | ||
0xc2, 0x74, 0x65, 0x0e, 0x1d, 0xb5, 0xb7, 0x06, | ||
0x10, 0x42, 0x6a, 0x50, 0x57, 0x8b, 0xf1, 0xb0 | ||
}; | ||
|
||
|
||
static void test_pseudorandom(void) { | ||
|
||
long long i, j; | ||
|
||
checksum_zero(); | ||
i = 0; | ||
for (j = 0; j < SPACESIZE; j += 1 + j / 16) { | ||
|
||
pseudorandombytes(space + i, j); | ||
pseudorandombytes(key + i, crypto_onetimeauth_poly1305_KEYBYTES); | ||
|
||
crypto_onetimeauth_poly1305(buf + i, space + i, j, key + i); | ||
checksum(buf + i, crypto_onetimeauth_poly1305_BYTES); | ||
|
||
if (crypto_onetimeauth_poly1305_verify(buf + i, space + i, j, key + i) != 0) { | ||
fail_printdata("m", space + i, j); | ||
fail_printdata("key", key + i, crypto_onetimeauth_poly1305_KEYBYTES); | ||
fail_printdata("a", buf + i, crypto_onetimeauth_poly1305_BYTES); | ||
fail("crypto_onetimeauth_poly1305_verify() failure"); | ||
} | ||
++i; | ||
i %= 16; | ||
} | ||
fail_whenbadchecksum(test_pseudorandom_checksum); | ||
} | ||
|
||
|
||
int main(void) { | ||
|
||
test_pseudorandom(); | ||
|
||
_exit(0); | ||
} |
@@ -0,0 +1,134 @@ | ||
/* | ||
20141017 | ||
Jan Mojzis | ||
Public domain. | ||
*/ | ||
|
||
#include "misc.h" | ||
#include "crypto_scalarmult_curve25519.h" | ||
|
||
#define BYTES crypto_scalarmult_curve25519_BYTES | ||
#define SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES | ||
|
||
static unsigned char pk[BYTES]; | ||
|
||
static unsigned char S[BYTES] = { 9 }; | ||
|
||
static unsigned char R[BYTES] = { | ||
0xf9, 0xc3, 0xda, 0xc2, 0x10, 0x4c, 0x80, 0xb2, | ||
0x52, 0xd0, 0xae, 0xec, 0x37, 0x7a, 0xfd, 0x5d, | ||
0x1e, 0xf2, 0xc8, 0xc3, 0x48, 0xc2, 0x9e, 0x12, | ||
0xdd, 0xb2, 0xd0, 0xc8, 0xb1, 0x98, 0xff, 0x7f | ||
}; | ||
|
||
static unsigned char d[SCALARBYTES] = { | ||
0x56, 0x2c, 0x1e, 0xb5, 0xfd, 0xb2, 0x81, 0x29, | ||
0xbd, 0x37, 0x49, 0x58, 0x35, 0xd4, 0xb1, 0x30, | ||
0x7d, 0xdb, 0x57, 0x38, 0x80, 0x12, 0x17, 0x42, | ||
0xf7, 0x13, 0xf1, 0x05, 0x67, 0x69, 0xd5, 0xbf | ||
}; | ||
|
||
static void test_vector(void) { | ||
|
||
long long j; | ||
unsigned char r[BYTES]; | ||
|
||
if (crypto_scalarmult_curve25519(r, d, S) != 0) fail("crypto_scalarmult_curve25519() failure"); | ||
for (j = 0; j < BYTES; ++j) if (r[j] != R[j]) fail("crypto_scalarmult_curve25519() failure"); | ||
} | ||
|
||
static unsigned char skdata[1080][32] = { | ||
#include "precomp.data" | ||
}; | ||
|
||
static unsigned char pkdata[1080][32] = { | ||
#include "precomp_curve25519.data" | ||
}; | ||
|
||
static void test_base(void) { | ||
|
||
long long i, j; | ||
|
||
checksum_zero(); | ||
for (i = 0; i < 1080; ++i) { | ||
if (crypto_scalarmult_curve25519_base(pk, skdata[i]) != 0) { | ||
fail_printdata("sk", skdata[i], SCALARBYTES); | ||
fail("crypto_scalarmult_curve25519_base() failure, please report it !!!!!!!!!"); | ||
} | ||
for (j = 0; j < BYTES; ++j) if (pk[j] != pkdata[i][j]) { | ||
fail_printdata("pk_computed", pk, BYTES); | ||
fail_printdata("pk_expected", pkdata[i], BYTES); | ||
fail_printdata("sk", skdata[i], SCALARBYTES); | ||
fail("crypto_scalarmult_curve25519() failure, please report it !!!!!!!!!"); | ||
} | ||
} | ||
} | ||
|
||
static const unsigned char basepoint[BYTES] = { 9 }; | ||
|
||
static unsigned char test_scalarmult_checksum[32] = { | ||
0xca, 0xf4, 0xa3, 0xbe, 0x00, 0x9c, 0x6f, 0x01, | ||
0xb8, 0x4e, 0xf8, 0x0d, 0x0a, 0x17, 0x16, 0x42, | ||
0xfe, 0x01, 0x59, 0x40, 0x74, 0xd4, 0xa6, 0x48, | ||
0x07, 0x94, 0x95, 0x94, 0xab, 0xa4, 0x5e, 0x6d | ||
}; | ||
|
||
static void test_scalarmult(void) { | ||
|
||
long long i, j; | ||
unsigned char outpk[BYTES]; | ||
|
||
for (i = 0; i < BYTES; ++i) pk[i] = basepoint[i]; | ||
|
||
checksum_zero(); | ||
for (i = 0; i < 1080; ++i) { | ||
pk[31] |= 128; | ||
if (crypto_scalarmult_curve25519(outpk, skdata[i], pk) != 0) { | ||
fail_printdata("pk", pk, BYTES); | ||
fail_printdata("sk", skdata[i], SCALARBYTES); | ||
fail("crypto_scalarmult_curve25519() failure, please report it !!!!!!!!!"); | ||
} | ||
checksum(outpk, BYTES); | ||
for (j = 0; j < BYTES; ++j) pk[j] = outpk[j]; | ||
} | ||
fail_whenbadchecksum(test_scalarmult_checksum); | ||
} | ||
|
||
static void test_random(void) { | ||
|
||
long long i, j; | ||
unsigned char sk1[SCALARBYTES + 16]; | ||
unsigned char pk1[BYTES + 16]; | ||
unsigned char k1[BYTES + 16]; | ||
unsigned char sk2[SCALARBYTES + 16]; | ||
unsigned char pk2[BYTES + 16]; | ||
unsigned char k2[BYTES + 16]; | ||
|
||
|
||
for (i = 0; i < 16; ++i) { | ||
unsaferandombytes(sk1 + i, SCALARBYTES); | ||
unsaferandombytes(sk2 + i, SCALARBYTES); | ||
if (crypto_scalarmult_curve25519_base(pk1 + i, sk1 + i) != 0) goto fail; | ||
pk1[31 + i] |= 128; | ||
if (crypto_scalarmult_curve25519_base(pk2 + i, sk2 + i) != 0) goto fail; | ||
pk2[31 + i] |= 128; | ||
if (crypto_scalarmult_curve25519(k1 + i, sk1 + i, pk2 + i) != 0) goto fail; | ||
if (crypto_scalarmult_curve25519(k2 + i, sk2 + i, pk1 + i) != 0) goto fail; | ||
for (j = 0; j < BYTES; ++j) if (k1[j + i] != k2[j + i]) goto fail; | ||
} | ||
return; | ||
|
||
fail: | ||
fail_printdata("sk1", sk1 + i, SCALARBYTES); | ||
fail_printdata("sk2", sk2 + i, SCALARBYTES); | ||
fail("crypto_scalarmult_curve25519() failure, please report it !!!!!!!!!"); | ||
} | ||
|
||
int main(void) { | ||
|
||
test_vector(); | ||
test_base(); | ||
test_scalarmult(); | ||
test_random(); | ||
_exit(0); | ||
} |
Oops, something went wrong.