diff options
Diffstat (limited to 'nacl/crypto_scalarmult/try.c')
-rw-r--r-- | nacl/crypto_scalarmult/try.c | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/nacl/crypto_scalarmult/try.c b/nacl/crypto_scalarmult/try.c new file mode 100644 index 00000000..560ce493 --- /dev/null +++ b/nacl/crypto_scalarmult/try.c | |||
@@ -0,0 +1,126 @@ | |||
1 | /* | ||
2 | * crypto_scalarmult/try.c version 20090118 | ||
3 | * D. J. Bernstein | ||
4 | * Public domain. | ||
5 | */ | ||
6 | |||
7 | #include <stdlib.h> | ||
8 | #include "crypto_scalarmult.h" | ||
9 | |||
10 | extern unsigned char *alignedcalloc(unsigned long long); | ||
11 | |||
12 | const char *primitiveimplementation = crypto_scalarmult_IMPLEMENTATION; | ||
13 | |||
14 | #define mlen crypto_scalarmult_SCALARBYTES | ||
15 | #define nlen crypto_scalarmult_SCALARBYTES | ||
16 | #define plen crypto_scalarmult_BYTES | ||
17 | #define qlen crypto_scalarmult_BYTES | ||
18 | #define rlen crypto_scalarmult_BYTES | ||
19 | |||
20 | static unsigned char *m; | ||
21 | static unsigned char *n; | ||
22 | static unsigned char *p; | ||
23 | static unsigned char *q; | ||
24 | static unsigned char *r; | ||
25 | |||
26 | static unsigned char *m2; | ||
27 | static unsigned char *n2; | ||
28 | static unsigned char *p2; | ||
29 | static unsigned char *q2; | ||
30 | static unsigned char *r2; | ||
31 | |||
32 | void preallocate(void) | ||
33 | { | ||
34 | } | ||
35 | |||
36 | void allocate(void) | ||
37 | { | ||
38 | m = alignedcalloc(mlen); | ||
39 | n = alignedcalloc(nlen); | ||
40 | p = alignedcalloc(plen); | ||
41 | q = alignedcalloc(qlen); | ||
42 | r = alignedcalloc(rlen); | ||
43 | m2 = alignedcalloc(mlen + crypto_scalarmult_BYTES); | ||
44 | n2 = alignedcalloc(nlen + crypto_scalarmult_BYTES); | ||
45 | p2 = alignedcalloc(plen + crypto_scalarmult_BYTES); | ||
46 | q2 = alignedcalloc(qlen + crypto_scalarmult_BYTES); | ||
47 | r2 = alignedcalloc(rlen + crypto_scalarmult_BYTES); | ||
48 | } | ||
49 | |||
50 | void predoit(void) | ||
51 | { | ||
52 | } | ||
53 | |||
54 | void doit(void) | ||
55 | { | ||
56 | crypto_scalarmult(q,n,p); | ||
57 | crypto_scalarmult_base(r,n); | ||
58 | } | ||
59 | |||
60 | char checksum[crypto_scalarmult_BYTES * 2 + 1]; | ||
61 | |||
62 | const char *checksum_compute(void) | ||
63 | { | ||
64 | long long i; | ||
65 | long long j; | ||
66 | long long tests; | ||
67 | |||
68 | for (i = 0;i < mlen;++i) m[i] = i; | ||
69 | for (i = 0;i < nlen;++i) n[i] = i + 1; | ||
70 | for (i = 0;i < plen;++i) p[i] = i + 2; | ||
71 | for (i = 0;i < qlen;++i) q[i] = i + 3; | ||
72 | for (i = 0;i < rlen;++i) r[i] = i + 4; | ||
73 | |||
74 | for (i = -16;i < 0;++i) p[i] = random(); | ||
75 | for (i = -16;i < 0;++i) n[i] = random(); | ||
76 | for (i = plen;i < plen + 16;++i) p[i] = random(); | ||
77 | for (i = nlen;i < nlen + 16;++i) n[i] = random(); | ||
78 | for (i = -16;i < plen + 16;++i) p2[i] = p[i]; | ||
79 | for (i = -16;i < nlen + 16;++i) n2[i] = n[i]; | ||
80 | |||
81 | if (crypto_scalarmult_base(p,n) != 0) return "crypto_scalarmult_base returns nonzero"; | ||
82 | |||
83 | for (i = -16;i < nlen + 16;++i) if (n2[i] != n[i]) return "crypto_scalarmult_base overwrites input"; | ||
84 | for (i = -16;i < 0;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes before output"; | ||
85 | for (i = plen;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes after output"; | ||
86 | |||
87 | for (tests = 0;tests < 100;++tests) { | ||
88 | for (i = -16;i < 0;++i) q[i] = random(); | ||
89 | for (i = -16;i < 0;++i) p[i] = random(); | ||
90 | for (i = -16;i < 0;++i) m[i] = random(); | ||
91 | for (i = qlen;i < qlen + 16;++i) q[i] = random(); | ||
92 | for (i = plen;i < plen + 16;++i) p[i] = random(); | ||
93 | for (i = mlen;i < mlen + 16;++i) m[i] = random(); | ||
94 | for (i = -16;i < qlen + 16;++i) q2[i] = q[i]; | ||
95 | for (i = -16;i < plen + 16;++i) p2[i] = p[i]; | ||
96 | for (i = -16;i < mlen + 16;++i) m2[i] = m[i]; | ||
97 | |||
98 | if (crypto_scalarmult(q,m,p) != 0) return "crypto_scalarmult returns nonzero"; | ||
99 | |||
100 | for (i = -16;i < mlen + 16;++i) if (m2[i] != m[i]) return "crypto_scalarmult overwrites n input"; | ||
101 | for (i = -16;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult overwrites p input"; | ||
102 | for (i = -16;i < 0;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes before output"; | ||
103 | for (i = qlen;i < qlen + 16;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes after output"; | ||
104 | |||
105 | if (crypto_scalarmult(m2,m2,p) != 0) return "crypto_scalarmult returns nonzero"; | ||
106 | for (i = 0;i < qlen;++i) if (q[i] != m2[i]) return "crypto_scalarmult does not handle n overlap"; | ||
107 | for (i = 0;i < qlen;++i) m2[i] = m[i]; | ||
108 | |||
109 | if (crypto_scalarmult(p2,m2,p2) != 0) return "crypto_scalarmult returns nonzero"; | ||
110 | for (i = 0;i < qlen;++i) if (q[i] != p2[i]) return "crypto_scalarmult does not handle p overlap"; | ||
111 | |||
112 | if (crypto_scalarmult(r,n,q) != 0) return "crypto_scalarmult returns nonzero"; | ||
113 | if (crypto_scalarmult(q,n,p) != 0) return "crypto_scalarmult returns nonzero"; | ||
114 | if (crypto_scalarmult(p,m,q) != 0) return "crypto_scalarmult returns nonzero"; | ||
115 | for (j = 0;j < plen;++j) if (p[j] != r[j]) return "crypto_scalarmult not associative"; | ||
116 | for (j = 0;j < mlen;++j) m[j] ^= q[j % qlen]; | ||
117 | for (j = 0;j < nlen;++j) n[j] ^= p[j % plen]; | ||
118 | } | ||
119 | |||
120 | for (i = 0;i < crypto_scalarmult_BYTES;++i) { | ||
121 | checksum[2 * i] = "0123456789abcdef"[15 & (p[i] >> 4)]; | ||
122 | checksum[2 * i + 1] = "0123456789abcdef"[15 & p[i]]; | ||
123 | } | ||
124 | checksum[2 * i] = 0; | ||
125 | return 0; | ||
126 | } | ||