diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-02-01 16:33:13 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-02-01 19:51:50 +0100 |
commit | b9bf37d3e1d0aec3690832b65ebcdf5389a47c44 (patch) | |
tree | 88d3927bcb579807188727498e2e099f1e9e3c2c /src/selftest | |
parent | tools: dedup secret normalization (diff) | |
download | wireguard-monolithic-historical-b9bf37d3e1d0aec3690832b65ebcdf5389a47c44.tar.xz wireguard-monolithic-historical-b9bf37d3e1d0aec3690832b65ebcdf5389a47c44.zip |
curve25519: verify that specialized basepoint implementations are correct
Diffstat (limited to 'src/selftest')
-rw-r--r-- | src/selftest/curve25519.h | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/src/selftest/curve25519.h b/src/selftest/curve25519.h index 1c86eae..c8a25ed 100644 --- a/src/selftest/curve25519.h +++ b/src/selftest/curve25519.h @@ -56,9 +56,9 @@ static const struct curve25519_test_vector curve25519_test_vectors[] __initconst }; bool __init curve25519_selftest(void) { - bool success = true, ret; - size_t i = 0; - u8 out[CURVE25519_POINT_SIZE]; + bool success = true, ret, ret2; + size_t i = 0, j; + u8 in[CURVE25519_POINT_SIZE], out[CURVE25519_POINT_SIZE], out2[CURVE25519_POINT_SIZE]; for (i = 0; i < ARRAY_SIZE(curve25519_test_vectors); ++i) { memset(out, 0, CURVE25519_POINT_SIZE); @@ -70,6 +70,20 @@ bool __init curve25519_selftest(void) } } + for (i = 0; i < 5; ++i) { + get_random_bytes(in, sizeof(in)); + ret = curve25519_generate_public(out, in); + ret2 = curve25519(out2, in, (u8[CURVE25519_POINT_SIZE]){ 9 }); + if (ret != ret2 || memcmp(out, out2, CURVE25519_POINT_SIZE)) { + pr_info("curve25519 basepoint self-test %zu: FAIL: input - 0x", i + 1); + for (j = CURVE25519_POINT_SIZE; j-- > 0;) + printk(KERN_CONT "%02x", in[j]); + printk(KERN_CONT "\n"); + success = false; + break; + } + } + if (success) pr_info("curve25519 self-tests: pass\n"); return success; |