arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use variable length messages in TestEd25519

pull/769/head
Jeffrey Walton 2018-12-25 18:16:14 -05:00
parent 0311daf7e2
commit 2ccac19de1
No known key found for this signature in database
GPG Key ID: B36AB348921B1838
2 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cryptest.vcxproj.user
View File

@ -1,6 +1,9 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup> <PropertyGroup>
<LocalDebuggerCommandArguments>v</LocalDebuggerCommandArguments> <LocalDebuggerCommandArguments>v 9991</LocalDebuggerCommandArguments>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
</PropertyGroup> </PropertyGroup>
</Project> </Project>

17
validat7.cpp
View File

@ -436,6 +436,7 @@ bool TestEd25519()
std::cout << "\nTesting ed25519 Signatures...\n\n"; std::cout << "\nTesting ed25519 Signatures...\n\n";
bool pass = true; bool pass = true;
// Test key loads
try { try {
FileSource f1(DataDir("TestData/ed25519.dat").c_str(), true, new HexDecoder); FileSource f1(DataDir("TestData/ed25519.dat").c_str(), true, new HexDecoder);
FileSource f2(DataDir("TestData/ed25519v0.dat").c_str(), true, new HexDecoder); FileSource f2(DataDir("TestData/ed25519v0.dat").c_str(), true, new HexDecoder);
@ -496,13 +497,14 @@ bool TestEd25519()
// Message and signatures // Message and signatures
byte msg[MSG_SIZE], sig1[MSG_SIZE+NACL_EXTRA], sig2[64]; byte msg[MSG_SIZE], sig1[MSG_SIZE+NACL_EXTRA], sig2[64];
GlobalRNG().GenerateBlock(msg, MSG_SIZE); GlobalRNG().GenerateBlock(msg, MSG_SIZE);
size_t len = GlobalRNG().GenerateWord32(0, MSG_SIZE);
// Spike the signatures // Spike the signatures
sig1[1] = 1; sig2[2] = 2; sig1[1] = 1; sig2[2] = 2;
word64 smlen = sizeof(sig1); word64 smlen = sizeof(sig1);
int ret1 = NaCl::crypto_sign(sig1, &smlen, msg, MSG_SIZE, sk1); int ret1 = NaCl::crypto_sign(sig1, &smlen, msg, len, sk1);
int ret2 = Donna::ed25519_sign(msg, MSG_SIZE, sk2, pk2, sig2); int ret2 = Donna::ed25519_sign(msg, len, sk2, pk2, sig2);
int ret3 = std::memcmp(sig1, sig2, 64); int ret3 = std::memcmp(sig1, sig2, 64);
bool fail = ret1 != 0 || ret2 != 0 || ret3 != 0; bool fail = ret1 != 0 || ret2 != 0 || ret3 != 0;
@ -527,14 +529,15 @@ bool TestEd25519()
byte msg1[MSG_SIZE+NACL_EXTRA], msg2[MSG_SIZE]; byte msg1[MSG_SIZE+NACL_EXTRA], msg2[MSG_SIZE];
byte sig1[MSG_SIZE+NACL_EXTRA], sig2[64]; byte sig1[MSG_SIZE+NACL_EXTRA], sig2[64];
GlobalRNG().GenerateBlock(msg1, MSG_SIZE); GlobalRNG().GenerateBlock(msg1, MSG_SIZE);
std::memcpy(msg2, msg1, MSG_SIZE); size_t len = GlobalRNG().GenerateWord32(0, MSG_SIZE);
std::memcpy(msg2, msg1, len);
// Spike the signatures // Spike the signatures
sig1[1] = 1; sig2[2] = 2; sig1[1] = 1; sig2[2] = 2;
word64 smlen = sizeof(sig1); word64 smlen = sizeof(sig1);
int ret1 = NaCl::crypto_sign(sig1, &smlen, msg1, MSG_SIZE, sk1); int ret1 = NaCl::crypto_sign(sig1, &smlen, msg1, len, sk1);
int ret2 = Donna::ed25519_sign(msg2, MSG_SIZE, sk2, pk2, sig2); int ret2 = Donna::ed25519_sign(msg2, len, sk2, pk2, sig2);
int ret3 = std::memcmp(sig1, sig2, 64); int ret3 = std::memcmp(sig1, sig2, 64);
bool tamper = !!GlobalRNG().GenerateBit(); bool tamper = !!GlobalRNG().GenerateBit();
@ -545,9 +548,9 @@ bool TestEd25519()
} }
// Verify the other's signature using the other's key // Verify the other's signature using the other's key
word64 mlen = MSG_SIZE+NACL_EXTRA; word64 mlen = len+NACL_EXTRA;
int ret4 = NaCl::crypto_sign_open(msg1, &mlen, sig1, smlen, pk2); int ret4 = NaCl::crypto_sign_open(msg1, &mlen, sig1, smlen, pk2);
int ret5 = Donna::ed25519_sign_open(msg2, MSG_SIZE, pk1, sig2); int ret5 = Donna::ed25519_sign_open(msg2, len, pk1, sig2);
bool fail = ret1 != 0 || ret2 != 0 || ret3 != 0 || ((ret4 != 0) ^ tamper) || ((ret5 != 0) ^ tamper); bool fail = ret1 != 0 || ret2 != 0 || ret3 != 0 || ((ret4 != 0) ^ tamper) || ((ret5 != 0) ^ tamper);
pass = pass && !fail; pass = pass && !fail;