static int _crypto_scalarmult_ed25519(unsigned char *q, const unsigned char *n, const unsigned char *p, const int clamp) { unsigned char *t = q; ge25519_p3 Q; ge25519_p3 P; unsigned int i; if (ge25519_is_canonical(p) == 0 || ge25519_has_small_order(p) != 0 || ge25519_frombytes(&P, p) != 0 || ge25519_is_on_main_subgroup(&P) == 0) { return -1; } for (i = 0; i < 32; ++i) { t[i] = n[i]; } if (clamp != 0) { _crypto_scalarmult_ed25519_clamp(t); } ge25519_scalarmult(&Q, t, &P); ge25519_p3_tobytes(q, &Q); if (_crypto_scalarmult_ed25519_is_inf(q) != 0 || sodium_is_zero(n, 32)) { return -1; } return 0; }
static int _crypto_scalarmult_ed25519_base(unsigned char *q, const unsigned char *n, const int clamp) { unsigned char *t = q; ge25519_p3 Q; unsigned int i; for (i = 0; i < 32; ++i) { t[i] = n[i]; } if (clamp != 0) { _crypto_scalarmult_ed25519_clamp(t); } ge25519_scalarmult_base(&Q, t); ge25519_p3_tobytes(q, &Q); if (_crypto_scalarmult_ed25519_is_inf(q) != 0 || sodium_is_zero(n, 32)) { return -1; } return 0; }
static void tv_stream_xchacha20(void) { static const XChaCha20TV tvs[] = { { "79c99798ac67300bbb2704c95c341e3245f3dcb21761b98e52ff45b24f304fc4", "b33ffd3096479bcfbc9aee49417688a0a2554f8d95389419", "c6e9758160083ac604ef90e712ce6e75d7797590744e0cf060f013739c" }, { "ddf7784fee099612c40700862189d0397fcc4cc4b3cc02b5456b3a97d1186173", "a9a04491e7bf00c3ca91ac7c2d38a777d88993a7047dfcc4", "2f289d371f6f0abc3cb60d11d9b7b29adf6bc5ad843e8493e928448d" }, { "3d12800e7b014e88d68a73f0a95b04b435719936feba60473f02a9e61ae60682", "56bed2599eac99fb27ebf4ffcb770a64772dec4d5849ea2d", "a2c3c1406f33c054a92760a8e0666b84f84fa3a618f0" }, { "5f5763ff9a30c95da5c9f2a8dfd7cc6efd9dfb431812c075aa3e4f32e04f53e4", "a5fa890efa3b9a034d377926ce0e08ee6d7faccaee41b771", "8a1a5ba898bdbcff602b1036e469a18a5e45789d0e8d9837d81a2388a52b0b6a0f51891528f424c4a7f492a8dd7bce8bac19fbdbe1fb379ac0" }, { "eadc0e27f77113b5241f8ca9d6f9a5e7f09eee68d8a5cf30700563bf01060b4e", "a171a4ef3fde7c4794c5b86170dc5a099b478f1b852f7b64", "23839f61795c3cdbcee2c749a92543baeeea3cbb721402aa42e6cae140447575f2916c5d71108e3b13357eaf86f060cb" }, { "91319c9545c7c804ba6b712e22294c386fe31c4ff3d278827637b959d3dbaab2", "410e854b2a911f174aaf1a56540fc3855851f41c65967a4e", "cbe7d24177119b7fdfa8b06ee04dade4256ba7d35ffda6b89f014e479faef6" }, { "6a6d3f412fc86c4450fc31f89f64ed46baa3256ffcf8616e8c23a06c422842b6", "6b7773fce3c2546a5db4829f53a9165f41b08faae2fb72d5", "8b23e35b3cdd5f3f75525fc37960ec2b68918e8c046d8a832b9838f1546be662e54feb1203e2" }, { "d45e56368ebc7ba9be7c55cfd2da0feb633c1d86cab67cd5627514fd20c2b391", "fd37da2db31e0c738754463edadc7dafb0833bd45da497fc", "47950efa8217e3dec437454bd6b6a80a287e2570f0a48b3fa1ea3eb868be3d486f6516606d85e5643becc473b370871ab9ef8e2a728f73b92bd98e6e26ea7c8ff96ec5a9e8de95e1eee9300c" }, { "aface41a64a9a40cbc604d42bd363523bd762eb717f3e08fe2e0b4611eb4dcf3", "6906e0383b895ab9f1cf3803f42f27c79ad47b681c552c63", "a5fa7c0190792ee17675d52ad7570f1fb0892239c76d6e802c26b5b3544d13151e67513b8aaa1ac5af2d7fd0d5e4216964324838" }, { "9d23bd4149cb979ccf3c5c94dd217e9808cb0e50cd0f67812235eaaf601d6232", "c047548266b7c370d33566a2425cbf30d82d1eaf5294109e", "a21209096594de8c5667b1d13ad93f744106d054df210e4782cd396fec692d3515a20bf351eec011a92c367888bc464c32f0807acd6c203a247e0db854148468e9f96bee4cf718d68d5f637cbd5a376457788e6fae90fc31097cfc" }, }; const XChaCha20TV *tv; char *hex; unsigned char *key; unsigned char *nonce; unsigned char *out; unsigned char *out2; size_t out_len; int i; key = (unsigned char *) sodium_malloc(crypto_stream_xchacha20_KEYBYTES); nonce = (unsigned char *) sodium_malloc(crypto_stream_xchacha20_NONCEBYTES); out = (unsigned char *) sodium_malloc(XCHACHA20_OUT_MAX); for (i = 0; i < (sizeof tvs) / (sizeof tvs[0]); i++) { tv = &tvs[i]; sodium_hex2bin(key, crypto_stream_xchacha20_KEYBYTES, tv->key, strlen(tv->key), NULL, NULL, NULL); sodium_hex2bin(nonce, crypto_stream_xchacha20_NONCEBYTES, tv->nonce, strlen(tv->nonce), NULL, NULL, NULL); sodium_hex2bin(out, XCHACHA20_OUT_MAX, tv->out, strlen(tv->out), NULL, &out_len, NULL); out2 = (unsigned char *) sodium_malloc(out_len); crypto_stream_xchacha20(out2, out_len, nonce, key); assert(memcmp(out, out2, out_len) == 0); crypto_stream_xchacha20_xor(out2, out, out_len, nonce, key); assert(sodium_is_zero(out2, out_len)); crypto_stream_xchacha20_xor_ic(out2, out, out_len, nonce, 0, key); assert(sodium_is_zero(out2, out_len)); crypto_stream_xchacha20_xor_ic(out2, out, out_len, nonce, 1, key); assert(!sodium_is_zero(out2, out_len)); crypto_stream_xchacha20_xor(out, out, out_len, nonce, key); assert(sodium_is_zero(out, out_len)); sodium_free(out2); } out2 = (unsigned char *) sodium_malloc(0); crypto_stream_xchacha20(out2, 0, nonce, key); crypto_stream_xchacha20_xor(out2, out2, 0, nonce, key); crypto_stream_xchacha20_xor_ic(out2, out2, 0, nonce, 1, key); sodium_free(out2); sodium_free(out); out = (unsigned char *) sodium_malloc(64); out2 = (unsigned char *) sodium_malloc(128); randombytes_buf(out, 64); randombytes_buf(out2, 64); memcpy(out2 + 64, out, 64); crypto_stream_xchacha20_xor_ic(out, out, 64, nonce, 1, key); crypto_stream_xchacha20_xor(out2, out2, 128, nonce, key); assert(memcmp(out, out2 + 64, 64) == 0); sodium_free(out); sodium_free(out2); out = (unsigned char *) sodium_malloc(192); out2 = (unsigned char *) sodium_malloc(192); memset(out, 0, 192); memset(out2, 0, 192); crypto_stream_xchacha20_xor_ic(out2, out2, 192, nonce, (1ULL << 32) - 1ULL, key); crypto_stream_xchacha20_xor_ic(out, out, 64, nonce, (1ULL << 32) - 1ULL, key); crypto_stream_xchacha20_xor_ic(out + 64, out + 64, 64, nonce, (1ULL << 32), key); crypto_stream_xchacha20_xor_ic(out + 128, out + 128, 64, nonce, (1ULL << 32) + 1, key); assert(memcmp(out, out2, 192) == 0); hex = (char *) sodium_malloc(192 * 2 + 1); sodium_bin2hex(hex, 192 * 2 + 1, out, 192); printf("%s\n", hex); sodium_free(hex); sodium_free(out); sodium_free(out2); sodium_free(nonce); sodium_free(key); assert(crypto_stream_xchacha20_keybytes() == crypto_stream_xchacha20_KEYBYTES); assert(crypto_stream_xchacha20_noncebytes() == crypto_stream_xchacha20_NONCEBYTES); printf("tv_stream_xchacha20: ok\n"); }
//DNSCurve initialization void DNSCurveInit( void) { //DNSCurve signature request TCP Mode if (DNSCurveParameter.DNSCurveProtocol_Transport == REQUEST_MODE_TRANSPORT::FORCE_TCP || DNSCurveParameter.DNSCurveProtocol_Transport == REQUEST_MODE_TRANSPORT::TCP) { //IPv6 Main if (DNSCurveParameter.DNSCurve_Target_Server_Main_IPv6.AddressData.Storage.ss_family != 0 && (DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::BOTH || //Auto select DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::IPV6) && //IPv6 ((!DNSCurveParameter.IsClientEphemeralKey && sodium_is_zero(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv6.PrecomputationKey, crypto_box_BEFORENMBYTES) != 0) || (DNSCurveParameter.IsClientEphemeralKey && CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv6.ServerFingerprint, crypto_box_PUBLICKEYBYTES)) || CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv6.SendMagicNumber, DNSCURVE_MAGIC_QUERY_LEN))) { std::thread Thread_DNSCurve_SignatureRequest_TCP(std::bind(DNSCurve_SignatureRequest_TCP, static_cast<const uint16_t>(AF_INET6), false)); Thread_DNSCurve_SignatureRequest_TCP.detach(); } //IPv4 Main if (DNSCurveParameter.DNSCurve_Target_Server_Main_IPv4.AddressData.Storage.ss_family != 0 && (DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::BOTH || //Auto select DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::IPV4) && //IPv4 ((!DNSCurveParameter.IsClientEphemeralKey && sodium_is_zero(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv4.PrecomputationKey, crypto_box_BEFORENMBYTES) != 0) || (DNSCurveParameter.IsClientEphemeralKey && CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv4.ServerFingerprint, crypto_box_PUBLICKEYBYTES)) || CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv4.SendMagicNumber, DNSCURVE_MAGIC_QUERY_LEN))) { std::thread Thread_DNSCurve_SignatureRequest_TCP(std::bind(DNSCurve_SignatureRequest_TCP, static_cast<const uint16_t>(AF_INET), false)); Thread_DNSCurve_SignatureRequest_TCP.detach(); } //IPv6 Alternate if (DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv6.AddressData.Storage.ss_family != 0 && (DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::BOTH || //Auto select DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::IPV6) && //IPv6 ((!DNSCurveParameter.IsClientEphemeralKey && sodium_is_zero(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv6.PrecomputationKey, crypto_box_BEFORENMBYTES) != 0) || (DNSCurveParameter.IsClientEphemeralKey && CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv6.ServerFingerprint, crypto_box_PUBLICKEYBYTES)) || CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv6.SendMagicNumber, DNSCURVE_MAGIC_QUERY_LEN))) { std::thread Thread_DNSCurve_SignatureRequest_TCP(std::bind(DNSCurve_SignatureRequest_TCP, static_cast<const uint16_t>(AF_INET6), true)); Thread_DNSCurve_SignatureRequest_TCP.detach(); } //IPv4 Alternate if (DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv4.AddressData.Storage.ss_family != 0 && (DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::BOTH || //Auto select DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::IPV4) && //IPv4 ((!DNSCurveParameter.IsClientEphemeralKey && sodium_is_zero(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv4.PrecomputationKey, crypto_box_BEFORENMBYTES) != 0) || (DNSCurveParameter.IsClientEphemeralKey && CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv4.ServerFingerprint, crypto_box_PUBLICKEYBYTES)) || CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv4.SendMagicNumber, DNSCURVE_MAGIC_QUERY_LEN))) { std::thread Thread_DNSCurve_SignatureRequest_TCP(std::bind(DNSCurve_SignatureRequest_TCP, static_cast<const uint16_t>(AF_INET), true)); Thread_DNSCurve_SignatureRequest_TCP.detach(); } } //Force protocol(TCP). if (DNSCurveParameter.DNSCurveProtocol_Transport == REQUEST_MODE_TRANSPORT::FORCE_TCP) return; //DNSCurve signature request UDP Mode //IPv6 Main if (DNSCurveParameter.DNSCurve_Target_Server_Main_IPv6.AddressData.Storage.ss_family != 0 && (DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::BOTH || //Auto select DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::IPV6) && //IPv6 ((!DNSCurveParameter.IsClientEphemeralKey && sodium_is_zero(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv6.PrecomputationKey, crypto_box_BEFORENMBYTES) != 0) || (DNSCurveParameter.IsClientEphemeralKey && CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv6.ServerFingerprint, crypto_box_PUBLICKEYBYTES)) || CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv6.SendMagicNumber, DNSCURVE_MAGIC_QUERY_LEN))) { std::thread Thread_DNSCurve_SignatureRequest_UDP(std::bind(DNSCurve_SignatureRequest_UDP, static_cast<const uint16_t>(AF_INET6), false)); Thread_DNSCurve_SignatureRequest_UDP.detach(); } //IPv4 Main if (DNSCurveParameter.DNSCurve_Target_Server_Main_IPv4.AddressData.Storage.ss_family != 0 && (DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::BOTH || //IPv4 DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::IPV4) && //Auto select ((!DNSCurveParameter.IsClientEphemeralKey && sodium_is_zero(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv4.PrecomputationKey, crypto_box_BEFORENMBYTES) != 0) || (DNSCurveParameter.IsClientEphemeralKey && CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv4.ServerFingerprint, crypto_box_PUBLICKEYBYTES)) || CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Main_IPv4.SendMagicNumber, DNSCURVE_MAGIC_QUERY_LEN))) { std::thread Thread_DNSCurve_SignatureRequest_UDP(std::bind(DNSCurve_SignatureRequest_UDP, static_cast<const uint16_t>(AF_INET), false)); Thread_DNSCurve_SignatureRequest_UDP.detach(); } //IPv6 Alternate if (DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv6.AddressData.Storage.ss_family != 0 && (DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::BOTH || //Auto select DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::IPV6) && //IPv6 ((!DNSCurveParameter.IsClientEphemeralKey && sodium_is_zero(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv6.PrecomputationKey, crypto_box_BEFORENMBYTES) != 0) || (DNSCurveParameter.IsClientEphemeralKey && CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv6.ServerFingerprint, crypto_box_PUBLICKEYBYTES)) || CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv6.SendMagicNumber, DNSCURVE_MAGIC_QUERY_LEN))) { std::thread Thread_DNSCurve_SignatureRequest_UDP(std::bind(DNSCurve_SignatureRequest_UDP, static_cast<const uint16_t>(AF_INET6), true)); Thread_DNSCurve_SignatureRequest_UDP.detach(); } //IPv4 Alternate if (DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv4.AddressData.Storage.ss_family != 0 && (DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::BOTH || //Auto select DNSCurveParameter.DNSCurveProtocol_Network == REQUEST_MODE_NETWORK::IPV4) && //IPv4 ((!DNSCurveParameter.IsClientEphemeralKey && sodium_is_zero(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv4.PrecomputationKey, crypto_box_BEFORENMBYTES) != 0) || (DNSCurveParameter.IsClientEphemeralKey && CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv4.ServerFingerprint, crypto_box_PUBLICKEYBYTES)) || CheckEmptyBuffer(DNSCurveParameter.DNSCurve_Target_Server_Alternate_IPv4.SendMagicNumber, DNSCURVE_MAGIC_QUERY_LEN))) { std::thread Thread_DNSCurve_SignatureRequest_UDP(std::bind(DNSCurve_SignatureRequest_UDP, static_cast<const uint16_t>(AF_INET), true)); Thread_DNSCurve_SignatureRequest_UDP.detach(); } return; }
static void str_tests(void) { char *str_out; char *str_out2; char *salt; const char *passwd = "Correct Horse Battery Staple"; salt = (char *) sodium_malloc(crypto_pwhash_SALTBYTES); str_out = (char *) sodium_malloc(crypto_pwhash_STRBYTES); str_out2 = (char *) sodium_malloc(crypto_pwhash_STRBYTES); memcpy(salt, ">A 16-bytes salt", crypto_pwhash_SALTBYTES); if (crypto_pwhash_argon2i_str(str_out, passwd, strlen(passwd), OPSLIMIT, MEMLIMIT) != 0) { printf("pwhash_argon2i_str failure\n"); } if (crypto_pwhash_argon2i_str(str_out2, passwd, strlen(passwd), OPSLIMIT, MEMLIMIT) != 0) { printf("pwhash_argon2i_str(2) failure\n"); } if (strcmp(str_out, str_out2) == 0) { printf("pwhash_argon2i_str() doesn't generate different salts\n"); } if (crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) != 0) { printf("needs_rehash() false positive\n"); } if (crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) != 1 || crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT / 2, MEMLIMIT) != 1 || crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT * 2) != 1 || crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT * 2, MEMLIMIT) != 1) { printf("needs_rehash() false negative\n"); } if (crypto_pwhash_argon2i_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) != -1) { printf("needs_rehash() didn't fail with an invalid hash string\n"); } if (sodium_is_zero((const unsigned char *) str_out + strlen(str_out), crypto_pwhash_STRBYTES - strlen(str_out)) != 1 || sodium_is_zero((const unsigned char *) str_out2 + strlen(str_out2), crypto_pwhash_STRBYTES - strlen(str_out2)) != 1) { printf("pwhash_str() doesn't properly pad with zeros\n"); } if (crypto_pwhash_argon2i_str_verify(str_out, passwd, strlen(passwd)) != 0) { printf("pwhash_str_verify(1) failure\n"); } str_out[14]++; if (crypto_pwhash_argon2i_str_verify(str_out, passwd, strlen(passwd)) != -1) { printf("pwhash_str_verify(2) failure\n"); } str_out[14]--; assert(str_out[crypto_pwhash_STRBYTES - 1U] == 0); if (crypto_pwhash_argon2i_str(str_out2, passwd, 0x100000000ULL, OPSLIMIT, MEMLIMIT) != -1) { printf("pwhash_str() with a large password should have failed\n"); } if (crypto_pwhash_argon2i_str(str_out2, passwd, strlen(passwd), 1, MEMLIMIT) != -1) { printf("pwhash_str() with a small opslimit should have failed\n"); } if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ" "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", "password", 0x100000000ULL) != -1) { printf("pwhash_str_verify(invalid(0)) failure\n"); } if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1c29tZXNhbHQ" "$9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", "password", strlen("password")) != -1) { printf("pwhash_str_verify(invalid(1)) failure %d\n", errno); } if (crypto_pwhash_argon2i_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ" "9sTbSlTio3Biev89thdrlKKiCaYsjjYVJxGAL3swxpQ", "password", strlen("password")) != -1) { printf("pwhash_str_verify(invalid(2)) failure\n"); } if (crypto_pwhash_str_verify("$argon2i$m=65536,t=2,p=1$c29tZXNhbHQ" "$b2G3seW+uPzerwQQC+/E1K50CLLO7YXy0JRcaTuswRo", "password", strlen("password")) != -1) { printf("pwhash_str_verify(invalid(3)) failure\n"); } if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1c29tZXNhbHQ" "$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA", "password", strlen("password")) != -1) { printf("pwhash_str_verify(invalid(4)) failure\n"); } if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ" "wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA", "password", strlen("password")) != -1) { printf("pwhash_str_verify(invalid(5)) failure\n"); } if (crypto_pwhash_str_verify("$argon2i$v=19$m=65536,t=2,p=1$c29tZXNhbHQ" "$8iIuixkI73Js3G1uMbezQXD0b8LG4SXGsOwoQkdAQIM", "password", strlen("password")) != -1) { printf("pwhash_str_verify(invalid(6)) failure\n"); } if (crypto_pwhash_str_verify( "$argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw" "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M", "password", strlen("password")) != 0) { printf("pwhash_str_verify(valid(7)) failure\n"); } if (crypto_pwhash_str_verify( "$argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw" "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M", "passwore", strlen("passwore")) != -1 || errno != EINVAL) { printf("pwhash_str_verify(invalid(7)) failure\n"); } if (crypto_pwhash_str_verify( "$Argon2i$v=19$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw" "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M", "password", strlen("password")) != -1 || errno != EINVAL) { printf("pwhash_str_verify(invalid(8)) failure\n"); } if (crypto_pwhash_str_verify( "$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw" "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M", "password", strlen("password")) != -1 || errno != EINVAL) { printf("pwhash_str_verify(invalid(9)) failure\n"); } if (crypto_pwhash_str_verify( "$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVla~=mRpc29kaXNrdw" "$TNnWIwlu1061JHrnCqIAmjs3huSxYIU+0jWipu7Kc9M", "password", strlen("password")) != -1 || errno != EINVAL) { printf("pwhash_str_verify(invalid(10)) failure\n"); } if (crypto_pwhash_str_verify( "$argon2i$v=1$m=4096,t=3,p=2$b2RpZHVlamRpc29kaXNrdw" "$TNnWIwlu1061JHrnCqIAmjs3huSxYI~=U+0jWipu7Kc9M", "password", strlen("password")) != -1 || errno != EINVAL) { printf("pwhash_str_verify(invalid(11)) failure\n"); } assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT, crypto_pwhash_ALG_ARGON2I13) == 0); assert(crypto_pwhash_argon2i_str_verify(str_out, "test", 4) == 0); assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) == 0); assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT / 2, MEMLIMIT) == 1); assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) == 1); assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == 1); assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == -1); assert(crypto_pwhash_argon2i_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) == -1); assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == -1); assert(crypto_pwhash_argon2id_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1); assert(crypto_pwhash_str_alg(str_out, "test", 4, OPSLIMIT, MEMLIMIT, crypto_pwhash_ALG_ARGON2ID13) == 0); assert(crypto_pwhash_argon2id_str_verify(str_out, "test", 4) == 0); assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT) == 0); assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT / 2, MEMLIMIT) == 1); assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, OPSLIMIT, MEMLIMIT / 2) == 1); assert(crypto_pwhash_argon2id_str_needs_rehash(str_out, 0, 0) == 1); assert(crypto_pwhash_argon2i_str_needs_rehash(str_out, 0, 0) == -1); assert(crypto_pwhash_argon2id_str_needs_rehash("", OPSLIMIT, MEMLIMIT) == -1); assert(crypto_pwhash_argon2id_str_needs_rehash(str_out + 1, OPSLIMIT, MEMLIMIT) == -1); sodium_free(salt); sodium_free(str_out); sodium_free(str_out2); }
int main(void) { unsigned char buf1[1000]; unsigned char buf2[1000]; unsigned char buf1_rev[1000]; unsigned char buf2_rev[1000]; char buf3[33]; unsigned char buf4[4]; unsigned char nonce[24]; char nonce_hex[49]; const char *hex; const char *hex_end; size_t bin_len; unsigned int i; unsigned int j; randombytes_buf(buf1, sizeof buf1); memcpy(buf2, buf1, sizeof buf2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); sodium_memzero(buf1, 0U); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); sodium_memzero(buf1, sizeof buf1 / 2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); printf("%d\n", sodium_memcmp(buf1, buf2, 0U)); sodium_memzero(buf2, sizeof buf2 / 2); printf("%d\n", sodium_memcmp(buf1, buf2, sizeof buf1)); printf("%s\n", sodium_bin2hex(buf3, 33U, (const unsigned char *)"0123456789ABCDEF", 16U)); hex = "Cafe : 6942"; sodium_hex2bin(buf4, sizeof buf4, hex, strlen(hex), ": ", &bin_len, &hex_end); printf("%lu:%02x%02x%02x%02x\n", (unsigned long)bin_len, buf4[0], buf4[1], buf4[2], buf4[3]); printf("dt1: %ld\n", (long) (hex_end - hex)); hex = "Cafe : 6942"; sodium_hex2bin(buf4, sizeof buf4, hex, strlen(hex), ": ", &bin_len, NULL); printf("%lu:%02x%02x%02x%02x\n", (unsigned long)bin_len, buf4[2], buf4[3], buf4[2], buf4[3]); hex = "deadbeef"; if (sodium_hex2bin(buf1, 1U, hex, 8U, NULL, &bin_len, &hex_end) != -1) { printf("sodium_hex2bin() overflow not detected\n"); } printf("dt2: %ld\n", (long) (hex_end - hex)); hex = "de:ad:be:eff"; if (sodium_hex2bin(buf1, 4U, hex, 12U, ":", &bin_len, &hex_end) != -1) { printf("sodium_hex2bin() with an odd input length and a short output buffer\n"); } printf("dt3: %ld\n", (long) (hex_end - hex)); hex = "de:ad:be:eff"; if (sodium_hex2bin(buf1, sizeof buf1, hex, 12U, ":", &bin_len, &hex_end) != 0) { printf("sodium_hex2bin() with an odd input length\n"); } printf("dt4: %ld\n", (long) (hex_end - hex)); hex = "de:ad:be:eff"; if (sodium_hex2bin(buf1, sizeof buf1, hex, 13U, ":", &bin_len, &hex_end) != 0) { printf("sodium_hex2bin() with an odd input length\n"); } printf("dt5: %ld\n", (long) (hex_end - hex)); memset(nonce, 0, sizeof nonce); sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); memset(nonce, 255, sizeof nonce); sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); nonce[1] = 1U; sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); nonce[1] = 0U; sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); nonce[0] = 255U; nonce[2] = 255U; sodium_increment(nonce, sizeof nonce); printf("%s\n", sodium_bin2hex(nonce_hex, sizeof nonce_hex, nonce, sizeof nonce)); for (i = 0U; i < 1000U; i++) { bin_len = (size_t) randombytes_uniform(sizeof buf1); randombytes_buf(buf1, bin_len); randombytes_buf(buf2, bin_len); for (j = 0U; j < bin_len; j++) { buf1_rev[bin_len - 1 - j] = buf1[j]; buf2_rev[bin_len - 1 - j] = buf2[j]; } if (memcmp(buf1_rev, buf2_rev, bin_len) * sodium_compare(buf1, buf2, bin_len) < 0) { printf("sodium_compare() failure with length=%u\n", (unsigned int) bin_len); } memcpy(buf1, buf2, bin_len); if (sodium_compare(buf1, buf2, bin_len)) { printf("sodium_compare() equality failure with length=%u\n", (unsigned int) bin_len); } } memset(buf1, 0, sizeof buf1); if (sodium_is_zero(buf1, sizeof buf1) != 1) { printf("sodium_is_zero() failed\n"); } buf1[randombytes_uniform(sizeof buf1)]++; if (sodium_is_zero(buf1, sizeof buf1) != 0) { printf("sodium_is_zero() failed\n"); } return 0; }