first commit

Makefile

@@ -0,0 +1,4 @@
+compile: make-dq.sh
+	sh -e make-dq.sh
+clean:
+	rm -rf build

conf-cc

@@ -0,0 +1,3 @@
+gcc -O3 -fomit-frame-pointer -funroll-loops
+clang -O3 -fomit-frame-pointer -funroll-loops
+cc -O3 -fomit-frame-pointer -funroll-loops

crypto-tests/crypto_box_curve25519xsalsa20poly1305test.c

@@ -0,0 +1,93 @@
+/*
+20141017
+Jan Mojzis
+Public domain.
+*/
+
+#include "misc.h"
+#include "crypto_box_curve25519xsalsa20poly1305.h"
+
+#define SPACESIZE 5232
+
+static unsigned char m[SPACESIZE + 16];
+static unsigned char n[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES + 16];
+static unsigned char c[SPACESIZE + 16 + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES];
+static unsigned char pk[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES + 16];
+static unsigned char sk[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES + 16];
+
+static unsigned char test_pseudorandom_checksum[32] = {
+    0xb7, 0xd4, 0xf1, 0x92, 0x3d, 0x4b, 0x80, 0xf0, 
+    0xb5, 0x3c, 0xdb, 0x38, 0xdb, 0x53, 0xcf, 0xb6, 
+    0xe8, 0x3d, 0x52, 0x96, 0xb6, 0x73, 0x61, 0x07, 
+    0x95, 0x72, 0x37, 0x69, 0xad, 0xda, 0x65, 0x8b
+};
+
+
+static void zerobytes(void *yv, long long ylen) {
+
+    long long i;
+    char *y = yv;
+
+    for (i = 0; i < ylen; ++i) y[i] = 0;
+}
+
+
+static void copy(void *yv, long long ylen, const void *xv) {
+
+    long long i;
+    const char *x = xv;
+    char *y = yv;
+
+    for (i = 0; i < ylen; ++i) y[i] = x[i];
+}
+
+
+static unsigned char skdata[1080][32] = {
+#include "precomp.data"
+};
+
+static unsigned char pkdata[1080][32] = {
+#include "precomp_curve25519.data"
+};
+
+
+static void test_pseudorandom(void) {
+
+    long long i, j;
+
+    checksum_zero();
+    i = 0;
+    for (j = crypto_box_curve25519xsalsa20poly1305_ZEROBYTES; j < SPACESIZE; j += 1 + j / 16) {
+
+        pseudorandombytes(m + i, j);
+        pseudorandombytes(n + i, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES);
+        zerobytes(m + i, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES);
+
+        copy(sk + i, 32, skdata[i]);
+        copy(pk + i, 32, pkdata[i]);
+
+        crypto_box_curve25519xsalsa20poly1305(c + i, m + i, j, n, pk + i, sk + i);
+        checksum(c + i, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES);
+
+        zerobytes(c + i, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES);
+        if (crypto_box_curve25519xsalsa20poly1305_open(m + i, c + i, j, n, pk + i, sk + i) != 0) {
+            fail_printdata("m", m + i, j);
+            fail_printdata("c", c + i, j);
+            fail_printdata("pk", pk + i, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES);
+            fail_printdata("sk", sk + i, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
+            fail_printdata("n", n + i, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES);
+            fail("crypto_box_curve25519xsalsa20poly1305_open() failure");
+        }
+        ++i;
+        i %= 16;
+    }
+    fail_whenbadchecksum(test_pseudorandom_checksum);
+}
+
+
+int main(void) {
+
+    test_pseudorandom();
+
+    _exit(0);
+}

crypto-tests/crypto_hash_sha512test.c

@@ -0,0 +1,42 @@
+/*
+20141018
+Jan Mojzis
+Public domain.
+*/
+
+#include "misc.h"
+#include "crypto_hash_sha512.h"
+
+#define SPACESIZE 5232
+
+static unsigned char space[SPACESIZE + 16];
+static unsigned char buf[crypto_hash_sha512_BYTES + 16];
+
+static unsigned char test_pseudorandom_checksum[32] = {
+    0xa1, 0x57, 0x2f, 0x67, 0x19, 0xa6, 0x88, 0x2f, 
+    0x54, 0xa5, 0xa4, 0x7d, 0xe2, 0xd3, 0xa3, 0xfd, 
+    0xd1, 0x1a, 0x73, 0x58, 0x84, 0xc7, 0xb9, 0xfd, 
+    0x7f, 0xa2, 0x33, 0xbf, 0x86, 0xf7, 0x15, 0xee
+};
+
+static void test_pseudorandom(void) {
+
+    long long i, j;
+
+    checksum_zero();
+    i = 0;
+    for (j = 0; j < SPACESIZE; j += 1 + j / 16) {
+        pseudorandombytes(space + i, j);
+        crypto_hash_sha512(buf + i, space + i, j);
+        checksum(buf + i, crypto_hash_sha512_BYTES);
+        ++i;
+        i %= 16;
+    }
+    fail_whenbadchecksum(test_pseudorandom_checksum);
+}
+
+int main(void) {
+
+    test_pseudorandom();
+    _exit(0);
+}

crypto-tests/crypto_onetimeauth_poly1305test.c

@@ -0,0 +1,56 @@
+/*
+20141017
+Jan Mojzis
+Public domain.
+*/
+
+#include "misc.h"
+#include "crypto_onetimeauth_poly1305.h"
+
+#define SPACESIZE 5232
+
+static unsigned char space[SPACESIZE + 16];
+static unsigned char key[crypto_onetimeauth_poly1305_KEYBYTES + 16];
+static unsigned char buf[crypto_onetimeauth_poly1305_BYTES + 16];
+
+static unsigned char test_pseudorandom_checksum[32] = {
+    0xaf, 0xe7, 0xbb, 0x79, 0x2a, 0xe5, 0x81, 0xee, 
+    0xbc, 0x1f, 0x5b, 0x79, 0x96, 0xb7, 0x27, 0x1a, 
+    0xc2, 0x74, 0x65, 0x0e, 0x1d, 0xb5, 0xb7, 0x06, 
+    0x10, 0x42, 0x6a, 0x50, 0x57, 0x8b, 0xf1, 0xb0
+};
+
+
+static void test_pseudorandom(void) {
+
+    long long i, j;
+
+    checksum_zero();
+    i = 0;
+    for (j = 0; j < SPACESIZE; j += 1 + j / 16) {
+
+        pseudorandombytes(space + i, j);
+        pseudorandombytes(key + i, crypto_onetimeauth_poly1305_KEYBYTES);
+
+        crypto_onetimeauth_poly1305(buf + i, space + i, j, key + i);
+        checksum(buf + i, crypto_onetimeauth_poly1305_BYTES);
+
+        if (crypto_onetimeauth_poly1305_verify(buf + i, space + i, j, key + i) != 0) {
+            fail_printdata("m", space + i, j);
+            fail_printdata("key", key + i, crypto_onetimeauth_poly1305_KEYBYTES);
+            fail_printdata("a", buf + i, crypto_onetimeauth_poly1305_BYTES);
+            fail("crypto_onetimeauth_poly1305_verify() failure");
+        }
+        ++i;
+        i %= 16;
+    }
+    fail_whenbadchecksum(test_pseudorandom_checksum);
+}
+
+
+int main(void) {
+
+    test_pseudorandom();
+
+    _exit(0);
+}

crypto-tests/crypto_scalarmult_curve25519test.c

@@ -0,0 +1,134 @@
+/*
+20141017
+Jan Mojzis
+Public domain.
+*/
+
+#include "misc.h"
+#include "crypto_scalarmult_curve25519.h"
+
+#define BYTES crypto_scalarmult_curve25519_BYTES
+#define SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES
+
+static unsigned char pk[BYTES];
+
+static unsigned char S[BYTES] = { 9 };
+
+static unsigned char R[BYTES] = {
+    0xf9, 0xc3, 0xda, 0xc2, 0x10, 0x4c, 0x80, 0xb2,
+    0x52, 0xd0, 0xae, 0xec, 0x37, 0x7a, 0xfd, 0x5d,
+    0x1e, 0xf2, 0xc8, 0xc3, 0x48, 0xc2, 0x9e, 0x12,
+    0xdd, 0xb2, 0xd0, 0xc8, 0xb1, 0x98, 0xff, 0x7f
+};
+
+static unsigned char d[SCALARBYTES] = {
+    0x56, 0x2c, 0x1e, 0xb5, 0xfd, 0xb2, 0x81, 0x29,
+    0xbd, 0x37, 0x49, 0x58, 0x35, 0xd4, 0xb1, 0x30,
+    0x7d, 0xdb, 0x57, 0x38, 0x80, 0x12, 0x17, 0x42,
+    0xf7, 0x13, 0xf1, 0x05, 0x67, 0x69, 0xd5, 0xbf
+};
+
+static void test_vector(void) {
+
+    long long j;
+    unsigned char r[BYTES];
+
+    if (crypto_scalarmult_curve25519(r, d, S) != 0) fail("crypto_scalarmult_curve25519() failure");
+    for (j = 0; j < BYTES; ++j) if (r[j] != R[j]) fail("crypto_scalarmult_curve25519() failure");
+}
+
+static unsigned char skdata[1080][32] = {
+#include "precomp.data"
+};
+
+static unsigned char pkdata[1080][32] = {
+#include "precomp_curve25519.data"
+};
+
+static void test_base(void) {
+
+    long long i, j;
+
+    checksum_zero();
+    for (i = 0; i < 1080; ++i) {
+        if (crypto_scalarmult_curve25519_base(pk, skdata[i]) != 0) {
+            fail_printdata("sk", skdata[i], SCALARBYTES);
+            fail("crypto_scalarmult_curve25519_base() failure, please report it !!!!!!!!!");
+        }
+        for (j = 0; j < BYTES; ++j) if (pk[j] != pkdata[i][j]) {
+            fail_printdata("pk_computed", pk, BYTES);
+            fail_printdata("pk_expected", pkdata[i], BYTES);
+            fail_printdata("sk", skdata[i], SCALARBYTES);
+            fail("crypto_scalarmult_curve25519() failure, please report it !!!!!!!!!");
+        }
+    }
+}
+
+static const unsigned char basepoint[BYTES] = { 9 };
+
+static unsigned char test_scalarmult_checksum[32] = {
+    0xca, 0xf4, 0xa3, 0xbe, 0x00, 0x9c, 0x6f, 0x01, 
+    0xb8, 0x4e, 0xf8, 0x0d, 0x0a, 0x17, 0x16, 0x42, 
+    0xfe, 0x01, 0x59, 0x40, 0x74, 0xd4, 0xa6, 0x48, 
+    0x07, 0x94, 0x95, 0x94, 0xab, 0xa4, 0x5e, 0x6d
+};
+
+static void test_scalarmult(void) {
+
+    long long i, j;
+    unsigned char outpk[BYTES];
+
+    for (i = 0; i < BYTES; ++i) pk[i] = basepoint[i];
+
+    checksum_zero();
+    for (i = 0; i < 1080; ++i) {
+        pk[31] |= 128;
+        if (crypto_scalarmult_curve25519(outpk, skdata[i], pk) != 0) {
+            fail_printdata("pk", pk, BYTES);
+            fail_printdata("sk", skdata[i], SCALARBYTES);
+            fail("crypto_scalarmult_curve25519() failure, please report it !!!!!!!!!");
+        }
+        checksum(outpk, BYTES);
+        for (j = 0; j < BYTES; ++j) pk[j] = outpk[j];
+    }
+    fail_whenbadchecksum(test_scalarmult_checksum);
+}
+
+static void test_random(void) {
+
+    long long i, j;
+    unsigned char sk1[SCALARBYTES + 16];
+    unsigned char pk1[BYTES + 16];
+    unsigned char k1[BYTES + 16];
+    unsigned char sk2[SCALARBYTES + 16];
+    unsigned char pk2[BYTES + 16];
+    unsigned char k2[BYTES + 16];
+
+
+    for (i = 0; i < 16; ++i) {
+        unsaferandombytes(sk1 + i, SCALARBYTES);
+        unsaferandombytes(sk2 + i, SCALARBYTES);
+        if (crypto_scalarmult_curve25519_base(pk1 + i, sk1 + i) != 0) goto fail;
+        pk1[31 + i] |= 128;
+        if (crypto_scalarmult_curve25519_base(pk2 + i, sk2 + i) != 0) goto fail;
+        pk2[31 + i] |= 128;
+        if (crypto_scalarmult_curve25519(k1 + i, sk1 + i, pk2 + i) != 0) goto fail;
+        if (crypto_scalarmult_curve25519(k2 + i, sk2 + i, pk1 + i) != 0) goto fail;
+        for (j = 0; j < BYTES; ++j) if (k1[j + i] != k2[j + i]) goto fail;
+    }
+    return;
+
+fail:
+    fail_printdata("sk1", sk1 + i, SCALARBYTES);
+    fail_printdata("sk2", sk2 + i, SCALARBYTES);
+    fail("crypto_scalarmult_curve25519() failure, please report it !!!!!!!!!");
+}
+
+int main(void) {
+
+    test_vector();
+    test_base();
+    test_scalarmult();
+    test_random();
+    _exit(0);
+}