2 * crypto_box/try.c version 20090118
7 #include "crypto_box.h"
8 #include "windows/windows-quirks.h"
10 extern unsigned char *alignedcalloc(unsigned long long);
12 const char *primitiveimplementation
= crypto_box_IMPLEMENTATION
;
14 #define MAXTEST_BYTES 10000
15 #define CHECKSUM_BYTES 4096
16 #define TUNE_BYTES 1536
18 static unsigned char *ska
;
19 static unsigned char *pka
;
20 static unsigned char *skb
;
21 static unsigned char *pkb
;
22 static unsigned char *s
;
23 static unsigned char *n
;
24 static unsigned char *m
;
25 static unsigned char *c
;
26 static unsigned char *t
;
27 static unsigned char *ska2
;
28 static unsigned char *pka2
;
29 static unsigned char *skb2
;
30 static unsigned char *pkb2
;
31 static unsigned char *s2
;
32 static unsigned char *n2
;
33 static unsigned char *m2
;
34 static unsigned char *c2
;
35 static unsigned char *t2
;
37 #define sklen crypto_box_SECRETKEYBYTES
38 #define pklen crypto_box_PUBLICKEYBYTES
39 #define nlen crypto_box_NONCEBYTES
40 #define slen crypto_box_BEFORENMBYTES
42 void preallocate(void)
48 ska
= alignedcalloc(sklen
);
49 pka
= alignedcalloc(pklen
);
50 skb
= alignedcalloc(sklen
);
51 pkb
= alignedcalloc(pklen
);
52 n
= alignedcalloc(nlen
);
53 m
= alignedcalloc(MAXTEST_BYTES
+ crypto_box_ZEROBYTES
);
54 c
= alignedcalloc(MAXTEST_BYTES
+ crypto_box_ZEROBYTES
);
55 t
= alignedcalloc(MAXTEST_BYTES
+ crypto_box_ZEROBYTES
);
56 s
= alignedcalloc(slen
);
57 ska2
= alignedcalloc(sklen
);
58 pka2
= alignedcalloc(pklen
);
59 skb2
= alignedcalloc(sklen
);
60 pkb2
= alignedcalloc(pklen
);
61 n2
= alignedcalloc(nlen
);
62 m2
= alignedcalloc(MAXTEST_BYTES
+ crypto_box_ZEROBYTES
);
63 c2
= alignedcalloc(MAXTEST_BYTES
+ crypto_box_ZEROBYTES
);
64 t2
= alignedcalloc(MAXTEST_BYTES
+ crypto_box_ZEROBYTES
);
65 s2
= alignedcalloc(slen
);
74 crypto_box(c
,m
,TUNE_BYTES
+ crypto_box_ZEROBYTES
,n
,pka
,skb
);
75 crypto_box_open(t
,c
,TUNE_BYTES
+ crypto_box_ZEROBYTES
,n
,pkb
,ska
);
78 char checksum
[nlen
* 2 + 1];
80 const char *checksum_compute(void)
85 if (crypto_box_keypair(pka
,ska
) != 0) return "crypto_box_keypair returns nonzero";
86 if (crypto_box_keypair(pkb
,skb
) != 0) return "crypto_box_keypair returns nonzero";
88 for (j
= 0;j
< crypto_box_ZEROBYTES
;++j
) m
[j
] = 0;
90 for (i
= 0;i
< CHECKSUM_BYTES
;++i
) {
91 long long mlen
= i
+ crypto_box_ZEROBYTES
;
92 long long tlen
= i
+ crypto_box_ZEROBYTES
;
93 long long clen
= i
+ crypto_box_ZEROBYTES
;
95 for (j
= -16;j
< 0;++j
) ska
[j
] = random();
96 for (j
= -16;j
< 0;++j
) skb
[j
] = random();
97 for (j
= -16;j
< 0;++j
) pka
[j
] = random();
98 for (j
= -16;j
< 0;++j
) pkb
[j
] = random();
99 for (j
= -16;j
< 0;++j
) m
[j
] = random();
100 for (j
= -16;j
< 0;++j
) n
[j
] = random();
102 for (j
= sklen
;j
< sklen
+ 16;++j
) ska
[j
] = random();
103 for (j
= sklen
;j
< sklen
+ 16;++j
) skb
[j
] = random();
104 for (j
= pklen
;j
< pklen
+ 16;++j
) pka
[j
] = random();
105 for (j
= pklen
;j
< pklen
+ 16;++j
) pkb
[j
] = random();
106 for (j
= mlen
;j
< mlen
+ 16;++j
) m
[j
] = random();
107 for (j
= nlen
;j
< nlen
+ 16;++j
) n
[j
] = random();
109 for (j
= -16;j
< sklen
+ 16;++j
) ska2
[j
] = ska
[j
];
110 for (j
= -16;j
< sklen
+ 16;++j
) skb2
[j
] = skb
[j
];
111 for (j
= -16;j
< pklen
+ 16;++j
) pka2
[j
] = pka
[j
];
112 for (j
= -16;j
< pklen
+ 16;++j
) pkb2
[j
] = pkb
[j
];
113 for (j
= -16;j
< mlen
+ 16;++j
) m2
[j
] = m
[j
];
114 for (j
= -16;j
< nlen
+ 16;++j
) n2
[j
] = n
[j
];
115 for (j
= -16;j
< clen
+ 16;++j
) c2
[j
] = c
[j
] = random();
117 if (crypto_box(c
,m
,mlen
,n
,pkb
,ska
) != 0) return "crypto_box returns nonzero";
119 for (j
= -16;j
< mlen
+ 16;++j
) if (m2
[j
] != m
[j
]) return "crypto_box overwrites m";
120 for (j
= -16;j
< nlen
+ 16;++j
) if (n2
[j
] != n
[j
]) return "crypto_box overwrites n";
121 for (j
= -16;j
< 0;++j
) if (c2
[j
] != c
[j
]) return "crypto_box writes before output";
122 for (j
= clen
;j
< clen
+ 16;++j
) if (c2
[j
] != c
[j
]) return "crypto_box writes after output";
123 for (j
= 0;j
< crypto_box_BOXZEROBYTES
;++j
)
124 if (c
[j
] != 0) return "crypto_box does not clear extra bytes";
126 for (j
= -16;j
< sklen
+ 16;++j
) if (ska2
[j
] != ska
[j
]) return "crypto_box overwrites ska";
127 for (j
= -16;j
< sklen
+ 16;++j
) if (skb2
[j
] != skb
[j
]) return "crypto_box overwrites skb";
128 for (j
= -16;j
< pklen
+ 16;++j
) if (pka2
[j
] != pka
[j
]) return "crypto_box overwrites pka";
129 for (j
= -16;j
< pklen
+ 16;++j
) if (pkb2
[j
] != pkb
[j
]) return "crypto_box overwrites pkb";
131 for (j
= -16;j
< 0;++j
) c
[j
] = random();
132 for (j
= clen
;j
< clen
+ 16;++j
) c
[j
] = random();
133 for (j
= -16;j
< clen
+ 16;++j
) c2
[j
] = c
[j
];
134 for (j
= -16;j
< tlen
+ 16;++j
) t2
[j
] = t
[j
] = random();
136 if (crypto_box_open(t
,c
,clen
,n
,pka
,skb
) != 0) return "crypto_box_open returns nonzero";
138 for (j
= -16;j
< clen
+ 16;++j
) if (c2
[j
] != c
[j
]) return "crypto_box_open overwrites c";
139 for (j
= -16;j
< nlen
+ 16;++j
) if (n2
[j
] != n
[j
]) return "crypto_box_open overwrites n";
140 for (j
= -16;j
< 0;++j
) if (t2
[j
] != t
[j
]) return "crypto_box_open writes before output";
141 for (j
= tlen
;j
< tlen
+ 16;++j
) if (t2
[j
] != t
[j
]) return "crypto_box_open writes after output";
142 for (j
= 0;j
< crypto_box_ZEROBYTES
;++j
)
143 if (t
[j
] != 0) return "crypto_box_open does not clear extra bytes";
145 for (j
= -16;j
< sklen
+ 16;++j
) if (ska2
[j
] != ska
[j
]) return "crypto_box_open overwrites ska";
146 for (j
= -16;j
< sklen
+ 16;++j
) if (skb2
[j
] != skb
[j
]) return "crypto_box_open overwrites skb";
147 for (j
= -16;j
< pklen
+ 16;++j
) if (pka2
[j
] != pka
[j
]) return "crypto_box_open overwrites pka";
148 for (j
= -16;j
< pklen
+ 16;++j
) if (pkb2
[j
] != pkb
[j
]) return "crypto_box_open overwrites pkb";
150 for (j
= 0;j
< mlen
;++j
) if (t
[j
] != m
[j
]) return "plaintext does not match";
152 for (j
= -16;j
< slen
+ 16;++j
) s2
[j
] = s
[j
] = random();
153 if (crypto_box_beforenm(s
,pkb
,ska
) != 0) return "crypto_box_beforenm returns nonzero";
154 for (j
= -16;j
< pklen
+ 16;++j
) if (pka2
[j
] != pka
[j
]) return "crypto_box_open overwrites pk";
155 for (j
= -16;j
< sklen
+ 16;++j
) if (skb2
[j
] != skb
[j
]) return "crypto_box_open overwrites sk";
156 for (j
= -16;j
< 0;++j
) if (s2
[j
] != s
[j
]) return "crypto_box_beforenm writes before output";
157 for (j
= slen
;j
< slen
+ 16;++j
) if (s2
[j
] != s
[j
]) return "crypto_box_beforenm writes after output";
159 for (j
= -16;j
< slen
+ 16;++j
) s2
[j
] = s
[j
];
160 for (j
= -16;j
< tlen
+ 16;++j
) t2
[j
] = t
[j
] = random();
161 if (crypto_box_afternm(t
,m
,mlen
,n
,s
) != 0) return "crypto_box_afternm returns nonzero";
162 for (j
= -16;j
< slen
+ 16;++j
) if (s2
[j
] != s
[j
]) return "crypto_box_afternm overwrites s";
163 for (j
= -16;j
< mlen
+ 16;++j
) if (m2
[j
] != m
[j
]) return "crypto_box_afternm overwrites m";
164 for (j
= -16;j
< nlen
+ 16;++j
) if (n2
[j
] != n
[j
]) return "crypto_box_afternm overwrites n";
165 for (j
= -16;j
< 0;++j
) if (t2
[j
] != t
[j
]) return "crypto_box_afternm writes before output";
166 for (j
= tlen
;j
< tlen
+ 16;++j
) if (t2
[j
] != t
[j
]) return "crypto_box_afternm writes after output";
167 for (j
= 0;j
< crypto_box_BOXZEROBYTES
;++j
)
168 if (t
[j
] != 0) return "crypto_box_afternm does not clear extra bytes";
169 for (j
= 0;j
< mlen
;++j
) if (t
[j
] != c
[j
]) return "crypto_box_afternm does not match crypto_box";
171 if (crypto_box_beforenm(s
,pka
,skb
) != 0) return "crypto_box_beforenm returns nonzero";
173 for (j
= -16;j
< tlen
+ 16;++j
) t2
[j
] = t
[j
] = random();
174 if (crypto_box_open_afternm(t
,c
,clen
,n
,s
) != 0) return "crypto_box_open_afternm returns nonzero";
175 for (j
= -16;j
< slen
+ 16;++j
) if (s2
[j
] != s
[j
]) return "crypto_box_open_afternm overwrites s";
176 for (j
= -16;j
< mlen
+ 16;++j
) if (m2
[j
] != m
[j
]) return "crypto_box_open_afternm overwrites m";
177 for (j
= -16;j
< nlen
+ 16;++j
) if (n2
[j
] != n
[j
]) return "crypto_box_open_afternm overwrites n";
178 for (j
= -16;j
< 0;++j
) if (t2
[j
] != t
[j
]) return "crypto_box_open_afternm writes before output";
179 for (j
= tlen
;j
< tlen
+ 16;++j
) if (t2
[j
] != t
[j
]) return "crypto_box_open_afternm writes after output";
180 for (j
= 0;j
< crypto_box_ZEROBYTES
;++j
)
181 if (t
[j
] != 0) return "crypto_box_open_afternm does not clear extra bytes";
182 for (j
= 0;j
< mlen
;++j
) if (t
[j
] != m
[j
]) return "crypto_box_open_afternm does not match crypto_box_open";
184 for (j
= 0;j
< i
;++j
) n
[j
% nlen
] ^= c
[j
+ crypto_box_BOXZEROBYTES
];
185 if (i
== 0) m
[crypto_box_ZEROBYTES
] = 0;
186 m
[i
+ crypto_box_ZEROBYTES
] = m
[crypto_box_ZEROBYTES
];
187 for (j
= 0;j
< i
;++j
) m
[j
+ crypto_box_ZEROBYTES
] ^= c
[j
+ crypto_box_BOXZEROBYTES
];
190 for (i
= 0;i
< nlen
;++i
) {
191 checksum
[2 * i
] = "0123456789abcdef"[15 & (n
[i
] >> 4)];
192 checksum
[2 * i
+ 1] = "0123456789abcdef"[15 & n
[i
]];