From: Loup Vaillant Date: Mon, 9 Nov 2020 15:50:52 +0000 (+0100) Subject: Streamlined TIS-CI dirty X25519 test X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=2954dddf2214f6605ab72e6b7815fc93fef50226;p=Monocypher.git Streamlined TIS-CI dirty X25519 test --- diff --git a/tests/gen-tis-config.sh b/tests/gen-tis-config.sh index a5e44aa..d22e4d8 100755 --- a/tests/gen-tis-config.sh +++ b/tests/gen-tis-config.sh @@ -76,7 +76,7 @@ for entry_point in \ "v_elligator_inv" \ "p_from_eddsa" \ "p_from_ed25519" \ - "p_elligator_x25519"\ + "p_dirty" \ "p_x25519_inverse" \ "p_verify16" \ "p_verify32" \ diff --git a/tests/tis-ci.c b/tests/tis-ci.c index 7ee65a5..73a4e02 100644 --- a/tests/tis-ci.c +++ b/tests/tis-ci.c @@ -285,53 +285,26 @@ static int p_from_ed25519() } //@ ensures \result == 0; -static int p_elligator_x25519() +static int p_dirty() { int status = 0; - int i = 0; - while (i < 2) { - RANDOM_INPUT(sk1, 32); - RANDOM_INPUT(sk2, 32); - u8 skc [32]; memcpy(skc, sk1, 32); skc[0] &= 248; - u8 pks [32]; crypto_x25519_dirty_small(pks , sk1); - u8 pksc[32]; crypto_x25519_dirty_small(pksc, skc); - u8 pkf [32]; crypto_x25519_dirty_fast (pkf , sk1); - u8 pkfc[32]; crypto_x25519_dirty_fast (pkfc, skc); - u8 pk1 [32]; crypto_x25519_public_key (pk1 , sk1); - - // Both dirty functions behave the same - status |= memcmp(pks, pkf, 32); - - // Dirty functions behave cleanly if we clear the 3 msb first - status |= memcmp(pksc, pk1, 32); - status |= memcmp(pkfc, pk1, 32); - - // Dirty functions behave the same as the clean one if the lsb - // are 0, differently if it is not - if ((sk1[0] & 7) == 0) { status |= memcmp(pk1, pkf, 32); } - else { status |= memcmp(pk1, pkf, 32) == 0; } - - // Maximise tweak diversity. - // We want to set the bits 1 (sign) and 6-7 (padding) - u8 tweak = (u8)((i & 1) + (i << 5)); - u8 r[32]; - if (crypto_curve_to_hidden(r, pkf, tweak)) { - continue; // retry untill success (doesn't increment the tweak) - } - // Verify that the tweak's msb are copied to the representative - status |= (tweak >> 6) ^ (r[31] >> 6); - - // Round trip - u8 pkr[32]; crypto_hidden_to_curve(pkr, r); - status |= memcmp(pkr, pkf, 32); - - // Dirty and safe keys are compatible - u8 e1 [32]; crypto_x25519(e1, sk2, pk1); - u8 e2 [32]; crypto_x25519(e2, sk2, pkr); - status |= memcmp(e1, e2, 32); - i += 3; - } - printf("%s: elligator x25519\n", status != 0 ? "FAILED" : "OK"); + + RANDOM_INPUT(sk1, 32); sk1[0] |= 1; // make sure it's dirty + u8 skc [32]; memcpy(skc, sk1, 32); skc[0] &= 248; // make sure it's clean + u8 pks [32]; crypto_x25519_dirty_small(pks , sk1); + u8 pksc[32]; crypto_x25519_dirty_small(pksc, skc); + u8 pkf [32]; crypto_x25519_dirty_fast (pkf , sk1); + u8 pkfc[32]; crypto_x25519_dirty_fast (pkfc, skc); + u8 pk1 [32]; crypto_x25519_public_key (pk1 , sk1); + + // Both dirty functions behave the same + status |= memcmp(pks, pkf, 32); + + // Dirty functions behave cleanly if we clear the 3 msb first + status |= memcmp(pksc, pk1, 32); + status |= memcmp(pkfc, pk1, 32); + + printf("%s: x25519 dirty\n", status != 0 ? "FAILED" : "OK"); return status; } @@ -460,12 +433,13 @@ int main(void) { status |= v_ed_25519_check(); status |= v_elligator_dir (); status |= v_elligator_inv (); - status |= p_from_eddsa (); - status |= p_from_ed25519 (); - status |= p_elligator_x25519(); - status |= p_x25519_inverse (); - status |= p_verify16 (); - status |= p_verify32 (); - status |= p_verify64 (); + + status |= p_from_eddsa (); + status |= p_from_ed25519 (); + status |= p_dirty (); + status |= p_x25519_inverse(); + status |= p_verify16 (); + status |= p_verify32 (); + status |= p_verify64 (); return status; } diff --git a/tis.config b/tis.config index 6f88787..494036b 100644 --- a/tis.config +++ b/tis.config @@ -4320,7 +4320,7 @@ , "raw_options" : { "-no-results" : "true" } , "main" : "p_from_ed25519" }, -{ "name" : "p_elligator_x25519 - sparc_64" +{ "name" : "p_dirty - sparc_64" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4330,9 +4330,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "sparc_64" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - sparc_32" +{ "name" : "p_dirty - sparc_32" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4342,9 +4342,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "sparc_32" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - x86_32" +{ "name" : "p_dirty - x86_32" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4354,9 +4354,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "x86_32" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - x86_64" +{ "name" : "p_dirty - x86_64" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4366,9 +4366,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "x86_64" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - x86_16" +{ "name" : "p_dirty - x86_16" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4378,9 +4378,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "x86_16" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - x86_16_huge" +{ "name" : "p_dirty - x86_16_huge" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4390,9 +4390,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "x86_16_huge" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - x86_win32" +{ "name" : "p_dirty - x86_win32" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4402,9 +4402,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "x86_win32" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - x86_win64" +{ "name" : "p_dirty - x86_win64" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4414,9 +4414,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "x86_win64" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - armeb_eabi" +{ "name" : "p_dirty - armeb_eabi" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4426,9 +4426,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "armeb_eabi" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - arm_eabi" +{ "name" : "p_dirty - arm_eabi" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4438,9 +4438,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "arm_eabi" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - aarch64" +{ "name" : "p_dirty - aarch64" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4450,9 +4450,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "aarch64" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - aarch64eb" +{ "name" : "p_dirty - aarch64eb" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4462,9 +4462,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "aarch64eb" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - rv64ifdq" +{ "name" : "p_dirty - rv64ifdq" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4474,9 +4474,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "rv64ifdq" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - rv32ifdq" +{ "name" : "p_dirty - rv32ifdq" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4486,9 +4486,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "rv32ifdq" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - mips_o32" +{ "name" : "p_dirty - mips_o32" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4498,9 +4498,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "mips_o32" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - mips_n32" +{ "name" : "p_dirty - mips_n32" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4510,9 +4510,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "mips_n32" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - mips_64" +{ "name" : "p_dirty - mips_64" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4522,9 +4522,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "mips_64" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - mipsel_64" +{ "name" : "p_dirty - mipsel_64" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4534,9 +4534,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "mipsel_64" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - mipsel_n32" +{ "name" : "p_dirty - mipsel_n32" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4546,9 +4546,9 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "mipsel_n32" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, -{ "name" : "p_elligator_x25519 - apple_ppc_32" +{ "name" : "p_dirty - apple_ppc_32" , "files" : [ "src/monocypher.c" , "src/optional/monocypher-ed25519.c" @@ -4558,7 +4558,7 @@ , "compilation_cmd": "-Isrc -Isrc/optional -Itests" , "machdep" : "apple_ppc_32" , "raw_options" : { "-no-results" : "true" } -, "main" : "p_elligator_x25519" +, "main" : "p_dirty" }, { "name" : "p_x25519_inverse - sparc_64" , "files" :