From: Richard Walmsley <richwalm@gmail.com>
Date: Sat, 29 Feb 2020 10:48:51 +0000 (+1300)
Subject: Document & test overlapping of key_exchange.
X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=43da77ed82ac1ccda6ea6e79881dcdbc62ec7a9d;p=Monocypher.git

Document & test overlapping of key_exchange.
---

diff --git a/doc/man/man3/crypto_key_exchange.3monocypher b/doc/man/man3/crypto_key_exchange.3monocypher
index 9bfd3fd..c626b83 100644
--- a/doc/man/man3/crypto_key_exchange.3monocypher
+++ b/doc/man/man3/crypto_key_exchange.3monocypher
@@ -101,6 +101,11 @@ Your public key, generated from
 with
 .Fn crypto_key_exchange_public_key .
 .El
+.Pp
+.Fa shared_key
+and
+.Fa your_secret_key
+may overlap if the secret is no longer required.
 .Sh RETURN VALUES
 .Fn crypto_key_exchange
 and
diff --git a/tests/test.c b/tests/test.c
index 969e657..b1f026c 100644
--- a/tests/test.c
+++ b/tests/test.c
@@ -660,6 +660,22 @@ static int p_argon2i_overlap()
     return status;
 }
 
+// Tests that the shared key and secret key buffers of crypto_key_exchange can overlap.
+static int p_key_exchange_overlap()
+{
+    int status = 0;
+    FOR (i, 0, 5) {
+        u8 buf[32];
+        RANDOM_INPUT(sk, 32);
+        RANDOM_INPUT(pk, 32);
+        crypto_key_exchange(buf, sk, pk);
+        crypto_key_exchange(sk, sk, pk);
+        status |= memcmp(buf, sk, 32);
+    }
+    printf("%s: key_exchange (overlaping i/o)\n", status != 0 ? "FAILED" : "OK");
+    return status;
+}
+
 static int p_eddsa_roundtrip()
 {
 #define MESSAGE_SIZE 30
@@ -853,6 +869,7 @@ int main(int argc, char *argv[])
     status |= p_hmac_sha512_overlap();
     status |= p_argon2i_easy();
     status |= p_argon2i_overlap();
+    status |= p_key_exchange_overlap();
     status |= p_eddsa_roundtrip();
     status |= p_eddsa_random();
     status |= p_eddsa_overlap();