Added test vectors from Kleshni

Fixes #181

The MON-01-004 issue from Cure53's audit noted that Monocypher did not
compare to <https://github.com/Kleshni/Elligator-2>, which I didn't know
of at the time.  Some test vectors were added back then, but full
interoperability was not yet ascertained.  (Moreover, I though I'd added
vectors for the reverse map, and somehow didn't. This is now fixed.)

Now I have been able to generate decoding (direct map) test vectors from
Kleshni's implementation, that Monocypher matches perfectly.  For the
inverse map however, I was not so lucky: Monocypher and Kleshni disagree
on quite a few points, including those used in Kleshni's test vectors.

Some investigation revealed that currently, Kleshni's encoding (inverse
map) is not reliable.  In some cases, the round trip fails to yield the
same point we started with (and it's not just a matter of chopping off
the most significant bit).

However, Monocypher and Kleshni *do* agree on some points, which I have
added (and *checked* I have added) to the list of test vectors.  There's
just one divergence left: Monocypher fails to encode the zero point,
which is a departure from the standard (we're supposed to output the
zero representative instead).

diff --git a/tests/gen/makefile b/tests/gen/makefile
index b0b7f175950dde47067b4a699d7b9fda768e9a35..9756e991c656f6ded72572547ab2dd14cc95f8c8 100644 (file)
--- a/tests/gen/makefile
+++ b/tests/gen/makefile
@@ -124,7 +124,7 @@ ed_25519_pk.all.vec   : ed_25519_pk.vec
 ed_25519_check.all.vec:                   vectors/ed_25519_check
 key_exchange.all.vec  :                   vectors/key_exchange
 elligator_dir.all.vec : elligator_dir.vec vectors/elligator_dir
-elligator_inv.all.vec : elligator_inv.vec
+elligator_inv.all.vec : elligator_inv.vec vectors/elligator_inv
 $(VEC2):
        mkdir -p $(@D)
        cat $^ > $@

diff --git a/tests/gen/vectors/elligator_dir b/tests/gen/vectors/elligator_dir
index 6daee2976418114bd0e1f5c5b1ec234f71c45b30..5080532b5e23166f807748a5dc76858d5fcb1406 100644 (file)
--- a/tests/gen/vectors/elligator_dir
+++ b/tests/gen/vectors/elligator_dir
@@ -83,3 +83,33 @@ f6ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff3f:
 
 f7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff3f:
 9cdb525555555555555555555555555555555555555555555555555555555555:
+
+e4e4c4054fe35a75d9c0f679ad8770d8227e68e4c1e68ce67ee88e6be251a207:
+2fd05944d079627cac0b3c292f72d41b1902b31c48457f42ab35dd10fc4eb013:
+
+48b3753cff3a6d990163e6b60da1e4e5d6a2df78c16c96a52d4fb01ea4ecf70e:
+803e8e870b922ae41883e7b41b534ea191c1eca3f657336ab652b7c683ac0176:
+
+81ac001b08d6577bd91ce991c4c45c46bc84d5465fc9139bf17042ae7313181f:
+eb0f19204beb1f397a0e8b8aeaf70fba944f4707a86d0edf4bf58cb289d6110e:
+
+7afb217bd1eceeac1e133aaa9edb441fa88ea3ae0eaa06cb9911b6d218570f12:
+5e5e130e90024e8378c8f61c7033462c1f2bead4bbfc05d1bbd592d34c620759:
+
+4a70a7e992b43e0b18578e892e954c40a51abdb5a85d300c32f391c45d6ef41b:
+dbd60ec2c1c945a5c53017a0c74e38625514307da10a65aa2523e8d3eba2cb35:
+
+043ddcf4214f24ea6ef6b181071f299aa254a4606ab6a058e0c6fb5598218d37:
+6a2ec7cf38c7b8c76a3e40e5ec25ea7b0f82215b27b31bf3fa2bebfe585ee44b:
+
+1deb473f7d04c152e7e857736715dc7b788aca39a3c96a878019e8999c815c17:
+94d5d8b30212b061affa45fa95a27dd48ad053c9e80d3a066b821affdcbf6970:
+
+23dbfbde05e6c71f118afc0dedb5b9f8dea398b2d764bca68dfc023a9821931d:
+468c7bdac19ed43aa625677d8416337c2b4f48b950755b2b5e7d664b3b3f4d03:
+
+389e38a072cf1b413bb1517c3fe83abebb1cdf3a218abb1b0c01da64c24f592e:
+6d15f8b3b5acf7be2fe9408fd1930f20c56da37f150485ef0e6243d406eb3f60:
+
+d19cfb8cb3940aba546f0be57895e2cc869fe55aab069c5abcf9e7ba6444a806:
+12524580b61c9f88f4f1cd24042002b0df4bc3feb242555bf276f96453c15826:

diff --git a/tests/gen/vectors/elligator_inv b/tests/gen/vectors/elligator_inv
index bb45916c75edd473b2e50326fb5e259925ebdfad..cc53d6b7673637900b33a171d5e9261904c36ead 100644 (file)
--- a/tests/gen/vectors/elligator_inv
+++ b/tests/gen/vectors/elligator_inv
@@ -1,19 +1,19 @@
-e6f66fdf6e230c603c5e6e59a254ea1476a13eb9511b9549846781e12e52230a
-00
-ff
-00
+e6f66fdf6e230c603c5e6e59a254ea1476a13eb9511b9549846781e12e52230a:
+00:
+ff:
+00:
 
-33951964003c940878063ccfd0348af42150ca16d2646f2c5856e8338377d880
-00
-00
-2820b6b241e0f68a6c4a7fee3d978228ef3ae45533cd410aa91a415331d8612d
+46951964003c940878063ccfd0348af42150ca16d2646f2c5856e8338377d800:
+00:
+00:
+2820b6b241e0f68a6c4a7fee3d978228ef3ae45533cd410aa91a415331d8612d:
 
-33951964003c940878063ccfd0348af42150ca16d2646f2c5856e8338377d880
-00
-00
-3cfb87c46c0b4575ca8175e0ed1c0ae9dae79db78df86997c4847b9f20b27718
+46951964003c940878063ccfd0348af42150ca16d2646f2c5856e8338377d800:
+01:
+00:
+3cfb87c46c0b4575ca8175e0ed1c0ae9dae79db78df86997c4847b9f20b27718:
 
-0000000000000000000000000000000000000000000000000000000000000000
-00
-00
-0000000000000000000000000000000000000000000000000000000000000000
+0000000000000000000000000000000000000000000000000000000000000000:
+00:
+ff:
+00: